From fuf at phuph.org Thu Nov 1 04:42:59 2012 From: fuf at phuph.org (Faheem Patel) Date: Wed, 31 Oct 2012 22:42:59 -0400 Subject: [Dovecot] =?utf-8?q?Modifying_mailbox_GUIDs=3F?= Message-ID: <7c0d1aa0d7c1974f917c17290e719788@horizon.phuph.org> Greetings all, I can view a mailbox's GUID like so: doveadm mailbox status -u guid However, how may I *modify* a mailbox GUID? Can this be done using doveadm or some other tool? If not, how may I go about modifying the dovecot.mailbox.log (where I assume GUID data is stored)? My specific use case has to do with me wanting to modify an existing mailbox's GUID so that its messages are mirrored into a folder of the same name using "dsync mirror". (As we know, dsync utilizes GUIDs to determine mailbox uniqueness) Thanks! -- - Faheem From fuf at phuph.org Thu Nov 1 05:13:37 2012 From: fuf at phuph.org (Faheem Patel) Date: Wed, 31 Oct 2012 23:13:37 -0400 Subject: [Dovecot] =?utf-8?q?Modifying_mailbox_GUIDs=3F?= In-Reply-To: <7c0d1aa0d7c1974f917c17290e719788@horizon.phuph.org> References: <7c0d1aa0d7c1974f917c17290e719788@horizon.phuph.org> Message-ID: <778d2396116c03d4b1d12234846aa12f@horizon.phuph.org> I see that the GUID is actually in readable text on the first line in "dovecot-uidlist". Is it really as simple as modifying the string here? - Faheem On Wed, 31 Oct 2012 22:42:59 -0400, Faheem Patel wrote: > Greetings all, > > I can view a mailbox's GUID like so: doveadm mailbox status -u guid > > However, how may I *modify* a mailbox GUID? Can this be done using doveadm or some other tool? > > If not, how may I go about modifying the dovecot.mailbox.log (where I assume GUID data is stored)? > > My specific use case has to do with me wanting to modify an existing mailbox's GUID so that its messages are mirrored into a folder of the same name using "dsync mirror". (As we know, dsync utilizes GUIDs to determine mailbox uniqueness) > > Thanks! > > -- > - Faheem From dmiller at amfes.com Thu Nov 1 06:16:11 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Wed, 31 Oct 2012 21:16:11 -0700 Subject: [Dovecot] Pigeonhole 3.3 broken against Dovecot 2.1.10 In-Reply-To: References: <508FEB83.5010209@amfes.com> Message-ID: On 31.10.2012 04:26, Timo Sirainen wrote: > On 30.10.2012, at 17.00, Daniel L. Miller wrote: > >> I'm compiling as I normally do. The config line for Dovecot is: configure --with-ldap --with-ssl --with-bzlib --with-zlib --with-stemmer --with-lucene --with-ldap followed by make & make install Then a 'configure' for Pigeonhole, followed by make, yields: libtool: link: gcc -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -o .libs/sieve-dump sieve-dump.o -Wl,--export-dynamic ../../src/lib-sieve/.libs/libdovecot-sieve.so ../../src/lib-sieve-tool/.libs/libsieve-tool.a /usr/local/lib/dovecot/libdovecot-storage.so /usr/local/lib/dovecot/libdovecot-lda.so -L/usr/local/lib/dovecot /usr/local/lib/dovecot/libdovecot.so -lrt -Wl,-rpath -Wl,/usr/local/lib/dovecot libtool: link: gcc -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -o .libs/sievec sievec.o -Wl,--export-dynamic ../../src/lib-sieve/.libs/libdovecot-sieve.so ../../src/lib-sieve-tool/.libs/libsieve-tool.a /usr/local/lib/dovecot/libdovecot-storage.so /usr/local/lib/dovecot/libdovecot-lda.so -L/usr/local/lib/dovecot /usr/local/lib/dovecot/libdovecot.so -lrt -Wl,-rpath -Wl,/usr/local/lib/dovecot /usr/local/lib/dovecot/libdovecot-storage.so: undefined reference to `sk_new_null at OPENSSL_1.0.0' /usr/local/lib/dovecot/libdovecot-storage.so: undefined reference to `SSL_get_error at OPENSSL_1.0.0' > > I think this is a Dovecot bug, fixed by: http://hg.dovecot.org/dovecot-2.1/rev/7d931927e4ac [1] > > You could also do this by adding -lssl -lcrypto manually to the installed dovecot-config and running configure again for pigeonhole. I see "-lssl -lcrypto" already in the DOVECOT_SSL_LIBS section of /usr/local/lib/dovecot/dovecot-config. What should be changed? -- Daniel Links: ------ [1] http://hg.dovecot.org/dovecot-2.1/rev/7d931927e4ac From dmiller at amfes.com Thu Nov 1 06:23:45 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Wed, 31 Oct 2012 21:23:45 -0700 Subject: [Dovecot] Pigeonhole 3.3 broken against Dovecot 2.1.10 In-Reply-To: <295e4368e20c518ae72a7d8c726f8869@amfes.com> References: <508FEB83.5010209@amfes.com> <295e4368e20c518ae72a7d8c726f8869@amfes.com> Message-ID: On 31.10.2012 21:16, Daniel L. Miller wrote: > On 31.10.2012 04:26, Timo Sirainen wrote: > >> I think this is a Dovecot bug, fixed > > by: http://hg.dovecot.org/dovecot-2.1/rev/7d931927e4ac [1][1] > >> You > > could also do this by adding -lssl -lcrypto manually to the installed > dovecot-config and running configure again for pigeonhole. > > I see "-lssl > -lcrypto" already in the DOVECOT_SSL_LIBS section of > /usr/local/lib/dovecot/dovecot-config. What should be changed? Ok - I read the patch, and modified the LIBDOVECOT_STORAGE section accordingly. Same compile error for Pigeonhole after performing a 'make clean' and 'configure'. -- Daniel Links: ------ [1] http://hg.dovecot.org/dovecot-2.1/rev/7d931927e4ac From dmiller at amfes.com Thu Nov 1 06:25:14 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Wed, 31 Oct 2012 21:25:14 -0700 Subject: [Dovecot] Pigeonhole 3.3 broken against Dovecot 2.1.10 In-Reply-To: References: <508FEB83.5010209@amfes.com> <295e4368e20c518ae72a7d8c726f8869@amfes.com> Message-ID: On 31.10.2012 21:23, Daniel L. Miller wrote: > On 31.10.2012 21:16, Daniel L. Miller wrote: > >> On 31.10.2012 > > 04:26, Timo Sirainen wrote: > >>> I think this is a Dovecot bug, fixed > could also do this by adding -lssl -lcrypto manually to the > > installed > dovecot-config and > >> -left:#1010ff 2px solid; margin-left:5px; width:100%">I see > pto" already in the DOVECOT_SSL_LIBS section of > > /usr/local/lib/dovecot/dovecot-config. What should be changed? > > Ok - I > read the patch, and modified the LIBDOVECOT_STORAGE section accordingly. > Same comp> > >> I take that back - it's not exactly the same compile error. Now it references libdovecot-login.so for the undefined SSL references. -- Daniel From dmiller at amfes.com Thu Nov 1 06:27:13 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Wed, 31 Oct 2012 21:27:13 -0700 Subject: [Dovecot] Pigeonhole 3.3 broken against Dovecot 2.1.10 In-Reply-To: References: <508FEB83.5010209@amfes.com> <295e4368e20c518ae72a7d8c726f8869@amfes.com> Message-ID: On 31.10.2012 21:23, Daniel L. Miller wrote: > On 31.10.2012 21:16, Daniel L. Miller wrote: > >> On 31.10.2012 > > 04:26, Timo Sirainen wrote: > >>> I think this is a Dovecot bug, fixed > could also do this by adding -lssl -lcrypto manually to the > > installed > dovecot-config and > >> -left:#1010ff 2px solid; margin-left:5px; width:100%">I see > pto" already in the DOVECOT_SSL_LIBS section of > > /usr/local/lib/dovecot/dovecot-config. What should be changed? > > Ok - I > read the patch, and modified the LIBDOVECOT_STORAGE section accordingly. > Same comp> > >> Thought I'd see if I could guess the next fix - added the parms to LIBDOVECOT_LOGIN as well. Seems to have fixed it. Sorry for the multiple posts - it's been a long day. -- Daniel From tlx at leuxner.net Thu Nov 1 12:27:34 2012 From: tlx at leuxner.net (Thomas Leuxner) Date: Thu, 1 Nov 2012 11:27:34 +0100 Subject: [Dovecot] 2.2.alpha1 (626a9df21e62): LMTP Core Dump Message-ID: <20121101102734.GA20126@nihlus.leuxner.net> Please find Backtrace for LMTP Core Dump below: [...] ==> /var/log/dovecot/dovecot.log <== Nov 1 11:16:14 spectre dovecot: lmtp(17245): Connect from local Nov 1 11:16:14 spectre dovecot: lmtp(17245): Fatal: master: service(lmtp): child 17245 killed with signal 11 (core dumped) ==> /var/log/mail.log <== Nov 1 11:16:14 spectre postfix/lmtp[17204]: 3Xsj4G11MrzNY: to=, relay=spectre.leuxner.net[private/dovecot-lmtp], delay=0.11, delays=0.06/0/0.01/0.04, dsn=4.4.2, status=deferred (lost connection with spectre.leuxner.net[private/dovecot-lmtp] while sending MAIL FROM) [...] $ gdb /usr/lib/dovecot/lmtp /tmp/core Program terminated with signal 11, Segmentation fault. #0 0x00007f6174db3d35 in mail_storage_service_lookup (ctx=0x1160640, input=0x7fff905265d0, user_r=, error_r=) at mail-storage-service.c:1013 1013 mail-storage-service.c: No such file or directory. in mail-storage-service.c (gdb) bt full #0 0x00007f6174db3d35 in mail_storage_service_lookup (ctx=0x1160640, input=0x7fff905265d0, user_r=, error_r=) at mail-storage-service.c:1013 flags = 675 user = username = 0x11540b0 "tlx at leuxner.net" user_info = 0x1163718 user_set = userdb_fields = 0x1173dd8 error = reply = {uid = 0, gid = 0, home = 0x7f6175249712 "H\211\303d\213\004%\030", chroot = 0x7f6100000001
, extra_fields = {arr = {buffer = 0x0, element_size = 18170192}, v = 0x0, v_modifiable = 0x0}, anonymous = 0} set_parser = 0x1167500 sets = 0x0 user_pool = 0x11705e0 temp_pool = 0x1173db0 ret = 1 #1 0x0000000000406c16 in cmd_rcpt (client=0x1161e70, args=0x116d623 "") at commands.c:545 rcpt = {address = 0x0, detail = 0x0, service_user = 0x0} input = {module = 0x40823a "lmtp", service = 0x40823a "lmtp", username = 0x11540b0 "tlx at leuxner.net", session_id = 0x0, local_ip = {family = 0, u = {ip6 = {__in6_u = { __u6_addr8 = '\000' , __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = {s_addr = 0}}}, remote_ip = {family = 0, u = {ip6 = {__in6_u = { __u6_addr8 = '\000' , __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = {s_addr = 0}}}, local_port = 0, remote_port = 0, userdb_fields = 0x0, flags_override_add = 0, flags_override_remove = 0, no_userdb_lookup = 0} address = 0x11540b0 "tlx at leuxner.net" username = 0x11540b0 "tlx at leuxner.net" detail = 0x4086a3 "" error = 0x0 ret = #2 0x00000000004055fb in client_input_line (client=0x1161e70) at client.c:60 cmd = args = 0x116d60f "TO:" #3 client_input_handle (client=0x1161e70) at client.c:113 _data_stack_cur_id = 3 output = 0x11610e8 line = ret = #4 0x00007f6174afd186 in io_loop_call_io (io=0x1161190) at ioloop.c:387 ioloop = 0x115c670 t_id = 2 #5 0x00007f6174afe1d7 in io_loop_handler_run (ioloop=) at ioloop-epoll.c:215 ctx = 0x115f4a0 event = 0x115f510 list = 0x11611e0 io = 0x11540b0 tv = {tv_sec = 299, tv_usec = 999016} msecs = ret = 1 i = 0 call = false #6 0x00007f6174afd128 in io_loop_run (ioloop=0x115c670) at ioloop.c:406 No locals. #7 0x00007f6174ae6473 in master_service_run (service=0x115c510, callback=0x1173e08) at master-service.c:546 No locals. #8 0x0000000000404a06 in main (argc=1, argv=0x115c370) at main.c:122 set_roots = {0x60a8e0, 0x408e20, 0x0} service_flags = storage_service_flags = 675 c = [ doveconf -n ] # 2.2.alpha1 (626a9df21e62): /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.6 auth_cache_size = 16 k auth_verbose = yes mail_location = mdbox:~/mdbox mail_plugins = acl quota stats namespace { list = yes location = mdbox:/var/vmail/public prefix = Public/ separator = / subscriptions = no type = public } namespace inbox { hidden = no inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / type = private } passdb { args = username_format=%u /var/vmail/auth.d/%d/passwd driver = passwd-file } plugin { acl = vfile:/var/vmail/conf.d/%d/acls:cache_secs=300 mail_log_events = expunge mailbox_delete quota = dict:user::file:%h/mdbox/dovecot-quota quota_rule = *:storage=1GB quota_rule2 = Trash:storage=+10%% sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_global_dir = /var/vmail/conf.d/%d/sieve stats_refresh = 30s stats_track_cmds = yes } protocols = " imap lmtp" quota_full_tempfail = yes service auth-worker { unix_listener auth-worker { user = doveauth } user = doveauth } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } user = doveauth } service imap-login { inet_listener imap { address = 1.2.3.4 port = 143 } inet_listener imaps { port = 0 } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } } service stats { fifo_listener stats-mail { mode = 0600 user = vmail } } ssl_ca = From dave at boostpro.com Thu Nov 1 15:08:43 2012 From: dave at boostpro.com (Dave Abrahams) Date: Thu, 01 Nov 2012 09:08:43 -0400 Subject: [Dovecot] Indexing problems Message-ID: It looks like something is going very wrong here. Any advice? --8<---------------cut here---------------start------------->8--- $ doveadm -vvvD index '*' doveadm(dave): Debug: Loading modules from directory: /usr/local/lib/dovecot doveadm(dave): Debug: Module loaded: /usr/local/lib/dovecot/lib20_fts_plugin.so doveadm(dave): Debug: Module loaded: /usr/local/lib/dovecot/lib20_zlib_plugin.so doveadm(dave): Debug: Module loaded: /usr/local/lib/dovecot/lib21_fts_lucene_plugin.so doveadm(dave): Debug: Loading modules from directory: /usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm doveadm(dave): Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: dlopen(/usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so, 10): Symbol not found: _acl_user_module Referenced from: /usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so Expected in: flat namespace in /usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so (this is usually intentional, so just ignore this message) doveadm(dave): Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: dlopen(/usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so, 10): Symbol not found: _expire_set_deinit Referenced from: /usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so Expected in: flat namespace in /usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so (this is usually intentional, so just ignore this message) doveadm(dave): Debug: Skipping module doveadm_quota_plugin, because dlopen() failed: dlopen(/usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so, 10): Symbol not found: _quota_user_module Referenced from: /usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so Expected in: flat namespace in /usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so (this is usually intentional, so just ignore this message) doveadm(dave): Debug: Module loaded: /usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm/lib10_doveadm_zlib_plugin.so doveadm(dave): Debug: Module loaded: /usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm/lib20_doveadm_fts_lucene_plugin.so doveadm(dave): Debug: Module loaded: /usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm/lib20_doveadm_fts_plugin.so doveadm(dave): Debug: Effective uid=501, gid=20, home=/Users/dave doveadm(dave): Debug: Namespace inbox: type=private, prefix=, sep=., inbox=yes, hidden=no, list=yes, subscriptions=yes location=mdbox:/Users/dave/Library/Data/LocalIMAP/mdbox doveadm(dave): Debug: fs: root=/Users/dave/Library/Data/LocalIMAP/mdbox, index=, control=, inbox=, alt= doveadm(dave): Debug: Namespace : Using permissions from /Users/dave/Library/Data/LocalIMAP/mdbox: mode=0700 gid=-1 doveadm(dave): Info: [Gmail].All: Cache is already up to date doveadm(dave): Info: [Gmail].All Mail: Caching mails seq=2..231746 8000/231745Assertion failed: (numDocsInStore*8 == directory->fileLength( (docStoreSegment + "." + IndexFileNames::FIELDS_INDEX_EXTENSION).c_str() )), function closeDocStore, file /tmp/clucene-gmYE/src/core/CLucene/index/DocumentsWriter.cpp, line 210. Abort trap: 6 cone:local dave$ --8<---------------cut here---------------end--------------->8--- -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From mancyborg at gmail.com Thu Nov 1 17:20:49 2012 From: mancyborg at gmail.com (mancyborg at gmail.com) Date: Thu, 1 Nov 2012 16:20:49 +0100 Subject: [Dovecot] dovecot dimensioning Message-ID: <20121101162049.77c57503@uplink> Hi All, first post here, nice to meet you :) I've been using dovecot + postfix + clamav + spamassassin for years but always with few users. Now i must build a server for 1500 users, they will use various email software (thunderbird, outlook, ..) the webmail (i'm not sure if squirrelmail or roundcube) and blackberry devices (with the BIS service). There will be around 1000 domains (virtual_domains) and postfix will read its users and domains from mysql. Let's say that they will send and receive around 5000 emails per hour (10K in total per hour). I was thinking to use karspersky server instead of clamav. I already have the hardware, it is a server with 4 physical cpu (Intel Xeon E5504 @ 2.00GHz) and 24 gb of ram, do you think it is enough ? Thanks for supporting, regards and have a nice day, Mike From mancyborg at gmail.com Thu Nov 1 21:32:36 2012 From: mancyborg at gmail.com (mancyborg at gmail.com) Date: Thu, 1 Nov 2012 20:32:36 +0100 Subject: [Dovecot] dovecot dimensioning In-Reply-To: <0C621B8F-997C-43D2-9923-B7FBB8552676@us.es> References: <20121101162049.77c57503@uplink> <0C621B8F-997C-43D2-9923-B7FBB8552676@us.es> Message-ID: <20121101203236.1803e9de@uplink> Hi Javier, yes i see. Storage for now is just a 3tb sata2 hdd, so i guess that write performance is around 100 MB/s What do you think about that ? Thanks and regards, Mike On Thu, 1 Nov 2012 19:55:35 +0100 Javier de Miguel Rodriguez wrote: > > IMHO, fast storage is the main requirement for dovecot. > > > > El 01/11/2012, a las 16:20, "mancyborg at gmail.com" escribi?: > > > Hi All, first post here, nice to meet you :) > > > > I've been using dovecot + postfix + clamav + spamassassin for years but always with few users. > > > > Now i must build a server for 1500 users, > > they will use various email software (thunderbird, outlook, ..) > > the webmail (i'm not sure if squirrelmail or roundcube) > > and blackberry devices (with the BIS service). > > > > There will be around 1000 domains (virtual_domains) and postfix will read its users and domains from mysql. > > > > Let's say that they will send and receive around 5000 emails per hour (10K in total per hour). > > > > I was thinking to use karspersky server instead of clamav. > > > > I already have the hardware, it is a server with 4 physical cpu (Intel Xeon E5504 @ 2.00GHz) and 24 gb of ram, > > do you think it is enough ? > > > > > > Thanks for supporting, > > regards and have a nice day, > > Mike From dave at boostpro.com Thu Nov 1 16:38:04 2012 From: dave at boostpro.com (Dave Abrahams) Date: Thu, 01 Nov 2012 10:38:04 -0400 Subject: [Dovecot] No manpage for "doveadm fts" command Message-ID: Just wanted to make sure this issue was registered separately from the overall confusion I'm exploring in another thread, even though I mention this there too. -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From dave at boostpro.com Thu Nov 1 16:37:00 2012 From: dave at boostpro.com (Dave Abrahams) Date: Thu, 01 Nov 2012 10:37:00 -0400 Subject: [Dovecot] When are search indexes updated? References: <508C9C8A.8000309@hardwarefreak.com> Message-ID: on Sat Oct 27 2012, Stan Hoeppner wrote: > On 10/27/2012 3:00 PM, David Abrahams wrote: >> >> I noticed that occasionally searching in my huge archive mailbox can be >> really slow, so I tried doveadm index on it and it seemed to do a lot of >> work, which seemed strange given, for example, that dovecot-lda says it >> keeps Dovecot index files up-to-date. Then I thought, "maybe these are >> different files than the search indices." If so, that's not entirely >> clear from the docs and Wiki. So, questions: > > Mailbox and search indexes are separate. If so, I hereby request that they be properly and explicitly distinguished from one another, every place "index" is mentioned on the wiki. > Look in your mailbox directory and you'll see them, such as on 1.2.x > with mbox: I'm on 2.x with mdbox, FWIW. > $ la /home/stan/mail/.imap/1-Dovecot > total 3.4M > drwx------ 2 stan stan 135 Oct 25 21:39 . > drwx------ 51 stan stan 4.0K Apr 13 2012 .. > -rw------- 1 stan stan 44K Oct 27 13:28 dovecot.index > -rw------- 1 stan stan 1.2M Oct 27 21:23 dovecot.index.cache > -rw------- 1 stan stan 18K Oct 27 21:23 dovecot.index.log > -rw------- 1 stan stan 1.1M May 20 06:32 dovecot.index.search > -rw------- 1 stan stan 1.1M May 20 06:32 dovecot.index.search.uids > > I've not full text searched this folder for quite some time, thus the > search indexes are not current, and the next FTS of this mail folder > will take much more time than if the FTS indexes were current. > >> * When are search indexes updated? > > When the index is stale. That's pretty vague :-) >> * Are they updated incrementally? >> * If not, why not? >> * If so, why would a mailbox's index drift out-of-date, as mine had? > > When a sufficient number of messages are added to an IMAP folder the FTS > index becomes stale. That's a little less vague, thanks :-) > This index is not updated in real time. This is why Timo and others > recommend cron'ing a script to index folders regularly that are > searched regularly. And how does one index the folders for search? Is that "doveadm index" or "doveadm fts rescan" (which I see at http://wiki2.dovecot.org/Plugins/FTS but NOT in the manpage), or...? > This keeps the indexes up to date and keeps searches fast. If you > don't do this or search often, your indexes become stale. Then each > time you do an FTS search the first thing that happens is an FTS > re-indexing of the mail folder. Only then does it display the search > results. > >> BTW, I'm using the clucene search backend. > > I've not used Lucene, but I believe the default behavior is similar to > the Dovecot 1.2.x FTS indexer. Not sure what conclusion to draw from that, thanks. -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From dave at boostpro.com Thu Nov 1 22:28:15 2012 From: dave at boostpro.com (Dave Abrahams) Date: Thu, 01 Nov 2012 16:28:15 -0400 Subject: [Dovecot] "starting" dovecot Message-ID: My system never issues the "dovecot start" command. I do, however, run /usr/local/libexec/dovecot/imap on port 9xxx. I talk to the server through port 9xxx and through the preauth tunnel. Is this arrangement OK? Are there some things that will only work if "dovecot" is invoked? Thanks, -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From gfinch at ldmltd.ca Fri Nov 2 01:12:43 2012 From: gfinch at ldmltd.ca (Gregory Finch) Date: Thu, 01 Nov 2012 16:12:43 -0700 Subject: [Dovecot] dovecot dimensioning In-Reply-To: <20121101203236.1803e9de@uplink> References: <20121101162049.77c57503@uplink> <0C621B8F-997C-43D2-9923-B7FBB8552676@us.es> <20121101203236.1803e9de@uplink> Message-ID: <509301EB.1070508@ldmltd.ca> I believe that Javier is talking IOPS, not throughput. You need a storage system that is able to provide a high random read + write IOPS. That single drive is going to cause you issues when things get busy. -Greg On 2012-11-01 12:32 PM, mancyborg at gmail.com wrote: > Hi Javier, yes i see. > Storage for now is just a 3tb sata2 hdd, so i guess that write performance is around 100 MB/s > > What do you think about that ? > > Thanks and regards, > Mike > > > On Thu, 1 Nov 2012 19:55:35 +0100 > Javier de Miguel Rodriguez wrote: > >> IMHO, fast storage is the main requirement for dovecot. >> >> >> >> El 01/11/2012, a las 16:20, "mancyborg at gmail.com" escribi?: >> >>> Hi All, first post here, nice to meet you :) >>> >>> I've been using dovecot + postfix + clamav + spamassassin for years but always with few users. >>> >>> Now i must build a server for 1500 users, >>> they will use various email software (thunderbird, outlook, ..) >>> the webmail (i'm not sure if squirrelmail or roundcube) >>> and blackberry devices (with the BIS service). >>> >>> There will be around 1000 domains (virtual_domains) and postfix will read its users and domains from mysql. >>> >>> Let's say that they will send and receive around 5000 emails per hour (10K in total per hour). >>> >>> I was thinking to use karspersky server instead of clamav. >>> >>> I already have the hardware, it is a server with 4 physical cpu (Intel Xeon E5504 @ 2.00GHz) and 24 gb of ram, >>> do you think it is enough ? >>> >>> >>> Thanks for supporting, >>> regards and have a nice day, >>> Mike -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 260 bytes Desc: OpenPGP digital signature URL: From delrio at mie.utoronto.ca Fri Nov 2 15:39:56 2012 From: delrio at mie.utoronto.ca (Oscar del Rio) Date: Fri, 02 Nov 2012 09:39:56 -0400 Subject: [Dovecot] dovecot dimensioning In-Reply-To: <509301EB.1070508@ldmltd.ca> References: <20121101162049.77c57503@uplink> <0C621B8F-997C-43D2-9923-B7FBB8552676@us.es> <20121101203236.1803e9de@uplink> <509301EB.1070508@ldmltd.ca> Message-ID: <5093CD2C.8020502@mie.utoronto.ca> On 11/ 1/12 07:12 PM, Gregory Finch wrote: > I believe that Javier is talking IOPS, not throughput. You need a > storage system that is able to provide a high random read + write IOPS. > That single drive is going to cause you issues when things get busy. And a disaster when the single drive fails! From dave at boostpro.com Fri Nov 2 09:52:45 2012 From: dave at boostpro.com (Dave Abrahams) Date: Fri, 02 Nov 2012 03:52:45 -0400 Subject: [Dovecot] "starting" dovecot References: Message-ID: on Thu Nov 01 2012, Dave Abrahams wrote: > My system never issues the "dovecot start" command. I do, however, run > /usr/local/libexec/dovecot/imap on port 9xxx. I talk to the server > through port 9xxx and through the preauth tunnel. Is this arrangement > OK? Are there some things that will only work if "dovecot" is invoked? In particular, I'm curious because of messages like the one below that I got from "doveadm search": doveadm(dave): Error: net_connect_unix(/usr/local/var/run/dovecot/indexer) failed: No such file or directory Is the lack of this (or any other) socket attributable to not having started dovecot itself? -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From skdovecot at smail.inf.fh-brs.de Fri Nov 2 17:55:42 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 2 Nov 2012 16:55:42 +0100 (CET) Subject: [Dovecot] Feature request: add information to error message: client doesn't have lookup permissions for this user: userdb reply doesn't contain uid (change userdb socket permissions) Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Please add the information to this error, which socket has the problem and which uid access is and what is expected. For instance, when the quota dict request fails, because of permission problems, you get a very detailed info about the current problem. And, further more, hints to solve it. BTW: I'm trying to configure shared mailboxes for a virtual user system, when one user with ACLs on other mailboxes requests a LIST, I get this error. In my case, I solved the problem by chmod u+x auth-userdb . Kind regards, - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUJPs/2oxLS8a3A9mAQLQxwf/ZkhmER1q/+rlZCIdQ70x6TDwS1nwJI6J FHyr8UFgV0xXBeX8OW+UDl8N4OzXOiReygHnrcpYE4BCEQmeQC9YUU7mCcC6tpqG cg+uYMAPap3Zx8WkAqsmDnnqHe4xX7GUscoiVh1vxYdiRkHwikiKEfuve+SwTpyj wmAK5CMGLBifWPk6bmFP7YR+sJnG/E1vKxEUMEKEKjMfubsCCqc95NNCOiVTwCTG Y15eIhyJTBBjrGuLSeiHb40sPnOE/OgO9r00+OXrZOtuouYZlsMENsDXSFFLoC7v MpABu57w3GRC0p33bjSuX8ZGinEd8fFz9mbUCSvBmLLL7rOZVR6FDw== =Rf46 -----END PGP SIGNATURE----- From mancyborg at gmail.com Fri Nov 2 18:37:00 2012 From: mancyborg at gmail.com (mancyborg at gmail.com) Date: Fri, 2 Nov 2012 17:37:00 +0100 Subject: [Dovecot] dovecot dimensioning In-Reply-To: <5093CD2C.8020502@mie.utoronto.ca> References: <20121101162049.77c57503@uplink> <0C621B8F-997C-43D2-9923-B7FBB8552676@us.es> <20121101203236.1803e9de@uplink> <509301EB.1070508@ldmltd.ca> <5093CD2C.8020502@mie.utoronto.ca> Message-ID: <20121102173700.4a378b98@uplink> Hi thanks to all for your pointers, very interesting. I'll do my homework about local SAS disks and SANs. Thanks and regards :) Mike On Fri, 02 Nov 2012 09:39:56 -0400 Oscar del Rio wrote: > On 11/ 1/12 07:12 PM, Gregory Finch wrote: > > I believe that Javier is talking IOPS, not throughput. You need a > > storage system that is able to provide a high random read + write IOPS. > > That single drive is going to cause you issues when things get busy. > > And a disaster when the single drive fails! > From al-dovecot at none.at Sat Nov 3 01:51:56 2012 From: al-dovecot at none.at (Aleksandar Lazic) Date: Sat, 03 Nov 2012 00:51:56 +0100 Subject: [Dovecot] sessionid in logout line Message-ID: <1d2773bf5d07449f37b9af8c4cd8d699@none.at> Dear listmembers. I have the following login_log_format_elements = service=%s user=<%u> session=%{session} method=%m rip=%r lip=%l mpid=%e %c %k Maybe I have overseen the config option to add the %{session} also to the logout line. Here a example from my log: ### Nov 3 00:46:43 dovecot: imap-login: Login: service=imap, user=, session=ETV8v4vNfwB/AAAB, method=CRAM-MD5, rip=127.0.0.1, lip=127.0.0.1, mpid=14874, TLS, TLSv1.1 with cipher AES256-SHA (256/256 bits) zlib compression Nov 3 00:46:43 external dovecot: imap(USER): Disconnected: Logged out in=15649 out=80199 ### Thanks for help and answers. Best regards Aleks From user+dovecot at localhost.localdomain.org Sat Nov 3 02:01:28 2012 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Sat, 03 Nov 2012 01:01:28 +0100 Subject: [Dovecot] sessionid in logout line In-Reply-To: <1d2773bf5d07449f37b9af8c4cd8d699@none.at> References: <1d2773bf5d07449f37b9af8c4cd8d699@none.at> Message-ID: <50945ED8.1060403@localhost.localdomain.org> On 11/03/2012 12:51 AM Aleksandar Lazic wrote: > Dear listmembers. > > I have the following > > login_log_format_elements = service=%s user=<%u> session=%{session} > method=%m rip=%r lip=%l mpid=%e %c %k > > Maybe I have overseen the config option to add the %{session} also to > the logout line. > ? I use: imap_logout_format = in=%i out=%o, session=<%{session}> Regards, Pascal -- The trapper recommends today: c01dcofe.1230800 at localdomain.org From al-dovecot at none.at Sat Nov 3 11:06:10 2012 From: al-dovecot at none.at (Aleksandar Lazic) Date: Sat, 03 Nov 2012 10:06:10 +0100 Subject: [Dovecot] sessionid in logout line In-Reply-To: <50945ED8.1060403@localhost.localdomain.org> References: <1d2773bf5d07449f37b9af8c4cd8d699@none.at> <50945ED8.1060403@localhost.localdomain.org> Message-ID: <3a40500f7994634c97bf7fd35c9d8c63@none.at> Dear Pascal, Am 03-11-2012 01:01, schrieb Pascal Volk: > On 11/03/2012 12:51 AM Aleksandar Lazic wrote: >> Dear listmembers. >> [snipp] >> Maybe I have overseen the config option to add the %{session} also >> to >> the logout line. >> ? > > I use: imap_logout_format = in=%i out=%o, session=<%{session}> AH thanks I have overlooked this with dovecot config|egrep -i log Best regards Aleks From ice3wtt at gmail.com Sat Nov 3 11:18:11 2012 From: ice3wtt at gmail.com (mican zhang) Date: Sat, 3 Nov 2012 17:18:11 +0800 Subject: [Dovecot] dovecot default service Message-ID: i install dovecot 2 and when i try ps auxw|grep "dovecot" i just get only 5processes, root 21861 0.0 0.0 14884 980 ? Ss 16:53 0:00 /usr/local/sbin /dovecot dovecot 21862 0.0 0.0 12740 968 ? S 16:53 0:00 dovecot/anvil root 21863 0.0 0.0 12872 1088 ? S 16:53 0:00 dovecot/log root 21865 0.0 0.0 15356 1468 ? S 16:53 0:00 dovecot/config root 21945 0.0 0.0 61148 800 pts/0 S+ 17:04 0:00 grep dovecot , my os is redhat 5.4 and i just install like ./configure make &make install i don't what's wrong?i also test on centos 6.2,and result is the same does anyone has the same issue?and what should i do to fix this? From dovecot at vosslamber.nl Sat Nov 3 11:22:26 2012 From: dovecot at vosslamber.nl (Luuk@dovecot) Date: Sat, 03 Nov 2012 10:22:26 +0100 Subject: [Dovecot] dovecot default service In-Reply-To: References: Message-ID: <5094E252.4020407@vosslamber.nl> On 03-11-2012 10:18, mican zhang wrote: > i install dovecot 2 and when i try ps auxw|grep "dovecot" > i just get only 5processes, > root 21861 0.0 0.0 14884 980 ? Ss 16:53 0:00 > /usr/local/sbin > /dovecot > dovecot 21862 0.0 0.0 12740 968 ? S 16:53 0:00 > dovecot/anvil > root 21863 0.0 0.0 12872 1088 ? S 16:53 0:00 dovecot/log > root 21865 0.0 0.0 15356 1468 ? S 16:53 0:00 > dovecot/config > root 21945 0.0 0.0 61148 800 pts/0 S+ 17:04 0:00 grep > dovecot > , > my os is redhat 5.4 and i just install like ./configure make &make install > i don't what's wrong?i also test on centos 6.2,and result is the same > does anyone has the same issue?and what should i do to fix this? > maybe you should do: ps auxw|grep "dovecot" | awk '{ print $0; print $0 }' than you would get 10 lines of output...... but seriously: - What processes do you miss? - Why do you thing 5 processes are nog enough? From ice3wtt at gmail.com Sat Nov 3 11:28:35 2012 From: ice3wtt at gmail.com (mican zhang) Date: Sat, 3 Nov 2012 17:28:35 +0800 Subject: [Dovecot] dovecot default service In-Reply-To: <5094E252.4020407@vosslamber.nl> References: <5094E252.4020407@vosslamber.nl> Message-ID: thanks for you help ,and i still not resolve my issus. i what dovecot as postfix's stmp auth and imap server,so iguess its must have auth process and imap process,official documents also have more processes than 5 i try telnet localhost 110,and telnet localhost 143,i got : Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. Connection closed by foreign host. On Sat, Nov 3, 2012 at 5:22 PM, Luuk at dovecot wrote: > On 03-11-2012 10:18, mican zhang wrote: > >> i install dovecot 2 and when i try ps auxw|grep "dovecot" >> i just get only 5processes, >> root 21861 0.0 0.0 14884 980 ? Ss 16:53 0:00 >> /usr/local/sbin >> /dovecot >> dovecot 21862 0.0 0.0 12740 968 ? S 16:53 0:00 >> dovecot/anvil >> root 21863 0.0 0.0 12872 1088 ? S 16:53 0:00 >> dovecot/log >> root 21865 0.0 0.0 15356 1468 ? S 16:53 0:00 >> dovecot/config >> root 21945 0.0 0.0 61148 800 pts/0 S+ 17:04 0:00 grep >> dovecot >> , >> my os is redhat 5.4 and i just install like ./configure make &make >> install >> i don't what's wrong?i also test on centos 6.2,and result is the same >> does anyone has the same issue?and what should i do to fix this? >> >> > > maybe you should do: > ps auxw|grep "dovecot" | awk '{ print $0; print $0 }' > > than you would get 10 lines of output...... > > but seriously: > - What processes do you miss? > - Why do you thing 5 processes are nog enough? > From dovecot at vosslamber.nl Sat Nov 3 11:41:20 2012 From: dovecot at vosslamber.nl (Luuk@dovecot) Date: Sat, 03 Nov 2012 10:41:20 +0100 Subject: [Dovecot] dovecot default service In-Reply-To: References: <5094E252.4020407@vosslamber.nl> Message-ID: <5094E6C0.9090200@vosslamber.nl> On 03-11-2012 10:28, mican zhang wrote: > thanks for you help ,and i still not resolve my issus. > i what dovecot as postfix's stmp auth and imap server,so iguess its must > have auth process and imap process,official documents also have more > processes than 5 > i try telnet localhost 110,and telnet localhost 143,i got : > Trying 127.0.0.1... > Connected to localhost. > Escape character is '^]'. > Connection closed by foreign host. > > Have a look at: http://wiki2.dovecot.org/#Dovecot_configuration It tells you how to configure dovecot.... ;) From davide.marchi at mail.cgilfe.it Sat Nov 3 11:45:58 2012 From: davide.marchi at mail.cgilfe.it (Davide) Date: Sat, 03 Nov 2012 10:45:58 +0100 Subject: [Dovecot] LMTP benefit vs LDA Message-ID: <5094E7D6.5000109@mail.cgilfe.it> Hi to all, my question is what is benefit implementing LMTP service replacing LDA i have dovecot 2.1.8 with vpoipmail+qmail and about 500 users now i'm using LDA and i'm interested on LMTP service. Thanks in advance -- */Davide Marchi /Teorema Ferrara Srl /(Tel: /**/+39 0532 783161)/**/ (Fax: +/**/39 0532 783368/**/)/**//**/ /**//**/Davide.Marchi at mail.cgilfe.it /CONFIDENZIALITA? *** Questo messaggio, inclusi gli eventuali allegati, ? indirizzato solo ai destinatari e pu? contenere informazioni riservate e confidenziali. Se avete ricevuto il messaggio senza esserne un destinatario, siete pregati di non utilizzare, copiare o distribuire questo messaggio o i suoi allegati. Se avete ricevuto il messaggio per errore, siete pregati di cancellarlo dal vostro sistema, assieme a tutti gli allegati, e di informare immediatamente il mittente,sia ai sensi dell'art. 616 c.p., sia ai sensi del DL n. 196/03. *CONFIDENTIALITY*** This message and any attachments are intended only for the use of the addressee(s) and may contain information that is privileged and/or confidential. If the reader of the message is not the intended recipient(s) or an authorized representative of the intended recipient(s), please do not use, copy, distribute this email or its attachments or take action based on them. If you have received this communication in error, please notify us immediately by email and delete the message and any attachments from your system. *Teorema FerraraSrl - Via Spronello, 7 - 44121 Ferrara Italia - P. IVA 01244490387** P**S**tampa questo messaggio solo se veramente necessario, pensa alla natura! - Please consider whether it is necessary to print this e-mail* From janfrode at tanso.net Sat Nov 3 12:19:16 2012 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Sat, 3 Nov 2012 11:19:16 +0100 Subject: [Dovecot] LMTP benefit vs LDA In-Reply-To: <5094E7D6.5000109@mail.cgilfe.it> References: <5094E7D6.5000109@mail.cgilfe.it> Message-ID: On Sat, Nov 3, 2012 at 10:45 AM, Davide wrote: > Hi to all, > my question is what is benefit implementing LMTP service replacing LDA i > have dovecot 2.1.8 with vpoipmail+qmail and about 500 users now i'm using > LDA and i'm interested on LMTP service. > Thanks in advance For us it has the benefit that we don't need to run any SMTP servers on the backend dovecot servers, and we can have our frontend postfix servers deliver incoming messages trough the dovecot director so that the users are sticky to their servers. For a single server running everything, I don't know if there's any point. -jf From daniel.parthey at informatik.tu-chemnitz.de Sat Nov 3 14:41:49 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 3 Nov 2012 13:41:49 +0100 Subject: [Dovecot] LMTP benefit vs LDA In-Reply-To: <5094E7D6.5000109@mail.cgilfe.it> References: <5094E7D6.5000109@mail.cgilfe.it> Message-ID: <20121103124149.GA12562@daniel.localdomain> Davide wrote: > my question is what is benefit implementing LMTP service replacing > LDA i have dovecot 2.1.8 with vpoipmail+qmail and about 500 users > now i'm using LDA and i'm interested on LMTP service. with LMTP... * you dont need to care about mail filesystem permissions * you can use dovecot lmtp proxy and/or director * you don't need to spawn a new process for each message Regards Daniel -- https://plus.google.com/103021802792276734820 From jtam.home at gmail.com Sun Nov 4 10:16:00 2012 From: jtam.home at gmail.com (Joseph Tam) Date: Sun, 4 Nov 2012 01:16:00 -0700 (PDT) Subject: [Dovecot] LMTP benefit vs LDA In-Reply-To: References: Message-ID: Daniel Parthey writes: > Davide wrote: >> my question is what is benefit implementing LMTP service replacing >> LDA i have dovecot 2.1.8 with vpoipmail+qmail and about 500 users >> now i'm using LDA and i'm interested on LMTP service. > > with LMTP... > * you dont need to care about mail filesystem permissions > * you can use dovecot lmtp proxy and/or director > * you don't need to spawn a new process for each message One of the (potential) benefit is that a LMTP, because it can handle multiple recipients, has the ability to optimize I/O (or storage?) by using hardlinking to a single copy of a message (deduping). I don't know if Dovecot takes advantage of this in any way though. Joseph Tam From cr at sys4.de Sun Nov 4 22:34:30 2012 From: cr at sys4.de (=?iso-8859-1?Q?Christian_R=F6=DFner?=) Date: Sun, 4 Nov 2012 21:34:30 +0100 Subject: [Dovecot] Quota Message-ID: Hi, is it possible to ask Dovecot for a users quota by talking to the Dovecot server over TCP? I know about doveadm quota -u , but I would like to know, if I can query for that over a network connection (on the Postfix ML they suggested writing a policy service that checks quota. Postfix is not always on the same server as Dovecot is). Does the LMTP protocol give that information somehow? I am not so familiar with LMTP. Or some Unix-Socket to query that could also be configured as inet_listener? Thanks in advance -Christian R??ner -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From daniel.parthey at informatik.tu-chemnitz.de Sun Nov 4 23:57:11 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sun, 4 Nov 2012 22:57:11 +0100 Subject: [Dovecot] Quota In-Reply-To: References: Message-ID: <20121104215711.GA12735@daniel.localdomain> Christian R??ner wrote: > is it possible to ask Dovecot for a users quota by talking to the Dovecot > server over TCP? I know about doveadm quota -u , but I would like to > know, if I can query for that over a network connection (on the Postfix ML > they suggested writing a policy service that checks quota. Postfix is not > always on the same server as Dovecot is). > > Does the LMTP protocol give that information somehow? > I am not so familiar with LMTP. Or some Unix-Socket to > query that could also be configured as inet_listener? LMTP only returns an error if you're already over quota. You can query the quota of a specific mailbox via IMAP using GETQUOTAROOT: http://tools.ietf.org/rfc/rfc2087.txt Several script languages provide helper functions for this: perl: IMAP::Admin->get_quotaroot php: imap_get_quota ruby: Net::IMAP::MailboxQuota Regards Daniel -- https://plus.google.com/103021802792276734820 From cr at sys4.de Mon Nov 5 00:31:39 2012 From: cr at sys4.de (=?utf-8?Q?Christian_R=C3=B6=C3=9Fner?=) Date: Sun, 4 Nov 2012 23:31:39 +0100 Subject: [Dovecot] Quota In-Reply-To: <20121104215711.GA12735@daniel.localdomain> References: <20121104215711.GA12735@daniel.localdomain> Message-ID: Hi > perl: IMAP::Admin->get_quotaroot > php: imap_get_quota > ruby: Net::IMAP::MailboxQuota python-imaplib in my case ;) If connecting from the policy service, can I use Dovecot master password to get quota over IMAP? Thanks again Christian > > Regards > Daniel > -- > https://plus.google.com/103021802792276734820 From tss at iki.fi Mon Nov 5 00:37:58 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 5 Nov 2012 00:37:58 +0200 Subject: [Dovecot] Quota In-Reply-To: References: Message-ID: <386ECE99-CE25-46E1-84DD-878B7B1BBA60@iki.fi> On 4.11.2012, at 22.34, Christian R??ner wrote: > is it possible to ask Dovecot for a users quota by talking to the Dovecot server over TCP? I know about doveadm quota -u , but I would like to know, if I can query for that over a network connection (on the Postfix ML they suggested writing a policy service that checks quota. Postfix is not always on the same server as Dovecot is). > > Does the LMTP protocol give that information somehow? I am not so familiar with LMTP. Or some Unix-Socket to query that could also be configured as inet_listener? You could connect to doveadm-server socket and basically ask the "doveadm quota" command via it. There's not much documentation about it though. But I'm sure I've mentioned details a couple of times in this mailing list.. I've also had some plans to make a somewhat easier socket for asking this. Maybe using doveadm-server process, or maybe a whole new quota-query binary that can talk multiple protocols.. It would be pretty easy to do, mainly I just haven't been sure what would be the cleanest way to implement this. From daniel.parthey at informatik.tu-chemnitz.de Mon Nov 5 01:03:13 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Mon, 5 Nov 2012 00:03:13 +0100 Subject: [Dovecot] Quota In-Reply-To: References: <20121104215711.GA12735@daniel.localdomain> Message-ID: <20121104230313.GA15736@daniel.localdomain> Christian R??ner wrote: > > perl: IMAP::Admin->get_quotaroot > > php: imap_get_quota > > ruby: Net::IMAP::MailboxQuota > > python-imaplib in my case ;) > > If connecting from the policy service, can I use Dovecot master password to get quota over IMAP? Yes, I think a master user login should work as if the user has logged in. If you store quota in a database, the policy service could query the database. Regards Daniel -- https://plus.google.com/103021802792276734820 From calestyo at scientia.net Mon Nov 5 01:20:15 2012 From: calestyo at scientia.net (Christoph Anton Mitterer) Date: Mon, 05 Nov 2012 00:20:15 +0100 Subject: [Dovecot] maildir S= and W= In-Reply-To: <5091312F.1080603@skye.it> References: <1351645983.24721.0.camel@fermat.scientia.net> <5090D14B.9080805@skye.it> <1351683711.7825.0.camel@heisenberg.scientia.net> <509113CB.7020402@skye.it> <1351691732.8425.1.camel@heisenberg.scientia.net> <5091312F.1080603@skye.it> Message-ID: <1352071215.4979.9.camel@fermat.scientia.net> FYI: On Wed, 2012-10-31 at 15:09 +0100, Alessio Cecchi wrote: > Yes, W= is not set by maildrop I had some conversation with Sam (the maildrop upstream), who said he would accept a patch adding ,W= support to maildrop. He may even look at it himself, when he should ever find some time being very bored ;) Given that maildrop is one of the most important MDAs, perhaps someone of the dovecot developers may have also an interest in this :) Cheers, Chris. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5113 bytes Desc: not available URL: From dave at boostpro.com Mon Nov 5 04:51:28 2012 From: dave at boostpro.com (Dave Abrahams) Date: Sun, 04 Nov 2012 21:51:28 -0500 Subject: [Dovecot] [bump] Re: "starting" dovecot References: Message-ID: Timo? on Fri Nov 02 2012, Dave Abrahams wrote: > on Thu Nov 01 2012, Dave Abrahams wrote: > >> My system never issues the "dovecot start" command. I do, however, run >> /usr/local/libexec/dovecot/imap on port 9xxx. I talk to the server >> through port 9xxx and through the preauth tunnel. Is this arrangement >> OK? Are there some things that will only work if "dovecot" is invoked? > > In particular, I'm curious because of messages like the one below that I > got from "doveadm search": > > doveadm(dave): Error: > net_connect_unix(/usr/local/var/run/dovecot/indexer) failed: No such > file or directory > > Is the lack of this (or any other) socket attributable to not having > started dovecot itself? -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From daniel.parthey at informatik.tu-chemnitz.de Mon Nov 5 05:04:29 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Mon, 5 Nov 2012 04:04:29 +0100 Subject: [Dovecot] "starting" dovecot In-Reply-To: References: Message-ID: <20121105030429.GA19861@daniel.localdomain> Hi Dave, Dave Abrahams wrote: > My system never issues the "dovecot start" command. I do, however, run > /usr/local/libexec/dovecot/imap on port 9xxx. I talk to the server > through port 9xxx and through the preauth tunnel. Is this arrangement > OK? No, most probably not. You try to investigate why dovecot does not run: http://wiki2.dovecot.org/WhyDoesItNotWork Show your "doveconf -n" output and dovecot logfile content please. > Are there some things that will only work if "dovecot" is invoked? The dovecot main process spawns all the services and sockets, you should invoke service binaries directly only for debugging purposes. Regards Daniel -- https://plus.google.com/103021802792276734820 From cr at sys4.de Mon Nov 5 10:05:27 2012 From: cr at sys4.de (=?iso-8859-1?Q?Christian_R=F6=DFner?=) Date: Mon, 5 Nov 2012 09:05:27 +0100 Subject: [Dovecot] Quota In-Reply-To: <20121104230313.GA15736@daniel.localdomain> References: <20121104215711.GA12735@daniel.localdomain> <20121104230313.GA15736@daniel.localdomain> Message-ID: <20741D9A-A20D-435B-8B77-1E85C79761FC@sys4.de> Hi, >> If connecting from the policy service, can I use Dovecot master password to get quota over IMAP? > > Yes, I think a master user login should work as if the user has logged in. > > If you store quota in a database, the policy service could query the database. thanks a lot for your information. I have written a policy service in python for Postfix that can check "over quota" in Dovecot. Using IMAPS and the master user to check quota. If someone is interested, I can send a copy off list. -Christian R??ner -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From dave at boostpro.com Mon Nov 5 12:15:35 2012 From: dave at boostpro.com (Dave Abrahams) Date: Mon, 05 Nov 2012 05:15:35 -0500 Subject: [Dovecot] "starting" dovecot In-Reply-To: <20121105030429.GA19861@daniel.localdomain> (Daniel Parthey's message of "Mon, 5 Nov 2012 04:04:29 +0100") References: <20121105030429.GA19861@daniel.localdomain> Message-ID: on Sun Nov 04 2012, Daniel Parthey wrote: > Hi Dave, > > Dave Abrahams wrote: >> My system never issues the "dovecot start" command. I do, however, run >> /usr/local/libexec/dovecot/imap on port 9xxx. I talk to the server >> through port 9xxx and through the preauth tunnel. Is this arrangement >> OK? > > No, most probably not. You try to investigate why dovecot does not run: > http://wiki2.dovecot.org/WhyDoesItNotWork I know why it doesn't run: it doesn't run because I haven't done anything to make it run (e.g. no init script launches it). I've been running its "imap" executable from an init script (or launchd, the equivalent on my Mac), and most things seem to work just fine. > Show your "doveconf -n" output and dovecot logfile content please. It's on a different machine than the one I'm using. I could post it later if you still think it's a good idea. >> Are there some things that will only work if "dovecot" is invoked? > > The dovecot main process spawns all the services and sockets, > you should invoke service binaries directly only for debugging purposes. OK, I think this is the definitive answer I was looking for. Thanks very much! -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From mrubinsk at horde.org Mon Nov 5 18:13:33 2012 From: mrubinsk at horde.org (Michael J Rubinsky) Date: Mon, 05 Nov 2012 11:13:33 -0500 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE Message-ID: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> I've been seeing the following wonky behavior with Dovecot. Currently this is with Dovecot 2.0.19, but I was also seeing it in earlier versions as well, including versions from the 1.x series. Some background, this is from Horde's ActiveSync library, when it is trying to determine what UIDs have recently been expunged. I can guarantee that when this command was sent, there was only one or two emails that were removed since the provided MODSEQ value. C: 8 UID FETCH 1:* UID (VANISHED CHANGEDSINCE 587742) S: * VANISHED (EARLIER) 1:119944,119947:123482,123484:128043,128045:130388,130390:130456,130458:132127,132129:135832,135834:136201,136203:136301,136303:136316,136318:138502,138504:140099,140101:141908,141910:142607,142609:142744,142746:142865,142867:143160,143164:143173,143176:143179,143181:143187,143189:143190,143192:143195,143197:143270,143272:143273,143275:143280,143282:143302,143305:143307,143309:143318,143320:143333,143335:143337,143339:143341,143343:143375,143377:143400,143402:143551,143553:143637,143640:143706,143708:144069,144071:144178,144180:144307,144309:144316,144318:144329,144331:144931,144933:144983,144985:145000,145002:145069,145071:145072,145074:145132,145136:145178,145180:145191,145193 Also, to verify it wasn't something screwy with my server, Michael Slusarz provided me with this from his server: There's definitely something wonky going on in the code. There's a certain tipping point of modseqs where the values become incorrect. For a mailbox with HIGHESTMODSEQ of 54004, I see this: a uid fetch 1:* UID (VANISHED CHANGEDSINCE 53881) * VANISHED (EARLIER) 1:37308,37310:40788,40791:41032,41034:41083 a OK Fetch completed. b uid fetch 1:* UID (VANISHED CHANGEDSINCE 53882) * VANISHED (EARLIER) 41029:41030,41047:41083 b OK Fetch completed. Thanks for any guidance. -- mike The Horde Project (www.horde.org) mrubinsk at horde.org -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 6062 bytes Desc: S/MIME Cryptographic Signature URL: From slusarz at curecanti.org Mon Nov 5 20:06:52 2012 From: slusarz at curecanti.org (Michael M Slusarz) Date: Mon, 05 Nov 2012 11:06:52 -0700 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> Message-ID: <20121105110652.Horde.ZrxCN4F5lbhQmAA8mg3zyOA@bigworm.curecanti.org> Quoting Michael J Rubinsky : > Also, to verify it wasn't something screwy with my server, Michael > Slusarz provided me with this from his server: > > > There's definitely something wonky going on in the code. There's a > certain tipping point of modseqs where the values become incorrect. > For a mailbox with HIGHESTMODSEQ of 54004, I see this: > > a uid fetch 1:* UID (VANISHED CHANGEDSINCE 53881) > * VANISHED (EARLIER) 1:37308,37310:40788,40791:41032,41034:41083 > a OK Fetch completed. > b uid fetch 1:* UID (VANISHED CHANGEDSINCE 53882) > * VANISHED (EARLIER) 41029:41030,41047:41083 > b OK Fetch completed. > FYI, this is output from Dovecot 2.1.10. michael From tss at iki.fi Mon Nov 5 20:16:03 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 5 Nov 2012 20:16:03 +0200 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> Message-ID: <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> On 5.11.2012, at 18.13, Michael J Rubinsky wrote: > I've been seeing the following wonky behavior with Dovecot. Currently this is with Dovecot 2.0.19, but I was also seeing it in earlier versions as well, including versions from the 1.x series. Some background, this is from Horde's ActiveSync library, when it is trying to determine what UIDs have recently been expunged. I can guarantee that when this command was sent, there was only one or two emails that were removed since the provided MODSEQ value. .. > > There's definitely something wonky going on in the code. There's a certain tipping point of modseqs where the values become incorrect. I don't think they become incorrect, just that there are more of them than really necessary? Yes, there's a tipping point. It's when the modseq no longer exists in the dovecot.index.log* files, which get rotated once in a while. This shouldn't happen very often. > For a mailbox with HIGHESTMODSEQ of 54004, I see this: > > a uid fetch 1:* UID (VANISHED CHANGEDSINCE 53881) > * VANISHED (EARLIER) 1:37308,37310:40788,40791:41032,41034:41083 > a OK Fetch completed. > b uid fetch 1:* UID (VANISHED CHANGEDSINCE 53882) > * VANISHED (EARLIER) 41029:41030,41047:41083 > b OK Fetch completed. > So in b) case Dovecot read the dovecot.index.log and returned the expunges found from there. In a) case it didn't know what was expunged since the modseq, so it returned UIDs of all the expunged mails. From mrubinsk at horde.org Mon Nov 5 20:37:48 2012 From: mrubinsk at horde.org (Michael J Rubinsky) Date: Mon, 05 Nov 2012 13:37:48 -0500 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> Message-ID: <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> Quoting Timo Sirainen : > On 5.11.2012, at 18.13, Michael J Rubinsky wrote: > >> I've been seeing the following wonky behavior with Dovecot. >> Currently this is with Dovecot 2.0.19, but I was also seeing it in >> earlier versions as well, including versions from the 1.x series. >> Some background, this is from Horde's ActiveSync library, when it >> is trying to determine what UIDs have recently been expunged. I >> can guarantee that when this command was sent, there was only one >> or two emails that were removed since the provided MODSEQ value. > .. >> >> There's definitely something wonky going on in the code. There's a >> certain tipping point of modseqs where the values become incorrect. > > I don't think they become incorrect, just that there are more of > them than really necessary? Yes, there's a tipping point. It's when > the modseq no longer exists in the dovecot.index.log* files, which > get rotated once in a while. This shouldn't happen very often. FYI, I see this about once every two weeks, sometimes more frequently. Is there anything we can do to reduce the chance of this happening? -- mike The Horde Project (www.horde.org) mrubinsk at horde.org -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 6062 bytes Desc: S/MIME Cryptographic Signature URL: From tss at iki.fi Mon Nov 5 20:43:46 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 5 Nov 2012 20:43:46 +0200 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> Message-ID: On 5.11.2012, at 20.37, Michael J Rubinsky wrote: >> On 5.11.2012, at 18.13, Michael J Rubinsky wrote: >> >>> I've been seeing the following wonky behavior with Dovecot. Currently this is with Dovecot 2.0.19, but I was also seeing it in earlier versions as well, including versions from the 1.x series. Some background, this is from Horde's ActiveSync library, when it is trying to determine what UIDs have recently been expunged. I can guarantee that when this command was sent, there was only one or two emails that were removed since the provided MODSEQ value. >> .. >>> >>> There's definitely something wonky going on in the code. There's a certain tipping point of modseqs where the values become incorrect. >> >> I don't think they become incorrect, just that there are more of them than really necessary? Yes, there's a tipping point. It's when the modseq no longer exists in the dovecot.index.log* files, which get rotated once in a while. This shouldn't happen very often. > > FYI, I see this about once every two weeks, sometimes more frequently. Is there anything we can do to reduce the chance of this happening? How do you see it? Does it break something? Why? You can change it only by increasing the dovecot.index.log sizes, which requires changing the code. From skdovecot at smail.inf.fh-brs.de Mon Nov 5 20:58:06 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Mon, 5 Nov 2012 19:58:06 +0100 (CET) Subject: [Dovecot] %{ldap:nonExistantAttribut} (was Re: v2.2.alpha1 released) In-Reply-To: <1351544456.13571.102.camel@hurina> References: <1351544456.13571.102.camel@hurina> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 29 Oct 2012, Timo Sirainen wrote: this syntax is now replaced by an empty string, if the attribute is missing, instead of generating a backtrace as in v2.1. http://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb?highlight=(%25{ldap) is the only reference I found so far and the TODO file. If the attribute does not exist, there should be a default value, you can specify, e.g.: %{ldap:attrName[,]:default value} . [,] the optional delimiter from the TODO. Or if the attribute is missing, the rule is ignored. Kind regards, - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUJgMPmoxLS8a3A9mAQJzRAf8CNz8vs4JkYisO52ajT8fzYsv8cHSHeqH G9Tqnz3IM2UjxRkSHWh3XJcf8pG2tmAns7ib1nH3WUuz99I3JG6exxiOX+PhdZnF BXWQRRSUXl5xsf1qqOIqNXTtqSwzEY/ucXrZi8ZdzYPArq2cN6YDsI/qacgyS+Md c1BWxdtC3DX1d+aBYreQ8oopyhahaLYS6p366bkh5Olemjb9ofkhJfi1EoUpXko3 pU+wXovIXH5xhvlis91FUJfF6gk1zGfBBcnhym/EJVkRyNMf+smeUL1AcGvLs0FJ scCq/QU9U9t4C91aooQzdiE+p4i9I2mpprPJsC2Bb4FdnlSQbspjDQ== =Xp2l -----END PGP SIGNATURE----- From mrubinsk at horde.org Mon Nov 5 20:59:51 2012 From: mrubinsk at horde.org (Michael J Rubinsky) Date: Mon, 05 Nov 2012 13:59:51 -0500 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> Message-ID: <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> Quoting Timo Sirainen : > On 5.11.2012, at 20.37, Michael J Rubinsky wrote: > >>> On 5.11.2012, at 18.13, Michael J Rubinsky wrote: >>> >>>> I've been seeing the following wonky behavior with Dovecot. >>>> Currently this is with Dovecot 2.0.19, but I was also seeing it >>>> in earlier versions as well, including versions from the 1.x >>>> series. Some background, this is from Horde's ActiveSync >>>> library, when it is trying to determine what UIDs have recently >>>> been expunged. I can guarantee that when this command was sent, >>>> there was only one or two emails that were removed since the >>>> provided MODSEQ value. >>> .. >>>> >>>> There's definitely something wonky going on in the code. There's >>>> a certain tipping point of modseqs where the values become >>>> incorrect. >>> >>> I don't think they become incorrect, just that there are more of >>> them than really necessary? Yes, there's a tipping point. It's >>> when the modseq no longer exists in the dovecot.index.log* files, >>> which get rotated once in a while. This shouldn't happen very often. >> >> FYI, I see this about once every two weeks, sometimes more >> frequently. Is there anything we can do to reduce the chance of >> this happening? > > How do you see it? Does it break something? Why? > > You can change it only by increasing the dovecot.index.log sizes, > which requires changing the code. It breaks ActiveSync synchronization of mailboxes. When this happens, the sync state of the mailbox needs to be reset, which causes the entire mailbox to be resynchronized to the mobile device. This can lead to a not-insignificant amount of wasted bandwidth and battery power for the device. There have been times when this has happened multiple times in a single day. Not resetting the state leads to multiple issues on the device due to sending it thousands of deletion commands for messages it knows nothing about. -- mike The Horde Project (www.horde.org) mrubinsk at horde.org -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 6062 bytes Desc: S/MIME Cryptographic Signature URL: From slusarz at curecanti.org Mon Nov 5 21:43:11 2012 From: slusarz at curecanti.org (Michael M Slusarz) Date: Mon, 05 Nov 2012 12:43:11 -0700 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> Message-ID: <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> Quoting Michael J Rubinsky : >>>> I don't think they become incorrect, just that there are more of >>>> them than really necessary? Yes, there's a tipping point. It's >>>> when the modseq no longer exists in the dovecot.index.log* files, >>>> which get rotated once in a while. This shouldn't happen very >>>> often. >>> >>> FYI, I see this about once every two weeks, sometimes more >>> frequently. Is there anything we can do to reduce the chance of >>> this happening? >> >> How do you see it? Does it break something? Why? >> >> You can change it only by increasing the dovecot.index.log sizes, >> which requires changing the code. > > It breaks ActiveSync synchronization of mailboxes. When this > happens, the sync state of the mailbox needs to be reset, which > causes the entire mailbox to be resynchronized to the mobile device. > This can lead to a not-insignificant amount of wasted bandwidth and > battery power for the device. There have been times when this has > happened multiple times in a single day. > > Not resetting the state leads to multiple issues on the device due > to sending it thousands of deletion commands for messages it knows > nothing about. My argument is much simpler: it is blatantly breaking the RFC. From RFC 5162 [3.2]: The VANISHED UID FETCH modifier instructs the server to report those messages from the UID set parameter that have been expunged and whose associated mod-sequence is larger than the specified mod-sequence. **That is, the client requests to be informed of messages from the specified set that were expunged since the specified mod-sequence.** (emphasis added) If you are including UIDs in the FETCH return that have NOT been expunged since the given mod-sequence, that directly contradicts this language. The clear intent of VANISHED UID FETCH is to provide the list of messages that existed in the mailbox at mod-sequence and no longer exist in the mailbox as of the current HIGHESTMODSEQ. As Mike R. has demonstrated, it is plausible that an MUA can only provide the MODSEQ of its cache state and has no knowledge of the UIDs it has actually cached. So having to parse through a (potentially) giant list of UIDs can be a performance killer (imagine the wasted bandwidth of having to upload a million UIDs to a phone every time you sync). michael From tss at iki.fi Mon Nov 5 23:28:07 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 05 Nov 2012 23:28:07 +0200 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> Message-ID: <1352150887.13571.105.camel@hurina> On Mon, 2012-11-05 at 12:43 -0700, Michael M Slusarz wrote: > My argument is much simpler: it is blatantly breaking the RFC. From > RFC 5162 [3.2]: > > The VANISHED UID FETCH modifier instructs the server to report those > messages from the UID set parameter that have been expunged and whose > associated mod-sequence is larger than the specified mod-sequence. > **That is, the client requests to be informed of messages from the > specified set that were expunged since the specified > mod-sequence.** (emphasis added) > > If you are including UIDs in the FETCH return that have NOT been > expunged since the given mod-sequence, that directly contradicts this > language. The clear intent of VANISHED UID FETCH is to provide the > list of messages that existed in the mailbox at mod-sequence and no > longer exist in the mailbox as of the current HIGHESTMODSEQ. That would require infinitely storing the modseq of when each message was expunged. Not very nice. Also the RFC talks a lot about this situation. The SELECT command has two optional parameters to optimize it. From tss at iki.fi Mon Nov 5 23:40:33 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 05 Nov 2012 23:40:33 +0200 Subject: [Dovecot] v2.1 memory usage In-Reply-To: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> References: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> Message-ID: <1352151633.13571.116.camel@hurina> On Tue, 2012-09-11 at 21:43 +0300, Timo Sirainen wrote: > v2.1's imap/pop3 processes are linked with OpenSSL by default, because of imapc/pop3c storages. I wonder if you notice any actual (system-global) memory usage reduction when compiling without those and you have thousands of imap processes? > > ./configure --with-storages=mdbox sdbox maildir mbox cydir > > I guess I could try it myself also but maybe someone else wanting to reduce memory usage is quicker? :) > > Related to that, you can look at where imap processes' memory goes with: http://dovecot.org/tools/linux-maps-parse-imap.pl > I don't know how much memory those (writable!) file-backed memory areas actually use per-process. Maybe nothing, maybe something.. http://dovecot.org/tmp/proctest.sh can be used to easily test this. Looks like simply linking a binary with -lcrypto increases each process's memory usage by something like: * RHEL5: 50 kB * RHEL6/Debian/Ubuntu: 150-200 kB * Solaris: 100 kB * OpenBSD: 20 kB * OSX: 0 kB Looks like it's the linker that uses up all of this memory. I'm not sure why exactly though, I couldn't create a test library that had the same effect. I also tried imap binary that was statically built vs. linked with libdovecot*.so, and the difference was pretty small (.so used maybe 10-20k more). Anyway, looks like Dovecot can't link OpenSSL to imap/pop3 processes without wasting a ton of memory. In v2.2 I already moved imapc/pop3c backend code to plugins to avoid this. Looks like similar ugliness is needed for other features/backends also that may end up using SSL code. (We were wondering with Stephan what to do about his new HTTP library code that added support for SSL. It would be nice to keep it in the core libdovecot.so, but not if it links with SSL. So looks like we'll need some kind of a http-ssl plugin that is loaded only when needed.) From rgelfand2 at gmail.com Tue Nov 6 01:19:14 2012 From: rgelfand2 at gmail.com (Roman Gelfand) Date: Mon, 5 Nov 2012 18:19:14 -0500 Subject: [Dovecot] Security precautions for remote clients Message-ID: Where can I find something like remote client secure dovecot best practices or, perhaps, if there is not many, if you could list major configuration/setup points. Thanks in advance From tss at iki.fi Tue Nov 6 01:22:37 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 06 Nov 2012 01:22:37 +0200 Subject: [Dovecot] v2.1 memory usage In-Reply-To: <1352151633.13571.116.camel@hurina> References: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> <1352151633.13571.116.camel@hurina> Message-ID: <1352157757.13571.121.camel@hurina> On Mon, 2012-11-05 at 23:40 +0200, Timo Sirainen wrote: > Anyway, looks like Dovecot can't link OpenSSL to imap/pop3 processes > without wasting a ton of memory. In v2.2 I already moved imapc/pop3c > backend code to plugins to avoid this. Looks like similar ugliness is > needed for other features/backends also that may end up using SSL code. > (We were wondering with Stephan what to do about his new HTTP library > code that added support for SSL. It would be nice to keep it in the core > libdovecot.so, but not if it links with SSL. So looks like we'll need > some kind of a http-ssl plugin that is loaded only when needed.) Implemented it a bit easier way that also gets rid of imapc/pop3c plugins and simplifies other things: lib-ssl-iostream now loads OpenSSL dynamically: http://hg.dovecot.org/dovecot-2.2/rev/68d21f872fd7 This also provides a nice abstraction to OpenSSL, making it again possible to implement other backends like GnuTLS or NSS. (Except login process code doesn't use lib-ssl-iostream yet.) From mrubinsk at horde.org Tue Nov 6 03:49:53 2012 From: mrubinsk at horde.org (Michael J Rubinsky) Date: Mon, 05 Nov 2012 20:49:53 -0500 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <1352150887.13571.105.camel@hurina> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> Message-ID: <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> Quoting Timo Sirainen : > On Mon, 2012-11-05 at 12:43 -0700, Michael M Slusarz wrote: >> My argument is much simpler: it is blatantly breaking the RFC. From >> RFC 5162 [3.2]: >> >> The VANISHED UID FETCH modifier instructs the server to report those >> messages from the UID set parameter that have been expunged and whose >> associated mod-sequence is larger than the specified mod-sequence. >> **That is, the client requests to be informed of messages from the >> specified set that were expunged since the specified >> mod-sequence.** (emphasis added) >> >> If you are including UIDs in the FETCH return that have NOT been >> expunged since the given mod-sequence, that directly contradicts this >> language. The clear intent of VANISHED UID FETCH is to provide the >> list of messages that existed in the mailbox at mod-sequence and no >> longer exist in the mailbox as of the current HIGHESTMODSEQ. > > That would require infinitely storing the modseq of when each message > was expunged. Not very nice. Also the RFC talks a lot about this > situation. The SELECT command has two optional parameters to optimize > it. The RFC *does* indicate that a server implementation could, strictly speaking, be considered in compliance without remembering modsequences for all expunged messages, but it does explicitly discourage such implementations. From RFC 5162 [4.1]: Strictly speaking, a server implementation that doesn't remember mod- sequences associated with expunged messages can be considered compliant with this specification. Such implementations return all expunged messages specified in the UID set of the UID FETCH (VANISHED) command every time, without paying attention to the specified CHANGEDSINCE mod-sequence. Such implementations are discouraged, as they can end up returning VANISHED responses that are bigger than the result of a UID SEARCH command for the same UID set. Clients that use the message sequence match data can reduce the scope of this VANISHED response substantially in the typical case where expunges have not happened, or happen only toward the end of the mailbox. It also gives advice to avoid infinitely storing the modsequences such as "expiring" sequences associated with older expunged messages, but assigning a single modsequence value to all of the expired expunged messages. -- mike The Horde Project (www.horde.org) mrubinsk at horde.org -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 6062 bytes Desc: S/MIME Cryptographic Signature URL: From massimiliano at cianelli.eu Tue Nov 6 07:09:55 2012 From: massimiliano at cianelli.eu (Massimiliano Cianelli) Date: Tue, 06 Nov 2012 06:09:55 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. Message-ID: Hi, My setup: Dovecot 2 latest, installed to replace courrier IMAP, and off course configured with the dot separator and all folder under INBOX.*. The problem: My phone was driving me mad during the test, due that it will only recognize Inbox. How found the solution: I've started sniffing IMAP traffic on my server and ended up with one difference: On courier it ask for namespace, on dovecot it won't. I gives a better look, and noticed that courier show namespace capability on prelogin banner, adding it too solved the problem. Reason: Android ICS stock client seems do not honor the capability gived after the login. Request: Maybe is possible to put namespace capability in prelogin banner for the next version? That will solve trouble with a setup like the mine and android stock email client. Thank you, Best regards Sent from Galaxy Nexus From ben at morrow.me.uk Tue Nov 6 08:08:31 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Tue, 6 Nov 2012 06:08:31 +0000 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: References: Message-ID: <20121106060831.GA37663@anubis.morrow.me.uk> At 6AM +0100 on 6/11/12 you (Massimiliano Cianelli) wrote: > Hi, > > My setup: > Dovecot 2 latest, installed to replace courrier IMAP, and off course > configured with the dot separator and all folder under INBOX.*. > > The problem: > My phone was driving me mad during the test, due that it will only > recognize Inbox. > > How found the solution: > I've started sniffing IMAP traffic on my server and ended up with one > difference: > On courier it ask for namespace, on dovecot it won't. > > I gives a better look, and noticed that courier show namespace > capability on prelogin banner, adding it too solved the problem. > > Reason: > Android ICS stock client seems do not honor the capability gived after > the login. See http://wiki2.dovecot.org/Upgrading/2.0?highlight=%28capability%29 ; you need to set imap_capability and/or get your client fixed. Ben From alessio at skye.it Tue Nov 6 09:24:26 2012 From: alessio at skye.it (Alessio Cecchi) Date: Tue, 06 Nov 2012 08:24:26 +0100 Subject: [Dovecot] Security precautions for remote clients In-Reply-To: References: Message-ID: <5098BB2A.2020206@skye.it> Il 06/11/2012 00:19, Roman Gelfand ha scritto: > Where can I find something like remote client secure dovecot best > practices or, perhaps, if there is not many, if you could list major > configuration/setup points. > > Thanks in advance > Dovecot configuration is secure by default. For more information see "High-security mode" in Wiki http://wiki2.dovecot.org/LoginProcess Ciao -- Alessio Cecchi is: @ ILS -> http://www.linux.it/~alessice/ on LinkedIn -> http://www.linkedin.com/in/alessice Assistenza Sistemi GNU/Linux -> http://www.cecchi.biz/ @ PLUG -> ex-Presidente, adesso senatore a vita, http://www.prato.linux.it From alessio at skye.it Tue Nov 6 09:32:58 2012 From: alessio at skye.it (Alessio Cecchi) Date: Tue, 06 Nov 2012 08:32:58 +0100 Subject: [Dovecot] LMTP benefit vs LDA In-Reply-To: <20121103124149.GA12562@daniel.localdomain> References: <5094E7D6.5000109@mail.cgilfe.it> <20121103124149.GA12562@daniel.localdomain> Message-ID: <5098BD2A.9010704@skye.it> Il 03/11/2012 13:41, Daniel Parthey ha scritto: > Davide wrote: >> my question is what is benefit implementing LMTP service replacing >> LDA i have dovecot 2.1.8 with vpoipmail+qmail and about 500 users >> now i'm using LDA and i'm interested on LMTP service. > with LMTP... [...] > * you don't need to spawn a new process for each message For me this options is the most valuable. I'm also running qmail+vpopmail and dovecot as LDA and with thousand of users spawn a new process for each message could be a problem. But you need to swith to postfix, or have you some idea on how to run qmail and LMTP together? -- Alessio Cecchi is: @ ILS -> http://www.linux.it/~alessice/ on LinkedIn -> http://www.linkedin.com/in/alessice Assistenza Sistemi GNU/Linux -> http://www.cecchi.biz/ @ PLUG -> ex-Presidente, adesso senatore a vita, http://www.prato.linux.it From cr at sys4.de Tue Nov 6 09:59:31 2012 From: cr at sys4.de (=?iso-8859-1?Q?Christian_R=F6=DFner?=) Date: Tue, 6 Nov 2012 08:59:31 +0100 Subject: [Dovecot] sieve Message-ID: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> Hi, is there a sieve option that can reject a mail directly without creating a new mail and sending that out? I know about reject "Reject message goes here"; but I am looking for a mechanism that can reject Mail. Postfix can use reject_unverified_recipient to connect to LMTP and ask if a mail would successfully be enqueued and will return the status gotten from the LMTP server if not. Chances are high that the mechanism would work, too, if Dovecot would know about the sieve rule, while getting a connection on LMTP. Does Dovecot know all rules at this point or is sieve handled after the mail has already been accepted? Kind regards -Christian R??ner -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From tom at whyscream.net Tue Nov 6 10:18:46 2012 From: tom at whyscream.net (Tom Hendrikx) Date: Tue, 06 Nov 2012 09:18:46 +0100 Subject: [Dovecot] sieve In-Reply-To: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> References: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> Message-ID: <5098C7E6.7090903@whyscream.net> On 11/6/12 8:59 AM, Christian R??ner wrote: > Hi, > > is there a sieve option that can reject a mail directly without > creating a new mail and sending that out? I know about > > reject "Reject message goes here"; > > but I am looking for a mechanism that can reject Mail. Postfix can > use reject_unverified_recipient to connect to LMTP and ask if a mail > would successfully be enqueued and will return the status gotten from > the LMTP server if not. Chances are high that the mechanism would > work, too, if Dovecot would know about the sieve rule, while getting > a connection on LMTP. Does Dovecot know all rules at this point or is > sieve handled after the mail has already been accepted? > I have no idea if your above idea would actually work, but having followed your questions on the postfix ml and your interests in using reject_unverified_recipient and its cache with lmtp, it would be very unwise to cache deliverability on the postfix side based on sieve results, since sieve is able to reject/bounce on any part of the message including message body contents and such. This could lead to very unpredictable rejects to unrelated messages, since the cache could obtain reject policies from sieve for a recipient based on a single rejected message containing the word ''. -- Tom From cr at sys4.de Tue Nov 6 10:29:42 2012 From: cr at sys4.de (=?iso-8859-1?Q?Christian_R=F6=DFner?=) Date: Tue, 6 Nov 2012 09:29:42 +0100 Subject: [Dovecot] sieve In-Reply-To: <5098C7E6.7090903@whyscream.net> References: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> <5098C7E6.7090903@whyscream.net> Message-ID: Hi, >> but I am looking for a mechanism that can reject Mail. Postfix can >> use reject_unverified_recipient to connect to LMTP and ask if a mail >> would successfully be enqueued and will return the status gotten from >> the LMTP server if not. Chances are high that the mechanism would >> work, too, if Dovecot would know about the sieve rule, while getting >> a connection on LMTP. Does Dovecot know all rules at this point or is >> sieve handled after the mail has already been accepted? >> > > I have no idea if your above idea would actually work, but having > followed your questions on the postfix ml and your interests in using > reject_unverified_recipient and its cache with lmtp, it would be very > unwise to cache deliverability on the postfix side based on sieve > results, since sieve is able to reject/bounce on any part of the message > including message body contents and such. yes I know what you mean. The problem is that a user can decide to "reject" not based on "from" leading in rejects to other mails coming in to the same user. Probably a problem. The idea came up, as I work for a little ISP/ESP here. Sometimes I get calls, where I get asked if I could reject mails from "xyz". And with a robut good working mechanism, where people could reject on their on decisions would make things easier. So I thought about sieve as being a workable solution. Another solution would be to write some kind of milter/policy-service with a web-interface, where people can reject mails directly on the postfix side. But this is a lot of work. Kind regards -Christian R??ner -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From rs at sys4.de Tue Nov 6 10:47:15 2012 From: rs at sys4.de (Robert Schetterer) Date: Tue, 06 Nov 2012 09:47:15 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: <20121106060831.GA37663@anubis.morrow.me.uk> References: <20121106060831.GA37663@anubis.morrow.me.uk> Message-ID: <5098CE93.8060101@sys4.de> Am 06.11.2012 07:08, schrieb Ben Morrow: > At 6AM +0100 on 6/11/12 you (Massimiliano Cianelli) wrote: >> Hi, >> >> My setup: >> Dovecot 2 latest, installed to replace courrier IMAP, and off course >> configured with the dot separator and all folder under INBOX.*. >> >> The problem: >> My phone was driving me mad during the test, due that it will only >> recognize Inbox. >> >> How found the solution: >> I've started sniffing IMAP traffic on my server and ended up with one >> difference: >> On courier it ask for namespace, on dovecot it won't. >> >> I gives a better look, and noticed that courier show namespace >> capability on prelogin banner, adding it too solved the problem. >> >> Reason: >> Android ICS stock client seems do not honor the capability gived after >> the login. > > See http://wiki2.dovecot.org/Upgrading/2.0?highlight=%28capability%29 ; > you need to set imap_capability and/or get your client fixed. > > Ben > Hi, first ,what is the exact meaning of "Android ICS stock client" do you mean default included email client in standard android in imap mode, when yes, which version of Android , i like to test my own however is there changelog/code etc at google for this behave? conf example # Override the IMAP CAPABILITY response. If the value begins with '+', # add the given capabilities on top of the defaults (e.g. +XFOO XBAR). #imap_capability = setting stuff here might be complex , or lead to trouble with other clients, if setting this might fix problems ,with clients it should be advised in the wiki/example-conf and/or Timo or the other way ,for massive used clients there should be a seperate workaround section in the conf But fixing behave clients should be prime option anyway Meanwhile use K9mail in Android as best free option in imap mode servers Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From skdovecot at smail.inf.fh-brs.de Tue Nov 6 11:09:20 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Tue, 6 Nov 2012 10:09:20 +0100 (CET) Subject: [Dovecot] sieve In-Reply-To: References: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> <5098C7E6.7090903@whyscream.net> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 6 Nov 2012, Christian R??ner wrote: >>> but I am looking for a mechanism that can reject Mail. Postfix can >>> use reject_unverified_recipient to connect to LMTP and ask if a mail >>> would successfully be enqueued and will return the status gotten from >>> the LMTP server if not. Chances are high that the mechanism would >>> work, too, if Dovecot would know about the sieve rule, while getting >>> a connection on LMTP. Does Dovecot know all rules at this point or is >>> sieve handled after the mail has already been accepted? That is actually the point. As far as I know, all MTAs have already accepted the message, before they try to deliver it. If delivering fails, they queue them for retry. >> I have no idea if your above idea would actually work, but having >> followed your questions on the postfix ml and your interests in using >> reject_unverified_recipient and its cache with lmtp, it would be very >> unwise to cache deliverability on the postfix side based on sieve >> results, since sieve is able to reject/bounce on any part of the message >> including message body contents and such. > > yes I know what you mean. The problem is that a user can decide to > "reject" not based on "from" leading in rejects to other mails coming in > to the same user. Probably a problem. Dunno about that discussion, did it included messages to multiple recipients, of which some reject and some accept the message? In SMTP you cannot individually fail a message after DATA phase. > The idea came up, as I work for a little ISP/ESP here. Sometimes I get calls, where I get asked if I could reject mails from "xyz". And with a robut good working mechanism, where people could reject on their on decisions would make things easier. So I thought about sieve as being a workable solution. > > Another solution would be to write some kind of milter/policy-service > with a web-interface, where people can reject mails directly on the > postfix side. But this is a lot of work. Look at CanIT / MIMEDefang. Kind regards, - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBUJjTwGoxLS8a3A9mAQKCuggAnAvnsShCbbEQGDgsR93aIg+Vc1w9HC7m NKWddvYIXRgTKC0qr6QM4tqkCIrtGVviylp+wFwyI+9ZvLx5t+3f8JFKHg0hO5MM Sbuu0ZmjCbm9STkNv2xvl72TBh5IWpByeKQt6fJQ5aT1f0Iqxo6i0+/Q0eoi5p82 HDgx27ASAtUqCHf+iPUg8G/FSndxxEcOvrSACn+hLfv71YU2iovgYTZazLt3u4pz hSWMQkpQyBwCxj75bz6y72sJxyMtd7XOMV5lGHumbSX6jg7WdI/cCScv14d2Uh5S D6yNya6+WB3AIGFg+NK9LuSz6IBq/eqIJivTGWvljOOIYsONnT8hbg== =/nYA -----END PGP SIGNATURE----- From rs at sys4.de Tue Nov 6 11:25:51 2012 From: rs at sys4.de (Robert Schetterer) Date: Tue, 06 Nov 2012 10:25:51 +0100 Subject: [Dovecot] sieve In-Reply-To: References: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> <5098C7E6.7090903@whyscream.net> Message-ID: <5098D79F.9080707@sys4.de> Am 06.11.2012 10:09, schrieb Steffen Kaiser: > Another solution would be to write some kind of milter/policy-service > with a web-interface, where people can reject mails directly on the > postfix side. But this is a lot of work. it existed in horde 3 ingo, no idea for horde 5 stable https://github.com/wrobel/horde-fw3/blob/master/ingo/scripts/ingo-postfix-policyd but if used you cant have ingo as sieve gui too at my knowledege i suggested cloning this as on own horde module like "blocker" etc long time ago but i cant code it my own anyway having such gui option for a reject policy server included in some webmail or postfixadmin , modoboa.org would be a really good idea Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From berni at birkenwald.de Tue Nov 6 11:38:14 2012 From: berni at birkenwald.de (Bernhard Schmidt) Date: Tue, 6 Nov 2012 09:38:14 +0000 (UTC) Subject: [Dovecot] LDAP congestion Message-ID: Hello, I've been asked to have a look at a misbehaving mail server of some colleagues today where almost all logins where failing or excessively delayed, while the LDAP database itself was pretty fast. They run Dovecot 1.2.11 (yes, I know, stoneage) against an LDAP server run by a 3rd party, auth_bind=yes (required). The problem is that this third party LDAP server delays bindResponse 3 seconds when the password is wrong. A user wanted to login every 2-3 seconds this morning with the wrong password, which effectively killed the system because the LDAP connection was mostly stalled waiting for the auth timeout. >From a previous discussion with Timo I know that bindRequests cannot be parallelized in LDAP, so the problem does not come completely unexpected. Other than removing the failure delay in the LDAP server, is there anything one can do? If there is any change in newer Dovecot versions about that please tell me so I can encourage them to upgrade, but I haven't seen anything in the changelog. Any way to get several LDAP workers/connections for passdb in parallel? Thanks, Bernhard From radikn at seznam.cz Tue Nov 6 12:00:20 2012 From: radikn at seznam.cz (=?UTF-8?Q?Radek_Novotn=C3=BD?=) Date: Tue, 06 Nov 2012 11:00:20 +0100 Subject: [Dovecot] sieve In-Reply-To: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> References: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> Message-ID: <8fc7635340b15e568a9845c7fa7dbeae@r-n.cz> May be, that solution of yout problem is mailfromd http://puszcza.gnu.org.ua/software/mailfromd/ Dne 6.11.2012 08:59, Christian R??ner napsal: > Hi, > > is there a sieve option that can reject a mail directly without > creating a new mail and sending that out? I know about > > reject "Reject message goes here"; > > but I am looking for a mechanism that can reject Mail. Postfix can > use reject_unverified_recipient to connect to LMTP and ask if a mail > would successfully be enqueued and will return the status gotten from > the LMTP server if not. Chances are high that the mechanism would > work, too, if Dovecot would know about the sieve rule, while getting > a > connection on LMTP. Does Dovecot know all rules at this point or is > sieve handled after the mail has already been accepted? > > Kind regards > > -Christian R??ner > > -- > [*] sys4 AG > > http://sys4.de, +49 (89) 30 90 46 64 > Franziskanerstra?e 15, 81669 M?nchen > > Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 > Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer > Aufsichtsratsvorsitzender: Joerg Heidrich From amateo at um.es Tue Nov 6 13:08:05 2012 From: amateo at um.es (Angel L. Mateo) Date: Tue, 06 Nov 2012 12:08:05 +0100 Subject: [Dovecot] Auth USER lookup failed Message-ID: <5098EF95.8060005@um.es> Hello, I'm running dovecot 2.1.9 and I'm trying to configure shared folders. So, as described at http://wiki2.dovecot.org/SharedMailboxes/Shared I have configured a namespace like this: namespace { type = shared separator = / prefix = shared/%%u/ location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u subscriptions = no list = yes } In one user (user1) I have configured ACLs so another one (user2) has access to a folder. Now, I want to susbscribe user2 to this folder. The problem I have is that whenever I try to list folders for this user (running thunderbird client) I get a panic and an error in the dovecot server (I have attached the complete log). The error says: Nov 6 11:58:56 myotis30 dovecot: auth: Error: userdb(user1): client doesn't have lookup permissions for this user: userdb uid (113246) doesn't match peer uid (14585) (change userdb socket permissions) Nov 6 11:58:56 myotis30 dovecot: auth: Debug: master out: FAIL#0112 Nov 6 11:58:56 myotis30 dovecot: imap(user2): Error: user user1: Auth USER lookup failed Nov 6 11:58:56 myotis30 dovecot: imap(user2): Debug: auth input: Nov 6 11:58:56 myotis30 dovecot: imap(user2): Error: Couldn't create namespace 'shared/' for user user1: userdb didn't return a home directory, but plugin setting quota used it (%h): dict:User quota::file:%h/Maildir/dovecot.quota It seems that imap process running for user2 is trying to a user lookup that fails. So I have manually tried it root at myotis30:/etc/dovecot/conf.d# sudo -u user2 doveadm user user2 userdb: user2 home : uid : 14585 gid : 404 root at myotis30:/etc/dovecot/conf.d# sudo -u user2 doveadm user user1 doveadm(user2): Error: user user1: Auth USER lookup failed doveadm(user2): Error: userdb lookup failed for user1 I have checked the socket permissions, but they are 0666 (if I'm looking the right socket): root at myotis30:/etc/dovecot/conf.d# ls -l /var/run/dovecot/auth-userdb srwxrwxrwx 1 dovecot root 0 nov 6 11:43 /var/run/dovecot/auth-userdb In fact, I have tried to put all sockets with permissions 0666 and 0777, but the error persists. Any idea? -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n y las Comunicaciones Aplicadas (ATICA) http://www.um.es/atica Tfo: 868889150 Fax: 868888337 -------------- next part -------------- Nov 6 11:58:55 myotis30 dovecot: auth: Debug: master in: USER#0111#011user1#011service=imap Nov 6 11:58:55 myotis30 dovecot: auth: Debug: prefetch(user1): passdb didn't return userdb entries, trying the next userdb Nov 6 11:58:55 myotis30 dovecot: auth: Debug: userdb-cache(user1): hit: user1#011home=/home/alumnos/46/113246#011uid=113246#011gid=1001#011quota_rule=*:storage=10G Nov 6 11:58:55 myotis30 dovecot: auth: Error: userdb(user1): client doesn't have lookup permissions for this user: userdb uid (113246) doesn't match peer uid (14585) (change userdb socket permissions) Nov 6 11:58:55 myotis30 dovecot: auth: Debug: master out: FAIL#0111 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Error: user user1: Auth USER lookup failed Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: auth input: Nov 6 11:58:55 myotis30 dovecot: imap(user2): Error: Couldn't create namespace 'shared/' for user user1: userdb didn't return a home directory, but plugin setting quota used it (%h): dict:User quota::file:%h/Maildir/dovecot.quota Nov 6 11:58:55 myotis30 dovecot: auth: Debug: master in: USER#0112#011user1#011service=imap Nov 6 11:58:55 myotis30 dovecot: auth: Debug: prefetch(user1): passdb didn't return userdb entries, trying the next userdb Nov 6 11:58:55 myotis30 dovecot: auth: Debug: userdb-cache(user1): hit: user1#011home=/home/alumnos/46/113246#011uid=113246#011gid=1001#011quota_rule=*:storage=10G Nov 6 11:58:55 myotis30 dovecot: auth: Error: userdb(user1): client doesn't have lookup permissions for this user: userdb uid (113246) doesn't match peer uid (14585) (change userdb socket permissions) Nov 6 11:58:55 myotis30 dovecot: auth: Debug: master out: FAIL#0112 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Error: user user1: Auth USER lookup failed Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: auth input: Nov 6 11:58:55 myotis30 dovecot: imap(user2): Error: Couldn't create namespace 'shared/' for user user1: userdb didn't return a home directory, but plugin setting quota used it (%h): dict:User quota::file:%h/Maildir/dovecot.quota Nov 6 11:58:55 myotis30 dovecot: imap(user2): Warning: Subscriptions file /home/pas/85/014585/Maildir/subscriptions: Removing invalid entry: shared/user1/kk Nov 6 11:58:55 myotis30 dovecot: imap(user2): Panic: shared mailbox list: Can't return a temp prefix for 'shared/' Nov 6 11:58:55 myotis30 dovecot: imap(user2): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x3f9ca) [0x7f1a5770c9ca] -> /usr/lib/dovecot/libdovecot.so.0(+0x3fa0e) [0x7f1a5770ca0e] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f1a576e0d90] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x2991d) [0x7f1a5798291d] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_list_subscriptions_refresh+0x2c1) [0x7f1a579dd801] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_list_iter_init_multiple+0x71) [0x7f1a579d0dc1] -> dovecot/imap(+0xd598) [0x7f1a57e84598] -> dovecot/imap(cmd_list_full+0x4b8) [0x7f1a57e84bb8] -> dovecot/imap(command_exec+0x3d) [0x7f1a57e8949d] -> dovecot/imap(+0x114ee) [0x7f1a57e884ee] -> dovecot/imap(+0x115c5) [0x7f1a57e885c5] -> dovecot/imap(client_handle_input+0x125) [0x7f1a57e88815] -> dovecot/imap(client_input+0x65) [0x7f1a57e890f5] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x36) [0x7f1a57719946] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xa7) [0x7f1a5771a637] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7f1a57719358] -> /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f1a57704fe3] -> dovecot/imap(main+0x295) [0x7f1a57e807e5] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed) [0x7f1a5732f76d] -> dovecot/imap(+0x9969) [0x7f1a57e80969] Nov 6 11:58:55 myotis30 dovecot: imap(user2): Fatal: master: service(imap): child 6604 killed with signal 6 (core dumps disabled) Nov 6 11:58:55 myotis30 dovecot: auth: Debug: auth client connected (pid=6657) Nov 6 11:58:55 myotis30 dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=imap#011session=zbsBfdHN9ACbNkMF#011lip=155.54.211.169#011rip=155.54.67.5#011lport=143#011rport=56308 Nov 6 11:58:55 myotis30 dovecot: auth: Debug: client out: CONT#0111#011 Nov 6 11:58:55 myotis30 dovecot: auth: Debug: client in: CONT Nov 6 11:58:55 myotis30 dovecot: auth: Debug: cache(user2,155.54.67.5,): hit: #011userdb_home=/home/pas/85/014585#011userdb_uid=14585#011userdb_gid=404 Nov 6 11:58:55 myotis30 dovecot: auth: Debug: client out: OK#0111#011user=user2 Nov 6 11:58:55 myotis30 dovecot: auth: Debug: master in: REQUEST#0111406664705#0116657#0111#0117c7aa4c4342037d77879c13562726d53 Nov 6 11:58:55 myotis30 dovecot: auth: Debug: prefetch(user2,155.54.67.5,): success Nov 6 11:58:55 myotis30 dovecot: auth: Debug: master out: USER#0111406664705#011user2#011home=/home/pas/85/014585#011uid=14585#011gid=404 Nov 6 11:58:55 myotis30 dovecot: imap: Debug: Loading modules from directory: /usr/lib/dovecot/modules Nov 6 11:58:55 myotis30 dovecot: imap: Debug: Module loaded: /usr/lib/dovecot/modules/lib01_acl_plugin.so Nov 6 11:58:55 myotis30 dovecot: imap: Debug: Module loaded: /usr/lib/dovecot/modules/lib02_imap_acl_plugin.so Nov 6 11:58:55 myotis30 dovecot: imap: Debug: Module loaded: /usr/lib/dovecot/modules/lib02_lazy_expunge_plugin.so Nov 6 11:58:55 myotis30 dovecot: imap: Debug: Module loaded: /usr/lib/dovecot/modules/lib10_quota_plugin.so Nov 6 11:58:55 myotis30 dovecot: imap: Debug: Module loaded: /usr/lib/dovecot/modules/lib11_imap_quota_plugin.so Nov 6 11:58:55 myotis30 dovecot: imap: Debug: Module loaded: /usr/lib/dovecot/modules/lib20_zlib_plugin.so Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: Effective uid=14585, gid=404, home=/home/pas/85/014585 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl: No acl_shared_dict setting - shared mailbox listing is disabled Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: Quota root: name=User quota backend=dict args=:file:/home/pas/85/014585/Maildir/dovecot.quota Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: Quota rule: root=User quota mailbox=* bytes=10737418240 messages=0 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: Quota rule: root=User quota mailbox=Trash bytes=+1073741824 messages=0 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: dict quota: user=user2, uri=file:/home/pas/85/014585/Maildir/dovecot.quota, noenforcing=0 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: Namespace : type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:~/Maildir:INDEX=/var/indexes/user2 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: maildir++: root=/home/pas/85/014585/Maildir, index=/var/indexes/user2, control=, inbox=/home/pas/85/014585/Maildir, alt= Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl: initializing backend with data: vfile Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl: acl username = user2 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl: owner = 1 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl vfile: Global ACL directory: (none) Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: Namespace : type=shared, prefix=shared/%u/, sep=/, inbox=no, hidden=no, list=yes, subscriptions=no location=maildir:%h/Maildir:INDEX=~/Maildir/shared/%u Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: shared: root=/var/run/dovecot, index=, control=, inbox=, alt= Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl: initializing backend with data: vfile Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl: acl username = user2 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl: owner = 0 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl vfile: Global ACL directory: (none) Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: Namespace : type=private, prefix=BORRADOS/, sep=/, inbox=no, hidden=no, list=no, subscriptions=yes location=maildir:~/Maildir/expunged/ Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: maildir++: root=/home/pas/85/014585/Maildir/expunged, index=, control=, inbox=, alt= Nov 6 11:58:55 myotis30 dovecot: imap-login: Login: user=, method=PLAIN, rip=155.54.67.5, lip=155.54.211.169, mpid=6633, session= Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl: initializing backend with data: vfile Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl: acl username = user2 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl: owner = 1 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl vfile: Global ACL directory: (none) Nov 6 11:58:56 myotis30 dovecot: auth: Debug: master in: USER#0111#011user1#011service=imap Nov 6 11:58:56 myotis30 dovecot: auth: Debug: prefetch(user1): passdb didn't return userdb entries, trying the next userdb Nov 6 11:58:56 myotis30 dovecot: auth: Debug: userdb-cache(user1): hit: user1#011home=/home/alumnos/46/113246#011uid=113246#011gid=1001#011quota_rule=*:storage=10G Nov 6 11:58:56 myotis30 dovecot: auth: Error: userdb(user1): client doesn't have lookup permissions for this user: userdb uid (113246) doesn't match peer uid (14585) (change userdb socket permissions) Nov 6 11:58:56 myotis30 dovecot: auth: Debug: master out: FAIL#0111 Nov 6 11:58:56 myotis30 dovecot: imap(user2): Error: user user1: Auth USER lookup failed Nov 6 11:58:56 myotis30 dovecot: imap(user2): Debug: auth input: Nov 6 11:58:56 myotis30 dovecot: imap(user2): Error: Couldn't create namespace 'shared/' for user user1: userdb didn't return a home directory, but plugin setting quota used it (%h): dict:User quota::file:%h/Maildir/dovecot.quota Nov 6 11:58:56 myotis30 dovecot: auth: Debug: master in: USER#0112#011user1#011service=imap Nov 6 11:58:56 myotis30 dovecot: auth: Debug: prefetch(user1): passdb didn't return userdb entries, trying the next userdb Nov 6 11:58:56 myotis30 dovecot: auth: Debug: userdb-cache(user1): hit: user1#011home=/home/alumnos/46/113246#011uid=113246#011gid=1001#011quota_rule=*:storage=10G Nov 6 11:58:56 myotis30 dovecot: auth: Error: userdb(user1): client doesn't have lookup permissions for this user: userdb uid (113246) doesn't match peer uid (14585) (change userdb socket permissions) Nov 6 11:58:56 myotis30 dovecot: auth: Debug: master out: FAIL#0112 Nov 6 11:58:56 myotis30 dovecot: imap(user2): Error: user user1: Auth USER lookup failed Nov 6 11:58:56 myotis30 dovecot: imap(user2): Debug: auth input: Nov 6 11:58:56 myotis30 dovecot: imap(user2): Error: Couldn't create namespace 'shared/' for user user1: userdb didn't return a home directory, but plugin setting quota used it (%h): dict:User quota::file:%h/Maildir/dovecot.quota Nov 6 11:58:56 myotis30 dovecot: imap(user2): Warning: Subscriptions file /home/pas/85/014585/Maildir/subscriptions: Removing invalid entry: shared/user1/kk Nov 6 11:58:56 myotis30 dovecot: imap(user2): Panic: shared mailbox list: Can't return a temp prefix for 'shared/' Nov 6 11:58:56 myotis30 dovecot: imap(user2): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x3f9ca) [0x7effec3dd9ca] -> /usr/lib/dovecot/libdovecot.so.0(+0x3fa0e) [0x7effec3dda0e] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7effec3b1d90] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x2991d) [0x7effec65391d] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_list_subscriptions_refresh+0x2c1) [0x7effec6ae801] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_list_iter_init_multiple+0x71) [0x7effec6a1dc1] -> dovecot/imap(+0xd598) [0x7effecb55598] -> dovecot/imap(cmd_list_full+0x4b8) [0x7effecb55bb8] -> dovecot/imap(command_exec+0x3d) [0x7effecb5a49d] -> dovecot/imap(+0x114ee) [0x7effecb594ee] -> dovecot/imap(+0x115c5) [0x7effecb595c5] -> dovecot/imap(client_handle_input+0x125) [0x7effecb59815] -> dovecot/imap(client_input+0x65) [0x7effecb5a0f5] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x36) [0x7effec3ea946] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xa7) [0x7effec3eb637] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7effec3ea358] -> /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7effec3d5fe3] -> dovecot/imap(main+0x295) [0x7effecb517e5] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed) [0x7effec00076d] -> dovecot/imap(+0x9969) [0x7effecb51969] Nov 6 11:58:56 myotis30 dovecot: imap(user2): Fatal: master: service(imap): child 6633 killed with signal 6 (core dumps disabled) Nov 6 11:59:06 myotis30 dovecot: auth: Debug: auth client connected (pid=6659) Nov 6 11:59:06 myotis30 dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=155.54.211.187, lip=155.54.211.169, secured, session= Nov 6 11:59:06 myotis30 dovecot: auth: Debug: auth client connected (pid=6660) Nov 6 11:59:06 myotis30 dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=155.54.211.187, lip=155.54.211.169, secured, session=<3+ihfdHNbwCbNtO7> -------------- next part -------------- # 2.1.9: /etc/dovecot/dovecot.conf # OS: Linux 3.4.0-030400-generic x86_64 Ubuntu 12.04.1 LTS auth_anonymous_username = anonymous auth_cache_negative_ttl = 1 hours auth_cache_size = 20 M auth_cache_ttl = 1 days auth_debug = yes auth_debug_passwords = no auth_default_realm = auth_failure_delay = 2 secs auth_first_valid_uid = 500 auth_gssapi_hostname = auth_krb5_keytab = auth_last_valid_uid = 0 auth_master_user_separator = * auth_mechanisms = plain auth_proxy_self = auth_realms = auth_socket_path = auth-userdb auth_ssl_require_client_cert = no auth_ssl_username_from_cert = no auth_use_winbind = no auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ auth_username_format = %Lu auth_username_translation = auth_verbose = yes auth_verbose_passwords = no auth_winbind_helper_path = /usr/bin/ntlm_auth auth_worker_max_count = 30 base_dir = /var/run/dovecot config_cache_size = 1 M debug_log_path = default_client_limit = 1000 default_idle_kill = 1 mins default_internal_user = dovecot default_login_user = dovenull default_process_limit = 1000 default_vsz_limit = 256 M deliver_log_format = msgid=%m: %$ dict_db_config = director_doveadm_port = 0 director_mail_servers = director_servers = director_user_expire = 15 mins director_username_hash = %u disable_plaintext_auth = no dotlock_use_excl = yes doveadm_allowed_commands = doveadm_password = doveadm_proxy_port = 0 doveadm_socket_path = doveadm-server doveadm_worker_count = 0 dsync_alt_char = _ dsync_remote_cmd = ssh -l%{login} %{host} doveadm dsync-server -u%u -l%{lock_timeout} -n%{namespace} first_valid_gid = 1 first_valid_uid = 500 hostname = imap_capability = imap_client_workarounds = imap_id_log = imap_id_send = imap_idle_notify_interval = 2 mins imap_logout_format = in=%i out=%o imap_max_line_length = 64 k imapc_features = imapc_host = imapc_list_prefix = imapc_master_user = imapc_password = imapc_port = 143 imapc_rawlog_dir = imapc_ssl = no imapc_ssl_ca_dir = imapc_ssl_verify = yes imapc_user = %u import_environment = TZ info_log_path = instance_name = dovecot last_valid_gid = 0 last_valid_uid = 0 lda_mailbox_autocreate = no lda_mailbox_autosubscribe = no lda_original_recipient_header = libexec_dir = /usr/lib/dovecot listen = *, :: lmtp_address_translate = lmtp_proxy = no lmtp_save_to_detail_mailbox = no lock_method = fcntl log_path = syslog log_timestamp = %Y-%m-%d %H:%M:%S login_access_sockets = login_greeting = Dovecot ready. login_log_format = %$: %s login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c session=<%{session}> login_trusted_networks = 155.54.211.176/28 mail_access_groups = mail_attachment_dir = mail_attachment_fs = sis posix mail_attachment_hash = %{sha1} mail_attachment_min_size = 128 k mail_cache_fields = flags mail_cache_min_mail_count = 0 mail_chroot = mail_debug = yes mail_fsync = optimized mail_full_filesystem_access = no mail_gid = mail_home = mail_location = maildir:~/Maildir:INDEX=/var/indexes/%n mail_log_prefix = "%s(%u): " mail_max_keyword_length = 50 mail_max_lock_timeout = 0 mail_max_userip_connections = 10 mail_never_cache_fields = imap.envelope mail_nfs_index = no mail_nfs_storage = no mail_plugin_dir = /usr/lib/dovecot/modules mail_plugins = quota zlib lazy_expunge acl mail_prefetch_count = 0 mail_privileged_group = mail mail_save_crlf = no mail_shared_explicit_inbox = yes mail_temp_dir = /tmp mail_temp_scan_interval = 1 weeks mail_uid = mailbox_idle_check_interval = 30 secs mailbox_list_index = no maildir_broken_filename_sizes = no maildir_copy_with_hardlinks = yes maildir_stat_dirs = no maildir_very_dirty_syncs = yes managesieve_client_workarounds = managesieve_implementation_string = Dovecot Pigeonhole managesieve_logout_format = bytes=%i/%o managesieve_max_compile_errors = 5 managesieve_max_line_length = 65536 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave imapflags master_user_separator = mbox_dirty_syncs = yes mbox_dotlock_change_timeout = 2 mins mbox_lazy_writes = yes mbox_lock_timeout = 5 mins mbox_md5 = apop3d mbox_min_index_size = 0 mbox_read_locks = fcntl mbox_very_dirty_syncs = no mbox_write_locks = dotlock fcntl mdbox_preallocate_space = no mdbox_rotate_interval = 0 mdbox_rotate_size = 20 M mmap_disable = no namespace { hidden = no ignore_on_failure = no inbox = yes list = yes location = prefix = separator = / subscriptions = yes type = private } namespace { hidden = no ignore_on_failure = no inbox = no list = yes location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u prefix = shared/%%u/ separator = / subscriptions = no type = shared } namespace { hidden = no ignore_on_failure = no inbox = no list = no location = maildir:~/Maildir/expunged/ prefix = BORRADOS/ separator = / subscriptions = yes type = private } passdb { args = /etc/dovecot/master-users default_fields = deny = no driver = passwd-file master = yes override_fields = pass = yes } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext default_fields = deny = no driver = ldap master = no override_fields = pass = no } passdb { args = session=yes dovecot default_fields = deny = no driver = pam master = no override_fields = pass = no } plugin { acl = vfile lazy_expunge = BORRADOS/ quota = dict:User quota::file:%h/Maildir/dovecot.quota quota_rule = *:storage=10G quota_rule2 = Trash:storage=+1G sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = +imapflags sieve_max_redirects = 15 zlib_save = gz zlib_save_level = 6 } pop3_client_workarounds = pop3_enable_last = no pop3_fast_size_lookups = no pop3_lock_session = no pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s pop3_no_flag_updates = no pop3_reuse_xuidl = no pop3_save_uidl = no pop3_uidl_duplicates = allow pop3_uidl_format = %08Xu%08Xv pop3c_host = pop3c_master_user = pop3c_password = pop3c_port = 110 pop3c_rawlog_dir = pop3c_ssl = no pop3c_ssl_ca_dir = pop3c_ssl_verify = yes pop3c_user = %u postmaster_address = postmaster at um.es protocols = imap pop3 lmtp sieve quota_full_tempfail = no recipient_delimiter = + rejection_reason = Your message to <%t> was automatically rejected:%n%r rejection_subject = Rejected: %s replication_full_sync_interval = 12 hours replication_max_conns = 10 replicator_host = replicator replicator_port = 0 sendmail_path = /usr/sbin/sendmail service aggregator { chroot = . client_limit = 0 drop_priv_before_exec = no executable = aggregator extra_groups = fifo_listener replication-notify-fifo { group = mode = 0600 user = } group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener replication-notify { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service anvil { chroot = empty client_limit = 2003 drop_priv_before_exec = no executable = anvil extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 1 protocol = service_count = 0 type = anvil unix_listener anvil-auth-penalty { group = mode = 0600 user = } unix_listener anvil { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service auth-worker { chroot = client_limit = 1 drop_priv_before_exec = no executable = auth -w extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 1 type = unix_listener auth-worker { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service auth { chroot = client_limit = 3000 drop_priv_before_exec = no executable = auth extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener auth-client { group = mode = 0600 user = } unix_listener auth-login { group = mode = 0600 user = $default_internal_user } unix_listener auth-master { group = mode = 0600 user = } unix_listener auth-userdb { group = mode = 0666 user = $default_internal_user } unix_listener login/login { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service config { chroot = client_limit = 0 drop_priv_before_exec = no executable = config extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = config unix_listener config { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service dict { chroot = client_limit = 1 drop_priv_before_exec = no executable = dict extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dict { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service director { chroot = . client_limit = 0 drop_priv_before_exec = no executable = director extra_groups = fifo_listener login/proxy-notify { group = mode = 00 user = } group = idle_kill = 4294967295 secs inet_listener { address = port = 0 ssl = no } privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener director-admin { group = mode = 0600 user = } unix_listener director-userdb { group = mode = 0600 user = } unix_listener login/director { group = mode = 00 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service dns_client { chroot = client_limit = 1 drop_priv_before_exec = no executable = dns-client extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dns-client { group = mode = 0666 user = } unix_listener login/dns-client { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service doveadm { chroot = client_limit = 1 drop_priv_before_exec = no executable = doveadm-server extra_groups = group = idle_kill = 0 inet_listener { address = port = 24245 ssl = no } privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 1 type = unix_listener doveadm-server { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service imap-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = imap-login extra_groups = group = idle_kill = 0 inet_listener imap { address = port = 143 ssl = no } inet_listener imaps { address = port = 993 ssl = yes } privileged_group = process_limit = 0 process_min_avail = 0 protocol = imap service_count = 1 type = login user = $default_login_user vsz_limit = 18446744073709551615 B } service imap { chroot = client_limit = 1 drop_priv_before_exec = no executable = imap extra_groups = group = idle_kill = 0 privileged_group = process_limit = 5120 process_min_avail = 2 protocol = imap service_count = 1 type = unix_listener login/imap { group = mode = 0666 user = } user = vsz_limit = 512 M } service indexer-worker { chroot = client_limit = 1 drop_priv_before_exec = no executable = indexer-worker extra_groups = group = idle_kill = 0 privileged_group = process_limit = 10 process_min_avail = 0 protocol = service_count = 0 type = unix_listener indexer-worker { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service indexer { chroot = client_limit = 0 drop_priv_before_exec = no executable = indexer extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener indexer { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service ipc { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = ipc extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener ipc { group = mode = 0600 user = dovecot } unix_listener login/ipc-proxy { group = mode = 0600 user = $default_login_user } user = $default_internal_user vsz_limit = 18446744073709551615 B } service lmtp { chroot = client_limit = 1 drop_priv_before_exec = no executable = lmtp extra_groups = group = idle_kill = 0 inet_listener lmtp { address = port = 24 ssl = no } privileged_group = process_limit = 0 process_min_avail = 10 protocol = lmtp service_count = 0 type = unix_listener lmtp { group = mode = 0666 user = } user = vsz_limit = 512 M } service log { chroot = client_limit = 0 drop_priv_before_exec = no executable = log extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = log unix_listener log-errors { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service managesieve-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = managesieve-login extra_groups = group = idle_kill = 0 inet_listener sieve { address = port = 4190 ssl = no } privileged_group = process_limit = 0 process_min_avail = 0 protocol = sieve service_count = 1 type = login user = $default_login_user vsz_limit = 18446744073709551615 B } service managesieve { chroot = client_limit = 1 drop_priv_before_exec = no executable = managesieve extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = sieve service_count = 1 type = unix_listener login/sieve { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service pop3-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = pop3-login extra_groups = group = idle_kill = 0 inet_listener pop3 { address = port = 110 ssl = no } inet_listener pop3s { address = port = 995 ssl = yes } privileged_group = process_limit = 0 process_min_avail = 0 protocol = pop3 service_count = 1 type = login user = $default_login_user vsz_limit = 18446744073709551615 B } service pop3 { chroot = client_limit = 1 drop_priv_before_exec = no executable = pop3 extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1024 process_min_avail = 2 protocol = pop3 service_count = 1 type = unix_listener login/pop3 { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service replicator { chroot = client_limit = 0 drop_priv_before_exec = no executable = replicator extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener replicator { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service ssl-params { chroot = client_limit = 0 drop_priv_before_exec = no executable = ssl-params extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = startup unix_listener login/ssl-params { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service stats { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = stats extra_groups = fifo_listener stats-mail { group = mode = 0600 user = } group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener stats { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } shutdown_clients = yes ssl = no ssl_ca = ssl_cert = Hello, we are running dovecot 2.0.4 on openSuse 11.2. mailboxes are in mdbox-format on local filesystem. we had a powerfailure resulting in many corrupted files and i had to restore some mailboxes. as descibed in wiki, i tried : doveadm import -u mdbox:/path/to/backup//mdbox INBOX all or doveadm import -u mdbox:/path/to/backup//mdbox mdbox:/path/to/mailbox//mdbox all all i get is : usage: doveadm [-Dv] [-f ] [] altmove [-u |-A] auth [-a ] [-x ] [] config [doveconf parameters] director add|flush|map|remove|status dump [-t ] expunge [-u |-A] fetch [-u |-A] force-resync [-u |-A] help kick [-a ] [-f] [|] log find|reopen|test mailbox create|delete|list|mutf7|rename|status|subscribe|unsubscribe penalty [-a ] [] purge [-u |-A] pw [-l] [-p plaintext] [-r rounds] [-s scheme] [-u user] [-V] quota get|recalc reload search [-u |-A] stop user [-a ] [-x ] [...] who [-a ] [-1] [] [] any idea, whats the problem? kind regards Andreas Thomsen -- DAD Deutscher Adressdienst GmbH Alter Wall 65 20457 Hamburg Postfach 11 35 58 20435 Hamburg Deutschland Tel. 0049 (0)40 7511990 Fax 0049 (0)40 75119911 Amtsgericht Hamburg HRB 88115 Gesch?ftsf?hrerin: Daniela Kunst Steuernummer 48/714/02030 Ust-IdNr. DE813739877 From tss at iki.fi Tue Nov 6 14:17:21 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 6 Nov 2012 14:17:21 +0200 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> Message-ID: On 6.11.2012, at 3.49, Michael J Rubinsky wrote: >> That would require infinitely storing the modseq of when each message >> was expunged. Not very nice. Also the RFC talks a lot about this >> situation. The SELECT command has two optional parameters to optimize >> it. > > The RFC *does* indicate that a server implementation could, strictly speaking, be considered in compliance without remembering modsequences for all expunged messages, but it does explicitly discourage such implementations. From RFC 5162 [4.1]: > > Strictly speaking, a server implementation that doesn't remember mod- > sequences associated with expunged messages can be considered > compliant with this specification. Such implementations return all > expunged messages specified in the UID set of the UID FETCH > (VANISHED) command every time, without paying attention to the > specified CHANGEDSINCE mod-sequence. Such implementations are > discouraged, as they can end up returning VANISHED responses that are > bigger than the result of a UID SEARCH command for the same UID set. This is talking about a server that doesn't permanently remember ANY modseqs for expunges. Dovecot remembers them, not not infinitely. > It also gives advice to avoid infinitely storing the modsequences such as "expiring" sequences associated with older expunged messages, but assigning a single modsequence value to all of the expired expunged messages. Dovecot behaves as the section 4.3 describes. Note especially: Note that indefinitely storing information about expunged messages can cause storage and related problems for an implementation. .. Hence, implementations are encouraged to adopt strategies to protect against such storage problems, such as limiting the size of the queue used to store mod-sequences for expunged messages and "expiring" older records when this limit is reached. When the selected implementation-specific queue limit is reached, the oldest record(s) are deleted from the queue (note that such records are located at the queue head). For all such "expired" records, the server needs to store a single mod-sequence, which is the highest mod-sequence for all "expired" expunged messages. This is exactly what Dovecot does. There is a single modseq associated with all the previously expunged messages. If you try to request expunges for that modseq, it returns all of the expunged messages, which is what you're seeing as a problem. It might be helpful in some situations to decrease the precision and remember for example: * UIDs 1-100 were deleted with modseq 10 (in reality multiple times between modseqs 1..10) * UIDs 101-130 were deleted with modseq 15 (in reality with modseqs 11..15) .. and so on But this assumes that the expunged UID ranges compress well. If UIDs are being deleted here and there it's still pretty wasteful to store them. And yes, the current way may be forgetting them a bit too early when a lot of other unrelated changes are happening. It would be possible to keep a separate expunge log which could remember the expunges longer. But that would be yet another different index file for Dovecot, which annoyingly complicates everything. And currently since it sounds like the only problem is activesync implementation using it, I'm not very interested in spending a lot of time on it. These defines in mail-transaction-log-private.h anyway can be changed to make it much less likely to see your problem: /* Rotate when log is older than ROTATE_TIME and larger than MIN_SIZE */ #define MAIL_TRANSACTION_LOG_ROTATE_MIN_SIZE (1024*32) /* If log is larger than MAX_SIZE, rotate regardless of the time */ #define MAIL_TRANSACTION_LOG_ROTATE_MAX_SIZE (1024*1024) #define MAIL_TRANSACTION_LOG_ROTATE_TIME (60*5) /* Delete .log.2 files older than this many seconds. Don't be too eager, older files are useful for QRESYNC and dsync. */ #define MAIL_TRANSACTION_LOG2_STALE_SECS (60*60*24*2) Maybe the defaults could be changed.. From tlx at leuxner.net Tue Nov 6 14:27:07 2012 From: tlx at leuxner.net (Thomas Leuxner) Date: Tue, 6 Nov 2012 13:27:07 +0100 Subject: [Dovecot] doveadm import doesn't work In-Reply-To: <5098F9D3.80708@dadgmbh.de> References: <5098F9D3.80708@dadgmbh.de> Message-ID: <20121106122707.GA9945@nihlus.leuxner.net> On Tue, Nov 06, 2012 at 12:51:47PM +0100, Andreas Thomsen wrote: > any idea, whats the problem? http://www.dovecot.org/list/dovecot-news/2010-October/000179.html Yes. It simply wasn't implemented in 2.0.4 which is ages old btw. Regards Thomas -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: From andreas.thomsen at dadgmbh.de Tue Nov 6 14:38:25 2012 From: andreas.thomsen at dadgmbh.de (Andreas Thomsen) Date: Tue, 06 Nov 2012 13:38:25 +0100 Subject: [Dovecot] doveadm import doesn't work In-Reply-To: <20121106122707.GA9945@nihlus.leuxner.net> References: <5098F9D3.80708@dadgmbh.de> <20121106122707.GA9945@nihlus.leuxner.net> Message-ID: <509904C1.5020104@dadgmbh.de> Thank you, Thomas. I think, i will install a newer version.. Am 06.11.2012 13:27, schrieb Thomas Leuxner: > On Tue, Nov 06, 2012 at 12:51:47PM +0100, Andreas Thomsen wrote: >> any idea, whats the problem? > http://www.dovecot.org/list/dovecot-news/2010-October/000179.html > > Yes. It simply wasn't implemented in 2.0.4 which is ages old btw. > > Regards > Thomas -- DAD Deutscher Adressdienst GmbH Alter Wall 65 20457 Hamburg Postfach 11 35 58 20435 Hamburg Deutschland Tel. 0049 (0)40 7511990 Fax 0049 (0)40 75119911 Amtsgericht Hamburg HRB 88115 Gesch?ftsf?hrerin: Daniela Kunst Steuernummer 48/714/02030 Ust-IdNr. DE813739877 From ben at morrow.me.uk Tue Nov 6 14:43:06 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Tue, 6 Nov 2012 12:43:06 +0000 Subject: [Dovecot] sieve In-Reply-To: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> References: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> Message-ID: <20121106124305.GB37663@anubis.morrow.me.uk> At 8AM +0100 on 6/11/12 you (Christian R??ner) wrote: > > is there a sieve option that can reject a mail directly without > creating a new mail and sending that out? I know about > > reject "Reject message goes here"; > > but I am looking for a mechanism that can reject Mail. You want 'ereject', RFC 5429, but Pigeonhole currently only implements it as a synonym for reject. I'm not sure if this is within-spec or not: this paragraph The "ereject" action MUST NOT be available in environments that do not support protocol-level rejection, e.g., an MUA, and MUST be available in all other environments that support the "reject" action. makes me think that perhaps it's not; in any case, Dovecot's implementation won't do what you want. Ben From stan at hardwarefreak.com Tue Nov 6 15:04:56 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Tue, 06 Nov 2012 07:04:56 -0600 Subject: [Dovecot] sieve In-Reply-To: References: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> <5098C7E6.7090903@whyscream.net> Message-ID: <50990AF8.7010303@hardwarefreak.com> On 11/6/2012 2:29 AM, Christian R??ner wrote: > Another solution would be to write some kind of milter/policy-service with a web-interface, where people can reject mails directly on the postfix side. But this is a lot of work. Use a web interface that requires auth. But I'd not use a milter/policy service--too complicated and unnecessary. Just use a regular access(5) table in db format. Simply write your script to append new addresses or domains to the table with a REJECT action. Then add to main.cf an appropriate restriction such as check_sender_access. Changes are picked up automatically each time a new smtpd is fired so no postmap command is required to make the change active. -- Stan From rs at sys4.de Tue Nov 6 15:35:22 2012 From: rs at sys4.de (Robert Schetterer) Date: Tue, 06 Nov 2012 14:35:22 +0100 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> Message-ID: <5099121A.5010208@sys4.de> Am 06.11.2012 13:17, schrieb Timo Sirainen: > the only problem is activesync implementation using it Hi, Michael, as i am going to implement horde 5 active sync server in near Future with dovecot , i followed this in high interest I know horde active sync server is different to z-push so sorry my question, i recent use z-push with dovecot and never noticed any problems with it, so how does z-push handle this "problem" comparing horde, any chance to workaround it in horde code ? Hacking dovecot might be complex, as it should fit in so many stuff and setups Anyway i agree many people using active sync in their smartphone these days and new outlook will also have a active sync mode, so there shouldnt stay any fixable problems ( where ever they may be ), but in my understanding the imap server ( dovecot ) acts more like a backhand here did you test against recent versions of cyrus etc, how is their behave in this case ? Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From mrubinsk at horde.org Tue Nov 6 16:23:10 2012 From: mrubinsk at horde.org (Michael J Rubinsky) Date: Tue, 06 Nov 2012 09:23:10 -0500 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <5099121A.5010208@sys4.de> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> <5099121A.5010208@sys4.de> Message-ID: <20121106092310.Horde.5x2cUpcRtLVQmR1OBJCiTiA@h4.theupstairsroom.com> Quoting Robert Schetterer : > Am 06.11.2012 13:17, schrieb Timo Sirainen: >> the only problem is activesync implementation using it > > Hi, Michael, > as i am going to implement horde 5 active sync server in near Future > with dovecot , i followed this in high interest > > I know horde active sync server is different to z-push > so sorry my question, i recent use z-push with dovecot and never noticed > any problems with it, so how does z-push handle this "problem" comparing > horde, any chance to workaround it in horde code ? ZPush's default "imap backend" implementation uses PHP's imap implementation, which has _many_ problems. Horde's uses Horde_Imap_Client a PHP native implementation with tons of improvements over just about any other available IMAP client implementation in PHP. The problem I'm describing stems from our ActiveSync code trying to take advantage of IMAP extensions such as QRESYNC, where the server can track and report things like expunged messages, flag changes etc... since a known point without us having to cache and track every bit of information about the device's state. This is what ZPush does, it uses plaintext files on the server and writes out all the message ids and flag states that were sent to each device. Then during every sync, it retrieves the complete list of message ids and flag state from the IMAP server again and compares them against the data in the text file to determine the deltas. There is already a work around for this in place - if we detect a UID being returned from one of these VANISHED responses that is older than the oldest known UID we know was sent to the device then we reset the device's mailbox state, causing the mailbox to resync. We already track the UIDs of all email sent to the device in our state tables when using a server that does not support QRESYNC, I plan on extending/improving this and getting rid of the current use VANISHED data completely. For further information about our code vs ZPush you can read a basic overview on our wiki page http://wiki.horde.org/ActiveSync. I'm in the process of a more detailed feature comparison grid, but it's far from ready. Please move any further discussion specific to Horde's ActiveSync code to the dev at lists.horde.org mailing list. > Hacking dovecot might be complex, as it should fit in so many stuff and > setups I would never suggest people should hack server code to get other code to work :) > Anyway i agree many people using active sync in their smartphone these > days and new outlook will also have a active sync mode, so there > shouldnt stay any fixable problems ( where ever they may be ), but in my > understanding the imap server ( dovecot ) acts more like a backhand here > did you test against recent versions of cyrus etc, how is their behave > in this case? I have not personally tested against cyrus, but I know some of our other devs use cyrus with the ActiveSync code base. -- mike The Horde Project (www.horde.org) mrubinsk at horde.org -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 6062 bytes Desc: S/MIME Cryptographic Signature URL: From mrubinsk at horde.org Tue Nov 6 16:24:07 2012 From: mrubinsk at horde.org (Michael J Rubinsky) Date: Tue, 06 Nov 2012 09:24:07 -0500 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> Message-ID: <20121106092407.Horde.ORo9AZcRtLVQmR2HfZMiToA@h4.theupstairsroom.com> Quoting Timo Sirainen : > On 6.11.2012, at 3.49, Michael J Rubinsky wrote: > >>> That would require infinitely storing the modseq of when each message >>> was expunged. Not very nice. Also the RFC talks a lot about this >>> situation. The SELECT command has two optional parameters to optimize >>> it. >> >> The RFC *does* indicate that a server implementation could, >> strictly speaking, be considered in compliance without remembering >> modsequences for all expunged messages, but it does explicitly >> discourage such implementations. From RFC 5162 [4.1]: >> >> Strictly speaking, a server implementation that doesn't remember mod- >> sequences associated with expunged messages can be considered >> compliant with this specification. Such implementations return all >> expunged messages specified in the UID set of the UID FETCH >> (VANISHED) command every time, without paying attention to the >> specified CHANGEDSINCE mod-sequence. Such implementations are >> discouraged, as they can end up returning VANISHED responses that are >> bigger than the result of a UID SEARCH command for the same UID set. > > This is talking about a server that doesn't permanently remember ANY > modseqs for expunges. Dovecot remembers them, not not infinitely. > >> It also gives advice to avoid infinitely storing the modsequences >> such as "expiring" sequences associated with older expunged >> messages, but assigning a single modsequence value to all of the >> expired expunged messages. > > Dovecot behaves as the section 4.3 describes. Note especially: > > Note that indefinitely storing information about expunged messages > can cause storage and related problems for an implementation. > .. > Hence, implementations are encouraged to adopt strategies to protect > against such storage problems, such as limiting the size of the queue > used to store mod-sequences for expunged messages and "expiring" > older records when this limit is reached. When the selected > implementation-specific queue limit is reached, the oldest record(s) > are deleted from the queue (note that such records are located at the > queue head). For all such "expired" records, the server needs to > store a single mod-sequence, which is the highest mod-sequence for > all "expired" expunged messages. > > This is exactly what Dovecot does. There is a single modseq > associated with all the previously expunged messages. If you try to > request expunges for that modseq, it returns all of the expunged > messages, which is what you're seeing as a problem. > > It might be helpful in some situations to decrease the precision and > remember for example: > * UIDs 1-100 were deleted with modseq 10 (in reality multiple times > between modseqs 1..10) > * UIDs 101-130 were deleted with modseq 15 (in reality with modseqs 11..15) > .. and so on > > But this assumes that the expunged UID ranges compress well. If UIDs > are being deleted here and there it's still pretty wasteful to store > them. > > And yes, the current way may be forgetting them a bit too early when > a lot of other unrelated changes are happening. It would be possible > to keep a separate expunge log which could remember the expunges > longer. But that would be yet another different index file for > Dovecot, which annoyingly complicates everything. And currently > since it sounds like the only problem is activesync implementation > using it, I'm not very interested in spending a lot of time on it. > These defines in mail-transaction-log-private.h anyway can be > changed to make it much less likely to see your problem: > > /* Rotate when log is older than ROTATE_TIME and larger than MIN_SIZE */ > #define MAIL_TRANSACTION_LOG_ROTATE_MIN_SIZE (1024*32) > /* If log is larger than MAX_SIZE, rotate regardless of the time */ > #define MAIL_TRANSACTION_LOG_ROTATE_MAX_SIZE (1024*1024) > #define MAIL_TRANSACTION_LOG_ROTATE_TIME (60*5) > > /* Delete .log.2 files older than this many seconds. Don't be too eager, > older files are useful for QRESYNC and dsync. */ > #define MAIL_TRANSACTION_LOG2_STALE_SECS (60*60*24*2) > > Maybe the defaults could be changed.. Thanks for the information and clarification, Timo. -- mike The Horde Project (www.horde.org) mrubinsk at horde.org -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 6062 bytes Desc: S/MIME Cryptographic Signature URL: From tss at iki.fi Tue Nov 6 16:57:00 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 6 Nov 2012 16:57:00 +0200 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> Message-ID: On 6.11.2012, at 14.17, Timo Sirainen wrote: > It would be possible to keep a separate expunge log which could remember the expunges longer. But that would be yet another different index file for Dovecot, which annoyingly complicates everything. And currently since it sounds like the only problem is activesync implementation using it, I'm not very interested in spending a lot of time on it. Here's an idea how it could maybe be done without too much complexity: Before deleting/replacing dovecot.index.log.2 file, scan all of the expunges from it and append them to dovecot.index.log.expunges file using the normal transaction log file format. Change the reader code to use it only when a special flag is enabled (because it has no other changes, it shouldn't normally be used). Use that flag when looking for old expunges. Once in a while recreate the file and drop some of the oldest expunges. The annoying thing with that is that the file format wastes disk space. An alternative would be to write to the file using yet another format optimized for it, and then have a separate "expunge scanner" API that scans the expunge file and the transaction logs. Anyway, not something I have time to implement myself anytime soon. From cr at sys4.de Tue Nov 6 17:04:33 2012 From: cr at sys4.de (=?iso-8859-1?Q?Christian_R=F6=DFner?=) Date: Tue, 6 Nov 2012 16:04:33 +0100 Subject: [Dovecot] sieve In-Reply-To: <50990AF8.7010303@hardwarefreak.com> References: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> <5098C7E6.7090903@whyscream.net> <50990AF8.7010303@hardwarefreak.com> Message-ID: <8828DC32-59FB-4EA7-8D73-6B7E740092E4@sys4.de> Hi, >> Another solution would be to write some kind of milter/policy-service with a web-interface, where people can reject mails directly on the postfix side. But this is a lot of work. > > Use a web interface that requires auth. But I'd not use a milter/policy > service--too complicated and unnecessary. Just use a regular access(5) > table in db format. Simply write your script to append new addresses or > domains to the table with a REJECT action. Then add to main.cf an > appropriate restriction such as check_sender_access. Changes are picked > up automatically each time a new smtpd is fired so no postmap command is > required to make the change active. thanks to all of you. I think I have enough feedback and now I can decide what to do. Kind regards -Christian R??ner -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From lists at wildgooses.com Tue Nov 6 17:26:43 2012 From: lists at wildgooses.com (Ed W) Date: Tue, 06 Nov 2012 15:26:43 +0000 Subject: [Dovecot] v2.1 memory usage In-Reply-To: <1352157757.13571.121.camel@hurina> References: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> <1352151633.13571.116.camel@hurina> <1352157757.13571.121.camel@hurina> Message-ID: <50992C33.8030505@wildgooses.com> On 05/11/2012 23:22, Timo Sirainen wrote: > On Mon, 2012-11-05 at 23:40 +0200, Timo Sirainen wrote: >> Anyway, looks like Dovecot can't link OpenSSL to imap/pop3 processes >> without wasting a ton of memory. In v2.2 I already moved imapc/pop3c >> backend code to plugins to avoid this. Looks like similar ugliness is >> needed for other features/backends also that may end up using SSL code. >> (We were wondering with Stephan what to do about his new HTTP library >> code that added support for SSL. It would be nice to keep it in the core >> libdovecot.so, but not if it links with SSL. So looks like we'll need >> some kind of a http-ssl plugin that is loaded only when needed.) > Implemented it a bit easier way that also gets rid of imapc/pop3c > plugins and simplifies other things: lib-ssl-iostream now loads OpenSSL > dynamically: http://hg.dovecot.org/dovecot-2.2/rev/68d21f872fd7 > > This also provides a nice abstraction to OpenSSL, making it again > possible to implement other backends like GnuTLS or NSS. (Except login > process code doesn't use lib-ssl-iostream yet.) Does libtomcrypt implement enough? Ed From stephan at rename-it.nl Tue Nov 6 17:26:31 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Tue, 06 Nov 2012 16:26:31 +0100 Subject: [Dovecot] sieve In-Reply-To: <20121106124305.GB37663@anubis.morrow.me.uk> References: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> <20121106124305.GB37663@anubis.morrow.me.uk> Message-ID: <50992C27.4030008@rename-it.nl> Op 11/6/2012 1:43 PM, Ben Morrow schreef: > You want 'ereject', RFC 5429, but Pigeonhole currently only implements > it as a synonym for reject. I'm not sure if this is within-spec or not: > this paragraph > > The "ereject" action MUST NOT be available in environments that do > not support protocol-level rejection, e.g., an MUA, and MUST be > available in all other environments that support the "reject" > action. > > makes me think that perhaps it's not; in any case, Dovecot's > implementation won't do what you want. That feature is under development, and such features aren't compiled unless people add `--with-unfinished-features' to their configure line. So, don't worry, Pigeonhole does not normally violate the specification in this regard. Regards, Stephan. From ben at morrow.me.uk Tue Nov 6 20:00:23 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Tue, 6 Nov 2012 18:00:23 +0000 Subject: [Dovecot] sieve In-Reply-To: <50992C27.4030008@rename-it.nl> References: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> <20121106124305.GB37663@anubis.morrow.me.uk> <50992C27.4030008@rename-it.nl> Message-ID: <20121106180022.GC37663@anubis.morrow.me.uk> At 4PM +0100 on 6/11/12 you (Stephan Bosch) wrote: > Op 11/6/2012 1:43 PM, Ben Morrow schreef: > > You want 'ereject', RFC 5429, but Pigeonhole currently only implements > > it as a synonym for reject. I'm not sure if this is within-spec or not: > > this paragraph > > > > The "ereject" action MUST NOT be available in environments that do > > not support protocol-level rejection, e.g., an MUA, and MUST be > > available in all other environments that support the "reject" > > action. > > > > makes me think that perhaps it's not; in any case, Dovecot's > > implementation won't do what you want. > > That feature is under development, and such features aren't compiled > unless people add `--with-unfinished-features' to their configure line. > So, don't worry, Pigeonhole does not normally violate the specification > in this regard. Oh, cool, I missed that on my quick look through the source. Ben From tss at iki.fi Tue Nov 6 22:30:46 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 6 Nov 2012 22:30:46 +0200 Subject: [Dovecot] v2.1 memory usage In-Reply-To: <50992C33.8030505@wildgooses.com> References: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> <1352151633.13571.116.camel@hurina> <1352157757.13571.121.camel@hurina> <50992C33.8030505@wildgooses.com> Message-ID: <5A7F7F7A-9CEB-4A20-B03C-99EE81351114@iki.fi> On 6.11.2012, at 17.26, Ed W wrote: > On 05/11/2012 23:22, Timo Sirainen wrote: >> On Mon, 2012-11-05 at 23:40 +0200, Timo Sirainen wrote: >>> Anyway, looks like Dovecot can't link OpenSSL to imap/pop3 processes >>> without wasting a ton of memory. In v2.2 I already moved imapc/pop3c >>> backend code to plugins to avoid this. Looks like similar ugliness is >>> needed for other features/backends also that may end up using SSL code. >>> (We were wondering with Stephan what to do about his new HTTP library >>> code that added support for SSL. It would be nice to keep it in the core >>> libdovecot.so, but not if it links with SSL. So looks like we'll need >>> some kind of a http-ssl plugin that is loaded only when needed.) >> Implemented it a bit easier way that also gets rid of imapc/pop3c >> plugins and simplifies other things: lib-ssl-iostream now loads OpenSSL >> dynamically: http://hg.dovecot.org/dovecot-2.2/rev/68d21f872fd7 >> >> This also provides a nice abstraction to OpenSSL, making it again >> possible to implement other backends like GnuTLS or NSS. (Except login >> process code doesn't use lib-ssl-iostream yet.) > > Does libtomcrypt implement enough? It doesn't do SSL, which is all Dovecot cares about. From daniel.parthey at informatik.tu-chemnitz.de Wed Nov 7 02:02:49 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Wed, 7 Nov 2012 01:02:49 +0100 Subject: [Dovecot] LMTP benefit vs LDA In-Reply-To: <5098BD2A.9010704@skye.it> References: <5094E7D6.5000109@mail.cgilfe.it> <20121103124149.GA12562@daniel.localdomain> <5098BD2A.9010704@skye.it> Message-ID: <20121107000249.GA10057@daniel.localdomain> Alessio Cecchi wrote: > Daniel Parthey wrote: > > Davide wrote: > >>my question is what is benefit implementing LMTP service replacing > >>LDA i have dovecot 2.1.8 with vpopmail+qmail and about 500 users > >>now i'm using LDA and i'm interested on LMTP service. > >with LMTP... > >* you don't need to spawn a new process for each message > > For me this options is the most valuable. I'm also running > qmail+vpopmail and dovecot as LDA and with thousand of users spawn a > new process for each message could be a problem. > > But you need to switch to postfix, or have you some idea on how to > run qmail and LMTP together? You will need an MTA with LMTP client support, e.g. postfix or exim: http://wiki2.dovecot.org/HowTo/PostfixDovecotLMTP Regards Daniel -- https://plus.google.com/103021802792276734820 From massimiliano at cianelli.eu Wed Nov 7 09:13:08 2012 From: massimiliano at cianelli.eu (Massimiliano Cianelli) Date: Wed, 07 Nov 2012 08:13:08 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. Message-ID: <8egwclxks8cpdyupbs5slf3n.1352226340948@email.android.com> Hello, My phone: Android ics 4.1.2 on galaxy nexus. And yes, stock mean the default client that come with the os in IMAP mode. I already know about that configuration parameter, but it will display two time namespace in postlogin capabilities, and so I like much more to adjust the source code to fix the issue. Yes there is k9 but I didn't like it too much, I prefer the stock client and is much important to keep compatibility with stock client then user-installed client. About the issue on Google code, there is thr issue on google code... but Google is a lot slow in fixing those things. http://code.google.com/p/android/issues/detail?id=1811 In a few hour I'll update the issue noticing where is hidden the problem. Regards Sent from Galaxy Nexus Robert Schetterer ha scritto: >Am 06.11.2012 07:08, schrieb Ben Morrow: >> At 6AM +0100 on 6/11/12 you (Massimiliano Cianelli) wrote: >>> Hi, >>> >>> My setup: >>> Dovecot 2 latest, installed to replace courrier IMAP, and off course >>> configured with the dot separator and all folder under INBOX.*. >>> >>> The problem: >>> My phone was driving me mad during the test, due that it will only >>> recognize Inbox. >>> >>> How found the solution: >>> I've started sniffing IMAP traffic on my server and ended up with one >>> difference: >>> On courier it ask for namespace, on dovecot it won't. >>> >>> I gives a better look, and noticed that courier show namespace >>> capability on prelogin banner, adding it too solved the problem. >>> >>> Reason: >>> Android ICS stock client seems do not honor the capability gived after >>> the login. >> >> See http://wiki2.dovecot.org/Upgrading/2.0?highlight=%28capability%29 ; >> you need to set imap_capability and/or get your client fixed. >> >> Ben >> > >Hi, first ,what is the exact meaning of > >"Android ICS stock client" > >do you mean default included email client in standard android in imap >mode, when yes, which version of Android , i like to test my own >however is there changelog/code etc at google for this behave? > >conf example > ># Override the IMAP CAPABILITY response. If the value begins with '+', > # add the given capabilities on top of the defaults (e.g. +XFOO XBAR). > #imap_capability = > >setting stuff here might be complex , or lead to trouble with other >clients, if setting this might fix problems ,with clients it should be >advised in the wiki/example-conf and/or Timo > >or the other way ,for massive used clients there should be >a seperate workaround section in the conf > >But fixing behave clients should be prime option anyway > >Meanwhile use K9mail in Android as best free option in imap mode servers > >Best Regards >MfG Robert Schetterer > >-- >[*] sys4 AG > >http://sys4.de, +49 (89) 30 90 46 64 >Franziskanerstra?e 15, 81669 M?nchen > >Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 >Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer >Aufsichtsratsvorsitzender: Joerg Heidrich From rs at sys4.de Wed Nov 7 10:16:54 2012 From: rs at sys4.de (Robert Schetterer) Date: Wed, 07 Nov 2012 09:16:54 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: <8egwclxks8cpdyupbs5slf3n.1352226340948@email.android.com> References: <8egwclxks8cpdyupbs5slf3n.1352226340948@email.android.com> Message-ID: <509A18F6.1060507@sys4.de> Am 07.11.2012 08:13, schrieb Massimiliano Cianelli: > Hello, > > My phone: > Android ics 4.1.2 on galaxy nexus. > And yes, stock mean the default client that come with the os in IMAP mode. > > I already know about that configuration parameter, but it will display two time namespace in postlogin capabilities, and so I like much more to adjust the source code to fix the issue. > > Yes there is k9 but I didn't like it too much, I prefer the stock client and is much important to keep compatibility with stock client then user-installed client. > > About the issue on Google code, there is thr issue on google code... but Google is a lot slow in fixing those things. > http://code.google.com/p/android/issues/detail?id=1811 > > In a few hour I'll update the issue noticing where is hidden the problem. > > Regards > Sent from Galaxy Nexus Hi , i shortly tested this with android sdk jelly bean 4.1.1 and "my setup" dovecot 2.1.10 with included orginal android mail app in imap mode, ,leaving IMAP prefix blank, everything works as expected, no double shown inbox, namespace problems etc so you might have to fit your namespace setup. Also you might follow allready given advice from here. Anyway , i understand you using "stock client" but you have to understand that the producers of mail clients optimize their stuff fitting best in their own server structure making money with it, therefor their motivation coding better imap code is not very high, same case is for outlook and microsoft however, i would say, fixing bugs is on the google site here, looks like there is patch at http://code.google.com/p/android/issues/detail?id=1811 and the issue seems long known i dont see any hard relation to dovecot in this case meanwhile using k9mail seems the best way to workaround there are lots of other bugs around android versions over the years i dont expect google to fix them > > Robert Schetterer ha scritto: > >> Am 06.11.2012 07:08, schrieb Ben Morrow: >>> At 6AM +0100 on 6/11/12 you (Massimiliano Cianelli) wrote: >>>> Hi, >>>> >>>> My setup: >>>> Dovecot 2 latest, installed to replace courrier IMAP, and off course >>>> configured with the dot separator and all folder under INBOX.*. >>>> >>>> The problem: >>>> My phone was driving me mad during the test, due that it will only >>>> recognize Inbox. >>>> >>>> How found the solution: >>>> I've started sniffing IMAP traffic on my server and ended up with one >>>> difference: >>>> On courier it ask for namespace, on dovecot it won't. >>>> >>>> I gives a better look, and noticed that courier show namespace >>>> capability on prelogin banner, adding it too solved the problem. >>>> >>>> Reason: >>>> Android ICS stock client seems do not honor the capability gived after >>>> the login. >>> >>> See http://wiki2.dovecot.org/Upgrading/2.0?highlight=%28capability%29 ; >>> you need to set imap_capability and/or get your client fixed. >>> >>> Ben >>> >> >> Hi, first ,what is the exact meaning of >> >> "Android ICS stock client" >> >> do you mean default included email client in standard android in imap >> mode, when yes, which version of Android , i like to test my own >> however is there changelog/code etc at google for this behave? >> >> conf example >> >> # Override the IMAP CAPABILITY response. If the value begins with '+', >> # add the given capabilities on top of the defaults (e.g. +XFOO XBAR). >> #imap_capability = >> >> setting stuff here might be complex , or lead to trouble with other >> clients, if setting this might fix problems ,with clients it should be >> advised in the wiki/example-conf and/or Timo >> >> or the other way ,for massive used clients there should be >> a seperate workaround section in the conf >> >> But fixing behave clients should be prime option anyway >> >> Meanwhile use K9mail in Android as best free option in imap mode servers >> >> Best Regards >> MfG Robert Schetterer >> >> -- >> [*] sys4 AG >> >> http://sys4.de, +49 (89) 30 90 46 64 >> Franziskanerstra?e 15, 81669 M?nchen >> >> Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 >> Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer >> Aufsichtsratsvorsitzender: Joerg Heidrich Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From laurent.foucher at iut-tlse3.fr Wed Nov 7 10:25:08 2012 From: laurent.foucher at iut-tlse3.fr (Laurent Foucher) Date: Wed, 07 Nov 2012 09:25:08 +0100 Subject: [Dovecot] acl and subfolder Message-ID: <20121107092508.Horde.KXj9QTZfwM9QmhrkNMYwS9A@webmail.iut-tlse3.fr> hello, I'm using dovecot 2.0.16 and i would like to use acl for subfolder. The file dovecot-acl is well written in both folder test and the subfolder test/Test : cat /home/user2/Maildir/.test.Test/dovecot-acl user=user1 ilrws cat /home/user2/Maildir/.test/dovecot-acl user=user1 ilprws When user1 want to list, the folder test is well shown, but not the subfolder test/Test. This is the logs : Debug: acl: acl username = user1 imap(laurent.foucher): Debug: acl: owner = 0 Shuka-a dovecot: imap(user1): Debug: acl vfile: Global ACL directory: (none) Shuka-a dovecot: imap(user1): Debug: acl vfile: reading file /home/user2/Maildir/.test/dovecot-acl [....] imap(user1): Debug: acl: Mailbox not in dovecot-acl-list: Partages/user2/test/Test I don't userstand why the file dovecot-acl is not read from the subfolder, while user1 and user2 have the same gid and write access to the directories. Thanks for your answers. dovecot -n auth_cache_size = 512 M default_client_limit = 8400 disable_plaintext_auth = no mail_access_groups = dovecot mail_debug = yes mail_location = maildir:~/Maildir mail_plugins = acl mail_privileged_group = dovecot managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave imapflags notify namespace { inbox = yes location = prefix = separator = / type = private } namespace { list = children location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u prefix = Partages/%%u/ separator = / subscriptions = no type = shared } passdb { args = cache_key=%u%s * driver = pam } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { acl = vfile acl_shared_dict = file:/var/lib/dovecot/shared-mailboxes.db mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid size sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = +notify +imapflags } postmaster_address = postmaster at iut-tlse3.fr protocols = " imap sieve" service auth { client_limit = 8500 unix_listener auth-userdb { group = Personnel_IUT mode = 0666 } } service imap-login { process_limit = 4096 process_min_avail = 16 service_count = 0 vsz_limit = 256 M } service imap { process_limit = 4096 vsz_limit = 3036 M } ssl_cert = laurent.foucher at iut-tlse3.fr Enseignant/Charg? de mission Syst?mes & R?seau From yngve_l2 at hotmail.com Wed Nov 7 11:13:28 2012 From: yngve_l2 at hotmail.com (ycc_Swe) Date: Wed, 7 Nov 2012 01:13:28 -0800 (PST) Subject: [Dovecot] Dovecot ok for port 110, but not for SSL (beginner asking) Message-ID: <1352279608118-38611.post@n4.nabble.com> Hello, I just installed Dovecot. It works for plaintext autorization, port 110. It has connected with Telnet, Thunderbird and an on-line pop3 client. Telnet: +OK Dovecot ready. user nnnnn -ERR Unknown command. user nnnnn +OK pass xxxxxxxxxx +OK Logged in. stat +OK 1 1553 retr 1 +OK 1553 octets Return-path: Envelope-to: nnnnnn at mydomain.com Delivery-date: Tue, 06 Nov 2012 12:02:28 +0100 Received: from bay0-xcvxcv-xvxcv.bay333.hotmail.com ([123.123.123.123]) by deb7.pc with esmtp (Exim 4.80) But when I try ssl (port 995) with an on-line pop3 client, it will not work: /var/log/mail.log Nov 7 02:46:55 deb7 dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=12.12.12.7, lip=123.123.123.123, TLS: Disconnected, session= Nov 7 02:46:56 deb7 dovecot: pop3-login: Disconnected (no auth attempts in 1 secs): user=<>, rip=12.12.12.7, lip=123.123.123.123, TLS: Disconnected, session= root at deb7:~# doveconf -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-3-686-pae i686 disable_plaintext_auth = no mail_gid = mail mail_location = mbox:~/mail:INBOX=/var/mail/%u namespace inbox { inbox = yes location = prefix = } passdb { args = username_format=%u /etc/dovecot/users driver = passwd-file } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = " imap pop3" ssl_cert = References: <1352279608118-38611.post@n4.nabble.com> Message-ID: <509A35C0.8040209@sys4.de> Am 07.11.2012 10:13, schrieb ycc_Swe: > Hello, > > I just installed Dovecot. It works for plaintext autorization, port 110. It > has connected with Telnet, Thunderbird and an on-line pop3 client. > > Telnet: > +OK Dovecot ready. > user nnnnn > -ERR Unknown command. > user nnnnn > +OK > pass xxxxxxxxxx > +OK Logged in. > stat > +OK 1 1553 > retr 1 > +OK 1553 octets > Return-path: > Envelope-to: nnnnnn at mydomain.com > Delivery-date: Tue, 06 Nov 2012 12:02:28 +0100 > Received: from bay0-xcvxcv-xvxcv.bay333.hotmail.com ([123.123.123.123]) > by deb7.pc with esmtp (Exim 4.80) > > But when I try ssl (port 995) with an on-line pop3 client, it will not work: > /var/log/mail.log > Nov 7 02:46:55 deb7 dovecot: pop3-login: Disconnected (no auth attempts in > 0 secs): user=<>, rip=12.12.12.7, lip=123.123.123.123, TLS: Disconnected, > session= > Nov 7 02:46:56 deb7 dovecot: pop3-login: Disconnected (no auth attempts in > 1 secs): user=<>, rip=12.12.12.7, lip=123.123.123.123, TLS: Disconnected, > session= > > root at deb7:~# doveconf -n > # 2.1.7: /etc/dovecot/dovecot.conf > # OS: Linux 3.2.0-3-686-pae i686 > disable_plaintext_auth = no > mail_gid = mail > mail_location = mbox:~/mail:INBOX=/var/mail/%u > namespace inbox { > inbox = yes > location = > prefix = > } > passdb { > args = username_format=%u /etc/dovecot/users > driver = passwd-file > } > plugin { > sieve = ~/.dovecot.sieve > sieve_dir = ~/sieve > } > protocols = " imap pop3" > ssl_cert = ssl_key = userdb { > args = username_format=%u /etc/dovecot/users > driver = passwd-file > } > > I know very little about mail and ssl. I have assumed that ssl will be set > up "automatically" when Dovecot is installed. But maybe I have missed > something here. Please give me pointers. > The following two files contain ssl keys: > ssl_cert = ssl_key = > I have tried changing the ssl parameter ("yes", "required") in 10-ssl.conf > but with no change except that port 110 login becomes disabled. > > As you can see I am a beginner with Dovecot, I hope it is still OK to ask on > this mailing list. Thanks. > > > > -- > View this message in context: http://dovecot.2317879.n4.nabble.com/Dovecot-ok-for-port-110-but-not-for-SSL-beginner-asking-tp38611.html > Sent from the Dovecot mailing list archive at Nabble.com. > have a look http://wiki2.dovecot.org/SSL/DovecotConfiguration Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From CMarcus at Media-Brokers.com Wed Nov 7 15:01:13 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 07 Nov 2012 08:01:13 -0500 Subject: [Dovecot] Solr 4.0 - lucene - FTS Message-ID: <509A5B99.1000900@Media-Brokers.com> Hi Timo, As one who is interested in implementing FTS sometime in the future, I'm curious about what is in store as far as improvements go... Specifically, any plans for implementing immediate/automatic index updates at delivery time? The lack of automatically updated indexes is one downside for its implementation... Also, does the release of Solr 4.0 mean anything for the lucene library used by dovecot? http://www.marketwatch.com/story/lucidworks-congratulates-apache-foundation-on-general-release-of-solr-40-2012-10-15 Thanks, -- Best regards, Charles From tss at iki.fi Wed Nov 7 17:14:18 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:14:18 +0200 Subject: [Dovecot] Solr 4.0 - lucene - FTS In-Reply-To: <509A5B99.1000900@Media-Brokers.com> References: <509A5B99.1000900@Media-Brokers.com> Message-ID: <385519A7-AE91-4C38-94C6-7CD8A957E178@iki.fi> On 7.11.2012, at 15.01, Charles Marcus wrote: > As one who is interested in implementing FTS sometime in the future, I'm curious about what is in store as far as improvements go... > > Specifically, any plans for implementing immediate/automatic index updates at delivery time? The lack of automatically updated indexes is one downside for its implementation... Nothing really prevents from adding that very easily .. I guess it would need a new setting, which is always the most annoying part of small changes. :) I think it would have to have a setting equivalent to doveadm index -n parameter, which allows indexing most users, except those who pretty much never read their emails. So with doveadm index -n 1000 you could set that if the mailbox's \Recent count is over 1000, don't index the mailbox. So .. hmm. I guess two settings would be cleaner: plugin { fts_autoindex = yes fts_autoindex_max_recent = 1000 } Or maybe there's a better name than "autoindex" for this feature. SEARCH always autoindexes anyway. > Also, does the release of Solr 4.0 mean anything for the lucene library used by dovecot? No, fts-lucene and fts-solr are separate backends. But I do have some small plans to add a few more features to fts-solr. From tss at iki.fi Wed Nov 7 17:21:59 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:21:59 +0200 Subject: [Dovecot] mbox2mdir... what about UIDs/etc? (was: how to best import Evolution/Thunderbird mail into dovecot?) In-Reply-To: <1351557745.3435.106.camel@fermat.scientia.net> References: <1350429674.3360.27.camel@fermat.scientia.net> <20121017145144.GA777@PC211.ikt.de> <1351557745.3435.106.camel@fermat.scientia.net> Message-ID: <3ACD269C-EBFA-42D5-B984-97342E669D08@iki.fi> On 30.10.2012, at 2.42, Christoph Anton Mitterer wrote: > Which I'll base upon mb2md[1] respectively it's Dovecot-izsed > version[2]. > I diffed the two, and it seems the only differences are that the later > handles the following in addition: > 1) keywords (via X-IMAP, X-IMAPbase and X-Keywords) > 2) UIDs, UIDVALITIDYs and UIDLASTs (via the X-IMAP, X-IMAPbase and X-UID > mail headers of the mboxes > 3) ,S= and ,W= tags > > (Guess that's it right?) > > > Now I have some questions: > to 1) I never used keywords on mails myself so far,... so if any > X-Keywords headers exist, these were sent from remote. > So I guess I _really want_ to ignore them (and not let remote people set > my local keywords), right? Yes. > to 2) I haven't had time yet to read into the IMAP4 RFC (though I'll > need to do so soon),... but AFAIU the UIDs, UIDVALITIDYs and UIDLASTs > are used for the server/clients to identify which message they talk > about and avoid unnecessary reloading and to assure statuses are set on > the right message, etc. > > All mails that I migrate were only used locally by one client. > So I guess I can fully ignore any UID/UIDVALITIDY/UIDLAST preservation, > right? Yeah, they're not that important if you don't care about clients redownloading cached messages. > So in principle I can use plain mb2md (without the dovecot mods)... and > simply convert all my mboxes to maildir, put them in the dovecot mail > (having the mails in the ../new dirs) location and start dovecot, right? > > Now will dovecot itself assign fresh consecutive UIDs to all maildir > files? Or will I get into troubles? Dovecot will generate new UIDs. > to 3) If dovecot can make use of these,.. I'm happy with having them > set, but analogous to (2): > If I use plain mb2md (without the dovecot mods)... and simply convert > all my mboxes to maildir, put them in the dovecot mail (having the mails > in the ../new dirs) location and start dovecot.... > > Can I make dovecot to calculate these fields by itself when it loads? Dovecot doesn't add them to the filenames, but adds them to dovecot-uidlist and/or dovecot.index.cache. If you're using Maildir++ quota then this isn't good enough, but when using Dovecot LDA there's no reason to use Maildir++ quota anyway, so it doesn't matter. From tss at iki.fi Wed Nov 7 17:23:05 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:23:05 +0200 Subject: [Dovecot] dovecot-lda not correct folder In-Reply-To: <508F66A2.7010809@gmx.de> References: <508F66A2.7010809@gmx.de> Message-ID: <933B1D72-3DAC-4D5C-88B0-78849B7655D9@iki.fi> On 30.10.2012, at 7.33, tony.blue.mailinglist at gmx.de wrote: > ZUSATZORDNER="$DELIVERMAIL -e -d $LOGNAME -m .optionalfolder" > ... > > dovecot-lda puts the mails for the optionalfolder always in the .cur (INBOX). > > What?s the correct dovecot-lda parameter to put the mails in the optionalfolder? -m optionalfolder, without the dot. Also you may need to set lda_mailbox_autocreate=yes if it doesn't already exist. From tss at iki.fi Wed Nov 7 17:26:04 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:26:04 +0200 Subject: [Dovecot] mbox vs. maildir storage block waste In-Reply-To: <508FB360.5090704@Media-Brokers.com> References: <1351544049.3435.47.camel@fermat.scientia.net> <9D29C5F7-A6BC-4D74-AAA9-14675035D09C@iki.fi> <1351545330.3435.66.camel@fermat.scientia.net> <22F4E090-F572-40F4-8B69-D48E48856815@iki.fi> <508FB360.5090704@Media-Brokers.com> Message-ID: On 30.10.2012, at 13.00, Charles Marcus wrote: > On 2012-10-29 5:42 PM, Timo Sirainen wrote: >> On 29.10.2012, at 23.15, Christoph Anton Mitterer wrote: >> >>> btw: What are the actual advantages of sdbox over maildir? >> * Not moving files from new/ to cur/ directory >> * Not renaming files when changing message flags >> * Not readdir()ing directories (although maildir_very_dirty_syncs=yes helps a lot with this) >> >> Basically less disk I/O and making it possible to have mailboxes with a huge number of messages without everything slowing down horribly. > > I had been wanting to ask about this too... > > So... what are the disadvantages? Message flags are stored only in dovecot.index files, and files get somewhat more easily corrupted than the whole filesystem. Having a separate dovecot.index.backup file helps with this though. Also there's the disadvantages if you can't easily switch away from Maildir because you're using some non-Dovecot tools to access it. From tss at iki.fi Wed Nov 7 17:30:35 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:30:35 +0200 Subject: [Dovecot] mbox vs. maildir storage block waste In-Reply-To: <1351556165.3435.88.camel@fermat.scientia.net> References: <1351544049.3435.47.camel@fermat.scientia.net> <9D29C5F7-A6BC-4D74-AAA9-14675035D09C@iki.fi> <1351545330.3435.66.camel@fermat.scientia.net> <22F4E090-F572-40F4-8B69-D48E48856815@iki.fi> <1351547682.3435.76.camel@fermat.scientia.net> <1351556165.3435.88.camel@fermat.scientia.net> Message-ID: <9C95F27A-0D85-4CD4-8172-9829BC026A14@iki.fi> On 30.10.2012, at 2.16, Christoph Anton Mitterer wrote: > Have you ever thought about adding a "real" DB backend? Nothing against > dbox... :) ... and I have no performance comparison of dbox with what > could be done with a DBMS... but the advantage of the later would be > that you get all fancy features from database systems for free... like > fast indexing, online replication, etc. p.. > > One might even reuse something like AOX for this. SQL indexes aren't very helpful for IMAP-like data. It would be fun to some day have SQL backend in Dovecot (there already is read-only INBOX-only SQL backend), but I don't expect it to have very good performance. From tss at iki.fi Wed Nov 7 17:32:25 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:32:25 +0200 Subject: [Dovecot] copymail deleted In-Reply-To: <09B9ED24-9319-48A7-85D4-0FF7D12F6296@sys4.de> References: <2B52CF76-2638-45C8-BD75-1773EAB99D0E@iki.fi> <62B9745B-844F-4A83-8B87-F5DED1389180@sys4.de> <09B9ED24-9319-48A7-85D4-0FF7D12F6296@sys4.de> Message-ID: <660E3B26-F98C-4790-BFC5-8F77390C043E@iki.fi> On 30.10.2012, at 16.44, Christian R??ner wrote: >> So if you create /attachments/6a/50/6a506530265ef7c9feb396410eaf6946036e9a79-b034401e794009503a0400002cb72ff6 that is 949170 bytes long, and do the same for the rest of the attachments, you should be able to read this mail without errors. >> >> You can easily create the files without wasting space with: >> dd if=/dev/zero of=foo bs=1 seek=949169 count=1 > > Thanks. I have calculated both other files and recreated zero padded files. Now I am going to watch the log file and see, if errors are gone. > > One last question: If the user now opens a mail, where the attachments are broken and he/she removes the mail, are the created hand-made files be removed automatically? Yes. From tss at iki.fi Wed Nov 7 17:33:43 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:33:43 +0200 Subject: [Dovecot] maildir and end-of-line encoding In-Reply-To: <1351648223.24721.4.camel@fermat.scientia.net> References: <1351648223.24721.4.camel@fermat.scientia.net> Message-ID: On 31.10.2012, at 3.50, Christoph Anton Mitterer wrote: > I just wondered, the following: > > My MDA may get mails that use LF or CR/LF end of line encodings and > deliver them into maildirs. > > > I couldn't find any information about, whether one should or must > convert all into one format, cause AFAIK at least on the IMAP side, > CR/LF is always used? > > How does this work on the maildir/backend side of dovcot? Can it work > with both and simply automatically convert LF into CR/LF? Dovecot automatically adds CRs where necessary. Even within the same file there can be mixed LF/CRLF lines. From tss at iki.fi Wed Nov 7 17:38:26 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:38:26 +0200 Subject: [Dovecot] backtrace for non-existant %{ldap:attr} on login In-Reply-To: References: Message-ID: On 31.10.2012, at 11.08, Steffen Kaiser wrote: > If mailQuotaBytesTrash or mailQuotaBytes is not present, the LOGIN process does not work: .. > 2012-10-31 09:56:51 auth: Panic: pool_data_stack_realloc(): stack frame changed I'm not entirely sure why that happens when nonexistent attributes, but this fixes the crash: http://hg.dovecot.org/dovecot-2.1/rev/3a33e686fc38 Maybe there's another bug in there as well that tries to write some large garbage to the string instead?.. From tss at iki.fi Wed Nov 7 17:41:47 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:41:47 +0200 Subject: [Dovecot] Error: Internal quota calculation error In-Reply-To: <87d2zyxxjm.fsf@minnow.riseup.net> References: <87d2zyxxjm.fsf@minnow.riseup.net> Message-ID: <11465F19-4310-4B44-8955-F03FB65EFC5F@iki.fi> On 31.10.2012, at 21.15, Micah Anderson wrote: > I'm using 2.1.7 with seive and mysql quotas. We had an outage the other > day where the database server where quotas are stored was not available > for a short period of time. > > In dovecot land, the following types of errors occured in that scenario: > > Oct 26 22:19:01 grosbeak dovecot: lda(example at riseup.net): Error: Internal quota calculation error Hmm. I wonder if I should add more error message logging in here.. Although I think the main reason is that dict isn't connected to SQL database, and it should have logged about it already. > Oct 26 22:19:01 grosbeak dovecot: lda(example at riseup.net): Error: sieve: msgid=<20122132765181x.ABCCE457 at example.com>: failed to store into mailbox 'Trash': Internal error occurred. Refer to server log for more information. [2012-10-26 22:19:01] > Oct 26 22:19:01 grosbeak dovecot: lda(example at riseup.net): Error: sieve: script /maildir/e/example/.dovecot.sieve failed with unsuccessful implicit keep (user logfile /maildir/e/example/.dovecot.sieve.log may reveal additional details) > > I expect that there would be quota calculation errors as dovecot could > not reach the database server, but what worried me was the 'failed to > store into mailbox' message from sieve. The 'Trash' mailbox in this > particular seive script is the correct location for the message to be > filed into, but the worrisome message is the 'failed with unsuccessful > implicit keep'. Dovecot returns temporary failure and the mail should get redelivered. v2.1.9+ has also plugin { quota_ignore_save_errors=yes } setting, which is the default also with v2.2. From tss at iki.fi Wed Nov 7 17:42:29 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:42:29 +0200 Subject: [Dovecot] Modifying mailbox GUIDs? In-Reply-To: <778d2396116c03d4b1d12234846aa12f@horizon.phuph.org> References: <7c0d1aa0d7c1974f917c17290e719788@horizon.phuph.org> <778d2396116c03d4b1d12234846aa12f@horizon.phuph.org> Message-ID: <6B841CE1-CF08-49FD-9E6B-82DF385E20AE@iki.fi> I guess you could do that.. In v2.2 the dsync is smarter and can change the GUID automatically when needed. On 1.11.2012, at 5.13, Faheem Patel wrote: > > > I see that the GUID is actually in readable text on the first line > in "dovecot-uidlist". Is it really as simple as modifying the string > here? > > - Faheem > > On Wed, 31 Oct 2012 22:42:59 -0400, Faheem Patel > wrote: > >> Greetings all, >> >> I can view a mailbox's GUID like so: > doveadm mailbox status -u guid >> >> However, how may I *modify* a > mailbox GUID? Can this be done using doveadm or some other tool? >> >> > If not, how may I go about modifying the dovecot.mailbox.log (where I > assume GUID data is stored)? >> >> My specific use case has to do with > me wanting to modify an existing mailbox's GUID so that its messages are > mirrored into a folder of the same name using "dsync mirror". (As we > know, dsync utilizes GUIDs to determine mailbox uniqueness) >> >> > Thanks! >> >> -- >> - Faheem From tss at iki.fi Wed Nov 7 17:45:58 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:45:58 +0200 Subject: [Dovecot] 2.2.alpha1 (626a9df21e62): LMTP Core Dump In-Reply-To: <20121101102734.GA20126@nihlus.leuxner.net> References: <20121101102734.GA20126@nihlus.leuxner.net> Message-ID: On 1.11.2012, at 12.27, Thomas Leuxner wrote: > Nov 1 11:16:14 spectre dovecot: lmtp(17245): Fatal: master: service(lmtp): child 17245 killed with signal 11 (core dumped) .. > #0 0x00007f6174db3d35 in mail_storage_service_lookup (ctx=0x1160640, input=0x7fff905265d0, user_r=, error_r=) at mail-storage-service.c:1013 > 1013 mail-storage-service.c: No such file or directory. > in mail-storage-service.c > (gdb) bt full Fixed a few days ago: http://hg.dovecot.org/dovecot-2.2/rev/1ad12af6efe4 From tss at iki.fi Wed Nov 7 17:46:34 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:46:34 +0200 Subject: [Dovecot] No manpage for "doveadm fts" command In-Reply-To: References: Message-ID: On 1.11.2012, at 16.38, Dave Abrahams wrote: > Just wanted to make sure this issue was registered separately from the > overall confusion I'm exploring in another thread, even though I mention > this there too. Yes, and dsync also needs to be moved into doveadm sync/backup. And some other things. Feel free to write :) From tss at iki.fi Wed Nov 7 17:47:35 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:47:35 +0200 Subject: [Dovecot] Indexing problems In-Reply-To: References: Message-ID: <8EFED980-1F94-45A2-811B-036EE2DAF48F@iki.fi> On 1.11.2012, at 15.08, Dave Abrahams wrote: > It looks like something is going very wrong here. Any advice? .. > doveadm(dave): Info: [Gmail].All Mail: Caching mails seq=2..231746 > 8000/231745Assertion failed: (numDocsInStore*8 == directory->fileLength( (docStoreSegment + "." + IndexFileNames::FIELDS_INDEX_EXTENSION).c_str() )), function closeDocStore, file /tmp/clucene-gmYE/src/core/CLucene/index/DocumentsWriter.cpp, line 210. > Abort trap: 6 > cone:local dave$ Looks like a bug in CLucene library. Probably nothing I can do about it.. Just delete the lucene-indexes directory and run doveadm fts rescan. From tss at iki.fi Wed Nov 7 17:50:19 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:50:19 +0200 Subject: [Dovecot] "starting" dovecot In-Reply-To: References: Message-ID: <2DA5EE7F-8C23-4233-AF51-138C81F3DB8D@iki.fi> On 2.11.2012, at 9.52, Dave Abrahams wrote: > > on Thu Nov 01 2012, Dave Abrahams wrote: > >> My system never issues the "dovecot start" command. I do, however, run >> /usr/local/libexec/dovecot/imap on port 9xxx. I talk to the server >> through port 9xxx and through the preauth tunnel. Is this arrangement >> OK? Are there some things that will only work if "dovecot" is invoked? > > In particular, I'm curious because of messages like the one below that I > got from "doveadm search": > > doveadm(dave): Error: net_connect_unix(/usr/local/var/run/dovecot/indexer) failed: No such file or directory > > Is the lack of this (or any other) socket attributable to not having > started dovecot itself? Yes, fts indexing is always done via the indexer process currently. You need dovecot master process running for that. I don't think there are other such things currently. You could patch fts code to not use indexer process, probably a one line change. Except when running that way if two processes try to update the Lucene at the same time you'll get some errors. From tss at iki.fi Wed Nov 7 18:01:25 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 18:01:25 +0200 Subject: [Dovecot] %{ldap:nonExistantAttribut} (was Re: v2.2.alpha1 released) In-Reply-To: References: <1351544456.13571.102.camel@hurina> Message-ID: On 5.11.2012, at 20.58, Steffen Kaiser wrote: > http://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb?highlight=(%25{ldap) > > is the only reference I found so far and the TODO file. > > If the attribute does not exist, there should be a default value, you can specify, e.g.: %{ldap:attrName[,]:default value} . [,] the optional delimiter from the TODO. Where do you see "," as optional delimiter? But yeah, %{ldap:attrName:default} would be simple to do. Attached patch to do it. Let me know if it works. -------------- next part -------------- A non-text attachment was scrubbed... Name: ldap.diff Type: application/octet-stream Size: 1713 bytes Desc: not available URL: -------------- next part -------------- > Or if the attribute is missing, the rule is ignored. Hmm. What if there are two attributes and one of them exists and the other one doesn't?.. From tss at iki.fi Wed Nov 7 18:03:27 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 18:03:27 +0200 Subject: [Dovecot] LDAP congestion In-Reply-To: References: Message-ID: On 6.11.2012, at 11.38, Bernhard Schmidt wrote: > I've been asked to have a look at a misbehaving mail server of some > colleagues today where almost all logins where failing or excessively > delayed, while the LDAP database itself was pretty fast. > > They run Dovecot 1.2.11 (yes, I know, stoneage) against an LDAP server > run by a 3rd party, auth_bind=yes (required). The problem is that this > third party LDAP server delays bindResponse 3 seconds when the password > is wrong. A user wanted to login every 2-3 seconds this morning with the > wrong password, which effectively killed the system because the LDAP > connection was mostly stalled waiting for the auth timeout. > > From a previous discussion with Timo I know that bindRequests cannot be > parallelized in LDAP, so the problem does not come completely > unexpected. Other than removing the failure delay in the LDAP server, is > there anything one can do? If there is any change in newer Dovecot > versions about that please tell me so I can encourage them to upgrade, > but I haven't seen anything in the changelog. > > Any way to get several LDAP workers/connections for passdb in parallel? Multiple LDAP connections is in TODO. The only alternative right is to use e.g. checkpassword backend that does the ldap lookup in a script. From tss at iki.fi Wed Nov 7 18:14:44 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 18:14:44 +0200 Subject: [Dovecot] Auth USER lookup failed In-Reply-To: <5098EF95.8060005@um.es> References: <5098EF95.8060005@um.es> Message-ID: On 6.11.2012, at 13.08, Angel L. Mateo wrote: > Nov 6 11:58:56 myotis30 dovecot: auth: Error: userdb(user1): client doesn't have lookup permissions for this user: userdb uid (113246) doesn't match peer uid (14585) (change userdb socket permissions) .. > I have checked the socket permissions, but they are 0666 (if I'm looking the right socket): > > root at myotis30:/etc/dovecot/conf.d# ls -l /var/run/dovecot/auth-userdb > srwxrwxrwx 1 dovecot root 0 nov 6 11:43 /var/run/dovecot/auth-userdb Nowadays the auth-userdb permissions are 0666, which add the extra check that you can only lookup yourself. Since you're not looking up yourself, you're getting the permission error about it. > In fact, I have tried to put all sockets with permissions 0666 and 0777, but the error persists. If the socket is 0777 this error shouldn't happen. Note that you need to change it from dovecot.conf, chmod doesn't matter after startup anymore. This will probably be helpful in future: http://hg.dovecot.org/dovecot-2.1/rev/c811aab61355 From tss at iki.fi Wed Nov 7 18:18:12 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 18:18:12 +0200 Subject: [Dovecot] acl and subfolder In-Reply-To: <20121107092508.Horde.KXj9QTZfwM9QmhrkNMYwS9A@webmail.iut-tlse3.fr> References: <20121107092508.Horde.KXj9QTZfwM9QmhrkNMYwS9A@webmail.iut-tlse3.fr> Message-ID: <41C6AD30-8F9B-4DFC-8488-618D25F05CA0@iki.fi> On 7.11.2012, at 10.25, Laurent Foucher wrote: > I'm using dovecot 2.0.16 and i would like to use acl for subfolder. The file dovecot-acl is well written in both folder test and the subfolder test/Test : > > cat /home/user2/Maildir/.test.Test/dovecot-acl > user=user1 ilrws > cat /home/user2/Maildir/.test/dovecot-acl > user=user1 ilprws > > When user1 want to list, the folder test is well shown, but not the subfolder test/Test. v2.1 has a nice and helpful "doveadm acl debug" command to tell what is wrong. > imap(user1): Debug: acl: Mailbox not in dovecot-acl-list: Partages/user2/test/Test I guess this is the reason. See if deleting dovecot-acl-list helps. From CMarcus at Media-Brokers.com Wed Nov 7 18:21:38 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 07 Nov 2012 11:21:38 -0500 Subject: [Dovecot] Solr 4.0 - lucene - FTS In-Reply-To: <385519A7-AE91-4C38-94C6-7CD8A957E178@iki.fi> References: <509A5B99.1000900@Media-Brokers.com> <385519A7-AE91-4C38-94C6-7CD8A957E178@iki.fi> Message-ID: <509A8A92.3060801@Media-Brokers.com> On 2012-11-07 10:14 AM, Timo Sirainen wrote: >> Specifically, any plans for implementing immediate/automatic index updates at delivery time? The lack of automatically updated indexes is one downside for its implementation... > Nothing really prevents from adding that very easily .. I guess it would need a new setting, which is always the most annoying part of small changes.:) I think it would have to have a setting equivalent to doveadm index -n parameter, which allows indexing most users, except those who pretty much never read their emails. So with doveadm index -n 1000 you could set that if the mailbox's \Recent count is over 1000, don't index the mailbox. So .. hmm. I guess two settings would be cleaner: > > plugin { > fts_autoindex = yes > fts_autoindex_max_recent = 1000 > } And this would work in conjunction with (and require) the dovecot LDA / LMTP? -- Best regards, Charles From tss at iki.fi Wed Nov 7 18:29:38 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 18:29:38 +0200 Subject: [Dovecot] Solr 4.0 - lucene - FTS In-Reply-To: <509A8A92.3060801@Media-Brokers.com> References: <509A5B99.1000900@Media-Brokers.com> <385519A7-AE91-4C38-94C6-7CD8A957E178@iki.fi> <509A8A92.3060801@Media-Brokers.com> Message-ID: <13E793E4-68A9-4B82-8D63-BC525C01A233@iki.fi> On 7.11.2012, at 18.21, Charles Marcus wrote: > On 2012-11-07 10:14 AM, Timo Sirainen wrote: >>> Specifically, any plans for implementing immediate/automatic index updates at delivery time? The lack of automatically updated indexes is one downside for its implementation... >> Nothing really prevents from adding that very easily .. I guess it would need a new setting, which is always the most annoying part of small changes.:) I think it would have to have a setting equivalent to doveadm index -n parameter, which allows indexing most users, except those who pretty much never read their emails. So with doveadm index -n 1000 you could set that if the mailbox's \Recent count is over 1000, don't index the mailbox. So .. hmm. I guess two settings would be cleaner: >> >> plugin { >> fts_autoindex = yes >> fts_autoindex_max_recent = 1000 >> } > > And this would work in conjunction with (and require) the dovecot LDA / LMTP? Yes. For non-Dovecot LDA/LMTP you can already run "doveadm index" after the delivery. Or you could do that already with dovecot-lda as well. From CMarcus at Media-Brokers.com Wed Nov 7 19:12:26 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 07 Nov 2012 12:12:26 -0500 Subject: [Dovecot] Solr 4.0 - lucene - FTS In-Reply-To: <13E793E4-68A9-4B82-8D63-BC525C01A233@iki.fi> References: <509A5B99.1000900@Media-Brokers.com> <385519A7-AE91-4C38-94C6-7CD8A957E178@iki.fi> <509A8A92.3060801@Media-Brokers.com> <13E793E4-68A9-4B82-8D63-BC525C01A233@iki.fi> Message-ID: <509A967A.1050705@Media-Brokers.com> On 2012-11-07 11:29 AM, Timo Sirainen wrote: > On 7.11.2012, at 18.21, Charles Marcus wrote: > >> On 2012-11-07 10:14 AM, Timo Sirainen wrote: >>>> Specifically, any plans for implementing immediate/automatic index updates at delivery time? The lack of automatically updated indexes is one downside for its implementation... >>> Nothing really prevents from adding that very easily .. I guess it would need a new setting, which is always the most annoying part of small changes.:) I think it would have to have a setting equivalent to doveadm index -n parameter, which allows indexing most users, except those who pretty much never read their emails. So with doveadm index -n 1000 you could set that if the mailbox's \Recent count is over 1000, don't index the mailbox. So .. hmm. I guess two settings would be cleaner: >>> >>> plugin { >>> fts_autoindex = yes >>> fts_autoindex_max_recent = 1000 >>> } >> And this would work in conjunction with (and require) the dovecot LDA / LMTP? > Yes. For non-Dovecot LDA/LMTP you can already run "doveadm index" after the delivery. Or you could do that already with dovecot-lda as well. Gotcha... just confirming that as long as you were using dovecot LDA/LMTP, index updates would be immediate and not impact system performance. Thanks... looking forward to its implementation someday. ;) -- Best regards, Charles From laurent.foucher at iut-tlse3.fr Wed Nov 7 20:15:14 2012 From: laurent.foucher at iut-tlse3.fr (Laurent Foucher) Date: Wed, 07 Nov 2012 19:15:14 +0100 Subject: [Dovecot] acl and subfolder In-Reply-To: <41C6AD30-8F9B-4DFC-8488-618D25F05CA0@iki.fi> References: <20121107092508.Horde.KXj9QTZfwM9QmhrkNMYwS9A@webmail.iut-tlse3.fr> <41C6AD30-8F9B-4DFC-8488-618D25F05CA0@iki.fi> Message-ID: <20121107191514.Horde.B2lVWjZfwM9QmqUygEaBcaA@webmail.iut-tlse3.fr> ----- Message de Timo Sirainen --------- Date: Wed, 7 Nov 2012 18:18:12 +0200 De: Timo Sirainen Objet: Re: [Dovecot] acl and subfolder ?: Laurent Foucher Cc: dovecot at dovecot.org > On 7.11.2012, at 10.25, Laurent Foucher wrote: > >> I'm using dovecot 2.0.16 and i would like to use acl for subfolder. >> The file dovecot-acl is well written in both folder test and the >> subfolder test/Test : >> >> cat /home/user2/Maildir/.test.Test/dovecot-acl >> user=user1 ilrws >> cat /home/user2/Maildir/.test/dovecot-acl >> user=user1 ilprws >> >> When user1 want to list, the folder test is well shown, but not the >> subfolder test/Test. > > v2.1 has a nice and helpful "doveadm acl debug" command to tell what > is wrong. > >> imap(user1): Debug: acl: Mailbox not in dovecot-acl-list: >> Partages/user2/test/Test > > I guess this is the reason. See if deleting dovecot-acl-list helps. I deleted dovecot-acl-list and unfortunately my problem persit. -- - Laurent Foucher -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-keys Size: 1703 bytes Desc: Cl? publique PGP URL: From tlx at leuxner.net Wed Nov 7 20:30:59 2012 From: tlx at leuxner.net (Thomas Leuxner) Date: Wed, 7 Nov 2012 19:30:59 +0100 Subject: [Dovecot] 2.2.alpha1 (626a9df21e62): LMTP Core Dump In-Reply-To: References: <20121101102734.GA20126@nihlus.leuxner.net> Message-ID: <24432423-5D31-479F-950A-39663CB8D5FC@leuxner.net> > On 1.11.2012, at 12.27, Thomas Leuxner wrote: > >> Nov 1 11:16:14 spectre dovecot: lmtp(17245): Fatal: master: service(lmtp): child 17245 killed with signal 11 (core dumped) > .. >> #0 0x00007f6174db3d35 in mail_storage_service_lookup (ctx=0x1160640, input=0x7fff905265d0, user_r=, error_r=) at mail-storage-service.c:1013 >> 1013 mail-storage-service.c: No such file or directory. >> in mail-storage-service.c >> (gdb) bt full > > Fixed a few days ago: http://hg.dovecot.org/dovecot-2.2/rev/1ad12af6efe4 Thanks and confirmed. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4364 bytes Desc: not available URL: From dave at boostpro.com Wed Nov 7 21:51:17 2012 From: dave at boostpro.com (Dave Abrahams) Date: Wed, 07 Nov 2012 14:51:17 -0500 Subject: [Dovecot] No manpage for "doveadm fts" command In-Reply-To: (Timo Sirainen's message of "Wed, 7 Nov 2012 17:46:34 +0200") References: Message-ID: on Wed Nov 07 2012, Timo Sirainen wrote: > On 1.11.2012, at 16.38, Dave Abrahams wrote: > >> Just wanted to make sure this issue was registered separately from the >> overall confusion I'm exploring in another thread, even though I mention >> this there too. > > Yes, and dsync also needs to be moved into doveadm sync/backup. And > some other things. Feel free to write :) I'm still trying to figure out what these things do, which is why I'm looking for a manpage. I'm not exactly in a position to write anything. -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From tony.blue.mailinglist at gmx.de Wed Nov 7 22:48:01 2012 From: tony.blue.mailinglist at gmx.de (tony.blue.mailinglist at gmx.de) Date: Wed, 07 Nov 2012 21:48:01 +0100 Subject: [Dovecot] dovecot-lda not correct folder In-Reply-To: <933B1D72-3DAC-4D5C-88B0-78849B7655D9@iki.fi> References: <508F66A2.7010809@gmx.de> <933B1D72-3DAC-4D5C-88B0-78849B7655D9@iki.fi> Message-ID: <509AC901.4010407@gmx.de> Am 07.11.2012 16:23, schrieb Timo Sirainen: > On 30.10.2012, at 7.33, tony.blue.mailinglist at gmx.de wrote: > > -m optionalfolder, without the dot. Also you may need to set > lda_mailbox_autocreate=yes if it doesn't already exist. Thanks Timo, that was the solution of my problem. From slusarz at curecanti.org Thu Nov 8 00:08:44 2012 From: slusarz at curecanti.org (Michael M Slusarz) Date: Wed, 07 Nov 2012 15:08:44 -0700 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> Message-ID: <20121107150844.Horde.ZgCuUYF5lbhQmtvsBlqlJvA@bigworm.curecanti.org> Quoting Timo Sirainen : > On 6.11.2012, at 3.49, Michael J Rubinsky wrote: > > These defines in mail-transaction-log-private.h anyway can be > changed to make it much less likely to see your problem: > > /* Rotate when log is older than ROTATE_TIME and larger than MIN_SIZE */ > #define MAIL_TRANSACTION_LOG_ROTATE_MIN_SIZE (1024*32) > /* If log is larger than MAX_SIZE, rotate regardless of the time */ > #define MAIL_TRANSACTION_LOG_ROTATE_MAX_SIZE (1024*1024) > #define MAIL_TRANSACTION_LOG_ROTATE_TIME (60*5) > > /* Delete .log.2 files older than this many seconds. Don't be too eager, > older files are useful for QRESYNC and dsync. */ > #define MAIL_TRANSACTION_LOG2_STALE_SECS (60*60*24*2) > > Maybe the defaults could be changed.. I'm not sure changing the defaults is a good idea. But if someone does want to use a particular dovecot server as the backend for activesync clients, for example, it would probably make sense to allow these values to be tweaked via the config files. (I can see an organization having a "normal" IMAP server and a "activesync" IMAP server that differ in these details, and also in things like IDLE timeouts). michael From slusarz at curecanti.org Thu Nov 8 00:11:31 2012 From: slusarz at curecanti.org (Michael M Slusarz) Date: Wed, 07 Nov 2012 15:11:31 -0700 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> Message-ID: <20121107151131.Horde.Tp2zboF5lbhQmtyTFrVVJuA@bigworm.curecanti.org> Quoting Timo Sirainen : > On 6.11.2012, at 3.49, Michael J Rubinsky wrote: > >>> That would require infinitely storing the modseq of when each message >>> was expunged. Not very nice. Also the RFC talks a lot about this >>> situation. The SELECT command has two optional parameters to optimize >>> it. >> >> The RFC *does* indicate that a server implementation could, >> strictly speaking, be considered in compliance without remembering >> modsequences for all expunged messages, but it does explicitly >> discourage such implementations. From RFC 5162 [4.1]: >> >> Strictly speaking, a server implementation that doesn't remember mod- >> sequences associated with expunged messages can be considered >> compliant with this specification. Such implementations return all >> expunged messages specified in the UID set of the UID FETCH >> (VANISHED) command every time, without paying attention to the >> specified CHANGEDSINCE mod-sequence. Such implementations are >> discouraged, as they can end up returning VANISHED responses that are >> bigger than the result of a UID SEARCH command for the same UID set. > > This is talking about a server that doesn't permanently remember ANY > modseqs for expunges. Dovecot remembers them, not not infinitely. > >> It also gives advice to avoid infinitely storing the modsequences >> such as "expiring" sequences associated with older expunged >> messages, but assigning a single modsequence value to all of the >> expired expunged messages. > > Dovecot behaves as the section 4.3 describes. Note especially: > > Note that indefinitely storing information about expunged messages > can cause storage and related problems for an implementation. > .. > Hence, implementations are encouraged to adopt strategies to protect > against such storage problems, such as limiting the size of the queue > used to store mod-sequences for expunged messages and "expiring" > older records when this limit is reached. When the selected > implementation-specific queue limit is reached, the oldest record(s) > are deleted from the queue (note that such records are located at the > queue head). For all such "expired" records, the server needs to > store a single mod-sequence, which is the highest mod-sequence for > all "expired" expunged messages. > > This is exactly what Dovecot does. There is a single modseq > associated with all the previously expunged messages. If you try to > request expunges for that modseq, it returns all of the expunged > messages, which is what you're seeing as a problem. I see your point, but the problem is that is not intuitive when reading the RFC. One part of the RFC defines the behavior of VANISHED (EARLIER) as only returning changes since the mod-sequence given. And you are correct that another part of the RFC says that, essentially, a server is allowed to break this required response. I'm thinking that this is more of an issue with the way the RFC is written. I'll move this over to the imap protocol list to get further input. michael From tss at iki.fi Thu Nov 8 00:23:37 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 8 Nov 2012 00:23:37 +0200 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <20121107150844.Horde.ZgCuUYF5lbhQmtvsBlqlJvA@bigworm.curecanti.org> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> <20121107150844.Horde.ZgCuUYF5lbhQmtvsBlqlJvA@bigworm.curecanti.org> Message-ID: <21244A16-773D-42E2-A2C4-2366F51006D1@iki.fi> On 8.11.2012, at 0.08, Michael M Slusarz wrote: >> These defines in mail-transaction-log-private.h anyway can be changed to make it much less likely to see your problem: >> >> /* Rotate when log is older than ROTATE_TIME and larger than MIN_SIZE */ >> #define MAIL_TRANSACTION_LOG_ROTATE_MIN_SIZE (1024*32) >> /* If log is larger than MAX_SIZE, rotate regardless of the time */ >> #define MAIL_TRANSACTION_LOG_ROTATE_MAX_SIZE (1024*1024) >> #define MAIL_TRANSACTION_LOG_ROTATE_TIME (60*5) >> >> /* Delete .log.2 files older than this many seconds. Don't be too eager, >> older files are useful for QRESYNC and dsync. */ >> #define MAIL_TRANSACTION_LOG2_STALE_SECS (60*60*24*2) >> >> Maybe the defaults could be changed.. > > I'm not sure changing the defaults is a good idea. But if someone does want to use a particular dovecot server as the backend for activesync clients, for example, it would probably make sense to allow these values to be tweaked via the config files. (I can see an organization having a "normal" IMAP server and a "activesync" IMAP server that differ in these details, and also in things like IDLE timeouts). Well .. I hate adding more settings. :) There are way too many already. Ideally Dovecot would automatically do the right thing anyway. Just like it already caches only those things that are needed. It could also increase these values when QRESYNC is used, or even better to actually have the separate expunge log that I mentioned. From slusarz at curecanti.org Thu Nov 8 00:34:39 2012 From: slusarz at curecanti.org (Michael M Slusarz) Date: Wed, 07 Nov 2012 15:34:39 -0700 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <20121107151131.Horde.Tp2zboF5lbhQmtyTFrVVJuA@bigworm.curecanti.org> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> <20121107151131.Horde.Tp2zboF5lbhQmtyTFrVVJuA@bigworm.curecanti.org> Message-ID: <20121107153439.Horde.5pF3bIF5lbhQmuH-kqfFJuA@bigworm.curecanti.org> Quoting Michael M Slusarz : > I see your point, but the problem is that is not intuitive when > reading the RFC. One part of the RFC defines the behavior of > VANISHED (EARLIER) as only returning changes since the mod-sequence > given. And you are correct that another part of the RFC says that, > essentially, a server is allowed to break this required response. > > I'm thinking that this is more of an issue with the way the RFC is > written. I'll move this over to the imap protocol list to get > further input. Sigh. Never mind. For some reason, I completely ignored (missed?) this part of the RFC: Note: A server that receives a mod-sequence smaller than , where is the value of the smallest expunged mod-sequence it remembers minus one, MUST behave as if it was requested to report all expunged messages from the provided UID set parameter. So you are right, I was wrong, and the world is good. michael From tss at iki.fi Thu Nov 8 00:41:04 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 8 Nov 2012 00:41:04 +0200 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <20121107153439.Horde.5pF3bIF5lbhQmuH-kqfFJuA@bigworm.curecanti.org> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> <20121107151131.Horde.Tp2zboF5lbhQmtyTFrVVJuA@bigworm.curecanti.org> <20121107153439.Horde.5pF3bIF5lbhQmuH-kqfFJuA@bigworm.curecanti.org> Message-ID: <2A0F5B1A-190E-469A-B52F-43969E49B9F3@iki.fi> On 8.11.2012, at 0.34, Michael M Slusarz wrote: > Quoting Michael M Slusarz : > >> I see your point, but the problem is that is not intuitive when reading the RFC. One part of the RFC defines the behavior of VANISHED (EARLIER) as only returning changes since the mod-sequence given. And you are correct that another part of the RFC says that, essentially, a server is allowed to break this required response. >> >> I'm thinking that this is more of an issue with the way the RFC is written. I'll move this over to the imap protocol list to get further input. > > Sigh. Never mind. For some reason, I completely ignored (missed?) this part of the RFC: > > Note: A server that receives a mod-sequence smaller than , > where is the value of the smallest expunged mod-sequence > it remembers minus one, MUST behave as if it was requested to report > all expunged messages from the provided UID set parameter. > > So you are right, I was wrong, and the world is good. I wonder how much would it help if you a) Used the uidset/seqset parameters with SELECT command and optionally b) Dovecot implemented it slightly better than required by RFC: http://www.ietf.org/mail-archive/web/lemonade/current/msg04771.html From slusarz at curecanti.org Thu Nov 8 00:41:48 2012 From: slusarz at curecanti.org (Michael M Slusarz) Date: Wed, 07 Nov 2012 15:41:48 -0700 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <21244A16-773D-42E2-A2C4-2366F51006D1@iki.fi> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> <20121107150844.Horde.ZgCuUYF5lbhQmtvsBlqlJvA@bigworm.curecanti.org> <21244A16-773D-42E2-A2C4-2366F51006D1@iki.fi> Message-ID: <20121107154148.Horde.poUtfYF5lbhQmuOsHYn1JuA@bigworm.curecanti.org> Quoting Timo Sirainen : > On 8.11.2012, at 0.08, Michael M Slusarz wrote: > >> I'm not sure changing the defaults is a good idea. But if someone >> does want to use a particular dovecot server as the backend for >> activesync clients, for example, it would probably make sense to >> allow these values to be tweaked via the config files. (I can see >> an organization having a "normal" IMAP server and a "activesync" >> IMAP server that differ in these details, and also in things like >> IDLE timeouts). > > Well .. I hate adding more settings. :) There are way too many > already. Ideally Dovecot would automatically do the right thing > anyway. Just like it already caches only those things that are > needed. It could also increase these values when QRESYNC is used, or > even better to actually have the separate expunge log that I > mentioned. Thinking about this more, this can really all be handled by proper MUA design. In short, it is never a good idea to send a '1:*' UID range to a VANISHED CHANGEDSINCE FETCH. It remains a reasonable MUA design decision to not send the actual cached UID list to the FETCH command: if this cached UID list is thousands of messages long, obtaining this list, (optionally) sequence set compressing, and sending via the command may take more time/resources than it saves. But a MUA should, at a minimum, keep track of the minimum UID it is aware of in order to limit the possible response. This is a trivial amount of extra overhead and would prevent a large number of spurious VANISHED UIDs to need to be traversed. michael From slusarz at curecanti.org Thu Nov 8 01:14:18 2012 From: slusarz at curecanti.org (Michael M Slusarz) Date: Wed, 07 Nov 2012 16:14:18 -0700 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <2A0F5B1A-190E-469A-B52F-43969E49B9F3@iki.fi> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> <20121107151131.Horde.Tp2zboF5lbhQmtyTFrVVJuA@bigworm.curecanti.org> <20121107153439.Horde.5pF3bIF5lbhQmuH-kqfFJuA@bigworm.curecanti.org> <2A0F5B1A-190E-469A-B52F-43969E49B9F3@iki.fi> Message-ID: <20121107161418.Horde.W3tHNoF5lbhQmutKaM-FJxA@bigworm.curecanti.org> Quoting Timo Sirainen : > On 8.11.2012, at 0.34, Michael M Slusarz wrote: > >> Quoting Michael M Slusarz : >> >>> I see your point, but the problem is that is not intuitive when >>> reading the RFC. One part of the RFC defines the behavior of >>> VANISHED (EARLIER) as only returning changes since the >>> mod-sequence given. And you are correct that another part of the >>> RFC says that, essentially, a server is allowed to break this >>> required response. >>> >>> I'm thinking that this is more of an issue with the way the RFC is >>> written. I'll move this over to the imap protocol list to get >>> further input. >> >> Sigh. Never mind. For some reason, I completely ignored (missed?) >> this part of the RFC: >> >> Note: A server that receives a mod-sequence smaller than , >> where is the value of the smallest expunged mod-sequence >> it remembers minus one, MUST behave as if it was requested to report >> all expunged messages from the provided UID set parameter. >> >> So you are right, I was wrong, and the world is good. > > I wonder how much would it help if you > > a) Used the uidset/seqset parameters with SELECT command We *do* use this information. However, this is not (necessarily) useful for the activesync query that was the genesis of this thread. A bit of background on our MUA design is necessary. For Horde/IMP, all IMAP server configuration is done through the IMP application. As part of this configuration, a cache backend can be configured. There are multiple potential users of this IMAP object. Within IMP itself, multiple sessions can be open at any one time. Additionally, several views of IMP, our dynamic view and our smartmobile view, have another cache of messages kept on the browser side. Finally, the ActiveSync library also uses the IMAP object configured by IMP. Anytime the IMAP object is accessed, we are syncing the mailbox with the IMP-configured cache. For QRESYNC, we use the SELECT/EXAMINE uidset parameter. The problem is that any particular view may not be sync'd to the same state as the IMP cache. For example, if someone is using the web application and their phone is syncing via ActiveSync, it is quite likely that the activesync cached mod-sequence value will NOT equal the IMP cached mod-sequence value. So this is when explicitly calling FETCH VANISHED CHANGEDSINCE is needed. The good news: once we get the CHANGEDSINCE FETCH information, we don't need to do a separate flags sync since this information has already been cached within the IMAP object (via either the CHANGEDSINCE call or, more likely, a previous FETCH call in another session). Further optimization: in the case where the original QRESYNC/CONDSTORE sync matches the mod-sequence of whatever object/view is accessing the IMAP object, which should be the most common occurrence, there is no need to perform any additional FETCH/SEARCH calls since we cache the results of the initial mailbox sync and return this data. Might be a long-winded explanation, but just wanted to show why FETCH VANISHED CHANGEDSINCE MUST be used by a client even if taking advantage of QRESYNC SELECT/EXAMINE syncing. In other words - I'd like to think that my imap implementation is not broken :) > b) Dovecot implemented it slightly better than required by RFC: > http://www.ietf.org/mail-archive/web/lemonade/current/msg04771.html I spent a week or so trying to cache message sequence number -> UID mapping. And determined it was more trouble than it was worth. The gains from more compact VANISHED responses in SELECT/EXAMINE are minimal compared to the expense to track them. And the only other reason for tracking - the possibility that EXPUNGEs return EXPUNGED responses instead of VANISHED if the UIDs of the actually expunged messages are needed - can be worked around by doing a UID SEARCH call after the EXPUNGE is over and comparing to the list of UIDs that were given to UID EXPUNGE (with the further optimization that I cache MSN->UID while in a mailbox, which should catch the "STORE (\Deleted)/EXPUNGE" common when using a Trash mailbox or immediate message deletion). Unless I am missing something else that MSNs are necessary? michael From massimiliano at cianelli.eu Thu Nov 8 01:24:38 2012 From: massimiliano at cianelli.eu (Massimiliano Cianelli) Date: Thu, 08 Nov 2012 00:24:38 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. Message-ID: Hi, Yes w/o prefix work as expected, try to add a prefix like courier does (eg. Inbox.) It will not work as expected. Due I'm upgrading an old installed server, I've to keep everything as much transparent I can... it includes IMAP folder and subscription. Looking at that I've encountered that issue, and analyzed for fix it (thank you open source), not everyone will want to use/use k9.. but you can be 100% sure the stock client is there. Due that Google act like BlackBerry, Microsoft,etc.. (hovewer they will not fix it soon, or really respect the rfc), it's much simple add Namespace on prelogin banner then wait or have to tell someone to install another client for that mailbox. I didn't know the history, but looking at change log seems that idle as been put back to prelogin client for some kind of compatibility with their service. Anyway, the most important reason that got me to subscribe the mailing list for write those emails, is share with the community that problem and provide a solution.. for someone in the future that have the same problem and will search on internet for a solution (like I've does.. before analyze it on my own). If the workaround will be added to the wiki or will be put in the source.. the important thing is that there is a solution simple and fast (two.. the source modify, and the configuration file) and someone can find it.. (Sarcastic) And if the mayans were right we can't wait for google to fix it :p Best Regards Sent from Galaxy Nexus Robert Schetterer ha scritto: >Am 07.11.2012 08:13, schrieb Massimiliano Cianelli: >> Hello, >> >> My phone: >> Android ics 4.1.2 on galaxy nexus. >> And yes, stock mean the default client that come with the os in IMAP mode. >> >> I already know about that configuration parameter, but it will display two time namespace in postlogin capabilities, and so I like much more to adjust the source code to fix the issue. >> >> Yes there is k9 but I didn't like it too much, I prefer the stock client and is much important to keep compatibility with stock client then user-installed client. >> >> About the issue on Google code, there is thr issue on google code... but Google is a lot slow in fixing those things. >> http://code.google.com/p/android/issues/detail?id=1811 >> >> In a few hour I'll update the issue noticing where is hidden the problem. >> >> Regards >> Sent from Galaxy Nexus > >Hi , i shortly tested this with android sdk jelly bean 4.1.1 and "my >setup" dovecot 2.1.10 with included orginal android mail app in imap mode, >,leaving IMAP prefix blank, everything works as expected, no double >shown inbox, namespace problems etc >so you might have to fit your namespace setup. >Also you might follow allready given advice from here. > >Anyway , i understand you using "stock client" >but you have to understand that the producers of mail clients >optimize their stuff fitting best in their own server structure >making money with it, therefor their motivation coding better imap code >is not very high, same case is for outlook and microsoft >however, i would say, fixing bugs is on the google site here, looks like >there is patch >at >http://code.google.com/p/android/issues/detail?id=1811 >and the issue seems long known > >i dont see any hard relation to dovecot in this case >meanwhile using k9mail seems the best way to workaround >there are lots of other bugs around android versions >over the years i dont expect google to fix them > > >> >> Robert Schetterer ha scritto: >> >>> Am 06.11.2012 07:08, schrieb Ben Morrow: >>>> At 6AM +0100 on 6/11/12 you (Massimiliano Cianelli) wrote: >>>>> Hi, >>>>> >>>>> My setup: >>>>> Dovecot 2 latest, installed to replace courrier IMAP, and off course >>>>> configured with the dot separator and all folder under INBOX.*. >>>>> >>>>> The problem: >>>>> My phone was driving me mad during the test, due that it will only >>>>> recognize Inbox. >>>>> >>>>> How found the solution: >>>>> I've started sniffing IMAP traffic on my server and ended up with one >>>>> difference: >>>>> On courier it ask for namespace, on dovecot it won't. >>>>> >>>>> I gives a better look, and noticed that courier show namespace >>>>> capability on prelogin banner, adding it too solved the problem. >>>>> >>>>> Reason: >>>>> Android ICS stock client seems do not honor the capability gived after >>>>> the login. >>>> >>>> See http://wiki2.dovecot.org/Upgrading/2.0?highlight=%28capability%29 ; >>>> you need to set imap_capability and/or get your client fixed. >>>> >>>> Ben >>>> >>> >>> Hi, first ,what is the exact meaning of >>> >>> "Android ICS stock client" >>> >>> do you mean default included email client in standard android in imap >>> mode, when yes, which version of Android , i like to test my own >>> however is there changelog/code etc at google for this behave? >>> >>> conf example >>> >>> # Override the IMAP CAPABILITY response. If the value begins with '+', >>> # add the given capabilities on top of the defaults (e.g. +XFOO XBAR). >>> #imap_capability = >>> >>> setting stuff here might be complex , or lead to trouble with other >>> clients, if setting this might fix problems ,with clients it should be >>> advised in the wiki/example-conf and/or Timo >>> >>> or the other way ,for massive used clients there should be >>> a seperate workaround section in the conf >>> >>> But fixing behave clients should be prime option anyway >>> >>> Meanwhile use K9mail in Android as best free option in imap mode servers >>> >>> Best Regards >>> MfG Robert Schetterer >>> >>> -- >>> [*] sys4 AG >>> >>> http://sys4.de, +49 (89) 30 90 46 64 >>> Franziskanerstra?e 15, 81669 M?nchen >>> >>> Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 >>> Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer >>> Aufsichtsratsvorsitzender: Joerg Heidrich > > > >Best Regards >MfG Robert Schetterer > >-- >[*] sys4 AG > >http://sys4.de, +49 (89) 30 90 46 64 >Franziskanerstra?e 15, 81669 M?nchen > >Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 >Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer >Aufsichtsratsvorsitzender: Joerg Heidrich From tss at iki.fi Thu Nov 8 01:42:17 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 8 Nov 2012 01:42:17 +0200 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: References: Message-ID: On 8.11.2012, at 1.24, Massimiliano Cianelli wrote: > Due that Google act like BlackBerry, Microsoft,etc.. (hovewer they will not fix it soon, or really respect the rfc), it's much simple add Namespace on prelogin banner then wait or have to tell someone to install another client for that mailbox. > > I didn't know the history, but looking at change log seems that idle as been put back to prelogin client for some kind of compatibility with their service. Luckily the big ones only needed IDLE to work. I'm hoping to avoid adding anything else. And Dovecot is currently the most widely used IMAP server, so I think there's a good chance of client developers actually fixing their clients. From massimiliano at cianelli.eu Thu Nov 8 01:48:57 2012 From: massimiliano at cianelli.eu (Massimiliano Cianelli) Date: Thu, 08 Nov 2012 00:48:57 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: References: Message-ID: <3b757e0a-bc1a-48af-a4b3-582a886e650b@email.android.com> I've noticed an error in my sentence about the change log, it was referred to blackberry.. not to Google Google need only 'namespace', I will try to update the issue (due that every IMAP server that will respect the rfc will not work as expected in that condition).. pointing the problem on post login capability... and we will see when Google will want to fix it. Regards Timo Sirainen ha scritto: >On 8.11.2012, at 1.24, Massimiliano Cianelli wrote: > >> Due that Google act like BlackBerry, Microsoft,etc.. (hovewer they >will not fix it soon, or really respect the rfc), it's much simple add >Namespace on prelogin banner then wait or have to tell someone to >install another client for that mailbox. >> >> I didn't know the history, but looking at change log seems that idle >as been put back to prelogin client for some kind of compatibility with >their service. > >Luckily the big ones only needed IDLE to work. I'm hoping to avoid >adding anything else. > >And Dovecot is currently the most widely used IMAP server, so I think >there's a good chance of client developers actually fixing their >clients. -- testing k9 From tss at iki.fi Thu Nov 8 01:55:33 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 8 Nov 2012 01:55:33 +0200 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: <3b757e0a-bc1a-48af-a4b3-582a886e650b@email.android.com> References: <3b757e0a-bc1a-48af-a4b3-582a886e650b@email.android.com> Message-ID: <88042DDA-00C2-4143-86C5-CD6B62D397AD@iki.fi> Even gmail itself isn't advertising all capabilities before login: * CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA ID XLIST CHILDREN X-GM-EXT-1 XYZZY SASL-IR AUTH=XOAUTH AUTH=XOAUTH2 vs. * CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA ID XLIST CHILDREN X-GM-EXT-1 UIDPLUS COMPRESS=DEFLATE UIDPLUS especially has been very widely used long before gmail. I guess they also don't want to advertise unnecessary capabilities before login and have determined that all the important clients supporting UIDPLUS support receiving after it post-login. On 8.11.2012, at 1.48, Massimiliano Cianelli wrote: > I've noticed an error in my sentence about the change log, it was referred to blackberry.. not to Google > > Google need only 'namespace', I will try to update the issue (due that every IMAP server that will respect the rfc will not work as expected in that condition).. pointing the problem on post login capability... and we will see when Google will want to fix it. > > Regards > > Timo Sirainen ha scritto: > >> On 8.11.2012, at 1.24, Massimiliano Cianelli wrote: >> >>> Due that Google act like BlackBerry, Microsoft,etc.. (hovewer they >> will not fix it soon, or really respect the rfc), it's much simple add >> Namespace on prelogin banner then wait or have to tell someone to >> install another client for that mailbox. >>> >>> I didn't know the history, but looking at change log seems that idle >> as been put back to prelogin client for some kind of compatibility with >> their service. >> >> Luckily the big ones only needed IDLE to work. I'm hoping to avoid >> adding anything else. >> >> And Dovecot is currently the most widely used IMAP server, so I think >> there's a good chance of client developers actually fixing their >> clients. > > -- testing k9 > From massimiliano at cianelli.eu Thu Nov 8 02:01:49 2012 From: massimiliano at cianelli.eu (Massimiliano Cianelli) Date: Thu, 08 Nov 2012 01:01:49 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: <88042DDA-00C2-4143-86C5-CD6B62D397AD@iki.fi> References: <3b757e0a-bc1a-48af-a4b3-582a886e650b@email.android.com> <88042DDA-00C2-4143-86C5-CD6B62D397AD@iki.fi> Message-ID: Yes, but namespace is in prelogin... and anyway they will say that the team which will make the gmail app is different then the email app. IMHO there is only a commercial reason.. keep people use gmail and force company and private to use Google apps... in that way they will not have issue and have push delivery (also called IMAP idle that is not supported). Timo Sirainen ha scritto: >Even gmail itself isn't advertising all capabilities before login: > >* CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA ID XLIST CHILDREN >X-GM-EXT-1 XYZZY SASL-IR AUTH=XOAUTH AUTH=XOAUTH2 > >vs. > >* CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA ID XLIST CHILDREN >X-GM-EXT-1 UIDPLUS COMPRESS=DEFLATE > >UIDPLUS especially has been very widely used long before gmail. I guess >they also don't want to advertise unnecessary capabilities before login >and have determined that all the important clients supporting UIDPLUS >support receiving after it post-login. > >On 8.11.2012, at 1.48, Massimiliano Cianelli wrote: > >> I've noticed an error in my sentence about the change log, it was >referred to blackberry.. not to Google >> >> Google need only 'namespace', I will try to update the issue (due >that every IMAP server that will respect the rfc will not work as >expected in that condition).. pointing the problem on post login >capability... and we will see when Google will want to fix it. >> >> Regards >> >> Timo Sirainen ha scritto: >> >>> On 8.11.2012, at 1.24, Massimiliano Cianelli wrote: >>> >>>> Due that Google act like BlackBerry, Microsoft,etc.. (hovewer they >>> will not fix it soon, or really respect the rfc), it's much simple >add >>> Namespace on prelogin banner then wait or have to tell someone to >>> install another client for that mailbox. >>>> >>>> I didn't know the history, but looking at change log seems that >idle >>> as been put back to prelogin client for some kind of compatibility >with >>> their service. >>> >>> Luckily the big ones only needed IDLE to work. I'm hoping to avoid >>> adding anything else. >>> >>> And Dovecot is currently the most widely used IMAP server, so I >think >>> there's a good chance of client developers actually fixing their >>> clients. >> >> -- testing k9 >> -- Inviato dal mio cellulare Android con K-9 Mail. From tss at iki.fi Thu Nov 8 02:10:33 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 8 Nov 2012 02:10:33 +0200 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: References: <3b757e0a-bc1a-48af-a4b3-582a886e650b@email.android.com> <88042DDA-00C2-4143-86C5-CD6B62D397AD@iki.fi> Message-ID: <3A1F6CA1-423F-4DF7-905C-9B161463D024@iki.fi> Yes, different teams, but I think Google is still a lot more reasonable company to deal with things like this than Microsoft. Although surprisingly even Microsoft appears to support SPECIAL-USE in the next Outlook(?) client. On 8.11.2012, at 2.01, Massimiliano Cianelli wrote: > Yes, but namespace is in prelogin... and anyway they will say that the team which will make the gmail app is different then the email app. > > IMHO there is only a commercial reason.. keep people use gmail and force company and private to use Google apps... in that way they will not have issue and have push delivery (also called IMAP idle that is not supported). > > Timo Sirainen ha scritto: > >> Even gmail itself isn't advertising all capabilities before login: >> >> * CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA ID XLIST CHILDREN >> X-GM-EXT-1 XYZZY SASL-IR AUTH=XOAUTH AUTH=XOAUTH2 >> >> vs. >> >> * CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA ID XLIST CHILDREN >> X-GM-EXT-1 UIDPLUS COMPRESS=DEFLATE >> >> UIDPLUS especially has been very widely used long before gmail. I guess >> they also don't want to advertise unnecessary capabilities before login >> and have determined that all the important clients supporting UIDPLUS >> support receiving after it post-login. >> >> On 8.11.2012, at 1.48, Massimiliano Cianelli wrote: >> >>> I've noticed an error in my sentence about the change log, it was >> referred to blackberry.. not to Google >>> >>> Google need only 'namespace', I will try to update the issue (due >> that every IMAP server that will respect the rfc will not work as >> expected in that condition).. pointing the problem on post login >> capability... and we will see when Google will want to fix it. >>> >>> Regards >>> >>> Timo Sirainen ha scritto: >>> >>>> On 8.11.2012, at 1.24, Massimiliano Cianelli wrote: >>>> >>>>> Due that Google act like BlackBerry, Microsoft,etc.. (hovewer they >>>> will not fix it soon, or really respect the rfc), it's much simple >> add >>>> Namespace on prelogin banner then wait or have to tell someone to >>>> install another client for that mailbox. >>>>> >>>>> I didn't know the history, but looking at change log seems that >> idle >>>> as been put back to prelogin client for some kind of compatibility >> with >>>> their service. >>>> >>>> Luckily the big ones only needed IDLE to work. I'm hoping to avoid >>>> adding anything else. >>>> >>>> And Dovecot is currently the most widely used IMAP server, so I >> think >>>> there's a good chance of client developers actually fixing their >>>> clients. >>> >>> -- testing k9 >>> > > -- Inviato dal mio cellulare Android con K-9 Mail. From massimiliano at cianelli.eu Thu Nov 8 02:18:48 2012 From: massimiliano at cianelli.eu (Massimiliano Cianelli) Date: Thu, 08 Nov 2012 01:18:48 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: <3A1F6CA1-423F-4DF7-905C-9B161463D024@iki.fi> References: <3b757e0a-bc1a-48af-a4b3-582a886e650b@email.android.com> <88042DDA-00C2-4143-86C5-CD6B62D397AD@iki.fi> <3A1F6CA1-423F-4DF7-905C-9B161463D024@iki.fi> Message-ID: If you give a look to Google code there are a lot of important bugs keep open from years. I like a lot android... but they have to spent a little more on it. Only in that way it will be the best mobile os around. Now it have some goods and some bads things.. like every os around us.. the only big good thing... it is open. Timo Sirainen ha scritto: >Yes, different teams, but I think Google is still a lot more reasonable >company to deal with things like this than Microsoft. Although >surprisingly even Microsoft appears to support SPECIAL-USE in the next >Outlook(?) client. > >On 8.11.2012, at 2.01, Massimiliano Cianelli wrote: > >> Yes, but namespace is in prelogin... and anyway they will say that >the team which will make the gmail app is different then the email app. >> >> IMHO there is only a commercial reason.. keep people use gmail and >force company and private to use Google apps... in that way they will >not have issue and have push delivery (also called IMAP idle that is >not supported). >> >> Timo Sirainen ha scritto: >> >>> Even gmail itself isn't advertising all capabilities before login: >>> >>> * CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA ID XLIST >CHILDREN >>> X-GM-EXT-1 XYZZY SASL-IR AUTH=XOAUTH AUTH=XOAUTH2 >>> >>> vs. >>> >>> * CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA ID XLIST >CHILDREN >>> X-GM-EXT-1 UIDPLUS COMPRESS=DEFLATE >>> >>> UIDPLUS especially has been very widely used long before gmail. I >guess >>> they also don't want to advertise unnecessary capabilities before >login >>> and have determined that all the important clients supporting >UIDPLUS >>> support receiving after it post-login. >>> >>> On 8.11.2012, at 1.48, Massimiliano Cianelli wrote: >>> >>>> I've noticed an error in my sentence about the change log, it was >>> referred to blackberry.. not to Google >>>> >>>> Google need only 'namespace', I will try to update the issue (due >>> that every IMAP server that will respect the rfc will not work as >>> expected in that condition).. pointing the problem on post login >>> capability... and we will see when Google will want to fix it. >>>> >>>> Regards >>>> >>>> Timo Sirainen ha scritto: >>>> >>>>> On 8.11.2012, at 1.24, Massimiliano Cianelli wrote: >>>>> >>>>>> Due that Google act like BlackBerry, Microsoft,etc.. (hovewer >they >>>>> will not fix it soon, or really respect the rfc), it's much simple >>> add >>>>> Namespace on prelogin banner then wait or have to tell someone to >>>>> install another client for that mailbox. >>>>>> >>>>>> I didn't know the history, but looking at change log seems that >>> idle >>>>> as been put back to prelogin client for some kind of compatibility >>> with >>>>> their service. >>>>> >>>>> Luckily the big ones only needed IDLE to work. I'm hoping to avoid >>>>> adding anything else. >>>>> >>>>> And Dovecot is currently the most widely used IMAP server, so I >>> think >>>>> there's a good chance of client developers actually fixing their >>>>> clients. >>>> >>>> -- testing k9 >>>> >> >> -- Inviato dal mio cellulare Android con K-9 Mail. Sent from Galaxy Nexus From calestyo at scientia.net Thu Nov 8 04:57:19 2012 From: calestyo at scientia.net (Christoph Anton Mitterer) Date: Thu, 08 Nov 2012 03:57:19 +0100 Subject: [Dovecot] maildir and end-of-line encoding In-Reply-To: References: <1351648223.24721.4.camel@fermat.scientia.net> Message-ID: <1352343439.5059.202.camel@fermat.scientia.net> On Wed, 2012-11-07 at 17:33 +0200, Timo Sirainen wrote: > Dovecot automatically adds CRs where necessary. Even within the same file there can be mixed LF/CRLF lines. Can you detail this a bit, or point me to the specific code areas? 1) Is only CR added? Or also LF? 2) What happens e.g. when LFCR is found? Is that then "doubled" to CRLFCR or even CRLFCRLF? 3) When does it "add" these chars? Only when using dovecot-lda? Or also when some other MDA places files into e.g. a maildir? I did some reading on the RFC 5322 which says: - new mails must not have single CR or LF, both may only occur as CRL - but from the previous RFCs, it allows existing messages to have CR and LF alone, in which case they are not newlines as CRLF, but rather the CR and LF characters in the their meaning as control characters. 4) So from that point of view... automatic conversion may actually "corrupt" things in a strict sense. (One should hope of course, that only few people use(d) CR or LF alone to get their control character meaning... but rather that these are just cases of accidents.) 5) I agree with you that mails should be stored with CRLF, as this is their native format.... and I found nothing on the maildir[++] standards that would forbid that (neither that would encourage it). But for mbox there are "definitions" that _always_ LF is used (AFAIU, even on non-UNIX platforms. 6) I went through my mails and basically I found everything: CR, LF, CRLF and even LFCR. Now I have no real idea how to deal with that? Keep all as is? Make all LFs CRLFs and/or all CFs to CRLFs? What about the LFCRs? Handle them as group and perhaps swap them to CRLF. Or doing the same as with single LFs and CRs. Cheers, Chris. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5113 bytes Desc: not available URL: From p at sys4.de Thu Nov 8 07:25:50 2012 From: p at sys4.de (Patrick Ben Koetter) Date: Thu, 8 Nov 2012 06:25:50 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: <3A1F6CA1-423F-4DF7-905C-9B161463D024@iki.fi> References: <3b757e0a-bc1a-48af-a4b3-582a886e650b@email.android.com> <88042DDA-00C2-4143-86C5-CD6B62D397AD@iki.fi> <3A1F6CA1-423F-4DF7-905C-9B161463D024@iki.fi> Message-ID: <20121108052550.GC11584@sys4.de> * Timo Sirainen : > Yes, different teams, but I think Google is still a lot more reasonable company to deal with things like this than Microsoft. Although surprisingly even Microsoft appears to support SPECIAL-USE in the next Outlook(?) client. confirmed. p at rick -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From rs at sys4.de Thu Nov 8 09:31:38 2012 From: rs at sys4.de (Robert Schetterer) Date: Thu, 08 Nov 2012 08:31:38 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: References: Message-ID: <509B5FDA.2050002@sys4.de> Am 08.11.2012 00:24, schrieb Massimiliano Cianelli: > Hi, > > Yes w/o prefix work as expected, try to add a prefix like courier does (eg. Inbox.) It will not work as expected. I see you point, but as i have seen other mail clients have problems with prefix namespace in the past, i am using the most unproblematic setup, there will never be an universal best config for all imap software existing, dont try to find it > > Due I'm upgrading an old installed server, I've to keep everything as much transparent I can... it includes IMAP folder and subscription. look at dovecot migration sites for examples, but it may stay a problem ever ,that some imap clients with broken stuff do not behave proper after migration again this should be fixed on the client side > > Looking at that I've encountered that issue, and analyzed for fix it (thank you open source), not everyone will want to use/use k9.. but you can be 100% sure the stock client is there. thats right, but if its failing with some servers, it has to be fixed at the "source of evil" first *g, anyway i dont see the point dovecot related, but your info is usefull anyway > > Due that Google act like BlackBerry, Microsoft,etc.. (hovewer they will not fix it soon, or really respect the rfc), it's much simple add Namespace on prelogin banner then wait or have to tell someone to install another client for that mailbox. > > I didn't know the history, but looking at change log seems that idle as been put back to prelogin client for some kind of compatibility with their service. > > Anyway, the most important reason that got me to subscribe the mailing list for write those emails, is share with the community that problem and provide a solution.. for someone in the future that have the same problem and will search on internet for a solution (like I've does.. before analyze it on my own). > > If the workaround will be added to the wiki or will be put in the source.. the important thing is that there is a solution simple and fast (two.. the source modify, and the configuration file) and someone can find it.. > > (Sarcastic) And if the mayans were right we can't wait for google to fix it :p Dovecot has mass of config parameter, try find out what set best to workaround your problem, then post it to the wiki, it will be welcomed > > Best Regards > Sent from Galaxy Nexus > > Robert Schetterer ha scritto: > >> Am 07.11.2012 08:13, schrieb Massimiliano Cianelli: >>> Hello, >>> >>> My phone: >>> Android ics 4.1.2 on galaxy nexus. >>> And yes, stock mean the default client that come with the os in IMAP mode. >>> >>> I already know about that configuration parameter, but it will display two time namespace in postlogin capabilities, and so I like much more to adjust the source code to fix the issue. >>> >>> Yes there is k9 but I didn't like it too much, I prefer the stock client and is much important to keep compatibility with stock client then user-installed client. >>> >>> About the issue on Google code, there is thr issue on google code... but Google is a lot slow in fixing those things. >>> http://code.google.com/p/android/issues/detail?id=1811 >>> >>> In a few hour I'll update the issue noticing where is hidden the problem. >>> >>> Regards >>> Sent from Galaxy Nexus >> >> Hi , i shortly tested this with android sdk jelly bean 4.1.1 and "my >> setup" dovecot 2.1.10 with included orginal android mail app in imap mode, >> ,leaving IMAP prefix blank, everything works as expected, no double >> shown inbox, namespace problems etc >> so you might have to fit your namespace setup. >> Also you might follow allready given advice from here. >> >> Anyway , i understand you using "stock client" >> but you have to understand that the producers of mail clients >> optimize their stuff fitting best in their own server structure >> making money with it, therefor their motivation coding better imap code >> is not very high, same case is for outlook and microsoft >> however, i would say, fixing bugs is on the google site here, looks like >> there is patch >> at >> http://code.google.com/p/android/issues/detail?id=1811 >> and the issue seems long known >> >> i dont see any hard relation to dovecot in this case >> meanwhile using k9mail seems the best way to workaround >> there are lots of other bugs around android versions >> over the years i dont expect google to fix them >> >> >>> >>> Robert Schetterer ha scritto: >>> >>>> Am 06.11.2012 07:08, schrieb Ben Morrow: >>>>> At 6AM +0100 on 6/11/12 you (Massimiliano Cianelli) wrote: >>>>>> Hi, >>>>>> >>>>>> My setup: >>>>>> Dovecot 2 latest, installed to replace courrier IMAP, and off course >>>>>> configured with the dot separator and all folder under INBOX.*. >>>>>> >>>>>> The problem: >>>>>> My phone was driving me mad during the test, due that it will only >>>>>> recognize Inbox. >>>>>> >>>>>> How found the solution: >>>>>> I've started sniffing IMAP traffic on my server and ended up with one >>>>>> difference: >>>>>> On courier it ask for namespace, on dovecot it won't. >>>>>> >>>>>> I gives a better look, and noticed that courier show namespace >>>>>> capability on prelogin banner, adding it too solved the problem. >>>>>> >>>>>> Reason: >>>>>> Android ICS stock client seems do not honor the capability gived after >>>>>> the login. >>>>> >>>>> See http://wiki2.dovecot.org/Upgrading/2.0?highlight=%28capability%29 ; >>>>> you need to set imap_capability and/or get your client fixed. >>>>> >>>>> Ben >>>>> >>>> >>>> Hi, first ,what is the exact meaning of >>>> >>>> "Android ICS stock client" >>>> >>>> do you mean default included email client in standard android in imap >>>> mode, when yes, which version of Android , i like to test my own >>>> however is there changelog/code etc at google for this behave? >>>> >>>> conf example >>>> >>>> # Override the IMAP CAPABILITY response. If the value begins with '+', >>>> # add the given capabilities on top of the defaults (e.g. +XFOO XBAR). >>>> #imap_capability = >>>> >>>> setting stuff here might be complex , or lead to trouble with other >>>> clients, if setting this might fix problems ,with clients it should be >>>> advised in the wiki/example-conf and/or Timo >>>> >>>> or the other way ,for massive used clients there should be >>>> a seperate workaround section in the conf >>>> >>>> But fixing behave clients should be prime option anyway >>>> >>>> Meanwhile use K9mail in Android as best free option in imap mode servers >>>> >>>> Best Regards >>>> MfG Robert Schetterer >>>> >>>> -- >>>> [*] sys4 AG >>>> >>>> http://sys4.de, +49 (89) 30 90 46 64 >>>> Franziskanerstra?e 15, 81669 M?nchen >>>> >>>> Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 >>>> Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer >>>> Aufsichtsratsvorsitzender: Joerg Heidrich >> >> >> >> Best Regards >> MfG Robert Schetterer >> >> -- >> [*] sys4 AG >> >> http://sys4.de, +49 (89) 30 90 46 64 >> Franziskanerstra?e 15, 81669 M?nchen >> >> Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 >> Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer >> Aufsichtsratsvorsitzender: Joerg Heidrich Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From rs at sys4.de Thu Nov 8 09:40:22 2012 From: rs at sys4.de (Robert Schetterer) Date: Thu, 08 Nov 2012 08:40:22 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: References: <3b757e0a-bc1a-48af-a4b3-582a886e650b@email.android.com> <88042DDA-00C2-4143-86C5-CD6B62D397AD@iki.fi> <3A1F6CA1-423F-4DF7-905C-9B161463D024@iki.fi> Message-ID: <509B61E6.3090604@sys4.de> Am 08.11.2012 01:18, schrieb Massimiliano Cianelli: > Yes, different teams, but I think Google is still a lot more reasonable >>company to deal with things like this than Microsoft. Although >>surprisingly even Microsoft appears to support SPECIAL-USE in the next >>Outlook(?) client. yeah it works, but they had bugged it for my last tests, mail in sent folder ( which is corect in use by SPECIAL-USE ) always stay unread, seems they have had design problems using now a standard outgoing folder, however there is a bug report about that and they anounced to fix it, but it isnt in my last tests after the last upgrade, if they dont fix it you cant use the sent folder via imap in a handy way , and you have to disable the feature in total ( this point was changed also ), and need to set this function via filter wizard like long time ago outlook versions needed it Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From pshirkey at boosthardware.com Thu Nov 8 09:48:46 2012 From: pshirkey at boosthardware.com (Patrick Shirkey) Date: Thu, 8 Nov 2012 18:48:46 +1100 (EST) Subject: [Dovecot] pop3 exim4 dovecot Message-ID: <63736.188.25.63.54.1352360926.squirrel@boosthardware.com> Hi, I have an exim4 and dovecot system. The system has multiple accounts. Exim4 is receiving emails in the /var/mail/user files and dovecot is configured to use /home/user/mail (mbox) folder. I have one account that dovecot is not processing replies/bounces/etc... The data is being written in the /var/mail/user file by exim4 but as far as dovecot is aware there is nothing in the pop3 inbox. Can anyone suggest how I can enable dovecot to know that the data is in the /var/mail/user file and deliver it to the pop3 inbox for this account? -- Patrick Shirkey Boost Hardware Ltd From yngve_l2 at hotmail.com Thu Nov 8 09:54:21 2012 From: yngve_l2 at hotmail.com (ycc_Swe) Date: Wed, 7 Nov 2012 23:54:21 -0800 (PST) Subject: [Dovecot] Dovecot ok for port 110, but not for SSL (beginner asking) In-Reply-To: <509A35C0.8040209@sys4.de> References: <1352279608118-38611.post@n4.nabble.com> <509A35C0.8040209@sys4.de> Message-ID: <1352361261767-38656.post@n4.nabble.com> Thank you for your reply. I read the page you link to. As I understand I should set the ssl-parameter in 10-ssl.conf to "yes" or "required". I should also have permissions like this: root at deb7:/etc/dovecot/conf.d# ls -l /etc/ssl/*/dovecot.pem -r--r--r-- 1 root root 1326 Nov 3 14:24 /etc/ssl/certs/dovecot.pem -r-------- 1 root root 1704 Nov 3 14:24 /etc/ssl/private/dovecot.pem root at deb7:/etc/dovecot/conf.d# Other information on the page, as I understand, has to do with more "advanced" setups than mine. I still have the same problem. When I set ssl parameter to yes/required I can still not connect to port 995. This time I set ssl=verbose. This is what the log shows when I try to connect with ssl. Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x10, ret=1: before/accept initialization [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: before/accept initialization [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read client hello A [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write server hello A [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write certificate A [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write server done A [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 flush data [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2002, ret=-1: SSLv3 read client certificate A [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2002, ret=-1: SSLv3 read client certificate A [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read client key exchange A [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read finished A [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write change cipher spec A [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write finished A [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 flush data [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x20, ret=1: SSL negotiation finished successfully [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2002, ret=1: SSL negotiation finished successfully [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL alert: where=0x4008, ret=256: warning close notify [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=12.12.12.7, lip=13.13.13.239, TLS: Disconnected, session= Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x10, ret=1: before/accept initialization [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: before/accept initialization [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read client hello A [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write server hello A [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write certificate A [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write server done A [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 flush data [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2002, ret=-1: SSLv3 read client certificate A [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2002, ret=-1: SSLv3 read client certificate A [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read client key exchange A [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read finished A [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write change cipher spec A [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write finished A [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 flush data [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x20, ret=1: SSL negotiation finished successfully [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2002, ret=1: SSL negotiation finished successfully [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL alert: where=0x4008, ret=256: warning close notify [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=12.12.12.7, lip=13.13.13.239, TLS: Disconnected, session= root at deb7:/etc/dovecot/conf.d# root at deb7:/etc/dovecot/conf.d# doveconf -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-3-686-pae i686 Debian wheezy/sid disable_plaintext_auth = no mail_gid = mail mail_location = mbox:~/mail:INBOX=/var/mail/%u namespace inbox { inbox = yes location = prefix = } passdb { args = scheme=CRYPT username_format=%u /etc/dovecot/users driver = passwd-file } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = " imap pop3" ssl = required ssl_cert = References: <1352279608118-38611.post@n4.nabble.com> <509A35C0.8040209@sys4.de> <1352361261767-38656.post@n4.nabble.com> Message-ID: <509B6AED.7070107@sys4.de> Am 08.11.2012 08:54, schrieb ycc_Swe: > Thanks for repying. I still have the same problem. Dovecot works for me on > port 110, but not on 995/ssl. look here http://wiki2.dovecot.org/TestPop3Installation look for your auth fit what you want disable_plaintext_auth.... verify your pem/crt is not broken look http://wiki2.dovecot.org/AuthDatabase/PasswdFile Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From rs at sys4.de Thu Nov 8 10:21:26 2012 From: rs at sys4.de (Robert Schetterer) Date: Thu, 08 Nov 2012 09:21:26 +0100 Subject: [Dovecot] pop3 exim4 dovecot In-Reply-To: <63736.188.25.63.54.1352360926.squirrel@boosthardware.com> References: <63736.188.25.63.54.1352360926.squirrel@boosthardware.com> Message-ID: <509B6B86.6050600@sys4.de> Am 08.11.2012 08:48, schrieb Patrick Shirkey: > Hi, > > I have an exim4 and dovecot system. The system has multiple accounts. > Exim4 is receiving emails in the /var/mail/user files and dovecot is > configured to use /home/user/mail (mbox) folder. > > I have one account that dovecot is not processing replies/bounces/etc... > The data is being written in the /var/mail/user file by exim4 but as far > as dovecot is aware there is nothing in the pop3 inbox. > > Can anyone suggest how I can enable dovecot to know that the data is in > the /var/mail/user file and deliver it to the pop3 inbox for this account? > > > > -- > Patrick Shirkey > Boost Hardware Ltd > show logs and config like doveconf -n Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From design at 1stwebdesigns.com Thu Nov 8 10:29:05 2012 From: design at 1stwebdesigns.com (1st WebDesigns) Date: Thu, 08 Nov 2012 08:29:05 +0000 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access Message-ID: <509B6D51.8030408@1stwebdesigns.com> Hi there, We're using Dovecot version 1.0.7 and Postfix, and since upgrading our Linux box we're getting this in the maillog: Nov 8 07:49:11 server1 postfix/local[27901]: 04B8E7081DA: to=, orig_to=, relay=local, delay=19, delays=0.07/0/0/19, dsn=4.2.0, status=deferred (cannot update mailbox /var/spool/mail/abc for user abc. unable to lock for exclusive access: Resource temporarily unavailable) Postfix is currently set to: mailbox_delivery_lock = fcntl, dotlock Dovecot has this: mbox_read_locks = fcntl mbox_write_locks = fcntl dotlock I've scoured the web and tried all kinds of different locking mechanisms and combinations to no avail. The mail is eventually delivered but on a busy day this can take several hours. In the evening it generally doesn't happen, which leads me to believe it occurs during the day when people have their mail clients open. However, this particular issue doesn't affect every user that has their mail client open, only some! We currently have the mailboxes in mbox format - yes I know we should upgrade to maildir which we will eventually, however we've been using mbox for the last 10 years and this has only become an issue since upgrading. What I have discovered this morning is a Dovecot connection that is open for 6 minutes before disconnection. During this 6 minutes the above problem occurs (new mail cannot get an exclusive lock). The same user will have connected and disconnected several times before and after, with a connection taking no more than a few seconds. But it seems sometimes the connection is taking longer than it should and I suspect the problem lies here. Please can anyone help! Thank you, G From p at sys4.de Thu Nov 8 10:34:56 2012 From: p at sys4.de (Patrick Ben Koetter) Date: Thu, 8 Nov 2012 09:34:56 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: <509B61E6.3090604@sys4.de> References: <3b757e0a-bc1a-48af-a4b3-582a886e650b@email.android.com> <88042DDA-00C2-4143-86C5-CD6B62D397AD@iki.fi> <3A1F6CA1-423F-4DF7-905C-9B161463D024@iki.fi> <509B61E6.3090604@sys4.de> Message-ID: <20121108083456.GA8522@sys4.de> * Robert Schetterer : > Am 08.11.2012 01:18, schrieb Massimiliano Cianelli: > > Yes, different teams, but I think Google is still a lot more reasonable > >>company to deal with things like this than Microsoft. Although > >>surprisingly even Microsoft appears to support SPECIAL-USE in the next > >>Outlook(?) client. > > yeah it works, but they had bugged it for my last tests, > mail in sent folder ( which is corect in use by SPECIAL-USE ) > always stay unread, seems they have had design problems using now a > standard outgoing folder, however there is a bug report about that > and they anounced to fix it, but it isnt in my last tests after the last > upgrade, if they dont fix it you cant use the sent folder via imap in a > handy way , and you have to disable the feature in total ( this point > was changed also ), and need to set this function via filter wizard like > long time ago outlook versions needed it We could work around this with a SIEVE rule that marks the message 'read' when it is put into the Sent folder, couldn't we? p at rick -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From pshirkey at boosthardware.com Thu Nov 8 10:36:54 2012 From: pshirkey at boosthardware.com (Patrick Shirkey) Date: Thu, 8 Nov 2012 19:36:54 +1100 (EST) Subject: [Dovecot] pop3 exim4 dovecot In-Reply-To: <509B6B86.6050600@sys4.de> References: <63736.188.25.63.54.1352360926.squirrel@boosthardware.com> <509B6B86.6050600@sys4.de> Message-ID: <64315.188.25.63.54.1352363814.squirrel@boosthardware.com> On Thu, November 8, 2012 7:21 pm, Robert Schetterer wrote: > Am 08.11.2012 08:48, schrieb Patrick Shirkey: >> Hi, >> >> I have an exim4 and dovecot system. The system has multiple accounts. >> Exim4 is receiving emails in the /var/mail/user files and dovecot is >> configured to use /home/user/mail (mbox) folder. >> >> I have one account that dovecot is not processing replies/bounces/etc... >> The data is being written in the /var/mail/user file by exim4 but as far >> as dovecot is aware there is nothing in the pop3 inbox. >> >> Can anyone suggest how I can enable dovecot to know that the data is in >> the /var/mail/user file and deliver it to the pop3 inbox for this >> account? >> >> >> >> -- >> Patrick Shirkey >> Boost Hardware Ltd >> > > show logs > and config like doveconf -n > > There is nothing in the dovecot logs afaict echo "my test" | mail -s "test message" test at xxx 2012-11-08 08:34:38 1TWNZO-0000TG-8s <= root at xxx U=root P=local S=398 2012-11-08 08:34:38 1TWNZO-0000TG-8s => xxx R=local_user T=mail_spool 2012-11-08 08:34:38 1TWNZO-0000TG-8s Completed exim -bt test at xxx R: system_aliases for xxx at localhost R: userforward for xxx at localhost R: procmail for xxx at localhost R: maildrop for xxx at localhost R: lowuid_aliases for xxx at localhost (UID 1238) R: local_user for xxx at localhost xxx at localhost <-- test at xxx router = local_user, transport = mail_spool - Here's the dovecot config: # dovecot -n # 1.2.15: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.6 log_timestamp: %Y-%m-%d %H:%M:%S protocols: pop3 pop3s listen: 127.0.0.1 login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/pop3-login mail_privileged_group: mail mail_location: mbox:~/mail mail_debug: yes mbox_write_locks: fcntl dotlock mail_executable: /usr/lib/dovecot/pop3 mail_plugin_dir: /usr/lib/dovecot/modules/pop3 auth default: debug: yes passdb: driver: pam userdb: driver: passwd -- Patrick Shirkey Boost Hardware Ltd From skdovecot at smail.inf.fh-brs.de Thu Nov 8 11:21:30 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 8 Nov 2012 10:21:30 +0100 (CET) Subject: [Dovecot] %{ldap:nonExistantAttribut} (was Re: v2.2.alpha1 released) In-Reply-To: References: <1351544456.13571.102.camel@hurina> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 7 Nov 2012, Timo Sirainen wrote: > >> http://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb?highlight=(%25{ldap) >> >> is the only reference I found so far and the TODO file. >> >> If the attribute does not exist, there should be a default value, you can specify, e.g.: %{ldap:attrName[,]:default value} . [,] the optional delimiter from the TODO. > > Where do you see "," as optional delimiter? But yeah, The TODO file contains the snippet: - multiple ldap values could be joined into one field with specified separator (e.g. mail_access_groups=%{ldap:gidNumber:,}) Well, I did ignored the colon in front of the ','. > %{ldap:attrName:default} would be simple to do. Attached patch to do it. > Let me know if it works. I applied it to v2.1. It works like charm, thanks :) - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUJt5mmoxLS8a3A9mAQJpRgf+JviFB7+za6bODz2eWdWCMeSy7GocD9Zc VvmqlcRqCSgGD/37h6m6cyhJ9/XkUm+Z2dbGH5RaznIqEPcQ0GwlIcrkUzfvSSrv ByMRSFDPpu1kWYC1/ieajUrIZTUvhxctpQMtIFkm2Vi6TusgXuTWQGgbf69sIJEF COfPpCO6UYZFe96biNEE171wl+KpEeDBx8xwb4lu+tOXFNbCQEqUMe1kgF6Qda3i cfnAIb+pU+ljYMMQbpuIBpA14i9GGsQAzd39HL3aFKqGq3WU54M8xOZqDfSeUGjh ES/y4U20kbogfUZTUkbA7j3tO463RvCCvFjWh1/FvYLrouAVo2p43A== =Kkac -----END PGP SIGNATURE----- From stan at hardwarefreak.com Thu Nov 8 11:23:51 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Thu, 08 Nov 2012 03:23:51 -0600 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <509B6D51.8030408@1stwebdesigns.com> References: <509B6D51.8030408@1stwebdesigns.com> Message-ID: <509B7A27.3080308@hardwarefreak.com> On 11/8/2012 2:29 AM, 1st WebDesigns wrote: > Hi there, > > We're using Dovecot version 1.0.7 and Postfix, and since upgrading our > Linux box we're getting this in the maillog: 1.0.7 is absolutely ancient and no longer officially supported. You need 1.2.x minimum, 2.x.x even better. And you say you just recently upgraded your Linux distro? What planet do you live on son? You're a few light years behind current stable software. > Nov 8 07:49:11 server1 postfix/local[27901]: 04B8E7081DA: > to=, orig_to=, relay=local, delay=19, > delays=0.07/0/0/19, dsn=4.2.0, status=deferred (cannot update mailbox > /var/spool/mail/abc for user abc. unable to lock for exclusive access: > Resource temporarily unavailable) The simple permanent fix to Postfix/Dovecot mbox locking issues is switching from Postfix LOCAL to Dovecot LDA for mailbox delivery. 1.0.7 is before my time. I do not know if LDA was available then. Upgrade and you'll have it, and you'll also fix other problems you're not even aware of yet. > Postfix is currently set to: > mailbox_delivery_lock = fcntl, dotlock > > Dovecot has this: > mbox_read_locks = fcntl > mbox_write_locks = fcntl dotlock LDA completely eliminates lock contention. http://wiki.dovecot.org/LDA/Postfix http://wiki2.dovecot.org/LDA/Postfix -- Stan From rs at sys4.de Thu Nov 8 11:56:42 2012 From: rs at sys4.de (Robert Schetterer) Date: Thu, 08 Nov 2012 10:56:42 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: <20121108083456.GA8522@sys4.de> References: <3b757e0a-bc1a-48af-a4b3-582a886e650b@email.android.com> <88042DDA-00C2-4143-86C5-CD6B62D397AD@iki.fi> <3A1F6CA1-423F-4DF7-905C-9B161463D024@iki.fi> <509B61E6.3090604@sys4.de> <20121108083456.GA8522@sys4.de> Message-ID: <509B81DA.3080804@sys4.de> Am 08.11.2012 09:34, schrieb Patrick Ben Koetter: > * Robert Schetterer : >> Am 08.11.2012 01:18, schrieb Massimiliano Cianelli: >>> Yes, different teams, but I think Google is still a lot more reasonable >>>> company to deal with things like this than Microsoft. Although >>>> surprisingly even Microsoft appears to support SPECIAL-USE in the next >>>> Outlook(?) client. >> >> yeah it works, but they had bugged it for my last tests, >> mail in sent folder ( which is corect in use by SPECIAL-USE ) >> always stay unread, seems they have had design problems using now a >> standard outgoing folder, however there is a bug report about that >> and they anounced to fix it, but it isnt in my last tests after the last >> upgrade, if they dont fix it you cant use the sent folder via imap in a >> handy way , and you have to disable the feature in total ( this point >> was changed also ), and need to set this function via filter wizard like >> long time ago outlook versions needed it > > We could work around this with a SIEVE rule that marks the message 'read' when > it is put into the Sent folder, couldn't we? > > p at rick > its a copy/move imap to sent folder act, cant see how we could get sieve involved in that "for now" , cause sieve only act when lda or lmtp is used ,in my understandig but lets hope microsoft has/will fix it, i will test the stable new outlook, until i get more powerfull hardware to install it, i am also looking forward whats happening with imap special use on different language versions Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From skdovecot at smail.inf.fh-brs.de Thu Nov 8 12:01:45 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 8 Nov 2012 11:01:45 +0100 (CET) Subject: [Dovecot] %{ldap:nonExistantAttribut} (was Re: v2.2.alpha1 released) In-Reply-To: References: <1351544456.13571.102.camel@hurina> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 8 Nov 2012, Steffen Kaiser wrote: >> %{ldap:attrName:default} would be simple to do. Attached patch to do it. >> Let me know if it works. > > I applied it to v2.1. It works like charm, thanks :) yes, works in v2.2 alpha 15390:af331bc452d0, too. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUJuDCWoxLS8a3A9mAQLqowf9HRhh84cjgaE1nAxZ9VwmJK+83wPVNGoQ E2wMudyTcAuzZU/hZUMNTqXZjnS6Ono/bDBhizK3QfrPQ+3KgxbBDXa76csVt+G4 /vWic3jOWMboSw76Gg6u7g+rXrsikdkzNcNh/qxonK0W0k316gI8J/YN3W2vgR0H EVkSF+qfLFEs9I4+LjvX86e3VfVCkQ8ekOJyuf5gMyweQOCAi2+04aQRRZ5vVmir 8hf4LWsmedEiDZOX8FTG1IDXDWDppcBlsQOhm3QeQqoQX0Ew2OTxLY//qspIYASW I8bWxqCWGRoScpSJGVKPlmBtjxRJmPx4FX7VGBPyWn5SDLuEbRgN9Q== =tHXu -----END PGP SIGNATURE----- From CMarcus at Media-Brokers.com Thu Nov 8 13:45:41 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Thu, 08 Nov 2012 06:45:41 -0500 Subject: [Dovecot] Solr 4.0 - lucene - FTS In-Reply-To: <385519A7-AE91-4C38-94C6-7CD8A957E178@iki.fi> References: <509A5B99.1000900@Media-Brokers.com> <385519A7-AE91-4C38-94C6-7CD8A957E178@iki.fi> Message-ID: <509B9B65.4020801@Media-Brokers.com> On 2012-11-07 10:14 AM, Timo Sirainen wrote: > No, fts-lucene and fts-solr are separate backends. But I do have some small plans to add a few more features to fts-solr. Thanks again Timo, but one last follow-up... According to the wiki, Solr is the preferred method, but that seems weird to me - it requires a full blown Solr server that dovecot communicates with using HTTP/XML queries? Maybe not that big a deal, but just sounds like overkill to me, unless you are maybe already using Solr for website searches (which I'm not and have no need for). I would much prefer something simpler that doesn't require any external dependencies like that, so, next choice is Lucene... Looks much simpler, only requires Lucene's C++ library... But it builds only a single Lucene index for all mailboxes - not sure if this is good or bad? Seems like it would be better/more efficient (and less chance of index corruption, but most importantly, less overhead in the event that one gets hosed and dovecot needs to rebuild it) to build individual indexes for each mailbox, then, maybe, to provide support for searching ALL mailboxes, have a master index that basically just maintains a list of all of the individual indexes to be used for the search (so it doesn't have to scan all available mailboxes, but which it can do in the event that *it* ever got hosed). Obviously I don't know much about all this, so may be totally off base... Thanks again, and for listening to my ramblings, -- Best regards, Charles From odhiambo at gmail.com Thu Nov 8 15:13:07 2012 From: odhiambo at gmail.com (Odhiambo Washington) Date: Thu, 8 Nov 2012 16:13:07 +0300 Subject: [Dovecot] pop3 exim4 dovecot In-Reply-To: <64315.188.25.63.54.1352363814.squirrel@boosthardware.com> References: <63736.188.25.63.54.1352360926.squirrel@boosthardware.com> <509B6B86.6050600@sys4.de> <64315.188.25.63.54.1352363814.squirrel@boosthardware.com> Message-ID: On Thu, Nov 8, 2012 at 11:36 AM, Patrick Shirkey wrote: > > On Thu, November 8, 2012 7:21 pm, Robert Schetterer wrote: > > Am 08.11.2012 08:48, schrieb Patrick Shirkey: > >> Hi, > >> > >> I have an exim4 and dovecot system. The system has multiple accounts. > >> Exim4 is receiving emails in the /var/mail/user files and dovecot is > >> configured to use /home/user/mail (mbox) folder. > >> > >> I have one account that dovecot is not processing replies/bounces/etc... > >> The data is being written in the /var/mail/user file by exim4 but as far > >> as dovecot is aware there is nothing in the pop3 inbox. > >> > >> Can anyone suggest how I can enable dovecot to know that the data is in > >> the /var/mail/user file and deliver it to the pop3 inbox for this > >> account? > >> > >> > >> > >> -- > >> Patrick Shirkey > >> Boost Hardware Ltd > >> > > > > show logs > > and config like doveconf -n > > > > > > There is nothing in the dovecot logs afaict > > echo "my test" | mail -s "test message" test at xxx > > 2012-11-08 08:34:38 1TWNZO-0000TG-8s <= root at xxx U=root P=local S=398 > 2012-11-08 08:34:38 1TWNZO-0000TG-8s => xxx R=local_user > T=mail_spool > 2012-11-08 08:34:38 1TWNZO-0000TG-8s Completed > > > exim -bt test at xxx > R: system_aliases for xxx at localhost > R: userforward for xxx at localhost > R: procmail for xxx at localhost > R: maildrop for xxx at localhost > R: lowuid_aliases for xxx at localhost (UID 1238) > R: local_user for xxx at localhost > xxx at localhost > <-- test at xxx > router = local_user, transport = mail_spool > > > - Here's the dovecot config: > > # dovecot -n > # 1.2.15: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.6 > log_timestamp: %Y-%m-%d %H:%M:%S > protocols: pop3 pop3s > listen: 127.0.0.1 > login_dir: /var/run/dovecot/login > login_executable: /usr/lib/dovecot/pop3-login > mail_privileged_group: mail > mail_location: mbox:~/mail > mail_debug: yes > mbox_write_locks: fcntl dotlock > mail_executable: /usr/lib/dovecot/pop3 > mail_plugin_dir: /usr/lib/dovecot/modules/pop3 > auth default: > debug: yes > passdb: > driver: pam > userdb: > driver: passwd > > > You are telling dovecot that mails are in mbox format (why you even use mbox instead of Maildir++ beats me, but that's not what you asked for help with) and are stored in /home/$user/mbox so go ahead at also tell Exim to deliver to the same location! If you want Exim to deliver to /var/mail/$user then change your mail_location in dovecot.conf to point to this too. -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ I can't hear you -- I'm using the scrambler. From pshirkey at boosthardware.com Thu Nov 8 16:03:11 2012 From: pshirkey at boosthardware.com (Patrick Shirkey) Date: Fri, 9 Nov 2012 01:03:11 +1100 (EST) Subject: [Dovecot] pop3 exim4 dovecot In-Reply-To: References: <63736.188.25.63.54.1352360926.squirrel@boosthardware.com> <509B6B86.6050600@sys4.de> <64315.188.25.63.54.1352363814.squirrel@boosthardware.com> Message-ID: <50869.188.25.63.54.1352383391.squirrel@boosthardware.com> On Fri, November 9, 2012 12:13 am, Odhiambo Washington wrote: > On Thu, Nov 8, 2012 at 11:36 AM, Patrick Shirkey > > wrote: > >> >> On Thu, November 8, 2012 7:21 pm, Robert Schetterer wrote: >> > Am 08.11.2012 08:48, schrieb Patrick Shirkey: >> >> Hi, >> >> >> >> I have an exim4 and dovecot system. The system has multiple accounts. >> >> Exim4 is receiving emails in the /var/mail/user files and dovecot is >> >> configured to use /home/user/mail (mbox) folder. >> >> >> >> I have one account that dovecot is not processing >> replies/bounces/etc... >> >> The data is being written in the /var/mail/user file by exim4 but as >> far >> >> as dovecot is aware there is nothing in the pop3 inbox. >> >> >> >> Can anyone suggest how I can enable dovecot to know that the data is >> in >> >> the /var/mail/user file and deliver it to the pop3 inbox for this >> >> account? >> >> >> >> >> >> >> >> -- >> >> Patrick Shirkey >> >> Boost Hardware Ltd >> >> >> > >> > show logs >> > and config like doveconf -n >> > >> > >> >> There is nothing in the dovecot logs afaict >> >> echo "my test" | mail -s "test message" test at xxx >> >> 2012-11-08 08:34:38 1TWNZO-0000TG-8s <= root at xxx U=root P=local S=398 >> 2012-11-08 08:34:38 1TWNZO-0000TG-8s => xxx R=local_user >> T=mail_spool >> 2012-11-08 08:34:38 1TWNZO-0000TG-8s Completed >> >> >> exim -bt test at xxx >> R: system_aliases for xxx at localhost >> R: userforward for xxx at localhost >> R: procmail for xxx at localhost >> R: maildrop for xxx at localhost >> R: lowuid_aliases for xxx at localhost (UID 1238) >> R: local_user for xxx at localhost >> xxx at localhost >> <-- test at xxx >> router = local_user, transport = mail_spool >> >> >> - Here's the dovecot config: >> >> # dovecot -n >> # 1.2.15: /etc/dovecot/dovecot.conf >> # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.6 >> log_timestamp: %Y-%m-%d %H:%M:%S >> protocols: pop3 pop3s >> listen: 127.0.0.1 >> login_dir: /var/run/dovecot/login >> login_executable: /usr/lib/dovecot/pop3-login >> mail_privileged_group: mail >> mail_location: mbox:~/mail >> mail_debug: yes >> mbox_write_locks: fcntl dotlock >> mail_executable: /usr/lib/dovecot/pop3 >> mail_plugin_dir: /usr/lib/dovecot/modules/pop3 >> auth default: >> debug: yes >> passdb: >> driver: pam >> userdb: >> driver: passwd >> >> >> > You are telling dovecot that mails are in mbox format (why you even use > mbox instead of Maildir++ beats me, but that's not what you asked for help > with) and are stored in /home/$user/mbox so go ahead at also tell Exim to > deliver to the same location! > If you want Exim to deliver to /var/mail/$user then change your > mail_location in dovecot.conf to point to this too. > > Thanks for your advice. I inherited this system and it is a live B2B system so I am trying not to break it as well as to keep it running :-) I have seen some unusual behaviour now. 1: According to my script to process the inbox for each account the pop3 account was empty. The code was previously working for many months. I thought it might be related to the missing mail_location directive because the home/xxx/mail folder was missing for the specific account that was having a problem so I added it as above but it didn't appear to fix the problem. 2: I modified it as suggested : mail_location = INBOX=/var/mail/%u That gave me an error Nov 8 13:47:03 mail dovecot: POP3(xxx): mail_location: Ambiguous mail location setting, don't know what to do with it: INBOX=/var/mail/xxx (try prefixing it with mbox: or maildir:) Nov 8 13:47:03 mail dovecot: POP3(xxx): Fatal: Namespace initialization failed 3: I then disabled the directive and restarted dovecot. The processing script now appears to be working but I see this message in the maillog: Nov 8 13:48:00 mail dovecot: POP3(xxx): fchown(/home/xxx/mail/.imap/INBOX/dovecot.index.tmp, -1, 8(mail)) failed: Operation not permitted (egid=1238(xxx), group based on /var/mail/xxx) Nov 8 13:48:00 mail dovecot: POP3(xxx): fchown(/home/xxx/mail/.imap/INBOX/dovecot.index.log.newlock, -1, 8(mail)) failed: Operation not permitted (egid=1238(xxx), group based on /var/mail/xxx) Nov 8 13:48:00 mail dovecot: POP3(xxx): fchown(/home/xxx/mail/.imap/INBOX/dovecot.index.cache.lock, -1, 8(mail)) failed: Operation not permitted (egid=1238(xxx), group based on /var/mail/xxx) So it looks like setting the mail_location to the /home/user did actually help but only after the mbox was auto created by dovecot and then the directive disabled and dovecot restarted. Based on this it appears that this system is configured to use both the /var/mail/user and /home/user/mail folders. I suppose it is a useful backup to have exim4 write to /var/mail/user and have dovecot transfer the data to /home/user/mail as it is received? Everything was working for many months so I'm not sure why the /home/user/mail folder was not auto created for this new account. AFAICT it is supposed to be handled by dovecot when a mail is received and the default location is /home/user/mail so setting it in dovecot.conf is not explicitly required? -- Patrick Shirkey Boost Hardware Ltd From pshirkey at boosthardware.com Thu Nov 8 16:39:55 2012 From: pshirkey at boosthardware.com (Patrick Shirkey) Date: Fri, 9 Nov 2012 01:39:55 +1100 (EST) Subject: [Dovecot] pop3 exim4 dovecot In-Reply-To: References: <63736.188.25.63.54.1352360926.squirrel@boosthardware.com> <509B6B86.6050600@sys4.de> <64315.188.25.63.54.1352363814.squirrel@boosthardware.com> <50869.188.25.63.54.1352383391.squirrel@boosthardware.com> Message-ID: <51168.188.25.63.54.1352385595.squirrel@boosthardware.com> On Fri, November 9, 2012 1:10 am, Odhiambo Washington wrote: > On Thu, Nov 8, 2012 at 5:03 PM, Patrick Shirkey > wrote: > >> >> On Fri, November 9, 2012 12:13 am, Odhiambo Washington wrote: >> > On Thu, Nov 8, 2012 at 11:36 AM, Patrick Shirkey >> > > >> wrote: >> > >> >> >> >> On Thu, November 8, 2012 7:21 pm, Robert Schetterer wrote: >> >> > Am 08.11.2012 08:48, schrieb Patrick Shirkey: >> >> >> Hi, >> >> >> >> >> >> I have an exim4 and dovecot system. The system has multiple >> accounts. >> >> >> Exim4 is receiving emails in the /var/mail/user files and dovecot >> is >> >> >> configured to use /home/user/mail (mbox) folder. >> >> >> >> >> >> I have one account that dovecot is not processing >> >> replies/bounces/etc... >> >> >> The data is being written in the /var/mail/user file by exim4 but >> as >> >> far >> >> >> as dovecot is aware there is nothing in the pop3 inbox. >> >> >> >> >> >> Can anyone suggest how I can enable dovecot to know that the data >> is >> >> in >> >> >> the /var/mail/user file and deliver it to the pop3 inbox for this >> >> >> account? >> >> >> >> >> >> >> >> >> >> >> >> -- >> >> >> Patrick Shirkey >> >> >> Boost Hardware Ltd >> >> >> >> >> > >> >> > show logs >> >> > and config like doveconf -n >> >> > >> >> > >> >> >> >> There is nothing in the dovecot logs afaict >> >> >> >> echo "my test" | mail -s "test message" test at xxx >> >> >> >> 2012-11-08 08:34:38 1TWNZO-0000TG-8s <= root at xxx U=root P=local S=398 >> >> 2012-11-08 08:34:38 1TWNZO-0000TG-8s => xxx R=local_user >> >> T=mail_spool >> >> 2012-11-08 08:34:38 1TWNZO-0000TG-8s Completed >> >> >> >> >> >> exim -bt test at xxx >> >> R: system_aliases for xxx at localhost >> >> R: userforward for xxx at localhost >> >> R: procmail for xxx at localhost >> >> R: maildrop for xxx at localhost >> >> R: lowuid_aliases for xxx at localhost (UID 1238) >> >> R: local_user for xxx at localhost >> >> xxx at localhost >> >> <-- test at xxx >> >> router = local_user, transport = mail_spool >> >> >> >> >> >> - Here's the dovecot config: >> >> >> >> # dovecot -n >> >> # 1.2.15: /etc/dovecot/dovecot.conf >> >> # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.6 >> >> log_timestamp: %Y-%m-%d %H:%M:%S >> >> protocols: pop3 pop3s >> >> listen: 127.0.0.1 >> >> login_dir: /var/run/dovecot/login >> >> login_executable: /usr/lib/dovecot/pop3-login >> >> mail_privileged_group: mail >> >> mail_location: mbox:~/mail >> >> mail_debug: yes >> >> mbox_write_locks: fcntl dotlock >> >> mail_executable: /usr/lib/dovecot/pop3 >> >> mail_plugin_dir: /usr/lib/dovecot/modules/pop3 >> >> auth default: >> >> debug: yes >> >> passdb: >> >> driver: pam >> >> userdb: >> >> driver: passwd >> >> >> >> >> >> >> > You are telling dovecot that mails are in mbox format (why you even >> use >> > mbox instead of Maildir++ beats me, but that's not what you asked for >> help >> > with) and are stored in /home/$user/mbox so go ahead at also tell Exim >> to >> > deliver to the same location! >> > If you want Exim to deliver to /var/mail/$user then change your >> > mail_location in dovecot.conf to point to this too. >> > >> > >> >> >> Thanks for your advice. I inherited this system and it is a live B2B >> system so I am trying not to break it as well as to keep it running :-) >> >> I have seen some unusual behaviour now. >> >> 1: According to my script to process the inbox for each account the pop3 >> account was empty. The code was previously working for many months. I >> thought it might be related to the missing mail_location directive >> because >> the home/xxx/mail folder was missing for the specific account that was >> having a problem so I added it as above but it didn't appear to fix the >> problem. >> > > You DO NOT need to add it manually. All you have to do is to send a test > mail to the user and the mbox will be created with the correct > permissions. > > >> >> 2: I modified it as suggested : mail_location = INBOX=/var/mail/%u >> >> That gave me an error >> >> Nov 8 13:47:03 mail dovecot: POP3(xxx): mail_location: Ambiguous mail >> location setting, don't know what to do with it: INBOX=/var/mail/xxx >> (try >> prefixing it with mbox: or maildir:) >> Nov 8 13:47:03 mail dovecot: POP3(xxx): Fatal: Namespace initialization >> failed >> > > > You must RTFM. The examples are in conf.d/10-mail.conf and they have the > following text: > > > ## Mailbox locations and namespaces > ## > > # Location for users' mailboxes. The default is empty, which means that > Dovecot > # tries to find the mailboxes automatically. This won't work if the user > # doesn't yet have any mail, so you should explicitly tell Dovecot the > full > # location. > # > # If you're using mbox, giving a path to the INBOX file (eg. /var/mail/%u) > # isn't enough. You'll also need to tell Dovecot where the other mailboxes > are > # kept. This is called the "root mail directory", and it must be the first > # path given in the mail_location setting. > # > # There are a few special variables you can use, eg.: > # > # %u - username > # %n - user part in user at domain, same as %u if there's no domain > # %d - domain part in user at domain, empty if there's no domain > # %h - home directory > # > # See doc/wiki/Variables.txt for full list. Some examples: > # > # mail_location = maildir:~/Maildir > # mail_location = mbox:~/mail:INBOX=/var/mail/%u > # mail_location = mbox:/var/mail/%d/%1n/%n:INDEX=/var/indexes/%d/%1n/%n > # > # > > > ... make sense? > Starting to now. My first attempt to *not* break the existing system was to try with the following: mail_location = mbox:~/mail But that didn't work so I asked here and according to your first email it seemed this config was necessary: mail_location = INBOX=/var/mail/%u But after re reading the docs it appears that *both* locations are required: mail_location = mbox:~/mail:INBOX=/var/mail/%u -- Patrick Shirkey Boost Hardware Ltd From list at airstreamcomm.net Thu Nov 8 16:45:03 2012 From: list at airstreamcomm.net (list at airstreamcomm.net) Date: Thu, 08 Nov 2012 08:45:03 -0600 Subject: [Dovecot] IMAP session state inconsistent Message-ID: <509BC56F.6030606@airstreamcomm.net> Running Dovecot 1.2.12 (we are in the process of upgrading to 2.1.x) Didn't find much in old threads, but we are seeing the following in the logs this morning: dovecot: imap-login: Login: user=, method=PLAIN, rip=x.x.x.x, lip=y.y.y.y dovecot: IMAP(wajabrun): Disconnected: IMAP session state is inconsistent, please relogin. bytes=443/1146 dovecot: imap-login: Login: user=, method=PLAIN, rip=x.x.x.x, lip=y.y.y.y dovecot: IMAP(wajabrun): Disconnected: IMAP session state is inconsistent, please relogin. bytes=561/1637 dovecot: imap-login: Login: user=, method=PLAIN, rip=x.x.x.x, lip=y.y.y.y dovecot: IMAP(wajabrun): file_dotlock_open() failed with file /mail/w/a/wajabrun/Maildir/.INBOX.02 ORDERS.Gaiam/dovecot.index.log: No such file or directory dovecot: IMAP(wajabrun): file_dotlock_open() failed with file /mail/w/a/wajabrun/Maildir/.INBOX.02 ORDERS.Gaiam/dovecot.index.log: No such file or directory Not sure what to make of this sequence? From davide.marchi at mail.cgilfe.it Thu Nov 8 16:51:35 2012 From: davide.marchi at mail.cgilfe.it (Davide) Date: Thu, 08 Nov 2012 15:51:35 +0100 Subject: [Dovecot] Hardlink with Maildir a brief help Message-ID: <509BC6F7.1050107@mail.cgilfe.it> Hi to all, my question is: Is possible implementing SIS (with hardlink) with maildir instead of *dbox format? If yes in dovecot.conf it's only necessary the below parameters or what else? mail_attachment_dir = /var/qmail/attachments I have also acting the zlib plugin it is not a problem isn't it? Thanks in advance for any response -- */Davide Marchi /Teorema Ferrara Srl /(Tel: /**/+39 0532 783161)/**/ (Fax: +/**/39 0532 783368/**/)/**//**/ /**//**/Davide.Marchi at mail.cgilfe.it /CONFIDENZIALITA? *** Questo messaggio, inclusi gli eventuali allegati, ? indirizzato solo ai destinatari e pu? contenere informazioni riservate e confidenziali. Se avete ricevuto il messaggio senza esserne un destinatario, siete pregati di non utilizzare, copiare o distribuire questo messaggio o i suoi allegati. Se avete ricevuto il messaggio per errore, siete pregati di cancellarlo dal vostro sistema, assieme a tutti gli allegati, e di informare immediatamente il mittente,sia ai sensi dell'art. 616 c.p., sia ai sensi del DL n. 196/03. *CONFIDENTIALITY*** This message and any attachments are intended only for the use of the addressee(s) and may contain information that is privileged and/or confidential. If the reader of the message is not the intended recipient(s) or an authorized representative of the intended recipient(s), please do not use, copy, distribute this email or its attachments or take action based on them. If you have received this communication in error, please notify us immediately by email and delete the message and any attachments from your system. *Teorema FerraraSrl - Via Spronello, 7 - 44121 Ferrara Italia - P. IVA 01244490387** P**S**tampa questo messaggio solo se veramente necessario, pensa alla natura! - Please consider whether it is necessary to print this e-mail* From jerry at seibercom.net Thu Nov 8 16:56:50 2012 From: jerry at seibercom.net (Jerry) Date: Thu, 8 Nov 2012 09:56:50 -0500 Subject: [Dovecot] pop3 exim4 dovecot In-Reply-To: <51168.188.25.63.54.1352385595.squirrel@boosthardware.com> References: <63736.188.25.63.54.1352360926.squirrel@boosthardware.com> <509B6B86.6050600@sys4.de> <64315.188.25.63.54.1352363814.squirrel@boosthardware.com> <50869.188.25.63.54.1352383391.squirrel@boosthardware.com> <51168.188.25.63.54.1352385595.squirrel@boosthardware.com> Message-ID: <20121108095650.6696cb85@scorpio> On Fri, 9 Nov 2012 01:39:55 +1100 (EST) Patrick Shirkey articulated: > My first attempt to *not* break the existing system was to try with > the following: > > mail_location = mbox:~/mail > > But that didn't work so I asked here and according to your first > email it seemed this config was necessary: > > mail_location = INBOX=/var/mail/%u > > But after re reading the docs it appears that *both* locations are > required: > > mail_location = mbox:~/mail:INBOX=/var/mail/%u Seriously, how much effort does it actually take to trim the excess garbage off of a post before replying to it? Personally, once I have to page through four pages of old nonsense I totally lose interest in the thread. -- Jerry ? Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From tlx at leuxner.net Thu Nov 8 17:18:06 2012 From: tlx at leuxner.net (Thomas Leuxner) Date: Thu, 8 Nov 2012 16:18:06 +0100 Subject: [Dovecot] pop3 exim4 dovecot In-Reply-To: <63736.188.25.63.54.1352360926.squirrel@boosthardware.com> References: <63736.188.25.63.54.1352360926.squirrel@boosthardware.com> Message-ID: <20121108151806.GA5906@nihlus.leuxner.net> On Thu, Nov 08, 2012 at 06:48:46PM +1100, Patrick Shirkey wrote: > I have one account that dovecot is not processing replies/bounces/etc... > The data is being written in the /var/mail/user file by exim4 but as far > as dovecot is aware there is nothing in the pop3 inbox. > > Can anyone suggest how I can enable dovecot to know that the data is in > the /var/mail/user file and deliver it to the pop3 inbox for this account? It's possible to override locations per user, if that's what your trying to achieve: http://wiki.dovecot.org/MailLocation http://wiki.dovecot.org/UserDatabase http://wiki.dovecot.org/UserDatabase/ExtraFields Regards Thomas -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: From ben at morrow.me.uk Thu Nov 8 21:16:51 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Thu, 8 Nov 2012 19:16:51 +0000 Subject: [Dovecot] Dovecot ok for port 110, but not for SSL (beginner asking) In-Reply-To: <1352361261767-38656.post@n4.nabble.com> References: <1352279608118-38611.post@n4.nabble.com> <509A35C0.8040209@sys4.de> <1352361261767-38656.post@n4.nabble.com> Message-ID: <20121108191650.GA89679@anubis.morrow.me.uk> At 11PM -0800 on 7/11/12 you (ycc_Swe) wrote: > > I still have the same problem. When I set ssl parameter to yes/required I > can still not connect to port 995. > This time I set ssl=verbose. This is what the log shows when I try to > connect with ssl. > > Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2002, > ret=-1: SSLv3 read client certificate A [12.12.12.7] Are you trying to authenticate with a client certificate, or with user/password under SSL? Using a client certificate requires more configuration than you have used. Does your dovecot machine have a proper publically-signed SSL certificate, or are you using a self-signed cert? If you're using a self-signed cert you'll probably find third-pary systems (like the website you're using for testing) won't accept it, and will disconnect immediately. Can you connect with 'openssl s_client' and log in manually, as you did with telnet before? Can you connect to port 110 and upgrade to SSL with 'STLS' (s_client will try this for you if you pass -starttls pop3)? Ben From fxmulder at gmail.com Thu Nov 8 22:03:57 2012 From: fxmulder at gmail.com (James Devine) Date: Thu, 8 Nov 2012 13:03:57 -0700 Subject: [Dovecot] IP/SSL configuration Message-ID: Is there a way I can have something like the following setup: 192.168.0.2 port 110/143, with no starttls/ssl 192.168.0.3 port 110,995/143,993 with starttls/ssl 192.168.0.4 port 110,995/143,993 with starttls/ssl I am looking to setup dovecot so that some IPs will run without any notion of SSL whereas other IPs will run with with ssl/starttls available, each with its own certs From cullinan at rocketmail.com Thu Nov 8 23:21:48 2012 From: cullinan at rocketmail.com (cullinan at rocketmail.com) Date: Thu, 08 Nov 2012 22:21:48 +0100 Subject: [Dovecot] Mails don't get deleted after POP3 Message-ID: <509C226C.9090208@rocketmail.com> Hi, there! Well, I am new to dovecot, so please be patient with me: I have a virtual server and want to setup simple mail delivery. postfix, saslauthd and dovecot basically work fine. The only open issue is, that (I guess) dovecot doesn't remove the mail when it's retrieved via pop3 from the server. It keeps sending me the same emails again and again. (The mail client (Thunderbird) is configured to remove the messages from the server - it was working already.) I guess that dovecot cannot write to some files / has problems with write permissions. But it doesn't tell me anything... Can you tell me, what configuration might be wrong or how can I enable more debugging to see what dovecot is doing after the mails got sent out via pop3? Here is the configuration: # dovecot -n # 1.2.15: /etc/dovecot/dovecot.conf # OS: Linux 2.6.38-8-server x86_64 Ubuntu 11.04 log_timestamp: %Y-%m-%d %H:%M:%S protocols: pop3 pop3s login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/pop3-login mail_privileged_group: mail mbox_write_locks: fcntl dotlock mail_executable: /usr/lib/dovecot/pop3 mail_plugin_dir: /usr/lib/dovecot/modules/pop3 auth default: passdb: driver: pam userdb: driver: passwd -----8<----- # dovecot -a # 1.2.15: /etc/dovecot/dovecot.conf # OS: Linux 2.6.38-8-server x86_64 Ubuntu 11.04 base_dir: /var/run/dovecot log_path: info_log_path: log_timestamp: %Y-%m-%d %H:%M:%S syslog_facility: mail protocols: pop3 pop3s listen: * ssl_listen: ssl: yes ssl_ca_file: ssl_cert_file: /etc/ssl/certs/dovecot.pem ssl_key_file: /etc/ssl/private/dovecot.pem ssl_key_password: ssl_parameters_regenerate: 168 ssl_cipher_list: ssl_cert_username_field: commonName ssl_verify_client_cert: no disable_plaintext_auth: yes verbose_ssl: no shutdown_clients: yes nfs_check: yes version_ignore: no login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/pop3-login login_user: dovecot login_greeting: Dovecot ready. login_log_format_elements: user=<%u> method=%m rip=%r lip=%l %c login_log_format: %$: %s login_process_per_connection: yes login_chroot: yes login_trusted_networks: login_process_size: 64 login_processes_count: 3 login_max_processes_count: 128 login_max_connections: 256 valid_chroot_dirs: mail_chroot: max_mail_processes: 512 mail_max_userip_connections: 10 verbose_proctitle: no first_valid_uid: 500 last_valid_uid: 0 first_valid_gid: 1 last_valid_gid: 0 mail_access_groups: mail_privileged_group: mail mail_uid: mail_gid: mail_location: mail_cache_fields: mail_never_cache_fields: imap.envelope mail_cache_min_mail_count: 0 mailbox_idle_check_interval: 30 mail_debug: no mail_full_filesystem_access: no mail_max_keyword_length: 50 mail_save_crlf: no mmap_disable: no dotlock_use_excl: yes fsync_disable: no mail_nfs_storage: no mail_nfs_index: no mailbox_list_index_disable: yes lock_method: fcntl maildir_stat_dirs: no maildir_copy_with_hardlinks: yes maildir_copy_preserve_filename: no maildir_very_dirty_syncs: no mbox_read_locks: fcntl mbox_write_locks: fcntl dotlock mbox_lock_timeout: 300 mbox_dotlock_change_timeout: 120 mbox_min_index_size: 0 mbox_dirty_syncs: yes mbox_very_dirty_syncs: no mbox_lazy_writes: yes dbox_rotate_size: 2048 dbox_rotate_min_size: 16 dbox_rotate_days: 1 mail_drop_priv_before_exec: no mail_executable: /usr/lib/dovecot/pop3 mail_process_size: 256 mail_plugins: mail_plugin_dir: /usr/lib/dovecot/modules/pop3 mail_log_prefix: %Us(%u): mail_log_max_lines_per_sec: 10 imap_max_line_length: 65536 imap_capability: imap_client_workarounds: imap_logout_format: bytes=%i/%o imap_id_send: imap_id_log: imap_idle_notify_interval: 120 pop3_no_flag_updates: no pop3_enable_last: no pop3_reuse_xuidl: no pop3_save_uidl: no pop3_lock_session: no pop3_uidl_format: %08Xu%08Xv pop3_client_workarounds: pop3_logout_format: top=%t/%p, retr=%r/%b, del=%d/%m, size=%s dict_db_config: dict_process_count: 1 managesieve_max_line_length: 65536 managesieve_logout_format: bytes=%i/%o managesieve_implementation_string: dovecot auth default: mechanisms: plain realms: default_realm: cache_size: 0 cache_ttl: 3600 cache_negative_ttl: 3600 executable: /usr/lib/dovecot/dovecot-auth user: root chroot: username_chars: abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ username_translation: username_format: master_user_separator: anonymous_username: anonymous krb5_keytab: gssapi_hostname: winbind_helper_path: /usr/bin/ntlm_auth failure_delay: 2 verbose: no debug: no debug_passwords: no ssl_require_client_cert: no ssl_username_from_cert: no use_winbind: no count: 1 worker_max_count: 30 process_size: 256 passdb: driver: pam args: deny: no pass: no master: no userdb: driver: passwd args: -----8<----- Please let me know if you need more. Thank you in advance! Regards, Rob From daniel.parthey at informatik.tu-chemnitz.de Thu Nov 8 23:46:17 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Thu, 8 Nov 2012 22:46:17 +0100 Subject: [Dovecot] Mails don't get deleted after POP3 In-Reply-To: <509C226C.9090208@rocketmail.com> References: <509C226C.9090208@rocketmail.com> Message-ID: <20121108214616.GA16774@daniel.localdomain> cullinan at rocketmail.com wrote: > Can you tell me, how can I enable more debugging > to see what dovecot is doing after the mails got sent out via pop3? You can log mail actions session with MailLog: http://wiki.dovecot.org/Plugins/MailLog Regards Daniel -- https://plus.google.com/103021802792276734820 From stan at hardwarefreak.com Thu Nov 8 23:55:12 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Thu, 08 Nov 2012 15:55:12 -0600 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <509B86C2.90207@1stwebdesigns.com> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <509B86C2.90207@1stwebdesigns.com> Message-ID: <509C2A40.9000400@hardwarefreak.com> Please always reply to the list, not individuals. On 11/8/2012 4:17 AM, 1st WebDesigns wrote: > On 08/11/2012 09:23, Stan Hoeppner wrote: >> On 11/8/2012 2:29 AM, 1st WebDesigns wrote: >>> Hi there, >>> >>> We're using Dovecot version 1.0.7 and Postfix, and since upgrading our >>> Linux box we're getting this in the maillog: >> >> 1.0.7 is absolutely ancient and no longer officially supported. You >> need 1.2.x minimum, 2.x.x even better. And you say you just recently >> upgraded your Linux distro? What planet do you live on son? You're a >> few light years behind current stable software. >> >>> Nov 8 07:49:11 server1 postfix/local[27901]: 04B8E7081DA: >>> to=, orig_to=, relay=local, delay=19, >>> delays=0.07/0/0/19, dsn=4.2.0, status=deferred (cannot update mailbox >>> /var/spool/mail/abc for user abc. unable to lock for exclusive access: >>> Resource temporarily unavailable) >> >> The simple permanent fix to Postfix/Dovecot mbox locking issues is >> switching from Postfix LOCAL to Dovecot LDA for mailbox delivery. 1.0.7 >> is before my time. I do not know if LDA was available then. Upgrade >> and you'll have it, and you'll also fix other problems you're not even >> aware of yet. >> >>> Postfix is currently set to: >>> mailbox_delivery_lock = fcntl, dotlock >>> >>> Dovecot has this: >>> mbox_read_locks = fcntl >>> mbox_write_locks = fcntl dotlock >> >> LDA completely eliminates lock contention. >> >> http://wiki.dovecot.org/LDA/Postfix >> http://wiki2.dovecot.org/LDA/Postfix >> > > Thanks for your reply. We have upgraded from RHEL4 to RHEL5, so 1.0.7 > is the "stable" version that they provide RHEL 5 is also ancient, released in March 2007, over 5 years ago. The current stable release is RHEL 6.3, released in June 2012. What is the valid reason preventing you from upgrading to the 6.x distribution? The packages in general in 6.x are 5 years newer than 5.x. And given the fact that RHEL runs miles behind the bleeding edge, you're way behind the curve even with a recent RHEL distribution. You can probably find a much newer version of Dovecot in an RPM somewhere, and Postfix for that matter. But it would be better for you if you simply upgraded to RHEL 6.3. -- Stan From ben at morrow.me.uk Fri Nov 9 01:53:35 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Thu, 8 Nov 2012 23:53:35 +0000 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <509B7A27.3080308@hardwarefreak.com> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> Message-ID: <20121108235334.GB89679@anubis.morrow.me.uk> At 3AM -0600 on 8/11/12 you (Stan Hoeppner) wrote: > > 1.0.7 is absolutely ancient and no longer officially supported. You > need 1.2.x minimum, 2.x.x even better. And you say you just recently > upgraded your Linux distro? What planet do you live on son? You're a > few light years behind current stable software. [A light-year is a measure of distance, not of time.] > LDA completely eliminates lock contention. As we have discussed before, using the LDA does not prevent lock contention, it just prevents the problems that arise when different software is using different locking strategies on the same mailbox (assuming nothing except LDA and imap is touching the mailbox directly). There are valid reasons for not using the LDA: the OP might be already using procmail, for instance, and have users with procmail recipies which sort into IMAP folders. These folders will need to be locked by procmail even if the default delivery to INBOX is changed (globally) to happen through dovecot-lda. While migrating to sieve (and mdbox, and LMTP) would, IMHO, be the best long-term solution, this isn't necessarily something that can be set up overnight. Ben From calestyo at scientia.net Fri Nov 9 02:22:37 2012 From: calestyo at scientia.net (Christoph Anton Mitterer) Date: Fri, 09 Nov 2012 01:22:37 +0100 Subject: [Dovecot] mbox vs. maildir storage block waste In-Reply-To: <9C95F27A-0D85-4CD4-8172-9829BC026A14@iki.fi> References: <1351544049.3435.47.camel@fermat.scientia.net> <9D29C5F7-A6BC-4D74-AAA9-14675035D09C@iki.fi> <1351545330.3435.66.camel@fermat.scientia.net> <22F4E090-F572-40F4-8B69-D48E48856815@iki.fi> <1351547682.3435.76.camel@fermat.scientia.net> <1351556165.3435.88.camel@fermat.scientia.net> <9C95F27A-0D85-4CD4-8172-9829BC026A14@iki.fi> Message-ID: <1352420557.5071.54.camel@fermat.scientia.net> On Wed, 2012-11-07 at 17:30 +0200, Timo Sirainen wrote: > On 30.10.2012, at 2.16, Christoph Anton Mitterer wrote: > > Have you ever thought about adding a "real" DB backend? Nothing against > > dbox... :) ... and I have no performance comparison of dbox with what > > could be done with a DBMS... but the advantage of the later would be > > that you get all fancy features from database systems for free... like > > fast indexing, online replication, etc. p.. > > One might even reuse something like AOX for this. > SQL indexes aren't very helpful for IMAP-like data. It would be fun to > some day have SQL backend in Dovecot (there already is read-only > INBOX-only SQL backend), but I don't expect it to have very good > performance. I see... well I haven't tested AOX or dbmail so far (especially as they're not in Debian and I was too lazy till now to compile them)... At least I had the impression that performance (especially in searches) was one of the major things these people were proud of. I'll stay tuned, whether we ever see a fully usable SQL backend for Dovecot :) Cheers, Chris. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5113 bytes Desc: not available URL: From kgc at corp.sonic.net Fri Nov 9 02:49:15 2012 From: kgc at corp.sonic.net (Kelsey Cummings) Date: Thu, 8 Nov 2012 16:49:15 -0800 Subject: [Dovecot] memory allocation issues Message-ID: <20121109004915.GJ70186@corp.sonic.net> One of our dovecot backend servers ran into a problem with it's auth process a few days ago. This doesn't appear to be the error logged when dovecot hits its internal limit so I'm not sure what is going on here. auth: Error: malloc: 58012: Cannot allocate memory auth: Error: Unable to allocate memory for mutexes from the region auth: Error: PANIC: Cannot allocate memory auth: passwd(test,1.1.1.1,<8HTlNHzNIQBAjhKC>): unknown user pop3: Error: Authenticated user not found from userdb, auth lookup +id=2509111297 (client-pid=4781 client-id=1) pop3-login: Internal login failure (pid=4781 id=1) (internal failure, 1 +succesful auths): user=... There was at least 10+GB free RAM on the server and no indication of a system level issue at the same time. The server is running 2.1.9. There were about 3,200 active sessions, with something like 12 new sessions/sec. The other identical servers are/were handling virtually identical load with the same service uptime and haven't had any issues so far. (Crash happened 7 days ago.) -- Kelsey Cummings - kgc at corp.sonic.net sonic.net, inc. System Architect 2260 Apollo Way 707.522.1000 Santa Rosa, CA 95407 From dovecot at r.paypc.com Fri Nov 9 03:54:11 2012 From: dovecot at r.paypc.com (Robin) Date: Thu, 08 Nov 2012 17:54:11 -0800 Subject: [Dovecot] mbox vs. maildir storage block waste In-Reply-To: <1352420557.5071.54.camel@fermat.scientia.net> References: <1351544049.3435.47.camel@fermat.scientia.net> <9D29C5F7-A6BC-4D74-AAA9-14675035D09C@iki.fi> <1351545330.3435.66.camel@fermat.scientia.net> <22F4E090-F572-40F4-8B69-D48E48856815@iki.fi> <1351547682.3435.76.camel@fermat.scientia.net> <1351556165.3435.88.camel@fermat.scientia.net> <9C95F27A-0D85-4CD4-8172-9829BC026A14@iki.fi> <1352420557.5071.54.camel@fermat.scientia.net> Message-ID: <509C6243.9040002@r.paypc.com> Obvious caveats and qualifications apply here throughout this email. Christoph Anton Mitterer wrote: > I see... well I haven't tested AOX or dbmail so far (especially as > they're not in Debian and I was too lazy till now to compile them)... > > At least I had the impression that performance (especially in searches) > was one of the major things these people were proud of. > > > I'll stay tuned, whether we ever see a fully usable SQL backend for > Dovecot :) I wouldn't hold your breath. It's a recurringly seductive "meme" in email circles, but the reality is that email is mostly unstructured data with a few fields of reasonably structured data (dates, from, to, maybe attachment types + filenames). The bulk of the emails, and the part of the emails that people really want to search quickly: the body, is unstructured, and doesn't perform quickly with the stock "full text search" modules in the main SQL engines. I'd given dbmail2 a try with MySQL 5, 5.5, and Postgres 8.4 and 9.1 branches. I've dedicated 16GB of DDR3-1800/3.4GHz 6-core AMD 1090T with hardware RAID local storage (12 x Seagate ES 7200RPM spindles). (64 bit Slackware 13.37 running Linux 3.2 kernels built for the platform.) The performance is surprisingly bad ... doing almost everything. Searches through IMAP, bulk importation of mail folders, large numbers of simultaneous mail deliveries, you name it. There wasn't a task that the dbmail setup performed faster than Dovecot, in either low or high load situations. When I tossed a test load that introduced lots of mail deliveries as well as searches and full folder pulls, things got really pear-shaped. Even putting dovecot's mailstore on NFS (GigE) didn't really slow Dovecot down enough to make dbmail competitive. When pressed on this lack of performance, I was instructed to "add more RAM" to the DB machine, and that for ideal performance I should have more RAM than my mailbox sizes. *sigh* This sounds great for a very small installation, but this clearly is not something that scales. I think the final humiliation was comparing the body + header searching performance using Timo's practically obsolete fts_squat plugin against dbmail's. Wow. Squat was multiple orders of magnitude faster. Lucene and Solr are even moreso when fed large datasets (mail folder hives of about 100GB). The SQL setups hit the obvious performance shelf once they were unable to maintain everything in RAM or cache. The dbmail folk are earnest and hard-working, and I don't mean to cast the slightest bit of negativity on their project. I think the assumptions about what SQL servers can do well often doesn't square with the reality of many applications that people try to fit them into. On my first initial round of tests, I imported 24,000 emails comprising a mere 560MB of space. Just about all of the non-SQL imap servers handled the importation (basically IMAP APPENDs) within 6 minutes. dbmail2 required hours (using MySQL), and a bit shorter time (but still hours') with Postgres. >From an old email: > Searching INBOX #msgs = 24714 > [NOFIND] Time=2.072423, matches=24714 <--- this should be zero *BUG* > [date] Time=2.07519, matches=24714 <--- this is correct > [here] Time=2.072075, matches=24714 <--- this should be about 30% of total # of msgs *BUG* > > Does dbmail break IMAP SEARCH TEXT (i.e., search both body + headers)? Is this a result of relying on MySQL's search algorithms in text-like fields? I'm still puzzled, because I can't believe that 'here' appears in EVERY email. It looks like dbmail's returning EVERY email on a SEARCH TEXT. This is not correct operation. > > When I alter the search to use "FROM" as the key instead of "TEXT", the results are more discriminating and meet expectations. > > Searching INBOX #msgs = 24714 > [NOFIND] Time=2.161049, matches=0 > [james] Time=2.273255, matches=1049 > [here] Time=2.165406, matches=2 > > Not that it matters, but it's much slower than Dovecot's fts_squat for substring searches. > > Dovecot's fts_squat IMAP SEARCH TEXT results are: > > Searching INBOX #msgs = 55731 > [Updating Index] Time=78.184637 (66% of the mailbox unindexed at start) > [NOFIND] Time=0.045654, matches=0 > [date] Time=0.13364, matches=55731 > [here] Time=0.069091, matches=24663 FWIW, I found Postgres to be faster than MySQL (5 and 5.5, though 5.5 with a hand-rolled config file using metrics supplied by a dbmail/MySQL guru helped a great deal for size(data_set) < size(PHYSICAL MEMORY) cases. Where lots of write-commits were involved on the same exact setup. MySQL "got close" to PSQL's performance when I did crazy things like remove filesystem journaling, write barriers, etc on the mail db mountpoint. Obviously, this is desperation talking. I concede that the motivations behind SQLising mail storage extends to administration/replication and other non-performance/scalability aspects. I suspect what constitutes "good enough" performance when squared against those other considerations may raise a SQL approach high enough for some people to use it. I suspect a "NoSQL" key-value store type of database to offer much better performance than SQL RDBs, since most of the assumptions behind the storage and access patterns of email don't really fit into the SQL RDB model very efficiently. dbmail's author and a couple of key dbmail users are very active and responsive on their mailing list, and bend over backwards to try to help new users with tuning and performance related problems. I simply don't have enough of a budget for populating my DB machines with TBs of RAM to make it work as quickly as I need it to for my midrange mail store (10TB). Good luck! =R= From bangkokmaco at gmail.com Fri Nov 9 04:05:49 2012 From: bangkokmaco at gmail.com (cc "maco" young) Date: Fri, 9 Nov 2012 09:05:49 +0700 Subject: [Dovecot] mbox vs. maildir storage block waste In-Reply-To: <509C6243.9040002@r.paypc.com> References: <1351544049.3435.47.camel@fermat.scientia.net> <9D29C5F7-A6BC-4D74-AAA9-14675035D09C@iki.fi> <1351545330.3435.66.camel@fermat.scientia.net> <22F4E090-F572-40F4-8B69-D48E48856815@iki.fi> <1351547682.3435.76.camel@fermat.scientia.net> <1351556165.3435.88.camel@fermat.scientia.net> <9C95F27A-0D85-4CD4-8172-9829BC026A14@iki.fi> <1352420557.5071.54.camel@fermat.scientia.net> <509C6243.9040002@r.paypc.com> Message-ID: robin - what a great write up! thanks! On Fri, Nov 9, 2012 at 8:54 AM, Robin wrote: > Obvious caveats and qualifications apply here throughout this email. > > Christoph Anton Mitterer wrote: > > I see... well I haven't tested AOX or dbmail so far (especially as > > they're not in Debian and I was too lazy till now to compile them)... > > > > At least I had the impression that performance (especially in searches) > > was one of the major things these people were proud of. > > > > > > I'll stay tuned, whether we ever see a fully usable SQL backend for > > Dovecot :) > > I wouldn't hold your breath. > > It's a recurringly seductive "meme" in email circles, but the reality is > that email is mostly unstructured data with a few fields of reasonably > structured data (dates, from, to, maybe attachment types + filenames). The > bulk of the emails, and the part of the emails that people really want to > search quickly: the body, is unstructured, and doesn't perform quickly with > the stock "full text search" modules in the main SQL engines. > > I'd given dbmail2 a try with MySQL 5, 5.5, and Postgres 8.4 and 9.1 > branches. I've dedicated 16GB of DDR3-1800/3.4GHz 6-core AMD 1090T with > hardware RAID local storage (12 x Seagate ES 7200RPM spindles). (64 bit > Slackware 13.37 running Linux 3.2 kernels built for the platform.) > > The performance is surprisingly bad ... doing almost everything. Searches > through IMAP, bulk importation of mail folders, large numbers of > simultaneous mail deliveries, you name it. There wasn't a task that the > dbmail setup performed faster than Dovecot, in either low or high load > situations. When I tossed a test load that introduced lots of mail > deliveries as well as searches and full folder pulls, things got really > pear-shaped. Even putting dovecot's mailstore on NFS (GigE) didn't really > slow Dovecot down enough to make dbmail competitive. > > When pressed on this lack of performance, I was instructed to "add more > RAM" to the DB machine, and that for ideal performance I should have more > RAM than my mailbox sizes. *sigh* This sounds great for a very small > installation, but this clearly is not something that scales. > > I think the final humiliation was comparing the body + header searching > performance using Timo's practically obsolete fts_squat plugin against > dbmail's. Wow. Squat was multiple orders of magnitude faster. Lucene and > Solr are even moreso when fed large datasets (mail folder hives of about > 100GB). The SQL setups hit the obvious performance shelf once they were > unable to maintain everything in RAM or cache. > > The dbmail folk are earnest and hard-working, and I don't mean to cast the > slightest bit of negativity on their project. I think the assumptions > about what SQL servers can do well often doesn't square with the reality of > many applications that people try to fit them into. > > On my first initial round of tests, I imported 24,000 emails comprising a > mere 560MB of space. Just about all of the non-SQL imap servers handled > the importation (basically IMAP APPENDs) within 6 minutes. dbmail2 > required hours (using MySQL), and a bit shorter time (but still hours') > with Postgres. > > From an old email: > > > Searching INBOX #msgs = 24714 > > [NOFIND] Time=2.072423, matches=24714 <--- this should be zero *BUG* > > [date] Time=2.07519, matches=24714 <--- this is correct > > [here] Time=2.072075, matches=24714 <--- this should be about 30% of > total # of msgs *BUG* > > > > Does dbmail break IMAP SEARCH TEXT (i.e., search both body + headers)? > Is this a result of relying on MySQL's search algorithms in text-like > fields? I'm still puzzled, because I can't believe that 'here' appears in > EVERY email. It looks like dbmail's returning EVERY email on a SEARCH > TEXT. This is not correct operation. > > > > When I alter the search to use "FROM" as the key instead of "TEXT", the > results are more discriminating and meet expectations. > > > > Searching INBOX #msgs = 24714 > > [NOFIND] Time=2.161049, matches=0 > > [james] Time=2.273255, matches=1049 > > [here] Time=2.165406, matches=2 > > > > Not that it matters, but it's much slower than Dovecot's fts_squat for > substring searches. > > > > Dovecot's fts_squat IMAP SEARCH TEXT results are: > > > > Searching INBOX #msgs = 55731 > > [Updating Index] Time=78.184637 (66% of the mailbox unindexed at start) > > [NOFIND] Time=0.045654, matches=0 > > [date] Time=0.13364, matches=55731 > > [here] Time=0.069091, matches=24663 > > FWIW, I found Postgres to be faster than MySQL (5 and 5.5, though 5.5 with > a hand-rolled config file using metrics supplied by a dbmail/MySQL guru > helped a great deal for size(data_set) < size(PHYSICAL MEMORY) cases. > > Where lots of write-commits were involved on the same exact setup. MySQL > "got close" to PSQL's performance when I did crazy things like remove > filesystem journaling, write barriers, etc on the mail db mountpoint. > Obviously, this is desperation talking. > > I concede that the motivations behind SQLising mail storage extends to > administration/replication and other non-performance/scalability aspects. > I suspect what constitutes "good enough" performance when squared against > those other considerations may raise a SQL approach high enough for some > people to use it. > > I suspect a "NoSQL" key-value store type of database to offer much better > performance than SQL RDBs, since most of the assumptions behind the storage > and access patterns of email don't really fit into the SQL RDB model very > efficiently. > > dbmail's author and a couple of key dbmail users are very active and > responsive on their mailing list, and bend over backwards to try to help > new users with tuning and performance related problems. > > I simply don't have enough of a budget for populating my DB machines with > TBs of RAM to make it work as quickly as I need it to for my midrange mail > store (10TB). > > Good luck! > > =R= > From yngve_l2 at hotmail.com Fri Nov 9 06:32:18 2012 From: yngve_l2 at hotmail.com (ycc_Swe) Date: Thu, 8 Nov 2012 20:32:18 -0800 (PST) Subject: [Dovecot] Dovecot ok for port 110, but not for SSL (beginner asking) In-Reply-To: <20121108191650.GA89679@anubis.morrow.me.uk> References: <1352279608118-38611.post@n4.nabble.com> <509A35C0.8040209@sys4.de> <1352361261767-38656.post@n4.nabble.com> <20121108191650.GA89679@anubis.morrow.me.uk> Message-ID: <1352435538283-38686.post@n4.nabble.com> Thank you for your replies. I am trying to authenticate with user/password under SSL (port 995). Ben wrote: Does your dovecot machine have a proper publically-signed SSL certificate, or are you using a self-signed cert? If you're using a self-signed cert you'll probably find third-pary systems (like the website you're using for testing) won't accept it, and will disconnect immediately. *Thank you very much for your comment Ben, I think you spotted my problem. I just use the certificate and key that are generated during the installation. To be able to make web-sites connect I must have a proper "publically-signed SSL". Thanks, this question is solved, at least for the time being.* -- View this message in context: http://dovecot.2317879.n4.nabble.com/Dovecot-ok-for-port-110-but-not-for-SSL-beginner-asking-tp38611p38686.html Sent from the Dovecot mailing list archive at Nabble.com. From mrn666 at yahoo.com Fri Nov 9 07:37:29 2012 From: mrn666 at yahoo.com (Jay) Date: Thu, 8 Nov 2012 21:37:29 -0800 (PST) Subject: [Dovecot] Is there a hook for a plugin to do some transient operation on the mail body ... Message-ID: <1352439449.79235.YahooMailNeo@web165005.mail.bf1.yahoo.com> ... when the MUA has issued a FETCH? ? I am a Dovecot newbie ... so please bear with me if this is obvious. Basically what I am trying to do is process the mail body (in my own specific way) before Dovecot serves it up to the MUA. I want to do it as a transient operation in memory. So think of the scenario as ... ? - the MUA issues a FETCH ? - Dovecot intercepts the FETCH ? - Dovecot internally gets the mail from the storage into a buffer in memory ? ----> This is where I'd like to apply a function to the mail body and modify the mail body?in the buffer (not in the storage) ? - Dovecot serves up the (modified) mail to the MUA ? Looking for a hook that allows me to do it using a plugin. Looks like the zlib plugin does something similar ... applies a decompression function ... but I am not 100% sure. ? Thanks for your help. -- J. From rs at sys4.de Fri Nov 9 09:05:50 2012 From: rs at sys4.de (Robert Schetterer) Date: Fri, 09 Nov 2012 08:05:50 +0100 Subject: [Dovecot] Mails don't get deleted after POP3 In-Reply-To: <509C226C.9090208@rocketmail.com> References: <509C226C.9090208@rocketmail.com> Message-ID: <509CAB4E.7020909@sys4.de> Am 08.11.2012 22:21, schrieb cullinan at rocketmail.com: > Hi, there! > > Well, I am new to dovecot, so please be patient with me: > > I have a virtual server and want to setup simple mail delivery. > postfix, saslauthd and dovecot basically work fine. > > The only open issue is, that (I guess) dovecot doesn't remove the > mail when it's retrieved via pop3 from the server. > It keeps sending me the same emails again and again. > (The mail client (Thunderbird) is configured to remove the messages > from the server - it was working already.) 1.2.15 is very old, consider upgrade to recent version if it allready worked ,what did you changed in the near past double check your thunderbird settings look at your logs , switch them to be more verbose Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From rs at sys4.de Fri Nov 9 09:10:01 2012 From: rs at sys4.de (Robert Schetterer) Date: Fri, 09 Nov 2012 08:10:01 +0100 Subject: [Dovecot] mbox vs. maildir storage block waste In-Reply-To: <509C6243.9040002@r.paypc.com> References: <1351544049.3435.47.camel@fermat.scientia.net> <9D29C5F7-A6BC-4D74-AAA9-14675035D09C@iki.fi> <1351545330.3435.66.camel@fermat.scientia.net> <22F4E090-F572-40F4-8B69-D48E48856815@iki.fi> <1351547682.3435.76.camel@fermat.scientia.net> <1351556165.3435.88.camel@fermat.scientia.net> <9C95F27A-0D85-4CD4-8172-9829BC026A14@iki.fi> <1352420557.5071.54.camel@fermat.scientia.net> <509C6243.9040002@r.paypc.com> Message-ID: <509CAC49.1010802@sys4.de> Am 09.11.2012 02:54, schrieb Robin: > I'll stay tuned, whether we ever see a fully usable SQL backend for >> Dovecot :) thats not a new idea, but there is still tons of stuff which has to coded in more prime, as dovecot works nice with other existing storage file backends, there isnt hard pressure for sql storage, but feel free to code your own , youre welcome Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From cullinan at rocketmail.com Fri Nov 9 10:24:32 2012 From: cullinan at rocketmail.com (cullinan at rocketmail.com) Date: Fri, 09 Nov 2012 09:24:32 +0100 Subject: [Dovecot] Mails don't get deleted after POP3 [SOLVED] In-Reply-To: <509C226C.9090208@rocketmail.com> References: <509C226C.9090208@rocketmail.com> Message-ID: <509CBDC0.7030304@rocketmail.com> Hi, there! > I guess that dovecot cannot write to some files / has problems > with write permissions. But it doesn't tell me anything... The reason was indeed that dovecot couldn't write to /var/mail I had to chown it to the mail group as it says in: mail_privileged_group: mail Thank you, Regards, Rob Am 08.11.2012 22:21, schrieb cullinan at rocketmail.com: > Hi, there! > > Well, I am new to dovecot, so please be patient with me: > > I have a virtual server and want to setup simple mail delivery. > postfix, saslauthd and dovecot basically work fine. > > The only open issue is, that (I guess) dovecot doesn't remove the > mail when it's retrieved via pop3 from the server. > It keeps sending me the same emails again and again. > (The mail client (Thunderbird) is configured to remove the messages > from the server - it was working already.) > > I guess that dovecot cannot write to some files / has problems > with write permissions. But it doesn't tell me anything... > > Can you tell me, what configuration might be wrong or how can I > enable more debugging to see what dovecot is doing after > the mails got sent out via pop3? > > Here is the configuration: > > # dovecot -n > # 1.2.15: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.38-8-server x86_64 Ubuntu 11.04 > log_timestamp: %Y-%m-%d %H:%M:%S > protocols: pop3 pop3s > login_dir: /var/run/dovecot/login > login_executable: /usr/lib/dovecot/pop3-login > mail_privileged_group: mail > mbox_write_locks: fcntl dotlock > mail_executable: /usr/lib/dovecot/pop3 > mail_plugin_dir: /usr/lib/dovecot/modules/pop3 > auth default: > passdb: > driver: pam > userdb: > driver: passwd > > -----8<----- > > # dovecot -a > # 1.2.15: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.38-8-server x86_64 Ubuntu 11.04 > base_dir: /var/run/dovecot > log_path: > info_log_path: > log_timestamp: %Y-%m-%d %H:%M:%S > syslog_facility: mail > protocols: pop3 pop3s > listen: * > ssl_listen: > ssl: yes > ssl_ca_file: > ssl_cert_file: /etc/ssl/certs/dovecot.pem > ssl_key_file: /etc/ssl/private/dovecot.pem > ssl_key_password: > ssl_parameters_regenerate: 168 > ssl_cipher_list: > ssl_cert_username_field: commonName > ssl_verify_client_cert: no > disable_plaintext_auth: yes > verbose_ssl: no > shutdown_clients: yes > nfs_check: yes > version_ignore: no > login_dir: /var/run/dovecot/login > login_executable: /usr/lib/dovecot/pop3-login > login_user: dovecot > login_greeting: Dovecot ready. > login_log_format_elements: user=<%u> method=%m rip=%r lip=%l %c > login_log_format: %$: %s > login_process_per_connection: yes > login_chroot: yes > login_trusted_networks: > login_process_size: 64 > login_processes_count: 3 > login_max_processes_count: 128 > login_max_connections: 256 > valid_chroot_dirs: > mail_chroot: > max_mail_processes: 512 > mail_max_userip_connections: 10 > verbose_proctitle: no > first_valid_uid: 500 > last_valid_uid: 0 > first_valid_gid: 1 > last_valid_gid: 0 > mail_access_groups: > mail_privileged_group: mail > mail_uid: > mail_gid: > mail_location: > mail_cache_fields: > mail_never_cache_fields: imap.envelope > mail_cache_min_mail_count: 0 > mailbox_idle_check_interval: 30 > mail_debug: no > mail_full_filesystem_access: no > mail_max_keyword_length: 50 > mail_save_crlf: no > mmap_disable: no > dotlock_use_excl: yes > fsync_disable: no > mail_nfs_storage: no > mail_nfs_index: no > mailbox_list_index_disable: yes > lock_method: fcntl > maildir_stat_dirs: no > maildir_copy_with_hardlinks: yes > maildir_copy_preserve_filename: no > maildir_very_dirty_syncs: no > mbox_read_locks: fcntl > mbox_write_locks: fcntl dotlock > mbox_lock_timeout: 300 > mbox_dotlock_change_timeout: 120 > mbox_min_index_size: 0 > mbox_dirty_syncs: yes > mbox_very_dirty_syncs: no > mbox_lazy_writes: yes > dbox_rotate_size: 2048 > dbox_rotate_min_size: 16 > dbox_rotate_days: 1 > mail_drop_priv_before_exec: no > mail_executable: /usr/lib/dovecot/pop3 > mail_process_size: 256 > mail_plugins: > mail_plugin_dir: /usr/lib/dovecot/modules/pop3 > mail_log_prefix: %Us(%u): > mail_log_max_lines_per_sec: 10 > imap_max_line_length: 65536 > imap_capability: > imap_client_workarounds: > imap_logout_format: bytes=%i/%o > imap_id_send: > imap_id_log: > imap_idle_notify_interval: 120 > pop3_no_flag_updates: no > pop3_enable_last: no > pop3_reuse_xuidl: no > pop3_save_uidl: no > pop3_lock_session: no > pop3_uidl_format: %08Xu%08Xv > pop3_client_workarounds: > pop3_logout_format: top=%t/%p, retr=%r/%b, del=%d/%m, size=%s > dict_db_config: > dict_process_count: 1 > managesieve_max_line_length: 65536 > managesieve_logout_format: bytes=%i/%o > managesieve_implementation_string: dovecot > auth default: > mechanisms: plain > realms: > default_realm: > cache_size: 0 > cache_ttl: 3600 > cache_negative_ttl: 3600 > executable: /usr/lib/dovecot/dovecot-auth > user: root > chroot: > username_chars: abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ > username_translation: > username_format: > master_user_separator: > anonymous_username: anonymous > krb5_keytab: > gssapi_hostname: > winbind_helper_path: /usr/bin/ntlm_auth > failure_delay: 2 > verbose: no > debug: no > debug_passwords: no > ssl_require_client_cert: no > ssl_username_from_cert: no > use_winbind: no > count: 1 > worker_max_count: 30 > process_size: 256 > passdb: > driver: pam > args: > deny: no > pass: no > master: no > userdb: > driver: passwd > args: > > -----8<----- > > Please let me know if you need more. > Thank you in advance! > > Regards, > > Rob > > > From adrian.stoica at dacris.net Fri Nov 9 11:11:08 2012 From: adrian.stoica at dacris.net (Adrian Stoica) Date: Fri, 09 Nov 2012 11:11:08 +0200 Subject: [Dovecot] quota recalc does not work Message-ID: Hi I upgraded dovecot from 2.0 to 2.1 , and now i face the quota recalc problem. All settings are keep in mysql Before , after a change in mailbox.quota field, i run doveadm quota recalc and all was ok , but now that command doesn't do anything. After i change a quota for a user , i have to restart dovecot to get the new quota , or do a "doveadm reload" instead of recalc. And the doveadm quota recalc -A" give me back a lot of "doveadm(username): Info: User no longer exists, skipping" Any thoughts ? # 2.1.10: /usr/dovecot21/etc/dovecot/dovecot.conf # OS: Linux 2.6.35.4 i686 auth_cache_negative_ttl = 1 secs auth_cache_size = 2 M auth_failure_delay = 4 secs auth_mechanisms = plain login digest-md5 cram-md5 auth_worker_max_count = 100 base_dir = /var/run/dovecot/ default_client_limit = 4096 default_internal_user = vmail default_login_user = nobody default_process_limit = 256 deliver_log_format = mail delivery from=%f subject=%s msgid=%m: %$ dict { acl = mysql:/usr/dovecot21/etc/dovecot/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no first_valid_uid = 1 lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes listen = * mail_location = maildir:~/Maildir mail_plugins = " quota acl trash notify mail_log" managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace { hidden = no list = children location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u prefix = shared/%%u/ separator = / subscriptions = no type = shared } namespace inbox { inbox = yes list = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / subscriptions = yes type = private } passdb { args = /usr/dovecot21/etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { acl = vfile acl_shared_dict = proxy::acl autocreate = Trash autocreate2 = Drafts autocreate3 = Sent autosubscribe = Trash autosubscribe2 = Drafts autosubscribe3 = INBOX autosubscribe4 = Sent mail_log_events = delete mailbox_delete mailbox_rename mail_log_fields = box subject from msgid size quota = maildir:User quota quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=95%% quota-warning 90 %u quota_warning3 = storage=85%% quota-warning 85 %u sieve = ~/.dovecot.sieve sieve_dir = ~/sieve trash = /usr/dovecot21/etc/dovecot/dovecot-trash.conf.ext } postmaster_address = postmaster at dacris.net protocols = imap quota_full_tempfail = yes rejection_subject = Rejected: %s: %r service auth { unix_listener auth-client { mode = 0666 user = vmail } unix_listener auth-userdb { mode = 0666 user = vmail } } service dict { unix_listener dict { user = vmail } } service imap-login { process_min_avail = 4 } service imap-postlogin { executable = script-login /bin/imap.sh unix_listener imap-postlogin { mode = 01232 } } service imap { executable = imap imap-postlogin process_limit = 1024 vsz_limit = 1 G } service quota-warning { executable = script /bin/quota_warning.sh unix_listener quota-warning { user = vmail } user = vmail } ssl_cert = From crohmann at netcologne.de Fri Nov 9 15:24:23 2012 From: crohmann at netcologne.de (Christian Rohmann) Date: Fri, 09 Nov 2012 14:24:23 +0100 Subject: [Dovecot] Sieve puts incoming message into inbox on any problem with submission_host Message-ID: <509D0407.8070307@netcologne.de> Hello dovecot-users, I have a question/suggestion regarding the submission_host feature of the lda (either via dovecot-lda binary or lmtp) in combination with sieve. When trying to deliver message to a mailbox and this message has a sieve redirect action applied to it, dovecot is using the configured smtp server to forward the message just fine. Unfortunately, if the server configured for submission is unavailable, returns an error or cannot be found via DNS, sieve will simply put the message into the inbox and be done with it: --- dovecot.log --- dovecot: lda(user1): Error: lmtp client: DNS lookup of idonotexist.example.com failed: Name or service not known dovecot: lda(user1): Error: sieve: msgid=unspecified: failed to redirect message to (refer to server log for more information) dovecot: lda(user1): sieve: msgid=unspecified: stored mail into mailbox 'INBOX' dovecot: lda(user1): Error: sieve: execution of script /mailboxes/user1/.dovecot.sieve failed, but implicit keep was successful (user logfile /mailboxes/user1/.dovecot.sieve.log may reveal additional details) --- /dovecot.log --- The same applies to vacation messages being sent out. Especially with an (unconditional) redirect action, users don't expect to find messages in their inbox. Also problems with the submission_host could very much be temporary and a little delay in delivering a message is better then putting it somewhere the user doesn't expect a message to be. Is there any way to change the behavior of dovecot or the sieve plugin to tempfail in case a message cannot be sent out? I know that with multiple sieve actions it gets more complicated as there could be corner cases were the first message can be sent via the submission server and another message produced by the same sieve script cannot. I'd love sieve to behave like this: a) if submission host is unreachable (hostname wrong, timeout, ...) -> tempfail b) if submission host returns 4xx error -> tempfail c) if submission host returns 5xx error -> fail(-save) and just drop the message into inbox or even have an option to reject the message completely in this case. In case of a tempfail response, the mta simply queues the message and tries again later. In case of a permanent fail the mta will create a bounce message to in form the sender. Regards and have a great weekend, Christian From ramon.frontera at uib.es Fri Nov 9 17:11:59 2012 From: ramon.frontera at uib.es (Ramon Frontera) Date: Fri, 9 Nov 2012 16:11:59 +0100 Subject: [Dovecot] doveadm quota get -A via doveadm-proxy director with LDAP Message-ID: Hi, We are running Dovecot 2.1.10 I want configure dovecot to do execute doveadm commands on the proxy server. We have 1 proxy with director and 2 mail servers. we use LDAP when I try to do doveadm quota get -u user it works fine. The problem is when I try to do doveadm quota get -A ON PROXY I have this result: doveadm(first_user): Error: Proxy is missing destination host doveadm: Error: Failed to iterate through some users Username Quota name Type Value Limit % in 10-auth.conf I have "!include auth-ldap.conf.ext" in auth-ldap.conf.ext I hve: passdb { driver = ldap args = /etc/dovecot/dovecot-ldap.conf.ext } userdb { driver = ldap args = /etc/dovecot/dovecot-ldap.conf.ext } and In dovecot-ldap.conf.ext I have: uris = ldap://ldap:port dn = xxxxx dnpass = yyyyy auth_bind = no ldap_version = 3 base =base scope = subtree user_attrs = attributes user_filter = (mail=%u) pass_attrs = userPassword=password,uid=user=%L$,cn=proxy,=starttls=any-cert pass_filter = (mail=%u) iterate_attrs = uid=user iterate_filter = (uid=*) I don't know where is my error!!! Thanks in advance -- ------------------------------------------ Ramon Frontera Gallardo Universitat de les Illes Balears From listen at mjh.name Fri Nov 9 17:18:45 2012 From: listen at mjh.name (Milan =?ISO-8859-1?Q?Holz=E4pfel?=) Date: Fri, 9 Nov 2012 16:18:45 +0100 Subject: [Dovecot] Rebuilding indexes fails on inconsistent mdbox In-Reply-To: <394FADB5-4E6C-4179-BF30-244390964FA4@iki.fi> References: <20121024132811.7cf18fdf7343b4dd961b2858@mjh.name> <394FADB5-4E6C-4179-BF30-244390964FA4@iki.fi> Message-ID: <20121109161845.503766441fbb2a1df97d7220@mjh.name> On Mon, 29 Oct 2012 17:31:42 +0200 Timo Sirainen wrote: > On 24.10.2012, at 14.28, Milan Holz?pfel wrote: > > > Oct 24 10:45:19 two dovecot: imap(listen at mjh.name): Panic: file mdbox-storage-rebuild.c: line 773 (rebuild_update_refcounts): assertion failed: (map_uid < msgs[i]->map_uid) > > Now this is a bug. > > > Dovecot 2.0.19-0ubuntu1 > > But the bug may have already been fixed in v2.1. I downloaded Dovecot 2.1.10 and compiled from source. Accessing the mailbox still fails: $ doveadm mailbox status all xen-devel doveadm(...): Error: mdbox map /home/test/mdbox/storage/dovecot.map.index corrupted: Unexpectedly lost xen-devel uid=108079 map_uid=809892 doveadm(...): Warning: mdbox /home/test/mdbox/storage: rebuilding indexes doveadm(...): Panic: file mdbox-storage-rebuild.c: line 743 (rebuild_update_refcounts): assertion failed: (map_uid < msgs[i]->map_uid) doveadm(...): Error: Raw backtrace: /home/test/prefix/dovecot/lib/dovecot/libdovecot.so.0(+0x45b3a) [0x7fd2942f9b3a] -> /home/test/prefix/dovecot/lib/dovecot/libdovecot.so.0(default_fatal_handler+0x2a) [0x7fd2942f9bfa] -> /home/test/prefix/dovecot/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7fd2942cdc60] -> /home/test/prefix/dovecot/lib/dovecot/libdovecot-storage.so.0(mdbox_storage_rebuild_in_context+0x105e) [0x7fd2945838be] -> /home/test/prefix/dovecot/lib/dovecot/libdovecot-storage.so.0(mdbox_storage_rebuild+0x24) [0x7fd294583a54] -> /home/test/prefix/dovecot/lib/dovecot/libdovecot-storage.so.0(+0x3b525) [0x7fd294581525] -> /home/test/prefix/dovecot/lib/dovecot/libdovecot-storage.so.0(mailbox_close+0x1a) [0x7fd2945c047a] -> /home/test/prefix/dovecot/lib/dovecot/libdovecot-storage.so.0(mailbox_free+0x13) [0x7fd2945c04c3] -> /home/test/prefix/dovecot/bin/doveadm() [0x41383d] -> /home/test/prefix/dovecot/bin/doveadm() [0x40e8e7] -> /home/test/prefix/dovecot/bin/doveadm() [0x40f3ae] -> /home/test/prefix/dovecot/bin/doveadm(doveadm_mail_try_run+0x11e) [0x40f8be] -> /home/test/prefix/dovecot/bin/doveadm(main+0x3bd) [0x40e50d] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed) [0x7fd293f1676d] -> /home/test/prefix/dovecot/bin/doveadm() [0x40e6f1] Aborted I will send you an Email with a download link for the files. Thanks for you help. Regards, Milan -- Milan Holz?pfel From daniel.parthey at informatik.tu-chemnitz.de Fri Nov 9 20:26:19 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Fri, 9 Nov 2012 19:26:19 +0100 Subject: [Dovecot] mbox vs. maildir storage block waste In-Reply-To: <1352420557.5071.54.camel@fermat.scientia.net> References: <1351544049.3435.47.camel@fermat.scientia.net> <9D29C5F7-A6BC-4D74-AAA9-14675035D09C@iki.fi> <1351545330.3435.66.camel@fermat.scientia.net> <22F4E090-F572-40F4-8B69-D48E48856815@iki.fi> <1351547682.3435.76.camel@fermat.scientia.net> <1351556165.3435.88.camel@fermat.scientia.net> <9C95F27A-0D85-4CD4-8172-9829BC026A14@iki.fi> <1352420557.5071.54.camel@fermat.scientia.net> Message-ID: <20121109182619.GA27051@daniel.localdomain> Christoph Anton Mitterer wrote: > On Wed, 2012-11-07 at 17:30 +0200, Timo Sirainen wrote: > > On 30.10.2012, at 2.16, Christoph Anton Mitterer wrote: > > > Have you ever thought about adding a "real" DB backend? Nothing against > > > dbox... :) ... and I have no performance comparison of dbox with what > > > could be done with a DBMS... but the advantage of the later would be > > > that you get all fancy features from database systems for free... like > > > fast indexing, online replication, etc. p.. > > > One might even reuse something like AOX for this. > > > SQL indexes aren't very helpful for IMAP-like data. It would be fun to > > some day have SQL backend in Dovecot (there already is read-only > > INBOX-only SQL backend), but I don't expect it to have very good > > performance. > I see... well I haven't tested AOX or dbmail so far (especially as > they're not in Debian and I was too lazy till now to compile them)... Bad performance experiences with dbmail 2.x were the main reason why we migrated to dovecot. If you've got a MySQL database with 80 GB of binary chunks then things are getting ugly, especially when it comes to efficient backup and restore of whole mailboxes or single e-mails. The SQL backend (and the IMAP user experience) becomes very slow if the database does not fit completely into RAM. There are many performance improvements and bug fixes in dbmail 3.x, but instead of evaluating then, we decided to migrate to Dovecot. One should think twice, or even three times about how to design an efficient SQL backend for a good user experience. Regards Daniel -- https://plus.google.com/103021802792276734820 From daniel.parthey at informatik.tu-chemnitz.de Sat Nov 10 03:04:32 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 10 Nov 2012 02:04:32 +0100 Subject: [Dovecot] doveadm quota get -A via doveadm-proxy director with LDAP In-Reply-To: References: Message-ID: <20121110010432.GA32305@daniel.localdomain> Ramon Frontera wrote: > We are running Dovecot 2.1.10 > I want configure dovecot to do execute doveadm commands on the proxy server. > We have 1 proxy with director and 2 mail servers. we use LDAP > when I try to do doveadm quota get -u user it works fine. > The problem is when I try to do doveadm quota get -A ON PROXY > > I have this result: > doveadm(first_user): Error: Proxy is missing destination host > doveadm: Error: Failed to iterate through some users Sounds similar to the doveadm director problem described in this thread: http://dovecot.org/list/dovecot/2012-October/069100.html What do you see in your backend mail server dovecot.log? Regards Daniel -- https://plus.google.com/103021802792276734820 From JohnsonE at usc.edu Sat Nov 10 12:44:35 2012 From: JohnsonE at usc.edu (Erik A Johnson) Date: Sat, 10 Nov 2012 02:44:35 -0800 Subject: [Dovecot] imap-login hanging when firewall blocks ssl handshaking Message-ID: imap-login processes are hanging (using 100% of CPU) when connected from a client that is partially blocked by a firewall. It appears that imap-login is stuck in a loop trying to complete an ssl handshake. imap-login is working fine for other clients not blocked by the firewall (including localhost). This is dovecot 2.1.10 under Mac OS X 10.8.2 (compiled from sources); the firewall is Little Snitch 3.0.1 blocking port 993, which appears to let the connection initiate but then squashes and disconnects the socket during ssl handshaking. gdb backtrace and Activity Monitor's "Sample Process" show that imap-login is stuck calling ioloop-kqueue's io_loop_handler_run -> io_loop_call_io -> ssl_step repeatedly; dtruss shows that it is repeatedly making system calls to kevent and read, the latter returning -1 with errno 57=ENOTCONN="Socket is not connected". (I also tried ./configure --with-ioloop=poll and --with-iopoll=select instead of the default best = kqueue but the results were the same; --with-iopoll=epoll didn't work because epoll is not available on this machine.) The client, initiated by the command "openssl s_client -connect SERVER:993", first responds "CONNECTED(00000003)" but then immediately the error "60278:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:/SourceCache/OpenSSL098/OpenSSL098-44/src/ssl/s23_lib.c:182:". The infinite loop is in src/lib/ioloop.c in the function "io_loop_run" where the statement "while (ioloop->running) io_loop_handler_run(ioloop)" is executed. While I think the firewall is not doing the right thing (i.e., it lets a connection start but then kills it), it seems that imap-login should fail gracefully when the socket is no longer connected. Ideas? Thanks. ----------------------------------- /usr/local/sbin/dovecot -n # 2.1.10: /usr/local/etc/dovecot/dovecot.conf # OS: Darwin 12.2.0 x86_64 default_internal_user = _dovecot default_login_user = _dovenull namespace { hidden = no list = yes location = mbox:/Users/%u/Documents/Mailboxes prefix = mbox/ separator = / type = private } namespace { inbox = yes location = maildir:/Users/%u/Documents/Maildir mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / type = private } passdb { driver = pam } protocols = imap lmtp ssl = required ssl_cert = References: <20121110010432.GA32305@daniel.localdomain> Message-ID: <509E75B1.2010006@uib.es> Hi, I think that the problem is different to http://dovecot.org/list/dovecot/2012-October/069100.html The command don't print anything in backend mail server dovecot.log. If I do " doveadm -D quota get -u user1" on proxy it works! the backend mail server responds to proxy. If I do: doveadm -D search -A mailbox Trash savedbefore 10d I have this result: doveadm(root): Debug: Loading modules from directory: /usr/lib64/dovecot doveadm(root): Debug: Module loaded: /usr/lib64/dovecot/lib10_quota_plugin.so doveadm(root): Debug: Module loaded: /usr/lib64/dovecot/lib20_expire_plugin.so doveadm(root): Debug: Loading modules from directory: /usr/lib64/dovecot/doveadm doveadm(root): Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: /usr/lib64/dovecot/doveadm/lib10_doveadm_acl_plugin.so: undefined symbol: acl_user_module (this is usually intentional, so just ignore this message) doveadm(root): Debug: Module loaded: /usr/lib64/dovecot/doveadm/lib10_doveadm_expire_plugin.so doveadm(root): Debug: Module loaded: /usr/lib64/dovecot/doveadm/lib10_doveadm_quota_plugin.so doveadm(root): Debug: Skipping module doveadm_zlib_plugin, because dlopen() failed: /usr/lib64/dovecot/doveadm/lib10_doveadm_zlib_plugin.so: undefined symbol: i_stream_create_deflate (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib64/dovecot/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_list_backend (this is usually intentional, so just ignore this message) doveadm(root): Debug: expire: Searching only users listed in expire database doveadm(rfg144): Error: Proxy is missing destination host doveadm: Error: Failed to iterate through some users and When I try to do this: doveadm -D search -u user1 mailbox Trash savedbefore 1d I find this in the log: Nov 10 16:36:01 mail2 dovecot: doveadm: Debug: expire: Searching only users listed in expire database Nov 10 16:36:01 mail2 dovecot: doveadm: Fatal: master: service(doveadm): child 3116 killed with signal 11 (core dumped) Thanks for your help! ------------------------------------------ Ramon Frontera Gallardo Universitat de les Illes Balears El 10/11/2012 2:04, Daniel Parthey escribi?: > Ramon Frontera wrote: >> We are running Dovecot 2.1.10 >> I want configure dovecot to do execute doveadm commands on the proxy server. >> We have 1 proxy with director and 2 mail servers. we use LDAP >> when I try to do doveadm quota get -u user it works fine. >> The problem is when I try to do doveadm quota get -A ON PROXY >> >> I have this result: >> doveadm(first_user): Error: Proxy is missing destination host >> doveadm: Error: Failed to iterate through some users > Sounds similar to the doveadm director problem described in this thread: > http://dovecot.org/list/dovecot/2012-October/069100.html > > What do you see in your backend mail server dovecot.log? > > Regards > Daniel From eliezer at ngtech.co.il Sat Nov 10 18:46:44 2012 From: eliezer at ngtech.co.il (Eliezer Croitoru) Date: Sat, 10 Nov 2012 18:46:44 +0200 Subject: [Dovecot] Sieve users script problem. Message-ID: <509E84F4.4030406@ngtech.co.il> I am using Dovecot 2.1.9 which seems to solve older bug in sieve. Now I have another problem with users scripts. I want dovecot to run users scripts but it seems to not even see them. Dovecot runs the default sieve script from home dir but wont see the sieve scripts in the sieve subdirectory and some logs: Nov 10 18:35:54 lda(user at domain.local): Debug: Quota root: name=User quota backend=maildir args= Nov 10 18:35:54 lda(user at domain.local): Debug: Quota rule: root=User quota mailbox=* bytes=1073741824 messages=0 Nov 10 18:35:54 lda(user at domain.local): Debug: Quota rule: root=User quota mailbox=Trash bytes=+32212254 (3%) messages=0 Nov 10 18:35:54 lda(user at domain.local): Debug: Quota warning: bytes=1020054732 (95%) messages=0 reverse=no command=quota-warning 95 raw mail user Nov 10 18:35:54 lda(user at domain.local): Debug: Quota warning: bytes=214748364 (20%) messages=0 reverse=no command=quota-warning 20 raw mail user Nov 10 18:35:54 lda(user at domain.local): Debug: none: root=, index=, control=, inbox=, alt= Nov 10 18:35:54 lda(user at domain.local): Debug: Destination address: eliezer at domain.local (source: user at hostname) Nov 10 18:35:54 lda(user at domain.local): Debug: sieve: include: sieve_global_dir is not set; it is currently not possible to include `:global' scripts. Nov 10 18:35:54 lda(user at domain.local): Debug: sieve: using the following location for user's Sieve script: /home/vmail/domain.local/eliezer/home/.dovecot.sieve Nov 10 18:35:54 lda(user at domain.local): Debug: sieve: opening script /home/vmail/domain.local/eliezer/home/.dovecot.sieve Nov 10 18:35:54 lda(user at domain.local): Debug: sieve: script binary /home/vmail/domain.local/eliezer/home/.dovecot.svbin successfully loaded Nov 10 18:35:54 lda(user at domain.local): Debug: sieve: binary save: not saving binary /home/vmail/domain.local/eliezer/home/.dovecot.svbin, because it is already stored Nov 10 18:35:54 lda(user at domain.local): Debug: sieve: executing script from /home/vmail/domain.local/eliezer/home/.dovecot.svbin Nov 10 18:35:54 lda(user at domain.local): Info: sieve: msgid=: stored mail into mailbox 'INBOX' So it recognizes the home sir but wont look at the sieve sub directory. My dovecot -n output: # 2.1.9: /etc/dovecot/dovecot.conf # OS: Linux 3.3.8-gentoo x86_64 Gentoo Base System release 2.0.3 ext3 auth_mechanisms = plain login dict { quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no first_valid_uid = 5000 last_valid_uid = 5000 log_path = /var/log/dovecot.log mail_debug = yes mail_gid = 5000 mail_location = maildir:/home/vmail/%d/%n/Maildir/ mail_plugins = " quota" mail_privileged_group = vmail mail_uid = 5000 namespace { inbox = yes list = yes location = prefix = separator = . subscriptions = yes type = private } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { quota = maildir:User quota quota_rule = *:storage=1G quota_rule2 = Trash:storage=+3%% quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=20%% quota-warning 20 %u sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = +include +vnd.dovecot.debug +imapflags +spamtest +spamtestplus +relational +comparator-i;ascii-numeric } postmaster_address = postmastert at domain.local service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-userdb { group = vmail mode = 0600 user = vmail } } service dict { unix_listener dict { group = vmail mode = 0600 user = vmail } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } } service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } } service quota-warning { executable = script /etc/dovecot/quota-warning.sh user = vmail } ssl_ca = References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> Message-ID: <509EA1C4.3050103@hardwarefreak.com> On 11/8/2012 5:53 PM, Ben Morrow wrote: > At 3AM -0600 on 8/11/12 you (Stan Hoeppner) wrote: >> >> 1.0.7 is absolutely ancient and no longer officially supported. You >> need 1.2.x minimum, 2.x.x even better. And you say you just recently >> upgraded your Linux distro? What planet do you live on son? You're a >> few light years behind current stable software. > > [A light-year is a measure of distance, not of time.] "metric fuckload" isn't a real measurement, but that doesn't stop people from [mis]using the term to get a point across. Don't arrogantly assume that intentional misuse of a term equals mouth breathing or knuckle dragging. >> LDA completely eliminates lock contention. > > As we have discussed before, using the LDA does not prevent lock > contention, it just prevents the problems that arise when different > software is using different locking strategies on the same mailbox > (assuming nothing except LDA and imap is touching the mailbox directly). You seem to have contradicted yourself. You described lock contention to a T, and stated Dovecot does prevents that "problem", but also said Dovecot doesn't prevent lock contention. File locking != lock contention. You can have the former without the latter. > There are valid reasons for not using the LDA: the OP might be already > using procmail, for instance, and have users with procmail recipies > which sort into IMAP folders. These folders will need to be locked by > procmail even if the default delivery to INBOX is changed (globally) to > happen through dovecot-lda. While migrating to sieve (and mdbox, and > LMTP) would, IMHO, be the best long-term solution, this isn't necessarily > something that can be set up overnight. And? I'm failing to understand your point here. The OP hasn't stated yet, that I recall, if he's accessing the mbox files with anything other than Dovecot and Postfix. If he does state this, we'll make further recommendations as to how get across the LDA bridge with the same functionality, or if it's workable. None of that precludes making the LDA recommendation. Most people already running procmail or local UNIX MUAs are savvy enough to discover LDA before hitting this list. So you can assume with some surety that the OP who doesn't know about LDA likely isn't using procmail, mutt, pine, etc. Sure there are exceptions, but this is normally the case. I think the problem here, given the tone of your prose above and correcting me on the use of "light year" of all damn things, is that my earlier praise directed at you due to your slightly greater knowledge of the intricacies of file locking, has given you the impression that I'm some kind of knuckle dragging noob in need of education by you. If that is the case please read my last 500 posts to this list to dispel that misconception. You are my peer, not my superior. Keep that in mind in your future correspondence. -- Stan From ben at morrow.me.uk Sat Nov 10 22:25:29 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Sat, 10 Nov 2012 20:25:29 +0000 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <509EA1C4.3050103@hardwarefreak.com> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> <509EA1C4.3050103@hardwarefreak.com> Message-ID: <20121110202529.GA30152@anubis.morrow.me.uk> At 12PM -0600 on 10/11/12 you (Stan Hoeppner) wrote: > On 11/8/2012 5:53 PM, Ben Morrow wrote: > > At 3AM -0600 on 8/11/12 you (Stan Hoeppner) wrote: > >> > >> LDA completely eliminates lock contention. > > > > As we have discussed before, using the LDA does not prevent lock > > contention, it just prevents the problems that arise when different > > software is using different locking strategies on the same mailbox > > (assuming nothing except LDA and imap is touching the mailbox directly). > > You seem to have contradicted yourself. You described lock contention > to a T, and stated Dovecot does prevents that "problem", but also said > Dovecot doesn't prevent lock contention. File locking != lock > contention. You can have the former without the latter. The usual meaning of 'lock contention' is 'two processes legitimately competing for the *same* lock'. For instance, a search for 'lock contention' on Wikipedia leads to lock contention: This occurs whenever one process or thread attempts to acquire a lock held by another process or thread. This will still occur when using the LDA: that is, there will still be occasions where the LDA and the imap process are competing for the mbox lock, and one ends up locking the other out temporarily. The problems with locking that arise when accessing the same mailbox using both Dovecot and non-Dovecot software come from different processes using *different* locks from each other, or acquiring them in a different order. This is not ordinary lock contention: in fact, in the worst case, the two processes end up not having any locks in common, so you get no lock contention at all but data corruption instead. > > There are valid reasons for not using the LDA: the OP might be already > > using procmail, for instance, and have users with procmail recipies > > which sort into IMAP folders. These folders will need to be locked by > > procmail even if the default delivery to INBOX is changed (globally) to > > happen through dovecot-lda. While migrating to sieve (and mdbox, and > > LMTP) would, IMHO, be the best long-term solution, this isn't necessarily > > something that can be set up overnight. > > And? I'm failing to understand your point here. You appear to be advocating the LDA as the solution to all possible problems with mail delivery, and implying anyone not using it is doing something seriously wrong. I was pointing out that that is not always the case. > The OP hasn't stated > yet, that I recall, if he's accessing the mbox files with anything other > than Dovecot and Postfix. If he does state this, we'll make further > recommendations as to how get across the LDA bridge with the same > functionality, or if it's workable. None of that precludes making the > LDA recommendation. Most people already running procmail or local UNIX > MUAs are savvy enough to discover LDA before hitting this list. So you > can assume with some surety that the OP who doesn't know about LDA > likely isn't using procmail, mutt, pine, etc. Sure there are > exceptions, but this is normally the case. I believe the OP mentioned something about having run out of mboxes for 20 years? To me that suggests an old-fashioned Unix setup, which in turn suggests procmail as a likely possibility. I could, of course, be wrong. > I think the problem here, given the tone of your prose above and > correcting me on the use of "light year" of all damn things, is that my > earlier praise directed at you due to your slightly greater knowledge of > the intricacies of file locking, has given you the impression that I'm > some kind of knuckle dragging noob in need of education by you. If that > is the case please read my last 500 posts to this list to dispel that > misconception. > > You are my peer, not my superior. Keep that in mind in your future > correspondence. If I have offended you, I apologise. That was certainly not my intention. Ben From radikn at seznam.cz Sat Nov 10 22:34:07 2012 From: radikn at seznam.cz (=?UTF-8?Q?Radek_Novotn=C3=BD?=) Date: Sat, 10 Nov 2012 21:34:07 +0100 Subject: [Dovecot] User iteration with static userdb Message-ID: <97e9e4ee533292752c95ef18bdfb3367@r-n.cz> Hi all, can someone explain me, please, why user iteration (iterate_query) doesn't work with static userdb? There isn't reason why it shouldn't work. In my opinion. However static userdb doesn't mean that user list not exist. Thanks Radek From ben at morrow.me.uk Sun Nov 11 02:39:21 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Sun, 11 Nov 2012 00:39:21 +0000 Subject: [Dovecot] Sieve users script problem. In-Reply-To: <509E84F4.4030406@ngtech.co.il> References: <509E84F4.4030406@ngtech.co.il> Message-ID: <20121111003920.GD30152@anubis.morrow.me.uk> At 6PM +0200 on 10/11/12 you (Eliezer Croitoru) wrote: > I am using Dovecot 2.1.9 which seems to solve older bug in sieve. > Now I have another problem with users scripts. > I want dovecot to run users scripts but it seems to not even see them. > Dovecot runs the default sieve script from home dir but wont see the > sieve scripts in the sieve subdirectory and some logs: Sieve only runs one user-specified sieve script. The other scripts in the sieve/ directory are alternatives which can be managed and activated using managesieve. The ~/.dovecot.sieve script should be a symlink to the currently-activated script in the sieve/ directory, so that managesieve can change which script is activated. It is also possible to run other scripts from the sieve/ directory using the 'include' extension, but you must use the :personal location (or simply not specify :global, since :personal is the default). If a user wants to run several scripts in succession I believe the only way currently is to create a 'master' script which looks like require ["include"]; include "script1"; include "script2"; and activate that script. > Nov 10 18:35:54 lda(user at domain.local): Debug: sieve: include: > sieve_global_dir is not set; it is currently not possible to include > `:global' scripts. It's not clear to me what's happening here: does that script use the 'include :global' command? If you want that to work you will need to create a system-wide scripts directory and set the sieve_global_dir parameter to point to it. If OTOH you wanted to include a script from the user's sieve/ directory, you need to leave off the :global tag. Ben From emailbuilder88 at yahoo.com Sun Nov 11 09:53:20 2012 From: emailbuilder88 at yahoo.com (E.B.) Date: Sat, 10 Nov 2012 23:53:20 -0800 (PST) Subject: [Dovecot] LDA without lookup as non-root? In-Reply-To: <1352619573.99460.YahooMailNeo@web39302.mail.mud.yahoo.com> References: <1350679409.31412.YahooMailNeo@web39302.mail.mud.yahoo.com> <1350760632.64676.YahooMailNeo@web39305.mail.mud.yahoo.com> <1350765252.74118.YahooMailNeo@web39301.mail.mud.yahoo.com> <1352619573.99460.YahooMailNeo@web39302.mail.mud.yahoo.com> Message-ID: <1352620400.63560.YahooMailNeo@web39304.mail.mud.yahoo.com> Timo, Sorry I didn't see your response until now >> 3) The interesting part -- I am invoking LDA from Maildrop. See: >> http://thread.gmane.org/gmane.mail.imap.dovecot/65473 > So >> when invoked, Maildrop has already dropped to the destination UID/GID >> and the needed paths are available in the environment.? However, using >> as many permutations of calling LDA as I can think of (based on? ? >> http://wiki2.dovecot.org/LDA ), I always get this: >> >> (command line usage error. Command output: lda: Fatal: Couldn't lookup >> our? username (uid=2500) ) > > Set USER environment. Sorry, would you mind being more specific?? If you see my follow-up posts on this thread, I found a source file with this error message in it (link below) and reading that code, there is no way to avoid this error for non-system users (uid's) if you don't use -d.? (looking at the "destination" variable) http://hg.dovecot.org/dovecot-sieve-1.1/raw-rev/7d85833eff96 From stephan at rename-it.nl Mon Nov 12 01:15:22 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Mon, 12 Nov 2012 00:15:22 +0100 Subject: [Dovecot] Sieve puts incoming message into inbox on any problem with submission_host In-Reply-To: <509D0407.8070307@netcologne.de> References: <509D0407.8070307@netcologne.de> Message-ID: <50A0318A.7080005@rename-it.nl> On 11/9/2012 2:24 PM, Christian Rohmann wrote: > Hello dovecot-users, > > I have a question/suggestion regarding the submission_host feature of > the lda (either via dovecot-lda binary or lmtp) in combination with sieve. > > The same applies to vacation messages being sent out. Especially with an > (unconditional) redirect action, users don't expect to find messages in > their inbox. Also problems with the submission_host could very much be > temporary and a little delay in delivering a message is better then > putting it somewhere the user doesn't expect a message to be. Yes, I agree. With the normal sendmail configuration this situation was much less likely to occur since messages would be queued locally first. > Is there any way to change the behavior of dovecot or the sieve plugin > to tempfail in case a message cannot be sent out? Not currently, I've been thinking about something like that for use with the extprograms plugin, which presents similar challenges. > I know that with multiple sieve actions it gets more complicated as > there could be corner cases were the first message can be sent via the > submission server and another message produced by the same sieve script > cannot. Exactly. And other kind of actions even make this more annoying. The Sieve interpreter tries to do things atomically as much as possible. With outgoing messages, that is rather difficult, so these actions are performed only after all other actions, e.g. local folder deliveries, succeed. So, in the current implementation simply issuing a temp fail would yield the even nastier result of duplicating deliveries; it is not possible to simply undo local message deliveries at that stage anymore. To solve this definitively I'll have to do some redesign of the action execution sequence. > I'd love sieve to behave like this: > > a) if submission host is unreachable (hostname wrong, timeout, ...) -> > tempfail The simplest solution right now would be to perform a pre-check on whether the message submission is likely to succeed or not. Regards, Stephan. From dmiller at amfes.com Mon Nov 12 03:11:10 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Sun, 11 Nov 2012 17:11:10 -0800 Subject: [Dovecot] v2.1 memory usage In-Reply-To: <5A7F7F7A-9CEB-4A20-B03C-99EE81351114@iki.fi> References: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> <1352151633.13571.116.camel@hurina> <1352157757.13571.121.camel@hurina> <50992C33.8030505@wildgooses.com> <5A7F7F7A-9CEB-4A20-B03C-99EE81351114@iki.fi> Message-ID: On 11/6/2012 12:30 PM, Timo Sirainen wrote: > On 6.11.2012, at 17.26, Ed W wrote: > >> On 05/11/2012 23:22, Timo Sirainen wrote: >>> On Mon, 2012-11-05 at 23:40 +0200, Timo Sirainen wrote: >>> This also provides a nice abstraction to OpenSSL, making it again >>> possible to implement other backends like GnuTLS or NSS. (Except >>> login process code doesn't use lib-ssl-iostream yet.) >> Does libtomcrypt implement enough? > It doesn't do SSL, which is all Dovecot cares about. > Can the GnuTLS OpenSSL compatibility layer be used safely? -- Daniel From h.reindl at thelounge.net Mon Nov 12 03:20:58 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Mon, 12 Nov 2012 02:20:58 +0100 Subject: [Dovecot] v2.1 memory usage In-Reply-To: References: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> <1352151633.13571.116.camel@hurina> <1352157757.13571.121.camel@hurina> <50992C33.8030505@wildgooses.com> <5A7F7F7A-9CEB-4A20-B03C-99EE81351114@iki.fi> Message-ID: <50A04EFA.1080202@thelounge.net> Am 12.11.2012 02:11, schrieb Daniel L. Miller: > On 11/6/2012 12:30 PM, Timo Sirainen wrote: >> On 6.11.2012, at 17.26, Ed W wrote: >> >>> On 05/11/2012 23:22, Timo Sirainen wrote: >>>> On Mon, 2012-11-05 at 23:40 +0200, Timo Sirainen wrote: >>>> This also provides a nice abstraction to OpenSSL, making it again possible to implement other backends like >>>> GnuTLS or NSS. (Except login process code doesn't use lib-ssl-iostream yet.) >>> Does libtomcrypt implement enough? >> It doesn't do SSL, which is all Dovecot cares about. >> > > Can the GnuTLS OpenSSL compatibility layer be used safely? where is the problem with openssl? please leave us in peace with gnuTLS and see how it affects OpenVAS / Greenbone Sceurity Assistant on distributions like Fedora the whole year what about config compatibility like ssl_cipher_list = ALL:!LOW:!MEDIUM:!SSLv2:!MD5:!aNULL:!eNUL:!ADH:!AESGCM:!EXP:HIGH -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 259 bytes Desc: OpenPGP digital signature URL: From calestyo at scientia.net Mon Nov 12 03:26:21 2012 From: calestyo at scientia.net (Christoph Anton Mitterer) Date: Mon, 12 Nov 2012 02:26:21 +0100 Subject: [Dovecot] mbox vs. maildir storage block waste In-Reply-To: <509C6243.9040002@r.paypc.com> References: <1351544049.3435.47.camel@fermat.scientia.net> <9D29C5F7-A6BC-4D74-AAA9-14675035D09C@iki.fi> <1351545330.3435.66.camel@fermat.scientia.net> <22F4E090-F572-40F4-8B69-D48E48856815@iki.fi> <1351547682.3435.76.camel@fermat.scientia.net> <1351556165.3435.88.camel@fermat.scientia.net> <9C95F27A-0D85-4CD4-8172-9829BC026A14@iki.fi> <1352420557.5071.54.camel@fermat.scientia.net> <509C6243.9040002@r.paypc.com> Message-ID: <1352683581.12282.11.camel@fermat.scientia.net> On Thu, 2012-11-08 at 17:54 -0800, Robin wrote: > The performance is surprisingly bad ... doing almost everything. > Searches through IMAP, bulk importation of mail folders, large > numbers of simultaneous mail deliveries, you name it. Have you made systematic tests? I.e. compared times for all of these with those from the different dovecot backends. > There wasn't a task that the dbmail setup performed faster than > Dovecot, in either low or high load situations. Which backend did you use? > When pressed on this lack of performance, I was instructed to "add > more RAM" to the DB machine, and that for ideal performance I should > have more RAM than my mailbox sizes. *sigh* This sounds great for a > very small installation, but this clearly is not something that > scales. Yeah... that?s truly disappointing... Do you have detailed numbers? I guess you?ve "only" tried dbmail? > The dbmail folk are earnest and hard-working, and I don't mean to cast > the slightest bit of negativity on their project. I think the > assumptions about what SQL servers can do well often doesn't square > with the reality of many applications that people try to fit them > into. hmm... > remove filesystem journaling, write barriers, etc on the mail db > mountpoint. All something I wouldn?t want to do on my production systems ;) Thanks for your detailed information :) Cheers, Chris. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5113 bytes Desc: not available URL: From dmiller at amfes.com Mon Nov 12 06:05:22 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Sun, 11 Nov 2012 20:05:22 -0800 Subject: [Dovecot] Solr 4.0 - lucene - FTS In-Reply-To: <509B9B65.4020801@Media-Brokers.com> References: <509A5B99.1000900@Media-Brokers.com> <385519A7-AE91-4C38-94C6-7CD8A957E178@iki.fi> <509B9B65.4020801@Media-Brokers.com> Message-ID: On 2012-11-08 03:45, Charles Marcus wrote: > On 2012-11-07 10:14 AM, Timo Sirainen wrote: > >> No, fts-lucene and fts-solr are separate backends. But I do have some small plans to add a few more features to fts-solr. > > Thanks again Timo, but one last follow-up... > > According to the wiki, Solr is the preferred method, but that seems > weird to me - it requires a full blown Solr server that dovecot > communicates with using HTTP/XML queries? Maybe not that big a deal, but > just sounds like overkill to me, unless you are maybe already using Solr > for website searches (which I'm not and have no need for). I would much > prefer something simpler that doesn't require any external dependencies > like that, so, next choice is Lucene... > > Looks much simpler, only requires Lucene's C++ library... > > But it builds only a single Lucene index for all mailboxes - not sure if > this is good or bad? Seems like it would be better/more efficient (and > less chance of index corruption, but most importantly, less overhead in > the event that one gets hosed and dovecot needs to rebuild it) to build > individual indexes for each mailbox, then, maybe, to provide support for > searching ALL mailboxes, have a master index that basically just > maintains a list of all of the individual indexes to be used for the > search (so it doesn't have to scan all available mailboxes, but which it > can do in the event that *it* ever got hosed). > > Obviously I don't know much about all this, so may be totally off base... > > Thanks again, and for listening to my ramblings, My, probably wrong, impression is this: The concept of running a "full blown Solr server" seems intimidating - until you actually do it. It's just another Java process. If you're already using Java for something else then I don't think there's much concern - my (again, probably wrong) understanding is once you've got one Java process running, other than process-specific variables/caching the overall overhead of the Java VM is shared - so in for a penny in for a pound. Lucene development is actively done in Java, with Solr being the primary reference implementation. The C libraries (I know of two) are then derived from the Java library - so the C implementations always lag behind the Java one, and it looks like there's much more active work going into the Java library. There's no question the Lucene implementation in Dovecot is the simplest for an administrator to work with - but the Solr version sure looks a lot more powerful. The tradeoff is sometimes needing to fiddle with configuration settings (not like we ever need to that for anything else, right?), especially with new versions of either Dovecot or Solr. Having a single index store - I suppose theoretically increases a point of failure, but given that the FTS indexes are a partial duplicate of and generated from the mail storage I'm not losing sleep over it. I put my Solr installation on the same raid array as my mail store - I'm not seeing any issues with it but I don't claim to be a senior admin. I'm currently running Solr 4.0. A few tweaks are needed to get it running, but once it's up it goes quite smoothly. -- Daniel From dmiller at amfes.com Mon Nov 12 06:13:54 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Sun, 11 Nov 2012 20:13:54 -0800 Subject: [Dovecot] v2.1 memory usage In-Reply-To: <50A04EFA.1080202@thelounge.net> References: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> <1352151633.13571.116.camel@hurina> <1352157757.13571.121.camel@hurina> <50992C33.8030505@wildgooses.com> <5A7F7F7A-9CEB-4A20-B03C-99EE81351114@iki.fi> <50A04CAE.5040608@amfes.com> <50A04EFA.1080202@thelounge.net> Message-ID: On 2012-11-11 17:20, Reindl Harald wrote: > Am 12.11.2012 02:11, schrieb Daniel L. Miller: > >> On 11/6/2012 12:30 PM, Timo Sirainen wrote: >> >>> On 6.11.2012, at 17.26, Ed W wrote: >>> >>>> On 05/11/2012 23:22, Timo Sirainen wrote: >>>> >>>>> On Mon, 2012-11-05 at 23:40 +0200, Timo Sirainen wrote: This also provides a nice abstraction to OpenSSL, making it again possible to implement other backends like GnuTLS or NSS. (Except login process code doesn't use lib-ssl-iostream yet.) >>>> Does libtomcrypt implement enough? >>> It doesn't do SSL, which is all Dovecot cares about. >> Can the GnuTLS OpenSSL compatibility layer be used safely? > > where is the problem with openssl? I don't know what the problem is - I just know that I've heard from a number of developers (including the Postfix & Dovecot developers) that they don't like OpenSSL - but while GnuTLS looks interesting they aren't interested in working on the interface - though they're willing to accept patches. (My full apologies right now if Timo or Wietse are offended by my speaking out of turn). I'm no security expert, but I do know that OpenSSL has had issues with version compatiblity. I had a very troubled time during an OpenSSL/Postfix upgrade that left me non-functional until I found the exact version pairings required. The tiny bit of Googling I've done tells me GnuTLS seems to be a more standards-compliant implementation, and MAY be "safer" than OpenSSL. However, as OpenSSL is the de-facto standard used by most Linux programs, acceptance of GnuTLS is quite limited. I've been intrigued by what I've read about it, and took a quick look at enabling support in Dovecot for GnuTLS directly - but while it didn't seem overly heavy at first glance the fact that Timo doesn't want to do it tells me I'm underestimating the complexity. -- Daniel From eliezer at ngtech.co.il Mon Nov 12 06:45:00 2012 From: eliezer at ngtech.co.il (Eliezer Croitoru) Date: Mon, 12 Nov 2012 06:45:00 +0200 Subject: [Dovecot] Sieve users script problem. In-Reply-To: <20121111003920.GD30152@anubis.morrow.me.uk> References: <509E84F4.4030406@ngtech.co.il> <20121111003920.GD30152@anubis.morrow.me.uk> Message-ID: <50A07ECC.8020708@ngtech.co.il> On 11/11/2012 2:39 AM, Ben Morrow wrote: > require ["include"]; > > include "script1"; > include "script2"; > > and activate that script. > >> >Nov 10 18:35:54 lda(user at domain.local): Debug: sieve: include: >> >sieve_global_dir is not set; it is currently not possible to include >> >`:global' scripts. > It's not clear to me what's happening here: does that script use the > 'include :global' command? If you want that to work you will need to > create a system-wide scripts directory and set the sieve_global_dir > parameter to point to it. If OTOH you wanted to include a script from > the user's sieve/ directory, you need to leave off the :global tag. > > Ben > Thanks, Now I kind of understand it but from the documentation it feels like there is a default and directory which works always.(Or this what I understood) Since its not like that it makes my options limited but stil this can do what I need. I need it to filter mails into sub-directories for my user only so it's fine. Thanks Again, Eliezer -- Eliezer Croitoru https://www1.ngtech.co.il IT consulting for Nonprofit organizations eliezer ngtech.co.il From lukashaase at gmx.at Mon Nov 12 11:10:09 2012 From: lukashaase at gmx.at (Lukas Haase) Date: Mon, 12 Nov 2012 01:10:09 -0800 Subject: [Dovecot] dovecot lost mail! Cause? Message-ID: Hi, After using dovecot for several years now, today happend something which makes me really feel unconfortable: An email received was just not delivered properly, or, is lost! The mail (from an external server) was sent to two local mailboxes, user1 and user2. user1 received the message but for user2, it *magically* disappeared. MTA is exim4 which definitely processed the messages and handed over to dovecot deliver: 2012-11-12 07:28:21 1TXnVG-00053I-GD SA: [...] id=8644593.887351352701 685934.JavaMail 2012-11-12 07:28:21 1TXnVG-00053I-GD => user1 R=dovecot T=dovecot_pipe 2012-11-12 07:28:21 1TXnVG-00053I-GD => user2 R=dovecot T=dovecot_pipe 2012-11-12 07:28:21 1TXnVG-00053I-GD Completed Also, the log of dovecot tells that the mail should have been stored: Nov 12 07:28:21 mail dovecot: deliver(user1): sieve: msgid=<8644593.887351352701685934.JavaMail>: stored mail into mailbox 'INBOX' Nov 12 07:28:21 mail dovecot: deliver(user2): sieve: msgid=<8644593.887351352701685934.JavaMail.orbitz>: stored mail into mailbox 'INBOX' user1 received the mail but user2 not. Since user2 is myself, I *know* that I did not accidently delete any mail or something like that. It was just never received! Disk space is 3GB left, so enough. So I grepped the whole Maildir of user2 for the message ID. There is only one match in the dovecot.index.cache and within that, the most important data of the mail (Message ID, Date, Sender, Receiver, Subject) appears. But apart from that, not a single file! Is there hope to ever find out why what was going wrong here? It feels me veeeeeeeeery unconfortable because from now on I can never be sure any more that all my mails are really received :( :( However, as I said, my mail system processed maybe millions of messages the past 8 years. Although, I can not be sure if that was the case ... :( And help greatly appreciated! Luke PS: Dovecot version 1.2.15 (Debian 6.0.6) with Maildir backend on local harddrive. No NFS, nothing which can go wrong ... PPS: Original log files, just named replaced for privacy. From skdovecot at smail.inf.fh-brs.de Mon Nov 12 11:19:17 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Mon, 12 Nov 2012 10:19:17 +0100 (CET) Subject: [Dovecot] dovecot lost mail! Cause? In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 12 Nov 2012, Lukas Haase wrote: > Nov 12 07:28:21 mail dovecot: deliver(user2): sieve: > msgid=<8644593.887351352701685934.JavaMail.orbitz>: stored mail into > mailbox 'INBOX' are there any other log lines of user2? - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBUKC/FmoxLS8a3A9mAQJLEAgAkghKGBYWFj94OMCo5mM26XV4c0nHKgob ec0ELqgOIGZf+DA7+Dztwq/MWgdkhB/ZbUSQ2rd4qQ7nf7gEO10L0WXUXWzMJ9sm upvn8JaOJDZ37Ne7AeoOib/m5fXyQUa0oiW7y8ShdeveTAOtn+Bu0OT2BuibOeT8 /EsTA+DfVlymTgHrMYU0LIjjvHh94Duj4at1k1X1So2kTaNbw48ljKYMd0qb2+pR 39D/ZtynOqnEKzj5f+JU+WmCcCAEAW9IL8U8pySvuZaXkPN+cfcLO82J9UIEmIAf IKymFt7JuNabGCsJ0FpMeuLAyXNOxJdKmGxgqmpyfilPY2ty8hstmg== =Uz9E -----END PGP SIGNATURE----- From tibby at tibby.hu Mon Nov 12 11:40:11 2012 From: tibby at tibby.hu (Tibby) Date: Mon, 12 Nov 2012 10:40:11 +0100 Subject: [Dovecot] Help me with IMAP config Message-ID: <3960A514-7030-4F63-A346-5DE5DDAA4C63@tibby.hu> Hello! I have dovecot running. Imap works fine. When i connect with outlook an when i delete a message it gets crossed out but still stays in my mailbox. I want to disable this feature. I want it once its deleted then go to trash folder on the mail server and thats it. Is there an option for this? I'm running dovecot 1.2.15 Thanks! From lukashaase at gmx.at Mon Nov 12 11:44:37 2012 From: lukashaase at gmx.at (Lukas Haase) Date: Mon, 12 Nov 2012 01:44:37 -0800 Subject: [Dovecot] dovecot lost mail! Cause? In-Reply-To: References: Message-ID: Hi, On 11/12/2012 1:19 AM, Steffen Kaiser wrote: > On Mon, 12 Nov 2012, Lukas Haase wrote: > >> Nov 12 07:28:21 mail dovecot: deliver(user2): sieve: >> msgid=<8644593.887351352701685934.JavaMail.orbitz>: stored mail into >> mailbox 'INBOX' > > are there any other log lines of user2? Anfortunately not :-( Grepped everything, and I would have posted otherwise. My hope is that the dovecot.index.cache may provide some insights (I made a backup copy of it). Luke From Bill at KnoxvilleChristian.org Mon Nov 12 11:46:25 2012 From: Bill at KnoxvilleChristian.org (Bill Shirley) Date: Mon, 12 Nov 2012 04:46:25 -0500 Subject: [Dovecot] Help me with IMAP config In-Reply-To: <3960A514-7030-4F63-A346-5DE5DDAA4C63@tibby.hu> References: <3960A514-7030-4F63-A346-5DE5DDAA4C63@tibby.hu> Message-ID: <50A0C571.7000005@KnoxvilleChristian.org> On 11/12/2012 4:40 AM, Tibby wrote: > Hello! > I have dovecot running. Imap works fine. When i connect with outlook an when i delete a message it gets crossed out but still stays in my mailbox. I want to disable this feature. I want it once its deleted then go to trash folder on the mail server and thats it. Is there an option for this? I'm running dovecot 1.2.15 > > Thanks! This is the way IMAP works. Deleted items are marked delete and then removed when the client issues the 'expunge' command. It's best to change this in the email client. Look at your Outlook configuration for a way to 'move deleted items to trash' or 'expunge'. Bill From busseniu at in.tum.de Mon Nov 12 11:49:06 2012 From: busseniu at in.tum.de (=?UTF-8?B?Q2hyaXN0b3BoIEJ1w59lbml1cw==?=) Date: Mon, 12 Nov 2012 10:49:06 +0100 Subject: [Dovecot] Invalid Managesieve commands are counted twice Message-ID: <50A0C612.8020903@in.tum.de> Hi, the Managesieve server closes the connection if it receives an unknown command before authentication: "IMPLEMENTATION" "Dovecot Pigeonhole" "SIEVE" "fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave" "NOTIFY" "mailto" "SASL" "PLAIN" "STARTTLS" "VERSION" "1.0" OK "Dovecot ready." --> BOGUS NO "Error in MANAGESIEVE command received by server." NO "Error in MANAGESIEVE command received by server." BYE "Too many invalid MANAGESIEVE commands." Connection closed by foreign host. Note that only one bogus command has been sent by the client, however the server sends two identical error messages. This seems to be a bug in Pigeonhole 0.3.3. In version 0.2.6, the connection was kept open after the error message. This is actually important to us because we use the "sieveshell" utility which is shipped with the Python "managesieve" package. The managesieve.py module always sends a BOGUS command after the TLS handshake. According to its comments, this is done to work around problems with other server implementations: # Some servers send capabilities after TLS handshake, some # do not. We send a bogus command, and expect a NO. If you # get something else instead, read the extra NO to clear # the buffer. typ, data = self._command('BOGUS') (The full source is at http://pydoc.net/managesieve/0.4.2/managesieve) As a result, sieveshell cannot be used with TLS and a current Dovecot/Pigeonhole server. Cheers, Christoph -- Christoph Bu?enius Rechnerbetriebsgruppe der Fakult?ten Informatik und Mathematik Technische Universit?t M?nchen +49 89-289-18519 <> Raum 00.05.040 <> Boltzmannstr. 3 <> Garching From stephan at rename-it.nl Mon Nov 12 12:18:37 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Mon, 12 Nov 2012 11:18:37 +0100 Subject: [Dovecot] Invalid Managesieve commands are counted twice In-Reply-To: <50A0C612.8020903@in.tum.de> References: <50A0C612.8020903@in.tum.de> Message-ID: <50A0CCFD.2000900@rename-it.nl> On 11/12/2012 10:49 AM, Christoph Bu?enius wrote: > Hi, > > the Managesieve server closes the connection if it receives an unknown > command before authentication: > > Note that only one bogus command has been sent by the client, however > the server sends two identical error messages. > > This seems to be a bug in Pigeonhole 0.3.3. In version 0.2.6, the > connection was kept open after the error message. It is a bug. > As a result, sieveshell cannot be used with TLS and a current > Dovecot/Pigeonhole server. I fixed this a while back, but hasn't been released so far: http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/ceef02768dee Regards, Stephan. From busseniu at in.tum.de Mon Nov 12 12:47:00 2012 From: busseniu at in.tum.de (=?UTF-8?B?Q2hyaXN0b3BoIEJ1w59lbml1cw==?=) Date: Mon, 12 Nov 2012 11:47:00 +0100 Subject: [Dovecot] Invalid Managesieve commands are counted twice In-Reply-To: <50A0CCFD.2000900@rename-it.nl> References: <50A0C612.8020903@in.tum.de> <50A0CCFD.2000900@rename-it.nl> Message-ID: <50A0D3A4.5070906@in.tum.de> Hi Stephan, On 12.11.2012 11:18, Stephan Bosch wrote: > I fixed this a while back, but hasn't been released so far: > > http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/ceef02768dee thanks, I am going to try out the current hg version. I guess I should have tried this first... Cheers, Christoph -- Christoph Bu?enius Rechnerbetriebsgruppe der Fakult?ten Informatik und Mathematik Technische Universit?t M?nchen +49 89-289-18519 <> Raum 00.05.040 <> Boltzmannstr. 3 <> Garching From design at 1stwebdesigns.com Mon Nov 12 13:15:49 2012 From: design at 1stwebdesigns.com (1st WebDesigns) Date: Mon, 12 Nov 2012 11:15:49 +0000 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <20121108235334.GB89679@anubis.morrow.me.uk> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> Message-ID: <50A0DA65.9080503@1stwebdesigns.com> On 08/11/2012 23:53, Ben Morrow wrote: > At 3AM -0600 on 8/11/12 you (Stan Hoeppner) wrote: >> >> 1.0.7 is absolutely ancient and no longer officially supported. You >> need 1.2.x minimum, 2.x.x even better. And you say you just recently >> upgraded your Linux distro? What planet do you live on son? You're a >> few light years behind current stable software. > > [A light-year is a measure of distance, not of time.] > >> LDA completely eliminates lock contention. > > As we have discussed before, using the LDA does not prevent lock > contention, it just prevents the problems that arise when different > software is using different locking strategies on the same mailbox > (assuming nothing except LDA and imap is touching the mailbox directly). > > There are valid reasons for not using the LDA: the OP might be already > using procmail, for instance, and have users with procmail recipies > which sort into IMAP folders. These folders will need to be locked by > procmail even if the default delivery to INBOX is changed (globally) to > happen through dovecot-lda. While migrating to sieve (and mdbox, and > LMTP) would, IMHO, be the best long-term solution, this isn't necessarily > something that can be set up overnight. > > Ben > > > > ----- > No virus found in this message. > Checked by AVG - www.avg.com > Version: 2012.0.2221 / Virus Database: 2441/5382 - Release Date: 11/08/12 > > Thanks for your replies. I switched to Dovecot LDA this morning, but the issue still persists, albeit logged slightly differently by Dovecot now instead of Postfix: "save failed to INBOX: Timeout while waiting for lock" The reason is because some pop3 clients are holding their connection for 5 or 6 minutes (don't ask me why - and the iPhone seems to be the major culprit). In dovecot.conf I changed: mbox_lock_timeout = 300 to mbox_lock_timeout = 600 Which seems to have helped. I am unclear if this value only applied to Dovecot LDA or if it would have worked previously before switching to Dovecot LDA? From tss at iki.fi Mon Nov 12 13:33:45 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Nov 2012 13:33:45 +0200 Subject: [Dovecot] Commercial features in Dovecot future: Object storage, archive Message-ID: <85966921-0276-4B80-8F7B-37B5B9558FFC@iki.fi> Hi all, Dovecot Oy?s web pages at www.dovecot.fi have been updated. The products page lists two features that will be available for commercial licensing, extending the functionality of the basic open-source version of Dovecot. * Storing emails to (high-latency) object storage, initially supporting Amazon S3, Caringo CAStor and Scality. * Email archive storage. See http://www.dovecot.fi/products/index.html for details. I?ve been developing Dovecot for over 10 years now. For a long time it was my primary motivation in life to create the best IMAP server available :) I think I've pretty much accomplished that by now. The future is looking very bright for Dovecot: we will continue the open source development stronger than ever, but in addition, for the long term it needs some additional licensed components that bring the money to cover the cost for future Dovecot development and to be able to build up the support in a professional way. These new features will be added as plugins on top of Dovecot to extend the functionality. Note that I?m not just randomly choosing which features will be open and which will be licensed. Only some specific features will be licensed where my company is going to make money with partnerships and in other measurable ways. From jerry at seibercom.net Mon Nov 12 13:54:37 2012 From: jerry at seibercom.net (Jerry) Date: Mon, 12 Nov 2012 06:54:37 -0500 Subject: [Dovecot] v2.1 memory usage In-Reply-To: References: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> <1352151633.13571.116.camel@hurina> <1352157757.13571.121.camel@hurina> <50992C33.8030505@wildgooses.com> <5A7F7F7A-9CEB-4A20-B03C-99EE81351114@iki.fi> <50A04CAE.5040608@amfes.com> <50A04EFA.1080202@thelounge.net> Message-ID: <20121112065437.1f174b59@scorpio> On Sun, 11 Nov 2012 20:13:54 -0800 Daniel L. Miller articulated: > I don't know what the problem is - I just know that I've > heard from a number of developers (including the Postfix & Dovecot > developers) that they don't like OpenSSL - but while GnuTLS looks > interesting they aren't interested in working on the interface - > though they're willing to accept patches. (My full apologies right > now if Timo or Wietse are offended by my speaking out of turn). > > I'm no security > expert, but I do know that OpenSSL has had issues with version > compatiblity. I had a very troubled time during an OpenSSL/Postfix > upgrade that left me non-functional until I found the exact version > pairings required. > > The tiny bit of Googling I've done tells me GnuTLS > seems to be a more standards-compliant implementation, and MAY be > "safer" than OpenSSL. However, as OpenSSL is the de-facto standard > used by most Linux programs, acceptance of GnuTLS is quite limited. > I've been intrigued by what I've read about it, and took a quick look > at enabling support in Dovecot for GnuTLS directly - but while it > didn't seem overly heavy at first glance the fact that Timo doesn't > want to do it tells me I'm underestimating the complexity. I have OpenSSL 1.0.1c 10 May 2012 installed on a FreeBSD machine that also runs Postfix and Dovecot. When I first updated to the new version from then 0.9x branch there were some minor problems. I believe that there was something Wietse had to do to get Postfix fully functional in the new environment, but it was done extremely quickly. The biggest problem I faced was that I discovered that I had to recompile every program on my system that depended on the new version of Openssl. Once that was done, virtually every problem I experienced disappeared. I am not aware of any developer who fears using the new version of Openssl, although apparently you do. The fact that a newer version of any software is not totally compatible with an older version is nothing new. I am amazed when they are fully compatible. Openssl is the de facto standard and I think that making a concerted effort to work with it would be a wise choice. I have also Googled and have not found any evidence that GnuTLS is more "standards compliant" nor "safer". I would be interested in those URLs. I would like to know who is making those claims and what their basis for them actually is. -- Jerry ? Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From alessio at skye.it Mon Nov 12 14:00:50 2012 From: alessio at skye.it (Alessio Cecchi) Date: Mon, 12 Nov 2012 13:00:50 +0100 Subject: [Dovecot] Commercial features in Dovecot future: Object storage, archive In-Reply-To: <85966921-0276-4B80-8F7B-37B5B9558FFC@iki.fi> References: <85966921-0276-4B80-8F7B-37B5B9558FFC@iki.fi> Message-ID: <50A0E4F2.1090906@skye.it> Il 12/11/2012 12:33, Timo Sirainen ha scritto: > Hi all, > > Dovecot Oy?s web pages at www.dovecot.fi have been updated. The products page lists two features that will be available for commercial licensing, extending the functionality of the basic open-source version of Dovecot. > > * Storing emails to (high-latency) object storage, initially supporting Amazon S3, Caringo CAStor and Scality. > > * Email archive storage. > > See http://www.dovecot.fi/products/index.html for details. > > I?ve been developing Dovecot for over 10 years now. For a long time it was my primary motivation in life to create the best IMAP server available :) I think I've pretty much accomplished that by now. > > The future is looking very bright for Dovecot: we will continue the open source development stronger than ever, but in addition, for the long term it needs some additional licensed components that bring the money to cover the cost for future Dovecot development and to be able to build up the support in a professional way. > > These new features will be added as plugins on top of Dovecot to extend the functionality. Note that I?m not just randomly choosing which features will be open and which will be licensed. Only some specific features will be licensed where my company is going to make money with partnerships and in other measurable ways. > I'm really interesting in storing email into object storage, since our IaaS provider is using Scality we can simple buy dovecot's plugin for scality. I will contact Dovecot Oy for more informations. -- Alessio Cecchi is: @ ILS -> http://www.linux.it/~alessice/ on LinkedIn -> http://www.linkedin.com/in/alessice Assistenza Sistemi GNU/Linux -> http://www.cecchi.biz/ @ PLUG -> ex-Presidente, adesso senatore a vita, http://www.prato.linux.it From lists at wildgooses.com Mon Nov 12 21:31:45 2012 From: lists at wildgooses.com (Ed W) Date: Mon, 12 Nov 2012 19:31:45 +0000 Subject: [Dovecot] v2.1 memory usage In-Reply-To: References: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> <1352151633.13571.116.camel@hurina> <1352157757.13571.121.camel@hurina> <50992C33.8030505@wildgooses.com> <5A7F7F7A-9CEB-4A20-B03C-99EE81351114@iki.fi> <50A04CAE.5040608@amfes.com> <50A04EFA.1080202@thelounge.net> Message-ID: <50A14EA1.3050307@wildgooses.com> On 12/11/2012 04:13, Daniel L. Miller wrote: > The tiny bit of Googling I've done tells me GnuTLS > seems to be a more standards-compliant implementation, and MAY be > "safer" than OpenSSL. However, as OpenSSL is the de-facto standard used > by most Linux programs, acceptance of GnuTLS is quite limited. I've been > intrigued by what I've read about it, and took a quick look at enabling > support in Dovecot for GnuTLS directly - but while it didn't seem overly > heavy at first glance the fact that Timo doesn't want to do it tells me > I'm underestimating the complexity. > Openssl is a *massive* project and I'm unsure that gnutls is much smaller... We should assume that both are quite scary from a "security" point of view. Licensing is the main thing which divides them, gnutls is stated as GPL compatible (however, the nominal incompatibility of openssl seems difficult to understand?) OpenVPN integrated with PolarSSL and got Dutch government official approval for the combined package. I think elsewhere it's stated that openssl would not have been approved because something like the codebase was too large to inspect and sign off http://polarssl.org/news?item=0132 I haven't worked with PolarSSL, so no idea, but it's massively smaller codebase is likely attractive if you are the kind of person who actually *does* security audits on the software you run in secure situations. Openssl is just a complete swiss army knife of tools! Ed W From tss at iki.fi Mon Nov 12 21:44:01 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Nov 2012 21:44:01 +0200 Subject: [Dovecot] v2.1 memory usage In-Reply-To: References: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> <1352151633.13571.116.camel@hurina> <1352157757.13571.121.camel@hurina> <50992C33.8030505@wildgooses.com> <5A7F7F7A-9CEB-4A20-B03C-99EE81351114@iki.fi> <50A04CAE.5040608@amfes.com> <50A04EFA.1080202@thelounge.net> Message-ID: <974F70A7-6A21-42C0-B7D4-43CAC3D5D9CB@iki.fi> On 12.11.2012, at 6.13, Daniel L. Miller wrote: >> where is the problem with openssl? > > I don't know what the problem is - I just know that I've > heard from a number of developers (including the Postfix & Dovecot > developers) that they don't like OpenSSL - but while GnuTLS looks > interesting they aren't interested in working on the interface - though > they're willing to accept patches. (My full apologies right now if Timo > or Wietse are offended by my speaking out of turn). OpenSSL documentation is very bad. Its API has some annoying missing features. For example you can load certificates from a directory or a file but not from anything else like from a string in memory. I had to copy&paste a few functions from OpenSSL code just to be able to do them. > The tiny bit of Googling I've done tells me GnuTLS > seems to be a more standards-compliant implementation, and MAY be > "safer" than OpenSSL. However, as OpenSSL is the de-facto standard used > by most Linux programs, acceptance of GnuTLS is quite limited. I've been > intrigued by what I've read about it, and took a quick look at enabling > support in Dovecot for GnuTLS directly - but while it didn't seem overly > heavy at first glance the fact that Timo doesn't want to do it tells me > I'm underestimating the complexity. I already once wrote GnuTLS support for Dovecot, but GnuTLS changed its APIs since then and it was probably originally already buggy. I think the only somewhat "special" APIs that Dovecot needs nowadays are related to reading cert/keys from memory instead of from files. If GnuTLS can do that, I don't think there's anything special in supporting it. Although it might be a bit complex to make it work properly asynchronously. istream-openssl was a bit annoying in that way (all the data read from the fd must be parsed and decoded all the way through to the SSL istream, regardless of any max buffer limits). From dovecot at r.paypc.com Tue Nov 13 00:44:22 2012 From: dovecot at r.paypc.com (Robin) Date: Mon, 12 Nov 2012 14:44:22 -0800 Subject: [Dovecot] mbox vs. maildir storage block waste In-Reply-To: <1352683581.12282.11.camel@fermat.scientia.net> References: <1351544049.3435.47.camel@fermat.scientia.net> <9D29C5F7-A6BC-4D74-AAA9-14675035D09C@iki.fi> <1351545330.3435.66.camel@fermat.scientia.net> <22F4E090-F572-40F4-8B69-D48E48856815@iki.fi> <1351547682.3435.76.camel@fermat.scientia.net> <1351556165.3435.88.camel@fermat.scientia.net> <9C95F27A-0D85-4CD4-8172-9829BC026A14@iki.fi> <1352420557.5071.54.camel@fermat.scientia.net> <509C6243.9040002@r.paypc.com> <1352683581.12282.11.camel@fermat.scientia.net> Message-ID: <50A17BC6.5070100@r.paypc.com> On 11/11/2012 5:26 PM, Christoph Anton Mitterer wrote: > Have you made systematic tests? I.e. compared times for all of these > with those from the different dovecot backends. The choice of Dovecot backends made no substantial difference. I used maildir, sdbox, and mdbox. I also added SiS (with mdbox). Initial tests were on local multi-spindle RAID5 storage, but to handicap Dovecot, I pushed it over NFS (also Linux 3.2 on a local GigE segment). It wasn't slow enough to make dbmail competitive, even though you have to start turning off performance optimisation features in Dovecot to avoid NFS bugs. >> There wasn't a task that the dbmail setup performed faster than >> Dovecot, in either low or high load situations. > Which backend did you use? Backend for dbmail? Two MySQL versions (5.0 and 5.5) - InnoDB is required for dbmail, by the way. Postgres 8.4 and 9.1 backends, using its default storage engine. I tried the tests with both a separate DB machine, as well as a cohosted one with the dbmail connector using local sockets instead of TCP/IP, but that didn't significantly alter the performance. I've found my first notes from the tests. It was the second round of tests with the latest MySQL 5.0 server given some tuning to more aggressively use system memory. You will note the puny size of the mail folder hive in this round. > The mysqld process has consumed nearly an hour of CPU time during this process. > dbmail is configured to use local sockets rather than network I/O. > > I'm using the PERL MailTools http://search.cpan.org/dist/MailTools/ > to import about 10 folders' worth of email, totaling about 560MB in raw size, > constituting about 23,000 emails. The script basically creates the folders, > and does an APPEND for each email. It's bog simple. > > I DROP the database, recreated it, added the one user, verify DBMail > accepts authentication for the newly created mailbox, and then do the import. > The MySQL files live on a freshly formatted ext4 filesystem. > > The import takes Dovecot (MailDir or mdbox format), or Panda IMAP (mix) > about six minutes to complete. > > DBMail 3 took 4h 23m. Casual inspection of the system showed modestly > high CPU usage in mysqld and dbmail-imapd (as well as the import perl > command on occasion), but the Load Average didn't get too close to 1.0, > let alone 2.0, which concerns me that I might have hit some kind of > "busy wait" pathology. To clarify the above: To streamline iterative testing, I made a script to deactivate the currently running SQL server, unmount, re-format, re-mount, and re-populate the skeletal DB directories and restart the DB engine. So between each test, no matter the imapd or DB back-end, the mailstore was presented with a freshly formatted volume on dedicated spindles. The filesystem was ext4, formatted with: lazy_itable_init=0,lazy_journal_init=0,dir_index=1,extents=1,uninit_bg=0,flex_bg=0,has_journal=0,inode_size=256,dir_index=1, > Do you have detailed numbers? Not really, but after it was clear that I wasn't going to get comparable performance even within the same magnitude, I stopped testing it. I included the IMAP SEARCH performance comparison against fts_squat in my original mail to this list. In addition to huge performance deficiencies, it also has/had fatal operational bugs. > I guess you?ve "only" tried dbmail? I did try Manitou, but the lack of a proper IMAP service for it made extensive "like for like" testing very difficult. Manitou is still in the very early days, alas. It also relies on the SQL DB's underlying authentication systems which is rather ... alarming. It performs quite a bit better than dbmail, but still it's not close to Dovecot. At the time I tested it, only custom-rolled clients could talk to it, i.e., no imap4/pop3 "gateways" to it. I think I was most alarmed to see that the widely assumed benefits of putting mail on a SQL DB, i.e., fast searching/sorting, didn't actually happen in reality. As others have mentioned, I also shudder to think of backup/restore issues, especially on a single user level. The mechanisms of backing up and restoring maildirs and even mdboxes, i.e., simple files, are not only well understood, the failure modes are generally fully recoverable. SQL-DB file blobs, especially with MySQL, remind me too much of the "PST Hell" that Exchange administrators face. But maybe that's just my ignorance talking. > All something I wouldn?t want to do on my production systems ;) Neither would I. But as I said, I was "desperate" to get this close to Dovecot's performance. I had about 2-3 weeks to pre-qualify mail storage back-ends with an eye towards 4 or 5 digits of usercount, and maybe tens to hundreds of TBs' scale of mail storage. Running across such poor performance with such relatively small loads disqualified the DB-based mail products very very quickly, for ME, anyway. If you want to run your own tests, my suggestion is to start with Postgres, put as much RAM into your DB machine as you can afford, and maybe populate your DB machine exclusively with SSDs. =R= From tss at iki.fi Tue Nov 13 01:02:26 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 13 Nov 2012 01:02:26 +0200 Subject: [Dovecot] mbox vs. maildir storage block waste In-Reply-To: <50A17BC6.5070100@r.paypc.com> References: <1351544049.3435.47.camel@fermat.scientia.net> <9D29C5F7-A6BC-4D74-AAA9-14675035D09C@iki.fi> <1351545330.3435.66.camel@fermat.scientia.net> <22F4E090-F572-40F4-8B69-D48E48856815@iki.fi> <1351547682.3435.76.camel@fermat.scientia.net> <1351556165.3435.88.camel@fermat.scientia.net> <9C95F27A-0D85-4CD4-8172-9829BC026A14@iki.fi> <1352420557.5071.54.camel@fermat.scientia.net> <509C6243.9040002@r.paypc.com> <1352683581.12282.11.camel@fermat.scientia.net> <50A17BC6.5070100@r.paypc.com> Message-ID: <85E7498A-1E79-4C7A-8DDA-8ED3D841A0DF@iki.fi> On 13.11.2012, at 0.44, Robin wrote: > On 11/11/2012 5:26 PM, Christoph Anton Mitterer wrote: >> Have you made systematic tests? I.e. compared times for all of these >> with those from the different dovecot backends. > > The choice of Dovecot backends made no substantial difference. I used maildir, sdbox, and mdbox. I also added SiS (with mdbox). Initial tests were on local multi-spindle RAID5 storage, With local disks the tests often measure only the local RAM/CPU speed, unless you're testing thousands of users. > but to handicap Dovecot, I pushed it over NFS (also Linux 3.2 on a local GigE segment). It wasn't slow enough to make dbmail competitive, even though you have to start turning off performance optimisation features in Dovecot to avoid NFS bugs. NFS makes a better test case if you're measuring single user performance. Much of it is probably due to the index file access latency, although not all. In some cases Dovecot's prefetching mails can help (maildir, sdbox backends with local disks currently, nothing preventing it from working in other use cases though, even with Dovecot-SQL backend). >> I guess you?ve "only" tried dbmail? > > I did try Manitou, but the lack of a proper IMAP service for it made extensive "like for like" testing very difficult. Manitou is still in the very early days, alas. It also relies on the SQL DB's underlying authentication systems which is rather ... alarming. It performs quite a bit better than dbmail, but still it's not close to Dovecot. At the time I tested it, only custom-rolled clients could talk to it, i.e., no imap4/pop3 "gateways" to it. Manitou seems to advertise itself as being email client .. although then also seems to say SQL is faster than IMAP (which doesn't make much sense itself). > I think I was most alarmed to see that the widely assumed benefits of putting mail on a SQL DB, i.e., fast searching/sorting, didn't actually happen in reality. SQL has nothing that makes any type of email access even potentially efficient. SQL indexes are mostly about binary trees, and there are about zero things in IMAP where I have thought of binary tree being even potentially useful. (Okay, potentially for expunging old mails when you have >1M mails in one folder. Not something you normally optimize for.) With most of Dovecot's optimized lookups, latency is the most important thing. SQL is bad for latency. With remote systems it's usually much faster to just download 1 MB blob and parse it than fetch a couple of 100 byte blocks. > As others have mentioned, I also shudder to think of backup/restore issues, especially on a single user level. The mechanisms of backing up and restoring maildirs and even mdboxes, i.e., simple files, are not only well understood, the failure modes are generally fully recoverable. SQL-DB file blobs, especially with MySQL, remind me too much of the "PST Hell" that Exchange administrators face. But maybe that's just my ignorance talking. I'd think everyone would use the human-readable SQL dumps for database backups. At least with MySQL/PostgreSQL I wouldn't really trust anything else. From tss at iki.fi Tue Nov 13 01:09:44 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 13 Nov 2012 01:09:44 +0200 Subject: [Dovecot] mbox vs. maildir storage block waste In-Reply-To: <85E7498A-1E79-4C7A-8DDA-8ED3D841A0DF@iki.fi> References: <1351544049.3435.47.camel@fermat.scientia.net> <9D29C5F7-A6BC-4D74-AAA9-14675035D09C@iki.fi> <1351545330.3435.66.camel@fermat.scientia.net> <22F4E090-F572-40F4-8B69-D48E48856815@iki.fi> <1351547682.3435.76.camel@fermat.scientia.net> <1351556165.3435.88.camel@fermat.scientia.net> <9C95F27A-0D85-4CD4-8172-9829BC026A14@iki.fi> <1352420557.5071.54.camel@fermat.scientia.net> <509C6243.9040002@r.paypc.com> <1352683581.12282.11.camel@fermat.scientia.net> <50A17BC6.5070100@r.paypc.com> <85E7498A-1E79-4C7A-8DDA-8ED3D841A0DF@iki.fi> Message-ID: <8445ED76-AF63-417D-95B3-CFF03E2090AF@iki.fi> Uh.. On 13.11.2012, at 1.02, Timo Sirainen wrote: > On 13.11.2012, at 0.44, Robin wrote: > >> On 11/11/2012 5:26 PM, Christoph Anton Mitterer wrote: >>> Have you made systematic tests? I.e. compared times for all of these >>> with those from the different dovecot backends. >> >> The choice of Dovecot backends made no substantial difference. I used maildir, sdbox, and mdbox. I also added SiS (with mdbox). Initial tests were on local multi-spindle RAID5 storage, > > With local disks the tests often measure only the local RAM/CPU speed, unless you're testing thousands of users. ..measuring disk I/O most importantly. >> but to handicap Dovecot, I pushed it over NFS (also Linux 3.2 on a local GigE segment). It wasn't slow enough to make dbmail competitive, even though you have to start turning off performance optimisation features in Dovecot to avoid NFS bugs. > > NFS makes a better test case if you're measuring single user performance. Much of it is probably due to the index file access latency, although not all. In some cases Dovecot's prefetching mails can help (maildir, sdbox backends with local disks currently, nothing preventing it from working in other use cases though, even with Dovecot-SQL backend). Prefetching is done only with mail_prefetch_count setting. Someone in blog.dovecot.org mentioned that it was bad for performance with local disk+maildir. Linux apparently doesn't do this with NFS. It would of course be possible to just have the prefetching create a new thread/process to download the mail locally and read it (similar to what the object storage plugin does). From symbiat at gmail.com Tue Nov 13 07:09:37 2012 From: symbiat at gmail.com (Ajai Khattri) Date: Tue, 13 Nov 2012 00:09:37 -0500 Subject: [Dovecot] Dovecot newbie (migrating from qmail) Message-ID: Ive been using qmail+vpopmail+courier-imap for many years but its time to retire that server so I thought this might be an opportunity to see how I could use Postfix and Dovecot to provide the same services. Im running Dovecot 2.1.9 and Postfix 2.9.4. I have spent a few days reading through some of the docs on the wiki (there's doesn't seem to be any large overview of Dovecot concepts or books so bear with me). Im thinking something simple like passwd-file setup would suffice for me. I want to use completely virtual users. Id like to store mail under /home/vmail/$domain/$user. I think Ive figured out how to do that. But how do I create the maildir? I understand the need to have a mail directory but also a directory for things like sieve - how to specify that? Im thinking the structure would be something like: /home/vmail/$domain/$user/mail <-- mail stored here /home/vmail/$domain/$user/ <-- sieve and other sundry store here Or should the sieve stuff also be under its own folder alongside the maildir? Is it possible to have a separate passwd file per domain? It is possible to combine password and userdb files into one per domain? (I prefer to keep all files related to each domain in its own folder). Also would like to configure Postfix to use dovecot-sasl and I want to use dovecot-lmtp for deliveries. Any good docs / example on those? Later on, I think I want to integrate some kind of virus and spam filtering (amavisd and maybe dspam - anybody used those? would I configure Postfix to handle that or dovecot-lmtp?) Im sure Ill have more questions as I get more complicated but baby steps for now. -- Aj. From alessio at skye.it Tue Nov 13 09:04:47 2012 From: alessio at skye.it (Alessio Cecchi) Date: Tue, 13 Nov 2012 08:04:47 +0100 Subject: [Dovecot] Dovecot newbie (migrating from qmail) In-Reply-To: References: Message-ID: <50A1F10F.9090204@skye.it> Il 13/11/2012 06:09, Ajai Khattri ha scritto: > Ive been using qmail+vpopmail+courier-imap for many years but its time to > retire that server so I thought this might be an opportunity to see how I > could use Postfix and Dovecot to provide the same services. Im running > Dovecot 2.1.9 and Postfix 2.9.4. > > I have spent a few days reading through some of the docs on the wiki > (there's doesn't seem to be any large overview of Dovecot concepts or books > so bear with me). > > Im thinking something simple like passwd-file setup would suffice for me. I > want to use completely virtual users. > > Id like to store mail under /home/vmail/$domain/$user. I think Ive figured > out how to do that. But how do I create the maildir? Maildir/ will automatically created when the first email arrives or during the first user login. It would be better if you create the folder during the creation of the users. > > I understand the need to have a mail directory but also a directory for > things like sieve - how to specify that? > > Im thinking the structure would be something like: > /home/vmail/$domain/$user/mail <-- mail stored here Yes, better (by convention) if named Maildir/ > /home/vmail/$domain/$user/ <-- sieve and other sundry store here > Or should the sieve stuff also be under its own folder alongside the > maildir? Inside Maildir/ named sieve/ or always without tarting with a dot > > Is it possible to have a separate passwd file per domain? It is possible to > combine password and userdb files into one per domain? (I prefer to keep > all files related to each domain in its own folder). Yes, passdb { driver = passwd-file # Each domain has a separate passwd-file: args = /etc/auth/%d/passwd } Yes: http://wiki2.dovecot.org/AuthDatabase/PasswdFile > > Also would like to configure Postfix to use dovecot-sasl and I want to use > dovecot-lmtp for deliveries. Any good docs / example on those? For SASL http://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL Ciao -- Alessio Cecchi is: @ ILS -> http://www.linux.it/~alessice/ on LinkedIn -> http://www.linkedin.com/in/alessice Assistenza Sistemi GNU/Linux -> http://www.cecchi.biz/ @ PLUG -> ex-Presidente, adesso senatore a vita, http://www.prato.linux.it From janfrode at tanso.net Tue Nov 13 11:17:44 2012 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Tue, 13 Nov 2012 10:17:44 +0100 Subject: [Dovecot] Commercial features in Dovecot future: Object storage, archive In-Reply-To: <85966921-0276-4B80-8F7B-37B5B9558FFC@iki.fi> References: <85966921-0276-4B80-8F7B-37B5B9558FFC@iki.fi> Message-ID: On Mon, Nov 12, 2012 at 12:33 PM, Timo Sirainen wrote: > Hi all, > > Dovecot Oy?s web pages at www.dovecot.fi have been updated. The products page lists two features that will be available for commercial licensing, extending the functionality of the basic open-source version of Dovecot. > > * Storing emails to (high-latency) object storage, initially supporting Amazon S3, Caringo CAStor and Scality. > > * Email archive storage. > > See http://www.dovecot.fi/products/index.html for details. 404 file not found, but it was not too difficult to guess where you meant. I'm not too interested in the extended functionality, but the extra tested, bugfix-only/mainly Enterprise Release sounds very interesting. That page isn't quite clear on if the enterprise release is meant to be free or not "(Some features may require license fees)". Could you please clarify? Is it available already? We're starting to be long overdue for an overhaul of our installation (currently on v2.0.14 + some fixes), so we need to do something soon... -jf From mfi at tf.uni-kiel.de Tue Nov 13 11:18:26 2012 From: mfi at tf.uni-kiel.de (Michael Firnau) Date: Tue, 13 Nov 2012 10:18:26 +0100 Subject: [Dovecot] dovecot lost mail! Cause? In-Reply-To: References: Message-ID: <20121113091826.GS36787@fanty-a.tf.uni-kiel.de> On Mon, Nov 12, 2012 at 01:44:37AM -0800, Lukas Haase wrote: > Hi, > > On 11/12/2012 1:19 AM, Steffen Kaiser wrote: > > On Mon, 12 Nov 2012, Lukas Haase wrote: > > > >> Nov 12 07:28:21 mail dovecot: deliver(user2): sieve: > >> msgid=<8644593.887351352701685934.JavaMail.orbitz>: stored mail into > >> mailbox 'INBOX' > > > > are there any other log lines of user2? > > Anfortunately not :-( Grepped everything, and I would have posted otherwise. > > My hope is that the dovecot.index.cache may provide some insights (I > made a backup copy of it). Hi, yesterday i had a user missing mail and he had the junk-filter in thunderbird activated. The mail was automagically moved from the inbox to the spam folder. From the header i see you use thunderbird, so it's a shot in the dark ... Regards, Mike From marco.gatti at gmail.com Tue Nov 13 12:35:04 2012 From: marco.gatti at gmail.com (Marco Gatti) Date: Tue, 13 Nov 2012 11:35:04 +0100 Subject: [Dovecot] multiple users to same e-mail account with ldap authentication Message-ID: Hi, I was looking for a particular case of dovecot configuration I cannot find anywhere. Is there a way dovecot can authenticate via ldap different windows 2008 AD users that have access to the same e-mail account (like user authorization in ms exchange)? For example I want to extend AD schema to let users have 10 email accounts (with multiple domain support). If they are private accounts I think there is no problem at all. But if I want two or more users to access the same mail account what happens? Can I do it with dovecot? Or should I create AD groups and add members to that, to let user access the same mail account? Cheers -- Marco From CMarcus at Media-Brokers.com Tue Nov 13 13:14:20 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Tue, 13 Nov 2012 06:14:20 -0500 Subject: [Dovecot] dovecot lost mail! Cause? In-Reply-To: <20121113091826.GS36787@fanty-a.tf.uni-kiel.de> References: <20121113091826.GS36787@fanty-a.tf.uni-kiel.de> Message-ID: <50A22B8C.7020409@Media-Brokers.com> On 2012-11-13 4:18 AM, Michael Firnau wrote: > yesterday i had a user missing mail and he had the junk-filter > in thunderbird activated. The mail was automagically moved from > the inbox to the spam folder. From the header i see you use thunderbird, > so it's a shot in the dark ... I have a user that uses filters, and occasionally will shoot himself in the foot trying to be a little bit too smart trying to catch junk (his definition of junk is just anything that he doesn't want), and he calls me occasionally to come figure out why his filter is catching all of his good mail (usually a typo)... So, check for any filters too... -- Best regards, Charles From rs at sys4.de Tue Nov 13 13:32:38 2012 From: rs at sys4.de (Robert Schetterer) Date: Tue, 13 Nov 2012 12:32:38 +0100 Subject: [Dovecot] Commercial features in Dovecot future: Object storage, archive In-Reply-To: References: <85966921-0276-4B80-8F7B-37B5B9558FFC@iki.fi> Message-ID: <50A22FD6.2040501@sys4.de> Am 13.11.2012 10:17, schrieb Jan-Frode Myklebust: >> See http://www.dovecot.fi/products/index.html for details. > 404 file not found, but it was not too difficult to guess where you meant. no problem here Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From h.reindl at thelounge.net Tue Nov 13 13:38:05 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Tue, 13 Nov 2012 12:38:05 +0100 Subject: [Dovecot] Commercial features in Dovecot future: Object storage, archive In-Reply-To: <50A22FD6.2040501@sys4.de> References: <85966921-0276-4B80-8F7B-37B5B9558FFC@iki.fi> <50A22FD6.2040501@sys4.de> Message-ID: <50A2311D.7060308@thelounge.net> Am 13.11.2012 12:32, schrieb Robert Schetterer: > Am 13.11.2012 10:17, schrieb Jan-Frode Myklebust: >>> See http://www.dovecot.fi/products/index.html for details. >> 404 file not found, but it was not too difficult to guess where you meant. > > no problem here having a shiny laout does not mean that you do not see a error page since it is one httpd-config-line read the page title Whoops! Page Not Found | The world's most popular IMAP server! read the response-headers: HTTP/1.1 404 Not Found Date: Tue, 13 Nov 2012 11:36:40 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3 scroll down: Whoops! Page Not Found Don't fret, you didn't do anything wrong. It appears that the page you are looking for does not exist or has been moved elsewhere. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 259 bytes Desc: OpenPGP digital signature URL: From rs at sys4.de Tue Nov 13 13:40:29 2012 From: rs at sys4.de (Robert Schetterer) Date: Tue, 13 Nov 2012 12:40:29 +0100 Subject: [Dovecot] multiple users to same e-mail account with ldap authentication In-Reply-To: References: Message-ID: <50A231AD.6050308@sys4.de> Am 13.11.2012 11:35, schrieb Marco Gatti: > Hi, I was looking for a particular case of dovecot configuration I > cannot find anywhere. > Is there a way dovecot can authenticate via ldap different windows > 2008 AD users that have access to the same e-mail account (like user > authorization in ms exchange)? > For example I want to extend AD schema to let users have 10 email > accounts (with multiple domain support). If they are private accounts > I think there is no problem at all. But if I want two or more users to > access the same mail account what happens? Can I do it with dovecot? > Or should I create AD groups and add members to that, to let user > access the same mail account? > Cheers > there may more ways to goal this, for short looking one, way is described here http://wiki2.dovecot.org/HowTo/ActiveDirectoryNtlm using ldap might be better look i.e http://blog.al-shami.net/2008/05/freebsd-postfix-dovecot-and-active-directory/ http://www.howtoforge.com/postfix-dovecot-authentication-against-active-directory-on-centos-5.x for ideas Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From rs at sys4.de Tue Nov 13 13:43:14 2012 From: rs at sys4.de (Robert Schetterer) Date: Tue, 13 Nov 2012 12:43:14 +0100 Subject: [Dovecot] Commercial features in Dovecot future: Object storage, archive In-Reply-To: <50A2311D.7060308@thelounge.net> References: <85966921-0276-4B80-8F7B-37B5B9558FFC@iki.fi> <50A22FD6.2040501@sys4.de> <50A2311D.7060308@thelounge.net> Message-ID: <50A23252.1010603@sys4.de> Am 13.11.2012 12:38, schrieb Reindl Harald: > read the page title > Whoops! Page Not Found | ok , i see youre right, i am rare looking in tab text Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From tss at iki.fi Tue Nov 13 14:27:48 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 13 Nov 2012 14:27:48 +0200 Subject: [Dovecot] Commercial features in Dovecot future: Object storage, archive In-Reply-To: <CAHwPatiW7OCV-WAa=n_-pEm59kU_6Hj+eKJuMx_zQpW0sCRYmg@mail.gmail.com> References: <85966921-0276-4B80-8F7B-37B5B9558FFC@iki.fi> <CAHwPatiW7OCV-WAa=n_-pEm59kU_6Hj+eKJuMx_zQpW0sCRYmg@mail.gmail.com> Message-ID: <A2F46699-9091-4B6C-95F6-05EB8B3A0782@iki.fi> On 13.11.2012, at 11.17, Jan-Frode Myklebust wrote: > On Mon, Nov 12, 2012 at 12:33 PM, Timo Sirainen <tss at iki.fi> wrote: >> Hi all, >> >> Dovecot Oy?s web pages at www.dovecot.fi have been updated. The products page lists two features that will be available for commercial licensing, extending the functionality of the basic open-source version of Dovecot. >> >> * Storing emails to (high-latency) object storage, initially supporting Amazon S3, Caringo CAStor and Scality. >> >> * Email archive storage. >> >> See http://www.dovecot.fi/products/index.html for details. > > 404 file not found, but it was not too difficult to guess where you meant. It worked when I wrote the email, but broke since then :) > I'm not too interested in the extended functionality, but the extra > tested, bugfix-only/mainly Enterprise Release sounds very interesting. > That page isn't quite clear on if the enterprise release is meant to > be free or not "(Some features may require license fees)". Could you > please clarify? Is it available already? It's currently available if you buy a support contract. (RPMs and source tarball, DEBs should come in somewhat near future.) From andreas.schulze at datev.de Tue Nov 13 15:09:53 2012 From: andreas.schulze at datev.de (Andreas Schulze) Date: Tue, 13 Nov 2012 14:09:53 +0100 Subject: [Dovecot] older gcc don't know --as-needed Message-ID: <20121113130953.GA22714@spider.services.datevnet.de> Hi, I have to build dovecot-2.1.10 for SuSE SLES9. /bin/sh ../../libtool --tag=CC --mode=link gcc -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -no-undefined -Wl,--as-needed -o test-lib test_lib-test-lib.o test_lib-test-array.o test_lib-test-aqueue.o test_lib-test-base64.o test_lib-test-bsearch-insert-pos.o test_lib-test-buffer.o test_lib-test-crc32.o test_lib-test-hash-format.o test_lib-test-hex-binary.o test_lib-test-istream-base64-encoder.o test_lib-test-istream-concat.o test_lib-test-istream-crlf.o test_lib-test-istream-seekable.o test_lib-test-istream-tee.o test_lib-test-llist.o test_lib-test-mempool-alloconly.o test_lib-test-network.o test_lib-test-ostream-file.o test_lib-test-primes.o test_lib-test-priorityq.o test_lib-test-seq-range-array.o test_lib-test-strescape.o test_lib-test-strfuncs.o test_lib-test-str-find.o test_lib-test-str-sanitize.o test_lib-test-time-util.o test_lib-test-utc-mktime.o test_lib-test-var-expand.o ../lib-test/libtest.la liblib.la -lrt libtool: link: gcc -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wl,--as-needed -o test-lib test_lib-test-lib.o test_lib-test-array.o test_lib-test-aqueue.o test_lib-test-base64.o test_lib-test-bsearch-insert-pos.o test_lib-test-buffer.o test_lib-test-crc32.o test_lib-test-hash-format.o test_lib-test-hex-binary.o test_lib-test-istream-base64-encoder.o test_lib-test-istream-concat.o test_lib-test-istream-crlf.o test_lib-test-istream-seekable.o test_lib-test-istream-tee.o test_lib-test-llist.o test_lib-test-mempool-alloconly.o test_lib-test-network.o test_lib-test-ostream-file.o test_lib-test-primes.o test_lib-test-priorityq.o test_lib-test-seq-range-array.o test_lib-test-strescape.o test_lib-test-strfuncs.o test_lib-test-str-find.o test_lib-test-str-sanitize.o test_lib-test-time-util.o test_lib-test-utc-mktime.o test_lib-test-var-expand.o ../lib-test/.libs/libtest.a ./.libs/liblib.a -lrt /usr/lib/gcc-lib/i586-suse-linux/3.3.3/../../../../i586-suse-linux/bin/ld: unrecognized option '--as-needed' /usr/lib/gcc-lib/i586-suse-linux/3.3.3/../../../../i586-suse-linux/bin/ld: use the --help option for usage information gcc version is 3.3.3 Is there a special option to disable ithe ld option or do I have to apply a special patch? Are there other suggestions? Thanks -- Andreas Schulze Internetdienste | P252 DATEV eG 90329 N?rnberg | Telefon +49 911 319-0 | Telefax +49 911 319-3196 E-Mail info @datev.de | Internet www.datev.de Sitz: 90429 N?rnberg, Paumgartnerstr. 6-14 | Registergericht N?rnberg, GenReg Nr.70 Vorstand Prof. Dieter Kempf (Vorsitzender) Dipl.-Kfm. Wolfgang Stegmann (stellvertretender Vorsitzender) Dipl.-Kfm. Michael Leistenschneider Dipl.-Kfm. Dr. Robert Mayr J?rg Rabe v. Pappenheim Dipl.-Vw. Eckhard Schwarzer Vorsitzender des Aufsichtsrates: Reinhard Verholen From amateo at um.es Tue Nov 13 15:22:50 2012 From: amateo at um.es (Angel L. Mateo) Date: Tue, 13 Nov 2012 14:22:50 +0100 Subject: [Dovecot] Problem importing messages with lazy_expunged configured Message-ID: <50A249AA.9000704@um.es> Hello, I have a problem importing messages since I have configured lazy_expunge. My lazy_expunge configuration (that is correctly working when a message is expunged) is: plugin { lazy_expunge = BORRADOS. } namespace { hidden = yes list = no location = maildir:~/Maildir/expunged prefix = BORRADOS. separator = . } but when I try to import messages I get: amateo_adm at myotis31:~$ sudo doveadm -vD import -u angel.luis maildir:/tmp/angel.luis '' mailbox INBOX doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/lib02_lazy_expunge_plugin.so doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/lib10_quota_plugin.so doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/lib20_zlib_plugin.so doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules/doveadm doveadm(root): Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_acl_plugin.so: undefined symbol: acl_user_module (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_deinit (this is usually intentional, so just ignore this message) doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_quota_plugin.so doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_zlib_plugin.so doveadm(root): Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_backend_rescan (this is usually intentional, so just ignore this message) doveadm(root): Debug: Effective uid=0, gid=0, home=/home/amateo_adm doveadm(root): Debug: Quota root: name=User quota backend=dict args=:file:/home/amateo_adm/Maildir/dovecot.quota doveadm(root): Debug: Quota rule: root=User quota mailbox=* bytes=10737418240 messages=0 doveadm(root): Debug: Quota rule: root=User quota mailbox=Trash bytes=+1073741824 messages=0 doveadm(root): Debug: dict quota: user=doveadm, uri=file:/home/amateo_adm/Maildir/dovecot.quota, noenforcing=0 doveadm(root): Debug: maildir++: root=/tmp/angel.luis, index=, control=, inbox=/tmp/angel.luis, alt= doveadm(root): Fatal: lazy_expunge: Unknown namespace: 'BORRADOS.' in /tmp/<user> I don't have any "expunged" folder, it is just a maildir. In order to use it I have to deactivate this plugin in the running command with something like "sudo doveadm -vD -o mail_plugins='quota zlib' import -u <user> maildir:/tmp/<user> '' mailbox INBOX". Any idea? -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n y las Comunicaciones Aplicadas (ATICA) http://www.um.es/atica Tfo: 868889150 Fax: 868888337 -------------- next part -------------- # 2.1.9: /etc/dovecot/dovecot.conf # OS: Linux 3.2.19um1 x86_64 Ubuntu 12.04.1 LTS auth_cache_size = 20 M auth_cache_ttl = 1 days auth_master_user_separator = * auth_verbose = yes default_process_limit = 1024 disable_plaintext_auth = no log_timestamp = %Y-%m-%d %H:%M:%S login_trusted_networks = 155.54.211.176/28 mail_location = maildir:~/Maildir:INDEX=/var/indexes/%n mail_plugins = quota zlib lazy_expunge mail_privileged_group = mail maildir_very_dirty_syncs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave imapflags mdbox_rotate_size = 20 M namespace { inbox = yes location = prefix = separator = . } namespace { hidden = yes list = no location = maildir:~/Maildir/expunged prefix = BORRADOS. separator = . } passdb { args = /etc/dovecot/master-users driver = passwd-file master = yes pass = yes } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } passdb { args = session=yes cache_key=%n dovecot driver = pam } plugin { lazy_expunge = BORRADOS. quota = dict:User quota::file:%h/Maildir/dovecot.quota quota_rule = *:storage=10G quota_rule2 = Trash:storage=+1G sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = +imapflags sieve_max_redirects = 15 zlib_save = gz zlib_save_level = 6 } postmaster_address = postmaster at um.es protocols = imap pop3 lmtp sieve service anvil { client_limit = 3075 } service auth { client_limit = 4096 unix_listener auth-userdb { mode = 0666 } } service doveadm { inet_listener { port = 24245 } } service imap { process_limit = 5120 process_min_avail = 6 vsz_limit = 512 M } service ipc { unix_listener ipc { user = dovecot } } service lmtp { inet_listener lmtp { port = 24 } process_min_avail = 10 vsz_limit = 512 M } service pop3 { process_min_avail = 6 } ssl = no ssl_cert = </etc/ssl/certs/dovecot.pem ssl_key = </etc/ssl/private/dovecot.pem userdb { driver = prefetch } userdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } protocol lda { mail_plugins = quota zlib lazy_expunge sieve } protocol imap { mail_plugins = quota zlib lazy_expunge imap_quota } protocol lmtp { mail_plugins = quota zlib lazy_expunge sieve } protocol pop3 { pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, in=%i, out=%o } local 155.54.211.160/27/27 { doveadm_password = <password> } From marco.gatti at gmail.com Tue Nov 13 15:56:46 2012 From: marco.gatti at gmail.com (Marco Gatti) Date: Tue, 13 Nov 2012 14:56:46 +0100 Subject: [Dovecot] multiple users to same e-mail account with ldap authentication In-Reply-To: <50A231AD.6050308@sys4.de> References: <CA+-Sp6nBFStLsLvxXz4uybAksN8scY=9SqF+RkbEz_v385Bh8w@mail.gmail.com> <50A231AD.6050308@sys4.de> Message-ID: <CA+-Sp6mRy_p=_g+uRKa+-BUgNC3acFoGafzH5kQduQCPsyA_VA@mail.gmail.com> 2012/11/13 Robert Schetterer <rs at sys4.de>: > Am 13.11.2012 11:35, schrieb Marco Gatti: >> Hi, I was looking for a particular case of dovecot configuration I >> cannot find anywhere. >> Is there a way dovecot can authenticate via ldap different windows >> 2008 AD users that have access to the same e-mail account (like user >> authorization in ms exchange)? >> For example I want to extend AD schema to let users have 10 email >> accounts (with multiple domain support). If they are private accounts >> I think there is no problem at all. But if I want two or more users to >> access the same mail account what happens? Can I do it with dovecot? >> Or should I create AD groups and add members to that, to let user >> access the same mail account? >> Cheers >> > > there may more ways to goal this, for short looking one, way is > described here > > http://wiki2.dovecot.org/HowTo/ActiveDirectoryNtlm > > using ldap might be better > > look i.e > > http://blog.al-shami.net/2008/05/freebsd-postfix-dovecot-and-active-directory/ > http://www.howtoforge.com/postfix-dovecot-authentication-against-active-directory-on-centos-5.x > > > for ideas > > Best Regards > MfG Robert Schetterer > > -- > [*] sys4 AG > > http://sys4.de, +49 (89) 30 90 46 64 > Franziskanerstra?e 15, 81669 M?nchen > > Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 > Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer > Aufsichtsratsvorsitzender: Joerg Heidrich Thank you Robert for the quick reply. I'm aware of the links you sent me, however they don't give me a clue if what I was asking may me done. I'll try to give more details. I have to build a multiple domain mail server with the use of windows AD authentication. I've managed to add some extra filed in the AD schema like this: mail1: account1 at example1.com box1: /example1.com/account1/ enabled1: TRUE quota1: 1000000 mail2: account2 at example2.com box2: /example2.com/account2/ enabled2: TRUE quota2: 1000000 There could be 10 or 50 of them for each AD user. If I use NTLM or PAM authentication (after joining the AD) I have to use AD usernames to login with dovecot and I don't know how then to deal with different email addresses configured per user. If I use LDAP lookup I have to use the email address as username but then if different AD users have to access the same email account how dovecot can manage it??? For example the LDAP configuration for user and password lookup may be something like this: user_attrs = sAMAccountName=mail=maildir:/var/mail/%d/%n,=uid=102,=gid=10050 user_filter = (&(objectClass=person)(|(&(mail1=%u)(enabled1=TRUE)) (&(mail2=%u)(enabled2=TRUE)))) pass_attrs = userPassword=password pass_filter = (&(objectClass=person)(|(&(mail1=%u)(enabled1=TRUE)) (&(mail2=%u)(enabled2=TRUE)))) I think I may be missing something important in how dovecot works, but cannot find any documentation about it. Regards -- Marco From ott at mirix.org Tue Nov 13 16:10:34 2012 From: ott at mirix.org (Matthias-Christian Ott) Date: Tue, 13 Nov 2012 15:10:34 +0100 Subject: [Dovecot] v2.1 memory usage In-Reply-To: <974F70A7-6A21-42C0-B7D4-43CAC3D5D9CB@iki.fi> References: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> <1352151633.13571.116.camel@hurina> <1352157757.13571.121.camel@hurina> <50992C33.8030505@wildgooses.com> <5A7F7F7A-9CEB-4A20-B03C-99EE81351114@iki.fi> <50A04CAE.5040608@amfes.com> <50A04EFA.1080202@thelounge.net> <assp.1663a3b60b.f55349df7c455907404f9b76b8a6809e@amfes.com> <974F70A7-6A21-42C0-B7D4-43CAC3D5D9CB@iki.fi> Message-ID: <50A254DA.6040901@mirix.org> On 2012-11-12 20:44, Timo Sirainen wrote: > On 12.11.2012, at 6.13, Daniel L. Miller wrote: >> The tiny bit of Googling I've done tells me GnuTLS >> seems to be a more standards-compliant implementation, and MAY be >> "safer" than OpenSSL. However, as OpenSSL is the de-facto standard used >> by most Linux programs, acceptance of GnuTLS is quite limited. I've been >> intrigued by what I've read about it, and took a quick look at enabling >> support in Dovecot for GnuTLS directly - but while it didn't seem overly >> heavy at first glance the fact that Timo doesn't want to do it tells me >> I'm underestimating the complexity. > > I already once wrote GnuTLS support for Dovecot, but GnuTLS changed its APIs since then and it was probably originally already buggy. I think the only somewhat "special" APIs that Dovecot needs nowadays are related to reading cert/keys from memory instead of from files. If GnuTLS can do that, I don't think there's anything special in supporting it. Although it might be a bit complex to make it work properly asynchronously. istream-openssl was a bit annoying in that way (all the data read from the fd must be parsed and decoded all the way through to the SSL istream, regardless of any max buffer limits). A while ago, I started working on GnuTLS support for Dovecot. While I didn't finish the implementation due to time constraints (the "abstract" API of lib-ssl-iostream is made for OpenSSL and you have to emulate some things), I think it would be possible to add GnuTLS support and with GnuTLS it would be possible to load X.509 certificates from memory. Regards, Matthias-Christian From tibby at tibby.hu Tue Nov 13 16:44:26 2012 From: tibby at tibby.hu (tibby at tibby.hu) Date: Tue, 13 Nov 2012 15:44:26 +0100 Subject: [Dovecot] IPhone wont delete IMAP messages from dovecot mailbox Message-ID: <3d72996f8a91b2a663c0713fbe0e3697@tibby.hu> Hello! I've got dovecot running with postfix. Have virtual users under vmail folder. When I connect with outlook, I can read, delete messages. When I sign on with webmail, also can delete messages, Mutt is working as well on the mail server, can delete messages. Once the message is deleted it moves to the trash. Works as it supposed to. But on Iphone, when I add a mail user, got the mailbox synced with IMAP I can see the INBOX, but when I delete a message, get this error: "Unable to Move Message The message could not be moved to the mailbox Trash." http://www.netchimp.co.uk/webdesign/wp-content/uploads/2011/12/iphone_unable_to_move_message.png What causing this problem? Please Help. From symbiat at gmail.com Tue Nov 13 16:52:46 2012 From: symbiat at gmail.com (Ajai Khattri) Date: Tue, 13 Nov 2012 09:52:46 -0500 Subject: [Dovecot] Dovecot newbie (migrating from qmail) In-Reply-To: <50A1F10F.9090204@skye.it> References: <CA+7x2W-yQ-XvjNardvhvwS_T+y+jbCVvwM=Gn=xsRbcgypf4JA@mail.gmail.com> <50A1F10F.9090204@skye.it> Message-ID: <50A25EBE.7000605@gmail.com> On 11/13/12 2:04 AM, Alessio Cecchi wrote: > Yes, better (by convention) if named Maildir/ Incidently, Im only using maildir because Im familiar with it and it scales well. How does it compare against mdbox? Does Dovecot have its own mailbox format? -- Aj. From ben at morrow.me.uk Tue Nov 13 16:57:34 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Tue, 13 Nov 2012 14:57:34 +0000 Subject: [Dovecot] sieve-extprograms strips Return-Path headers Message-ID: <20121113145732.GB40206@anubis.morrow.me.uk> The sieve-extprograms extension strips Return-Path headers before passing mail off to the external program. The patch to remove this behavious is trivial (and attached), but since it appears to be deliberate I felt I should investigate further. I believe this is basically a cut-and-paste error. The code to strip Return-Path has been there since the sieve-pipe plugin for Dovecot 1.x, and I believe it was copied from the equivalent code in the 'redirect' action for passing mail off to sendmail(8). In that case, stripping Return-Path is correct, since the message is being resubmitted for delivery (by SMTP or otherwise), and the last step of the new delivery will (should) add a new Return-Path header with the new envelope information. In the case of sieve-extprograms, though, the filtering is happening post-delivery, so a stripped Return-Path will never be replaced. Ben -------------- next part -------------- A non-text attachment was scrubbed... Name: return-path.patch Type: text/x-diff Size: 1012 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121113/5433942f/attachment-0001.bin> From rs at sys4.de Tue Nov 13 17:15:15 2012 From: rs at sys4.de (Robert Schetterer) Date: Tue, 13 Nov 2012 16:15:15 +0100 Subject: [Dovecot] multiple users to same e-mail account with ldap authentication In-Reply-To: <CA+-Sp6mRy_p=_g+uRKa+-BUgNC3acFoGafzH5kQduQCPsyA_VA@mail.gmail.com> References: <CA+-Sp6nBFStLsLvxXz4uybAksN8scY=9SqF+RkbEz_v385Bh8w@mail.gmail.com> <50A231AD.6050308@sys4.de> <CA+-Sp6mRy_p=_g+uRKa+-BUgNC3acFoGafzH5kQduQCPsyA_VA@mail.gmail.com> Message-ID: <50A26403.3020200@sys4.de> Am 13.11.2012 14:56, schrieb Marco Gatti: > 2012/11/13 Robert Schetterer <rs at sys4.de>: >> Am 13.11.2012 11:35, schrieb Marco Gatti: >>> Hi, I was looking for a particular case of dovecot configuration I >>> cannot find anywhere. >>> Is there a way dovecot can authenticate via ldap different windows >>> 2008 AD users that have access to the same e-mail account (like user >>> authorization in ms exchange)? >>> For example I want to extend AD schema to let users have 10 email >>> accounts (with multiple domain support). If they are private accounts >>> I think there is no problem at all. But if I want two or more users to >>> access the same mail account what happens? Can I do it with dovecot? >>> Or should I create AD groups and add members to that, to let user >>> access the same mail account? >>> Cheers >>> >> >> there may more ways to goal this, for short looking one, way is >> described here >> >> http://wiki2.dovecot.org/HowTo/ActiveDirectoryNtlm >> >> using ldap might be better >> >> look i.e >> >> http://blog.al-shami.net/2008/05/freebsd-postfix-dovecot-and-active-directory/ >> http://www.howtoforge.com/postfix-dovecot-authentication-against-active-directory-on-centos-5.x >> >> >> for ideas >> >> Best Regards >> MfG Robert Schetterer >> >> -- >> [*] sys4 AG >> >> http://sys4.de, +49 (89) 30 90 46 64 >> Franziskanerstra?e 15, 81669 M?nchen >> >> Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 >> Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer >> Aufsichtsratsvorsitzender: Joerg Heidrich > > > Thank you Robert for the quick reply. > I'm aware of the links you sent me, however they don't give me a clue > if what I was asking may me done. > I'll try to give more details. > I have to build a multiple domain mail server with the use of windows > AD authentication. > I've managed to add some extra filed in the AD schema like this: > > mail1: account1 at example1.com > box1: /example1.com/account1/ > enabled1: TRUE > quota1: 1000000 > > mail2: account2 at example2.com > box2: /example2.com/account2/ > enabled2: TRUE > quota2: 1000000 > > There could be 10 or 50 of them for each AD user. > If I use NTLM or PAM authentication (after joining the AD) I have to > use AD usernames to login with dovecot and I don't know how then to > deal with different email addresses configured per user. > If I use LDAP lookup I have to use the email address as username but > then if different AD users have to access the same email account how > dovecot can manage it??? > For example the LDAP configuration for user and password lookup may be > something like this: > > user_attrs = sAMAccountName=mail=maildir:/var/mail/%d/%n,=uid=102,=gid=10050 > user_filter = (&(objectClass=person)(|(&(mail1=%u)(enabled1=TRUE)) > (&(mail2=%u)(enabled2=TRUE)))) > pass_attrs = userPassword=password > pass_filter = (&(objectClass=person)(|(&(mail1=%u)(enabled1=TRUE)) > (&(mail2=%u)(enabled2=TRUE)))) > > I think I may be missing something important in how dovecot works, but > cannot find any documentation about it. > Regards > hm thats complex, however i would not recommand trying change exchange/active dir schemas however the only reason i can think of for what you want is using dovecot as proxy? so what about this ? http://wiki2.dovecot.org/HowTo/ImapcProxy http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy http://wiki2.dovecot.org/Director Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From wgillespie+dovecot at es2eng.com Tue Nov 13 17:21:40 2012 From: wgillespie+dovecot at es2eng.com (Willie Gillespie) Date: Tue, 13 Nov 2012 08:21:40 -0700 Subject: [Dovecot] IPhone wont delete IMAP messages from dovecot mailbox In-Reply-To: <3d72996f8a91b2a663c0713fbe0e3697@tibby.hu> References: <3d72996f8a91b2a663c0713fbe0e3697@tibby.hu> Message-ID: <50A26584.7030908@es2eng.com> On 11/13/2012 07:44 AM, tibby at tibby.hu wrote: > But on Iphone, when I add a mail user, got the mailbox synced with IMAP > I can see the INBOX, but when I delete a message, get this error: > "Unable to Move Message The message could not be moved to the mailbox > Trash." Do you have a mailbox named Trash? Do the other clients move the message to Trash as well? From tom at whyscream.net Tue Nov 13 17:30:04 2012 From: tom at whyscream.net (Tom Hendrikx) Date: Tue, 13 Nov 2012 16:30:04 +0100 Subject: [Dovecot] IPhone wont delete IMAP messages from dovecot mailbox In-Reply-To: <50A26584.7030908@es2eng.com> References: <3d72996f8a91b2a663c0713fbe0e3697@tibby.hu> <50A26584.7030908@es2eng.com> Message-ID: <50A2677C.4060808@whyscream.net> On 11/13/12 4:21 PM, Willie Gillespie wrote: > On 11/13/2012 07:44 AM, tibby at tibby.hu wrote: >> But on Iphone, when I add a mail user, got the mailbox synced with IMAP >> I can see the INBOX, but when I delete a message, get this error: >> "Unable to Move Message The message could not be moved to the mailbox >> Trash." > > Do you have a mailbox named Trash? Do the other clients move the > message to Trash as well? In stead of sending us the message from the iPhone, tell us what dovecot puts in its logfile when you try this. -- Tom From tibby at tibby.hu Tue Nov 13 18:09:19 2012 From: tibby at tibby.hu (tibby at tibby.hu) Date: Tue, 13 Nov 2012 17:09:19 +0100 Subject: [Dovecot] IPhone wont delete IMAP messages from dovecot mailbox In-Reply-To: <50A2677C.4060808@whyscream.net> References: <3d72996f8a91b2a663c0713fbe0e3697@tibby.hu> <50A26584.7030908@es2eng.com> <50A2677C.4060808@whyscream.net> Message-ID: <f970ca8ed9317a52dc814c9c977f6740@tibby.hu> On 2012-11-13 16:30, Tom Hendrikx wrote: > On 11/13/12 4:21 PM, Willie Gillespie wrote: >> On 11/13/2012 07:44 AM, tibby at tibby.hu wrote: >>> But on Iphone, when I add a mail user, got the mailbox synced with >>> IMAP >>> I can see the INBOX, but when I delete a message, get this error: >>> "Unable to Move Message The message could not be moved to the >>> mailbox >>> Trash." >> >> Do you have a mailbox named Trash? Do the other clients move the >> message to Trash as well? > > In stead of sending us the message from the iPhone, tell us what > dovecot > puts in its logfile when you try this. > > -- > Tom This is the output of ls inside of the maildir: # ll total 120K 4.0K drwx------ 10 vmail 4.0K Nov 13 17:06 . 4.0K drwx------ 3 vmail 4.0K Nov 12 18:38 .. 4.0K drwx------ 2 vmail 4.0K Nov 13 16:58 cur 4.0K drwx------ 5 vmail 4.0K Nov 13 15:49 .Deleted Messages 4.0K -rw------- 1 vmail 736 Nov 13 16:53 dovecot.index 28K -rw------- 1 vmail 27K Nov 13 16:58 dovecot.index.cache 24K -rw------- 1 vmail 17K Nov 13 16:59 dovecot.index.log 4.0K -rw------- 1 vmail 180 Nov 13 16:53 dovecot.index.thread 4.0K -rw------- 1 vmail 25 Nov 12 23:26 dovecot-keywords 4.0K -rw------- 1 vmail 48 Nov 13 16:58 dovecot-quota 4.0K -rw------- 1 vmail 468 Nov 13 16:37 dovecot-uidlist 4.0K -rw------- 1 vmail 8 Nov 13 15:47 dovecot-uidvalidity 0 -rw------- 1 vmail 0 Nov 10 12:57 dovecot-uidvalidity.509e4145 4.0K drwx------ 5 vmail 4.0K Nov 13 15:44 .Drafts 4.0K drwx------ 2 vmail 4.0K Nov 13 16:53 new 4.0K drwx------ 5 vmail 4.0K Nov 13 15:47 .Notes 4.0K drwx------ 5 vmail 4.0K Nov 13 17:02 .Sent 4.0K -rw------- 1 vmail 41 Nov 13 15:47 subscriptions 4.0K drwx------ 2 vmail 4.0K Nov 13 16:37 tmp 4.0K drwx------ 5 vmail 4.0K Nov 13 17:02 .Trash The log Doesnt shows anything regarding the error on the phone. From tibby at tibby.hu Tue Nov 13 18:20:47 2012 From: tibby at tibby.hu (tibby at tibby.hu) Date: Tue, 13 Nov 2012 17:20:47 +0100 Subject: [Dovecot] IPhone wont delete IMAP messages from dovecot mailbox In-Reply-To: <f970ca8ed9317a52dc814c9c977f6740@tibby.hu> References: <3d72996f8a91b2a663c0713fbe0e3697@tibby.hu> <50A26584.7030908@es2eng.com> <50A2677C.4060808@whyscream.net> <f970ca8ed9317a52dc814c9c977f6740@tibby.hu> Message-ID: <27c6781ea65c978ef8b57dd7a54b8ac5@tibby.hu> On 2012-11-13 17:09, tibby at tibby.hu wrote: > On 2012-11-13 16:30, Tom Hendrikx wrote: >> On 11/13/12 4:21 PM, Willie Gillespie wrote: >>> On 11/13/2012 07:44 AM, tibby at tibby.hu wrote: >>>> But on Iphone, when I add a mail user, got the mailbox synced with >>>> IMAP >>>> I can see the INBOX, but when I delete a message, get this error: >>>> "Unable to Move Message The message could not be moved to the >>>> mailbox >>>> Trash." >>> >>> Do you have a mailbox named Trash? Do the other clients move the >>> message to Trash as well? >> >> In stead of sending us the message from the iPhone, tell us what >> dovecot >> puts in its logfile when you try this. >> >> -- >> Tom > > This is the output of ls inside of the maildir: > > # ll > total 120K > 4.0K drwx------ 10 vmail 4.0K Nov 13 17:06 . > 4.0K drwx------ 3 vmail 4.0K Nov 12 18:38 .. > 4.0K drwx------ 2 vmail 4.0K Nov 13 16:58 cur > 4.0K drwx------ 5 vmail 4.0K Nov 13 15:49 .Deleted Messages > 4.0K -rw------- 1 vmail 736 Nov 13 16:53 dovecot.index > 28K -rw------- 1 vmail 27K Nov 13 16:58 dovecot.index.cache > 24K -rw------- 1 vmail 17K Nov 13 16:59 dovecot.index.log > 4.0K -rw------- 1 vmail 180 Nov 13 16:53 dovecot.index.thread > 4.0K -rw------- 1 vmail 25 Nov 12 23:26 dovecot-keywords > 4.0K -rw------- 1 vmail 48 Nov 13 16:58 dovecot-quota > 4.0K -rw------- 1 vmail 468 Nov 13 16:37 dovecot-uidlist > 4.0K -rw------- 1 vmail 8 Nov 13 15:47 dovecot-uidvalidity > 0 -rw------- 1 vmail 0 Nov 10 12:57 > dovecot-uidvalidity.509e4145 > 4.0K drwx------ 5 vmail 4.0K Nov 13 15:44 .Drafts > 4.0K drwx------ 2 vmail 4.0K Nov 13 16:53 new > 4.0K drwx------ 5 vmail 4.0K Nov 13 15:47 .Notes > 4.0K drwx------ 5 vmail 4.0K Nov 13 17:02 .Sent > 4.0K -rw------- 1 vmail 41 Nov 13 15:47 subscriptions > 4.0K drwx------ 2 vmail 4.0K Nov 13 16:37 tmp > 4.0K drwx------ 5 vmail 4.0K Nov 13 17:02 .Trash > > The log Doesnt shows anything regarding the error on the phone. I have got dovecot logging in Debug mode. The only problems I see: autocreate: No namespace found for Trash autocreate: No namespace found for Spam autocreate: No namespace found for Sent autocreate: No namespace found for Trash autocreate: No namespace found for Spam autocreate: No namespace found for Sent in the config file I have: plugin { autocreate = Trash autocreate2 = Spam autocreate3 = Sent autosubscribe = Trash autosubscribe2 = Spam autosubscribe3 = Sent } Something is wrong here... From symbiat at gmail.com Tue Nov 13 18:28:05 2012 From: symbiat at gmail.com (Ajai Khattri) Date: Tue, 13 Nov 2012 11:28:05 -0500 Subject: [Dovecot] Dovecot newbie (migrating from qmail) In-Reply-To: <50A1F10F.9090204@skye.it> References: <CA+7x2W-yQ-XvjNardvhvwS_T+y+jbCVvwM=Gn=xsRbcgypf4JA@mail.gmail.com> <50A1F10F.9090204@skye.it> Message-ID: <CA+7x2W_cSQobKxEPARvvBpEr0S+R4RTthkc6A_NKUbctzW4Hig@mail.gmail.com> On Tue, Nov 13, 2012 at 2:04 AM, Alessio Cecchi <alessio at skye.it> wrote: > Maildir/ will automatically created when the first email arrives or during > the first user login. It would be better if you create the folder during > the creation of the users. Does Dovecot provide a utility to create maildirs? -- Aj. From alessio at skye.it Tue Nov 13 18:30:45 2012 From: alessio at skye.it (Alessio Cecchi) Date: Tue, 13 Nov 2012 17:30:45 +0100 Subject: [Dovecot] Dovecot newbie (migrating from qmail) In-Reply-To: <CA+7x2W_cSQobKxEPARvvBpEr0S+R4RTthkc6A_NKUbctzW4Hig@mail.gmail.com> References: <CA+7x2W-yQ-XvjNardvhvwS_T+y+jbCVvwM=Gn=xsRbcgypf4JA@mail.gmail.com> <50A1F10F.9090204@skye.it> <CA+7x2W_cSQobKxEPARvvBpEr0S+R4RTthkc6A_NKUbctzW4Hig@mail.gmail.com> Message-ID: <50A275B5.3030503@skye.it> Il 13/11/2012 17:28, Ajai Khattri ha scritto: > On Tue, Nov 13, 2012 at 2:04 AM, Alessio Cecchi <alessio at skye.it> wrote: > > >> Maildir/ will automatically created when the first email arrives or during >> the first user login. It would be better if you create the folder during >> the creation of the users. > > Does Dovecot provide a utility to create maildirs? > Yes, "maildirmake" -- Alessio Cecchi is: @ ILS -> http://www.linux.it/~alessice/ on LinkedIn -> http://www.linkedin.com/in/alessice Assistenza Sistemi GNU/Linux -> http://www.cecchi.biz/ @ PLUG -> ex-Presidente, adesso senatore a vita, http://www.prato.linux.it From ben at morrow.me.uk Tue Nov 13 19:51:50 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Tue, 13 Nov 2012 17:51:50 +0000 Subject: [Dovecot] multiple users to same e-mail account with ldap authentication In-Reply-To: <CA+-Sp6mRy_p=_g+uRKa+-BUgNC3acFoGafzH5kQduQCPsyA_VA@mail.gmail.com> References: <CA+-Sp6nBFStLsLvxXz4uybAksN8scY=9SqF+RkbEz_v385Bh8w@mail.gmail.com> <50A231AD.6050308@sys4.de> <CA+-Sp6mRy_p=_g+uRKa+-BUgNC3acFoGafzH5kQduQCPsyA_VA@mail.gmail.com> Message-ID: <20121113175149.GA94077@anubis.morrow.me.uk> At 2PM +0100 on 13/11/12 you (Marco Gatti) wrote: > 2012/11/13 Robert Schetterer <rs at sys4.de>: > > Am 13.11.2012 11:35, schrieb Marco Gatti: > >> Hi, I was looking for a particular case of dovecot configuration I > >> cannot find anywhere. > >> Is there a way dovecot can authenticate via ldap different windows > >> 2008 AD users that have access to the same e-mail account (like user > >> authorization in ms exchange)? > >> For example I want to extend AD schema to let users have 10 email > >> accounts (with multiple domain support). If they are private accounts > >> I think there is no problem at all. But if I want two or more users to > >> access the same mail account what happens? Can I do it with dovecot? > >> Or should I create AD groups and add members to that, to let user > >> access the same mail account? <snip> > I'll try to give more details. > I have to build a multiple domain mail server with the use of windows > AD authentication. > I've managed to add some extra filed in the AD schema like this: > > mail1: account1 at example1.com > box1: /example1.com/account1/ > enabled1: TRUE > quota1: 1000000 > > mail2: account2 at example2.com > box2: /example2.com/account2/ > enabled2: TRUE > quota2: 1000000 This isn't a good schema to use for this. The mail1, mail2 &c attributes represent the same property of different addresses, so they should be the same attribute on different objects. I don't know much about AD's LDAP server, is it straightforward to create brand new objectclasses? If I were doing this in an ordinary LDAP server I might create a class of objects which looked like mailboxAddr: account1 at example1.com mailboxLocation: /example1/account1 mailboxEnabled: TRUE mailboxQuota: 1000000 with mailboxAddr as the RDN, and then give each user a multi-valued mailbox attribute with the addresses that user has access to. > There could be 10 or 50 of them for each AD user. > If I use NTLM or PAM authentication (after joining the AD) I have to > use AD usernames to login with dovecot and I don't know how then to > deal with different email addresses configured per user. > If I use LDAP lookup I have to use the email address as username but > then if different AD users have to access the same email account how > dovecot can manage it??? If you want the user to be able to log in and see just one address at a time you have to have the user tell dovecot which user and which address they want when they log in. Since (usually) the only fields you have are 'user' and 'password', they will need to stuff both components into the user field somehow; perhaps by logging on with a user name of user at domain.ad!account1 at example.com You would then need (probably) to write a checkpassword userdb script to split this into username and account name, verify the user is authorized for the account, look up the mailbox location using the account name, and pass the username back to be checked against the password. So, it could be done, but it would be messy and users would get it wrong all the time. Alternatively, you could have the user log in with their ordinary AD account name, and then present them with *all* the email accounts they have access to, as separate (trees of) folders. You can do this with a post-login script which sets up a namespace for each account: see the example at the bottom of http://wiki2.dovecot.org/PostLoginScripting for something vaguely similar. You would need to use Net::LDAP (or some equivalent in some other language) to look up the user's accounts in the AD, and then create the relevant environment variables. (I'm not sure what to do about INBOX in a setup like this: I don't think you're allowed to *not* have an INBOX. Probably each user should have one 'canonical' private account, which contains their IMAP INBOX. If you didn't want to do this I expect you could set up a default namespace which is read-only, with just an empty INBOX in it.) If you want to try this, and you're having trouble getting the scripting right, I'd be happy to help you through it if you can post enough information about the LDAP schema you eventually decide on. Ben From wgillespie+dovecot at es2eng.com Tue Nov 13 19:59:22 2012 From: wgillespie+dovecot at es2eng.com (Willie Gillespie) Date: Tue, 13 Nov 2012 10:59:22 -0700 Subject: [Dovecot] multiple users to same e-mail account with ldap authentication In-Reply-To: <CA+-Sp6nBFStLsLvxXz4uybAksN8scY=9SqF+RkbEz_v385Bh8w@mail.gmail.com> References: <CA+-Sp6nBFStLsLvxXz4uybAksN8scY=9SqF+RkbEz_v385Bh8w@mail.gmail.com> Message-ID: <50A28A7A.90105@es2eng.com> On 11/13/2012 03:35 AM, Marco Gatti wrote: > Is there a way dovecot can authenticate via ldap different windows > 2008 AD users that have access to the same e-mail account (like user > authorization in ms exchange)? Symlinks on the Dovecot maildirs? You'd have to read up on the caveats of that: http://wiki.dovecot.org/SharedMailboxes/Symlinks From user+dovecot at localhost.localdomain.org Tue Nov 13 20:26:17 2012 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Tue, 13 Nov 2012 19:26:17 +0100 Subject: [Dovecot] Dovecot newbie (migrating from qmail) In-Reply-To: <CA+7x2W_cSQobKxEPARvvBpEr0S+R4RTthkc6A_NKUbctzW4Hig@mail.gmail.com> References: <CA+7x2W-yQ-XvjNardvhvwS_T+y+jbCVvwM=Gn=xsRbcgypf4JA@mail.gmail.com> <50A1F10F.9090204@skye.it> <CA+7x2W_cSQobKxEPARvvBpEr0S+R4RTthkc6A_NKUbctzW4Hig@mail.gmail.com> Message-ID: <50A290C9.9010809@localhost.localdomain.org> On 11/13/2012 05:28 PM Ajai Khattri wrote: > > Does Dovecot provide a utility to create maildirs? http://wiki2.dovecot.org/Tools/Doveadm/Mailbox#command_mailbox_create doveadm <http://wiki2.dovecot.org/Tools/Doveadm> will be your friend. Regards, Pascal -- The trapper recommends today: deadbeef.1231819 at localdomain.org From marco.gatti at gmail.com Wed Nov 14 10:55:59 2012 From: marco.gatti at gmail.com (Marco Gatti) Date: Wed, 14 Nov 2012 09:55:59 +0100 Subject: [Dovecot] multiple users to same e-mail account with ldap authentication In-Reply-To: <50A26403.3020200@sys4.de> References: <CA+-Sp6nBFStLsLvxXz4uybAksN8scY=9SqF+RkbEz_v385Bh8w@mail.gmail.com> <50A231AD.6050308@sys4.de> <CA+-Sp6mRy_p=_g+uRKa+-BUgNC3acFoGafzH5kQduQCPsyA_VA@mail.gmail.com> <50A26403.3020200@sys4.de> Message-ID: <CA+-Sp6nvGgbg5JbpZwOxm9=e+w8NfoJg06ujf6P0Lnb7SAWj-g@mail.gmail.com> 2012/11/13 Robert Schetterer <rs at sys4.de>: > Am 13.11.2012 14:56, schrieb Marco Gatti: >> 2012/11/13 Robert Schetterer <rs at sys4.de>: >>> Am 13.11.2012 11:35, schrieb Marco Gatti: >>>> Hi, I was looking for a particular case of dovecot configuration I >>>> cannot find anywhere. >>>> Is there a way dovecot can authenticate via ldap different windows >>>> 2008 AD users that have access to the same e-mail account (like user >>>> authorization in ms exchange)? >>>> For example I want to extend AD schema to let users have 10 email >>>> accounts (with multiple domain support). If they are private accounts >>>> I think there is no problem at all. But if I want two or more users to >>>> access the same mail account what happens? Can I do it with dovecot? >>>> Or should I create AD groups and add members to that, to let user >>>> access the same mail account? >>>> Cheers >>>> >>> >>> there may more ways to goal this, for short looking one, way is >>> described here >>> >>> http://wiki2.dovecot.org/HowTo/ActiveDirectoryNtlm >>> >>> using ldap might be better >>> >>> look i.e >>> >>> http://blog.al-shami.net/2008/05/freebsd-postfix-dovecot-and-active-directory/ >>> http://www.howtoforge.com/postfix-dovecot-authentication-against-active-directory-on-centos-5.x >>> >>> >>> for ideas >>> >>> Best Regards >>> MfG Robert Schetterer >>> >>> -- >>> [*] sys4 AG >>> >>> http://sys4.de, +49 (89) 30 90 46 64 >>> Franziskanerstra?e 15, 81669 M?nchen >>> >>> Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 >>> Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer >>> Aufsichtsratsvorsitzender: Joerg Heidrich >> >> >> Thank you Robert for the quick reply. >> I'm aware of the links you sent me, however they don't give me a clue >> if what I was asking may me done. >> I'll try to give more details. >> I have to build a multiple domain mail server with the use of windows >> AD authentication. >> I've managed to add some extra filed in the AD schema like this: >> >> mail1: account1 at example1.com >> box1: /example1.com/account1/ >> enabled1: TRUE >> quota1: 1000000 >> >> mail2: account2 at example2.com >> box2: /example2.com/account2/ >> enabled2: TRUE >> quota2: 1000000 >> >> There could be 10 or 50 of them for each AD user. >> If I use NTLM or PAM authentication (after joining the AD) I have to >> use AD usernames to login with dovecot and I don't know how then to >> deal with different email addresses configured per user. >> If I use LDAP lookup I have to use the email address as username but >> then if different AD users have to access the same email account how >> dovecot can manage it??? >> For example the LDAP configuration for user and password lookup may be >> something like this: >> >> user_attrs = sAMAccountName=mail=maildir:/var/mail/%d/%n,=uid=102,=gid=10050 >> user_filter = (&(objectClass=person)(|(&(mail1=%u)(enabled1=TRUE)) >> (&(mail2=%u)(enabled2=TRUE)))) >> pass_attrs = userPassword=password >> pass_filter = (&(objectClass=person)(|(&(mail1=%u)(enabled1=TRUE)) >> (&(mail2=%u)(enabled2=TRUE)))) >> >> I think I may be missing something important in how dovecot works, but >> cannot find any documentation about it. >> Regards >> > > hm thats complex, however i would not > recommand trying change exchange/active dir schemas > however the only reason i can think of for what you want is using > dovecot as proxy? > > so what about this ? > > http://wiki2.dovecot.org/HowTo/ImapcProxy > http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy > http://wiki2.dovecot.org/Director Hmm I don't know honestly. I'll give it a try. -- Marco From marco.gatti at gmail.com Wed Nov 14 11:07:47 2012 From: marco.gatti at gmail.com (Marco Gatti) Date: Wed, 14 Nov 2012 10:07:47 +0100 Subject: [Dovecot] multiple users to same e-mail account with ldap authentication In-Reply-To: <20121113175149.GA94077@anubis.morrow.me.uk> References: <CA+-Sp6nBFStLsLvxXz4uybAksN8scY=9SqF+RkbEz_v385Bh8w@mail.gmail.com> <50A231AD.6050308@sys4.de> <CA+-Sp6mRy_p=_g+uRKa+-BUgNC3acFoGafzH5kQduQCPsyA_VA@mail.gmail.com> <20121113175149.GA94077@anubis.morrow.me.uk> Message-ID: <CA+-Sp6nx+e=kB+TY-J2u0xYpRJUfdiSy+OdCcf4PGuuLHj1Jfg@mail.gmail.com> 2012/11/13 Ben Morrow <ben at morrow.me.uk>: > At 2PM +0100 on 13/11/12 you (Marco Gatti) wrote: >> 2012/11/13 Robert Schetterer <rs at sys4.de>: >> > Am 13.11.2012 11:35, schrieb Marco Gatti: >> >> Hi, I was looking for a particular case of dovecot configuration I >> >> cannot find anywhere. >> >> Is there a way dovecot can authenticate via ldap different windows >> >> 2008 AD users that have access to the same e-mail account (like user >> >> authorization in ms exchange)? >> >> For example I want to extend AD schema to let users have 10 email >> >> accounts (with multiple domain support). If they are private accounts >> >> I think there is no problem at all. But if I want two or more users to >> >> access the same mail account what happens? Can I do it with dovecot? >> >> Or should I create AD groups and add members to that, to let user >> >> access the same mail account? > <snip> >> I'll try to give more details. >> I have to build a multiple domain mail server with the use of windows >> AD authentication. >> I've managed to add some extra filed in the AD schema like this: >> >> mail1: account1 at example1.com >> box1: /example1.com/account1/ >> enabled1: TRUE >> quota1: 1000000 >> >> mail2: account2 at example2.com >> box2: /example2.com/account2/ >> enabled2: TRUE >> quota2: 1000000 > > This isn't a good schema to use for this. The mail1, mail2 &c attributes > represent the same property of different addresses, so they should be > the same attribute on different objects. > > I don't know much about AD's LDAP server, is it straightforward to > create brand new objectclasses? If I were doing this in an ordinary LDAP > server I might create a class of objects which looked like > > mailboxAddr: account1 at example1.com > mailboxLocation: /example1/account1 > mailboxEnabled: TRUE > mailboxQuota: 1000000 > > with mailboxAddr as the RDN, and then give each user a multi-valued > mailbox attribute with the addresses that user has access to. You mean multi-valued mailboxAddr, mailboxLocation, and so on? How can I extract a single one and be sure it's correct? >> There could be 10 or 50 of them for each AD user. >> If I use NTLM or PAM authentication (after joining the AD) I have to >> use AD usernames to login with dovecot and I don't know how then to >> deal with different email addresses configured per user. >> If I use LDAP lookup I have to use the email address as username but >> then if different AD users have to access the same email account how >> dovecot can manage it??? > > If you want the user to be able to log in and see just one address at a > time you have to have the user tell dovecot which user and which address > they want when they log in. Since (usually) the only fields you have are > 'user' and 'password', they will need to stuff both components into the > user field somehow; perhaps by logging on with a user name of > > user at domain.ad!account1 at example.com > > You would then need (probably) to write a checkpassword userdb script to > split this into username and account name, verify the user is authorized > for the account, look up the mailbox location using the account name, > and pass the username back to be checked against the password. So, it > could be done, but it would be messy and users would get it wrong all > the time. Since users don't configure mail clients on their own it could be a solution! > Alternatively, you could have the user log in with their ordinary AD > account name, and then present them with *all* the email accounts they > have access to, as separate (trees of) folders. You can do this with a > post-login script which sets up a namespace for each account: see the > example at the bottom of http://wiki2.dovecot.org/PostLoginScripting for > something vaguely similar. You would need to use Net::LDAP (or some > equivalent in some other language) to look up the user's accounts in the > AD, and then create the relevant environment variables. > > (I'm not sure what to do about INBOX in a setup like this: I don't think > you're allowed to *not* have an INBOX. Probably each user should have > one 'canonical' private account, which contains their IMAP INBOX. If you > didn't want to do this I expect you could set up a default namespace > which is read-only, with just an empty INBOX in it.) > > If you want to try this, and you're having trouble getting the scripting > right, I'd be happy to help you through it if you can post enough > information about the LDAP schema you eventually decide on. > > Ben > All accounts in a tree sounds bad since users won't clearly understand which is which. Thank you Ben! -- Marco From marco.gatti at gmail.com Wed Nov 14 11:15:28 2012 From: marco.gatti at gmail.com (Marco Gatti) Date: Wed, 14 Nov 2012 10:15:28 +0100 Subject: [Dovecot] multiple users to same e-mail account with ldap authentication In-Reply-To: <50A28A7A.90105@es2eng.com> References: <CA+-Sp6nBFStLsLvxXz4uybAksN8scY=9SqF+RkbEz_v385Bh8w@mail.gmail.com> <50A28A7A.90105@es2eng.com> Message-ID: <CA+-Sp6mU5keDKTpG0d89kfhjNzSuT_oS1xeZvDy-M7DXnRm3Cg@mail.gmail.com> 2012/11/13 Willie Gillespie <wgillespie+dovecot at es2eng.com>: > On 11/13/2012 03:35 AM, Marco Gatti wrote: >> >> Is there a way dovecot can authenticate via ldap different windows >> 2008 AD users that have access to the same e-mail account (like user >> authorization in ms exchange)? > > > Symlinks on the Dovecot maildirs? You'd have to read up on the caveats of > that: http://wiki.dovecot.org/SharedMailboxes/Symlinks I would like to keep the configuration of new accounts on the Windows AD only and not to deal with links every time. But the problem I have is at authentication time: avoiding the "matched multiple objects" or a general authentication failure. Cheers -- Marco From lukashaase at gmx.at Wed Nov 14 11:45:17 2012 From: lukashaase at gmx.at (Lukas Haase) Date: Wed, 14 Nov 2012 01:45:17 -0800 Subject: [Dovecot] dovecot lost mail! Cause? In-Reply-To: <20121113091826.GS36787@fanty-a.tf.uni-kiel.de> References: <k7qedh$kg$1@ger.gmane.org> <alpine.DEB.1.10.1211121018330.10160@pc-2m63a.inf.fh-bonn-rhein-sieg.de> <k7qge4$g5r$1@ger.gmane.org> <20121113091826.GS36787@fanty-a.tf.uni-kiel.de> Message-ID: <k7vp7c$e26$1@ger.gmane.org> On 11/13/2012 1:18 AM, Michael Firnau wrote: > On Mon, Nov 12, 2012 at 01:44:37AM -0800, Lukas Haase wrote: >> Hi, >> >> On 11/12/2012 1:19 AM, Steffen Kaiser wrote: >>> On Mon, 12 Nov 2012, Lukas Haase wrote: >>> >>>> Nov 12 07:28:21 mail dovecot: deliver(user2): sieve: >>>> msgid=<8644593.887351352701685934.JavaMail.orbitz>: stored mail into >>>> mailbox 'INBOX' >>> >>> are there any other log lines of user2? >> >> Anfortunately not :-( Grepped everything, and I would have posted otherwise. >> >> My hope is that the dovecot.index.cache may provide some insights (I >> made a backup copy of it). > > Hi, > > yesterday i had a user missing mail and he had the junk-filter > in thunderbird activated. The mail was automagically moved from > the inbox to the spam folder. From the header i see you use thunderbird, > so it's a shot in the dark ... Hmm, yes, but even in that case, the mail would have been moved to the Spam folder in the account (i.e., on the IMAP server) and I would have found it when grepping over anything. Thanks, Luke From burak4burak at msn.com Wed Nov 14 12:03:53 2012 From: burak4burak at msn.com (=?windows-1254?B?YnVyYWsgZ/xyZXI=?=) Date: Wed, 14 Nov 2012 12:03:53 +0200 Subject: [Dovecot] auth attempts errors Message-ID: <SNT002-W148D74260FC1A9246065436F1530@phx.gbl> i have install 2.1.1 and configured in dovecot log this error is coming every 20 seconds: dovecot: imap-login: Disconnected (no auth attempts in 0 secs): rip=**********, lip=**********, TLS handshaking: SSL_accept() syscall failed: Connection reset by peer and this error every 2 seconds: dovecot: imap-login: Disconnected (no auth attempts in 0 secs): rip=**********, lip=********** what can be the problem? thanks.. From r.zimmermann at siegnetz.de Wed Nov 14 12:29:16 2012 From: r.zimmermann at siegnetz.de (Ralf Zimmermann) Date: Wed, 14 Nov 2012 11:29:16 +0100 Subject: [Dovecot] Dovecot 2.1.10 Message-ID: <50A3727C.8040107@siegnetz.de> Hi all, I've a problem with dovecot-2.1.10. At time we use dovecot-1.2 without zlib. We setup a new server with dovecot 2.1.10. After syncing the emails everything looks fine. But if we use zlib plugin all new emails have no content. There are a lot of "Error: Maildir filename has wrong S value" log entrys. So we have compiled dovecot-2.0.18 and we use exactly the same configuration. Everything works. What can be our problem with version 2.1.10? Greets Ralf From rs at sys4.de Wed Nov 14 12:35:55 2012 From: rs at sys4.de (Robert Schetterer) Date: Wed, 14 Nov 2012 11:35:55 +0100 Subject: [Dovecot] Dovecot 2.1.10 In-Reply-To: <50A3727C.8040107@siegnetz.de> References: <50A3727C.8040107@siegnetz.de> Message-ID: <50A3740B.3030107@sys4.de> Am 14.11.2012 11:29, schrieb Ralf Zimmermann: > Hi all, > > I've a problem with dovecot-2.1.10. At time we use dovecot-1.2 without > zlib. We setup a new server with dovecot 2.1.10. After syncing the > emails everything looks fine. But if we use zlib plugin all new emails > have no content. > > There are a lot of "Error: Maildir filename has wrong S value" log entrys. > > So we have compiled dovecot-2.0.18 and we use exactly the same > configuration. Everything works. > > What can be our problem with version 2.1.10? > > Greets > > Ralf > how did you synced ? ? look list archives, this may happen at migration to 2.1 before this failure was ignored as far i remember there are scripts to fix broken mailboxes but i you do all brand new, you should try resync better Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From rs at sys4.de Wed Nov 14 12:37:29 2012 From: rs at sys4.de (Robert Schetterer) Date: Wed, 14 Nov 2012 11:37:29 +0100 Subject: [Dovecot] Dovecot 2.1.10 In-Reply-To: <50A3727C.8040107@siegnetz.de> References: <50A3727C.8040107@siegnetz.de> Message-ID: <50A37469.9070503@sys4.de> Am 14.11.2012 11:29, schrieb Ralf Zimmermann: > Maildir filename has wrong S value try set maildir_broken_filename_sizes=yes Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From CMarcus at Media-Brokers.com Wed Nov 14 13:34:39 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 14 Nov 2012 06:34:39 -0500 Subject: [Dovecot] auth attempts errors In-Reply-To: <SNT002-W148D74260FC1A9246065436F1530@phx.gbl> References: <SNT002-W148D74260FC1A9246065436F1530@phx.gbl> Message-ID: <50A381CF.6090209@Media-Brokers.com> On 2012-11-14 5:03 AM, burak g?rer <burak4burak at msn.com> wrote: > i have install 2.1.1 and configured Hopefully you meant 2.1.10? 2.1.1 is old/buggy... > in dovecot log this error is coming every 20 seconds: > > dovecot: imap-login: Disconnected (no auth attempts in 0 secs): rip=**********, lip=**********, TLS handshaking: SSL_accept() syscall failed: Connection reset by peer Looks like your SSL is broken... -- Best regards, Charles From alessio at skye.it Wed Nov 14 15:08:11 2012 From: alessio at skye.it (Alessio Cecchi) Date: Wed, 14 Nov 2012 14:08:11 +0100 Subject: [Dovecot] Dovecot 2.1.10 In-Reply-To: <50A3740B.3030107@sys4.de> References: <50A3727C.8040107@siegnetz.de> <50A3740B.3030107@sys4.de> Message-ID: <50A397BB.6060108@skye.it> Il 14/11/2012 11:35, Robert Schetterer ha scritto: > Am 14.11.2012 11:29, schrieb Ralf Zimmermann: >> Hi all, >> >> I've a problem with dovecot-2.1.10. At time we use dovecot-1.2 without >> zlib. We setup a new server with dovecot 2.1.10. After syncing the >> emails everything looks fine. But if we use zlib plugin all new emails >> have no content. >> >> There are a lot of "Error: Maildir filename has wrong S value" log entrys. >> >> So we have compiled dovecot-2.0.18 and we use exactly the same >> configuration. Everything works. >> >> What can be our problem with version 2.1.10? >> >> Greets >> >> Ralf >> > how did you synced ? ? > > look list archives, this may happen at migration to 2.1 > before this failure was ignored as far i remember > there are scripts to fix broken mailboxes > but i you do all brand new, you should try resync better Hi, with this command you can fix the problem of the wrong value doveadm fetch -u user at domains.com text all > /dev/null but I'm using dovecot 2.1.10 with zlib and, though I have those errors in the logs, users have no problem. Ciao -- Alessio Cecchi is: @ ILS -> http://www.linux.it/~alessice/ on LinkedIn -> http://www.linkedin.com/in/alessice Assistenza Sistemi GNU/Linux -> http://www.cecchi.biz/ @ PLUG -> ex-Presidente, adesso senatore a vita, http://www.prato.linux.it From hakon at alstadheim.priv.no Wed Nov 14 15:59:13 2012 From: hakon at alstadheim.priv.no (=?UTF-8?B?SMOla29uIEFsc3RhZGhlaW0=?=) Date: Wed, 14 Nov 2012 14:59:13 +0100 Subject: [Dovecot] IPhone wont delete IMAP messages from dovecot mailbox In-Reply-To: <3d72996f8a91b2a663c0713fbe0e3697@tibby.hu> References: <3d72996f8a91b2a663c0713fbe0e3697@tibby.hu> Message-ID: <50A3A3B1.9060406@alstadheim.priv.no> On 13. nov. 2012 15:44, tibby at tibby.hu wrote: > Hello! > I've got dovecot running with postfix. Have virtual users under vmail > folder. > When I connect with outlook, I can read, delete messages. > When I sign on with webmail, also can delete messages, > Mutt is working as well on the mail server, can delete messages. > > Once the message is deleted it moves to the trash. Works as it > supposed to. > > But on Iphone, when I add a mail user, got the mailbox synced with > IMAP I can see the INBOX, but when I delete a message, get this error: > "Unable to Move Message The message could not be moved to the mailbox > Trash." > > http://www.netchimp.co.uk/webdesign/wp-content/uploads/2011/12/iphone_unable_to_move_message.png > > > What causing this problem? > Please Help. > > I've seen this. Fixed it for my device by changing the settings on the Ipad, and then changing them back. Seems the local trash folder is not created automatically on iOS. From r.zimmermann at siegnetz.de Wed Nov 14 16:14:19 2012 From: r.zimmermann at siegnetz.de (Ralf Zimmermann) Date: Wed, 14 Nov 2012 15:14:19 +0100 Subject: [Dovecot] Dovecot 2.1.10 In-Reply-To: <50A3740B.3030107@sys4.de> References: <50A3727C.8040107@siegnetz.de> <50A3740B.3030107@sys4.de> Message-ID: <50A3A73B.2020406@siegnetz.de> We have synced the emails with imapsync. On 11/14/2012 11:35 AM, Robert Schetterer wrote: > Am 14.11.2012 11:29, schrieb Ralf Zimmermann: >> Hi all, >> >> I've a problem with dovecot-2.1.10. At time we use dovecot-1.2 without >> zlib. We setup a new server with dovecot 2.1.10. After syncing the >> emails everything looks fine. But if we use zlib plugin all new emails >> have no content. >> >> There are a lot of "Error: Maildir filename has wrong S value" log entrys. >> >> So we have compiled dovecot-2.0.18 and we use exactly the same >> configuration. Everything works. >> >> What can be our problem with version 2.1.10? >> >> Greets >> >> Ralf >> > > how did you synced ? ? > > look list archives, this may happen at migration to 2.1 > before this failure was ignored as far i remember > there are scripts to fix broken mailboxes > but i you do all brand new, you should try resync better > > Best Regards > MfG Robert Schetterer > Regards Ralf From tibby at tibby.hu Wed Nov 14 16:55:41 2012 From: tibby at tibby.hu (tibby at tibby.hu) Date: Wed, 14 Nov 2012 15:55:41 +0100 Subject: [Dovecot] IPhone wont delete IMAP messages from dovecot mailbox In-Reply-To: <50A3A3B1.9060406@alstadheim.priv.no> References: <3d72996f8a91b2a663c0713fbe0e3697@tibby.hu> <50A3A3B1.9060406@alstadheim.priv.no> Message-ID: <2e09cf570304a31295edf27f940ebf0d@tibby.hu> On 2012-11-14 14:59, H?kon Alstadheim wrote: > On 13. nov. 2012 15:44, tibby at tibby.hu wrote: >> Hello! >> I've got dovecot running with postfix. Have virtual users under >> vmail folder. >> When I connect with outlook, I can read, delete messages. >> When I sign on with webmail, also can delete messages, >> Mutt is working as well on the mail server, can delete messages. >> >> Once the message is deleted it moves to the trash. Works as it >> supposed to. >> >> But on Iphone, when I add a mail user, got the mailbox synced with >> IMAP I can see the INBOX, but when I delete a message, get this error: >> "Unable to Move Message The message could not be moved to the >> mailbox Trash." >> >> >> http://www.netchimp.co.uk/webdesign/wp-content/uploads/2011/12/iphone_unable_to_move_message.png >> >> >> What causing this problem? >> Please Help. >> >> > I've seen this. Fixed it for my device by changing the settings on > the Ipad, and then changing them back. Seems the local trash folder > is > not created automatically on iOS. But I dont want to use the IOS trash folder. I want the phone to use the trash on the mail server. From rs at sys4.de Wed Nov 14 17:08:29 2012 From: rs at sys4.de (Robert Schetterer) Date: Wed, 14 Nov 2012 16:08:29 +0100 Subject: [Dovecot] IPhone wont delete IMAP messages from dovecot mailbox In-Reply-To: <2e09cf570304a31295edf27f940ebf0d@tibby.hu> References: <3d72996f8a91b2a663c0713fbe0e3697@tibby.hu> <50A3A3B1.9060406@alstadheim.priv.no> <2e09cf570304a31295edf27f940ebf0d@tibby.hu> Message-ID: <50A3B3ED.4000902@sys4.de> Am 14.11.2012 15:55, schrieb tibby at tibby.hu: > On 2012-11-14 14:59, H?kon Alstadheim wrote: >> On 13. nov. 2012 15:44, tibby at tibby.hu wrote: >>> Hello! >>> I've got dovecot running with postfix. Have virtual users under vmail >>> folder. >>> When I connect with outlook, I can read, delete messages. >>> When I sign on with webmail, also can delete messages, >>> Mutt is working as well on the mail server, can delete messages. >>> >>> Once the message is deleted it moves to the trash. Works as it >>> supposed to. >>> >>> But on Iphone, when I add a mail user, got the mailbox synced with >>> IMAP I can see the INBOX, but when I delete a message, get this error: >>> "Unable to Move Message The message could not be moved to the mailbox >>> Trash." >>> >>> >>> http://www.netchimp.co.uk/webdesign/wp-content/uploads/2011/12/iphone_unable_to_move_message.png >>> >>> >>> >>> What causing this problem? >>> Please Help. >>> >>> >> I've seen this. Fixed it for my device by changing the settings on >> the Ipad, and then changing them back. Seems the local trash folder is >> not created automatically on iOS. > > But I dont want to use the IOS trash folder. I want the phone to use the > trash on the mail server. > looks like iphone is special ( why i dont wonder... ) http://support.ecenica.com/email/troubleshooting-draft-trash-folders-iphone/ some config may also conflict with "archive" settings on iphone, as ever ,behave may also different in different versions, at all ,nothing direct dovecot related , i am not up2date with apple stuff , isnt there a better imap mail client in there app store ? Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From tibby at tibby.hu Wed Nov 14 17:16:20 2012 From: tibby at tibby.hu (tibby at tibby.hu) Date: Wed, 14 Nov 2012 16:16:20 +0100 Subject: [Dovecot] IPhone wont delete IMAP messages from dovecot mailbox In-Reply-To: <50A3B3ED.4000902@sys4.de> References: <3d72996f8a91b2a663c0713fbe0e3697@tibby.hu> <50A3A3B1.9060406@alstadheim.priv.no> <2e09cf570304a31295edf27f940ebf0d@tibby.hu> <50A3B3ED.4000902@sys4.de> Message-ID: <01da87b3f4a99fc9682a577bbd966dd8@tibby.hu> On 2012-11-14 16:08, Robert Schetterer wrote: > Am 14.11.2012 15:55, schrieb tibby at tibby.hu: >> On 2012-11-14 14:59, H?kon Alstadheim wrote: >>> On 13. nov. 2012 15:44, tibby at tibby.hu wrote: >>>> Hello! >>>> I've got dovecot running with postfix. Have virtual users under >>>> vmail >>>> folder. >>>> When I connect with outlook, I can read, delete messages. >>>> When I sign on with webmail, also can delete messages, >>>> Mutt is working as well on the mail server, can delete messages. >>>> >>>> Once the message is deleted it moves to the trash. Works as it >>>> supposed to. >>>> >>>> But on Iphone, when I add a mail user, got the mailbox synced with >>>> IMAP I can see the INBOX, but when I delete a message, get this >>>> error: >>>> "Unable to Move Message The message could not be moved to the >>>> mailbox >>>> Trash." >>>> >>>> >>>> >>>> http://www.netchimp.co.uk/webdesign/wp-content/uploads/2011/12/iphone_unable_to_move_message.png >>>> >>>> >>>> >>>> What causing this problem? >>>> Please Help. >>>> >>>> >>> I've seen this. Fixed it for my device by changing the settings on >>> the Ipad, and then changing them back. Seems the local trash folder >>> is >>> not created automatically on iOS. >> >> But I dont want to use the IOS trash folder. I want the phone to use >> the >> trash on the mail server. >> > > looks like iphone is special ( why i dont wonder... ) > > > http://support.ecenica.com/email/troubleshooting-draft-trash-folders-iphone/ > > some config may also conflict with "archive" settings on iphone, > as ever ,behave may also different in different versions, > at all ,nothing direct dovecot related , i am not up2date with apple > stuff , isnt there a better imap mail client in there app store ? > > > Best Regards > MfG Robert Schetterer With the iPhone there is this guide. If I set imap prefix path to INBOX from / as it says, then works fine. What do I need to configure to get this working with / by default? I Think this would solve the problem. http://www.netchimp.co.uk/webdesign/iphone-ipad-macbook-mac/iphone-unable-to-move-message-to-trash-imap/ From h.reindl at thelounge.net Wed Nov 14 17:52:53 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Wed, 14 Nov 2012 16:52:53 +0100 Subject: [Dovecot] IPhone wont delete IMAP messages from dovecot mailbox In-Reply-To: <01da87b3f4a99fc9682a577bbd966dd8@tibby.hu> References: <3d72996f8a91b2a663c0713fbe0e3697@tibby.hu> <50A3A3B1.9060406@alstadheim.priv.no> <2e09cf570304a31295edf27f940ebf0d@tibby.hu> <50A3B3ED.4000902@sys4.de> <01da87b3f4a99fc9682a577bbd966dd8@tibby.hu> Message-ID: <50A3BE55.7020801@thelounge.net> Am 14.11.2012 16:16, schrieb tibby at tibby.hu: > With the iPhone there is this guide. > If I set imap prefix path to INBOX from / as it says, then works fine. > What do I need to configure to get this working with / by default? I Think this would solve the problem. > http://www.netchimp.co.uk/webdesign/iphone-ipad-macbook-mac/iphone-unable-to-move-message-to-trash-imap/ you simply need ACTIVLIY to configure ANY mail client using the same account, especially apple Apple Inc. is the only company which manages to have 5 sent folders over a few months because different devices and different software versions are naming them differently and the same for other special folders too and i you have more than one account go get a nex incarnation wit "special (accountname)" they are simply stoo stupid for using english words like "inbox", "sent", "trash" and DISPLAY it localized like thunderbird does since forever if you are using webmail and different clients / operating systems too you have to configure ANY client to the same folders and remove the additional created crap manually this is NOT a problem of the mailserver -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 261 bytes Desc: OpenPGP digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121114/b3a894e6/attachment.bin> From ben at morrow.me.uk Wed Nov 14 19:47:26 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Wed, 14 Nov 2012 17:47:26 +0000 Subject: [Dovecot] multiple users to same e-mail account with ldap authentication In-Reply-To: <CA+-Sp6nx+e=kB+TY-J2u0xYpRJUfdiSy+OdCcf4PGuuLHj1Jfg@mail.gmail.com> References: <CA+-Sp6nBFStLsLvxXz4uybAksN8scY=9SqF+RkbEz_v385Bh8w@mail.gmail.com> <50A231AD.6050308@sys4.de> <CA+-Sp6mRy_p=_g+uRKa+-BUgNC3acFoGafzH5kQduQCPsyA_VA@mail.gmail.com> <20121113175149.GA94077@anubis.morrow.me.uk> <CA+-Sp6nx+e=kB+TY-J2u0xYpRJUfdiSy+OdCcf4PGuuLHj1Jfg@mail.gmail.com> Message-ID: <20121114174726.GC94077@anubis.morrow.me.uk> At 10AM +0100 on 14/11/12 you (Marco Gatti) wrote: > 2012/11/13 Ben Morrow <ben at morrow.me.uk>: > > At 2PM +0100 on 13/11/12 you (Marco Gatti) wrote: > > <snip> > >> I'll try to give more details. > >> I have to build a multiple domain mail server with the use of windows > >> AD authentication. > >> I've managed to add some extra filed in the AD schema like this: > >> > >> mail1: account1 at example1.com > >> box1: /example1.com/account1/ > >> enabled1: TRUE > >> quota1: 1000000 > >> > >> mail2: account2 at example2.com > >> box2: /example2.com/account2/ > >> enabled2: TRUE > >> quota2: 1000000 > > > > This isn't a good schema to use for this. The mail1, mail2 &c attributes > > represent the same property of different addresses, so they should be > > the same attribute on different objects. > > > > I don't know much about AD's LDAP server, is it straightforward to > > create brand new objectclasses? If I were doing this in an ordinary LDAP > > server I might create a class of objects which looked like > > > > mailboxAddr: account1 at example1.com > > mailboxLocation: /example1/account1 > > mailboxEnabled: TRUE > > mailboxQuota: 1000000 > > > > with mailboxAddr as the RDN, and then give each user a multi-valued > > mailbox attribute with the addresses that user has access to. > > You mean multi-valued mailboxAddr, mailboxLocation, and so on? How can > I extract a single one and be sure it's correct? No. I mean you want separate objects for the mail accounts, completely distinct from the user objects (under a different branch of the LDAP tree). Each 'mail account' object has one Addr, one Location and so on. Then, each user who should have access to one of these accounts has a multi-valued 'mailbox' attribute pointing to the mail accounts that user can see. Something like (I don't really know how AD schemas work...) dn: mailboxAddr=account1 at example.com,ou=Mailboxes,dc=example,dc=com mailboxAddr: account1 at example.com mailboxLocation: /example/account1 dn: mailboxAddr=account2 at example.com,ou=Mailboxes,dc=example,dc=com mailboxAddr: account2 at example.com mailboxLocation: /example/account2 dn: sAMAccountName=bob,ou=People,dc=example,dc=com sAMAccountName: bob mailbox: account1 at example.com mailbox: account2 at example.com dn: sAMAccountName=bill,ou=People,dc=example,dc=com sAMAccountName: bill mailbox: account2 at example.com If your 'mail account' attribute is sometimes called 'mail1' and sometimes called 'mail2' how do you expect to search for it? > >> There could be 10 or 50 of them for each AD user. > >> If I use NTLM or PAM authentication (after joining the AD) I have to > >> use AD usernames to login with dovecot and I don't know how then to > >> deal with different email addresses configured per user. > >> If I use LDAP lookup I have to use the email address as username but > >> then if different AD users have to access the same email account how > >> dovecot can manage it??? > > > > If you want the user to be able to log in and see just one address at a > > time you have to have the user tell dovecot which user and which address > > they want when they log in. Since (usually) the only fields you have are > > 'user' and 'password', they will need to stuff both components into the > > user field somehow; perhaps by logging on with a user name of > > > > user at domain.ad!account1 at example.com > > > > You would then need (probably) to write a checkpassword userdb script to > > split this into username and account name, verify the user is authorized > > for the account, look up the mailbox location using the account name, > > and pass the username back to be checked against the password. So, it > > could be done, but it would be messy and users would get it wrong all > > the time. > > Since users don't configure mail clients on their own it could be a solution! If users don't know how to choose which username they are logging in with how will they choose which account they want to look at? I *think* this is simpler than I thought: I think Dovecot's 'master user' stuff will work for this. You need to set up a master user passdb which looks up %u (or %n) as the AD account name and also checks that that user has a 'mailbox' attribute (whatever you decide to call it) of %{login_user}. > > Alternatively, you could have the user log in with their ordinary AD > > account name, and then present them with *all* the email accounts they > > have access to, as separate (trees of) folders. <snip> > All accounts in a tree sounds bad since users won't clearly understand > which is which. OK, if you say so. ISTM that having a number of top-level folders called (e.g.) 'account1 at example.com' with the mail for account1 at example.com in is much easier to deal with than magic usernames, but you know your users. Ben From burak4burak at msn.com Wed Nov 14 20:59:19 2012 From: burak4burak at msn.com (=?windows-1254?B?YnVyYWsgZ/xyZXI=?=) Date: Wed, 14 Nov 2012 20:59:19 +0200 Subject: [Dovecot] auth attempts errors In-Reply-To: <50A381CF.6090209@Media-Brokers.com> References: <SNT002-W148D74260FC1A9246065436F1530@phx.gbl>, <50A381CF.6090209@Media-Brokers.com> Message-ID: <SNT002-W146B40604902A8AB0846C6DF1530@phx.gbl> "broken!" what do you mean > Date: Wed, 14 Nov 2012 06:34:39 -0500 > From: CMarcus at Media-Brokers.com > To: dovecot at dovecot.org > Subject: Re: [Dovecot] auth attempts errors > > On 2012-11-14 5:03 AM, burak g?rer <burak4burak at msn.com> wrote: > > i have install 2.1.1 and configured > > > Hopefully you meant 2.1.10? 2.1.1 is old/buggy... > > > in dovecot log this error is coming every 20 seconds: > > > > dovecot: imap-login: Disconnected (no auth attempts in 0 secs): rip=**********, lip=**********, TLS handshaking: SSL_accept() syscall failed: Connection reset by peer > > Looks like your SSL is broken... > > -- > > Best regards, > > Charles > From CMarcus at Media-Brokers.com Wed Nov 14 21:26:15 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 14 Nov 2012 14:26:15 -0500 Subject: [Dovecot] auth attempts errors In-Reply-To: <SNT002-W146B40604902A8AB0846C6DF1530@phx.gbl> References: <SNT002-W148D74260FC1A9246065436F1530@phx.gbl>, <50A381CF.6090209@Media-Brokers.com> <SNT002-W146B40604902A8AB0846C6DF1530@phx.gbl> Message-ID: <50A3F057.5040908@Media-Brokers.com> Please don't top-post... On 2012-11-14 1:59 PM, burak g?rer <burak4burak at msn.com> wrote: >> Date: Wed, 14 Nov 2012 06:34:39 -0500 >> From: CMarcus at Media-Brokers.com >> To: dovecot at dovecot.org >> Subject: Re: [Dovecot] auth attempts errors >> >> On 2012-11-14 5:03 AM, burak g?rer<burak4burak at msn.com> wrote: >>> in dovecot log this error is coming every 20 seconds: >>> >>> dovecot: imap-login: Disconnected (no auth attempts in 0 secs): rip=**********, lip=**********, TLS handshaking: SSL_accept() syscall failed: Connection reset by peer >> Looks like your SSL is broken... > "broken!" > > what do you mean Look at the error message: "TLS handshaking: SSL_accept() syscall failed:" I'm not an expert, but thats what it looks like to me. -- Best regards, Charles From david at blue-labs.org Thu Nov 15 01:59:57 2012 From: david at blue-labs.org (David Ford) Date: Wed, 14 Nov 2012 18:59:57 -0500 Subject: [Dovecot] auth attempts errors In-Reply-To: <50A3F057.5040908@Media-Brokers.com> References: <SNT002-W148D74260FC1A9246065436F1530@phx.gbl>, <50A381CF.6090209@Media-Brokers.com> <SNT002-W146B40604902A8AB0846C6DF1530@phx.gbl> <50A3F057.5040908@Media-Brokers.com> Message-ID: <50A4307D.9090906@blue-labs.org> please don't bottom post On 11/14/2012 02:26 PM, Charles Marcus wrote: > Please don't top-post... > > On 2012-11-14 1:59 PM, burak g?rer <burak4burak at msn.com> wrote: >>> Date: Wed, 14 Nov 2012 06:34:39 -0500 >>> From: CMarcus at Media-Brokers.com >>> To: dovecot at dovecot.org >>> Subject: Re: [Dovecot] auth attempts errors >>> >>> On 2012-11-14 5:03 AM, burak g?rer<burak4burak at msn.com> wrote: >>>> in dovecot log this error is coming every 20 seconds: >>>> >>>> dovecot: imap-login: Disconnected (no auth attempts in 0 secs): >>>> rip=**********, lip=**********, TLS handshaking: SSL_accept() >>>> syscall failed: Connection reset by peer >>> Looks like your SSL is broken... > >> "broken!" >> >> what do you mean > > Look at the error message: > > "TLS handshaking: SSL_accept() syscall failed:" > > I'm not an expert, but thats what it looks like to me. > > From nick.z.edwards at gmail.com Thu Nov 15 06:55:09 2012 From: nick.z.edwards at gmail.com (Nick Edwards) Date: Thu, 15 Nov 2012 14:55:09 +1000 Subject: [Dovecot] Quotas 2.1clarification Message-ID: <CAMD-=VKpQB1Kk7RuGREOqA5jRhzpt__nTNJQYq-_Ca4zKaXqig@mail.gmail.com> Timo, I have much suspicion that our quota system is not working correctly since we migrate to 2.1 Currently using 2.1.10 Previously we had for issue of warnings quota_warning = storage=90%% /scripts/dqwarn-90.sh quota_warning2 = storage=75%% /scripts/dqwarn-75.sh worked great, these lines also migrated to new conf upon conversion. But quota conf example shows plugin { #quota_warning = storage=95%% quota-warning 95 %u #quota_warning2 = storage=80%% quota-warning 80 %u } # Example quota-warning service. The unix listener's permissions should be # set in a way that mail processes can connect to it. Below example assumes # that mail processes run as vmail user. If you use mode=0666, all system users # can generate quota warnings to anyone. #service quota-warning { # executable = script /usr/local/bin/quota-warning.sh # user = dovecot # unix_listener quota-warning { # user = vmail # } #} So this seems to indicate /scripts/dqwarn-75.sh should be a service name, which then calls the service quota-warning with that script in it etc etc etc surely this old 4 line method has not been replaced into a 20 line mess? Is this old way still functioning as I suspect it is not, and we need to write up two separate new quota warning services given our warnings are worded differently, or should the old methods still be working as they did in 1.2 and we have an error elsewhere? Niki From burak4burak at msn.com Thu Nov 15 12:10:27 2012 From: burak4burak at msn.com (=?windows-1254?B?YnVyYWsgZ/xyZXI=?=) Date: Thu, 15 Nov 2012 12:10:27 +0200 Subject: [Dovecot] auth attempts errors In-Reply-To: <50A4307D.9090906@blue-labs.org> References: <SNT002-W148D74260FC1A9246065436F1530@phx.gbl>, , <50A381CF.6090209@Media-Brokers.com>, <SNT002-W146B40604902A8AB0846C6DF1530@phx.gbl>, <50A3F057.5040908@Media-Brokers.com>, <50A4307D.9090906@blue-labs.org> Message-ID: <SNT002-W78405ED74B30D854170680F1520@phx.gbl> > Subject: Re: [Dovecot] auth attempts errors > > please don't bottom post > > On 11/14/2012 02:26 PM, Charles Marcus wrote: > > Please don't top-post... > > sorry. i am confused.. top or bottom. let me bottom-post.. anyway i have to ask: - how can i compile rpm package of dovecot. are there any guide or ... anything (or how can dovecot be compiled from source code - there is a guide here but it is for rpm version older than 4.4) - how can i create a stable TLS certificate for dovecot. are there any guide or ... anything - for this line "dovecot: imap-login: Disconnected (no auth attempts in 0 secs): rip=**********, lip=**********" in dovecot logs, any idea thanks.. From burak4burak at msn.com Thu Nov 15 13:05:13 2012 From: burak4burak at msn.com (=?windows-1254?B?YnVyYWsgZ/xyZXI=?=) Date: Thu, 15 Nov 2012 13:05:13 +0200 Subject: [Dovecot] auth attempts errors In-Reply-To: <SNT002-W78405ED74B30D854170680F1520@phx.gbl> References: <SNT002-W148D74260FC1A9246065436F1530@phx.gbl>, , <50A381CF.6090209@Media-Brokers.com>, <SNT002-W146B40604902A8AB0846C6DF1530@phx.gbl>, <50A3F057.5040908@Media-Brokers.com>, <50A4307D.9090906@blue-labs.org>, <SNT002-W78405ED74B30D854170680F1520@phx.gbl> Message-ID: <SNT002-W872ACE28F647D5345928A7F1520@phx.gbl> From: burak4burak at msn.com To: dovecot at dovecot.org Subject: RE: [Dovecot] auth attempts errors Date: Thu, 15 Nov 2012 12:10:27 +0200 > Subject: Re: [Dovecot] auth attempts errors > > please don't bottom post > > On 11/14/2012 02:26 PM, Charles Marcus wrote: > > Please don't top-post... > > sorry. i am confused.. top or bottom. let me bottom-post.. anyway i have to ask: - how can i compile rpm package of dovecot. are there any guide or ... anything (or how can dovecot be compiled from source code - there is a guide here but it is for rpm version older than 4.4) - how can i create a stable TLS certificate for dovecot. are there any guide or ... anything - for this line "dovecot: imap-login: Disconnected (no auth attempts in 0 secs): rip=**********, lip=**********" in dovecot logs, any idea thanks.. Building your own rpms link: http://wiki2.dovecot.org/PrebuiltBinaries#Building_your_own_rpms From CMarcus at Media-Brokers.com Thu Nov 15 14:55:45 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Thu, 15 Nov 2012 07:55:45 -0500 Subject: [Dovecot] auth attempts errors In-Reply-To: <50A4307D.9090906@blue-labs.org> References: <SNT002-W148D74260FC1A9246065436F1530@phx.gbl>, <50A381CF.6090209@Media-Brokers.com> <SNT002-W146B40604902A8AB0846C6DF1530@phx.gbl> <50A3F057.5040908@Media-Brokers.com> <50A4307D.9090906@blue-labs.org> Message-ID: <50A4E651.4000806@Media-Brokers.com> On 2012-11-14 6:59 PM, David Ford <david at blue-labs.org> wrote: > On 11/14/2012 02:26 PM, Charles Marcus wrote: >> Please don't top-post... >> >> On 2012-11-14 1:59 PM, burak g?rer<burak4burak at msn.com> wrote: >>>> Date: Wed, 14 Nov 2012 06:34:39 -0500 >>>> From: CMarcus at Media-Brokers.com >>>> To: dovecot at dovecot.org >>>> Subject: Re: [Dovecot] auth attempts errors >>>> >>>> On 2012-11-14 5:03 AM, burak g?rer<burak4burak at msn.com> wrote: >>>>> in dovecot log this error is coming every 20 seconds: >>>>> >>>>> dovecot: imap-login: Disconnected (no auth attempts in 0 secs): >>>>> rip=**********, lip=**********, TLS handshaking: SSL_accept() >>>>> syscall failed: Connection reset by peer >>>> Looks like your SSL is broken... >>> "broken!" >>> >>> what do you mean >> Look at the error message: >> >> "TLS handshaking: SSL_accept() syscall failed:" >> >> I'm not an expert, but thats what it looks like to me. > please don't bottom post Don't be an ass. Top-posting in a thread that is already inline/bottom posting totally breaks the thread. PLONK -- Best regards, Charles From dfischer at fi4it.de Thu Nov 15 16:20:56 2012 From: dfischer at fi4it.de (Daniel Fischer) Date: Thu, 15 Nov 2012 15:20:56 +0100 Subject: [Dovecot] emails are not displayed Message-ID: <50A4FA48.6010108@fi4it.de> Hello, i have a problem with some public folders in my testing environment. But after the series, here is my konfiguraion: doveconf -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-3-amd64 x86_64 Debian wheezy/sid hostname = ......................................... lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes listen = * mail_debug = no mail_gid = 5000 mail_location = maildir:~:INDEX=/var/mail/indexes/%d/%n mail_plugins = acl mail_privileged_group = vmail mail_uid = 5000 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace { list = children location = maildir:/var/mail/vhosts/%d/public:INDEX=/var/mail/indexes/%d/public:CONTROL=/var/mail/controls/%d/public prefix = Public. separator = . subscriptions = no type = public } namespace inbox { hidden = no inbox = yes list = yes location = prefix = separator = . subscriptions = yes type = private } passdb { args = scheme=CRAM-MD5 username_format=%u /var/mail/vhosts/auth.d/%d/shadow driver = passwd-file } plugin { acl = vfile antispam_allow_append_to_spam = no antispam_backend = pipe antispam_pipe_program = /usr/local/bin/sa-learn-pipe.sh antispam_pipe_program_notspam_arg = --ham antispam_pipe_program_spam_arg = --spam antispam_pipe_tmpdir = /tmp antispam_spam = Spam antispam_trash = Trash sieve = /var/mail/vhosts/sieve/users/%d/%n/.dovecot.sieve sieve_before = /var/mail/vhosts/sieve/%d/before sieve_dir = /var/mail/vhosts/sieve/users/%d/%n sieve_global_dir = /var/mail/vhosts/sieve/%d/global sieve_user_log = /var/mail/vhosts/sieve/users/%d/%n/.dovecot.sieve.log } postmaster_address = postmaster at ..... protocols = " imap lmtp sieve pop3" service auth { unix_listener /var/spool/postfix/private/auth { mode = 0666 } unix_listener auth-userdb { mode = 0660 user = vmail } } service managesieve-login { inet_listener sieve { port = 4190 } } ssl_cert = </etc/ssl/private/................................. ssl_key = </etc/ssl/private/......................... userdb { args = username_format=%u /var/mail/vhosts/auth.d/%d/passwd driver = passwd-file } protocol lmtp { mail_plugins = acl sieve } protocol lda { log_path = /var/log/sieve.log mail_plugins = acl sieve } protocol imap { imap_idle_notify_interval = 24 mins mail_plugins = acl imap_acl antispam } protocol sieve { managesieve_implementation_string = Dovecot Pigeonhole managesieve_logout_format = bytes=%i/%o } the problem is that any, not all public folder appear empty. if I delete the index files, I see the emails again for a while(1-2 hours) until they're gone again sometime. The directories change their content not for weeks. It is a test environment. but in one of the folders are more than 13000 mails (the Faxbox). Currently 3 of 13 folders are affected. I thought that it may be due to the size, but it is not the largest folders. For normal mail boxes I have not observed this effect. a3 EXAMINE Public.faxe * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) * OK [PERMANENTFLAGS ()] Read-only mailbox. * 0 EXISTS * 0 RECENT * OK [UIDVALIDITY 1349419566] UIDs valid * OK [UIDNEXT 141737] Predicted next UID * OK [HIGHESTMODSEQ 5] Highest Delete indexes.... /var/mail/indexes/........../public# rm -r .faxe/ a3 EXAMINE Public.faxe * OK [CLOSED] Previous mailbox closed. * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) * OK [PERMANENTFLAGS ()] Read-only mailbox. * 13778 EXISTS * 0 RECENT * OK [UIDVALIDITY 1349419566] UIDs valid * OK [UIDNEXT 141737] Predicted next UID * OK [NOMODSEQ] No permanent modsequences i would like to show you log files but i didn't see any error message. Does Have anyone an idea? Thanks for comment... Daniel From yago at ityd.com.ar Thu Nov 15 17:19:38 2012 From: yago at ityd.com.ar (Yago Alonso - Ityd) Date: Thu, 15 Nov 2012 12:19:38 -0300 Subject: [Dovecot] Change errors to spanish Message-ID: <CAOPFTw85ZMh171dmMZnXQhF50gsuEqWVaL8k0K_qBrHWcgm6fg@mail.gmail.com> Hello, i have dovecot version 1.2.17 and i need to translate all the errors that my users receive when a mail fails to send. Were and how should i change it? Thanks a lot! -- Yago Alonso From h.reindl at thelounge.net Thu Nov 15 17:21:49 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Thu, 15 Nov 2012 16:21:49 +0100 Subject: [Dovecot] Change errors to spanish In-Reply-To: <CAOPFTw85ZMh171dmMZnXQhF50gsuEqWVaL8k0K_qBrHWcgm6fg@mail.gmail.com> References: <CAOPFTw85ZMh171dmMZnXQhF50gsuEqWVaL8k0K_qBrHWcgm6fg@mail.gmail.com> Message-ID: <50A5088D.4020308@thelounge.net> Am 15.11.2012 16:19, schrieb Yago Alonso - Ityd: > Hello, i have dovecot version 1.2.17 and i need to translate all the errors > that my users receive when a mail fails to send. Were and how should i > change it? bounces are generated by the MTA and NOT dovecot! look at /etc/postfix/bounce.cf.default and "bounce_template_file" in the postfix documentation -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 261 bytes Desc: OpenPGP digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121115/9a69f3e8/attachment.bin> From dave at boostpro.com Wed Nov 14 16:52:36 2012 From: dave at boostpro.com (Dave Abrahams) Date: Wed, 14 Nov 2012 09:52:36 -0500 Subject: [Dovecot] [BUMP] Unanswered: how to force FTS indexing? References: <m2pq43k7n3.fsf@cone.luannocracy.com> <508C9C8A.8000309@hardwarefreak.com> <m2vcdpfkz7.fsf@cone.luannocracy.com> Message-ID: <m2zk2knsnf.fsf_-_@cone.luannocracy.com> Does anyone have an answer to this question? Should I simply issue an IMAP search command, or is there a better way? on Thu Nov 01 2012, Dave Abrahams <dave-AT-boostpro.com> wrote: >> This index is not updated in real time. This is why Timo and others >> recommend cron'ing a script to index folders regularly that are >> searched regularly. > > And how does one index the folders for search? Is that "doveadm > index" or "doveadm fts rescan" (which I see at > http://wiki2.dovecot.org/Plugins/FTS but NOT in the manpage), or...? > >> This keeps the indexes up to date and keeps searches fast. If you >> don't do this or search often, your indexes become stale. Then each >> time you do an FTS search the first thing that happens is an FTS >> re-indexing of the mail folder. Only then does it display the search >> results. >> >>> BTW, I'm using the clucene search backend. >> >> I've not used Lucene, but I believe the default behavior is similar to >> the Dovecot 1.2.x FTS indexer. > > Not sure what conclusion to draw from that, thanks. -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From dave at boostpro.com Thu Nov 15 22:35:44 2012 From: dave at boostpro.com (Dave Abrahams) Date: Thu, 15 Nov 2012 15:35:44 -0500 Subject: [Dovecot] [BUMP] Unanswered: how to force FTS indexing? References: <m2pq43k7n3.fsf@cone.luannocracy.com> <508C9C8A.8000309@hardwarefreak.com> <m2vcdpfkz7.fsf@cone.luannocracy.com> <m2zk2knsnf.fsf_-_@cone.luannocracy.com> Message-ID: <m2pq3eioyn.fsf@pluto.luannocracy.com> After all this, some experimentation shows that doveadm index /does/ after all, update FTS indices. I wish this were better documented. on Wed Nov 14 2012, Dave Abrahams <dave-AT-boostpro.com> wrote: > Does anyone have an answer to this question? Should I simply issue an > IMAP search command, or is there a better way? > > on Thu Nov 01 2012, Dave Abrahams <dave-AT-boostpro.com> wrote: > >>> This index is not updated in real time. This is why Timo and others >>> recommend cron'ing a script to index folders regularly that are >>> searched regularly. >> >> And how does one index the folders for search? Is that "doveadm >> index" or "doveadm fts rescan" (which I see at >> http://wiki2.dovecot.org/Plugins/FTS but NOT in the manpage), or...? >> >>> This keeps the indexes up to date and keeps searches fast. If you >>> don't do this or search often, your indexes become stale. Then each >>> time you do an FTS search the first thing that happens is an FTS >>> re-indexing of the mail folder. Only then does it display the search >>> results. >>> >>>> BTW, I'm using the clucene search backend. >>> >>> I've not used Lucene, but I believe the default behavior is similar to >>> the Dovecot 1.2.x FTS indexer. >> >> Not sure what conclusion to draw from that, thanks. -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From zaphod at tdl.com Fri Nov 16 05:27:46 2012 From: zaphod at tdl.com (Chuck Cochems) Date: Thu, 15 Nov 2012 20:27:46 -0700 Subject: [Dovecot] whoson plugin for 2.0 Message-ID: <50A5B2B2.40409@tdl.com> I have found a plugin at ftp://ftp.ufanet.ru/pub/boco/dovecot/whoson-plugin/ I was able to make it function on a dovecot 1.2.8 server, by changing __attr_unused__ to ATTR_UNUSED and strlcpy to i_strocpy (since glibc doesn't HAVE strlcpy, on purpose). However, it doesn't work with 2.1 this is, of course, because getenv() no longer functions lie it used to in plugins. so i need a replacement for getenv("IP") and getenv("USER") to make this work. i know, pop before SMTP is stupid, but the isp i'm doing this for hs customers that have used pop before smtp for ages. so I MUST make a whoson plugin. as i said, the remote ip and the email address are required to interface with whoson. (this is superior to DRAC, which just opens the IP) From dmiller at amfes.com Fri Nov 16 05:43:34 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Thu, 15 Nov 2012 19:43:34 -0800 Subject: [Dovecot] [BUMP] Unanswered: how to force FTS indexing? In-Reply-To: <m2zk2knsnf.fsf_-_@cone.luannocracy.com> References: <m2pq43k7n3.fsf@cone.luannocracy.com> <508C9C8A.8000309@hardwarefreak.com> <m2vcdpfkz7.fsf@cone.luannocracy.com> <m2zk2knsnf.fsf_-_@cone.luannocracy.com> Message-ID: <assp.166787f57b.50A5B666.9090507@amfes.com> On 11/14/2012 6:52 AM, Dave Abrahams wrote: > Does anyone have an answer to this question? Should I simply issue an > IMAP search command, or is there a better way? > Put this in a cron script: doveadm search -A text zyxabcxyz > /dev/null That will perform a search through every mailbox on the system, indexing as it goes. The search query is unlikely to return much in the way of results, so log files won't fill up much. -- Daniel From kae at midnighthax.com Fri Nov 16 11:33:29 2012 From: kae at midnighthax.com (Keith Edmunds) Date: Fri, 16 Nov 2012 09:33:29 +0000 Subject: [Dovecot] Folder layout after Cyrus to Dovecot migration Message-ID: <20121116093329.045f4585@kae.tiger-computing.wbp> # dovecot --version 1.2.15 We're trying to migrate a server from Cyrus to Dovecot, and we're mostly there. On Cyrus, the folder layout in the MUA is: INBOX subfolder subfolder ... Sent Drafts Queue Trash Users cannot create sibling folders to the Inbox, only subfolders (and sub-subfolders, etc). We've replicated that with: -------------------------------------------------------------------------------- mail_location = maildir:/shared/imapmail/users/%u:INBOX=/shared/imapmail/users/%u:LAYOUT=fs namespace private { separator = / prefix = "INBOX/" inbox = yes } -------------------------------------------------------------------------------- ...however, the Sent/Drafts/Queue/Trash folders are now subfolders of Inbox. Cyrus seems to default to the above layout (at least, I can't find anywhere that defines it). There are no special settings in the MUA to achieve the abovev. Is there a way of replicating the above within Dovecot? We can probably go to V2 if we have to, but 1.2.15 would be preferable. Thanks, Keith From rs at sys4.de Fri Nov 16 11:59:32 2012 From: rs at sys4.de (Robert Schetterer) Date: Fri, 16 Nov 2012 10:59:32 +0100 Subject: [Dovecot] Folder layout after Cyrus to Dovecot migration In-Reply-To: <20121116093329.045f4585@kae.tiger-computing.wbp> References: <20121116093329.045f4585@kae.tiger-computing.wbp> Message-ID: <50A60E84.6050307@sys4.de> Am 16.11.2012 10:33, schrieb Keith Edmunds: > # dovecot --version > 1.2.15 > > We're trying to migrate a server from Cyrus to Dovecot, and we're mostly > there. > > On Cyrus, the folder layout in the MUA is: > > INBOX > subfolder > subfolder > ... > Sent > Drafts > Queue > Trash > > Users cannot create sibling folders to the Inbox, only subfolders (and > sub-subfolders, etc). We've replicated that with: > > -------------------------------------------------------------------------------- > mail_location = > maildir:/shared/imapmail/users/%u:INBOX=/shared/imapmail/users/%u:LAYOUT=fs > > namespace private { > separator = / > prefix = "INBOX/" > inbox = yes > } > -------------------------------------------------------------------------------- > > ...however, the Sent/Drafts/Queue/Trash folders are now subfolders of > Inbox. Cyrus seems to default to the above layout (at least, I can't find > anywhere that defines it). There are no special settings in the MUA to > achieve the abovev. Is there a way of replicating the above within > Dovecot? We can probably go to V2 if we have to, but 1.2.15 would be > preferable. > > Thanks, > Keith > read http://wiki2.dovecot.org/Migration http://wiki2.dovecot.org/Namespaces Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From amateo at um.es Fri Nov 16 12:11:19 2012 From: amateo at um.es (Angel L. Mateo) Date: Fri, 16 Nov 2012 11:11:19 +0100 Subject: [Dovecot] shared mailboxes and indexes Message-ID: <50A61147.5040201@um.es> Hello, We are deploying shared mailboxes in our mail system. We are running 2.1.9 and mail backend is maildir. As described at http://wiki.dovecot.org/SharedMailboxes/Shared when shared namespace is configured as namespace shared { separator = / prefix = shared/%%u/ location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u subscriptions = no list = children } each user accessing this folder has its own index, stored in ~/Maildir/shared/%%u/<shared mailbox>, hasn't it? Our mail is store in NFS disks so we are very concerned about indexes optimizations (we had performance problems until we got all of our indexes and nfs tunned). So, is there any way so those indexes could be shared for all users (and they always would be updated). Regarding this... if we'd use dbox instead of maildir, indexes are a really important part of the mailbox and they can't be re-constructed when they are outdated. So, how do shared mailboxes work with dbox backend? Do I have to configure indexes in any particular way? -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n y las Comunicaciones Aplicadas (ATICA) http://www.um.es/atica Tfo: 868889150 Fax: 868888337 From kae at midnighthax.com Fri Nov 16 12:36:49 2012 From: kae at midnighthax.com (Keith Edmunds) Date: Fri, 16 Nov 2012 10:36:49 +0000 Subject: [Dovecot] Folder layout after Cyrus to Dovecot migration In-Reply-To: <50A60E84.6050307@sys4.de> References: <20121116093329.045f4585@kae.tiger-computing.wbp> <50A60E84.6050307@sys4.de> Message-ID: <20121116103649.1e54e72e@kae.tiger-computing.wbp> > read > > http://wiki2.dovecot.org/Migration > http://wiki2.dovecot.org/Namespaces Thank you: I have (already had) read both. Are you suggesting that hidden namespaces will provide the functionality we are looking for? Or have I missed the point? Thanks, Keith From rs at sys4.de Fri Nov 16 13:52:37 2012 From: rs at sys4.de (Robert Schetterer) Date: Fri, 16 Nov 2012 12:52:37 +0100 Subject: [Dovecot] Folder layout after Cyrus to Dovecot migration In-Reply-To: <20121116103649.1e54e72e@kae.tiger-computing.wbp> References: <20121116093329.045f4585@kae.tiger-computing.wbp> <50A60E84.6050307@sys4.de> <20121116103649.1e54e72e@kae.tiger-computing.wbp> Message-ID: <50A62905.6040402@sys4.de> Am 16.11.2012 11:36, schrieb Keith Edmunds: >> read >> >> http://wiki2.dovecot.org/Migration >> http://wiki2.dovecot.org/Namespaces > > Thank you: I have (already had) read both. > > Are you suggesting that hidden namespaces will provide the functionality > we are looking for? Or have I missed the point? > > Thanks, > Keith > i you like your users have the same namespace as before configure dovecot like it if not use ,a new namespace layout, its your choice hidden namespaces may help making migration transparent for old clients Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From nicolas.kowalski at gmail.com Fri Nov 16 16:12:59 2012 From: nicolas.kowalski at gmail.com (Nicolas KOWALSKI) Date: Fri, 16 Nov 2012 15:12:59 +0100 Subject: [Dovecot] Initial status notification not received Message-ID: <20121116141259.GA9371@petole.demisel.net> Hello, We have SLES-11 SP2 Xen VMs running dovecot as IMAP proxies. At VMs startup, dovecot almost always shows these errors: Nov 16 14:29:19 server dovecot: master: Dovecot v2.1.10 starting up (core dumps disabled) Nov 16 14:29:55 server dovecot: master: Error: service(anvil): Initial status notification not received in 30 seconds, killing the process Nov 16 14:29:55 server dovecot: master: Error: service(log): Initial status notification not received in 30 seconds, killing the process Nov 16 14:29:55 server dovecot: master: Error: service(ssl-params): Initial status notification not received in 30 seconds, killing the process Nov 16 14:29:55 server dovecot: master: Error: service(log): child 3591 killed with signal 9 As the last line tells, dovecot stops logging information. We have to restart the dovecot processes to get back normal behaviour. I also tried to set idle_kill values to services definitions, without success. Is there a way to prevent these errors? Here is the dovecot -n output: # 2.1.10: /etc/dovecot/dovecot.conf # OS: Linux 3.0.42-0.7-xen x86_64 SUSE Linux Enterprise Server 11 (x86_64) default_client_limit = 4096 default_idle_kill = 5 mins default_process_limit = 16384 listen = 10.254.251.18 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap sieve service anvil { client_limit = 65536 idle_kill = 0 } service auth { client_limit = 32768 } service imap-login { inet_listener imap { port = 0 } } service imap { process_limit = 0 } service log { idle_kill = 0 } service managesieve { process_limit = 0 } service ssl-params { idle_kill = 0 } ssl_ca = </etc/dovecot/ssl/ca.pem ssl_cert = </etc/dovecot/ssl/server-crt.pem ssl_key = </etc/dovecot/ssl/server-key.pem userdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } protocol sieve { passdb { args = /etc/dovecot/dovecot-ldap-sieve.conf.ext driver = ldap } } Thanks, -- Nicolas From weber at zackbummfertig.de Fri Nov 16 17:24:48 2012 From: weber at zackbummfertig.de (weber at zackbummfertig.de) Date: Fri, 16 Nov 2012 16:24:48 +0100 Subject: [Dovecot] =?utf-8?q?Is_there_any_Documentation_or_Howto/Guide_for?= =?utf-8?q?_Dovecot_Replication_or_do_i_have_to_wait_for_dovecot_2=2E2=2Ex?= =?utf-8?q?=3F?= Message-ID: <72bd3d101cab445e8b4216300b43b798@zackbummfertig.de> dear timo, can you help me? best regards marko, from hamburg From user+dovecot at localhost.localdomain.org Fri Nov 16 20:53:27 2012 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Fri, 16 Nov 2012 19:53:27 +0100 Subject: [Dovecot] whoson plugin for 2.0 In-Reply-To: <50A5B2B2.40409@tdl.com> References: <50A5B2B2.40409@tdl.com> Message-ID: <50A68BA7.4080500@localhost.localdomain.org> On 11/16/2012 04:27 AM Chuck Cochems wrote: > ? > this is, of course, because getenv() no longer functions lie it used to > in plugins. > > so i need a replacement for getenv("IP") and getenv("USER") to make this > work. AFAIR: getenv was replaced by mail_user_plugin_getenv ,--[ lib-storage/mail-user.h ]-- | /* If name exists in plugin_envs, return its value. */ | const char *mail_user_plugin_getenv(struct mail_user *user, const char *name); `-- Regards, Pascal -- The trapper recommends today: cafefeed.1232119 at localdomain.org From daniel.parthey at informatik.tu-chemnitz.de Fri Nov 16 22:31:22 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Fri, 16 Nov 2012 21:31:22 +0100 Subject: [Dovecot] Is there any Documentation or Howto/Guide for Dovecot Replication or do i have to wait for dovecot 2.2.x? In-Reply-To: <72bd3d101cab445e8b4216300b43b798@zackbummfertig.de> References: <72bd3d101cab445e8b4216300b43b798@zackbummfertig.de> Message-ID: <20121116203122.GA9979@daniel.localdomain> Marko Weber wrote: > Is there any Documentation or Howto/Guide for Dovecot Replication? You might start with dovecot mirroring according to the documentation http://wiki2.dovecot.org/Tools/Dsync http://wiki2.dovecot.org/Design/Dsync and ask if something is unclear. Regards Daniel -- https://plus.google.com/103021802792276734820 From hawat.thufir at gmail.com Fri Nov 16 22:47:52 2012 From: hawat.thufir at gmail.com (Thufir) Date: Fri, 16 Nov 2012 12:47:52 -0800 Subject: [Dovecot] dovecot: lda(root): Fatal: Invalid user settings. Refer to server log for more information. Message-ID: <50A6A678.2020601@gmail.com> I ran dovecot -a and the blizzard of data seemed ok to my limited knowledge. Is there another log I should look into to trace this error down? Dovecot and system info: thufir at dur:~$ thufir at dur:~$ dovecot --version 2.0.19 thufir at dur:~$ thufir at dur:~$ cat /etc/lsb-release DISTRIB_ID=Ubuntu DISTRIB_RELEASE=12.04 DISTRIB_CODENAME=precise DISTRIB_DESCRIPTION="Ubuntu 12.04.1 LTS" thufir at dur:~$ testing postfix & dovecot (http://packages.ubuntu.com/precise/dovecot-postfix): root at dur:/etc/postfix# root at dur:/etc/postfix# telnet localhost 25 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 dur.bounceme.net ESMTP Postfix (Ubuntu) helo me 250 dur.bounceme.net mail from:foo at bar.com 250 2.1.0 Ok rcpt to:root at dur.bounceme.net 250 2.1.5 Ok data 354 End data with <CR><LF>.<CR><LF> subject:ping 3 blah blah . 250 2.0.0 Ok: queued as 35EC92A0D72 quit 221 2.0.0 Bye Connection closed by foreign host. root at dur:/etc/postfix# root at dur:/etc/postfix# tail /var/log/mail.log Nov 16 12:30:07 dur postfix/smtpd[4113]: connect from localhost[127.0.0.1] Nov 16 12:30:40 dur postfix/smtpd[4113]: 35EC92A0D72: client=localhost[127.0.0.1] Nov 16 12:30:52 dur postfix/cleanup[4133]: 35EC92A0D72: message-id=<20121116203040.35EC92A0D72 at dur.bounceme.net> Nov 16 12:30:52 dur postfix/qmgr[1681]: 35EC92A0D72: from=<foo at bar.com>, size=321, nrcpt=1 (queue active) Nov 16 12:30:52 dur dovecot: lda(root): Error: chdir(/root/) failed: Permission denied (euid=65534(nobody) egid=65534(nogroup) missing +x perm: /root, dir owned by 0:0 mode=0700) Nov 16 12:30:52 dur dovecot: lda(root): Error: chdir(/root) failed: Permission denied Nov 16 12:30:52 dur dovecot: lda(root): Error: user root: Initialization failed: Initializing mail storage from mail_location setting failed: stat(/root/Maildir) failed: Permission denied (euid=65534(nobody) egid=65534(nogroup) missing +x perm: /root, dir owned by 0:0 mode=0700) Nov 16 12:30:52 dur dovecot: lda(root): Fatal: Invalid user settings. Refer to server log for more information. Nov 16 12:30:52 dur postfix/local[4134]: 35EC92A0D72: to=<root at dur.bounceme.net>, relay=local, delay=25, delays=25/0.02/0/0.12, dsn=4.3.0, status=deferred (temporary failure) Nov 16 12:30:56 dur postfix/smtpd[4113]: disconnect from localhost[127.0.0.1] root at dur:/etc/postfix# thanks, Thufir From dave at boostpro.com Fri Nov 16 22:58:00 2012 From: dave at boostpro.com (Dave Abrahams) Date: Fri, 16 Nov 2012 15:58:00 -0500 Subject: [Dovecot] [BUMP] Unanswered: how to force FTS indexing? References: <m2pq43k7n3.fsf@cone.luannocracy.com> <508C9C8A.8000309@hardwarefreak.com> <m2vcdpfkz7.fsf@cone.luannocracy.com> <m2zk2knsnf.fsf_-_@cone.luannocracy.com> <assp.166787f57b.50A5B666.9090507@amfes.com> Message-ID: <m2zk2hnu3r.fsf@cube.luannocracy.com> on Thu Nov 15 2012, "Daniel L. Miller" <dmiller-AT-amfes.com> wrote: > On 11/14/2012 6:52 AM, Dave Abrahams wrote: >> Does anyone have an answer to this question? Should I simply issue an >> IMAP search command, or is there a better way? >> > > Put this in a cron script: > > doveadm search -A text zyxabcxyz > /dev/null > > That will perform a search through every mailbox on the system, > indexing as it goes. The search query is unlikely to return much in > the way of results, so log files won't fill up much. That actually doesn't work for me. "doveadm index ..." does, though. -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From rob0 at gmx.co.uk Sat Nov 17 00:09:54 2012 From: rob0 at gmx.co.uk (/dev/rob0) Date: Fri, 16 Nov 2012 16:09:54 -0600 Subject: [Dovecot] dovecot: lda(root): Fatal: Invalid user settings. Refer to server log for more information. In-Reply-To: <50A6A678.2020601@gmail.com> References: <50A6A678.2020601@gmail.com> Message-ID: <20121116220954.GX3672@harrier.slackbuilds.org> On Fri, Nov 16, 2012 at 12:47:52PM -0800, Thufir wrote: > I ran dovecot -a and the blizzard of data seemed ok to my limited > knowledge. Is there another log I should look into to trace this > error down? It's actually a Postfix problem. Postfix is invoking your Dovecot LDA with wrong permissions. > Dovecot and system info: > > thufir at dur:~$ > thufir at dur:~$ dovecot --version > 2.0.19 > thufir at dur:~$ > thufir at dur:~$ cat /etc/lsb-release > DISTRIB_ID=Ubuntu > DISTRIB_RELEASE=12.04 > DISTRIB_CODENAME=precise > DISTRIB_DESCRIPTION="Ubuntu 12.04.1 LTS" > thufir at dur:~$ > > testing postfix & dovecot > (http://packages.ubuntu.com/precise/dovecot-postfix): > > root at dur:/etc/postfix# > root at dur:/etc/postfix# telnet localhost 25 > Trying 127.0.0.1... > Connected to localhost. > Escape character is '^]'. > 220 dur.bounceme.net ESMTP Postfix (Ubuntu) > helo me > 250 dur.bounceme.net > mail from:foo at bar.com Angle brackets are required on envelope addresses (and I bet you don't own bar.com): MAIL FROM:<foo at example.com> > 250 2.1.0 Ok > rcpt to:root at dur.bounceme.net RCPT TO:<root at dur.bounceme.net> > 250 2.1.5 Ok > data > 354 End data with <CR><LF>.<CR><LF> > subject:ping 3 > blah blah > . A header must have a space after the colon. Header and body are separated by a blank line. See RFC 5322. > 250 2.0.0 Ok: queued as 35EC92A0D72 > quit > 221 2.0.0 Bye > Connection closed by foreign host. > root at dur:/etc/postfix# > root at dur:/etc/postfix# tail /var/log/mail.log > Nov 16 12:30:07 dur postfix/smtpd[4113]: connect from localhost[127.0.0.1] > Nov 16 12:30:40 dur postfix/smtpd[4113]: 35EC92A0D72: > client=localhost[127.0.0.1] > Nov 16 12:30:52 dur postfix/cleanup[4133]: 35EC92A0D72: > message-id=<20121116203040.35EC92A0D72 at dur.bounceme.net> > Nov 16 12:30:52 dur postfix/qmgr[1681]: 35EC92A0D72: > from=<foo at bar.com>, size=321, nrcpt=1 (queue active) > Nov 16 12:30:52 dur dovecot: lda(root): Error: chdir(/root/) failed: > Permission denied (euid=65534(nobody) egid=65534(nogroup) missing +x > perm: /root, dir owned by 0:0 mode=0700) The fix to this is simply not to deliver mail to root. You should have aliased root to a mortal user. Postfix will not invoke a mailbox_command as root. In broader terms, you should only use root for actual system administration, and not for user tasks such as reading and sending mail. See and edit /etc/aliases, then run "newaliases". Example: root: thufir http://www.postfix.org/postconf.5.html#default_privs http://www.postfix.org/postconf.5.html#mailbox_command http://www.postfix.org/local.8.html http://www.postfix.org/aliases.5.html After you have done this, requeue the message: # postsuper -r 35EC92A0D72 (or just delete it, s/-r/-d/, and try another test.) http://www.postfix.org/postsuper.1.html > Nov 16 12:30:52 dur dovecot: lda(root): Error: chdir(/root) failed: > Permission denied > Nov 16 12:30:52 dur dovecot: lda(root): Error: user root: > Initialization failed: Initializing mail storage from mail_location > setting failed: stat(/root/Maildir) failed: Permission denied > (euid=65534(nobody) egid=65534(nogroup) missing +x perm: /root, dir > owned by 0:0 mode=0700) > Nov 16 12:30:52 dur dovecot: lda(root): Fatal: Invalid user settings. > Refer to server log for more information. > Nov 16 12:30:52 dur postfix/local[4134]: 35EC92A0D72: > to=<root at dur.bounceme.net>, relay=local, delay=25, > delays=25/0.02/0/0.12, dsn=4.3.0, status=deferred (temporary failure) > Nov 16 12:30:56 dur postfix/smtpd[4113]: disconnect from > localhost[127.0.0.1] > root at dur:/etc/postfix# -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if "/dev/rob0" is in the Subject: From ben at morrow.me.uk Sat Nov 17 00:15:24 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Fri, 16 Nov 2012 22:15:24 +0000 Subject: [Dovecot] dovecot: lda(root): Fatal: Invalid user settings. Refer to server log for more information. In-Reply-To: <50A6A678.2020601@gmail.com> References: <50A6A678.2020601@gmail.com> Message-ID: <20121116221524.GE94077@anubis.morrow.me.uk> At 12PM -0800 on 16/11/12 you (Thufir) wrote: > I ran dovecot -a and the blizzard of data seemed ok to my limited > knowledge. Is there another log I should look into to trace this error > down? <snip> > > Nov 16 12:30:52 dur dovecot: lda(root): Error: chdir(/root/) failed: > Permission denied (euid=65534(nobody) egid=65534(nogroup) missing +x > perm: /root, dir owned by 0:0 mode=0700) > Nov 16 12:30:52 dur dovecot: lda(root): Error: chdir(/root) failed: > Permission denied > Nov 16 12:30:52 dur dovecot: lda(root): Error: user root: Initialization > failed: Initializing mail storage from mail_location setting failed: > stat(/root/Maildir) failed: Permission denied (euid=65534(nobody) > egid=65534(nogroup) missing +x perm: /root, dir owned by 0:0 mode=0700) > Nov 16 12:30:52 dur dovecot: lda(root): Fatal: Invalid user settings. > Refer to server log for more information. You should not be attempting to deliver mail to root directly. Instead you should forward root's mail to a real user with /etc/aliases; postfix's local(8) will not allow you to deliver mail as root. Ben From zaphod at tdl.com Sat Nov 17 00:21:30 2012 From: zaphod at tdl.com (Chuck Cochems) Date: Fri, 16 Nov 2012 15:21:30 -0700 Subject: [Dovecot] whoson plugin for 2.0 In-Reply-To: <50A68BA7.4080500@localhost.localdomain.org> References: <50A5B2B2.40409@tdl.com> <50A68BA7.4080500@localhost.localdomain.org> Message-ID: <50A6BC6A.6070504@tdl.com> On 11/16/2012 11:53 AM, Pascal Volk wrote: > On 11/16/2012 04:27 AM Chuck Cochems wrote: >> ? >> this is, of course, because getenv() no longer functions lie it used to >> in plugins. >> >> so i need a replacement for getenv("IP") and getenv("USER") to make this >> work. > > AFAIR: getenv was replaced by mail_user_plugin_getenv > > ,--[ lib-storage/mail-user.h ]-- > | /* If name exists in plugin_envs, return its value. */ > | const char *mail_user_plugin_getenv(struct mail_user *user, const char *name); > `-- > > Ye, but it requires the user struct to be passed as a parameter, which this plugin doesn't even use. Also, it seems the ip address is stored in a different format than used by the old getenv("IP") (which was a string) I need to return both the IP and the email address as a string to drop it into the old code. I attempted to use the drac plugin as a base (the new 2.0 compatible one) but i found the code hard to follow, and also DRAC seems to just use the IP, while whoson also uses the email address. From rob0 at gmx.co.uk Sat Nov 17 00:29:16 2012 From: rob0 at gmx.co.uk (/dev/rob0) Date: Fri, 16 Nov 2012 16:29:16 -0600 Subject: [Dovecot] dovecot: lda(root): Fatal: Invalid user settings. Refer to server log for more information. In-Reply-To: <20121116221524.GE94077@anubis.morrow.me.uk> References: <50A6A678.2020601@gmail.com> <20121116221524.GE94077@anubis.morrow.me.uk> Message-ID: <20121116222916.GY3672@harrier.slackbuilds.org> On Fri, Nov 16, 2012 at 10:15:24PM +0000, Ben Morrow wrote: > postfix's local(8) will not allow you to deliver mail as root. Strictly speaking it will deliver to/as root, but not if invoking commands, which is what the OP was doing. -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if "/dev/rob0" is in the Subject: From user+dovecot at localhost.localdomain.org Sat Nov 17 01:43:06 2012 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Sat, 17 Nov 2012 00:43:06 +0100 Subject: [Dovecot] whoson plugin for 2.0 In-Reply-To: <50A6BC6A.6070504@tdl.com> References: <50A5B2B2.40409@tdl.com> <50A68BA7.4080500@localhost.localdomain.org> <50A6BC6A.6070504@tdl.com> Message-ID: <50A6CF8A.40202@localhost.localdomain.org> On 11/16/2012 11:21 PM Chuck Cochems wrote: > ? > I need to return both the IP and the email address as a string to drop > it into the old code. > ? You could check the code of the `doveadm who` command <http://wiki2.dovecot.org/Tools/Doveadm/Who>. It shows both, the user name and the IP address. Regards, Pascal -- The trapper recommends today: c01dcafe.1232200 at localdomain.org From hawat.thufir at gmail.com Sat Nov 17 03:32:16 2012 From: hawat.thufir at gmail.com (Thufir) Date: Fri, 16 Nov 2012 17:32:16 -0800 Subject: [Dovecot] dovecot: lda(root): Fatal: Invalid user settings. Refer to In-Reply-To: <50A6A678.2020601@gmail.com> References: <50A6A678.2020601@gmail.com> Message-ID: <50A6E920.4040000@gmail.com> On Fri, 16 Nov 2012 16:09:54 -0600, /dev/rob0 wrote: > The fix to this is simply not to deliver mail to root. You should have > aliased root to a mortal user. Postfix will not invoke a mailbox_command > as root. > > In broader terms, you should only use root for actual system > administration, and not for user tasks such as reading and sending mail. > > See and edit /etc/aliases, then run "newaliases". Example: > > root: thufir > > http://www.postfix.org/postconf.5.html#default_privs > http://www.postfix.org/postconf.5.html#mailbox_command > http://www.postfix.org/local.8.html > http://www.postfix.org/aliases.5.html > > After you have done this, requeue the message: > > # postsuper -r 35EC92A0D72 > > (or just delete it, s/-r/-d/, and try another test.) > > http://www.postfix.org/postsuper.1.html Ah, thank you. Not dovecot at all, makes sense. I was sending to root because of a problem with keychain preventing usage of the "mail" command for users: http://ubuntuforums.org/showthread.php?t=2065461 Anyhow, that's fixed so that I can now use the "mail" command as a mortal, as you put it. I think I'm on my way, and that this is a postfix and not dovecot problem. The mail doesn't arrive, but the log shows as delivered (I think) and then removed for some reason: thufir at dur:~$ thufir at dur:~$ thufir at dur:~$ telnet localhost 25 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 dur.bounceme.net ESMTP Postfix (Ubuntu) HELO me 250 dur.bounceme.net mail from:<thufir at example.com> 250 2.1.0 Ok rcpt to:<thufir at localhost> 250 2.1.5 Ok data 354 End data with <CR><LF>.<CR><LF> subject: never arrives postfix problem? . 250 2.0.0 Ok: queued as 3C8392A0007 quit 221 2.0.0 Bye Connection closed by foreign host. thufir at dur:~$ thufir at dur:~$ mail No mail for thufir thufir at dur:~$ thufir at dur:~$ thufir at dur:~$ tail /var/log/mail.log Nov 16 17:19:04 dur postfix/smtpd[2975]: connect from localhost[127.0.0.1] Nov 16 17:19:32 dur postfix/smtpd[2975]: disconnect from localhost [127.0.0.1] Nov 16 17:19:36 dur postfix/smtpd[2975]: connect from localhost[127.0.0.1] Nov 16 17:20:06 dur postfix/smtpd[2975]: 3C8392A0007: client=localhost [127.0.0.1] Nov 16 17:20:48 dur postfix/cleanup[2985]: 3C8392A0007: message- id=<20121117012006.3C8392A0007 at dur.bounceme.net> Nov 16 17:20:48 dur postfix/qmgr[1521]: 3C8392A0007: from=<thufir at example.com>, size=336, nrcpt=1 (queue active) Nov 16 17:20:48 dur dovecot: lda(thufir): msgid=<20121117012006.3C8392A0007 at dur.bounceme.net>: saved mail to INBOX Nov 16 17:20:48 dur postfix/local[2988]: 3C8392A0007: to=<thufir at localhost>, relay=local, delay=55, delays=55/0.02/0/0.17, dsn=2.0.0, status=sent (delivered to command: /usr/lib/dovecot/deliver - c /etc/dovecot/conf.d/01-mail-stack-delivery.conf -m "${EXTENSION}") Nov 16 17:20:48 dur postfix/qmgr[1521]: 3C8392A0007: removed Nov 16 17:20:54 dur postfix/smtpd[2975]: disconnect from localhost [127.0.0.1] thufir at dur:~$ thanks, Thufir From rob0 at gmx.co.uk Sat Nov 17 03:58:55 2012 From: rob0 at gmx.co.uk (/dev/rob0) Date: Fri, 16 Nov 2012 19:58:55 -0600 Subject: [Dovecot] dovecot: lda(root): Fatal: Invalid user settings. Refer to In-Reply-To: <50A6E920.4040000@gmail.com> References: <50A6A678.2020601@gmail.com> <50A6E920.4040000@gmail.com> Message-ID: <20121117015855.GA3672@harrier.slackbuilds.org> On Fri, Nov 16, 2012 at 05:32:16PM -0800, Thufir wrote: > On Fri, 16 Nov 2012 16:09:54 -0600, /dev/rob0 wrote: > >The fix to this is simply not to deliver mail to root. You > >should have aliased root to a mortal user. Postfix will not > >invoke a mailbox_command as root. > > Ah, thank you. Not dovecot at all, makes sense. I was sending > to root because of a problem with keychain preventing usage of > the "mail" command for users: > > http://ubuntuforums.org/showthread.php?t=2065461 > > Anyhow, that's fixed so that I can now use the "mail" command as a > mortal, as you put it. I think I'm on my way, and that this is a > postfix and not dovecot problem. The mail doesn't arrive, but the > log shows as delivered (I think) and then removed for some reason: It was delivered and removed from the queue. > thufir at dur:~$ telnet localhost 25 > Trying 127.0.0.1... > Connected to localhost. > Escape character is '^]'. > 220 dur.bounceme.net ESMTP Postfix (Ubuntu) > HELO me > 250 dur.bounceme.net > mail from:<thufir at example.com> > 250 2.1.0 Ok > rcpt to:<thufir at localhost> > 250 2.1.5 Ok > data > 354 End data with <CR><LF>.<CR><LF> > subject: never arrives > > postfix problem? > . > 250 2.0.0 Ok: queued as 3C8392A0007 > quit > 221 2.0.0 Bye > Connection closed by foreign host. > thufir at dur:~$ > thufir at dur:~$ mail > No mail for thufir Your mail(1) MUA is not configured (or unable) to look in the place where the mail was, in fact, delivered. > thufir at dur:~$ tail /var/log/mail.log > Nov 16 17:19:04 dur postfix/smtpd[2975]: connect from localhost[127.0.0.1] > Nov 16 17:19:32 dur postfix/smtpd[2975]: disconnect from localhost > [127.0.0.1] > Nov 16 17:19:36 dur postfix/smtpd[2975]: connect from localhost[127.0.0.1] > Nov 16 17:20:06 dur postfix/smtpd[2975]: 3C8392A0007: client=localhost > [127.0.0.1] > Nov 16 17:20:48 dur postfix/cleanup[2985]: 3C8392A0007: message- > id=<20121117012006.3C8392A0007 at dur.bounceme.net> > Nov 16 17:20:48 dur postfix/qmgr[1521]: 3C8392A0007: > from=<thufir at example.com>, size=336, nrcpt=1 (queue active) > Nov 16 17:20:48 dur dovecot: lda(thufir): > msgid=<20121117012006.3C8392A0007 at dur.bounceme.net>: saved mail to INBOX Dovecot says it delivered it ... > Nov 16 17:20:48 dur postfix/local[2988]: 3C8392A0007: > to=<thufir at localhost>, relay=local, delay=55, delays=55/0.02/0/0.17, > dsn=2.0.0, status=sent (delivered to command: /usr/lib/dovecot/deliver - > c /etc/dovecot/conf.d/01-mail-stack-delivery.conf -m "${EXTENSION}") > Nov 16 17:20:48 dur postfix/qmgr[1521]: 3C8392A0007: removed ... and duly reported this success to Postfix, which deleted it from the queue as a result. > Nov 16 17:20:54 dur postfix/smtpd[2975]: disconnect from localhost > [127.0.0.1] Judging from your previous post where deliver tried to write to /root/Maildir/, I suppose your mail will be found in ~thufir/Maildir/new/ . Now Postfix is fine, Dovecot seems to be fine also. Your remaining issue is with "mail". If it's old BSD mailx, that is not very configurable. Consider other choices, such as mutt, alpine, or Heirloom mailx. -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if "/dev/rob0" is in the Subject: From hawat.thufir at gmail.com Sat Nov 17 05:06:47 2012 From: hawat.thufir at gmail.com (Thufir) Date: Fri, 16 Nov 2012 19:06:47 -0800 Subject: [Dovecot] dovecot: lda(root): Fatal: Invalid user settings. Refer to In-Reply-To: <50A6E920.4040000@gmail.com> References: <50A6A678.2020601@gmail.com> <50A6E920.4040000@gmail.com> Message-ID: <50A6FF47.2030803@gmail.com> On Fri, 16 Nov 2012 19:58:55 -0600, /dev/rob0 wrote: > Judging from your previous post where deliver tried to write to > /root/Maildir/, I suppose your mail will be found in > ~thufir/Maildir/new/ > . > > Now Postfix is fine, Dovecot seems to be fine also. Your remaining issue > is with "mail". If it's old BSD mailx, that is not very configurable. > Consider other choices, such as mutt, alpine, or Heirloom mailx. Thanks, it's right there: thufir at dur:~$ thufir at dur:~$ ll Maildir/new/ total 20 drwx------ 2 thufir thufir 4096 Nov 16 18:56 ./ drwx------ 5 thufir thufir 4096 Nov 16 18:56 ../ -rw------- 1 thufir thufir 410 Nov 16 11:57 1353095866.M305477P3932.dur,S=410,W=422 -rw------- 1 thufir thufir 424 Nov 16 17:20 1353115248.M841336P2990.dur,S=424,W=436 -rw------- 1 thufir thufir 445 Nov 16 18:56 1353121003.M187706P3838.dur,S=445,W=457 thufir at dur:~$ thufir at dur:~$ nl Maildir/new/1353121003.M187706P3838.dur\,S\=445\,W\=457 1 Return-Path: <thufir at example.net> 2 X-Original-To: thufir at localhost 3 Delivered-To: thufir at localhost 4 Received: from me (localhost [127.0.0.1]) 5 by dur.bounceme.net (Postfix) with SMTP id 43D6F2A07C1 6 for <thufir at localhost>; Fri, 16 Nov 2012 18:55:55 -0800 (PST) 7 subject: to evolution mail 8 Message-Id: <20121117025613.43D6F2A07C1 at dur.bounceme.net> 9 Date: Fri, 16 Nov 2012 18:55:55 -0800 (PST) 10 From: thufir at example.net 11 we'll see if this goes through. thufir at dur:~$ and it even looks like Evolution's supported :) thanks again for the help with what turned not to be dovecot at all. -Thufir From dmiller at amfes.com Sat Nov 17 08:35:51 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Fri, 16 Nov 2012 22:35:51 -0800 Subject: [Dovecot] [BUMP] Unanswered: how to force FTS indexing? In-Reply-To: <m2zk2hnu3r.fsf@cube.luannocracy.com> References: <m2pq43k7n3.fsf@cone.luannocracy.com> <508C9C8A.8000309@hardwarefreak.com> <m2vcdpfkz7.fsf@cone.luannocracy.com> <m2zk2knsnf.fsf_-_@cone.luannocracy.com> <50A5B666.9090507@amfes.com> <m2zk2hnu3r.fsf@cube.luannocracy.com> Message-ID: <assp.166829000f.50A73047.7080706@amfes.com> On 11/16/2012 12:58 PM, Dave Abrahams wrote: > on Thu Nov 15 2012, "Daniel L. Miller" <dmiller-AT-amfes.com> wrote: > >> On 11/14/2012 6:52 AM, Dave Abrahams wrote: >>> Does anyone have an answer to this question? Should I simply issue an >>> IMAP search command, or is there a better way? >>> >> Put this in a cron script: >> >> doveadm search -A text zyxabcxyz > /dev/null >> >> That will perform a search through every mailbox on the system, >> indexing as it goes. The search query is unlikely to return much in >> the way of results, so log files won't fill up much. > That actually doesn't work for me. "doveadm index ..." does, though. > Use whatever works for you. The problem (for me) with "doveadm index" is it only works with the specified mailboxes. It can be done for all users - but only designated mailboxes. So a "doveadm index -A INBOX" will scan all inboxes - but none of the other folders. The search command I showed performs a recursive search that hits everything. -- Daniel From e-frog at gmx.de Sat Nov 17 09:27:36 2012 From: e-frog at gmx.de (e-frog) Date: Sat, 17 Nov 2012 08:27:36 +0100 Subject: [Dovecot] [BUMP] Unanswered: how to force FTS indexing? In-Reply-To: <assp.166829000f.50A73047.7080706@amfes.com> References: <m2pq43k7n3.fsf@cone.luannocracy.com> <508C9C8A.8000309@hardwarefreak.com> <m2vcdpfkz7.fsf@cone.luannocracy.com> <m2zk2knsnf.fsf_-_@cone.luannocracy.com> <50A5B666.9090507@amfes.com> <m2zk2hnu3r.fsf@cube.luannocracy.com> <assp.166829000f.50A73047.7080706@amfes.com> Message-ID: <50A73C68.1030307@gmx.de> On 17.11.2012 07:35, wrote Daniel L. Miller: > On 11/16/2012 12:58 PM, Dave Abrahams wrote: >> on Thu Nov 15 2012, "Daniel L. Miller" <dmiller-AT-amfes.com> wrote: >> >>> On 11/14/2012 6:52 AM, Dave Abrahams wrote: >>>> Does anyone have an answer to this question? Should I simply issue an >>>> IMAP search command, or is there a better way? >>>> >>> Put this in a cron script: >>> >>> doveadm search -A text zyxabcxyz > /dev/null >>> >>> That will perform a search through every mailbox on the system, >>> indexing as it goes. The search query is unlikely to return much in >>> the way of results, so log files won't fill up much. >> That actually doesn't work for me. "doveadm index ..." does, though. >> > > Use whatever works for you. The problem (for me) with "doveadm index" > is it only works with the specified mailboxes. It can be done for all > users - but only designated mailboxes. So a "doveadm index -A INBOX" > will scan all inboxes - but none of the other folders. The following works for me: doveadm index -A "*" > The search > command I showed performs a recursive search that hits everything. > From tim at titan21.co.uk Sat Nov 17 18:23:40 2012 From: tim at titan21.co.uk (Tim Smith) Date: Sat, 17 Nov 2012 16:23:40 +0000 Subject: [Dovecot] Different Mechanism for POP3 Message-ID: <50A7BA0C.7010207@titan21.co.uk> Just wondered if there was a way of making the PLAIN an authentication method for POP3S transactions only without making this an option for IMAP? I am attempting to connect to a POP3S server through the GMail interface available through "Accounts and Import". The issue is that there does not seem to be an option to specify the type of mechanism within their interface so I think I have to offer PLAIN along with SSL. Has anyone else had any experience of using the GMail import settings? -- Tim Smith Tel: 01423 564 078 Mob: 07984 398 299 Email: info at titan21.co.uk Web: www.titan21.co.uk From h.reindl at thelounge.net Sat Nov 17 21:55:49 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Sat, 17 Nov 2012 20:55:49 +0100 Subject: [Dovecot] Different Mechanism for POP3 In-Reply-To: <50A7BA0C.7010207@titan21.co.uk> References: <50A7BA0C.7010207@titan21.co.uk> Message-ID: <50A7EBC5.80303@thelounge.net> Am 17.11.2012 17:23, schrieb Tim Smith: > Just wondered if there was a way of making the PLAIN an authentication method for POP3S transactions only without > making this an option for IMAP? I am attempting to connect to a POP3S server through the GMail interface available > through "Accounts and Import". The issue is that there does not seem to be an option to specify the type of > mechanism within their interface so I think I have to offer PLAIN along with SSL. Has anyone else had any > experience of using the GMail import settings? why not simply allow PLAIN at all? nearly all modern clients are using CRAM-MD5 as default if offered as also SSL/TLS if offered - let your users decide which mech they are using, really, some of them my use whatever sync-tools like imapsync or whatever which should not bother you at all -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 261 bytes Desc: OpenPGP digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121117/198cf0b1/attachment.bin> From raan at graand-visions.com Sun Nov 18 00:31:26 2012 From: raan at graand-visions.com (Raan Young) Date: Sat, 17 Nov 2012 14:31:26 -0800 Subject: [Dovecot] couple questions about dovecot Message-ID: <000001cdc513$4831dbd0$d8959370$@graand-visions.com> I am attempting to migrate an ancient IMAP server to Dovecot 2.0.9 running on CentOS 6.3, while trying to minimize the impact on users. Most are using Outlook. I have everything working, but have run into a couple of problems, neither horrible, but both weird. It started when I noticed Outlook shows the .subscriptions file in the folder listing. I figured out a way to prevent that (see below), but then decided to attempt the same tactic to move the .imap index structure out of the folder tree and ran into an interesting side-effect. The .subscriptions issue would seem to be a bug, since the documentation I found implies Dovecot should be hiding it from list requests - as it does for the .imap index structure. I made a workaround by using the below mail_location setting. This puts the .subscriptions file above the imap folder structure and hence outside the list scope. mail_location = mbox:~/imap:INBOX=~/mbox:CONTROL=~:INDEX=~/.imap You'll note I have also moved the .imap index. This works, but the full path to the index files has extra layers of .imap. For example, if a folder tree of imap/A/B/C/D exists, where D is the actual mbox format message file, then the index files are stored in .imap/A/B/C/.imap/D. Don't know if this is a bug or I'm misunderstanding something. Can you provide any insight or better solutions for either issue? Some clients are also using iPhones and/or roundcubemail for web access. Those do not have the .subscriptions issue. Raan From andre.bischof at rheinsinn.de Sun Nov 18 15:32:52 2012 From: andre.bischof at rheinsinn.de (Andre Bischof) Date: Sun, 18 Nov 2012 14:32:52 +0100 Subject: [Dovecot] users mail folders have to be subscribed Message-ID: <CADLvNSZJJgET1PGdPjZEnt4zrc0UPX15=FZQ2SihK+aUQz8ZZQ@mail.gmail.com> Hi, I did a migration from cyrus 2.2 to dovecot (fresh installation, details below) via cyrus2dovecot from FU Berlin. That worked, but I first was missing mails in subfolders ander Inbox. No I detected that they are in the users Maildir in folders in his directory. They are listed when using telnet: * LIST (\HasChildren) "." "INBOX.ebay" * LIST (\HasNoChildren) "." "INBOX.ebay.xj" But they are not shown in thunderbird, I have to subscribe to them one by one. I probably did something wrong and maybe messed up with namespace and seperator settings - it would be great if one could lead me out of that. The wiki was a great help installing and configuring everything, but now I'm stuck. I use dovecot 2.1.7 under Ubuntu 12.10: # dovecot -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.5.0-18-generic x86_64 Ubuntu 12.10 auth_verbose = yes mail_debug = yes mail_location = maildir:~/Maildir managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation s ubaddress comparator-i;ascii-numeric relational regex imap4flags copy include variab les body enotify environment mailbox date ihave namespace inbox { inbox = yes list = yes location = prefix = separator = . type = private } passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } postmaster_address = postmaster at localhost protocols = imap pop3 sieve service auth { unix_listener /var/spool/postfix/private/dovecot-auth { group = postfix mode = 0660 user = postfix } } ssl_cert = </etc/ssl/certs/dovecot.pem ssl_cipher_list = ALL:!LOW:!SSLv2:ALL:!aNULL:!ADH:!eNULL:!EXP:RC4+RSA:+HIGH:+MEDIUM ssl_key = </etc/ssl/private/dovecot.pem userdb { driver = passwd } protocol imap { imap_client_workarounds = delay-newmail mail_max_userip_connections = 10 } protocol pop3 { mail_max_userip_connections = 10 pop3_client_workarounds = outlook-no-nuls oe-ns-eoh } } ssl_cert = </etc/ssl/certs/dovecot.pem ssl_cipher_list = ALL:!LOW:!SSLv2:ALL:!aNULL:!ADH:!eNULL:!EXP:RC4+RSA:+HIGH:+MEDIUM ssl_key = </etc/ssl/private/dovecot.pem userdb { driver = passwd } protocol imap { imap_client_workarounds = delay-newmail mail_max_userip_connections = 10 } protocol pop3 { mail_max_userip_connections = 10 pop3_client_workarounds = outlook-no-nuls oe-ns-eoh } protocol lda { deliver_log_format = msgid=%m: %$ mail_plugins = sieve sieve postmaster_address = postmaster quota_full_tempfail = yes rejection_reason = Your message to <%t> was automatically rejected:%n%r } Any help is greatly appreciated! Regards Andre From CMarcus at Media-Brokers.com Sun Nov 18 16:18:23 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Sun, 18 Nov 2012 09:18:23 -0500 Subject: [Dovecot] Different Mechanism for POP3 In-Reply-To: <50A7EBC5.80303@thelounge.net> References: <50A7BA0C.7010207@titan21.co.uk> <50A7EBC5.80303@thelounge.net> Message-ID: <50A8EE2F.8010407@Media-Brokers.com> On 2012-11-17 2:55 PM, Reindl Harald <h.reindl at thelounge.net> wrote: > Am 17.11.2012 17:23, schrieb Tim Smith: >> Just wondered if there was a way of making the PLAIN an authentication method for POP3S transactions only without making this an option for IMAP? I am attempting to connect to a POP3S server through the GMail interface available through "Accounts and Import". The issue is that there does not seem to be an option to specify the type of mechanism within their interface so I think I have to offer PLAIN along with SSL. Has anyone else had any experience of using the GMail import settings? > why not simply allow PLAIN at all? +1... as long as you only allow encrypted sessions, there is no security danger allowing PLAIN... -- Best regards, Charles From stroetgen at gei.de Sun Nov 18 16:54:00 2012 From: stroetgen at gei.de (=?ISO-8859-1?Q?Robert_Str=F6tgen?=) Date: Sun, 18 Nov 2012 15:54:00 +0100 Subject: [Dovecot] panic fts_solr for bad attachment Message-ID: <50A8F688.2040802@gei.de> Hi! I use dovecot 2.1.7 on Ubuntu 12.10 with fts_solr und decode2text.sh for indexing attachments. This works great in general. Just for one user there is a problem with an unknown bad attachment. I run "doveadm index -A '*'". After a while I receive: doveadm(xyz): Error: fts_solr: Invalid XML input at line 1: mismatched tag doveadm(xyz): Panic: file solr-connection.c: line 545 (solr_connection_post_more): assertion failed: (maxfd >= 0) doveadm(xyz): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x3c14a) [0x7f7ce2c1714a] -> /usr/lib/dovecot/libdovecot.so.0(default_fatal_handler+0x2a) [0x7f7ce2c1720a] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f7ce2bee81a] -> /usr/lib/dovecot/modules/lib21_fts_solr_plugin.so(solr_connection_post_more+0x249) [0x7f7ce11913a9] -> /usr/lib/dovecot/modules/lib21_fts_solr_plugin.so(+0x4597) [0x7f7ce118e597] -> /usr/lib/dovecot/modules/lib20_fts_plugin.so(+0x6f57) [0x7f7ce159df57] -> /usr/lib/dovecot/modules/lib20_fts_plugin.so(fts_build_mail+0xf5) [0x7f7ce159e085] -> /usr/lib/dovecot/modules/lib20_fts_plugin.so(+0xba70) [0x7f7ce15a2a70] -> doveadm(+0x15309) [0x7f7ce35cc309] -> doveadm(+0x11f36) [0x7f7ce35c8f36] -> doveadm(+0x12bf1) [0x7f7ce35c9bf1] -> doveadm(doveadm_mail_try_run+0x161) [0x7f7ce35c9ed1] -> doveadm(main+0x3d1) [0x7f7ce35c8ae1] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed) [0x7f7ce283d76d] -> doveadm(+0x11d15) [0x7f7ce35c8d15] In catalina out I find: Nov 18, 2012 2:59:09 PM org.apache.solr.common.SolrException log SEVERE: org.apache.solr.common.SolrException: Invalid UTF-8 start byte 0xfc (at char #25214836, byte #26687495) at org.apache.solr.handler.XMLLoader.load(XMLLoader.java:81) at org.apache.solr.handler.ContentStreamHandlerBase.handleRequestBody(ContentStreamHandlerBase.java:58) at org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:129) at org.apache.solr.core.SolrCore.execute(SolrCore.java:1376) at org.apache.solr.servlet.SolrDispatchFilter.execute(SolrDispatchFilter.java:365) at org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:260) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.apache.catalina.valves.RequestFilterValve.process(RequestFilterValve.java:316) at org.apache.catalina.valves.RemoteAddrValve.invoke(RemoteAddrValve.java:81) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:859) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:602) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489) at java.lang.Thread.run(Thread.java:722) Caused by: com.ctc.wstx.exc.WstxIOException: Invalid UTF-8 start byte 0xfc (at char #25214836, byte #26687495) at com.ctc.wstx.sr.StreamScanner.constructFromIOE(StreamScanner.java:625) at com.ctc.wstx.sr.StreamScanner.loadMore(StreamScanner.java:994) at com.ctc.wstx.sr.StreamScanner.getNext(StreamScanner.java:754) at com.ctc.wstx.sr.BasicStreamReader.nextFromTree(BasicStreamReader.java:2691) at com.ctc.wstx.sr.BasicStreamReader.next(BasicStreamReader.java:1065) at org.apache.solr.handler.XMLLoader.readDoc(XMLLoader.java:309) at org.apache.solr.handler.XMLLoader.processUpdate(XMLLoader.java:156) at org.apache.solr.handler.XMLLoader.load(XMLLoader.java:79) ... 19 more Caused by: java.io.CharConversionException: Invalid UTF-8 start byte 0xfc (at char #25214836, byte #26687495) at com.ctc.wstx.io.UTF8Reader.reportInvalidInitial(UTF8Reader.java:303) at com.ctc.wstx.io.UTF8Reader.read(UTF8Reader.java:189) at com.ctc.wstx.io.ReaderSource.readInto(ReaderSource.java:87) at com.ctc.wstx.io.BranchingReaderSource.readInto(BranchingReaderSource.java:57) at com.ctc.wstx.sr.StreamScanner.loadMore(StreamScanner.java:988) ... 25 more doveadm index stops after this error. How can I make doveadm just to skip the error and to continue indexing? Thanks Robert -- Robert Str?tgen Abteilungsleiter Informationsmanagement und Publikationen Georg-Eckert-Institut f?r internationale Schulbuchforschung Celler Str. 3 38114 Braunschweig Tel. +49 (0)531 59099-47 & +49 (0)531 123103-205 Fax +49 (0)531 59099-99 http://www.gei.de/ From dave at boostpro.com Sun Nov 18 16:57:28 2012 From: dave at boostpro.com (Dave Abrahams) Date: Sun, 18 Nov 2012 09:57:28 -0500 Subject: [Dovecot] [BUMP] Unanswered: how to force FTS indexing? References: <m2pq43k7n3.fsf@cone.luannocracy.com> <508C9C8A.8000309@hardwarefreak.com> <m2vcdpfkz7.fsf@cone.luannocracy.com> <m2zk2knsnf.fsf_-_@cone.luannocracy.com> <50A5B666.9090507@amfes.com> <m2zk2hnu3r.fsf@cube.luannocracy.com> <assp.166829000f.50A73047.7080706@amfes.com> Message-ID: <m2k3tjgdrb.fsf@boostpro.com> on Sat Nov 17 2012, "Daniel L. Miller" <dmiller-AT-amfes.com> wrote: > On 11/16/2012 12:58 PM, Dave Abrahams wrote: >> on Thu Nov 15 2012, "Daniel L. Miller" <dmiller-AT-amfes.com> wrote: >> >>> On 11/14/2012 6:52 AM, Dave Abrahams wrote: >>>> Does anyone have an answer to this question? Should I simply issue an >>>> IMAP search command, or is there a better way? >>>> >>> Put this in a cron script: >>> >>> doveadm search -A text zyxabcxyz > /dev/null >>> >>> That will perform a search through every mailbox on the system, >>> indexing as it goes. The search query is unlikely to return much in >>> the way of results, so log files won't fill up much. >> That actually doesn't work for me. "doveadm index ..." does, though. >> > > Use whatever works for you. The problem (for me) with "doveadm index" > is it only works with the specified mailboxes. It can be done for all > users - but only designated mailboxes. So a "doveadm index -A INBOX" > will scan all inboxes - but none of the other folders. The search > command I showed performs a recursive search that hits everything. I take it back; I'm not sure if "doveadm search" causes re-indexing. However, I *know* issuing a search command from a Python IMAP library doesn't do so. -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From zaphod at tdl.com Sun Nov 18 18:04:57 2012 From: zaphod at tdl.com (Chuck Cochems) Date: Sun, 18 Nov 2012 09:04:57 -0700 Subject: [Dovecot] whoson plugin for 2.0 In-Reply-To: <50A6CF8A.40202@localhost.localdomain.org> References: <50A5B2B2.40409@tdl.com> <50A68BA7.4080500@localhost.localdomain.org> <50A6BC6A.6070504@tdl.com> <50A6CF8A.40202@localhost.localdomain.org> Message-ID: <50A90729.7000608@tdl.com> On 11/16/2012 4:43 PM, Pascal Volk wrote: > On 11/16/2012 11:21 PM Chuck Cochems wrote: >> ? >> I need to return both the IP and the email address as a string to drop >> it into the old code. >> ? > > You could check the code of the `doveadm who` command > <http://wiki2.dovecot.org/Tools/Doveadm/Who>. It shows both, the user > name and the IP address. That's not much better... I just want the bare minimum of code to do this. The 1.x code was so simple, and i just want a 2.0 equivalent. is that so wrong? :) WHy the heck did they remove those incredibly useful environment variables anyway? From survietamine.droid at gmail.com Sun Nov 18 21:12:38 2012 From: survietamine.droid at gmail.com (Surviet Amine) Date: Sun, 18 Nov 2012 20:12:38 +0100 Subject: [Dovecot] advices for a new installation Message-ID: <CAORAmk2r51CUziuDDAiWRJNeHueyb_SW159mxxi4DixHJ7Zi0g@mail.gmail.com> hello everyone, first of all, please forgive my bad english skill, I live in France. On our "old" Dovecot 1.x architecture, we have NFS shares between the front servers (MTA, IMAP...) and mail storage server. I've read some wiki2 pages that present the new director and imap proxy. But I'm still don't see things clearly, so I post here to have your advices to set-up a new mail architecture. The hardware we have : - 24x hard drives in a SAS bay - this bay is directly attached via SAS to a server that I'll call : mail storage server - 2 others servers run ProxMox Virtual Environment The PVE will help us to get many virtual servers : - MX : "mail in" servers - IMAP/POP : our hosted clients services These clients may come from webmail (RoundCube) and others clients (Outlook, Thunderbird, mobile clients...) - RoundCube webmail - MySQL server (hosts in databases accounts and settings for Postfix, Dovecot and RoundCube) - maybe antivirus and antispam servers I've read several threads about NFS and IMAP issues. So I decided to not keeping it. In this scenario, I've tried for the mail receiving part : - front-end (postfix lmtp-client) to mail storage server (lmtp server) that seems to runs fine, now i'll must try to add antispam and antivirus scans Now, for the IMAP part, could you, please tell me, if it is better to : - have several IMAP frontend servers that proxy to the mail storage server or - still keeps NFS between the mail storage server and the frontends Dovecot ? On our Dovecot 1.x webmail use imapproxy. I've read that others proxies exist. We have used for a limited time Perdition. What is the differences between imapproxy, Perdition, nginx imap proxy and Dovecot proxy ? Thanks for sharing your experience of "large mail service" that are solid enought to be scaled. From daniel.parthey at informatik.tu-chemnitz.de Sun Nov 18 21:38:22 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sun, 18 Nov 2012 20:38:22 +0100 Subject: [Dovecot] users mail folders have to be subscribed In-Reply-To: <CADLvNSZJJgET1PGdPjZEnt4zrc0UPX15=FZQ2SihK+aUQz8ZZQ@mail.gmail.com> References: <CADLvNSZJJgET1PGdPjZEnt4zrc0UPX15=FZQ2SihK+aUQz8ZZQ@mail.gmail.com> Message-ID: <20121118193822.GA7565@daniel.localdomain> Andre Bischof wrote: > I did a migration from cyrus 2.2 to dovecot (fresh installation, details > below) via cyrus2dovecot from FU Berlin. That worked, but I first was > missing mails in subfolders ander Inbox. No I detected that they are in the > users Maildir in folders in his directory. They are listed when using > telnet: > > * LIST (\HasChildren) "." "INBOX.ebay" > * LIST (\HasNoChildren) "." "INBOX.ebay.xj" > > But they are not shown in thunderbird, I have to subscribe to them one by > one. I probably did something wrong and maybe messed up with namespace and > seperator settings - it would be great if one could lead me out of that. > The wiki was a great help installing and configuring everything, but now > I'm stuck. Unsubscribed mailboxes are not shown in thunderbird, while subscriptions being stored server side, not in your local thunderbird. You can use this command to subscribe one or more mailboxes: doveadm mailbox subscribe [-A|-u user] [-S socket_path] mailbox ... This should subscribe all mailboxes of a specific user (-A for all users): doveadm mailbox subscribe -u user at example.com "*" You can set this configuration option to auto-subscribe new folders: lda_mailbox_autosubscribe = yes Regards Daniel -- https://plus.google.com/103021802792276734820 From andre.bischof at rheinsinn.de Mon Nov 19 00:29:25 2012 From: andre.bischof at rheinsinn.de (Andre Bischof) Date: Sun, 18 Nov 2012 23:29:25 +0100 Subject: [Dovecot] users mail folders have to be subscribed In-Reply-To: <20121118193822.GA7565@daniel.localdomain> References: <CADLvNSZJJgET1PGdPjZEnt4zrc0UPX15=FZQ2SihK+aUQz8ZZQ@mail.gmail.com> <20121118193822.GA7565@daniel.localdomain> Message-ID: <CADLvNSZQCRDenkENPHc9wkv6BHaoA+rfsVoy_53r2SSpoCc_PA@mail.gmail.com> 2012/11/18 Daniel Parthey <daniel.parthey at informatik.tu-chemnitz.de> > Andre Bischof wrote: > > I did a migration from cyrus 2.2 to dovecot (fresh installation, details > > below) via cyrus2dovecot from FU Berlin. That worked, but I first was > > missing mails in subfolders ander Inbox. No I detected that they are in > the > > users Maildir in folders in his directory. They are listed when using > > telnet: > > > > * LIST (\HasChildren) "." "INBOX.ebay" > > * LIST (\HasNoChildren) "." "INBOX.ebay.xj" > > > > But they are not shown in thunderbird, I have to subscribe to them one by > > one. I probably did something wrong and maybe messed up with namespace > and > > seperator settings - it would be great if one could lead me out of that. > > The wiki was a great help installing and configuring everything, but now > > I'm stuck. > > Unsubscribed mailboxes are not shown in thunderbird, while subscriptions > being stored server side, not in your local thunderbird. > > Hi Daniel, thank you, I guess that will be helpful - but before trying it, I would like to get one thing clear, which could be the reason for my misunderstandings: IMHO I don't need any subscriptions, I would like to appear the imported cyrus folders and subfolders as subfolders in dovecot. The directory structure seperated by '.' in the folders names in my Maildir is exactly how I would like to have it in Thunderbird. Do I need subscriptions for that (I always thought subscriptions are to subscribe to other users folders, shared by them) or should I have that any other way? > You can use this command to subscribe one or more mailboxes: > doveadm mailbox subscribe [-A|-u user] [-S socket_path] mailbox ... > > This should subscribe all mailboxes of a specific user (-A for all users): > doveadm mailbox subscribe -u user at example.com "*" > > You can set this configuration option to auto-subscribe new folders: > lda_mailbox_autosubscribe = yes > > I will set this, thanks. Regards Andre From daniel.parthey at informatik.tu-chemnitz.de Mon Nov 19 00:59:40 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sun, 18 Nov 2012 23:59:40 +0100 Subject: [Dovecot] users mail folders have to be subscribed In-Reply-To: <CADLvNSZQCRDenkENPHc9wkv6BHaoA+rfsVoy_53r2SSpoCc_PA@mail.gmail.com> References: <CADLvNSZJJgET1PGdPjZEnt4zrc0UPX15=FZQ2SihK+aUQz8ZZQ@mail.gmail.com> <20121118193822.GA7565@daniel.localdomain> <CADLvNSZQCRDenkENPHc9wkv6BHaoA+rfsVoy_53r2SSpoCc_PA@mail.gmail.com> Message-ID: <20121118225940.GA7581@daniel.localdomain> Andre Bischof wrote: > 2012/11/18 Daniel Parthey <daniel.parthey at informatik.tu-chemnitz.de> > > Unsubscribed mailboxes are not shown in thunderbird, while subscriptions > > being stored server side, not in your local thunderbird. > > IMHO I don't need any subscriptions, I would like to appear the imported > cyrus folders and subfolders as subfolders in dovecot. The directory > structure seperated by '.' in the folders names in my Maildir is exactly > how I would like to have it in Thunderbird. No, strictly speaking you don't need subscriptions, but Thunderbird is configured to display only subscribed folders by default. You can configure thunderbird to not use subscriptions: Edit > Settings > Edit configuration mail.server.default.using_subscription false Under Account Settings > Server Settings > Extended you have the possibility to only display subscribed folders. So you might want to remove the checkmark in order to display even unsubscribed folders. Regards Daniel -- https://plus.google.com/103021802792276734820 From sven at svenhartge.de Mon Nov 19 01:03:18 2012 From: sven at svenhartge.de (Sven Hartge) Date: Mon, 19 Nov 2012 00:03:18 +0100 Subject: [Dovecot] users mail folders have to be subscribed References: <CADLvNSZJJgET1PGdPjZEnt4zrc0UPX15=FZQ2SihK+aUQz8ZZQ@mail.gmail.com> <20121118193822.GA7565@daniel.localdomain> <CADLvNSZQCRDenkENPHc9wkv6BHaoA+rfsVoy_53r2SSpoCc_PA@mail.gmail.com> Message-ID: <899ee7qld4v8@mids.svenhartge.de> Andre Bischof <andre.bischof at rheinsinn.de> wrote: > 2012/11/18 Daniel Parthey <daniel.parthey at informatik.tu-chemnitz.de> >> Unsubscribed mailboxes are not shown in thunderbird, while subscriptions >> being stored server side, not in your local thunderbird. > thank you, I guess that will be helpful - but before trying it, I > would like to get one thing clear, which could be the reason for my > misunderstandings: > IMHO I don't need any subscriptions, I would like to appear the > imported cyrus folders and subfolders as subfolders in dovecot. The > directory structure seperated by '.' in the folders names in my > Maildir is exactly how I would like to have it in Thunderbird. > Do I need subscriptions for that (I always thought subscriptions are > to subscribe to other users folders, shared by them) or should I have > that any other way? "supscription" in IMAP-speak is the server telling the client: show this folder to the user. There is no differentiation between your folders an other users folders. Your problem is that during your conversion from cyrus to dovecot your subscriptions got lost. Maybe because the folder structure changed and no longer matches the server-stored subscription or because the server-stored subscription was not converted at all. Gr??e, S? -- Sigmentation fault. Core dumped. From nicolas.kowalski at gmail.com Mon Nov 19 12:09:48 2012 From: nicolas.kowalski at gmail.com (Nicolas KOWALSKI) Date: Mon, 19 Nov 2012 11:09:48 +0100 Subject: [Dovecot] Initial status notification not received In-Reply-To: <20121116141259.GA9371@petole.demisel.net> References: <20121116141259.GA9371@petole.demisel.net> Message-ID: <20121119100948.GA19772@petole.demisel.net> Hello, Has anybody some suggestions about the problem below? I see in the archives (http://thread.gmane.org/gmane.mail.imap.dovecot/67077) that someone also has (had?) this problem; a cronjob workaround was used, but no dovecot solution was given. Thanks, Nicolas On Fri, Nov 16, 2012 at 03:12:59PM +0100, Nicolas KOWALSKI wrote: > Hello, > > We have SLES-11 SP2 Xen VMs running dovecot as IMAP proxies. At VMs > startup, dovecot almost always shows these errors: > > Nov 16 14:29:19 server dovecot: master: Dovecot v2.1.10 starting up (core dumps disabled) > Nov 16 14:29:55 server dovecot: master: Error: service(anvil): Initial status notification not received in 30 seconds, killing the process > Nov 16 14:29:55 server dovecot: master: Error: service(log): Initial status notification not received in 30 seconds, killing the process > Nov 16 14:29:55 server dovecot: master: Error: service(ssl-params): Initial status notification not received in 30 seconds, killing the process > Nov 16 14:29:55 server dovecot: master: Error: service(log): child 3591 killed with signal 9 > > As the last line tells, dovecot stops logging information. We have to > restart the dovecot processes to get back normal behaviour. I also tried > to set idle_kill values to services definitions, without success. > > Is there a way to prevent these errors? > > > Here is the dovecot -n output: > > # 2.1.10: /etc/dovecot/dovecot.conf > # OS: Linux 3.0.42-0.7-xen x86_64 SUSE Linux Enterprise Server 11 > (x86_64) > default_client_limit = 4096 > default_idle_kill = 5 mins > default_process_limit = 16384 > listen = 10.254.251.18 > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = > } > passdb { > args = /etc/dovecot/dovecot-ldap.conf.ext > driver = ldap > } > plugin { > sieve = ~/.dovecot.sieve > sieve_dir = ~/sieve > } > protocols = imap sieve > service anvil { > client_limit = 65536 > idle_kill = 0 > } > service auth { > client_limit = 32768 > } > service imap-login { > inet_listener imap { > port = 0 > } > } > service imap { > process_limit = 0 > } > service log { > idle_kill = 0 > } > service managesieve { > process_limit = 0 > } > service ssl-params { > idle_kill = 0 > } > ssl_ca = </etc/dovecot/ssl/ca.pem > ssl_cert = </etc/dovecot/ssl/server-crt.pem > ssl_key = </etc/dovecot/ssl/server-key.pem > userdb { > args = /etc/dovecot/dovecot-ldap.conf.ext > driver = ldap > } > protocol sieve { > passdb { > args = /etc/dovecot/dovecot-ldap-sieve.conf.ext > driver = ldap > } > } > > > Thanks, > -- > Nicolas -- Nicolas From andre.bischof at rheinsinn.de Mon Nov 19 12:27:47 2012 From: andre.bischof at rheinsinn.de (Andre Bischof) Date: Mon, 19 Nov 2012 11:27:47 +0100 Subject: [Dovecot] users mail folders have to be subscribed In-Reply-To: <899ee7qld4v8@mids.svenhartge.de> References: <CADLvNSZJJgET1PGdPjZEnt4zrc0UPX15=FZQ2SihK+aUQz8ZZQ@mail.gmail.com> <20121118193822.GA7565@daniel.localdomain> <CADLvNSZQCRDenkENPHc9wkv6BHaoA+rfsVoy_53r2SSpoCc_PA@mail.gmail.com> <899ee7qld4v8@mids.svenhartge.de> Message-ID: <CADLvNSayLhZ39zjvmBqpkYOteFTbdWAMrTGNnD=LrSLRE59-pQ@mail.gmail.com> Sven, Daniel, 2012/11/19 Sven Hartge <sven at svenhartge.de> > Andre Bischof <andre.bischof at rheinsinn.de> wrote: > > 2012/11/18 Daniel Parthey <daniel.parthey at informatik.tu-chemnitz.de> > ... > > "supscription" in IMAP-speak is the server telling the client: show this > folder to the user. > > There is no differentiation between your folders an other users folders. > > Your problem is that during your conversion from cyrus to dovecot your > subscriptions got lost. Maybe because the folder structure changed and > no longer matches the server-stored subscription or because the > server-stored subscription was not converted at all. > > Ah, now I understand. Thanks to Daniel I now know how I could tune Thunderbird accordingly, but I prefer to have it solved server-side, thus not tweaking every client I use from different computers. Sven, I believe subscription have been lost while converting from cyrus to dovecot, and I understand that I should use the commands shown by Daniel to subscribe this folders one time server side, and my problems should be solved no matter which clients I use (I put lda_mailbox_autosubscribe = yes already): doveadm mailbox subscribe -u user at example.com "*" One more question: Should the user for "-u" be the system user the mailboxes belong to or has the user to be written in form of an email adress (user at localhost / user at n.dyndns.org)? Regards From Benoit.Branciard at univ-paris1.fr Mon Nov 19 14:06:50 2012 From: Benoit.Branciard at univ-paris1.fr (Benoit Branciard) Date: Mon, 19 Nov 2012 13:06:50 +0100 Subject: [Dovecot] upgrade 1.0.15 -> 2.1.7: MBOX index compatibility and performance Message-ID: <50AA20DA.1060406@univ-paris1.fr> Hi, we just upgraded our mailserver from Dovecot 1.0.15 to Dovecot 2.1.7. We use MBOX format (due to legacy compatibility), system users, PAM+GSSAPI auth, filesystem quotas, and indexes located on a separate filesystem: mail_location = mbox:~/mail:INBOX=~/mail/INBOX:INDEX=/var/cache/dovecot/indexes/%16Hu/%u The 2.1.7 configuration files have been rewritten based on default templates instead of converting it from 1.0.15. The server has ~8000 mailboxes and about ~2000 simultaneous IMAP/POP active connexions. The problem is: - indexes seem to be rebuilt: first IMAP/POP connexion for each user thows lots of error messages in the log, and the global index size decreases. Example error log: Nov 19 08:56:38 myhost dovecot: imap(myuser): Error: Cached message size larger than expected (27884 > 27855) Nov 19 08:56:38 myhost dovecot: imap(myuser): Error: Corrupted index cache file /var/cache/dovecot/indexes/4/myuser/.imap/INBOX/dovecot.index.cache: Broken physical size for mail UID 4414 Nov 19 08:56:38 myhost dovecot: imap(myuser): Error: Cached message size larger than expected (27884 > 27855) Nov 19 08:56:38 myhost dovecot: imap(myuser): Error: Corrupted index cache file /var/cache/dovecot/indexes/4/myuser/.imap/INBOX/dovecot.index.cache: Broken physical size for mail UID 4414 Nov 19 08:56:38 myhost dovecot: imap(myuser): Error: Cached message size larger than expected (27884 > 27855) Nov 19 08:56:38 myhost dovecot: imap(myuser): Error: Corrupted index cache file /var/cache/dovecot/indexes/4/myuser/.imap/INBOX/dovecot.index.cache: Broken physical size for mail UID 4414 Nov 19 08:56:38 myhost dovecot: imap(myuser): Error: Cached message size larger than expected (27884 > 27855) Nov 19 08:56:38 myhost dovecot: imap(myuser): Error: Corrupted index cache file /var/cache/dovecot/indexes/4/myuser/.imap/INBOX/dovecot.index.cache: Broken physical size for mail UID 4414 Nov 19 08:56:38 myhost dovecot: imap(myuser): Error: copy: i_stream_read() failed: Input/output error Nov 19 08:56:38 myhost dovecot: imap(myuser): Error: Cached message size larger than expected (27884 > 27855) Nov 19 08:56:38 myhost dovecot: imap(myuser): Error: Corrupted index cache file /var/cache/dovecot/indexes/4/myuser/.imap/INBOX/dovecot.index.cache: Broken physical size for mail UID 4414 - load average is extremely high (more than 10x the usual one), resulting from an significant increase of disk I/O, and for now (4h after the "monday rush") this doesn't seem to decrease. Questions: - are 1.05 indexes supposed to be backward compatible with Dovecot 2.1.7 ? - are there some technical reasons which could explain the increase of disk I/O, apart from index rebuild ? -- Benoit BRANCIARD Service InfraStructures (SIS) - Direction du Syst?me d'Information (DSI) Universit? Paris 1 Panth?on-Sorbonne Centre Pierre Mend?s France B 406 - 90, rue de Tolbiac - 75634 Paris cedex 13 - France T?l : +33 1 44 07 89 68 - Fax : +33 1 44 07 89 66 Accueil t?l. : +33 1 44 07 89 65 Assistance : assistance-dsi at univ-paris1.fr Web : http://dsi.univ-paris1.fr -- Ce message a ete verifie par MailScanner pour des virus ou des polluriels et rien de suspect n'a ete trouve. From rgelfand2 at gmail.com Mon Nov 19 15:48:50 2012 From: rgelfand2 at gmail.com (Roman Gelfand) Date: Mon, 19 Nov 2012 08:48:50 -0500 Subject: [Dovecot] Data Store Synchronization Message-ID: <CAJbW+rnDSG3ee=-+g=x2Kx2VM=-6q6VB_Tn7gM0Yqw6RFdPvew@mail.gmail.com> Is there a way to synchronize dovecote mail store with another mail store, like zarafa, via imap or pop3? Thanks in advance From km at mathcs.emory.edu Mon Nov 19 16:02:27 2012 From: km at mathcs.emory.edu (Ken Mandelberg) Date: Mon, 19 Nov 2012 09:02:27 -0500 Subject: [Dovecot] fs_flush_file_handle_cache_dir: rmdir(/var/mail) AGAIN Message-ID: <50AA3BF3.6060802@mathcs.emory.edu> We are running Dovecot 2.0.12. It runs on only one server and /var/mail is local where all the INBOX's are stored. Users other IMAP folders are NFS mounted on the server. We see frequent Error: nfs_flush_file_handle_cache_dir: rmdir(/var/mail) failed: Device busy I know this error message has been around a long time. Should we still be seeing it on 2.0.12 with a local /var/mail. Perhaps the message is misleading and really complaining about folders other than INBOX that are NFS mounted. Our config has dovecot.conf:mail_nfs_index = no dovecot.conf:mail_nfs_storage = yes is that correct given the above? Also, does the flush error messages have any real consequences? My understanding is that the rmdir is meant to fail, just to force a flush. From rs at sys4.de Mon Nov 19 16:05:20 2012 From: rs at sys4.de (Robert Schetterer) Date: Mon, 19 Nov 2012 15:05:20 +0100 Subject: [Dovecot] Data Store Synchronization In-Reply-To: <CAJbW+rnDSG3ee=-+g=x2Kx2VM=-6q6VB_Tn7gM0Yqw6RFdPvew@mail.gmail.com> References: <CAJbW+rnDSG3ee=-+g=x2Kx2VM=-6q6VB_Tn7gM0Yqw6RFdPvew@mail.gmail.com> Message-ID: <50AA3CA0.5060507@sys4.de> Am 19.11.2012 14:48, schrieb Roman Gelfand: > Is there a way to synchronize dovecote mail store with another mail > store, like zarafa, via imap or pop3? > > Thanks in advance > depends "what" sync you goal search www for i.e imapsync getmail or more filesystem related rsync dsync Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From trusktr at gmail.com Mon Nov 19 16:17:33 2012 From: trusktr at gmail.com (/#!/JoePea) Date: Mon, 19 Nov 2012 06:17:33 -0800 Subject: [Dovecot] Dovecot sieve with postfix. Message-ID: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> Hi all, I can't get dovecot working with postfix. If I leave virtual_transport set to "virtual", I can send and receive messages just fine in roundcube. If I set virtual_transport to "dovecot", I can only send messages in roundcube, but incoming messages never arrive. Seems I can't get dovecot-lda to work. I need dovecot-lda in order for sieve filters to work. Any idea what I'm doing wrong? Here's `doveconf -n`: http://pastie.org/5401133 `postconf -n`: http://pastie.org/5401157 and `postconf -M`: http://pastie.org/5401177 Note: All I have to do is change virtual_transport = dovecot to virtual_transport = virtual and all will be fine, except for that I won't have sieve filtering which is what I really want. */#!/*JoePea From pipefab at mweb.co.za Mon Nov 19 17:49:43 2012 From: pipefab at mweb.co.za (Hendrik) Date: Mon, 19 Nov 2012 17:49:43 +0200 Subject: [Dovecot] Unsuscribe Message-ID: <006801cdc66d$7e971d60$7bc55820$@mweb.co.za> Please unsubscribe me From user+dovecot at localhost.localdomain.org Mon Nov 19 17:51:22 2012 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Mon, 19 Nov 2012 16:51:22 +0100 Subject: [Dovecot] Unsuscribe In-Reply-To: <006801cdc66d$7e971d60$7bc55820$@mweb.co.za> References: <006801cdc66d$7e971d60$7bc55820$@mweb.co.za> Message-ID: <50AA557A.2060001@localhost.localdomain.org> On 11/19/2012 04:49 PM Hendrik wrote: > Please unsubscribe me The header of your message contains: List-Unsubscribe: <http://dovecot.org/cgi-bin/mailman/options/dovecot>, <mailto:dovecot-request at dovecot.org?subject=unsubscribe> Regards, Pascal -- The trapper recommends today: defaced.1232416 at localdomain.org From h.reindl at thelounge.net Mon Nov 19 17:51:45 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Mon, 19 Nov 2012 16:51:45 +0100 Subject: [Dovecot] Unsuscribe In-Reply-To: <006801cdc66d$7e971d60$7bc55820$@mweb.co.za> References: <006801cdc66d$7e971d60$7bc55820$@mweb.co.za> Message-ID: <50AA5591.7060200@thelounge.net> Am 19.11.2012 16:49, schrieb Hendrik: > Please unsubscribe me whay do people not read nor understand welcome messages of mailing-lists? unsubscribe yourself because we can NOT and we want not too List-Unsubscribe: <http://dovecot.org/cgi-bin/mailman/options/dovecot>, <mailto:dovecot-request at dovecot.org?subject=unsubscribe> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 261 bytes Desc: OpenPGP digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121119/28da65a6/attachment.bin> From ben at morrow.me.uk Mon Nov 19 18:47:54 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Mon, 19 Nov 2012 16:47:54 +0000 Subject: [Dovecot] Dovecot sieve with postfix. In-Reply-To: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> References: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> Message-ID: <20121119164753.GK94077@anubis.morrow.me.uk> At 6AM -0800 on 19/11/12 you (/#!/JoePea) wrote: > > I can't get dovecot working with postfix. If I leave virtual_transport set > to "virtual", I can send and receive messages just fine in roundcube. If I > set virtual_transport to "dovecot", I can only send messages in roundcube, > but incoming messages never arrive. Seems I can't get dovecot-lda to work. > I need dovecot-lda in order for sieve filters to work. > > Any idea what I'm doing wrong? > > Here's `doveconf -n`: > http://pastie.org/5401133 > > `postconf -n`: > http://pastie.org/5401157 > > and `postconf -M`: > http://pastie.org/5401177 The only obvious thing I can see wrong there is that you have mail_plugins = " sieve" in dovecot.conf, which should be mail_plugins = sieve but I don't know that that would prevent delivery. Is Postfix deferring the message, or does it think it's been delivered? What do you see in your logs when a message is delivered (since you've redirected Dovecot away from syslog, you'd need to look at both Postfix's and Dovecot's logs)? What happens if you feed a message to dovecot-lda manually, as 'mailman'? Check the exitcode of lda and the logs, as well as seeing if the message was delivered. Since you've set up a dedicated transport for Dovecot, it would probably be worth using LMTP instead of the LDA. It should be more efficient, and since you're only using a single virtual user you can tell dovecot to run the LMTP server as 'mailman' instead of root. Ben From root at doctor.nl2k.ab.ca Sun Nov 18 02:23:43 2012 From: root at doctor.nl2k.ab.ca (Dave Shariff Yadallee - System Administrator a.k.a. The Root of the Problem) Date: Sat, 17 Nov 2012 17:23:43 -0700 Subject: [Dovecot] ACL and SSL Message-ID: <20121118002343.GA18703@doctor.nl2k.ab.ca> Finally got Dovecot to work on ports 100 and 143. I would like to a) Learn about ACL esp on port 110 as there are still yodellaks that try to brake in on port 110. b) Setting up separate SSL cert for imaps and pop3s. -- For effective Internet Etiquette and communications read http://catb.org/jargon/html/T/top-post.html, http://idallen.com/topposting.html & http://www.caliburn.nl/topposting.html -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From dfischer at fi4it.de Mon Nov 19 19:04:37 2012 From: dfischer at fi4it.de (Fi4IT - Daniel Fischer) Date: Mon, 19 Nov 2012 18:04:37 +0100 Subject: [Dovecot] Dovecot sieve with postfix. In-Reply-To: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> References: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> Message-ID: <50AA66A5.4050702@fi4it.de> Hello Joe, i use this: main.cf virtual_transport = dovecot master.cf dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient} /etc/dovecot/conf.d/15-lda.conf protocol lda { log_path = /var/log/sieve.log mail_plugins = acl sieve } and that works fine with my tested clients (tb,outlook,roundcube) daniel Am 19.11.2012 15:17, schrieb /#!/JoePea: > Hi all, > > I can't get dovecot working with postfix. If I leave virtual_transport set > to "virtual", I can send and receive messages just fine in roundcube. If I > set virtual_transport to "dovecot", I can only send messages in roundcube, > but incoming messages never arrive. Seems I can't get dovecot-lda to work. > I need dovecot-lda in order for sieve filters to work. > > Any idea what I'm doing wrong? > > Here's `doveconf -n`: > http://pastie.org/5401133 > > `postconf -n`: > http://pastie.org/5401157 > > and `postconf -M`: > http://pastie.org/5401177 > > Note: All I have to do is change virtual_transport = dovecot to > virtual_transport > = virtual and all will be fine, except for that I won't have sieve > filtering which is what I really want. > > */#!/*JoePea > -- Fischer Daniel FI4IT - that's it Messerschmittstrasse 17 89231 Neu Ulm Email: dfischer at fi4it.de Web: www.fi4it.de Telefon: 073180019370 Fax: 073180019375 Mobil: 01729230731 From ben at morrow.me.uk Mon Nov 19 19:22:47 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Mon, 19 Nov 2012 17:22:47 +0000 Subject: [Dovecot] ACL and SSL In-Reply-To: <20121118002343.GA18703@doctor.nl2k.ab.ca> References: <20121118002343.GA18703@doctor.nl2k.ab.ca> Message-ID: <20121119172246.GL94077@anubis.morrow.me.uk> At 5PM -0700 on 17/11/12 you (Dave Shariff Yadallee - System Administrator a.k.a. The Root of the Problem) wrote: > Finally got Dovecot to work on ports 100 and 143. Port 100 is unassigned. Are you using it for POP3? > I would like to > > a) Learn about ACL esp on port 110 as there are still yodellaks that try > to brake in on port 110. If Dovecot is not listening on port 110 there is nothing it can do about people trying to connect to that port. Perhaps you want to simply block it in your firewall? > b) Setting up separate SSL cert for imaps and pop3s. See the section called 'Different certificates per IP and protocol' in http://wiki2.dovecot.org/SSL/DovecotConfiguration . Ben From rs at sys4.de Mon Nov 19 19:47:11 2012 From: rs at sys4.de (Robert Schetterer) Date: Mon, 19 Nov 2012 18:47:11 +0100 Subject: [Dovecot] ACL and SSL In-Reply-To: <20121118002343.GA18703@doctor.nl2k.ab.ca> References: <20121118002343.GA18703@doctor.nl2k.ab.ca> Message-ID: <50AA709F.8010706@sys4.de> Am 18.11.2012 01:23, schrieb Dave Shariff Yadallee - System Administrator a.k.a. The Root of the Problem: > ) Learn about ACL esp on port 110 as there are still yodellaks that try > to brake in on port 110. what acl you like to set over pop3 ? usually acl at dovecot means folder permissions in imap http://wiki2.dovecot.org/ACL if you mean what to do against brute force use i.e fail2ban http://wiki2.dovecot.org/HowTo/Fail2Ban Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From doctor at doctor.nl2k.ab.ca Mon Nov 19 19:55:56 2012 From: doctor at doctor.nl2k.ab.ca (The Doctor) Date: Mon, 19 Nov 2012 10:55:56 -0700 Subject: [Dovecot] ACL and SSL In-Reply-To: <20121118002343.GA18703@doctor.nl2k.ab.ca> References: <20121118002343.GA18703@doctor.nl2k.ab.ca> Message-ID: <20121119175556.GA21193@doctor.nl2k.ab.ca> On Sat, Nov 17, 2012 at 05:23:43PM -0700, Dave Shariff Yadallee - System Administrator a.k.a. The Root of the Problem wrote: > Finally got Dovecot to work on ports 100 and 143. > > I would like to > > a) Learn about ACL esp on port 110 as there are still yodellaks that try > to brake in on port 110. > > b) Setting up separate SSL cert for imaps and pop3s. Found this one out easily, however new issue: Nov 19 09:21:23 doctor dovecot: pop3-login: Login: user=<MOEuser>, method=PLAIN, rip=208.118.93.81, lip=local mail server, TLS Nov 19 09:21:23 doctor dovecot: POP3(MOEuser):Debug: Effective uid=2618, gid=2991, home=/usr/home/MOEuser Nov 19 09:21:23 doctor dovecot: POP3(MOEuser):Debug: fs: root=/usr/home/MOEuser/mail, index=, control=, inbox=/var/mail/MOEuser, alt= Nov 19 09:21:23 doctor dovecot: POP3(MOEuser):Debug: Namespace : /usr/home/MOEuser/mail doesn't exist yet, using default permissions Nov 19 09:21:23 doctor dovecot: POP3(MOEuser):Debug: Namespace : Using permissions from /usr/home/MOEuser/mail: mode=0700 gid=-1 Nov 19 09:21:23 doctor dovecot: POP3(MOEuser):Error: user MOEuser: Initialization failed: Initializing mail storage from mail_location setting failed: mkdir(/usr/home/MOEuser/mail) failed: Permission denied (euid=2618(MOEuser) egid=2991(sc) missing +w perm: /usr/home/MOEuser, dir owned by 0:2991 mode=0755) Nov 19 09:21:23 doctor dovecot: POP3(MOEuser):Error: Invalid user settings. Refer to server log for more information. Nov 19 09:21:27 doctor dovecot: pop3-login: Login: user=<MOEuser>, method=PLAIN, rip=208.118.93.81, lip=local mail server, TLS Nov 19 09:21:27 doctor dovecot: POP3(MOEuser):Debug: Effective uid=2618, gid=2991, home=/usr/home/MOEuser Nov 19 09:21:27 doctor dovecot: POP3(MOEuser):Debug: fs: root=/usr/home/MOEuser/mail, index=, control=, inbox=/var/mail/MOEuser, alt= Nov 19 09:21:27 doctor dovecot: POP3(MOEuser):Debug: Namespace : /usr/home/MOEuser/mail doesn't exist yet, using default permissions Nov 19 09:21:27 doctor dovecot: POP3(MOEuser):Debug: Namespace : Using permissions from /usr/home/MOEuser/mail: mode=0700 gid=-1 Nov 19 09:21:27 doctor dovecot: POP3(MOEuser):Error: user MOEuser: Initialization failed: Initializing mail storage from mail_location setting failed: mkdir(/usr/home/MOEuser/mail) failed: Permission denied (euid=2618(MOEuser) egid=2991(sc) missing +w perm: /usr/home/MOEuser, dir owned by 0:2991 mode=0755) Nov 19 09:21:27 doctor dovecot: POP3(MOEuser):Error: Invalid user settings. Refer to server log for more information. Nov 19 09:21:35 doctor dovecot: imap-login: Login: user=<MOEuser>, method=PLAIN, rip=208.118.93.81, lip=local mail server Nov 19 09:21:35 doctor dovecot: IMAP(MOEuser):Debug: Effective uid=2618, gid=2991, home=/usr/home/MOEuser Nov 19 09:21:35 doctor dovecot: IMAP(MOEuser):Debug: fs: root=/usr/home/MOEuser/mail, index=, control=, inbox=/var/mail/MOEuser, alt= Nov 19 09:21:35 doctor dovecot: IMAP(MOEuser):Debug: Namespace : /usr/home/MOEuser/mail doesn't exist yet, using default permissions Nov 19 09:21:35 doctor dovecot: IMAP(MOEuser):Debug: Namespace : Using permissions from /usr/home/MOEuser/mail: mode=0700 gid=-1 Nov 19 09:21:35 doctor dovecot: IMAP(MOEuser):Error: user MOEuser: Initialization failed: Initializing mail storage from mail_location setting failed: mkdir(/usr/home/MOEuser/mail) failed: Permission denied (euid=2618(MOEuser) egid=2991(sc) missing +w perm: /usr/home/MOEuser, dir owned by 0:2991 mode=0755) Nov 19 09:21:35 doctor dovecot: IMAP(MOEuser):Error: Invalid user settings. Refer to server log for more information. Nov 19 09:21:48 doctor dovecot: imap-login: Login: user=<MOEuser>, method=PLAIN, rip=208.118.93.81, lip=local mail server Nov 19 09:21:48 doctor dovecot: IMAP(MOEuser):Debug: Effective uid=2618, gid=2991, home=/usr/home/MOEuser Nov 19 09:21:48 doctor dovecot: IMAP(MOEuser):Debug: fs: root=/usr/home/MOEuser/mail, index=, control=, inbox=/var/mail/MOEuser, alt= Nov 19 09:21:48 doctor dovecot: IMAP(MOEuser):Debug: Namespace : /usr/home/MOEuser/mail doesn't exist yet, using default permissions Nov 19 09:21:48 doctor dovecot: IMAP(MOEuser):Debug: Namespace : Using permissions from /usr/home/MOEuser/mail: mode=0700 gid=-1 Nov 19 09:21:48 doctor dovecot: IMAP(MOEuser):Error: user MOEuser: Initialization failed: Initializing mail storage from mail_location setting failed: mkdir(/usr/home/MOEuser/mail) failed: Permission denied (euid=2618(MOEuser) egid=2991(sc) missing +w perm: /usr/home/MOEuser, dir owned by 0:2991 mode=0755) Nov 19 09:21:48 doctor dovecot: IMAP(MOEuser):Error: Invalid user settings. Refer to server log for more information. The MOEuser atnds for Microsoft Outlook Express user. The credentials were correct i.e. user/pw but Dovecot kept reject the user. I heard similar complants from M$ Mail, OE, and Outlook users doveconf -n # 2.1.10: /usr/dovecot2/etc/dovecot/dovecot.conf # OS: BSD/OS 4.3 i386 base_dir = /var/run/dovecot/ disable_plaintext_auth = no first_valid_uid = 100 listen = [::] login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c mail_debug = yes mail_location = mbox:~/mail:INBOX=/var/mail/%u mail_log_prefix = %Us(%u): mdbox_rotate_size = 2 k passdb { args = /etc/master.passwd driver = passwd-file } plugin { home = /usr/dovecot2 } protocols = imap pop3 service auth { executable = /usr/dovecot2/libexec/dovecot/auth user = root } service imap-login { chroot = login client_limit = 256 executable = /usr/dovecot2/libexec/dovecot/imap-login inet_listener imap { address = local mail server port = 143 } inet_listener imaps { address = local mail server port = 993 ssl = yes } process_limit = 128 process_min_avail = 3 service_count = 1 user = dovecot } service imap { executable = /usr/dovecot2/libexec/dovecot/imap process_limit = 512 } service pop3-login { chroot = login client_limit = 256 executable = /usr/dovecot2/libexec/dovecot/pop3-login inet_listener pop3s { address = local mail server port = 995 ssl = yes } process_limit = 128 process_min_avail = 3 service_count = 1 user = dovecot } service pop3 { executable = /usr/dovecot2/libexec/dovecot/pop3 process_limit = 512 } ssl_cert = </usr/dovecot2/etc/dovecot/ssl/pop3.nk.ca.crt ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:aNULL ssl_key = </usr/dovecot2/etc/dovecot/ssl/pop3.nk.ca.key userdb { driver = passwd } userdb { args = /etc/passwd driver = passwd-file } verbose_ssl = yes local local mail server { protocol imap { imap_client_workarounds = delay-newmail tb-extra-mailbox-sep imap_idle_notify_interval = 2 mins imap_logout_format = bytes=%i/%o imap_max_line_length = 64 k mail_max_userip_connections = 10 mail_plugin_dir = /usr/dovecot2/lib/dovecot/imap ssl_cert = </usr/dovecot2/etc/dovecot/ssl/pop3.nk.ca.crt ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:aNULL ssl_key = </usr/dovecot2/etc/dovecot/ssl/pop3.nk.ca.key verbose_ssl = yes } } local local mail server { protocol pop3 { mail_max_userip_connections = 3 mail_plugins = pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_enable_last = yes pop3_lock_session = yes pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s pop3_no_flag_updates = yes pop3_reuse_xuidl = yes pop3_save_uidl = no pop3_uidl_format = %08Xu%08Xv ssl_cert = </usr/dovecot2/etc/dovecot/ssl/pop3.nk.ca.crt ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:aNULL ssl_key = </usr/dovecot2/etc/dovecot/ssl/pop3.nk.ca.key verbose_ssl = yes } } Thunderbird works. Why are M$ mail clients messing up? > > -- > For effective Internet Etiquette and communications read > http://catb.org/jargon/html/T/top-post.html, http://idallen.com/topposting.html > & http://www.caliburn.nl/topposting.html > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. -- Member - Liberal International This is doctor at nl2k.ab.ca Ici doctor at nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Merry Christmas 2012 and Happy New Year 2013 From rs at sys4.de Mon Nov 19 20:13:21 2012 From: rs at sys4.de (Robert Schetterer) Date: Mon, 19 Nov 2012 19:13:21 +0100 Subject: [Dovecot] ACL and SSL In-Reply-To: <20121119175556.GA21193@doctor.nl2k.ab.ca> References: <20121118002343.GA18703@doctor.nl2k.ab.ca> <20121119175556.GA21193@doctor.nl2k.ab.ca> Message-ID: <50AA76C1.30407@sys4.de> Am 19.11.2012 18:55, schrieb The Doctor: > /mail) failed: Permission denied (euid=2618(MOEuser) egid=2991(sc) missing +w perm: /usr/home/MOEuser, dir owned by 0:2991 mode=0755 seems you got a permisson problem Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From dmiller at amfes.com Mon Nov 19 21:27:44 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Mon, 19 Nov 2012 11:27:44 -0800 Subject: [Dovecot] [BUMP] Unanswered: how to force FTS indexing? In-Reply-To: <m2k3tjgdrb.fsf@boostpro.com> References: <m2pq43k7n3.fsf@cone.luannocracy.com> <508C9C8A.8000309@hardwarefreak.com> <m2vcdpfkz7.fsf@cone.luannocracy.com> <m2zk2knsnf.fsf_-_@cone.luannocracy.com> <50A5B666.9090507@amfes.com> <m2zk2hnu3r.fsf@cube.luannocracy.com> <50A73047.7080706@amfes.com> <m2k3tjgdrb.fsf@boostpro.com> Message-ID: <assp.06705d8db5.50AA8830.9000903@amfes.com> On 11/18/2012 6:57 AM, Dave Abrahams wrote: > on Sat Nov 17 2012, "Daniel L. Miller" <dmiller-AT-amfes.com> wrote: > >> On 11/16/2012 12:58 PM, Dave Abrahams wrote: >>> on Thu Nov 15 2012, "Daniel L. Miller" <dmiller-AT-amfes.com> wrote: >>> >>>> On 11/14/2012 6:52 AM, Dave Abrahams wrote: >>>>> Does anyone have an answer to this question? Should I simply issue an >>>>> IMAP search command, or is there a better way? >>>>> >>>> Put this in a cron script: >>>> >>>> doveadm search -A text zyxabcxyz > /dev/null >>>> >>>> That will perform a search through every mailbox on the system, >>>> indexing as it goes. The search query is unlikely to return much in >>>> the way of results, so log files won't fill up much. >>> That actually doesn't work for me. "doveadm index ..." does, though. >>> >> Use whatever works for you. The problem (for me) with "doveadm index" >> is it only works with the specified mailboxes. It can be done for all >> users - but only designated mailboxes. So a "doveadm index -A INBOX" >> will scan all inboxes - but none of the other folders. The search >> command I showed performs a recursive search that hits everything. > I take it back; I'm not sure if "doveadm search" causes re-indexing. > However, I *know* issuing a search command from a Python IMAP library > doesn't do so. > That indicates something else is broken - unless my Dovecot understanding is totally off (which is always possible, even likely). To my knowledge, until the relatively recent support for the "doveadm index" command, the primary and indeed only way to index was to perform a search. When Dovecot receives a search request, whether passed by IMAP or through the doveadm backdoor, if the mailbox isn't current then any new mails are supposed to be added to the index in the course of the search. If that doesn't happen - then I think something is broken in your setup. -- Daniel From daniel.parthey at informatik.tu-chemnitz.de Tue Nov 20 00:32:05 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Mon, 19 Nov 2012 23:32:05 +0100 Subject: [Dovecot] users mail folders have to be subscribed In-Reply-To: <CADLvNSayLhZ39zjvmBqpkYOteFTbdWAMrTGNnD=LrSLRE59-pQ@mail.gmail.com> References: <CADLvNSZJJgET1PGdPjZEnt4zrc0UPX15=FZQ2SihK+aUQz8ZZQ@mail.gmail.com> <20121118193822.GA7565@daniel.localdomain> <CADLvNSZQCRDenkENPHc9wkv6BHaoA+rfsVoy_53r2SSpoCc_PA@mail.gmail.com> <899ee7qld4v8@mids.svenhartge.de> <CADLvNSayLhZ39zjvmBqpkYOteFTbdWAMrTGNnD=LrSLRE59-pQ@mail.gmail.com> Message-ID: <20121119223205.GA7800@daniel.localdomain> Andre Bischof wrote: > doveadm mailbox subscribe -u user at example.com "*" > > Should the user for "-u" be the system user the > mailboxes belong to or has the user to be written in form of an email > adress (user at localhost / user at n.dyndns.org)? It should be the same userdb username as used for imap login. Regards Daniel -- https://plus.google.com/103021802792276734820 From zaphod at tdl.com Tue Nov 20 02:13:11 2012 From: zaphod at tdl.com (Chuck Cochems) Date: Mon, 19 Nov 2012 17:13:11 -0700 Subject: [Dovecot] whoson plugin for 2.0 In-Reply-To: <50A6CF8A.40202@localhost.localdomain.org> References: <50A5B2B2.40409@tdl.com> <50A68BA7.4080500@localhost.localdomain.org> <50A6BC6A.6070504@tdl.com> <50A6CF8A.40202@localhost.localdomain.org> Message-ID: <50AACB17.2070008@tdl.com> On 11/16/2012 4:43 PM, Pascal Volk wrote: > On 11/16/2012 11:21 PM Chuck Cochems wrote: >> ? >> I need to return both the IP and the email address as a string to drop >> it into the old code. >> ? > > You could check the code of the `doveadm who` command > <http://wiki2.dovecot.org/Tools/Doveadm/Who>. It shows both, the user > name and the IP address. > > > Regards, > Pascal > Problem solved. i finally found a working verion. i told the author to switch from strlcpy (which is not part of glibc) to i_strocpy (which dovecot provides). hopefulyl he will listen. if not, that's how to fix it. http://ftp.ufanet.ru/pub/boco/dovecot/whoson-plugin-2/ someone update the 2.0 wiki link. :) From tss at iki.fi Tue Nov 20 02:55:16 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 20 Nov 2012 02:55:16 +0200 Subject: [Dovecot] FYI: News about Mark Crispin References: <E7C54D4EA2D977429FC82EF4@[192.168.0.2]> Message-ID: <EF9FB64E-28F2-4F6B-B6E8-1DE394E0C1E1@iki.fi> Begin forwarded message: > From: Barry Leiba <barryleiba at computer.org> > Date: 20. marraskuuta 2012 2.44.51 UTC+2.00 > To: imap5 at ietf.org, imapext at ietf.org, imap-protocol at u.washington.edu, imap-use at u.washington.edu > Subject: [imapext] News about Mark Crispin > Reply-To: imap5 at ietf.org > > Everyone here knows Mark Crispin -- or at least knows who he is: Mark is the author of the original IMAP specification, and has taken it through its different versions to the present IMAP4rev1. He's written reference implementations of both server and client, and has been a vocal participant on all the mailing lists I'm posting this to. > > I'm sad to have to report that Mark is now terminally ill, and is in hospice care. > > For now, at least, I'm told that Mark is at least somewhat aware. If anyone has brief well-wishing messages they'd like to send him, please post them to the <imap5 at ietf.org> mailing list, and I'll forward them to Mark's long-term companion, Annie. I will also post updates to that list as I get them. > > [The Reply-To for this message is set to <imap5 at ietf.org>, so that replies will go there. You will have to subscribe to that mailing list in order to post to it. You can do that here: > http://www.ietf.org/mailman/listinfo/imap5 ] > > Barry Leiba > > _______________________________________________ > imapext mailing list > imapext at ietf.org > https://www.ietf.org/mailman/listinfo/imapext > From noel.butler at ausics.net Tue Nov 20 04:26:47 2012 From: noel.butler at ausics.net (Noel Butler) Date: Tue, 20 Nov 2012 12:26:47 +1000 Subject: [Dovecot] FYI: News about Mark Crispin In-Reply-To: <EF9FB64E-28F2-4F6B-B6E8-1DE394E0C1E1@iki.fi> References: <E7C54D4EA2D977429FC82EF4@[192.168.0.2]> <EF9FB64E-28F2-4F6B-B6E8-1DE394E0C1E1@iki.fi> Message-ID: <1353378407.12776.28.camel@tardis> That's so sad, Marks a nice guy, and too fricken young for this to happen On Tue, 2012-11-20 at 02:55 +0200, Timo Sirainen wrote: > Begin forwarded message: > > > From: Barry Leiba <barryleiba at computer.org> > > Date: 20. marraskuuta 2012 2.44.51 UTC+2.00 > > To: imap5 at ietf.org, imapext at ietf.org, imap-protocol at u.washington.edu, imap-use at u.washington.edu > > Subject: [imapext] News about Mark Crispin > > Reply-To: imap5 at ietf.org > > > > Everyone here knows Mark Crispin -- or at least knows who he is: Mark is the author of the original IMAP specification, and has taken it through its different versions to the present IMAP4rev1. He's written reference implementations of both server and client, and has been a vocal participant on all the mailing lists I'm posting this to. > > > > I'm sad to have to report that Mark is now terminally ill, and is in hospice care. > > > > For now, at least, I'm told that Mark is at least somewhat aware. If anyone has brief well-wishing messages they'd like to send him, please post them to the <imap5 at ietf.org> mailing list, and I'll forward them to Mark's long-term companion, Annie. I will also post updates to that list as I get them. > > > > [The Reply-To for this message is set to <imap5 at ietf.org>, so that replies will go there. You will have to subscribe to that mailing list in order to post to it. You can do that here: > > http://www.ietf.org/mailman/listinfo/imap5 ] > > > > Barry Leiba > > > > _______________________________________________ > > imapext mailing list > > imapext at ietf.org > > https://www.ietf.org/mailman/listinfo/imapext > > > -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20121120/ebf5e0c1/attachment.bin> From doctor at doctor.nl2k.ab.ca Tue Nov 20 04:27:58 2012 From: doctor at doctor.nl2k.ab.ca (The Doctor) Date: Mon, 19 Nov 2012 19:27:58 -0700 Subject: [Dovecot] ACL and SSL In-Reply-To: <50AA76C1.30407@sys4.de> References: <20121118002343.GA18703@doctor.nl2k.ab.ca> <20121119175556.GA21193@doctor.nl2k.ab.ca> <50AA76C1.30407@sys4.de> Message-ID: <20121120022758.GA8370@doctor.nl2k.ab.ca> On Mon, Nov 19, 2012 at 07:13:21PM +0100, Robert Schetterer wrote: > Am 19.11.2012 18:55, schrieb The Doctor: > > /mail) failed: Permission denied (euid=2618(MOEuser) egid=2991(sc) missing +w perm: /usr/home/MOEuser, dir owned by 0:2991 mode=0755 > > seems you got a permisson problem > Found it ! Looks like the user account was missing the mail directory. fail2ban will implement. Now Outlook 2010 reporting repeated mail. Is this a similar issue with OL2003? > > Best Regards > MfG Robert Schetterer > > -- > [*] sys4 AG > > http://sys4.de, +49 (89) 30 90 46 64 > Franziskanerstra?e 15, 81669 M?nchen > > Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 > Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer > Aufsichtsratsvorsitzender: Joerg Heidrich -- Member - Liberal International This is doctor at nl2k.ab.ca Ici doctor at nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Merry Christmas 2012 and Happy New Year 2013 From andre.bischof at rheinsinn.de Tue Nov 20 09:07:10 2012 From: andre.bischof at rheinsinn.de (Andre Bischof) Date: Tue, 20 Nov 2012 08:07:10 +0100 Subject: [Dovecot] users mail folders have to be subscribed Message-ID: <CADLvNSY+rDbOFEdDpkmK6x=o47XDXxNWX6oM9w6pE2WLoLYZNg@mail.gmail.com> Daniel, Am 19.11.2012 23:32 schrieb "Daniel Parthey" < daniel.parthey at informatik.tu-chemnitz.de>: > > Andre Bischof wrote: > > doveadm mailbox subscribe -u user at example.com "*" > > > > Should the user for "-u" be the system user the > > mailboxes belong to or has the user to be written in form of an email > > adress (user at localhost / user at n.dyndns.org)? > > It should be the same userdb username as used for imap login. Thank you. One thing that still doesn't work is subscribing to all mailboxes via "*", I guess because the folder names start with "." but dovecot mailbbox subscribe wants it without a starting "." Any clues how that can be solved? Regards Andre From rs at sys4.de Tue Nov 20 10:53:05 2012 From: rs at sys4.de (Robert Schetterer) Date: Tue, 20 Nov 2012 09:53:05 +0100 Subject: [Dovecot] ACL and SSL In-Reply-To: <20121120022758.GA8370@doctor.nl2k.ab.ca> References: <20121118002343.GA18703@doctor.nl2k.ab.ca> <20121119175556.GA21193@doctor.nl2k.ab.ca> <50AA76C1.30407@sys4.de> <20121120022758.GA8370@doctor.nl2k.ab.ca> Message-ID: <50AB44F1.4070009@sys4.de> Am 20.11.2012 03:27, schrieb The Doctor: > Now Outlook 2010 reporting repeated mail. Is this a similar issue with > OL2003? it doesnt look like general a client issue at all, check your logs for more warnings and errors, outlook(s) may not best clients, but they arent guilty for all Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From skdovecot at smail.inf.fh-brs.de Tue Nov 20 15:53:19 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Tue, 20 Nov 2012 14:53:19 +0100 (CET) Subject: [Dovecot] users mail folders have to be subscribed In-Reply-To: <CADLvNSY+rDbOFEdDpkmK6x=o47XDXxNWX6oM9w6pE2WLoLYZNg@mail.gmail.com> References: <CADLvNSY+rDbOFEdDpkmK6x=o47XDXxNWX6oM9w6pE2WLoLYZNg@mail.gmail.com> Message-ID: <alpine.DEB.2.02.1211201440390.5511@pc-2m63nn> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 20 Nov 2012, Andre Bischof wrote: > Date: Tue, 20 Nov 2012 08:07:10 +0100 > From: Andre Bischof <andre.bischof at rheinsinn.de> > To: dovecot at dovecot.org > Subject: Re: [Dovecot] users mail folders have to be subscribed > > Daniel, > > Am 19.11.2012 23:32 schrieb "Daniel Parthey" < > daniel.parthey at informatik.tu-chemnitz.de>: >> >> Andre Bischof wrote: >>> doveadm mailbox subscribe -u user at example.com "*" >>> >>> Should the user for "-u" be the system user the >>> mailboxes belong to or has the user to be written in form of an email >>> adress (user at localhost / user at n.dyndns.org)? >> >> It should be the same userdb username as used for imap login. > > Thank you. One thing that still doesn't work is subscribing to all > mailboxes via "*", I guess because the folder names start with "." but > dovecot mailbbox subscribe wants it without a starting "." Any clues how > that can be solved? In v2.1.10 doveadm mailbox subscribe -u user at example.com "*" does indeed add the string "*" to the subscription list, hence, one cannot add "all folders" with this wildcard. However, you can use the Unix flexible modular command line system :-) e.g.: doveadm mailbox subscribe -u user at example.com \ $( doveadm mailbox list -u user at example.com ) Make sure to use the same "-u ..." switch. I'm not sure about shared mailboxes by other users. In my test, mailbox list displays them, but subscribe does not add them, but silently ignores them. Other way would be to add subscribed folders into "/home/of/user/Maildir/subscriptions", as you seem to use Maildir. One folder per line. Kind regards, - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUKuLT2oxLS8a3A9mAQKPnwf+NO+Q57UyYqedZ2M3hAf1i+LFgEKJV4JO r6hDQ6kn6qABJc03udiaNrS+1bpLKyhZ+geMBua+qs4UGrMdE/fi0lyI4yvVtCBC mR41EuBvL9Jf5tFtKYG65tAhj6gjSOMAuXL6xwsawXSkrTV/33NFRG5FQ0bZRQvV pcG50V5lvOSXhpM4GqhQwEIurwGef9w8iG2rNxkTaSLWa/5ZaBCg9vFgCE0xs0hg N6aURUsqiebN+AIzzjJDOFwE4cDrH1TUbbGNW3cutjkolf3Jf6cGU96yUGKf4NvA bWv+3i4BUnUQ547DNNV5NNlw2Mz9569dRUyD6WHaiEVCW0Tp6U3iZw== =4zMT -----END PGP SIGNATURE----- From listas.correo at yahoo.es Tue Nov 20 17:54:29 2012 From: listas.correo at yahoo.es (mailing lists) Date: Tue, 20 Nov 2012 15:54:29 +0000 (GMT) Subject: [Dovecot] doveadm fails with passdb authentication binds (dovecot 2.0.16) Message-ID: <1353426869.63536.YahooMailNeo@web171501.mail.ir2.yahoo.com> Hello, I'm testing passdb auth binds with dovecot 2.0.16, but for some reason dovedm fails to work with the configuration showed below. The network trace shows the successful bind for the administrative user (uid=mailapp), but nothing for the mail user (uid=user001). what am i missing here? # doveadm mailbox list -u user001 doveadm(user001): Error: user user001: Auth PASS lookup failed doveadm(user001): Fatal: passdb lookup failed 10-auth.conf: ==================== disable_plaintext_auth = no auth_cache_size = 0 auth_cache_ttl = 0 auth_cache_negative_ttl = 0 auth_mechanisms = plain !include auth-ldap.conf.ext auth-ldap.conf.ext: ===================================== passdb { ? driver = ldap ? args = /etc/dovecot/passdb-dovecot-ldap.conf.ext } userdb { ? driver = ldap ? args = /etc/dovecot/userdb-dovecot-ldap.conf.ext } passdb-dovecot-ldap.conf.ext: ===================================== uris = ldap://ldap.example.com dn = uid=mailapp,ou=People,dc=example,dc=com dnpass = xxxxxxxxxx sasl_bind = no tls = no auth_bind = yes ldap_version = 3 base = dc=example,dc=com deref = never scope = subtree pass_attrs = uid=user pass_filter = (uid=%n) userdb-dovecot-ldap.conf.ext: ==================================== uris = ldap://ldap.example.com dn = uid=mailapp,ou=People,dc=example,dc=com dnpass = xxxxxxxxxx sasl_bind = no tls = no auth_bind = yes ldap_version = 3 base = dc=example,dc=com deref = never scope = subtree user_attrs = mailbox=mail=maildir:/var/maildir/%$,homeFilter=home,mailQuota=quota_rule=*:bytes=%$ user_filter = (&(objectClass=posixAccount)(uid=%n)) pass_attrs = uid=user,userPassword=password,\ ??? mailbox=userdb_mail=maildir:/var/maildir/%$,homeFilter=userdb_home,mailQuota=userdb_quota_rule=*:bytes=%$ pass_filter = (&(objectClass=posixAccount)(uid=%n)) iterate_attrs = uid=user iterate_filter = (objectClass=posixMailAccount) From mathieu at 400iso.net Tue Nov 20 21:10:38 2012 From: mathieu at 400iso.net (Mathieu R.) Date: Tue, 20 Nov 2012 20:10:38 +0100 Subject: [Dovecot] Need help for configure sieve Message-ID: <5f92c95abae1b9ffe8d39bc5edd267c2@400iso.net> Hello, i just did set up a mail server with postfix+dovecot+mysql+roundcube everything work fine. Now i'm trying to configure dovecot to get sieve working, and i probably missing something, cause i can not get it to fall in work... Thanks in advance, if you can help me a bit... here is my dovecot (2.1.10) conf : 20:07 root at curzio /home/mathieu # dovecot -n # 2.1.10: /etc/dovecot/dovecot.conf # OS: Linux 3.2.30-xenU-7157-x86_64 x86_64 Arch Linux mail_home = /srv/vmail/%d/%u mail_location = maildir:~ managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 sieve service auth { unix_listener auth-client { group = postfix mode = 0660 user = postfix } user = root } ssl_cert = </etc/ssl/private/server.crt ssl_key = </etc/ssl/private/server.key userdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } protocol lda { mail_plugins = " sieve" } here is my postfix conf : 20:07 root at curzio /home/mathieu # postconf -n alias_database = $alias_maps alias_maps = hash:/etc/postfix/aliases broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/lib/postfix data_directory = /var/lib/postfix debug_peer_level = 2 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5 html_directory = no inet_protocols = ipv4 local_recipient_maps = $virtual_mailbox_maps local_transport = virtual mail_owner = postfix mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man newaliases_path = /usr/bin/newaliases queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix relay_domains = * sample_directory = /etc/postfix/sample sendmail_path = /usr/sbin/sendmail setgid_group = postdrop smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $mydomain smtpd_sasl_path = /var/run/dovecot/auth-client smtpd_sasl_security_options = noanonymous smtpd_sasl_tls_security_options = $smtpd_sasl_security_options smtpd_sasl_type = dovecot smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/ssl/private/server.crt smtpd_tls_key_file = /etc/ssl/private/server.key smtpd_tls_loglevel = 1 transport_maps = hash:/etc/postfix/transport unknown_local_recipient_reject_code = 550 virtual_alias_maps = proxy:mysql:/etc/postfix/virtual_alias_maps.cf virtual_gid_maps = static:5000 virtual_mailbox_base = /srv/vmail virtual_mailbox_domains = proxy:mysql:/etc/postfix/virtual_domains_maps.cf virtual_mailbox_limit = 512000000 virtual_mailbox_maps = proxy:mysql:/etc/postfix/virtual_mailbox_maps.cf virtual_minimum_uid = 5000 virtual_transport = virtual virtual_uid_maps = static:5000 i use the roundcube plugin managesieve, wich seems to work correctly. -- Mathieu R. From user+dovecot at localhost.localdomain.org Tue Nov 20 21:51:26 2012 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Tue, 20 Nov 2012 20:51:26 +0100 Subject: [Dovecot] Need help for configure sieve In-Reply-To: <5f92c95abae1b9ffe8d39bc5edd267c2@400iso.net> References: <5f92c95abae1b9ffe8d39bc5edd267c2@400iso.net> Message-ID: <50ABDF3E.2040605@localhost.localdomain.org> On 11/20/2012 08:10 PM Mathieu R. wrote: > ? > Now i'm trying to configure dovecot to get sieve working, and i > probably missing something, cause i can not get it to fall in work... > > Thanks in advance, if you can help me a bit... > > here is my dovecot (2.1.10) conf : > > > 20:07 root at curzio /home/mathieu # dovecot -n > # 2.1.10: /etc/dovecot/dovecot.conf > # OS: Linux 3.2.30-xenU-7157-x86_64 x86_64 Arch Linux > ? > protocol lda { > mail_plugins = " sieve" > } > > > here is my postfix conf : > 20:07 root at curzio /home/mathieu # postconf -n > ? > transport_maps = hash:/etc/postfix/transport > ? > ? > virtual_transport = virtual > ? > > > i use the roundcube plugin managesieve, wich seems to work correctly. What is the content of your /etc/postfix/transport? "virtual_transport = virtual" let Postfix deliver your mails to the mail store. You have to use Dovecot's LMTP <http://master.wiki2.dovecot.org/HowTo/PostfixDovecotLMTP> or Dovecot's LDA <http://master.wiki2.dovecot.org/LDA/Postfix> in order to apply Sieve rules on mail delivery. Regards, Pascal -- The trapper recommends today: cafebabe.1232520 at localdomain.org From mathieu at 400iso.net Tue Nov 20 22:01:18 2012 From: mathieu at 400iso.net (Mathieu R.) Date: Tue, 20 Nov 2012 21:01:18 +0100 Subject: [Dovecot] Need help for configure sieve In-Reply-To: <50ABDF3E.2040605@localhost.localdomain.org> References: <5f92c95abae1b9ffe8d39bc5edd267c2@400iso.net> <50ABDF3E.2040605@localhost.localdomain.org> Message-ID: <591e65f27a23bef233371ba237841cb3@400iso.net> Le 20/11/2012 20:51, Pascal Volk a ?crit?: > On 11/20/2012 08:10 PM Mathieu R. wrote: >> ? >> Now i'm trying to configure dovecot to get sieve working, and i >> probably missing something, cause i can not get it to fall in >> work... >> >> Thanks in advance, if you can help me a bit... >> >> here is my dovecot (2.1.10) conf : >> >> >> 20:07 root at curzio /home/mathieu # dovecot -n >> # 2.1.10: /etc/dovecot/dovecot.conf >> # OS: Linux 3.2.30-xenU-7157-x86_64 x86_64 Arch Linux >> ? >> protocol lda { >> mail_plugins = " sieve" >> } >> >> >> here is my postfix conf : >> 20:07 root at curzio /home/mathieu # postconf -n >> ? >> transport_maps = hash:/etc/postfix/transport >> ? >> ? >> virtual_transport = virtual >> ? >> >> >> i use the roundcube plugin managesieve, wich seems to work >> correctly. > > What is the content of your /etc/postfix/transport? it's empty, come with archlinux default conf. > > "virtual_transport = virtual" let Postfix deliver your mails to the > mail > store. > > You have to use Dovecot's LMTP > <http://master.wiki2.dovecot.org/HowTo/PostfixDovecotLMTP> or > Dovecot's > LDA <http://master.wiki2.dovecot.org/LDA/Postfix> in order to apply > Sieve rules on mail delivery. i added dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/local/libexec/dovecot/dovecot-lda -f ${sender} -d ${recipient} in master.cf in order to use LDA, is that enough ? > > > Regards, > Pascal -- Mathieu R. From user+dovecot at localhost.localdomain.org Tue Nov 20 22:10:03 2012 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Tue, 20 Nov 2012 21:10:03 +0100 Subject: [Dovecot] Need help for configure sieve In-Reply-To: <591e65f27a23bef233371ba237841cb3@400iso.net> References: <5f92c95abae1b9ffe8d39bc5edd267c2@400iso.net> <50ABDF3E.2040605@localhost.localdomain.org> <591e65f27a23bef233371ba237841cb3@400iso.net> Message-ID: <50ABE39B.5070103@localhost.localdomain.org> On 11/20/2012 09:01 PM Mathieu R. wrote: > i added > > dovecot unix - n n - - pipe > flags=DRhu user=vmail:vmail > argv=/usr/local/libexec/dovecot/dovecot-lda -f ${sender} -d ${recipient} > > in master.cf in order to use LDA, is that enough ? > don't forget: postconf -e virtual_transport=dovecot: postfix reload Regards, Pascal -- The trapper recommends today: 5e1f1e55.1232521 at localdomain.org From beber at meleeweb.net Tue Nov 20 22:56:03 2012 From: beber at meleeweb.net (Bertrand Jacquin) Date: Tue, 20 Nov 2012 21:56:03 +0100 Subject: [Dovecot] v2.1.10: Director director_servers order issue Message-ID: <20121120205603.GA1789@lemonhead.scabb> Hi, I'm setting up an IMAP/POP cluster using dovecot director for some NFS reasons and I'm getting some troubles with director_servers directive. Configuration is shared on both nodes : director_servers = 10.0.50.50 10.0.50.51 director_mail_servers = 192.168.0.150 192.168.0.151 director_user_expire = 15 min service director { unix_listener login/director { mode = 0666 } fifo_listener login/proxy-notify { mode = 0600 user = $default_login_user } unix_listener director-userdb { mode = 0600 } inet_listener { port = 9090 } } service ipc { unix_listener ipc { user = $default_login_user } } Here 10.0.50.50 is node1, 10.0.50.51 is node2 # ring status on node1 director ip port type last failed 10.0.50.50 9090 self never 10.0.50.51 9090 never # ring status on node2 director ip port type last failed 10.0.50.50 9090 self never 10.0.50.51 9090 never self is the same on both nodes, and that generate some cases that can be observed on logs : # logs on node1 dovecot: director: Error: Remote director thinks it's someone else (connected to 10.0.50.51:9090, remote says it's 10.0.50.50:9090) And this is true, TCP packet contain bad DATA : # tcpdump -i eth0 -nn src host 10.0.50.51 and port 9090 -s 0 -w - -l | strings | egrep '^ME' ME 10.0.50.50 9090 # logs on node2 dovecot: director: Error: connect(10.0.50.51:9090) failed: Invalid argument Invalid argument is present as bind() is not done with the appropriate IP : # strace -p 6063 -fF -s 1024 -e trace=bind,connect bind(28, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("10.0.50.50")}, 16) = 0 connect(28, {sa_family=AF_INET, sin_port=htons(9090), sin_addr=inet_addr("10.0.50.51")}, 16) = -1 EINVAL (Invalid argument) Also, during this time, CPU is ~100% used. bind() is done with node1 IP address. I also tested using a DNS : director_servers = director-all director-all is two A entries, first containing 10.0.50.50, second 10.0.50.51 and the result here is exactly the same. Using two configurations : # director_servers on node1 director_servers = 10.0.50.50 10.0.50.51 # director_servers on node2 director_servers = 10.0.50.51 10.0.50.50 Give the same result as showed before : # ring status on node1 director ip port type last failed 10.0.50.50 9090 self never 10.0.50.51 9090 never # ring status on node2 director ip port type last failed 10.0.50.50 9090 self never 10.0.50.51 9090 never It seems that first sorted entry in director_servers is considered as "self". I'm using dovecot 2.1.10-0~auto+55 debian package from rename-it repository. Thanks for your help. -- Beber -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121120/3cad8bb1/attachment.bin> From mathieu at 400iso.net Wed Nov 21 00:08:52 2012 From: mathieu at 400iso.net (Mathieu R.) Date: Tue, 20 Nov 2012 23:08:52 +0100 Subject: [Dovecot] Need help for configure sieve In-Reply-To: <50ABE39B.5070103@localhost.localdomain.org> References: <5f92c95abae1b9ffe8d39bc5edd267c2@400iso.net> <50ABDF3E.2040605@localhost.localdomain.org> <591e65f27a23bef233371ba237841cb3@400iso.net> <50ABE39B.5070103@localhost.localdomain.org> Message-ID: <babad5ee75be26067052f340f26bedd4@400iso.net> Le 20/11/2012 21:10, Pascal Volk a ?crit?: > On 11/20/2012 09:01 PM Mathieu R. wrote: >> i added >> >> dovecot unix - n n - - pipe >> flags=DRhu user=vmail:vmail >> argv=/usr/local/libexec/dovecot/dovecot-lda -f ${sender} -d >> ${recipient} >> >> in master.cf in order to use LDA, is that enough ? >> > > don't forget: > > postconf -e virtual_transport=dovecot: > postfix reload just did what you tell me, broke my config (gave me : virtual_transport = dovecot: and then got that error : 2012-11-20T22:03:23.108392+00:00 localhost pipe[28359] fatal: pipe_command: execvp /usr/local/libexec/dovecot/dovecot-lda: No such file or directory switched back to previous config... > > > Regards, > Pascal -- Mathieu R. From user+dovecot at localhost.localdomain.org Wed Nov 21 00:11:16 2012 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Tue, 20 Nov 2012 23:11:16 +0100 Subject: [Dovecot] Need help for configure sieve In-Reply-To: <babad5ee75be26067052f340f26bedd4@400iso.net> References: <5f92c95abae1b9ffe8d39bc5edd267c2@400iso.net> <50ABDF3E.2040605@localhost.localdomain.org> <591e65f27a23bef233371ba237841cb3@400iso.net> <50ABE39B.5070103@localhost.localdomain.org> <babad5ee75be26067052f340f26bedd4@400iso.net> Message-ID: <50AC0004.2080301@localhost.localdomain.org> On 11/20/2012 11:08 PM Mathieu R. wrote: > Le 20/11/2012 21:10, Pascal Volk a ?crit : >> On 11/20/2012 09:01 PM Mathieu R. wrote: >>> i added >>> >>> dovecot unix - n n - - pipe >>> flags=DRhu user=vmail:vmail >>> argv=/usr/local/libexec/dovecot/dovecot-lda -f ${sender} -d >>> ${recipient} >>> >>> in master.cf in order to use LDA, is that enough ? >>> >> >> don't forget: >> >> postconf -e virtual_transport=dovecot: >> postfix reload > > just did what you tell me, broke my config (gave me : virtual_transport > = dovecot: and then got that error : > > 2012-11-20T22:03:23.108392+00:00 localhost pipe[28359] fatal: > pipe_command: execvp /usr/local/libexec/dovecot/dovecot-lda: No such > file or directory > > switched back to previous config... Are you sure your dovecot-lda binary is located in /usr/local/libexec/dovecot/? You have to use an existing path - not just copy and paste something. Regards, Pascal -- The trapper recommends today: face1e55.1232523 at localdomain.org From mathieu at 400iso.net Wed Nov 21 00:53:36 2012 From: mathieu at 400iso.net (Mathieu R.) Date: Tue, 20 Nov 2012 23:53:36 +0100 Subject: [Dovecot] Need help for configure sieve In-Reply-To: <50AC0004.2080301@localhost.localdomain.org> References: <5f92c95abae1b9ffe8d39bc5edd267c2@400iso.net> <50ABDF3E.2040605@localhost.localdomain.org> <591e65f27a23bef233371ba237841cb3@400iso.net> <50ABE39B.5070103@localhost.localdomain.org> <babad5ee75be26067052f340f26bedd4@400iso.net> <50AC0004.2080301@localhost.localdomain.org> Message-ID: <cd1638cdebaa43febc318a8f46d07893@400iso.net> Le 20/11/2012 23:11, Pascal Volk a ?crit?: > On 11/20/2012 11:08 PM Mathieu R. wrote: >> Le 20/11/2012 21:10, Pascal Volk a ?crit : >>> On 11/20/2012 09:01 PM Mathieu R. wrote: >>>> i added >>>> >>>> dovecot unix - n n - - pipe >>>> flags=DRhu user=vmail:vmail >>>> argv=/usr/local/libexec/dovecot/dovecot-lda -f ${sender} -d >>>> ${recipient} >>>> >>>> in master.cf in order to use LDA, is that enough ? >>>> >>> >>> don't forget: >>> >>> postconf -e virtual_transport=dovecot: >>> postfix reload >> >> just did what you tell me, broke my config (gave me : >> virtual_transport >> = dovecot: and then got that error : >> >> 2012-11-20T22:03:23.108392+00:00 localhost pipe[28359] fatal: >> pipe_command: execvp /usr/local/libexec/dovecot/dovecot-lda: No such >> file or directory >> >> switched back to previous config... > > > Are you sure your dovecot-lda binary is located in > /usr/local/libexec/dovecot/? > You have to use an existing path - not just copy and paste something. of course you're right, i was stupid. corrected the path (to /usr/lib/dovecot/dovecot-lda), executed postconf -e virtual_transport=dovecot: postfix reload and got this error now : 2012-11-20T22:50:03.121109+00:00 localhost postfix/pipe[28785]: 7D9F825269: to=<mathieu at 400iso.net>, relay=dovecot, de lay=8620, delays=8619/0.06/0/0.07, dsn=4.3.0, status=deferred (temporary failure. Command output: lda: Error: user mat hieu at 400iso.net: Error reading configuration: Invalid settings: postmaster_address setting not given lda: Fatal: Inter nal error occurred. Refer to server log for more information. ) thank a lot for your help > > > Regards, > Pascal -- Mathieu R. From user+dovecot at localhost.localdomain.org Wed Nov 21 00:57:52 2012 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Tue, 20 Nov 2012 23:57:52 +0100 Subject: [Dovecot] Need help for configure sieve In-Reply-To: <cd1638cdebaa43febc318a8f46d07893@400iso.net> References: <5f92c95abae1b9ffe8d39bc5edd267c2@400iso.net> <50ABDF3E.2040605@localhost.localdomain.org> <591e65f27a23bef233371ba237841cb3@400iso.net> <50ABE39B.5070103@localhost.localdomain.org> <babad5ee75be26067052f340f26bedd4@400iso.net> <50AC0004.2080301@localhost.localdomain.org> <cd1638cdebaa43febc318a8f46d07893@400iso.net> Message-ID: <50AC0AF0.30900@localhost.localdomain.org> On 11/20/2012 11:53 PM Mathieu R. wrote: > > and got this error now : > ? lda: Error: user mathieu at 400iso.net: Error reading configuration: Invalid settings: > postmaster_address setting not given ? You have to configure a valid postmaster_address in conf.d/15-lda.conf Regards, Pascal -- The trapper recommends today: face1e55.1232523 at localdomain.org From mathieu at 400iso.net Wed Nov 21 01:00:37 2012 From: mathieu at 400iso.net (Mathieu R.) Date: Wed, 21 Nov 2012 00:00:37 +0100 Subject: [Dovecot] Need help for configure sieve In-Reply-To: <50AC0AF0.30900@localhost.localdomain.org> References: <5f92c95abae1b9ffe8d39bc5edd267c2@400iso.net> <50ABDF3E.2040605@localhost.localdomain.org> <591e65f27a23bef233371ba237841cb3@400iso.net> <50ABE39B.5070103@localhost.localdomain.org> <babad5ee75be26067052f340f26bedd4@400iso.net> <50AC0004.2080301@localhost.localdomain.org> <cd1638cdebaa43febc318a8f46d07893@400iso.net> <50AC0AF0.30900@localhost.localdomain.org> Message-ID: <8133e84c1059fa344dee37994bdf0c47@400iso.net> Le 20/11/2012 23:57, Pascal Volk a ?crit?: > On 11/20/2012 11:53 PM Mathieu R. wrote: >> >> and got this error now : >> ? lda: Error: user mathieu at 400iso.net: Error reading configuration: >> Invalid settings: >> postmaster_address setting not given ? > > You have to configure a valid postmaster_address in > conf.d/15-lda.conf > > > Regards, > Pascal just made it falling in work... thanks a lot, again -- Mathieu R. From dave at boostpro.com Wed Nov 21 04:30:39 2012 From: dave at boostpro.com (Dave Abrahams) Date: Tue, 20 Nov 2012 21:30:39 -0500 Subject: [Dovecot] [BUMP] Unanswered: how to force FTS indexing? References: <m2pq43k7n3.fsf@cone.luannocracy.com> <508C9C8A.8000309@hardwarefreak.com> <m2vcdpfkz7.fsf@cone.luannocracy.com> <m2zk2knsnf.fsf_-_@cone.luannocracy.com> <50A5B666.9090507@amfes.com> <m2zk2hnu3r.fsf@cube.luannocracy.com> <50A73047.7080706@amfes.com> <m2k3tjgdrb.fsf@boostpro.com> <assp.06705d8db5.50AA8830.9000903@amfes.com> Message-ID: <m2wqxfelgw.fsf@boostpro.com> on Mon Nov 19 2012, "Daniel L. Miller" <dmiller-AT-amfes.com> wrote: > On 11/18/2012 6:57 AM, Dave Abrahams wrote: >> I take it back; I'm not sure if "doveadm search" causes re-indexing. >> However, I *know* issuing a search command from a Python IMAP library >> doesn't do so. >> > > That indicates something else is broken - unless my Dovecot > understanding is totally off (which is always possible, even likely). > To my knowledge, until the relatively recent support for the "doveadm > index" command, the primary and indeed only way to index was to > perform a search. When Dovecot receives a search request, whether > passed by IMAP or through the doveadm backdoor, if the mailbox isn't > current then any new mails are supposed to be added to the index in > the course of the search. If that doesn't happen - then I think > something is broken in your setup. Well, perhaps I didn't satisfy the "mailbox isn't current" criterion. All I had done was to delete the FTS indices when I tried this. -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From timor at o2.pl Wed Nov 21 12:15:31 2012 From: timor at o2.pl (Tomek) Date: Wed, 21 Nov 2012 11:15:31 +0100 Subject: [Dovecot] Proxy to join two accounts Message-ID: <50ACA9C3.9000004@o2.pl> Hello, I have server with IMAP on dovecot for user mails and second server on archiveopteryx as mail archive. I'm wondering if it's possible to make some sort of proxy to these two servers in way where: - dovecot server will be main IMAP service with INBOX, etc - I want archiveopteryx account to be something like shared folder with read only access (no delete, no move, etc) in path ex. /archive/user.name - this proxy mappings should allow adding few archive accounts to one user (in case of people replacement) + it will be cool if this mappings could be defined in database so I could write tools to manage archive access for bosses. Is such case possible to achieve with dovecot (any howto or example would be very helpful)? If not - do you know any proxy tools that could allow such configuration? Thanks for any help. Regards, Tomek. From CMarcus at Media-Brokers.com Wed Nov 21 14:02:55 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 21 Nov 2012 07:02:55 -0500 Subject: [Dovecot] v2.1 memory usage In-Reply-To: <50A14EA1.3050307@wildgooses.com> References: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> <1352151633.13571.116.camel@hurina> <1352157757.13571.121.camel@hurina> <50992C33.8030505@wildgooses.com> <5A7F7F7A-9CEB-4A20-B03C-99EE81351114@iki.fi> <50A04CAE.5040608@amfes.com> <50A04EFA.1080202@thelounge.net> <assp.1663a3b60b.f55349df7c455907404f9b76b8a6809e@amfes.com> <50A14EA1.3050307@wildgooses.com> Message-ID: <50ACC2EF.6060203@Media-Brokers.com> On 2012-11-12 2:31 PM, Ed W <lists at wildgooses.com> wrote: > Openssl is a *massive* project and I'm unsure that gnutls is much > smaller... We should assume that both are quite scary from a > "security" point of view. Licensing is the main thing which divides > them, gnutls is stated as GPL compatible (however, the nominal > incompatibility of openssl seems difficult to understand?) > > OpenVPN integrated with PolarSSL and got Dutch government official > approval for the combined package. I think elsewhere it's stated that > openssl would not have been approved because something like the > codebase was too large to inspect and sign off > http://polarssl.org/news?item=0132 > > I haven't worked with PolarSSL, so no idea, but it's massively smaller > codebase is likely attractive if you are the kind of person who > actually *does* security audits on the software you run in secure > situations. > > Openssl is just a complete swiss army knife of tools! Very interesting... I'd certainly be interested in switching to it, as long as the most common tools are supported Is it considered a drop in replacement for OpenSSL? -- Best regards, Charles From ramon.frontera at uib.es Wed Nov 21 15:05:17 2012 From: ramon.frontera at uib.es (Ramon Frontera) Date: Wed, 21 Nov 2012 14:05:17 +0100 Subject: [Dovecot] Dovecot director doveadm with switch "-A" error Message-ID: <453DDEEC-1372-40D2-ADD5-00F56904C52A@uib.es> Hi, we have a problem with our director proxy configuration. When we run on proxy server the doveadm command with -A switch, fails with the error: # doveadm -D quota get -A doveadm(user1): Debug: auth input: user=user1 proxy starttls=any-cert doveadm(user1): Error: Proxy is missing destination host doveadm: Error: Failed to iterate through some users If we execute the command with a single user, director assigns host and goes well, Example: # doveadm -D quota get -u user1 doveadm(user1): Debug: auth input: user=user1 proxy starttls=any-cert host=xx.xx.xx.xx proxy_refresh=450 Quota name Type Value Limit % User quota STORAGE 159401 2621440 6 User quota MESSAGE 341 - 0 We have tried different configurations and all goes wrong with this "-A" switch, Timo please, could you tell us if we have a missconfiguration or its a possible director bug ?? We really want execute the expire plugin on ours directors and them redirect to the backends servers of every user. thanks in advance. Our doveconf -n: # dovecot -n # 2.1.10: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-279.14.1.el6.x86_64 x86_64 CentOS release 6.3 (Final) auth_cache_size = 3 k auth_cache_ttl = 15 mins auth_debug = yes auth_verbose = yes base_dir = /var/run/dovecot/ default_client_limit = 30000 default_process_limit = 5000 dict { expire = mysql:/etc/dovecot/dovecot-dict-expire.conf.ext } director_doveadm_port = 990 director_mail_servers = mailserver1 mailserver2 director_servers = proxy1 doveadm_proxy_port = 24245 lmtp_proxy = yes mail_debug = yes mail_plugins = expire quota managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace inbox { location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-ldap-users.conf.ext driver = ldap } plugin { expire = Trash expire2 = Trash/* expire_dict = proxy::expire } postmaster_address = postmaster<at>company protocols = imap pop3 lmtp sieve service auth { client_limit = 27048 unix_listener /var/spool/postfix/private/auth { mode = 0666 } unix_listener auth-userdb { group = dovecot mode = 0660 } } service director { fifo_listener login/proxy-notify { mode = 0600 user = $default_login_user } inet_listener { port = 9090 } unix_listener director-userdb { mode = 0660 } unix_listener login/director { mode = 0666 } } service doveadm { executable = doveadm-server director inet_listener doveadm-server { port = 24245 } } service imap-login { executable = imap-login director inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } } service ipc { unix_listener ipc { user = dovecot } } service lmtp { client_limit = 1 inet_listener lmtp { port = 30025 } } service managesieve-login { executable = managesieve-login director } service pop3-login { executable = pop3-login director inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } } ssl = required ssl_cert = </etc/pki/tls/certs/imap.crt ssl_key = </etc/pki/tls/private/imap.uib.es_privatekey.pem syslog_facility = local1 userdb { driver = prefetch } userdb { args = /etc/dovecot/dovecot-ldap-users.conf.ext driver = ldap } verbose_proctitle = yes protocol lmtp { auth_socket_path = director-userdb mail_plugins = expire quota sieve quota passdb { args = /etc/dovecot/dovecot-ldap-pass.conf.lmtp driver = ldap } } protocol doveadm { auth_socket_path = director-userdb } protocol imap { mail_max_userip_connections = 20 mail_plugins = expire quota } protocol pop3 { pop3_client_workarounds = outlook-no-nuls oe-ns-eoh } local ip/24/24 { doveadm_password = supersecretpassword } -- ------------------------------------------ Ramon Frontera Gallardo Universitat de les Illes Balears From tibby at tibby.hu Wed Nov 21 16:23:41 2012 From: tibby at tibby.hu (tibby at tibby.hu) Date: Wed, 21 Nov 2012 15:23:41 +0100 Subject: [Dovecot] Autocreate No namespace for Problem Message-ID: <2a18f5a901122a66ca063fa0e2122c4f@tibby.hu> Hi! I see this in the log: autocreate: No namespace found for Trash autocreate: No namespace found for Spam autocreate: No namespace found for Sent autocreate: No namespace found for Trash autocreate: No namespace found for Spam autocreate: No namespace found for Sent Why do I get this error ? Do I need to create a separate namespace for every folder? The config file looks like this: namespace private { separator = . prefix = INBOX. inbox = yes subscriptions = yes list = yes } ... plugin { autocreate = Trash autocreate2 = Spam autocreate3 = Sent autosubscribe = Trash autosubscribe2 = Spam autosubscribe3 = Sent } Thanks! From rs at sys4.de Wed Nov 21 16:41:14 2012 From: rs at sys4.de (Robert Schetterer) Date: Wed, 21 Nov 2012 15:41:14 +0100 Subject: [Dovecot] Autocreate No namespace for Problem In-Reply-To: <2a18f5a901122a66ca063fa0e2122c4f@tibby.hu> References: <2a18f5a901122a66ca063fa0e2122c4f@tibby.hu> Message-ID: <50ACE80A.8050207@sys4.de> Am 21.11.2012 15:23, schrieb tibby at tibby.hu: > Hi! > > I see this in the log: > autocreate: No namespace found for Trash > autocreate: No namespace found for Spam > autocreate: No namespace found for Sent > autocreate: No namespace found for Trash > autocreate: No namespace found for Spam > autocreate: No namespace found for Sent > > Why do I get this error ? > Do I need to create a separate namespace for every folder? > > The config file looks like this: > namespace private { > separator = . > prefix = INBOX. > inbox = yes > subscriptions = yes > list = yes > } > ... > plugin { > autocreate = Trash > autocreate2 = Spam > autocreate3 = Sent > autosubscribe = Trash > autosubscribe2 = Spam > autosubscribe3 = Sent > } > > Thanks! > just a guess try autocreate = INBOX.Trash cause you did prefix = INBOX. Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From egbert at vandenbussche.nl Wed Nov 21 16:58:31 2012 From: egbert at vandenbussche.nl (Egbert) Date: Wed, 21 Nov 2012 15:58:31 +0100 Subject: [Dovecot] XMLRPC anyone? Message-ID: <50ACEC17.5090504@vandenbussche.nl> Hi, Is there any code around that lets Dovecot (2.x) aauthenticate via a XMLRPC server (which connects to a LDAP server) instead of going directly to a LDAP server? It could give much more flexibility. TIA Egbert Jan, NL From andreas.kasenides at cs.ucy.ac.cy Wed Nov 21 19:34:55 2012 From: andreas.kasenides at cs.ucy.ac.cy (Andreas Kasenides) Date: Wed, 21 Nov 2012 19:34:55 +0200 Subject: [Dovecot] Filesystem quotas Message-ID: <50AD10BF.8040500@cs.ucy.ac.cy> I could not determine if when using filesystem quotas (http://wiki2.dovecot.org/Quota/FS) Dovecot will use the reported quota and limits without the need of configuring them via "quota_rules". Is this possible somehow? Such a feature would determine the quota limits automatically from the filesystem quotas thereby allowing to make use of them in quota warnings. Dovecot already knows the quota settings and limits. Here is evidence from the logs > Nov 21 19:24:22 iolaos dovecot: imap(user): Debug: box=/Mail/ank > mount=/newmail match=yes > Nov 21 19:24:22 iolaos dovecot: imap(user): Debug: quota-fs: > host=xxxx.xxxx.ucy.xx.cy, path=/mail, uid=211, bytes > Nov 21 19:24:22 iolaos dovecot: imap(user): Debug: quota-fs: uid=211, > value=2779115520, limit=8388608000 I am using (testing) version 2.2alpha1. Thankx. -- Andreas Kasenides Senior IT Officer University of Cyprus, Dept. of Computer Science Tel: 22892714, Fax: 22892701 From pzucchi at gmail.com Thu Nov 22 10:46:34 2012 From: pzucchi at gmail.com (Piero Zucchi) Date: Thu, 22 Nov 2012 09:46:34 +0100 Subject: [Dovecot] imap_acl and osx 10.7 Message-ID: <CA+rZbg4cAbJRefQF-AkvQtHvXNxJrgbpe=wfXnj_Uob6q1KtVQ@mail.gmail.com> Hello everybody, I'm trying to setup public folder with ACLs on a Lion Server 10.7.5 unfortunately it seems that the imap_acl plugin is not loaded properly do you have any advice? cheers Piero This is what i get from the log with imap_acl plugin enabled in protocol imap?{ } Log file: imap: Debug: Loading modules from directory: /usr/lib/dovecot Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: dlopen(/usr/lib/dovecot/lib02_imap_acl_plugin.so) failed: dlopen(/usr/lib/dovecot/lib02_imap_acl_plugin.so, 10): Symbol not found: _acl_user_module Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: Referenced from: /usr/lib/dovecot/lib02_imap_acl_plugin.so Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: Expected in: flat namespace Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: in /usr/lib/dovecot/lib02_imap_acl_plugin.so Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Fatal: Couldn't load required plugins Nov 22 09:08:14 xserve04 dovecot[43220]: master: Error: service(imap): command startup failed, throttling dovecot config # 2.0.16apple1: /etc/dovecot/dovecot.conf # OS: Darwin 11.4.2 x86_64 acfs auth_debug = yes auth_debug_passwords = yes auth_gssapi_hostname = $ALL auth_mechanisms = cram-md5 x-plain-submit apop gssapi plain login auth_socket_path = /var/run/dovecot/auth-userdb auth_username_format = %n default_internal_user = _dovecot default_login_user = _dovenull disable_plaintext_auth = no first_valid_gid = 6 first_valid_uid = 6 hostname = mail.customer.com mail_access_groups = mail mail_debug = yes mail_location = maildir:/Volumes/XsanVolume/Mail/%u mail_log_prefix = "%s(pid %p user %u): " mail_plugins = quota zlib fts fts_sk acl managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mdbox_rotate_size = 200 M namespace { inbox = yes location = prefix = separator = / type = private } namespace { hidden = yes list = children location = maildir:/Volumes/XsanVolume/Mail/Condivise/Interno:CONTROL=/Volumes/XsanVolume/Mail/Condivise/Indexes/%u/shared_Interno:INDEX=/Volumes/XsanVolume/Mail/Condivise/Indexes/%u/shared_Interno prefix = Interno/ separator = / subscriptions = no type = public } passdb { args = /etc/dovecot/submit.passdb driver = passwd-file pass = yes submit = yes } passdb { driver = od } plugin { acl = vfile fts = sk quota = maildir:User quota quota_warning = storage=100%% quota-exceeded %u quota_warning2 = storage=80%% quota-warning %u sieve = /Library/Server/Mail/Data/rules/%u/dovecot.sieve sieve_dir = /Library/Server/Mail/Data/rules/%u } postmaster_address = postmaster at xserve04.customer.com protocols = imap pop3 lmtp sieve quota_full_tempfail = yes service auth { extra_groups = _keytabusers idle_kill = 15 mins } service dns_client { unix_listener dns-client { mode = 0600 } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } service_count = 0 } service imap-postlogin { executable = script-login -d /etc/dovecot/acl_groups.sh unix_listener imap-postlogin { group = mail mode = 0600 user = _dovecot } user = _dovecot } service imap { client_limit = 5 executable = imap imap-postlogin process_limit = 200 service_count = 0 } service lmtp { unix_listener lmtp { mode = 0600 } } service managesieve-login { inet_listener sieve { port = 4190 } inet_listener sieve_deprecated { port = 2000 } } service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } } service pop3 { client_limit = 5 process_limit = 200 service_count = 0 } service quota-exceeded { executable = script /usr/libexec/dovecot/quota-exceeded.sh unix_listener quota-exceeded { group = mail mode = 0660 user = _dovecot } user = _dovecot } service quota-warning { executable = script /usr/libexec/dovecot/quota-warning.sh unix_listener quota-warning { group = mail mode = 0660 user = _dovecot } user = _dovecot } ssl_ca = </etc/certificates/xserve04.customer.com.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.chain.pem ssl_cert = </etc/certificates/xserve04.customer.com.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.cert.pem ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL:!ADH:!eNULL ssl_key = </etc/certificates/xserve04.customer.com.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.key.pem ssl_key_path = /etc/certificates/xserve04.customer.com.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.key.pem syslog_facility = local6 userdb { args = partition=/etc/dovecot/partition_map.conf enforce_quotas=yes driver = od } verbose_proctitle = yes protocol lmtp { mail_plugins = quota zlib fts fts_sk sieve } protocol lda { mail_plugins = quota zlib fts fts_sk sieve } protocol imap { imap_id_log = * imap_id_send = "name" * "version" * mail_max_userip_connections = 20 mail_plugins = quota zlib fts fts_sk imap_quota imap_zlib imap_fts imap_acl urlauth } protocol pop3 { mail_max_userip_connections = 6 } -- Piero Zucchi Apple Certified Trainer Apple Certified Specialist Professional 10.8 Apple Certified Technical Coordinator 10.7 Apple Certified System Administrator 10.6 Apple Certified Technical Coordinator 10.6 Apple Certified Specialist - Mac Os X Directory Services 10.6 Apple Certified Specialist - Mobility and Security 10.6 Apple Certified System Administrator 10.5 Apple Certified Technical Coordinator 10.5 Apple Certified Support Professional 10.5 Apple Certified Pro - Final Cut Pro 7, Level 1 From andre.bischof at rheinsinn.de Thu Nov 22 10:53:45 2012 From: andre.bischof at rheinsinn.de (Andre Bischof) Date: Thu, 22 Nov 2012 09:53:45 +0100 Subject: [Dovecot] users mail folders have to be subscribed In-Reply-To: <alpine.DEB.2.02.1211201440390.5511@pc-2m63nn> References: <CADLvNSY+rDbOFEdDpkmK6x=o47XDXxNWX6oM9w6pE2WLoLYZNg@mail.gmail.com> <alpine.DEB.2.02.1211201440390.5511@pc-2m63nn> Message-ID: <CADLvNSapszKO3XbMa7ovF8xqdAD6Pz5-tny1t2ZuwwqWtgHB6w@mail.gmail.com> Steffen, 2012/11/20 Steffen Kaiser <skdovecot at smail.inf.fh-brs.de> > ... >> >> Thank you. One thing that still doesn't work is subscribing to all >> mailboxes via "*", I guess because the folder names start with "." but >> dovecot mailbbox subscribe wants it without a starting "." Any clues how >> that can be solved? >> > > > In v2.1.10 > > > doveadm mailbox subscribe -u user at example.com "*" > > does indeed add the string "*" to the subscription list, hence, one cannot > add "all folders" with this wildcard. > > However, you can use the Unix flexible modular command line system :-) > e.g.: > > doveadm mailbox subscribe -u user at example.com \ > $( doveadm mailbox list -u user at example.com ) > > ... That's smart! I solved it a similar way yesterday evening using a loop (found it via google), but your way is even shorter. Regards Andre From rs at sys4.de Thu Nov 22 11:00:08 2012 From: rs at sys4.de (Robert Schetterer) Date: Thu, 22 Nov 2012 10:00:08 +0100 Subject: [Dovecot] imap_acl and osx 10.7 In-Reply-To: <CA+rZbg4cAbJRefQF-AkvQtHvXNxJrgbpe=wfXnj_Uob6q1KtVQ@mail.gmail.com> References: <CA+rZbg4cAbJRefQF-AkvQtHvXNxJrgbpe=wfXnj_Uob6q1KtVQ@mail.gmail.com> Message-ID: <50ADE998.5020803@sys4.de> Am 22.11.2012 09:46, schrieb Piero Zucchi: > Hello everybody, > > I'm trying to setup public folder with ACLs on a Lion Server 10.7.5 > > unfortunately it seems that the imap_acl plugin is not loaded properly > > do you have any advice? > > cheers > Piero i dont really remember but at some time there was a bug with acl plugin try 2.0.21 or 2.1.10 compare your config against http://wiki2.dovecot.org/ACL Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From pzucchi at gmail.com Thu Nov 22 11:22:54 2012 From: pzucchi at gmail.com (Piero Zucchi) Date: Thu, 22 Nov 2012 10:22:54 +0100 Subject: [Dovecot] imap_acl and osx 10.7 In-Reply-To: <50ADE998.5020803@sys4.de> References: <CA+rZbg4cAbJRefQF-AkvQtHvXNxJrgbpe=wfXnj_Uob6q1KtVQ@mail.gmail.com> <50ADE998.5020803@sys4.de> Message-ID: <CA+rZbg7rxf78qpDeHB6QAybZMM8gKrUh+Y5nRP5FjE19nL1QrA@mail.gmail.com> Thank you for your quick reply, Robert. The configuration looks ok, so I will search for version related bugs although it would be very hard upgrading to a newer version, because apple patches apply up to 2.0.16. cheers P. 2012/11/22 Robert Schetterer <rs at sys4.de>: > Am 22.11.2012 09:46, schrieb Piero Zucchi: >> Hello everybody, >> >> I'm trying to setup public folder with ACLs on a Lion Server 10.7.5 >> >> unfortunately it seems that the imap_acl plugin is not loaded properly >> >> do you have any advice? >> >> cheers >> Piero > > i dont really remember but at some time there was a bug with acl plugin > > try 2.0.21 or > 2.1.10 > > compare your config against > > http://wiki2.dovecot.org/ACL > > Best Regards > MfG Robert Schetterer > -- Piero Zucchi Apple Certified Trainer Apple Certified Technical Coordinator 10.8 Apple Certified Technical Coordinator 10.7 Apple Certified System Administrator 10.6 Apple Certified Technical Coordinator 10.6 Apple Certified Specialist - Mac Os X Directory Services 10.6 Apple Certified Specialist - Mobility and Security 10.6 Apple Certified System Administrator 10.5 Apple Certified Technical Coordinator 10.5 Apple Certified Support Professional 10.5 Apple Certified Pro - Final Cut Pro 7, Level 1 From stan at hardwarefreak.com Thu Nov 22 13:26:58 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Thu, 22 Nov 2012 05:26:58 -0600 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <20121110202529.GA30152@anubis.morrow.me.uk> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> <509EA1C4.3050103@hardwarefreak.com> <20121110202529.GA30152@anubis.morrow.me.uk> Message-ID: <50AE0C02.3090207@hardwarefreak.com> On 11/10/2012 2:25 PM, Ben Morrow wrote: > The usual meaning of 'lock contention' is 'two processes legitimately > competing for the *same* lock'. Sure, this is the textbook definition, and software designers will discuss it as such in that context. However, when systems users use the term, in a production use context, they are using it in the context of problems resulting from it, performance or otherwise. I.e. if lock contention isn't causing problems, systems users will not be discussing it. With many things, including software, context is critical. > You appear to be advocating the LDA as the solution to all possible > problems with mail delivery, and implying anyone not using it is doing > something seriously wrong. I advocated no such thing, nor implied such a thing. I stated that if one is using Postfix/local(8) for mbox delivery and Dovecot for POP/IMAP that s/he should switch to LDA (or LMTP) to eliminate any potential mbox locking problems; that it doesn't make sense to use Postfix/local(8) with Dovecot as there is no upside. Again, the context is mbox. Did you see me state this in relation to maildir? > I was pointing out that that is not always > the case. You seem to spend a lot of time pointing out exceptions. > I believe the OP mentioned something about having run out of mboxes for > 20 years? To me that suggests an old-fashioned Unix setup, which in turn > suggests procmail as a likely possibility. I could, of course, be wrong. Examination of his log entry indicates he's not using procmail, but Postfix' local(8) delivery agent directly to the mailbox file: Nov 8 07:49:11 server1 postfix/local[27901]: 04B8E7081DA: to=<xyz at xyz.com>, orig_to=<abc at abc.com>, relay=local, delay=19, delays=0.07/0/0/19, dsn=4.2.0, status=deferred (cannot update mailbox /var/spool/mail/abc for user abc. unable to lock for exclusive access: Resource temporarily unavailable) "unable to lock for exclusive access: Resource temporarily unavailable" is a Postfix local(8) error message. If procmail was configured, you'd likely see this instead: ...status=sent (delivered to command: /usr/bin/procmail...) Then procmail would do the actual delivery to the mailbox (mbox) file, and if a locking problem occurred, it would be logged by procmail, and possibly a bounce sent to the sender. I'm not sure what, if any, error would be returned to local(8) as I've never used procmail. > If I have offended you, I apologise. That was certainly not my > intention. I was not offended, just a bit annoyed. When you attempted to correct my intentional misuse of "light year" it reminded me of something similar. Almost daily I've wanted to stomp on Europeans for sticking the indefinite article "an" in front of words beginning with consonants, when they should be using "a" instead, butchering the English language in the process: "I need help with an Debian Linux install on an Dell server." "I'm installing an Dovecot cluster and need help configuring an Dovecot Director." Supremely irritating, but I've never stomped on them, bit my tongue every time, as it's a waste of time. Maybe you could follow suit. -- Stan From stan at hardwarefreak.com Thu Nov 22 14:09:12 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Thu, 22 Nov 2012 06:09:12 -0600 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <50A0DA65.9080503@1stwebdesigns.com> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> <50A0DA65.9080503@1stwebdesigns.com> Message-ID: <50AE15E8.7050400@hardwarefreak.com> On 11/12/2012 5:15 AM, 1st WebDesigns wrote: > Thanks for your replies. I switched to Dovecot LDA this morning, but > the issue still persists, albeit logged slightly differently by Dovecot > now instead of Postfix: > > "save failed to INBOX: Timeout while waiting for lock" > > The reason is because some pop3 clients Full stop. This is the first time you've mentioned POP that I recall. FYI, Dovecot is primarily an IMAP server. Unless an OP states up front that he's using primarily POP, everyone assumes IMAP and counsels accordingly. You should have stated POP in your first post. Actually, you should have included many more details prior to now. Please post your complete 'dovecot -n' output. > are holding their connection for > 5 or 6 minutes (don't ask me why - and the iPhone seems to be the major > culprit). I'm no smartphone POP expert, but old rural tower, poor tower connection, etc, all cause low data rates, which could cause this. However, you state this problem cropped up out of nowhere after a distro upgrade to CentOS 5. Can you confirm that the problem didn't exist before the upgrade? Your definitive answer to this question dictates the troubleshooting course of action. > In dovecot.conf I changed: > > mbox_lock_timeout = 300 > > to > > mbox_lock_timeout = 600 > > Which seems to have helped. I am unclear if this value only applied to > Dovecot LDA or if it would have worked previously before switching to > Dovecot LDA? This simply changes how long Dovecot will wait to acquire a lock. Increasing this value simply increases delays, masks the underlying problem without really helping much. The only real architectural solution to such a POP/mbox locking problem due to slow/long client downloads is, as you mentioned, moving to a lockless mailbox format, such as maildir or sdbox. Worth noting, we are both/all at fault in the slow progress of this issue, you for not stating POP up front, and me/us for not asking. Your 'dovecot -n' output may allow us to help get mbox working a little better, but the long term solution is very likely moving to maildir/sdbox. -- Stan From skdovecot at smail.inf.fh-brs.de Thu Nov 22 14:18:09 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 22 Nov 2012 13:18:09 +0100 (CET) Subject: [Dovecot] imap_acl and osx 10.7 In-Reply-To: <CA+rZbg4cAbJRefQF-AkvQtHvXNxJrgbpe=wfXnj_Uob6q1KtVQ@mail.gmail.com> References: <CA+rZbg4cAbJRefQF-AkvQtHvXNxJrgbpe=wfXnj_Uob6q1KtVQ@mail.gmail.com> Message-ID: <alpine.DEB.1.10.1211221315190.20004@pc-2m63a.inf.fh-bonn-rhein-sieg.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 22 Nov 2012, Piero Zucchi wrote: > imap: Debug: Loading modules from directory: /usr/lib/dovecot > Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: > dlopen(/usr/lib/dovecot/lib02_imap_acl_plugin.so) failed: > dlopen(/usr/lib/dovecot/lib02_imap_acl_plugin.so, 10): Symbol not > found: _acl_user_module are you sure, that the module is from the very same Dovecot version? I had Symbol not found errors, because I changed the ./configure options and something was not installed properly. After starting from scratch and copying the config over, it worked. Regards, - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBUK4YAmoxLS8a3A9mAQL6bQf/Z1/m/d0fgzPC/g6oA3bSQj4v344BcC7y SeCEHf4YRZITRP87gtGyJSyrK8DamupXSiM3eyutddl3aNUmsfhDoV0f2DVBkSeI soAQeMTSOal4214sUzJVK51kC448f1mdVLGhsCGI+FtUKSlq0K6XX4W+RTFQcEri Q1cq+Z+2fP42DfQlhXxvW3N4vJmqPDkARyCylu6IUs0S9xuc9mE1BF/aRQCGk6cv 68pD+Bt/PzfBNnm+TuA+xyZab90JrbZTh5pYnvf9i17xcEvi2VqRMAX6hfhg3FkV Wp7M5as+kY7op23cnCvULzdMMbKoZnPl3LEY+/YetU7gB0nyqlAW9g== =yB4V -----END PGP SIGNATURE----- From pzucchi at gmail.com Thu Nov 22 15:30:22 2012 From: pzucchi at gmail.com (Piero Zucchi) Date: Thu, 22 Nov 2012 14:30:22 +0100 Subject: [Dovecot] imap_acl and osx 10.7 In-Reply-To: <alpine.DEB.1.10.1211221315190.20004@pc-2m63a.inf.fh-bonn-rhein-sieg.de> References: <CA+rZbg4cAbJRefQF-AkvQtHvXNxJrgbpe=wfXnj_Uob6q1KtVQ@mail.gmail.com> <alpine.DEB.1.10.1211221315190.20004@pc-2m63a.inf.fh-bonn-rhein-sieg.de> Message-ID: <CA+rZbg4x4_xrpVDo=q3nA3WznJ+vxQH+1xhA9KMRf34DO9nM3Q@mail.gmail.com> Hallo Steffen, yes, I'm quite sure since it's a default mac os x server installation, so I haven neither installed nor compiled anything. P. 2012/11/22 Steffen Kaiser <skdovecot at smail.inf.fh-brs.de>: > are you sure, that the module is from the very same Dovecot version? > I had Symbol not found errors, because I changed the ./configure options and > something was not installed properly. After starting from scratch and > copying the config over, it worked. > > Regards, > > - -- Steffen Kaiser -- Piero Zucchi Apple Certified Trainer Apple Certified Specialist Professional 10.8 Apple Certified Technical Coordinator 10.7 Apple Certified System Administrator 10.6 Apple Certified Technical Coordinator 10.6 Apple Certified Specialist - Mac Os X Directory Services 10.6 Apple Certified Specialist - Mobility and Security 10.6 Apple Certified System Administrator 10.5 Apple Certified Technical Coordinator 10.5 Apple Certified Support Professional 10.5 Apple Certified Pro - Final Cut Pro 7, Level 1 From puccia+ml-dovecot at gmail.com Thu Nov 22 15:50:32 2012 From: puccia+ml-dovecot at gmail.com (Emanuele Pucciarelli) Date: Thu, 22 Nov 2012 14:50:32 +0100 Subject: [Dovecot] imap_acl and osx 10.7 In-Reply-To: <CA+rZbg4cAbJRefQF-AkvQtHvXNxJrgbpe=wfXnj_Uob6q1KtVQ@mail.gmail.com> References: <CA+rZbg4cAbJRefQF-AkvQtHvXNxJrgbpe=wfXnj_Uob6q1KtVQ@mail.gmail.com> Message-ID: <CA+oQUaQK7-EmTYAFT5okRT8PZyUmvK=e+rOOydFpwpNU2pS46Q@mail.gmail.com> Ciao Piero! :) Apparently, you might be running into this: http://dovecot.org/list/dovecot/2012-October/068723.html OS X's dynamic linker is not among the forgiving ones (as far as I know from experience with other software). It looks like Apple shipped Dovecot without running any tests with the extra plugins (which I do not believe they do). Unfortunately, even assuming this nails it, I wouldn't know off the top of my head how to fix it without recompiling from sources; install_name_tool(1) will only change the names of listed shared libraries, but not add new ones. Perhaps someone else has further advice on this matter. Emanuele On 22 November 2012 09:46, Piero Zucchi <pzucchi at gmail.com> wrote: > Hello everybody, > > I'm trying to setup public folder with ACLs on a Lion Server 10.7.5 > > unfortunately it seems that the imap_acl plugin is not loaded properly > > do you have any advice? > > cheers > Piero > > > > This is what i get from the log with imap_acl plugin enabled in > protocol imap { } > > Log file: > > imap: Debug: Loading modules from directory: /usr/lib/dovecot > Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: > dlopen(/usr/lib/dovecot/lib02_imap_acl_plugin.so) failed: > dlopen(/usr/lib/dovecot/lib02_imap_acl_plugin.so, 10): Symbol not > found: _acl_user_module > Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: Referenced > from: /usr/lib/dovecot/lib02_imap_acl_plugin.so > Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: Expected in: > flat namespace > Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: in > /usr/lib/dovecot/lib02_imap_acl_plugin.so > Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Fatal: Couldn't load > required plugins > Nov 22 09:08:14 xserve04 dovecot[43220]: master: Error: service(imap): > command startup failed, throttling > > > dovecot config > > # 2.0.16apple1: /etc/dovecot/dovecot.conf > # OS: Darwin 11.4.2 x86_64 acfs > auth_debug = yes > auth_debug_passwords = yes > auth_gssapi_hostname = $ALL > auth_mechanisms = cram-md5 x-plain-submit apop gssapi plain login > auth_socket_path = /var/run/dovecot/auth-userdb > auth_username_format = %n > default_internal_user = _dovecot > default_login_user = _dovenull > disable_plaintext_auth = no > first_valid_gid = 6 > first_valid_uid = 6 > hostname = mail.customer.com > mail_access_groups = mail > mail_debug = yes > mail_location = maildir:/Volumes/XsanVolume/Mail/%u > mail_log_prefix = "%s(pid %p user %u): " > mail_plugins = quota zlib fts fts_sk acl > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope > encoded-character vacation subaddress comparator-i;ascii-numeric > relational regex imap4flags copy include variables body enotify > environment mailbox date ihave > mdbox_rotate_size = 200 M > namespace { > inbox = yes > location = > prefix = > separator = / > type = private > } > namespace { > hidden = yes > list = children > location = maildir:/Volumes/XsanVolume/Mail/Condivise/Interno:CONTROL=/Volumes/XsanVolume/Mail/Condivise/Indexes/%u/shared_Interno:INDEX=/Volumes/XsanVolume/Mail/Condivise/Indexes/%u/shared_Interno > prefix = Interno/ > separator = / > subscriptions = no > type = public > } > passdb { > args = /etc/dovecot/submit.passdb > driver = passwd-file > pass = yes > submit = yes > } > passdb { > driver = od > } > plugin { > acl = vfile > fts = sk > quota = maildir:User quota > quota_warning = storage=100%% quota-exceeded %u > quota_warning2 = storage=80%% quota-warning %u > sieve = /Library/Server/Mail/Data/rules/%u/dovecot.sieve > sieve_dir = /Library/Server/Mail/Data/rules/%u > } > postmaster_address = postmaster at xserve04.customer.com > protocols = imap pop3 lmtp sieve > quota_full_tempfail = yes > service auth { > extra_groups = _keytabusers > idle_kill = 15 mins > } > service dns_client { > unix_listener dns-client { > mode = 0600 > } > } > service imap-login { > inet_listener imap { > port = 143 > } > inet_listener imaps { > port = 993 > ssl = yes > } > service_count = 0 > } > service imap-postlogin { > executable = script-login -d /etc/dovecot/acl_groups.sh > unix_listener imap-postlogin { > group = mail > mode = 0600 > user = _dovecot > } > user = _dovecot > } > service imap { > client_limit = 5 > executable = imap imap-postlogin > process_limit = 200 > service_count = 0 > } > service lmtp { > unix_listener lmtp { > mode = 0600 > } > } > service managesieve-login { > inet_listener sieve { > port = 4190 > } > inet_listener sieve_deprecated { > port = 2000 > } > } > service pop3-login { > inet_listener pop3 { > port = 110 > } > inet_listener pop3s { > port = 995 > ssl = yes > } > } > service pop3 { > client_limit = 5 > process_limit = 200 > service_count = 0 > } > service quota-exceeded { > executable = script /usr/libexec/dovecot/quota-exceeded.sh > unix_listener quota-exceeded { > group = mail > mode = 0660 > user = _dovecot > } > user = _dovecot > } > service quota-warning { > executable = script /usr/libexec/dovecot/quota-warning.sh > unix_listener quota-warning { > group = mail > mode = 0660 > user = _dovecot > } > user = _dovecot > } > ssl_ca = </etc/certificates/xserve04.customer.com.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.chain.pem > ssl_cert = </etc/certificates/xserve04.customer.com.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.cert.pem > ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL:!ADH:!eNULL > ssl_key = </etc/certificates/xserve04.customer.com.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.key.pem > ssl_key_path = /etc/certificates/xserve04.customer.com.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.key.pem > syslog_facility = local6 > userdb { > args = partition=/etc/dovecot/partition_map.conf enforce_quotas=yes > driver = od > } > verbose_proctitle = yes > protocol lmtp { > mail_plugins = quota zlib fts fts_sk sieve > } > protocol lda { > mail_plugins = quota zlib fts fts_sk sieve > } > protocol imap { > imap_id_log = * > imap_id_send = "name" * "version" * > mail_max_userip_connections = 20 > mail_plugins = quota zlib fts fts_sk imap_quota imap_zlib imap_fts > imap_acl urlauth > } > protocol pop3 { > mail_max_userip_connections = 6 > } > > > > > -- > Piero Zucchi > > Apple Certified Trainer > > Apple Certified Specialist Professional 10.8 > > Apple Certified Technical Coordinator 10.7 > > Apple Certified System Administrator 10.6 > Apple Certified Technical Coordinator 10.6 > Apple Certified Specialist - Mac Os X Directory Services 10.6 > Apple Certified Specialist - Mobility and Security 10.6 > > Apple Certified System Administrator 10.5 > Apple Certified Technical Coordinator 10.5 > Apple Certified Support Professional 10.5 > > Apple Certified Pro - Final Cut Pro 7, Level 1 From rplatel at tucows.com Thu Nov 22 17:06:15 2012 From: rplatel at tucows.com (Richard Platel) Date: Thu, 22 Nov 2012 10:06:15 -0500 Subject: [Dovecot] Plugin help, number of messages in mailbox Message-ID: <E1F02117-7120-4920-9807-4295BD5732A5@tucows.com> Hi, We use Dovecot for IMAP and POP (but not LDA), we want to do something when a user has an INBOX that becomes empty, or becomes not empty (set a flag in memcached, but that's not really important). I'm writing a plugin (for Dovecot 2.1.7). On mailbox_open() I can use mailbox_get_status() to get a count of messages in the mailbox, and then decrement this in expunge() or increment it in mailbox save_finish() (for IMAP APPEND or COPY commands). However in expunge() and mailbox_save_finish, even after calling the super function, mailbox_get_status doesn't update the number of messages in the mailbox. This is a problem if (for example) there are concurrent POP sessions. Two POP sessions could get all the messages in INBOX, one could logout, calling expunge a few times, eventually causing my plugin to note that the inbox is empty, then our LDA could deliver a message, mark the INBOX not empty, then the other POP session could log out, call expunge and cause my plugin to mark the INBOX empty, when it's not. So in summation: how can a plugin be notified of changes to a mailbox, and then accurately get the real number of messages in that mailbox? From pzucchi at gmail.com Thu Nov 22 17:07:14 2012 From: pzucchi at gmail.com (Piero Zucchi) Date: Thu, 22 Nov 2012 16:07:14 +0100 Subject: [Dovecot] imap_acl and osx 10.7 In-Reply-To: <CA+oQUaQK7-EmTYAFT5okRT8PZyUmvK=e+rOOydFpwpNU2pS46Q@mail.gmail.com> References: <CA+rZbg4cAbJRefQF-AkvQtHvXNxJrgbpe=wfXnj_Uob6q1KtVQ@mail.gmail.com> <CA+oQUaQK7-EmTYAFT5okRT8PZyUmvK=e+rOOydFpwpNU2pS46Q@mail.gmail.com> Message-ID: <CA+rZbg5U1EEzUt1j_UYa7DkfeeX_F6D6qtWE1EiBeRF=p-HphA@mail.gmail.com> ciao Emanuele! :) Thanks so much for your answer :). I will file a bug on radar (apple) and see if they fix it or piss me off: "we do not support acl on email". P. 2012/11/22 Emanuele Pucciarelli <puccia+ml-dovecot at gmail.com>: > Ciao Piero! :) > > Apparently, you might be running into this: > > http://dovecot.org/list/dovecot/2012-October/068723.html > > OS X's dynamic linker is not among the forgiving ones (as far as I > know from experience with other software). It looks like Apple shipped > Dovecot without running any tests with the extra plugins (which I do > not believe they do). > > Unfortunately, even assuming this nails it, I wouldn't know off the > top of my head how to fix it without recompiling from sources; > install_name_tool(1) will only change the names of listed shared > libraries, but not add new ones. Perhaps someone else has further > advice on this matter. > > Emanuele > > > On 22 November 2012 09:46, Piero Zucchi <pzucchi at gmail.com> wrote: >> Hello everybody, >> >> I'm trying to setup public folder with ACLs on a Lion Server 10.7.5 >> >> unfortunately it seems that the imap_acl plugin is not loaded properly >> >> do you have any advice? >> >> cheers >> Piero >> >> >> >> This is what i get from the log with imap_acl plugin enabled in >> protocol imap { } >> >> Log file: >> >> imap: Debug: Loading modules from directory: /usr/lib/dovecot >> Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: >> dlopen(/usr/lib/dovecot/lib02_imap_acl_plugin.so) failed: >> dlopen(/usr/lib/dovecot/lib02_imap_acl_plugin.so, 10): Symbol not >> found: _acl_user_module >> Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: Referenced >> from: /usr/lib/dovecot/lib02_imap_acl_plugin.so >> Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: Expected in: >> flat namespace >> Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: in >> /usr/lib/dovecot/lib02_imap_acl_plugin.so >> Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Fatal: Couldn't load >> required plugins >> Nov 22 09:08:14 xserve04 dovecot[43220]: master: Error: service(imap): >> command startup failed, throttling >> >> >> dovecot config >> >> # 2.0.16apple1: /etc/dovecot/dovecot.conf >> # OS: Darwin 11.4.2 x86_64 acfs >> auth_debug = yes >> auth_debug_passwords = yes >> auth_gssapi_hostname = $ALL >> auth_mechanisms = cram-md5 x-plain-submit apop gssapi plain login >> auth_socket_path = /var/run/dovecot/auth-userdb >> auth_username_format = %n >> default_internal_user = _dovecot >> default_login_user = _dovenull >> disable_plaintext_auth = no >> first_valid_gid = 6 >> first_valid_uid = 6 >> hostname = mail.customer.com >> mail_access_groups = mail >> mail_debug = yes >> mail_location = maildir:/Volumes/XsanVolume/Mail/%u >> mail_log_prefix = "%s(pid %p user %u): " >> mail_plugins = quota zlib fts fts_sk acl >> managesieve_notify_capability = mailto >> managesieve_sieve_capability = fileinto reject envelope >> encoded-character vacation subaddress comparator-i;ascii-numeric >> relational regex imap4flags copy include variables body enotify >> environment mailbox date ihave >> mdbox_rotate_size = 200 M >> namespace { >> inbox = yes >> location = >> prefix = >> separator = / >> type = private >> } >> namespace { >> hidden = yes >> list = children >> location = maildir:/Volumes/XsanVolume/Mail/Condivise/Interno:CONTROL=/Volumes/XsanVolume/Mail/Condivise/Indexes/%u/shared_Interno:INDEX=/Volumes/XsanVolume/Mail/Condivise/Indexes/%u/shared_Interno >> prefix = Interno/ >> separator = / >> subscriptions = no >> type = public >> } >> passdb { >> args = /etc/dovecot/submit.passdb >> driver = passwd-file >> pass = yes >> submit = yes >> } >> passdb { >> driver = od >> } >> plugin { >> acl = vfile >> fts = sk >> quota = maildir:User quota >> quota_warning = storage=100%% quota-exceeded %u >> quota_warning2 = storage=80%% quota-warning %u >> sieve = /Library/Server/Mail/Data/rules/%u/dovecot.sieve >> sieve_dir = /Library/Server/Mail/Data/rules/%u >> } >> postmaster_address = postmaster at xserve04.customer.com >> protocols = imap pop3 lmtp sieve >> quota_full_tempfail = yes >> service auth { >> extra_groups = _keytabusers >> idle_kill = 15 mins >> } >> service dns_client { >> unix_listener dns-client { >> mode = 0600 >> } >> } >> service imap-login { >> inet_listener imap { >> port = 143 >> } >> inet_listener imaps { >> port = 993 >> ssl = yes >> } >> service_count = 0 >> } >> service imap-postlogin { >> executable = script-login -d /etc/dovecot/acl_groups.sh >> unix_listener imap-postlogin { >> group = mail >> mode = 0600 >> user = _dovecot >> } >> user = _dovecot >> } >> service imap { >> client_limit = 5 >> executable = imap imap-postlogin >> process_limit = 200 >> service_count = 0 >> } >> service lmtp { >> unix_listener lmtp { >> mode = 0600 >> } >> } >> service managesieve-login { >> inet_listener sieve { >> port = 4190 >> } >> inet_listener sieve_deprecated { >> port = 2000 >> } >> } >> service pop3-login { >> inet_listener pop3 { >> port = 110 >> } >> inet_listener pop3s { >> port = 995 >> ssl = yes >> } >> } >> service pop3 { >> client_limit = 5 >> process_limit = 200 >> service_count = 0 >> } >> service quota-exceeded { >> executable = script /usr/libexec/dovecot/quota-exceeded.sh >> unix_listener quota-exceeded { >> group = mail >> mode = 0660 >> user = _dovecot >> } >> user = _dovecot >> } >> service quota-warning { >> executable = script /usr/libexec/dovecot/quota-warning.sh >> unix_listener quota-warning { >> group = mail >> mode = 0660 >> user = _dovecot >> } >> user = _dovecot >> } >> ssl_ca = </etc/certificates/xserve04.customer.com.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.chain.pem >> ssl_cert = </etc/certificates/xserve04.customer.com.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.cert.pem >> ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL:!ADH:!eNULL >> ssl_key = </etc/certificates/xserve04.customer.com.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.key.pem >> ssl_key_path = /etc/certificates/xserve04.customer.com.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.key.pem >> syslog_facility = local6 >> userdb { >> args = partition=/etc/dovecot/partition_map.conf enforce_quotas=yes >> driver = od >> } >> verbose_proctitle = yes >> protocol lmtp { >> mail_plugins = quota zlib fts fts_sk sieve >> } >> protocol lda { >> mail_plugins = quota zlib fts fts_sk sieve >> } >> protocol imap { >> imap_id_log = * >> imap_id_send = "name" * "version" * >> mail_max_userip_connections = 20 >> mail_plugins = quota zlib fts fts_sk imap_quota imap_zlib imap_fts >> imap_acl urlauth >> } >> protocol pop3 { >> mail_max_userip_connections = 6 >> } >> >> >> >> >> -- >> Piero Zucchi >> >> Apple Certified Trainer >> >> Apple Certified Specialist Professional 10.8 >> >> Apple Certified Technical Coordinator 10.7 >> >> Apple Certified System Administrator 10.6 >> Apple Certified Technical Coordinator 10.6 >> Apple Certified Specialist - Mac Os X Directory Services 10.6 >> Apple Certified Specialist - Mobility and Security 10.6 >> >> Apple Certified System Administrator 10.5 >> Apple Certified Technical Coordinator 10.5 >> Apple Certified Support Professional 10.5 >> >> Apple Certified Pro - Final Cut Pro 7, Level 1 -- Piero Zucchi Apple Certified Trainer Apple Certified Specialist Professional 10.8 Apple Certified Technical Coordinator 10.7 Apple Certified System Administrator 10.6 Apple Certified Technical Coordinator 10.6 Apple Certified Specialist - Mac Os X Directory Services 10.6 Apple Certified Specialist - Mobility and Security 10.6 Apple Certified System Administrator 10.5 Apple Certified Technical Coordinator 10.5 Apple Certified Support Professional 10.5 Apple Certified Pro - Final Cut Pro 7, Level 1 From design at 1stwebdesigns.com Thu Nov 22 23:26:24 2012 From: design at 1stwebdesigns.com (1st WebDesigns) Date: Thu, 22 Nov 2012 21:26:24 +0000 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <50AE15E8.7050400@hardwarefreak.com> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> <50A0DA65.9080503@1stwebdesigns.com> <50AE15E8.7050400@hardwarefreak.com> Message-ID: <50AE9880.7040405@1stwebdesigns.com> Output of dovecot -n is as follows: # 1.0.7: /etc/dovecot.conf login_dir: /var/run/dovecot/login login_executable(default): /usr/libexec/dovecot/imap-login login_executable(imap): /usr/libexec/dovecot/imap-login login_executable(pop3): /usr/libexec/dovecot/pop3-login mail_privileged_group: mail mail_location: mbox:~/mail:INBOX=/var/mail/%u mbox_lock_timeout: 600 mail_executable(default): /usr/libexec/dovecot/imap mail_executable(imap): /usr/libexec/dovecot/imap mail_executable(pop3): /usr/libexec/dovecot/pop3 mail_plugin_dir(default): /usr/lib64/dovecot/imap mail_plugin_dir(imap): /usr/lib64/dovecot/imap mail_plugin_dir(pop3): /usr/lib64/dovecot/pop3 auth default: passdb: driver: pam userdb: driver: passwd We upgraded from RedHat 4 to RedHat 5. The problem didn't exist with RH4 and an even older version of Dovecot. When emails are stuck in the queue, doing this: lsof /var/spool/mail/<user> shows the spool file in use by a pop3 login and the Dovecot deliver process. Since changing mbox_lock_timeout from 300 to 600 the pop3 process eventually finishes before 600 seconds and the deliver process is able to complete. I admit this is masking the problem rather than solving it. As discussed before our version of Dovecot is dated now, however it's the version provided by RedHat and the version supported by our support company (who aren't doing a great job, hence me posting here). Thanks, On 22/11/2012 12:09, Stan Hoeppner wrote: > On 11/12/2012 5:15 AM, 1st WebDesigns wrote: > >> Thanks for your replies. I switched to Dovecot LDA this morning, but >> the issue still persists, albeit logged slightly differently by Dovecot >> now instead of Postfix: >> >> "save failed to INBOX: Timeout while waiting for lock" >> >> The reason is because some pop3 clients > > Full stop. This is the first time you've mentioned POP that I recall. > FYI, Dovecot is primarily an IMAP server. Unless an OP states up front > that he's using primarily POP, everyone assumes IMAP and counsels > accordingly. You should have stated POP in your first post. Actually, > you should have included many more details prior to now. Please post > your complete 'dovecot -n' output. > >> are holding their connection for >> 5 or 6 minutes (don't ask me why - and the iPhone seems to be the major >> culprit). > > I'm no smartphone POP expert, but old rural tower, poor tower > connection, etc, all cause low data rates, which could cause this. > However, you state this problem cropped up out of nowhere after a distro > upgrade to CentOS 5. Can you confirm that the problem didn't exist > before the upgrade? Your definitive answer to this question dictates > the troubleshooting course of action. > >> In dovecot.conf I changed: >> >> mbox_lock_timeout = 300 >> >> to >> >> mbox_lock_timeout = 600 >> >> Which seems to have helped. I am unclear if this value only applied to >> Dovecot LDA or if it would have worked previously before switching to >> Dovecot LDA? > > This simply changes how long Dovecot will wait to acquire a lock. > Increasing this value simply increases delays, masks the underlying > problem without really helping much. > > The only real architectural solution to such a POP/mbox locking problem > due to slow/long client downloads is, as you mentioned, moving to a > lockless mailbox format, such as maildir or sdbox. > > Worth noting, we are both/all at fault in the slow progress of this > issue, you for not stating POP up front, and me/us for not asking. > > Your 'dovecot -n' output may allow us to help get mbox working a little > better, but the long term solution is very likely moving to maildir/sdbox. > From stan at hardwarefreak.com Fri Nov 23 08:07:32 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Fri, 23 Nov 2012 00:07:32 -0600 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <50AE9880.7040405@1stwebdesigns.com> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> <50A0DA65.9080503@1stwebdesigns.com> <50AE15E8.7050400@hardwarefreak.com> <50AE9880.7040405@1stwebdesigns.com> Message-ID: <50AF12A4.7060201@hardwarefreak.com> On 11/22/2012 3:26 PM, 1st WebDesigns wrote: > Output of dovecot -n is as follows: > > # 1.0.7: /etc/dovecot.conf > login_dir: /var/run/dovecot/login > login_executable(default): /usr/libexec/dovecot/imap-login > login_executable(imap): /usr/libexec/dovecot/imap-login > login_executable(pop3): /usr/libexec/dovecot/pop3-login > mail_privileged_group: mail > mail_location: mbox:~/mail:INBOX=/var/mail/%u > mbox_lock_timeout: 600 > mail_executable(default): /usr/libexec/dovecot/imap > mail_executable(imap): /usr/libexec/dovecot/imap > mail_executable(pop3): /usr/libexec/dovecot/pop3 > mail_plugin_dir(default): /usr/lib64/dovecot/imap > mail_plugin_dir(imap): /usr/lib64/dovecot/imap > mail_plugin_dir(pop3): /usr/lib64/dovecot/pop3 > auth default: > passdb: > driver: pam > userdb: > driver: passwd Are your mailboxes on NFS storage? You haven't stated on what storage your mailboxes reside. NFS complicates locking. If you use an NFS server, did anything on it change recently, such as an upgrade to RHEL5? I found a thread stating RHEL5 has a bad FCNTL implementation that could be related to your write lock delay problem. Try using dotlock only for read and write and see if that helps. It has additional filesystem IO overhead, but nothing like the many minutes of delay you have now. mbox_read_locks = dotlock mbox_write_locks = dotlock > We upgraded from RedHat 4 to RedHat 5. The problem didn't exist with > RH4 and an even older version of Dovecot. That may be, but you're surely not planning on downgrading back to RHEL4. > When emails are stuck in the queue, doing this: Dovecot doesn't use queues. It writes directly to the mailbox files. > lsof /var/spool/mail/<user> These are mailbox files, your user inbox mbox files, not spool files. Spool implies temporary storage. Don't let "spool" fool you. On many/most systems /var/spool/mail is a link to /var/mail. > shows the spool file in use by a pop3 login and the Dovecot deliver > process. Since changing mbox_lock_timeout from 300 to 600 the pop3 > process eventually finishes before 600 seconds and the deliver process > is able to complete. I admit this is masking the problem rather than > solving it. Does the larger timeout value completely eliminate the errors? If so this may be the best outcome you can get with Dovecot 1.0.7, mbox storage, on RHEL5, unless a different locking method fixes it. > As discussed before our version of Dovecot is dated now, however it's > the version provided by RedHat and the version supported by our support > company (who aren't doing a great job, hence me posting here). It's the version provided by RHEL5. RHEL6.3 has Dovecot 2.0.9. There are 3rd party 1.2.x RPMs available for RHEL5.x as well as 2.x.x RPMs for RHEL5.x. What "support company"? If you're using RHEL, Red Hat provides the support. That's the whole reason for "paying for" a Linux distro. What is preventing you from upgrading to RHEL 6.3, the current release? Which BTW is behind nearly all other distros WRT package versions. For instance Debian stable has Dovecot 2.1.7 available in the backports repo. -- Stan > > On 22/11/2012 12:09, Stan Hoeppner wrote: >> On 11/12/2012 5:15 AM, 1st WebDesigns wrote: >> >>> Thanks for your replies. I switched to Dovecot LDA this morning, but >>> the issue still persists, albeit logged slightly differently by Dovecot >>> now instead of Postfix: >>> >>> "save failed to INBOX: Timeout while waiting for lock" >>> >>> The reason is because some pop3 clients >> >> Full stop. This is the first time you've mentioned POP that I recall. >> FYI, Dovecot is primarily an IMAP server. Unless an OP states up front >> that he's using primarily POP, everyone assumes IMAP and counsels >> accordingly. You should have stated POP in your first post. Actually, >> you should have included many more details prior to now. Please post >> your complete 'dovecot -n' output. >> >>> are holding their connection for >>> 5 or 6 minutes (don't ask me why - and the iPhone seems to be the major >>> culprit). >> >> I'm no smartphone POP expert, but old rural tower, poor tower >> connection, etc, all cause low data rates, which could cause this. >> However, you state this problem cropped up out of nowhere after a distro >> upgrade to CentOS 5. Can you confirm that the problem didn't exist >> before the upgrade? Your definitive answer to this question dictates >> the troubleshooting course of action. >> >>> In dovecot.conf I changed: >>> >>> mbox_lock_timeout = 300 >>> >>> to >>> >>> mbox_lock_timeout = 600 >>> >>> Which seems to have helped. I am unclear if this value only applied to >>> Dovecot LDA or if it would have worked previously before switching to >>> Dovecot LDA? >> >> This simply changes how long Dovecot will wait to acquire a lock. >> Increasing this value simply increases delays, masks the underlying >> problem without really helping much. >> >> The only real architectural solution to such a POP/mbox locking problem >> due to slow/long client downloads is, as you mentioned, moving to a >> lockless mailbox format, such as maildir or sdbox. >> >> Worth noting, we are both/all at fault in the slow progress of this >> issue, you for not stating POP up front, and me/us for not asking. >> >> Your 'dovecot -n' output may allow us to help get mbox working a little >> better, but the long term solution is very likely moving to >> maildir/sdbox. >> > From tss at iki.fi Fri Nov 23 08:18:32 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 08:18:32 +0200 Subject: [Dovecot] Initial status notification not received In-Reply-To: <20121116141259.GA9371@petole.demisel.net> References: <20121116141259.GA9371@petole.demisel.net> Message-ID: <7D584D20-225A-4790-A293-5AB95EF7CD76@iki.fi> On 16.11.2012, at 16.12, Nicolas KOWALSKI wrote: > We have SLES-11 SP2 Xen VMs running dovecot as IMAP proxies. At VMs > startup, dovecot almost always shows these errors: > > Nov 16 14:29:19 server dovecot: master: Dovecot v2.1.10 starting up (core dumps disabled) > Nov 16 14:29:55 server dovecot: master: Error: service(anvil): Initial status notification not received in 30 seconds, killing the process > Nov 16 14:29:55 server dovecot: master: Error: service(log): Initial status notification not received in 30 seconds, killing the process > Nov 16 14:29:55 server dovecot: master: Error: service(ssl-params): Initial status notification not received in 30 seconds, killing the process > Nov 16 14:29:55 server dovecot: master: Error: service(log): child 3591 killed with signal 9 > > As the last line tells, dovecot stops logging information. We have to > restart the dovecot processes to get back normal behaviour. I also tried > to set idle_kill values to services definitions, without success. You mean this happens when the VM starts up, but if you manually restart it later they don't happen? > Is there a way to prevent these errors? I wonder if it's because of SLES or something else. From tss at iki.fi Fri Nov 23 08:20:00 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 08:20:00 +0200 Subject: [Dovecot] Is there any Documentation or Howto/Guide for Dovecot Replication or do i have to wait for dovecot 2.2.x? In-Reply-To: <72bd3d101cab445e8b4216300b43b798@zackbummfertig.de> References: <72bd3d101cab445e8b4216300b43b798@zackbummfertig.de> Message-ID: <AE4A00E5-5683-4766-A400-9B1057AF77A9@iki.fi> On 16.11.2012, at 17.24, weber at zackbummfertig.de wrote: > dear timo, > can you help me? There are some mails about it somewhere in the mailing list. I'll write some documentation before v2.2.0 is out. From tss at iki.fi Fri Nov 23 08:29:10 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 08:29:10 +0200 Subject: [Dovecot] maildir and end-of-line encoding In-Reply-To: <1352343439.5059.202.camel@fermat.scientia.net> References: <1351648223.24721.4.camel@fermat.scientia.net> <A52B651B-B5D8-4B16-9A79-4231CAAD4ECD@iki.fi> <1352343439.5059.202.camel@fermat.scientia.net> Message-ID: <FE7D8BAA-A713-4CFE-B012-C7EB820E0C48@iki.fi> On 8.11.2012, at 4.57, Christoph Anton Mitterer wrote: > On Wed, 2012-11-07 at 17:33 +0200, Timo Sirainen wrote: >> Dovecot automatically adds CRs where necessary. Even within the same file there can be mixed LF/CRLF lines. > Can you detail this a bit, or point me to the specific code areas? > > 1) Is only CR added? Or also LF? If CR is alone, it's not treated as newline. So only CRs may be added before LF. > 2) What happens e.g. when LFCR is found? Is that then "doubled" to > CRLFCR or even CRLFCRLF? CRLFCR > 3) When does it "add" these chars? Only when using dovecot-lda? Or also > when some other MDA places files into e.g. a maildir? When saving a mail, based on mail_save_crlf setting the CRs are either added or removed when writing the mail to disk. When reading a mail and sending to IMAP/POP3 client the CRs are always added. (doveadm fetch text doesn't add/remove CRs I think.) > I did some reading on the RFC 5322 which says: > > - new mails must not have single CR or LF, both may only occur as CRL > > - but from the previous RFCs, it allows existing messages to have CR and > LF alone, in which case they are not newlines as CRLF, but rather the CR > and LF characters in the their meaning as control characters. > > > 4) So from that point of view... automatic conversion may actually > "corrupt" things in a strict sense. > (One should hope of course, that only few people use(d) CR or LF alone > to get their control character meaning... but rather that these are just > cases of accidents.) SMTP and IMAP protocols are the only normal ways to get messages into a system. Both of them require CRLF newlines. So there's really no way for Dovecot to ever see valid LF-only newlines. One exception is Content-Type: binary, but that's not really supported by Dovecot (or any commonly used SMTP servers either I think). > 5) I agree with you that mails should be stored with CRLF, as this is > their native format.... and I found nothing on the maildir[++] standards > that would forbid that (neither that would encourage it). > But for mbox there are "definitions" that _always_ LF is used (AFAIU, > even on non-UNIX platforms. mbox isn't really standardized. Anyway, storing mails with CRLF allows some optimizations, but if the mails aren't stored compressed it wastes a bit of disk space. > 6) I went through my mails and basically I found everything: > CR, LF, CRLF and even LFCR. > Now I have no real idea how to deal with that? > Keep all as is? Make all LFs CRLFs and/or all CFs to CRLFs? What about > the LFCRs? Handle them as group and perhaps swap them to CRLF. Or doing > the same as with single LFs and CRs. Why do you need to do something about them? Dovecot should handle all of them fine. From tss at iki.fi Fri Nov 23 08:33:20 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 08:33:20 +0200 Subject: [Dovecot] IMAP session state inconsistent In-Reply-To: <509BC56F.6030606@airstreamcomm.net> References: <509BC56F.6030606@airstreamcomm.net> Message-ID: <FC27D231-C54E-438D-968A-5932D2FF221D@iki.fi> On 8.11.2012, at 16.45, list at airstreamcomm.net wrote: > Running Dovecot 1.2.12 (we are in the process of upgrading to 2.1.x) > > Didn't find much in old threads, but we are seeing the following in the logs this morning: > > dovecot: imap-login: Login: user=<wajabrun>, method=PLAIN, rip=x.x.x.x, lip=y.y.y.y > dovecot: IMAP(wajabrun): Disconnected: IMAP session state is inconsistent, please relogin. bytes=443/1146 > dovecot: imap-login: Login: user=<wajabrun>, method=PLAIN, rip=x.x.x.x, lip=y.y.y.y > dovecot: IMAP(wajabrun): Disconnected: IMAP session state is inconsistent, please relogin. bytes=561/1637 > dovecot: imap-login: Login: user=<wajabrun>, method=PLAIN, rip=x.x.x.x, lip=y.y.y.y > dovecot: IMAP(wajabrun): file_dotlock_open() failed with file /mail/w/a/wajabrun/Maildir/.INBOX.02 ORDERS.Gaiam/dovecot.index.log: No such file or directory > dovecot: IMAP(wajabrun): file_dotlock_open() failed with file /mail/w/a/wajabrun/Maildir/.INBOX.02 ORDERS.Gaiam/dovecot.index.log: No such file or directory > > Not sure what to make of this sequence? Probably user deleted the mailbox while other sessions still had it opened. There are some more checks to avoid those in newer versions. From tss at iki.fi Fri Nov 23 08:33:49 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 08:33:49 +0200 Subject: [Dovecot] Hardlink with Maildir a brief help In-Reply-To: <509BC6F7.1050107@mail.cgilfe.it> References: <509BC6F7.1050107@mail.cgilfe.it> Message-ID: <8FD6F712-98D9-47CE-AD41-ACC469092525@iki.fi> On 8.11.2012, at 16.51, Davide wrote: > Hi to all, my question is: > > Is possible implementing SIS (with hardlink) with maildir instead of *dbox format? No. Way too difficult and non-standard. From tss at iki.fi Fri Nov 23 08:36:37 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 08:36:37 +0200 Subject: [Dovecot] memory allocation issues In-Reply-To: <20121109004915.GJ70186@corp.sonic.net> References: <20121109004915.GJ70186@corp.sonic.net> Message-ID: <840D1B6B-956A-442C-8550-62EBAD352B73@iki.fi> On 9.11.2012, at 2.49, Kelsey Cummings wrote: > One of our dovecot backend servers ran into a problem with it's auth > process a few days ago. This doesn't appear to be the error logged when > dovecot hits its internal limit so I'm not sure what is going on here. > > auth: Error: malloc: 58012: Cannot allocate memory > auth: Error: Unable to allocate memory for mutexes from the region > auth: Error: PANIC: Cannot allocate memory > auth: passwd(test,1.1.1.1,<8HTlNHzNIQBAjhKC>): unknown user It would have been nicer if libc would have just crashed the process instead of silently converting it into "unknown user" error.. That's probably actually a bug since the getpwuid_r() that Dovecot uses would have been able to return an error message. > pop3: Error: Authenticated user not found from userdb, auth lookup +id=2509111297 (client-pid=4781 client-id=1) > pop3-login: Internal login failure (pid=4781 id=1) (internal failure, 1 +succesful auths): user=<test>... > > There was at least 10+GB free RAM on the server and no indication of a > system level issue at the same time. The server is running 2.1.9. > There were about 3,200 active sessions, with something like 12 new > sessions/sec. The other identical servers are/were handling virtually > identical load with the same service uptime and haven't had any issues > so far. (Crash happened 7 days ago.) Memory leak maybe? service auth { vsz_limit } anyway was reached (default 256 MB). From tss at iki.fi Fri Nov 23 08:39:32 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 08:39:32 +0200 Subject: [Dovecot] Is there a hook for a plugin to do some transient operation on the mail body ... In-Reply-To: <1352439449.79235.YahooMailNeo@web165005.mail.bf1.yahoo.com> References: <1352439449.79235.YahooMailNeo@web165005.mail.bf1.yahoo.com> Message-ID: <1E94A3D1-6B4B-4217-983B-8576099B3F91@iki.fi> On 9.11.2012, at 7.37, Jay wrote: > ... when the MUA has issued a FETCH? > > I am a Dovecot newbie ... so please bear with me if this is obvious. Basically what I am trying to do is process the mail body (in my own specific way) before Dovecot serves it up to the MUA. I want to do it as a transient operation in memory. So think of the scenario as ... > - the MUA issues a FETCH > - Dovecot intercepts the FETCH > - Dovecot internally gets the mail from the storage into a buffer in memory > ----> This is where I'd like to apply a function to the mail body and modify the mail body in the buffer (not in the storage) > - Dovecot serves up the (modified) mail to the MUA > > Looking for a hook that allows me to do it using a plugin. Looks like the zlib plugin does something similar ... applies a decompression function ... but I am not 100% sure. http://dovecot.org/patches/2.1/mail-filter.tar.gz allows you to run it through a script. But note that IMAP protocol requires that messages never change, and Dovecot relies on that internally as well. Practically it's ok enough to change the message content, as long as you don't change the message/MIME structure sizes. From tss at iki.fi Fri Nov 23 08:52:59 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 08:52:59 +0200 Subject: [Dovecot] imap-login hanging when firewall blocks ssl handshaking In-Reply-To: <B7D3B051-AEFD-42CD-87DC-60764AF401D4@usc.edu> References: <B7D3B051-AEFD-42CD-87DC-60764AF401D4@usc.edu> Message-ID: <8EDD59BD-AC4B-442F-B148-285BC368B49B@iki.fi> On 10.11.2012, at 12.44, Erik A Johnson wrote: > imap-login processes are hanging (using 100% of CPU) when connected from a client that is partially blocked by a firewall. It appears that imap-login is stuck in a loop trying to complete an ssl handshake. imap-login is working fine for other clients not blocked by the firewall (including localhost). > > This is dovecot 2.1.10 under Mac OS X 10.8.2 (compiled from sources); the firewall is Little Snitch 3.0.1 blocking port 993, which appears to let the connection initiate but then squashes and disconnects the socket during ssl handshaking. > > gdb backtrace and Activity Monitor's "Sample Process" show that imap-login is stuck calling ioloop-kqueue's io_loop_handler_run -> io_loop_call_io -> ssl_step repeatedly; dtruss shows that it is repeatedly making system calls to kevent and read, the latter returning -1 with errno 57=ENOTCONN="Socket is not connected". (I also tried ./configure --with-ioloop=poll and --with-iopoll=select instead of the default best = kqueue but the results were the same; --with-iopoll=epoll didn't work because epoll is not available on this machine.) The client, initiated by the command "openssl s_client -connect SERVER:993", first responds "CONNECTED(00000003)" but then immediately the error "60278:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:/SourceCache/OpenSSL098/OpenSSL098-44/src/ssl/s23_lib.c:182:". The infinite loop is in src/lib/ioloop.c in the function "io_loop_run" where the statement "while (ioloop->running) io_loop_handler_run(ioloop)" is executed. I wonder if this fixes it? http://hg.dovecot.org/dovecot-2.1/rev/e95479f439aa From tss at iki.fi Fri Nov 23 08:54:07 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 08:54:07 +0200 Subject: [Dovecot] User iteration with static userdb In-Reply-To: <97e9e4ee533292752c95ef18bdfb3367@r-n.cz> References: <97e9e4ee533292752c95ef18bdfb3367@r-n.cz> Message-ID: <E984064E-8E3E-44A2-AB3F-2F3F03995737@iki.fi> On 10.11.2012, at 22.34, Radek Novotn? wrote: > can someone explain me, please, why user iteration (iterate_query) > doesn't work with static userdb? There isn't reason why > it shouldn't work. In my opinion. However static userdb doesn't mean that user list > not exist. Where would you like the static userdb to get the list of users then? From nicolas.kowalski at gmail.com Fri Nov 23 09:01:04 2012 From: nicolas.kowalski at gmail.com (Nicolas KOWALSKI) Date: Fri, 23 Nov 2012 08:01:04 +0100 Subject: [Dovecot] Initial status notification not received In-Reply-To: <7D584D20-225A-4790-A293-5AB95EF7CD76@iki.fi> References: <20121116141259.GA9371@petole.demisel.net> <7D584D20-225A-4790-A293-5AB95EF7CD76@iki.fi> Message-ID: <20121123070104.GA13525@petole.demisel.net> On Fri, Nov 23, 2012 at 08:18:32AM +0200, Timo Sirainen wrote: > On 16.11.2012, at 16.12, Nicolas KOWALSKI wrote: > > > We have SLES-11 SP2 Xen VMs running dovecot as IMAP proxies. At VMs > > startup, dovecot almost always shows these errors: > > > > Nov 16 14:29:19 server dovecot: master: Dovecot v2.1.10 starting up (core dumps disabled) > > Nov 16 14:29:55 server dovecot: master: Error: service(anvil): Initial status notification not received in 30 seconds, killing the process > > Nov 16 14:29:55 server dovecot: master: Error: service(log): Initial status notification not received in 30 seconds, killing the process > > Nov 16 14:29:55 server dovecot: master: Error: service(ssl-params): Initial status notification not received in 30 seconds, killing the process > > Nov 16 14:29:55 server dovecot: master: Error: service(log): child 3591 killed with signal 9 > > > > As the last line tells, dovecot stops logging information. We have to > > restart the dovecot processes to get back normal behaviour. I also tried > > to set idle_kill values to services definitions, without success. > > You mean this happens when the VM starts up, but if you manually restart it later they don't happen? Yes. > > Is there a way to prevent these errors? > > I wonder if it's because of SLES or something else. We narrowed the problem to another process, started before dovecot, which takes a lot of CPU and disk resources; since we delayed its launch, dovecot starts up happily. However, I am still confused about why dovecot kills itself. Maybe the master process could restart its runaway processes, or the initial status notification delay could be customized? -- Nicolas From tss at iki.fi Fri Nov 23 09:01:30 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 09:01:30 +0200 Subject: [Dovecot] Quotas 2.1clarification In-Reply-To: <CAMD-=VKpQB1Kk7RuGREOqA5jRhzpt__nTNJQYq-_Ca4zKaXqig@mail.gmail.com> References: <CAMD-=VKpQB1Kk7RuGREOqA5jRhzpt__nTNJQYq-_Ca4zKaXqig@mail.gmail.com> Message-ID: <72936630-5A87-4F7A-930E-527A98D9500F@iki.fi> On 15.11.2012, at 6.55, Nick Edwards wrote: > Timo, > > I have much suspicion that our quota system is not working correctly > since we migrate to 2.1 > Currently using 2.1.10 > Previously we had for issue of warnings > > quota_warning = storage=90%% /scripts/dqwarn-90.sh > quota_warning2 = storage=75%% /scripts/dqwarn-75.sh > > worked great, these lines also migrated to new conf upon conversion. > > > But quota conf example shows > > plugin { > #quota_warning = storage=95%% quota-warning 95 %u > #quota_warning2 = storage=80%% quota-warning 80 %u > } > > # Example quota-warning service. The unix listener's permissions should be > # set in a way that mail processes can connect to it. Below example assumes > # that mail processes run as vmail user. If you use mode=0666, all system users > # can generate quota warnings to anyone. > #service quota-warning { > # executable = script /usr/local/bin/quota-warning.sh > # user = dovecot > # unix_listener quota-warning { > # user = vmail > # } > #} > > > So this seems to indicate /scripts/dqwarn-75.sh should be a service > name, which then calls the service quota-warning with that script in > it etc etc etc surely this old 4 line method has not been replaced > into a 20 line mess? Yes, it has been replaced with a more complex setup. The new way is more efficient, safer and "cleaner", even though it's more complex to setup. > Is this old way still functioning as I suspect it is not, and we need > to write up two separate new quota warning services given our warnings > are worded differently, or should the old methods still be working as > they did in 1.2 and we have an error elsewhere? If you want to run two separate scripts you need two separate services. But it would be easier to have just one script (= one service) and give the 75 or 90 as parameter to it. From tss at iki.fi Fri Nov 23 09:07:26 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 09:07:26 +0200 Subject: [Dovecot] shared mailboxes and indexes In-Reply-To: <50A61147.5040201@um.es> References: <50A61147.5040201@um.es> Message-ID: <14BDCFB7-B11E-4D4A-95AD-5BB92085DB91@iki.fi> On 16.11.2012, at 12.11, Angel L. Mateo wrote: > We are deploying shared mailboxes in our mail system. We are running 2.1.9 and mail backend is maildir. > > As described at http://wiki.dovecot.org/SharedMailboxes/Shared when shared namespace is configured as > > namespace shared { > separator = / > prefix = shared/%%u/ > location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u > subscriptions = no > list = children > } > > each user accessing this folder has its own index, stored in ~/Maildir/shared/%%u/<shared mailbox>, hasn't it? Right. > Our mail is store in NFS disks so we are very concerned about indexes optimizations (we had performance problems until we got all of our indexes and nfs tunned). So, is there any way so those indexes could be shared for all users (and they always would be updated). If you don't need per-user flags you can just remove the per-user INDEX. If you want per-user flags and want to share indexes, you need the new INDEXPVT option that exists in v2.2 or as a patch to v2.1: http://dovecot.org/patches/2.1/private-index.diff > Regarding this... if we'd use dbox instead of maildir, indexes are a really important part of the mailbox and they can't be re-constructed when they are outdated. So, how do shared mailboxes work with dbox backend? Do I have to configure indexes in any particular way? INDEXPVT is a requirement with dbox if you want per-user flags. BTW. Do you have multiple Dovecot backend servers? Director works only when you're not using shared mailboxes.. From tss at iki.fi Fri Nov 23 09:11:20 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 09:11:20 +0200 Subject: [Dovecot] whoson plugin for 2.0 In-Reply-To: <50A90729.7000608@tdl.com> References: <50A5B2B2.40409@tdl.com> <50A68BA7.4080500@localhost.localdomain.org> <50A6BC6A.6070504@tdl.com> <50A6CF8A.40202@localhost.localdomain.org> <50A90729.7000608@tdl.com> Message-ID: <BDDD87FF-B556-4002-8E11-83C48B873B10@iki.fi> On 18.11.2012, at 18.04, Chuck Cochems wrote: > On 11/16/2012 4:43 PM, Pascal Volk wrote: >> On 11/16/2012 11:21 PM Chuck Cochems wrote: >>> ? >>> I need to return both the IP and the email address as a string to drop >>> it into the old code. >>> ? >> >> You could check the code of the `doveadm who` command >> <http://wiki2.dovecot.org/Tools/Doveadm/Who>. It shows both, the user >> name and the IP address. > > That's not much better... > > I just want the bare minimum of code to do this. The 1.x code was so simple, and i just want a 2.0 equivalent. is that so wrong? :) WHy the heck did they remove those incredibly useful environment variables anyway? Because a single process can now handle multiple connections with different IPs/usernames. From tss at iki.fi Fri Nov 23 09:15:50 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 09:15:50 +0200 Subject: [Dovecot] doveadm fails with passdb authentication binds (dovecot 2.0.16) In-Reply-To: <1353426869.63536.YahooMailNeo@web171501.mail.ir2.yahoo.com> References: <1353426869.63536.YahooMailNeo@web171501.mail.ir2.yahoo.com> Message-ID: <592ACC86-265E-476F-81B2-E797C0414165@iki.fi> On 20.11.2012, at 17.54, mailing lists wrote: > Hello, > > I'm testing passdb auth binds with dovecot 2.0.16, but for some reason dovedm fails to work with the configuration showed below. The network trace shows the successful bind for the administrative user (uid=mailapp), but nothing for the mail user (uid=user001). > > what am i missing here? > > > # doveadm mailbox list -u user001 > doveadm(user001): Error: user user001: Auth PASS lookup failed > doveadm(user001): Fatal: passdb lookup failed Are you running this on a Dovecot proxy? It looks like doveadm wants to do a passdb lookup to find out which server should handle this user. Passdb lookups don't work with LDAP binding. But if everything else works then I think you simply shouldn't have enabled doveadm proxying. So, set doveadm_proxy_port back to 0? From tss at iki.fi Fri Nov 23 09:20:36 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 09:20:36 +0200 Subject: [Dovecot] v2.1.10: Director director_servers order issue In-Reply-To: <20121120205603.GA1789@lemonhead.scabb> References: <20121120205603.GA1789@lemonhead.scabb> Message-ID: <97ED851C-0E9D-41CF-B898-ABCFC7B9BF55@iki.fi> On 20.11.2012, at 22.56, Bertrand Jacquin wrote: > # ring status on node1 > director ip port type last failed > 10.0.50.50 9090 self never > 10.0.50.51 9090 never > > # ring status on node2 > director ip port type last failed > 10.0.50.50 9090 self never > 10.0.50.51 9090 never > > self is the same on both nodes, and that generate some cases that can > be observed on logs : .. > It seems that first sorted entry in director_servers is considered as > "self". No, Dovecot tries to find the self by bind()ing to all the listed IPs, and assuming that the first one that succeeds is self. Apparently in your system bind() succeeds for non-self IPs as well. Any idea why? I think I recently found out about some nicer way to check if an IP belongs to the local system, but I seem to have forgotten what it was. From tss at iki.fi Fri Nov 23 09:24:08 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 09:24:08 +0200 Subject: [Dovecot] Proxy to join two accounts In-Reply-To: <50ACA9C3.9000004@o2.pl> References: <50ACA9C3.9000004@o2.pl> Message-ID: <832A79D9-D2C7-4A69-8FE0-469724C1D64B@iki.fi> On 21.11.2012, at 12.15, Tomek wrote: > I have server with IMAP on dovecot for user mails and second server on archiveopteryx as mail archive. > > I'm wondering if it's possible to make some sort of proxy to these two servers in way where: > - dovecot server will be main IMAP service with INBOX, etc > - I want archiveopteryx account to be something like shared folder with read only access (no delete, no move, etc) in path ex. /archive/user.name > - this proxy mappings should allow adding few archive accounts to one user (in case of people replacement) > + it will be cool if this mappings could be defined in database so I could write tools to manage archive access for bosses. > > Is such case possible to achieve with dovecot (any howto or example would be very helpful)? If not - do you know any proxy tools that could allow such configuration? You should be able to implement something like that by creating a new namespace with location=imapc: http://wiki2.dovecot.org/HowTo/ImapcProxy and http://wiki2.dovecot.org/Migration/Dsync have some information about the imapc settings. ACLs are a bit more difficult though, since currently there aren't any "default ACLs". From beber at meleeweb.net Fri Nov 23 09:23:35 2012 From: beber at meleeweb.net (Bertrand Jacquin) Date: Fri, 23 Nov 2012 08:23:35 +0100 Subject: [Dovecot] v2.1.10: Director director_servers order issue In-Reply-To: <97ED851C-0E9D-41CF-B898-ABCFC7B9BF55@iki.fi> References: <20121120205603.GA1789@lemonhead.scabb> <97ED851C-0E9D-41CF-B898-ABCFC7B9BF55@iki.fi> Message-ID: <20121123072335.GA15577@lady-voodoo.exosec.local> D'ar gwener 23 a viz Du 2012 e 08 eur 20, ? Timo Sirainen ? he deus skrivet : > On 20.11.2012, at 22.56, Bertrand Jacquin wrote: > > > # ring status on node1 > > director ip port type last failed > > 10.0.50.50 9090 self never > > 10.0.50.51 9090 never > > > > # ring status on node2 > > director ip port type last failed > > 10.0.50.50 9090 self never > > 10.0.50.51 9090 never > > > > self is the same on both nodes, and that generate some cases that can > > be observed on logs : > .. > > It seems that first sorted entry in director_servers is considered as > > "self". > > No, Dovecot tries to find the self by bind()ing to all the listed IPs, and assuming that the first one that succeeds is self. Apparently in your system bind() succeeds for non-self IPs as well. Any idea why? Yes ! I have the following sysctl : net.ipv4.ip_nonlocal_bind = 1 > I think I recently found out about some nicer way to check if an IP belongs to the local system, but I seem to have forgotten what it was. -- Beber -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121123/ce359269/attachment.bin> From beber at meleeweb.net Fri Nov 23 09:29:01 2012 From: beber at meleeweb.net (Bertrand Jacquin) Date: Fri, 23 Nov 2012 08:29:01 +0100 Subject: [Dovecot] v2.1.10: Director director_servers order issue In-Reply-To: <20121123072335.GA15577@lady-voodoo.exosec.local> References: <20121120205603.GA1789@lemonhead.scabb> <97ED851C-0E9D-41CF-B898-ABCFC7B9BF55@iki.fi> <20121123072335.GA15577@lady-voodoo.exosec.local> Message-ID: <20121123072901.GB15577@lady-voodoo.exosec.local> D'ar gwener 23 a viz Du 2012 e 08 eur 23, ? Bertrand Jacquin ? he deus skrivet : > D'ar gwener 23 a viz Du 2012 e 08 eur 20, ? Timo Sirainen ? he deus skrivet : > > On 20.11.2012, at 22.56, Bertrand Jacquin wrote: > > > > > # ring status on node1 > > > director ip port type last failed > > > 10.0.50.50 9090 self never > > > 10.0.50.51 9090 never > > > > > > # ring status on node2 > > > director ip port type last failed > > > 10.0.50.50 9090 self never > > > 10.0.50.51 9090 never > > > > > > self is the same on both nodes, and that generate some cases that can > > > be observed on logs : > > .. > > > It seems that first sorted entry in director_servers is considered as > > > "self". > > > > No, Dovecot tries to find the self by bind()ing to all the listed IPs, and assuming that the first one that succeeds is self. Apparently in your system bind() succeeds for non-self IPs as well. Any idea why? > > Yes ! I have the following sysctl : > > net.ipv4.ip_nonlocal_bind = 1 Anyway, with net.ipv4.ip_nonlocal_bind = 0 it's OK. -- Beber -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121123/35162392/attachment.bin> From koshikov at gmail.com Fri Nov 23 09:46:35 2012 From: koshikov at gmail.com (Nikita Koshikov) Date: Fri, 23 Nov 2012 09:46:35 +0200 Subject: [Dovecot] Default fallback behaviour Message-ID: <CANYsE-wYxa1hf=Z4Kom5pTWoFji_aqMous9Gty_zBNhynnzkAA@mail.gmail.com> Hello list, Here is the problem: I have few: passdb { #1 } passdb { #2 } And relative userdb sections. If user not found in 1) section it fallbacks to next one - it's expected and right, IMHO. But when the user exists in both section and password verification fails on 1) database it successfully authenticated on next one. I think this behaviour should be configured. The main goal of 1) section for this server is to overwrite users in main (section2) database. Maybe I missed something and this option is already in dovecot code and I can't find it ? Or if not - will it be added in the future ? Dovecot version 2.1.10. From timor at o2.pl Fri Nov 23 10:35:09 2012 From: timor at o2.pl (Tomek) Date: Fri, 23 Nov 2012 09:35:09 +0100 Subject: [Dovecot] Proxy to join two accounts In-Reply-To: <832A79D9-D2C7-4A69-8FE0-469724C1D64B@iki.fi> References: <50ACA9C3.9000004@o2.pl> <832A79D9-D2C7-4A69-8FE0-469724C1D64B@iki.fi> Message-ID: <50AF353D.9080507@o2.pl> -------- Original Message -------- Subject: Re: [Dovecot] Proxy to join two accounts From: Timo Sirainen <tss at iki.fi> To: Tomek <timor at o2.pl> Date: 23.11.2012 08:24 > You should be able to implement something like that by creating a new > namespace with location=imapc: > > http://wiki2.dovecot.org/HowTo/ImapcProxy and > http://wiki2.dovecot.org/Migration/Dsync have some information about > the imapc settings. > > ACLs are a bit more difficult though, since currently there aren't > any "default ACLs". Thanks for tip. Will check that. Regards, Tomek. From mathieu at 400iso.net Fri Nov 23 13:13:12 2012 From: mathieu at 400iso.net (Mathieu R.) Date: Fri, 23 Nov 2012 12:13:12 +0100 Subject: [Dovecot] dovecot trying to update my sieve directory Message-ID: <b22a99aa6763ab35204244dfde87db53@400iso.net> Hello, i got an error in maillog, dovecot trying tu update my sieve directory : 2012-11-23T11:01:33.943047+00:00 localhost dovecot: imap(mathieu at 400iso.net): Error: stat(/srv/vmail/400iso.net/mathieu at 400iso.net/.dovecot.sieve/tmp) failed: Not a directory this cause no problem but i probably misconfigured something... here is my dovecot.conf : protocols = imap pop3 sieve mail_home = /srv/vmail/%d/%u mail_location = maildir:~ mail_plugins = $mail_plugins quota ssl_cert = </etc/ssl/private/server.crt ssl_key = </etc/ssl/private/server.key service auth { unix_listener auth-client { group = postfix mode = 0660 user = postfix } user = root } passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } userdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } protocol lda { mail_plugins = $mail_plugins sieve postmaster_address = postmaster at 400iso.net hostname = 400iso.net } managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve # sieve_global_dir = /srv/vmail/sieve/ quota = fs:vm quota quota_rule = *:storage=5G } protocol imap { mail_plugins = $mail_plugins imap_quota } -- Mathieu Rousseau http://400iso.net/ From alessio at skye.it Fri Nov 23 13:20:23 2012 From: alessio at skye.it (Alessio Cecchi) Date: Fri, 23 Nov 2012 12:20:23 +0100 Subject: [Dovecot] Default fallback behaviour In-Reply-To: <CANYsE-wYxa1hf=Z4Kom5pTWoFji_aqMous9Gty_zBNhynnzkAA@mail.gmail.com> References: <CANYsE-wYxa1hf=Z4Kom5pTWoFji_aqMous9Gty_zBNhynnzkAA@mail.gmail.com> Message-ID: <50AF5BF7.1050907@skye.it> Il 23/11/2012 08:46, Nikita Koshikov ha scritto: > Hello list, > > Here is the problem: > I have few: > passdb { > #1 > } > passdb { > #2 > } > And relative userdb sections. If user not found in 1) section it fallbacks > to next one - it's expected and right, IMHO. But when the user exists in > both section and password verification fails on 1) database it successfully > authenticated on next one. I think this behaviour should be configured. The > main goal of 1) section for this server is to overwrite users in main > (section2) database. > > Maybe I missed something and this option is already in dovecot code and I > can't find it ? Or if not - will it be added in the future ? > > Dovecot version 2.1.10. > You can enable this features by adding "deny=yes" in the passdb extra_fields of specific users. You can find more information here: http://wiki2.dovecot.org/AuthDatabase/PasswdFile ot you can use the "auth-deny.conf.ext" example configuration. Ciao -- Alessio Cecchi is: @ ILS -> http://www.linux.it/~alessice/ on LinkedIn -> http://www.linkedin.com/in/alessice Assistenza Sistemi GNU/Linux -> http://www.cecchi.biz/ @ PLUG -> ex-Presidente, adesso senatore a vita, http://www.prato.linux.it From alessio at skye.it Fri Nov 23 13:27:24 2012 From: alessio at skye.it (Alessio Cecchi) Date: Fri, 23 Nov 2012 12:27:24 +0100 Subject: [Dovecot] shared mailboxes and indexes In-Reply-To: <14BDCFB7-B11E-4D4A-95AD-5BB92085DB91@iki.fi> References: <50A61147.5040201@um.es> <14BDCFB7-B11E-4D4A-95AD-5BB92085DB91@iki.fi> Message-ID: <50AF5D9C.7050204@skye.it> Il 23/11/2012 08:07, Timo Sirainen ha scritto: > BTW. Do you have multiple Dovecot backend servers? Director works only > when you're not using shared mailboxes.. I'm not happy to hear that, so if today we are running one dovecot server with shared mailbox enabled and tomorrow we will switch to a more complex installation with Director we will be unable to still provide shared mailbox to our customers? -- Alessio Cecchi is: @ ILS -> http://www.linux.it/~alessice/ on LinkedIn -> http://www.linkedin.com/in/alessice Assistenza Sistemi GNU/Linux -> http://www.cecchi.biz/ @ PLUG -> ex-Presidente, adesso senatore a vita, http://www.prato.linux.it From tss at iki.fi Fri Nov 23 13:32:51 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 13:32:51 +0200 Subject: [Dovecot] shared mailboxes and indexes In-Reply-To: <50AF5D9C.7050204@skye.it> References: <50A61147.5040201@um.es> <14BDCFB7-B11E-4D4A-95AD-5BB92085DB91@iki.fi> <50AF5D9C.7050204@skye.it> Message-ID: <7DEEDB49-0441-4194-911D-6B5E4E5ADCD1@iki.fi> On 23.11.2012, at 13.27, Alessio Cecchi wrote: > Il 23/11/2012 08:07, Timo Sirainen ha scritto: >> BTW. Do you have multiple Dovecot backend servers? Director works only when you're not using shared mailboxes.. > > I'm not happy to hear that, so if today we are running one dovecot server with shared mailbox enabled and tomorrow we will switch to a more complex installation with Director we will be unable to still provide shared mailbox to our customers? You can't reliably do it if the mailboxes are accessed directly via NFS. The current idea to solve this is to use imapc backend with master users, so the actual mailbox access for each user is always done by only one server. I think someone already managed to configure such a setup. From design at 1stwebdesigns.com Fri Nov 23 13:36:06 2012 From: design at 1stwebdesigns.com (1st WebDesigns) Date: Fri, 23 Nov 2012 11:36:06 +0000 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <50AF12A4.7060201@hardwarefreak.com> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> <50A0DA65.9080503@1stwebdesigns.com> <50AE15E8.7050400@hardwarefreak.com> <50AE9880.7040405@1stwebdesigns.com> <50AF12A4.7060201@hardwarefreak.com> Message-ID: <50AF5FA6.5070500@1stwebdesigns.com> On 23/11/2012 06:07, Stan Hoeppner wrote: > On 11/22/2012 3:26 PM, 1st WebDesigns wrote: >> Output of dovecot -n is as follows: >> >> # 1.0.7: /etc/dovecot.conf >> login_dir: /var/run/dovecot/login >> login_executable(default): /usr/libexec/dovecot/imap-login >> login_executable(imap): /usr/libexec/dovecot/imap-login >> login_executable(pop3): /usr/libexec/dovecot/pop3-login >> mail_privileged_group: mail >> mail_location: mbox:~/mail:INBOX=/var/mail/%u >> mbox_lock_timeout: 600 >> mail_executable(default): /usr/libexec/dovecot/imap >> mail_executable(imap): /usr/libexec/dovecot/imap >> mail_executable(pop3): /usr/libexec/dovecot/pop3 >> mail_plugin_dir(default): /usr/lib64/dovecot/imap >> mail_plugin_dir(imap): /usr/lib64/dovecot/imap >> mail_plugin_dir(pop3): /usr/lib64/dovecot/pop3 >> auth default: >> passdb: >> driver: pam >> userdb: >> driver: passwd > > Are your mailboxes on NFS storage? You haven't stated on what storage > your mailboxes reside. NFS complicates locking. If you use an NFS > server, did anything on it change recently, such as an upgrade to RHEL5? No they are not on NFS storage, the mailboxes are stored on the local filesystem. > > I found a thread stating RHEL5 has a bad FCNTL implementation that could > be related to your write lock delay problem. Try using dotlock only for > read and write and see if that helps. It has additional filesystem IO > overhead, but nothing like the many minutes of delay you have now. > > mbox_read_locks = dotlock > mbox_write_locks = dotlock Thank you I will try this. I did read that when using Postfix and Dovecot, both systems should use a matching locking mechanism, which I had already tried. However, I hadn't tried just dotlock, only FCNTL and a combination of FCNTL and dotlock. > >> We upgraded from RedHat 4 to RedHat 5. The problem didn't exist with >> RH4 and an even older version of Dovecot. > > That may be, but you're surely not planning on downgrading back to RHEL4. No, not at all. > >> When emails are stuck in the queue, doing this: > > Dovecot doesn't use queues. It writes directly to the mailbox files. > >> lsof /var/spool/mail/<user> > > These are mailbox files, your user inbox mbox files, not spool files. > Spool implies temporary storage. Don't let "spool" fool you. On > many/most systems /var/spool/mail is a link to /var/mail. Yes that's correct. > >> shows the spool file in use by a pop3 login and the Dovecot deliver >> process. Since changing mbox_lock_timeout from 300 to 600 the pop3 >> process eventually finishes before 600 seconds and the deliver process >> is able to complete. I admit this is masking the problem rather than >> solving it. > > Does the larger timeout value completely eliminate the errors? If so > this may be the best outcome you can get with Dovecot 1.0.7, mbox > storage, on RHEL5, unless a different locking method fixes it. Yes it completely eliminates the errors. If a pop3 connection has the lock, the mail simply sits there and is eventually delivered in (less than) 600 seconds. Whereas before, it would get deferred. When re-delivery was attempted, it's possible that the box would be locked again, and the mail would get deferred again, leading to a delay of several hours on a busy day. > >> As discussed before our version of Dovecot is dated now, however it's >> the version provided by RedHat and the version supported by our support >> company (who aren't doing a great job, hence me posting here). > > It's the version provided by RHEL5. RHEL6.3 has Dovecot 2.0.9. There > are 3rd party 1.2.x RPMs available for RHEL5.x as well as 2.x.x RPMs for > RHEL5.x. > > What "support company"? If you're using RHEL, Red Hat provides the > support. That's the whole reason for "paying for" a Linux distro. What > is preventing you from upgrading to RHEL 6.3, the current release? > Which BTW is behind nearly all other distros WRT package versions. For > instance Debian stable has Dovecot 2.1.7 available in the backports repo. Our server is with Rackspace, and RHEL5 is the OS they offered us as an upgrade path from RHEL4. So they're getting the support from Red Hat and we're getting the support from Rackspace. > From tlx at leuxner.net Fri Nov 23 13:42:42 2012 From: tlx at leuxner.net (Thomas Leuxner) Date: Fri, 23 Nov 2012 12:42:42 +0100 Subject: [Dovecot] dovecot trying to update my sieve directory In-Reply-To: <b22a99aa6763ab35204244dfde87db53@400iso.net> References: <b22a99aa6763ab35204244dfde87db53@400iso.net> Message-ID: <3AD428AF-5913-428C-B328-009EA8F18ADB@leuxner.net> Am 23.11.2012 um 12:13 schrieb "Mathieu R." <mathieu at 400iso.net>: > 2012-11-23T11:01:33.943047+00:00 localhost dovecot: imap(mathieu at 400iso.net): Error: stat(/srv/vmail/400iso.net/mathieu at 400iso.net/.dovecot.sieve/tmp) failed: Not a directory > > mail_home = /srv/vmail/%d/%u > mail_location = maildir:~ This is caused by "blending" the maildir structure with non-maildir files rather than using separate roots, e.g. mail_location = maildir:~/Maildir http://wiki2.dovecot.org/VirtualUsers/Home http://wiki2.dovecot.org/MailLocation/Maildir Regards Thomas -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4364 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121123/ecb0fd93/attachment.bin> From mathieu at 400iso.net Fri Nov 23 13:48:23 2012 From: mathieu at 400iso.net (Mathieu R.) Date: Fri, 23 Nov 2012 12:48:23 +0100 Subject: [Dovecot] dovecot trying to update my sieve directory In-Reply-To: <3AD428AF-5913-428C-B328-009EA8F18ADB@leuxner.net> References: <b22a99aa6763ab35204244dfde87db53@400iso.net> <3AD428AF-5913-428C-B328-009EA8F18ADB@leuxner.net> Message-ID: <b574523db4f6cffa3a039fe991bcaaee@400iso.net> Le 23/11/2012 12:42, Thomas Leuxner a ?crit?: > Am 23.11.2012 um 12:13 schrieb "Mathieu R." <mathieu at 400iso.net>: > >> 2012-11-23T11:01:33.943047+00:00 localhost dovecot: >> imap(mathieu at 400iso.net): Error: >> stat(/srv/vmail/400iso.net/mathieu at 400iso.net/.dovecot.sieve/tmp) >> failed: Not a directory >> > >> mail_home = /srv/vmail/%d/%u >> mail_location = maildir:~ > > > This is caused by "blending" the maildir structure with non-maildir > files rather than using separate roots, e.g. mail_location = > maildir:~/Maildir Thank you. can i safely : - close dovecot - move files to ~Maildir - change the config in docecot.conf - and then restart dovecot ? -- Mathieu Rousseau http://400iso.net/ From kae at midnighthax.com Fri Nov 23 13:54:05 2012 From: kae at midnighthax.com (Keith Edmunds) Date: Fri, 23 Nov 2012 11:54:05 +0000 Subject: [Dovecot] Folder layout after Cyrus to Dovecot migration In-Reply-To: <20121116093329.045f4585@kae.tiger-computing.wbp> References: <20121116093329.045f4585@kae.tiger-computing.wbp> Message-ID: <20121123115405.5224b630@kae.tiger-computing.wbp> Problem: We have some folders (eg, Trash) appearing both as sibling folders to INBOX and as subfolders to INBOX. We want them only to appear at the sibling level. In order to put some folders (Sent, Trash, some others) at a peer level to INBOX, and all other folders under INBOX, we've defined namespaces as follows: -------------------------------------------------------------------------------- mail_location = maildir:/shared/imapmail/users/%u:INBOX=/shared/imapmail/users/%u:LAYOUT=fs namespace private { separator = / prefix = "INBOX/" inbox = yes } namespace private { separator = / prefix = "Trash/" location = maildir:/shared/imapmail/users/%u/Trash:LAYOUT=fs inbox = no } -------------------------------------------------------------------------------- In the file system, the mail_location for each user has all the top-level mail folders plus the cur, tmp and new directories for INBOX, so, for example, there is a directory in mail_location called "Trash". Is there a way to configure Dovecot to show Trash at the top level (as the last namespace definition above does), yet not also show it as a subfolder of INBOX? Thanks, Keith -- We're looking for smart Linux people: http://www.tiger-computing.co.uk/jobs From tlx at leuxner.net Fri Nov 23 13:59:33 2012 From: tlx at leuxner.net (Thomas Leuxner) Date: Fri, 23 Nov 2012 12:59:33 +0100 Subject: [Dovecot] dovecot trying to update my sieve directory In-Reply-To: <b574523db4f6cffa3a039fe991bcaaee@400iso.net> References: <b22a99aa6763ab35204244dfde87db53@400iso.net> <3AD428AF-5913-428C-B328-009EA8F18ADB@leuxner.net> <b574523db4f6cffa3a039fe991bcaaee@400iso.net> Message-ID: <A77F784B-E60B-409B-BAC7-4A51BFA89759@leuxner.net> Am 23.11.2012 um 12:48 schrieb Mathieu R. <mathieu at 400iso.net>: > Thank you. can i safely : > > - close dovecot > - move files to ~Maildir > - change the config in docecot.conf > - and then restart dovecot ? Yes. You are able to move the Maildir structure (cur|new|tmp) like this. Not sure the location is also overridden in your SQL queries. If so, you also need to return the new "home" in the queries. Regards Thomas -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4364 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121123/af5d261d/attachment.bin> From mathieu at 400iso.net Fri Nov 23 14:04:41 2012 From: mathieu at 400iso.net (Mathieu R.) Date: Fri, 23 Nov 2012 13:04:41 +0100 Subject: [Dovecot] dovecot trying to update my sieve directory In-Reply-To: <A77F784B-E60B-409B-BAC7-4A51BFA89759@leuxner.net> References: <b22a99aa6763ab35204244dfde87db53@400iso.net> <3AD428AF-5913-428C-B328-009EA8F18ADB@leuxner.net> <b574523db4f6cffa3a039fe991bcaaee@400iso.net> <A77F784B-E60B-409B-BAC7-4A51BFA89759@leuxner.net> Message-ID: <81793eea7ca3fb8c8822708fc33c3eda@400iso.net> Le 23/11/2012 12:59, Thomas Leuxner a ?crit?: > Am 23.11.2012 um 12:48 schrieb Mathieu R. <mathieu at 400iso.net>: > >> Thank you. can i safely : >> >> - close dovecot >> - move files to ~Maildir >> - change the config in docecot.conf >> - and then restart dovecot ? > > Yes. You are able to move the Maildir structure (cur|new|tmp) like > this. Not sure the location is also overridden in your SQL queries. > If > so, you also need to return the new "home" in the queries. > > Regards > Thomas As i'm very newbie at sql stuff, here is my current dovecot-sql.conf : driver = mysql connect = host=localhost dbname=postfix_db user=postfix_user password=mypass # The new name for MD5 is MD5-CRYPT so you might need to change this depending on version default_pass_scheme = MD5-CRYPT # Get the mailbox user_query = SELECT '/srv/vmail/%d/%u' as home, 'maildir:/srv/vmail/%d/%u' as mail, 5000 AS uid, 5000 AS gid, concat('dirsize:storage=', quota) AS quota FROM mailbox WHERE username = '%u' AND active = '1' # Get the password password_query = SELECT username as user, password, '/srv/vmail/%d/%u' as userdb_home, 'maildir:/srv/vmail/%d/%u' as userdb_mail, 5000 as userdb_uid, 5000 as userdb_gid FROM mailbox WHERE username = '%u' AND active = '1' # If using client certificates for authentication, comment the above and uncomment the following #password_query = SELECT null AS password, '%u' AS user i think i can change it for : driver = mysql connect = host=localhost dbname=postfix_db user=postfix_user password=mypass # The new name for MD5 is MD5-CRYPT so you might need to change this depending on version default_pass_scheme = MD5-CRYPT # Get the mailbox user_query = SELECT '/srv/vmail/%d/%u' as home, 'maildir:/srv/vmail/%d/%u/Maildir' as mail, 5000 AS uid, 5000 AS gid, concat('dirsize:storage=', quota) AS quota FROM mailbox WHERE username = '%u' AND active = '1' # Get the password password_query = SELECT username as user, password, '/srv/vmail/%d/%u' as userdb_home, 'maildir:/srv/vmail/%d/%u/Maildir' as userdb_mail, 5000 as userdb_uid, 5000 as userdb_gid FROM mailbox WHERE username = '%u' AND active = '1' # If using client certificates for authentication, comment the above and uncomment the following #password_query = SELECT null AS password, '%u' AS user maybe can somebody confirm before i mess up everything ? -- Mathieu Rousseau http://400iso.net/ From sven at svenhartge.de Fri Nov 23 17:53:01 2012 From: sven at svenhartge.de (Sven Hartge) Date: Fri, 23 Nov 2012 16:53:01 +0100 Subject: [Dovecot] shared mailboxes and indexes References: <50A61147.5040201@um.es> <14BDCFB7-B11E-4D4A-95AD-5BB92085DB91@iki.fi> <50AF5D9C.7050204@skye.it> <7DEEDB49-0441-4194-911D-6B5E4E5ADCD1@iki.fi> Message-ID: <099qpni2j8v8@mids.svenhartge.de> Timo Sirainen <tss at iki.fi> wrote: > On 23.11.2012, at 13.27, Alessio Cecchi wrote: >> Il 23/11/2012 08:07, Timo Sirainen ha scritto: >>> BTW. Do you have multiple Dovecot backend servers? Director works >>> only when you're not using shared mailboxes.. >> I'm not happy to hear that, so if today we are running one dovecot >> server with shared mailbox enabled and tomorrow we will switch to a >> more complex installation with Director we will be unable to still >> provide shared mailbox to our customers? > You can't reliably do it if the mailboxes are accessed directly via > NFS. The current idea to solve this is to use imapc backend with > master users, so the actual mailbox access for each user is always > done by only one server. I think someone already managed to configure > such a setup. This was me. It works (with one minor quirk, more on this later) in my current test setup like so: a) 1 to X user-servers with the users mailboxes on them b) 1 shared-server with the shared mailboxes on them On the user-servers I have namespace like this: namespace { list = yes location = imapc:~/imapc-shared prefix = IMAPShared/ separator = / subscriptions = no type = public } and a userdb like this: userdb { args = /etc/dovecot/dovecot-ldap.conf.ext default_fields = uid=virtmail gid=virtmail home=/srv/mail/%2MLn/%Ln/ imapc_password=%w quota_rule2=Trash:ignore driver = ldap } Note the "imapc_password=%w" in the default_fields. This is needed to pass the users login-password to the shared-server. The imapc proxy code is configured like this: imapc_host = m-st-sh-01.example.com imapc_master_user = %u imapc_user = shared This uses the original user as the master-user and a fixed user with the original users password to login into the shared-server. Note: You CANNOT have ACLs activated on the users-servers, because this will interfere with the permissions of ht IMAPShared namespace, rendering the mailboxes located in there unavailable for your users. The shared-storage then uses a static passdb for the user "shared": passdb { args = user=shared password=complicatedpasswordhere driver = static } and a static userdb for the virtual-user: userdb { args = uid=virtmail gid=virtmail home=/srv/mail/%Ln driver = static } and additional a passdb for the "master" users: passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap master = yes pass = yes } which are pulled from LDAP, just like on the user-servers. Now the mentioned quirk: Because all connections on the shared-server are made to the same user "shared" and are coming from very few IPs (the 1 to X user-servers), you need to set a very high mail_max_userip_connections value. I set mine to 1000 just to be sure. ---> But: I have NOT configured login_trusted_networks, so this may be my error in that case. And, a second quirk: You can only offer admin-provided shared folders, your users CANNOT share folders themselves, because there is quite some manual work involved in creating and setting them up on the central shared-server. For example: To provide a Mailbox with the Name "Test.3" in IMAPShared I need the following directory structure on m-st-sh-01.example.com: /srv/mail/shared/mdbox/mailboxes/Test.3/ In .../Test.3/ there is the dbox-Mails folder with the indexes and other meta information. The admin needs to create the dovecot-acl file to configure the access permissions: root at m-st-sh-01:/srv/mail/shared/mdbox/mailboxes/Test.3/dbox-Mails# cat dovecot-acl user=gbgr14 lrwstipek user=bbgr99 lrwstipek The users are then able to see those folders as IMAPShared/Test.3/, subscriptions are managed inside the users own subscription file on their respective "home" server, while flages and tags are shared. Gr??e, Sven. -- Sigmentation fault. Core dumped. From stan at hardwarefreak.com Fri Nov 23 22:59:31 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Fri, 23 Nov 2012 14:59:31 -0600 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <50AF5FA6.5070500@1stwebdesigns.com> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> <50A0DA65.9080503@1stwebdesigns.com> <50AE15E8.7050400@hardwarefreak.com> <50AE9880.7040405@1stwebdesigns.com> <50AF12A4.7060201@hardwarefreak.com> <50AF5FA6.5070500@1stwebdesigns.com> Message-ID: <50AFE3B3.2020408@hardwarefreak.com> On 11/23/2012 5:36 AM, 1st WebDesigns wrote: > No they are not on NFS storage, the mailboxes are stored on the local > filesystem. Ok, good. > Thank you I will try this. I did read that when using Postfix and > Dovecot, both systems should use a matching locking mechanism, which I > had already tried. However, I hadn't tried just dotlock, only FCNTL and > a combination of FCNTL and dotlock. Since you're now using Dovecot LDA the locking mech may not make much if any difference, but it's worth trying. > Yes it completely eliminates the errors. If a pop3 connection has the > lock, the mail simply sits there and is eventually delivered in (less > than) 600 seconds. Whereas before, it would get deferred. When > re-delivery was attempted, it's possible that the box would be locked > again, and the mail would get deferred again, leading to a delay of > several hours on a busy day. So this is a step in the right direction. But still far less than optimal. The read/write lock contention on mbox is unnecessarily eating up system resources (mainly memory), and causing unnecessary delivery delays to the mailbox. You should really start looking at migrating to maildir. It's not that difficult (though maybe more so with 1.0.7) if you don't have a ton of mailboxes, and especially with POP since the mailboxes typically wont be holding much mail to migrate. How many do you have? > Our server is with Rackspace, and RHEL5 is the OS they offered us as an > upgrade path from RHEL4. So they're getting the support from Red Hat > and we're getting the support from Rackspace. The plot thickens again. You're using a rented server. Sigh... This entire thread could have been greatly shortened, saving all of us much time, if you'd have given all these details up front. Is this a cloud server (shared host), or a dedicated server? FWIW, you don't have RHEL5, but CentOS 5. Hosting companies don't pay for RHEL licenses for 10s of thousands of hosts. I have a few salient recommendations for you: 1. Migrate to maildir. It is far more appropriate for a POP workload. 2. Switch to a hosting provider that offers much more recent software. 3. Or, get a colo server so you can use whatever software you wish. Finally, if this email service you're providing isn't all that critical to you or your organization, simply prod along as you have been, fighting these problems frequently along the way. -- Stan From doctor at doctor.nl2k.ab.ca Sat Nov 24 04:49:54 2012 From: doctor at doctor.nl2k.ab.ca (The Doctor) Date: Fri, 23 Nov 2012 19:49:54 -0700 Subject: [Dovecot] SSL certificates Message-ID: <20121124024954.GC1824@doctor.nl2k.ab.ca> Who is the best CA Certificate provider for Dovecot? -- Member - Liberal International This is doctor at nl2k.ab.ca Ici doctor at nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Merry Christmas 2012 and Happy New Year 2013 -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From sven at svenhartge.de Sat Nov 24 05:03:40 2012 From: sven at svenhartge.de (Sven Hartge) Date: Sat, 24 Nov 2012 04:03:40 +0100 Subject: [Dovecot] SSL certificates References: <20121124024954.GC1824@doctor.nl2k.ab.ca> Message-ID: <499s2bh2j8v8@mids.svenhartge.de> The Doctor <doctor at doctor.nl2k.ab.ca> wrote: > Who is the best CA Certificate provider for Dovecot? What do you mean by "best"? Gr??e, Sven. -- Sigmentation fault. Core dumped. From noel.butler at ausics.net Sat Nov 24 07:57:33 2012 From: noel.butler at ausics.net (Noel Butler) Date: Sat, 24 Nov 2012 15:57:33 +1000 Subject: [Dovecot] SSL certificates In-Reply-To: <20121124024954.GC1824@doctor.nl2k.ab.ca> References: <20121124024954.GC1824@doctor.nl2k.ab.ca> Message-ID: <1353736653.15992.22.camel@tardis> On Fri, 2012-11-23 at 19:49 -0700, The Doctor wrote: > Who is the best CA Certificate provider for Dovecot? > Anyone but verisign, dont get me started on them :) Now that Thawte are no longer owned by those criminals, I highly recommend them for certs for web sites. But if its just for mail/webmail and you dont need the large insurance protections, then look at the cheaper/free startcom certs, I use them on my private domains for mail certs and webmail - very pleasant and easy to deal with. -------------- next part -------------- A non-text attachment was scrubbed... Name: face-smile.png Type: image/png Size: 873 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121124/577b0679/attachment.png> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20121124/577b0679/attachment.bin> From johnsone at usc.edu Sat Nov 24 10:16:10 2012 From: johnsone at usc.edu (Erik A Johnson) Date: Sat, 24 Nov 2012 00:16:10 -0800 Subject: [Dovecot] imap-login hanging when firewall blocks ssl handshaking In-Reply-To: <8EDD59BD-AC4B-442F-B148-285BC368B49B@iki.fi> References: <B7D3B051-AEFD-42CD-87DC-60764AF401D4@usc.edu> <8EDD59BD-AC4B-442F-B148-285BC368B49B@iki.fi> Message-ID: <AED7EBF0-A31F-4171-88DC-F07463A9E0B1@usc.edu> Thanks, Timo. Nope, still an infinite loop. Anything I can try using gdb to trace? On Nov 22, 2012, at 10:52 PM, Timo Sirainen <tss at iki.fi> wrote: > On 10.11.2012, at 12.44, Erik A Johnson wrote: > >> imap-login processes are hanging (using 100% of CPU) when connected from a client that is partially blocked by a firewall. It appears that imap-login is stuck in a loop trying to complete an ssl handshake. imap-login is working fine for other clients not blocked by the firewall (including localhost). >> >> This is dovecot 2.1.10 under Mac OS X 10.8.2 (compiled from sources); the firewall is Little Snitch 3.0.1 blocking port 993, which appears to let the connection initiate but then squashes and disconnects the socket during ssl handshaking. >> >> gdb backtrace and Activity Monitor's "Sample Process" show that imap-login is stuck calling ioloop-kqueue's io_loop_handler_run -> io_loop_call_io -> ssl_step repeatedly; dtruss shows that it is repeatedly making system calls to kevent and read, the latter returning -1 with errno 57=ENOTCONN="Socket is not connected". (I also tried ./configure --with-ioloop=poll and --with-iopoll=select instead of the default best = kqueue but the results were the same; --with-iopoll=epoll didn't work because epoll is not available on this machine.) The client, initiated by the command "openssl s_client -connect SERVER:993", first responds "CONNECTED(00000003)" but then immediately the error "60278:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:/SourceCache/OpenSSL098/OpenSSL098-44/src/ssl/s23_lib.c:182:". The infinite loop is in src/lib/ioloop.c in the function "io_loop_run" where the statement "while (ioloop->running) io_loop_handler_run(ioloop)" is executed. > > I wonder if this fixes it? http://hg.dovecot.org/dovecot-2.1/rev/e95479f439aa > From stephan at rename-it.nl Sun Nov 25 11:30:39 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Sun, 25 Nov 2012 10:30:39 +0100 Subject: [Dovecot] sieve-extprograms strips Return-Path headers In-Reply-To: <20121113145732.GB40206@anubis.morrow.me.uk> References: <20121113145732.GB40206@anubis.morrow.me.uk> Message-ID: <50B1E53F.7030801@rename-it.nl> Hi Ben, On 11/13/2012 3:57 PM, Ben Morrow wrote: > The sieve-extprograms extension strips Return-Path headers before > passing mail off to the external program. The patch to remove this > behavious is trivial (and attached), but since it appears to be > deliberate I felt I should investigate further. > > I believe this is basically a cut-and-paste error. The code to strip > Return-Path has been there since the sieve-pipe plugin for Dovecot 1.x, > and I believe it was copied from the equivalent code in the 'redirect' > action for passing mail off to sendmail(8). In that case, stripping > Return-Path is correct, since the message is being resubmitted for > delivery (by SMTP or otherwise), and the last step of the new delivery > will (should) add a new Return-Path header with the new envelope > information. In the case of sieve-extprograms, though, the filtering is > happening post-delivery, so a stripped Return-Path will never be > replaced. Yeah, you are right. Applied: http://hg.rename-it.nl/pigeonhole-0.3-sieve-extprograms/rev/3bd6ed27ae26 Regards, Stephan. From dave at morsberger.com Mon Nov 26 08:41:46 2012 From: dave at morsberger.com (David Morsberger) Date: Mon, 26 Nov 2012 01:41:46 -0500 Subject: [Dovecot] Missing Messages on IOS device Message-ID: <BD8E6193-6542-4A53-B6A9-E41F3CDF70F5@morsberger.com> I just converted my old server running UW/Panda to a Mac Mini Server running Mountain Lion (ML) Server. I'm using the postfix / dovecot setup provided by Apple. My IMAP clients are not showing all my emails. The Mail App on my iPhone and iPad is behaving the worse. I can see the emails that are not showing up in the cur directory. The ML Mail App is stating there are 3854 emails in my INBOX. There are 3948 files in the 'cur' directory ('ls cur | wc -l' returns 3948). Other mailboxes and directories have the same behavior. I'm not sure what to expect here. My method of conversion was to bulk copy (drag and drop) all the messages from one the UW server to the Dovecot server using the Apple Desktop Mail App in Mountain Lion. Any idea why these messages are not showing up on my devices and how I can get them to show up? bash-3.2# /Applications/Server.app/Contents/ServerRoot/usr/sbin/dovecotd --version 2.0.19apple1 bash-3.2# /Applications/Server.app/Contents/ServerRoot/usr/sbin/dovecotd -n # 2.0.19apple1: /Library/Server/Mail/Config/dovecot/dovecot.conf # OS: Darwin 12.2.1 x86_64 hfs aps_topic = com.apple.mail.XServer.fc3bb7c3-c8ef-4fe2-aff3-95ecd927fb11 auth_mechanisms = cram-md5 x-plain-submit plain login apop digest-md5 auth_socket_path = /var/run/dovecot/auth-userdb auth_username_format = %n default_internal_user = _dovecot default_login_user = _dovenull disable_plaintext_auth = no first_valid_gid = 6 first_valid_uid = 6 mail_access_groups = mail mail_location = maildir:/Library/Server/Mail/Data/mail/%u mail_log_prefix = "%s(pid %p user %u): " mail_plugins = quota zlib fts fts_sk managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mdbox_rotate_size = 200 M passdb { args = /Library/Server/Mail/Config/dovecot/submit.passdb driver = passwd-file pass = yes submit = yes } passdb { driver = od } plugin { fts = sk quota = maildir:User quota quota_warning = storage=100%% quota-exceeded %u sieve = /Library/Server/Mail/Data/rules/%u/dovecot.sieve sieve_dir = /Library/Server/Mail/Data/rules/%u } postmaster_address = postmaster at mini.mmpcrofton.com protocols = imap pop3 lmtp sieve quota_full_tempfail = yes service auth { extra_groups = _keytabusers idle_kill = 15 mins unix_listener auth-userdb { user = _dovecot } } service dns_client { unix_listener dns-client { mode = 0600 } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } service_count = 0 } service imap { client_limit = 5 process_limit = 200 service_count = 0 } service lmtp { unix_listener lmtp { mode = 0600 } } service managesieve-login { inet_listener sieve { port = 4190 } } service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } } service pop3 { client_limit = 5 process_limit = 200 service_count = 0 } service quota-exceeded { executable = script /Applications/Server.app/Contents/ServerRoot/usr/libexec/dovecot/quota-exceeded.sh unix_listener quota-exceeded { group = mail mode = 0660 user = _dovecot } user = _dovecot } service quota-warning { executable = script /Applications/Server.app/Contents/ServerRoot/usr/libexec/dovecot/quota-warning.sh unix_listener quota-warning { group = mail mode = 0660 user = _dovecot } user = _dovecot } ssl_ca = </etc/certificates/*.chain.pem ssl_cert = </etc/certificates/*.cert.pem ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL:!ADH:!eNULL ssl_key = </etc/certificates/*.key.pem ssl_key_path = /etc/certificates/*.key.pem syslog_facility = local6 userdb { args = partition=/Library/Server/Mail/Config/dovecot/partition_map.conf enforce_quotas=no driver = od } verbose_proctitle = yes protocol lmtp { mail_plugins = quota zlib fts fts_sk sieve push_notify } protocol lda { mail_plugins = quota zlib fts fts_sk sieve push_notify } protocol imap { imap_id_log = * imap_id_send = "name" * "version" * mail_max_userip_connections = 20 mail_plugins = quota zlib fts fts_sk imap_quota imap_zlib imap_fts urlauth } protocol pop3 { mail_max_userip_connections = 6 } From koshikov at gmail.com Mon Nov 26 08:53:26 2012 From: koshikov at gmail.com (Nikita Koshikov) Date: Mon, 26 Nov 2012 08:53:26 +0200 Subject: [Dovecot] Default fallback behaviour In-Reply-To: <50AF5BF7.1050907@skye.it> References: <CANYsE-wYxa1hf=Z4Kom5pTWoFji_aqMous9Gty_zBNhynnzkAA@mail.gmail.com> <50AF5BF7.1050907@skye.it> Message-ID: <20121126085326.4e12dbfc@EBook.agromat.intranet> On Fri, 23 Nov 2012 12:20:23 +0100 Alessio Cecchi wrote: > Il 23/11/2012 08:46, Nikita Koshikov ha scritto: > > Hello list, > > > > Here is the problem: > > I have few: > > passdb { > > #1 > > } > > passdb { > > #2 > > } > > And relative userdb sections. If user not found in 1) section it fallbacks > > to next one - it's expected and right, IMHO. But when the user exists in > > both section and password verification fails on 1) database it successfully > > authenticated on next one. I think this behaviour should be configured. The > > main goal of 1) section for this server is to overwrite users in main > > (section2) database. > > > > Maybe I missed something and this option is already in dovecot code and I > > can't find it ? Or if not - will it be added in the future ? > > > > Dovecot version 2.1.10. > > > > You can enable this features by adding "deny=yes" in the passdb > extra_fields of specific users. > > You can find more information here: > http://wiki2.dovecot.org/AuthDatabase/PasswdFile ot you can use the > "auth-deny.conf.ext" example configuration. > > Ciao Maybe I was not so clear - but this is not what I'm searching for. deny=yes will deny user in corresponding database - I want - allow user to login, if and only if, users password matches and if it fail(in current passdb) - not trying next passdb for checking his password, even if user exists in the next database. From amateo at um.es Mon Nov 26 10:20:27 2012 From: amateo at um.es (Angel L. Mateo) Date: Mon, 26 Nov 2012 09:20:27 +0100 Subject: [Dovecot] shared mailboxes and indexes In-Reply-To: <14BDCFB7-B11E-4D4A-95AD-5BB92085DB91@iki.fi> References: <50A61147.5040201@um.es> <14BDCFB7-B11E-4D4A-95AD-5BB92085DB91@iki.fi> Message-ID: <50B3264B.4080508@um.es> El 23/11/12 08:07, Timo Sirainen escribi?: > On 16.11.2012, at 12.11, Angel L. Mateo wrote: > >> We are deploying shared mailboxes in our mail system. We are running 2.1.9 and mail backend is maildir. >> >> As described at http://wiki.dovecot.org/SharedMailboxes/Shared when shared namespace is configured as >> >> namespace shared { >> separator = / >> prefix = shared/%%u/ >> location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u >> subscriptions = no >> list = children >> } >> >> each user accessing this folder has its own index, stored in ~/Maildir/shared/%%u/<shared mailbox>, hasn't it? > > Right. > >> Our mail is store in NFS disks so we are very concerned about indexes optimizations (we had performance problems until we got all of our indexes and nfs tunned). So, is there any way so those indexes could be shared for all users (and they always would be updated). > > If you don't need per-user flags you can just remove the per-user INDEX. If you want per-user flags and want to share indexes, you need the new INDEXPVT option that exists in v2.2 or as a patch to v2.1: http://dovecot.org/patches/2.1/private-index.diff > >> Regarding this... if we'd use dbox instead of maildir, indexes are a really important part of the mailbox and they can't be re-constructed when they are outdated. So, how do shared mailboxes work with dbox backend? Do I have to configure indexes in any particular way? > > INDEXPVT is a requirement with dbox if you want per-user flags. > > BTW. Do you have multiple Dovecot backend servers? Director works only when you're not using shared mailboxes.. > Oh... sad to read this. I have multiple backend server behind a director one. -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n y las Comunicaciones Aplicadas (ATICA) http://www.um.es/atica Tfo: 868889150 Fax: 868888337 From listas.correo at yahoo.es Mon Nov 26 11:58:54 2012 From: listas.correo at yahoo.es (mailing lists) Date: Mon, 26 Nov 2012 09:58:54 +0000 (GMT) Subject: [Dovecot] doveadm fails with passdb authentication binds (dovecot 2.0.16) In-Reply-To: <50AF6C36.3000500@eservicios.indra.es> References: <1353426869.63536.YahooMailNeo@web171501.mail.ir2.yahoo.com> <592ACC86-265E-476F-81B2-E797C0414165@iki.fi> <50AF6C36.3000500@eservicios.indra.es> Message-ID: <1353923934.14376.YahooMailNeo@web171506.mail.ir2.yahoo.com> Hello, >> # doveadm mailbox list -u user001 >> doveadm(user001): Error: user user001: Auth PASS lookup failed >> doveadm(user001): Fatal: passdb lookup failed > Are you running this on a Dovecot proxy? It looks like doveadm wants to do a passdb lookup to find out which server should handle this user. Passdb lookups don't work with LDAP binding. But if everything else works then I think you simply shouldn't have enabled doveadm proxying. So, set doveadm_proxy_port back to 0? thank you Timo, setting doveadm_proxy_port to 0 did the trick. From trusktr at gmail.com Mon Nov 26 12:59:27 2012 From: trusktr at gmail.com (/#!/JoePea) Date: Mon, 26 Nov 2012 02:59:27 -0800 Subject: [Dovecot] Dovecot sieve with postfix. In-Reply-To: <20121119164753.GK94077@anubis.morrow.me.uk> References: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> <20121119164753.GK94077@anubis.morrow.me.uk> Message-ID: <CAKU1PAUj2gR5PGqWK8TZEOCQn3tYDgE69NrFWbB5bmL=y56qYw@mail.gmail.com> Hi, thanks for the reply. I'm new to all this. How can I tell if postfix is deferring messages, or if it thinks they've been delieverd? Where is the postfix log? How do I feed a message to dovecot-lda manually, as mailman? How do I use LMTP instead of LDA? */#!/*JoePea On Mon, Nov 19, 2012 at 8:47 AM, Ben Morrow <ben at morrow.me.uk> wrote: > At 6AM -0800 on 19/11/12 you (/#!/JoePea) wrote: > > > > I can't get dovecot working with postfix. If I leave virtual_transport > set > > to "virtual", I can send and receive messages just fine in roundcube. If > I > > set virtual_transport to "dovecot", I can only send messages in > roundcube, > > but incoming messages never arrive. Seems I can't get dovecot-lda to > work. > > I need dovecot-lda in order for sieve filters to work. > > > > Any idea what I'm doing wrong? > > > > Here's `doveconf -n`: > > http://pastie.org/5401133 > > > > `postconf -n`: > > http://pastie.org/5401157 > > > > and `postconf -M`: > > http://pastie.org/5401177 > > The only obvious thing I can see wrong there is that you have > > mail_plugins = " sieve" > > in dovecot.conf, which should be > > mail_plugins = sieve > > but I don't know that that would prevent delivery. > > Is Postfix deferring the message, or does it think it's been delivered? > What do you see in your logs when a message is delivered (since you've > redirected Dovecot away from syslog, you'd need to look at both > Postfix's and Dovecot's logs)? > > What happens if you feed a message to dovecot-lda manually, as > 'mailman'? Check the exitcode of lda and the logs, as well as seeing if > the message was delivered. > > Since you've set up a dedicated transport for Dovecot, it would probably > be worth using LMTP instead of the LDA. It should be more efficient, and > since you're only using a single virtual user you can tell dovecot to > run the LMTP server as 'mailman' instead of root. > > Ben > > From trusktr at gmail.com Mon Nov 26 13:00:31 2012 From: trusktr at gmail.com (/#!/JoePea) Date: Mon, 26 Nov 2012 03:00:31 -0800 Subject: [Dovecot] Dovecot sieve with postfix. In-Reply-To: <50AA66A5.4050702@fi4it.de> References: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> <50AA66A5.4050702@fi4it.de> Message-ID: <CAKU1PAXDX=YGSuD=-D_aUbJ59HrN96MUidhVHuhRk6H40xKa2A@mail.gmail.com> Hi, I tried changing dovecot-lda to deliver in master.cf and also added the acl plugin to the lda protocol like yours. It still won't work though. */#!/*JoePea On Mon, Nov 19, 2012 at 9:04 AM, Fi4IT - Daniel Fischer <dfischer at fi4it.de>wrote: > Hello Joe, > > i use this: > main.cf > virtual_transport = dovecot > > master.cf > dovecot unix - n n - - pipe > flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} > -d ${recipient} > > /etc/dovecot/conf.d/15-lda.**conf > protocol lda { > log_path = /var/log/sieve.log > mail_plugins = acl sieve > } > > and that works fine with my tested clients (tb,outlook,roundcube) > > daniel > > Am 19.11.2012 15:17, schrieb /#!/JoePea: > >> Hi all, >> >> I can't get dovecot working with postfix. If I leave virtual_transport set >> to "virtual", I can send and receive messages just fine in roundcube. If I >> set virtual_transport to "dovecot", I can only send messages in roundcube, >> but incoming messages never arrive. Seems I can't get dovecot-lda to work. >> I need dovecot-lda in order for sieve filters to work. >> >> Any idea what I'm doing wrong? >> >> Here's `doveconf -n`: >> http://pastie.org/5401133 >> >> `postconf -n`: >> http://pastie.org/5401157 >> >> and `postconf -M`: >> http://pastie.org/5401177 >> >> Note: All I have to do is change virtual_transport = dovecot to >> virtual_transport >> = virtual and all will be fine, except for that I won't have sieve >> filtering which is what I really want. >> >> */#!/*JoePea >> >> > > -- > > Fischer Daniel > FI4IT - that's it > Messerschmittstrasse 17 > 89231 Neu Ulm > > Email: dfischer at fi4it.de > Web: www.fi4it.de > Telefon: 073180019370 > Fax: 073180019375 > Mobil: 01729230731 > > From ben at morrow.me.uk Mon Nov 26 13:52:36 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Mon, 26 Nov 2012 11:52:36 +0000 Subject: [Dovecot] Dovecot sieve with postfix. In-Reply-To: <CAKU1PAUj2gR5PGqWK8TZEOCQn3tYDgE69NrFWbB5bmL=y56qYw@mail.gmail.com> References: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> <20121119164753.GK94077@anubis.morrow.me.uk> <CAKU1PAUj2gR5PGqWK8TZEOCQn3tYDgE69NrFWbB5bmL=y56qYw@mail.gmail.com> Message-ID: <20121126115235.GC76138@anubis.morrow.me.uk> At 2AM -0800 on 26/11/12 you (/#!/JoePea) wrote: > Hi, thanks for the reply. I'm new to all this. How can I tell if postfix is > deferring messages, or if it thinks they've been delieverd? Where is the > postfix log? You can tell if a message is still in the queue with 'mailq'. You can find out why by reading the log. If messages are being deferred they will eventually start bouncing, once Postfix decides they've spent too long in the queue. Postfix normally logs through the 'mail' facility of syslog. > How do I feed a message to dovecot-lda manually, as mailman? Something along the lines of sudo -u mailman /usr/lib/dovecot/dovecot-lda -f some at user -d some at user </some/mail/message as root should work, depending on your sudo setup. Otherwise you will need to use su, which can be more awkward. > How do I use LMTP instead of LDA? Read the wiki for the Dovecot end, and use virtual_transport = lmtp:unix:/path/to/lmtp/socket on the Postfix end. You will want to test the LMTP server is working manually (with nc -U or something) before trying to get Postfix to deliver to it. Ben From minfrin at sharp.fm Mon Nov 26 16:24:38 2012 From: minfrin at sharp.fm (Graham Leggett) Date: Mon, 26 Nov 2012 16:24:38 +0200 Subject: [Dovecot] IMAP proxy - can it detect parodying to itself? Message-ID: <E7B0E47F-FA5E-40F7-A4E7-7AB6565D73FC@sharp.fm> Hi all, I have some IMAP servers fronted with separate perdition processes, and it would be ideal if I could collapse this down to having dovecot do both the IMAP proxying and the IMAP serving at the same time on the same IP addresses. One of the fields in my LDAP entries contains the canonical name of the server that hosts their mailbox, and if I follow the manual at http://wiki2.dovecot.org/PasswordDatabase/ExtraFields#LDAP I could add the host field to enable proxying. My question is whether dovecot has the ability to notice whether dovecot is being asked to proxy to itself, in other words the value of "host" is the current dovecot server, and when this happens, ignore the proxy and just be a straight IMAP server, because the user has connected to the right box already. Is this possible? Regards, Graham -- -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4365 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121126/b718e8e0/attachment-0001.bin> From minfrin at sharp.fm Mon Nov 26 16:26:52 2012 From: minfrin at sharp.fm (Graham Leggett) Date: Mon, 26 Nov 2012 16:26:52 +0200 Subject: [Dovecot] IMAP proxy - can it detect parodying to itself? In-Reply-To: <E7B0E47F-FA5E-40F7-A4E7-7AB6565D73FC@sharp.fm> References: <E7B0E47F-FA5E-40F7-A4E7-7AB6565D73FC@sharp.fm> Message-ID: <064C6DB5-565C-4EE0-92D0-09921DE893FE@sharp.fm> On 26 Nov 2012, at 4:24 PM, Graham Leggett <minfrin at sharp.fm> wrote: > I have some IMAP servers fronted with separate perdition processes, and it would be ideal if I could collapse this down to having dovecot do both the IMAP proxying and the IMAP serving at the same time on the same IP addresses. A heartfelt thanks to Apple Autocorrect for changing "parodying", oops, I meant "parodying", aargh, I meant "p r o x y i n g", to parodying in the subject of this message. Regards, Graham -- -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4365 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121126/0bb4985e/attachment.bin> From ben at morrow.me.uk Mon Nov 26 18:02:40 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Mon, 26 Nov 2012 16:02:40 +0000 Subject: [Dovecot] IMAP proxy - can it detect parodying to itself? In-Reply-To: <E7B0E47F-FA5E-40F7-A4E7-7AB6565D73FC@sharp.fm> References: <E7B0E47F-FA5E-40F7-A4E7-7AB6565D73FC@sharp.fm> Message-ID: <20121126160239.GD76138@anubis.morrow.me.uk> At 4PM +0200 on 26/11/12 you (Graham Leggett) wrote: > Hi all, > > I have some IMAP servers fronted with separate perdition processes, > and it would be ideal if I could collapse this down to having dovecot > do both the IMAP proxying and the IMAP serving at the same time on the > same IP addresses. > > One of the fields in my LDAP entries contains the canonical name of > the server that hosts their mailbox, and if I follow the manual at > http://wiki2.dovecot.org/PasswordDatabase/ExtraFields#LDAP I could add > the host field to enable proxying. You also need the 'proxy' or 'proxy_maybe' field, which is a boolean (the field just needs to be present). If you just configure 'host' you will get login referrals, which is not what you want. > My question is whether dovecot has the ability to notice whether > dovecot is being asked to proxy to itself, in other words the value of > "host" is the current dovecot server, and when this happens, ignore > the proxy and just be a straight IMAP server, because the user has > connected to the right box already. This is what happens if you use 'proxy_maybe' instead of 'proxy'. Ben From skdovecot at smail.inf.fh-brs.de Mon Nov 26 18:07:37 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Mon, 26 Nov 2012 17:07:37 +0100 (CET) Subject: [Dovecot] lmtp_rcpt_check_quota working somewhere? Message-ID: <alpine.DEB.2.02.1211261658550.3077@pc-2m63nn> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, I'm running Dovecot v2.1 and enabled the lmtp_rcpt_check_quota option in conf.d/20-lmtp.conf, because I just found it in the sample config. Is this option working somewhere? When I have the option enabled, I get _no_ response in the RCPT TO phase, if the user is under quota. If I go on and enter the DATA keyword eventually, I get "554 5.5.1 No valid recipients", so it looks like, the user is really ignored at all. For an user over quota, I get: 552 5.2.2 <user> Quota exceeded (mailbox for user is full) Without lmtp_rcpt_check_quota LMTP works fine. For the user over quota I get the error after DATA phase, the user under quota gets the message delivered. Regards, - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBULOTyWoxLS8a3A9mAQITfggAoC0ujUXE53ePUEsTUHXlL2S0/hQCdAgA ppZnUPv9Gjh2oZjjrOmPa+zYVnd+6xK9m58bV4b7FPC+uz1otaS205WMIeZCuy5l kTtCpNpxxNfsUDzMM8zrRf+AZODAwUzwx7yknGdpXtezIGYg7kTKIXxs3KShgI3i ML/kbj4j+YkpdR0wUnZCIVM7MBukAJ3rhSqvfcY0ekZo8+ownqVjCE1PLhFy6oGE OsN8qY272nuvY9dLjflUjOKsvPVnviIu0kgRAZEsqPPp27Jp4GMsSpqqdAhjgbzH D8n9AnxVc6KYhq8qVpsWBCNy3/CwERsadZcRnl/4zcZmq19VsLLZMQ== =Nyqj -----END PGP SIGNATURE----- From cfowler at scss.tcd.ie Mon Nov 26 19:31:00 2012 From: cfowler at scss.tcd.ie (cfowler) Date: Mon, 26 Nov 2012 17:31:00 +0000 Subject: [Dovecot] Vacation messages come from POSTMASTER, not user Message-ID: <1ae8ff5c569ca991558585c3071131c2@scss.tcd.ie> Problem : All vacation autoreplies come from the postmaster address. Expected behavior : vacation notice comes from the user who set the vacation. Platform : Dovecot 2.1.7 on Debian Squeeze ( See below for example reply, sieve script and dovecot -n output) Any help appreciated! ---------------------------------------------------------------------------------------- Sieve script used: if true { vacation :days 2 :subject "Out of Office" "I am currently out of the office"; stop; } ---------------------------------------------------------------------------------------- Return-Path: <> X-Original-To: teststff at mydomain.com Delivered-To: teststff at mydomain.com Received: from localhost (localhost [127.0.0.1]) by quicksilver.mydomain.com (Postfix) with ESMTP id 12591BE16 for <teststff at mydomain.com>; Mon, 26 Nov 2012 16:54:16 +0000 (GMT) X-Virus-Scanned: Debian amavisd-new at mydomain.com X-Spam-Flag: NO X-Spam-Score: -0.501 X-Spam-Level: X-Spam-Status: No, score=-0.501 required=5 tests=[BAYES_05=-0.5, NO_RELAYS=-0.001] autolearn=no Received: from quicksilver.mydomain.com ([127.0.0.1]) by localhost (quicksilver.mydomain.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DNM8HKzR4d0t for <teststff at mydomain.com>; Mon, 26 Nov 2012 16:54:06 +0000 (GMT) Received: by quicksilver.mydomain.com (Postfix, from userid 15099) id DA3DABE1B; Mon, 26 Nov 2012 16:54:06 +0000 (GMT) X-Sieve: Pigeonhole Sieve 0.3.0 Message-ID: <dovecot-sieve-1353948846-837692-0 at quicksilver.mydomain.com> Date: Mon, 26 Nov 2012 16:54:06 +0000 From: Postmaster <root at mydomain.com> To: <teststff at mydomain.com> Subject: Out of Office In-Reply-To: <ac0fe0e6de81129e7499aba9aa67697a at localhost> References: <ac0fe0e6de81129e7499aba9aa67697a at localhost> Auto-Submitted: auto-replied (vacation) Precedence: bulk MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit I am currently out of the office ---------------------------------------------------------------------------------------- # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.6 ext3 auth_debug = yes auth_debug_passwords = yes auth_verbose = yes listen = *, [::] log_timestamp = "%Y-%m-%d %H:%M:%S " mail_location = maildir:/var/maildirs/%n/Maildir mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave passdb { args = /etc/dovecot/dovecot-ldap.conf driver = ldap } plugin { home = /var/maildirs/%u mail_debug = yes sieve = /var/maildirs/%u/deliver.sieve sieve_dir = /var/maildirs/%n/sieve sieve_global_dir = /etc/sieve/ sieve_global_path = /etc/sieve/deliver.sieve sieve_vacation_dont_check_recipient = yes } protocols = imap pop3 sieve service auth { unix_listener /var/spool/postfix/private/dovecot-auth { group = postfix mode = 0660 user = postfix } unix_listener auth-master { mode = 0600 } user = root } service imap-login { client_limit = 256 process_min_avail = 16 service_count = 0 vsz_limit = 256 M } service managesieve-login { client_limit = 256 process_min_avail = 16 service_count = 0 vsz_limit = 256 M } service pop3-login { client_limit = 256 process_min_avail = 16 service_count = 0 vsz_limit = 256 M } ssl_cert = </var/certs/wildcard.mydomain.ie-including-chain.pem ssl_key = </var/certs/wildcard.mydomain.ie.key userdb { args = /etc/dovecot/dovecot-ldap.conf driver = ldap } protocol imap { imap_client_workarounds = delay-newmail mail_max_userip_connections = 20 } protocol pop3 { pop3_uidl_format = %08Xu%08Xv } protocol lda { auth_socket_path = /var/run/dovecot/auth-master mail_debug = yes mail_plugins = sieve postmaster_address = root at mydomain.ie } From rs at sys4.de Mon Nov 26 19:42:22 2012 From: rs at sys4.de (Robert Schetterer) Date: Mon, 26 Nov 2012 18:42:22 +0100 Subject: [Dovecot] Vacation messages come from POSTMASTER, not user In-Reply-To: <1ae8ff5c569ca991558585c3071131c2@scss.tcd.ie> References: <1ae8ff5c569ca991558585c3071131c2@scss.tcd.ie> Message-ID: <50B3A9FE.6030503@sys4.de> Am 26.11.2012 18:31, schrieb cfowler: > Problem : All vacation autoreplies come from the postmaster address. <> is not really the postmaster address, its special for the mailer daemon > Expected behavior : vacation notice comes from the user who set the > vacation. at my knowledge, does not work that way ,yet, guess what you want, might work with invoking external script via sieve wait for other responses , special stefan might give better answer about sieve > Platform : Dovecot 2.1.7 on Debian Squeeze ( See below for example > reply, sieve script and dovecot -n output) > > Any help appreciated! > > > ---------------------------------------------------------------------------------------- > > > Sieve script used: > > if true > { > vacation :days 2 :subject "Out of Office" "I am currently out of the > office"; > stop; > } > > ---------------------------------------------------------------------------------------- > > > Return-Path: <> > X-Original-To: teststff at mydomain.com > Delivered-To: teststff at mydomain.com > Received: from localhost (localhost [127.0.0.1]) > by quicksilver.mydomain.com (Postfix) with ESMTP id 12591BE16 > for <teststff at mydomain.com>; Mon, 26 Nov 2012 16:54:16 +0000 (GMT) Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From ben at morrow.me.uk Mon Nov 26 19:59:36 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Mon, 26 Nov 2012 17:59:36 +0000 Subject: [Dovecot] Vacation messages come from POSTMASTER, not user In-Reply-To: <1ae8ff5c569ca991558585c3071131c2@scss.tcd.ie> References: <1ae8ff5c569ca991558585c3071131c2@scss.tcd.ie> Message-ID: <20121126175935.GF76138@anubis.morrow.me.uk> At 5PM +0000 on 26/11/12 you (cfowler) wrote: > Problem : All vacation autoreplies come from the postmaster address. > Expected behavior : vacation notice comes from the user who set the > vacation. > Platform : Dovecot 2.1.7 on Debian Squeeze ( See below for example > reply, sieve script and dovecot -n output) <snip> > sieve_vacation_dont_check_recipient = yes Why have you set this? Normally vacation will refuse to respond to a message which doesn't have your address in one of the recipient header fields; in fact the standard says that it MUST NOT respond unless this is the case. This setting turns that check off, in which case Pigeonhole will send a vacation response (despite the standard) but sends it from Postmaster. I assume this is done for privacy reasons, since the person the vacation response is being sent to doesn't necessarily know the user who set the vacation exists, or what their address might be. If you send a message with the user's email address in To:, do you get a vacation response From: the correct address? Ben From cfowler at scss.tcd.ie Mon Nov 26 20:21:05 2012 From: cfowler at scss.tcd.ie (cfowler) Date: Mon, 26 Nov 2012 18:21:05 +0000 Subject: [Dovecot] Vacation messages come from POSTMASTER, not user In-Reply-To: <20121126175935.GF76138@anubis.morrow.me.uk> References: <1ae8ff5c569ca991558585c3071131c2@scss.tcd.ie> <20121126175935.GF76138@anubis.morrow.me.uk> Message-ID: <5fa7ee2d078f950032e1147105f2b61a@scss.tcd.ie> On 26-11-2012 17:59, Ben Morrow wrote: > At 5PM +0000 on 26/11/12 you (cfowler) wrote: >> Problem : All vacation autoreplies come from the postmaster address. >> Expected behavior : vacation notice comes from the user who set the >> vacation. >> Platform : Dovecot 2.1.7 on Debian Squeeze ( See below for example >> reply, sieve script and dovecot -n output) > <snip> > >> sieve_vacation_dont_check_recipient = yes > > Why have you set this? Normally vacation will refuse to respond to a > message which doesn't have your address in one of the recipient > header > fields; in fact the standard says that it MUST NOT respond unless > this > is the case. This setting turns that check off, in which case > Pigeonhole > will send a vacation response (despite the standard) but sends it > from > Postmaster. I assume this is done for privacy reasons, since the > person > the vacation response is being sent to doesn't necessarily know the > user > who set the vacation exists, or what their address might be. > This feature is the reason I've upgraded to 2.1.7 from 1.2.15 Our users have addresses like bmorrow at foo.com We also store aliases for them in LDAP like ben.morrow at foo.com. Postfix knows of these aliases and accepts mail for them. Most of our users prefer to hand out this alias as their email address Mails to bmorrow at foo.com were receiving vacation auto-replies as you'd expect in 1.2.15 Mails to ben.morrow at foo.com were not due to the infamous "discarding vacation response for message implicitly delivered to bmorrow at foo.com" message. I know the correct behavior is for the users to write a correct sieve script with an addresses: line, but that's not going to happen unfortunately. The users just want "Push button to make vacation go". > If you send a message with the user's email address in To:, do you > get a > vacation response From: the correct address? > No, mails to bmorrow at foo.com also get Postmaster replies. With 1.2.15 we were at least getting autoreplies from bmorrow at foo.com when a mail was sent to bmorrow at foo.com. > Ben From klimenko.n at theitidea.ru Mon Nov 26 20:58:30 2012 From: klimenko.n at theitidea.ru (=?UTF-8?B?0J3QuNC60L7Qu9Cw0Lkg0JrQu9C40LzQtdC90LrQvg==?=) Date: Mon, 26 Nov 2012 22:58:30 +0400 Subject: [Dovecot] sieve + dkim Message-ID: <50B3BBD6.5050302@theitidea.ru> message sent from the sieve-vacation does not contain dkim signature how to configure sieve to send messages via smtp transport with signing? From klimenko.n at theitidea.ru Mon Nov 26 21:26:29 2012 From: klimenko.n at theitidea.ru (=?UTF-8?B?0J3QuNC60L7Qu9Cw0Lkg0JrQu9C40LzQtdC90LrQvg==?=) Date: Mon, 26 Nov 2012 23:26:29 +0400 Subject: [Dovecot] Dovecot sieve with postfix. In-Reply-To: <50AA66A5.4050702@fi4it.de> References: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> <50AA66A5.4050702@fi4it.de> Message-ID: <50B3C265.5060409@theitidea.ru> may be this is the best way dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient} -a ${recipient} parameter-a $ {recipient} allow to keep the recipient's address in the headers "from:" 19.11.12 21:04, Fi4IT - Daniel Fischer ?????: > Hello Joe, > > i use this: > main.cf > virtual_transport = dovecot > > master.cf > dovecot unix - n n - - pipe > flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f > ${sender} -d ${recipient} > > /etc/dovecot/conf.d/15-lda.conf > protocol lda { > log_path = /var/log/sieve.log > mail_plugins = acl sieve > } > > and that works fine with my tested clients (tb,outlook,roundcube) > > daniel > > Am 19.11.2012 15:17, schrieb /#!/JoePea: >> Hi all, >> >> I can't get dovecot working with postfix. If I leave >> virtual_transport set >> to "virtual", I can send and receive messages just fine in roundcube. >> If I >> set virtual_transport to "dovecot", I can only send messages in >> roundcube, >> but incoming messages never arrive. Seems I can't get dovecot-lda to >> work. >> I need dovecot-lda in order for sieve filters to work. >> >> Any idea what I'm doing wrong? >> >> Here's `doveconf -n`: >> http://pastie.org/5401133 >> >> `postconf -n`: >> http://pastie.org/5401157 >> >> and `postconf -M`: >> http://pastie.org/5401177 >> >> Note: All I have to do is change virtual_transport = dovecot to >> virtual_transport >> = virtual and all will be fine, except for that I won't have sieve >> filtering which is what I really want. >> >> */#!/*JoePea >> From user+dovecot at localhost.localdomain.org Mon Nov 26 21:52:44 2012 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Mon, 26 Nov 2012 20:52:44 +0100 Subject: [Dovecot] sieve + dkim In-Reply-To: <50B3BBD6.5050302@theitidea.ru> References: <50B3BBD6.5050302@theitidea.ru> Message-ID: <50B3C88C.908@localhost.localdomain.org> On 11/26/2012 07:58 PM ??????? ???????? wrote: > message sent from the sieve-vacation does not contain dkim signature > > how to configure sieve to send messages via smtp transport with signing? Configure a submission host: http://hg.dovecot.org/dovecot-2.1/file/e95479f439aa/doc/example-config/conf.d/15-lda.conf#l20 Regards, Pascal -- The trapper recommends today: face1e55.1233120 at localdomain.org From design at 1stwebdesigns.com Mon Nov 26 21:58:43 2012 From: design at 1stwebdesigns.com (1st WebDesigns) Date: Mon, 26 Nov 2012 19:58:43 +0000 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <50AFE3B3.2020408@hardwarefreak.com> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> <50A0DA65.9080503@1stwebdesigns.com> <50AE15E8.7050400@hardwarefreak.com> <50AE9880.7040405@1stwebdesigns.com> <50AF12A4.7060201@hardwarefreak.com> <50AF5FA6.5070500@1stwebdesigns.com> <50AFE3B3.2020408@hardwarefreak.com> Message-ID: <50B3C9F3.6070709@1stwebdesigns.com> > So this is a step in the right direction. But still far less than > optimal. The read/write lock contention on mbox is unnecessarily eating > up system resources (mainly memory), and causing unnecessary delivery > delays to the mailbox. You should really start looking at migrating to > maildir. It's not that difficult (though maybe more so with 1.0.7) if > you don't have a ton of mailboxes, and especially with POP since the > mailboxes typically wont be holding much mail to migrate. How many do > you have? There's around four hundred mail boxes or so. Some used more intensively than others. > >> Our server is with Rackspace, and RHEL5 is the OS they offered us as an >> upgrade path from RHEL4. So they're getting the support from Red Hat >> and we're getting the support from Rackspace. > > The plot thickens again. You're using a rented server. Sigh... > > This entire thread could have been greatly shortened, saving all of us > much time, if you'd have given all these details up front. > > Is this a cloud server (shared host), or a dedicated server? It's a dedicated server > > FWIW, you don't have RHEL5, but CentOS 5. Hosting companies don't pay > for RHEL licenses for 10s of thousands of hosts. It's RHEL5: $cat /etc/issue Red Hat Enterprise Linux Server release 5.8 (Tikanga) The cost of the license is included in our contract. > > I have a few salient recommendations for you: > > 1. Migrate to maildir. It is far more appropriate for a POP workload. Yes, this will be our next course of action > 2. Switch to a hosting provider that offers much more recent software. We can upgrade the software if we wish, but will no longer get full support from Rackspace if we do this. > 3. Or, get a colo server so you can use whatever software you wish. We can install whatever software we wish at the moment, but see the point above. > > Finally, if this email service you're providing isn't all that critical > to you or your organization, simply prod along as you have been, > fighting these problems frequently along the way. > It's kind of working ok now but we will go with your recommendation of switching to maildir when we have time. Thanks for your help From kgc at corp.sonic.net Mon Nov 26 22:03:14 2012 From: kgc at corp.sonic.net (Kelsey Cummings) Date: Mon, 26 Nov 2012 12:03:14 -0800 Subject: [Dovecot] memory allocation issues In-Reply-To: <840D1B6B-956A-442C-8550-62EBAD352B73@iki.fi> References: <20121109004915.GJ70186@corp.sonic.net> <840D1B6B-956A-442C-8550-62EBAD352B73@iki.fi> Message-ID: <20121126200314.GH62311@corp.sonic.net> On Fri, Nov 23, 2012 at 08:36:37AM +0200, Timo Sirainen wrote: > On 9.11.2012, at 2.49, Kelsey Cummings wrote: > > One of our dovecot backend servers ran into a problem with it's auth > > process a few days ago. This doesn't appear to be the error logged when > > dovecot hits its internal limit so I'm not sure what is going on here. > > > > auth: Error: malloc: 58012: Cannot allocate memory > > auth: Error: Unable to allocate memory for mutexes from the region > > auth: Error: PANIC: Cannot allocate memory > > auth: passwd(test,1.1.1.1,<8HTlNHzNIQBAjhKC>): unknown user > > It would have been nicer if libc would have just crashed the process instead of silently converting it into "unknown user" error.. That's probably actually a bug since the getpwuid_r() that Dovecot uses would have been able to return an error message. We saw two boxes do this over the weekend. > > pop3: Error: Authenticated user not found from userdb, auth lookup +id=2509111297 (client-pid=4781 client-id=1) > > pop3-login: Internal login failure (pid=4781 id=1) (internal failure, 1 +succesful auths): user=<test>... > > > > There was at least 10+GB free RAM on the server and no indication of a > > system level issue at the same time. The server is running 2.1.9. > > There were about 3,200 active sessions, with something like 12 new > > sessions/sec. The other identical servers are/were handling virtually > > identical load with the same service uptime and haven't had any issues > > so far. (Crash happened 7 days ago.) > > Memory leak maybe? service auth { vsz_limit } anyway was reached (default 256 MB). It is currently set to 768M, I'll go ahead and raise it up to 1G. Anything I can do to help see if it is a memory leak? # dovecot -n # 2.1.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-279.9.1.el6.x86_64 x86_64 Scientific Linux release 6.3 (Carbon) auth_master_user_separator = * auth_username_format = %Ln auth_verbose = yes auth_verbose_passwords = sha1 auth_worker_max_count = 64 login_log_format_elements = user=<%u> session=%{session} method=%m rip=%r lip=%l mpid=%e %c mail_fsync = always mail_log_prefix = "%s(%u): session=%{session} " mail_plugins = stats zlib maildir_very_dirty_syncs = yes mmap_disable = yes namespace { inbox = yes location = prefix = INBOX. separator = . type = private } passdb { args = /etc/dovecot/master-users driver = passwd-file master = yes } passdb { args = imap driver = pam } plugin { lazy_expunge = DELETED_MESSAGES. mail_log_events = delete expunge flag_change mail_log_fields = uid box msgid from flags size quota = fs:User quota stats_refresh = 30 secs stats_track_cmds = yes } protocols = imap pop3 service anvil { client_limit = 10000 } service auth { client_limit = 10000 vsz_limit = 768 M } service doveadm { inet_listener { port = 1842 } unix_listener doveadm-server { mode = 0666 } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } process_limit = 7000 process_min_avail = 32 vsz_limit = 256 M } service imap-postlogin { executable = script-login -d /etc/dovecot/bin/sonic-imap-postlogin user = $default_internal_user } service imap { executable = imap imap-postlogin process_limit = 4096 vsz_limit = 512 M } service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } process_limit = 2000 process_min_avail = 32 vsz_limit = 256 M } service pop3-postlogin { executable = script-login -d /etc/dovecot/bin/sonic-pop3-postlogin user = $default_internal_user } service pop3 { executable = pop3 pop3-postlogin process_limit = 4096 } service stats { fifo_listener stats-mail { mode = 0666 } } shutdown_clients = no ssl = required ssl_parameters_regenerate = 1 days syslog_facility = local0 userdb { driver = passwd } verbose_proctitle = yes protocol imap { imap_id_send = support-url support-email mail_max_userip_connections = 20 mail_plugins = stats zlib mwi_update mail_log notify imap_stats imap_zlib } protocol pop3 { mail_plugins = stats zlib lazy_expunge pop3_fast_size_lookups = yes pop3_uidl_format = %f } -- Kelsey Cummings - kgc at corp.sonic.net sonic.net, inc. System Architect 2260 Apollo Way 707.522.1000 Santa Rosa, CA 95407 From klimenko.n at theitidea.ru Mon Nov 26 22:13:24 2012 From: klimenko.n at theitidea.ru (=?UTF-8?B?0J3QuNC60L7Qu9Cw0Lkg0JrQu9C40LzQtdC90LrQvg==?=) Date: Tue, 27 Nov 2012 00:13:24 +0400 Subject: [Dovecot] sieve + dkim In-Reply-To: <50B3C88C.908@localhost.localdomain.org> References: <50B3BBD6.5050302@theitidea.ru> <50B3C88C.908@localhost.localdomain.org> Message-ID: <50B3CD64.2090409@theitidea.ru> thx for answer i use 1.x I found the solution in main.cf content_filter=smtp-amavis:[127.0.0.1]:10026 #filter with dkim and in master.cf public_ip_external_user:smtp inet n - - - - smtpd #some smtpd_recipient_restrictions rules #some smtpd_sender_restrictions rules -o content_filter=smtp-amavis:[127.0.0.1]:10024 #filter for external user 26.11.12 23:52, Pascal Volk ?????: > On 11/26/2012 07:58 PM ??????? ???????? wrote: >> message sent from the sieve-vacation does not contain dkim signature >> >> how to configure sieve to send messages via smtp transport with signing? > Configure a submission host: > http://hg.dovecot.org/dovecot-2.1/file/e95479f439aa/doc/example-config/conf.d/15-lda.conf#l20 > > > Regards, > Pascal From stephan at rename-it.nl Mon Nov 26 22:17:54 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Mon, 26 Nov 2012 21:17:54 +0100 Subject: [Dovecot] Vacation messages come from POSTMASTER, not user In-Reply-To: <1ae8ff5c569ca991558585c3071131c2@scss.tcd.ie> References: <1ae8ff5c569ca991558585c3071131c2@scss.tcd.ie> Message-ID: <50B3CE72.3040507@rename-it.nl> On 11/26/2012 6:31 PM, cfowler wrote: > Problem : All vacation autoreplies come from the postmaster address. > Expected behavior : vacation notice comes from the user who set the > vacation. > Platform : Dovecot 2.1.7 on Debian Squeeze ( See below for example > reply, sieve script and dovecot -n output) > > Any help appreciated! This should fix that: http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/b56711807edc Regards, Stephan. From stephan at rename-it.nl Mon Nov 26 22:28:05 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Mon, 26 Nov 2012 21:28:05 +0100 Subject: [Dovecot] Vacation messages come from POSTMASTER, not user In-Reply-To: <20121126175935.GF76138@anubis.morrow.me.uk> References: <1ae8ff5c569ca991558585c3071131c2@scss.tcd.ie> <20121126175935.GF76138@anubis.morrow.me.uk> Message-ID: <50B3D0D5.30302@rename-it.nl> On 11/26/2012 6:59 PM, Ben Morrow wrote: > At 5PM +0000 on 26/11/12 you (cfowler) wrote: > This setting turns that check off, in which case Pigeonhole > will send a vacation response (despite the standard) but sends it from > Postmaster. Actually, this shouldn't have happened. Originally, it would only use 'Postmaster' when the recipient address is unknown, but that situation would never occur. With the addition of the dont_check_recipient setting, this got changed unintentionally. > I assume this is done for privacy reasons, since the person > the vacation response is being sent to doesn't necessarily know the user > who set the vacation exists, or what their address might be. Interesting notion, but the real reason is of a more stupid nature as explained above. :) Do you think this is something people would want to configure? Since this particular feature deviates from the standard to begin with, nothing is specified about what should be done. I think the added anonymity would often be useless, because the content of the vacation message can contain all sorts of information on the recipient, including the mail address, e.g. in the signature. > If you send a message with the user's email address in To:, do you get a > vacation response From: the correct address? Since the recipient check is not performed, the recipient address used for the reply remained NULL and the reply code would revert to Postmaster at all times. This is fixed now. Regards, Stephan. From CMarcus at Media-Brokers.com Mon Nov 26 22:33:25 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Mon, 26 Nov 2012 15:33:25 -0500 Subject: [Dovecot] sieve + dkim In-Reply-To: <50B3CD64.2090409@theitidea.ru> References: <50B3BBD6.5050302@theitidea.ru> <50B3C88C.908@localhost.localdomain.org> <50B3CD64.2090409@theitidea.ru> Message-ID: <50B3D215.2060806@Media-Brokers.com> You do know that inline comments as you have below are not supported in postfix config files and WILL cause unexpected behavior depending on where they are and what they contain, right? On 2012-11-26 3:13 PM, ??????? ???????? <klimenko.n at theitidea.ru> wrote: > thx for answer > > i use 1.x > I found the solution > > in main.cf > content_filter=smtp-amavis:[127.0.0.1]:10026 #filter with dkim > > and in master.cf > public_ip_external_user:smtp inet n - - > - - smtpd > #some smtpd_recipient_restrictions rules > #some smtpd_sender_restrictions rules > -o content_filter=smtp-amavis:[127.0.0.1]:10024 #filter for > external user > > > 26.11.12 23:52, Pascal Volk ?????: >> On 11/26/2012 07:58 PM ??????? ???????? wrote: >>> message sent from the sieve-vacation does not contain dkim signature >>> >>> how to configure sieve to send messages via smtp transport with >>> signing? >> Configure a submission host: >> http://hg.dovecot.org/dovecot-2.1/file/e95479f439aa/doc/example-config/conf.d/15-lda.conf#l20 >> >> >> >> Regards, >> Pascal > > -- Best regards, Charles Marcus I.T. Director Media Brokers International, Inc. 678.514.6200 x224 | 678.514.6299 fax From klimenko.n at theitidea.ru Mon Nov 26 22:41:19 2012 From: klimenko.n at theitidea.ru (=?UTF-8?B?0J3QuNC60L7Qu9Cw0Lkg0JrQu9C40LzQtdC90LrQvg==?=) Date: Tue, 27 Nov 2012 00:41:19 +0400 Subject: [Dovecot] sieve + dkim In-Reply-To: <50B3D215.2060806@Media-Brokers.com> References: <50B3BBD6.5050302@theitidea.ru> <50B3C88C.908@localhost.localdomain.org> <50B3CD64.2090409@theitidea.ru> <50B3D215.2060806@Media-Brokers.com> Message-ID: <50B3D3EF.5060005@theitidea.ru> yes of course this is only remarks for easily understanding 27.11.12 0:33, Charles Marcus ?????: > You do know that inline comments as you have below are not supported > in postfix config files and WILL cause unexpected behavior depending > on where they are and what they contain, right? > > On 2012-11-26 3:13 PM, ??????? ???????? <klimenko.n at theitidea.ru> wrote: >> thx for answer >> >> i use 1.x >> I found the solution >> >> in main.cf >> content_filter=smtp-amavis:[127.0.0.1]:10026 #filter with dkim >> >> and in master.cf >> public_ip_external_user:smtp inet n - - >> - - smtpd >> #some smtpd_recipient_restrictions rules >> #some smtpd_sender_restrictions rules >> -o content_filter=smtp-amavis:[127.0.0.1]:10024 #filter for >> external user >> >> >> 26.11.12 23:52, Pascal Volk ?????: >>> On 11/26/2012 07:58 PM ??????? ???????? wrote: >>>> message sent from the sieve-vacation does not contain dkim signature >>>> >>>> how to configure sieve to send messages via smtp transport with >>>> signing? >>> Configure a submission host: >>> http://hg.dovecot.org/dovecot-2.1/file/e95479f439aa/doc/example-config/conf.d/15-lda.conf#l20 >>> >>> >>> >>> Regards, >>> Pascal >> >> From trusktr at gmail.com Mon Nov 26 22:59:12 2012 From: trusktr at gmail.com (/#!/JoePea) Date: Mon, 26 Nov 2012 12:59:12 -0800 Subject: [Dovecot] Dovecot sieve with postfix. In-Reply-To: <20121126115235.GC76138@anubis.morrow.me.uk> References: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> <20121119164753.GK94077@anubis.morrow.me.uk> <CAKU1PAUj2gR5PGqWK8TZEOCQn3tYDgE69NrFWbB5bmL=y56qYw@mail.gmail.com> <20121126115235.GC76138@anubis.morrow.me.uk> Message-ID: <CAKU1PAXy2P0u+qvi7_k9MygZ_QLd2=zJ9Xeck3B6WdOCYoEZMA@mail.gmail.com> Hi Ben, Indeed, the mailq command shows my test messages sitting there with "mail transport unavailable". > ??[11:48:22/hypership/root/~] > ??? mailq > -Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient------- > 2DCCB580C01 1901 Mon Nov 26 11:45:02 trusktr at gmail.com > (mail transport > unavailable) > trusktr at bettafootwear.com > > B1449580C03 1895 Mon Nov 26 11:48:41 trusktr at gmail.com > (mail transport > unavailable) > trusktr at bettafootwear.com > > -- 5 Kbytes in 2 Requests. > I checked in /etc/syslog-ng/syslog-ng.conf and it shows destination d_mail { file("/var/log/mail.log"); }; but there is no such mail.log file so I created one. I logged in as mailman by doing su -s /bin/bash mailman then ran /usr/lib/dovecot/dovecot-lda -f trusktr at gmail.com -d trusktr at bettafootwear.com </home/mailman/test_msg.txt where /home/mailman/test_msg.txt contains a plain text sentence. After doing that, mailq shows the new messages, but with the same "mail transport unavailable" message. However, in Roundcube I see a new blank message with no subject for each attempt of the dovecot-lda command. Also, the after running the dovecot-lda command a few times, I noticed it was saying that the log files weren't writable (permission denied), so I fixed that... However, that doesn't seem to have fixed the problem as test emails from gmail still don't appear in Roundcube, but I see them with mailq with "mail transport unavailable". I'll skip setting up LMTP until I get it working with LDA so I know what I'm doing before getting into more complications. */#!/*JoePea On Mon, Nov 26, 2012 at 3:52 AM, Ben Morrow <ben at morrow.me.uk> wrote: > At 2AM -0800 on 26/11/12 you (/#!/JoePea) wrote: > > Hi, thanks for the reply. I'm new to all this. How can I tell if postfix > is > > deferring messages, or if it thinks they've been delieverd? Where is the > > postfix log? > > You can tell if a message is still in the queue with 'mailq'. You can > find out why by reading the log. If messages are being deferred they > will eventually start bouncing, once Postfix decides they've spent too > long in the queue. > > Postfix normally logs through the 'mail' facility of syslog. > > > How do I feed a message to dovecot-lda manually, as mailman? > > Something along the lines of > > sudo -u mailman /usr/lib/dovecot/dovecot-lda -f some at user > -d some at user </some/mail/message > > as root should work, depending on your sudo setup. Otherwise you will > need to use su, which can be more awkward. > > > How do I use LMTP instead of LDA? > > Read the wiki for the Dovecot end, and use > > virtual_transport = lmtp:unix:/path/to/lmtp/socket > > on the Postfix end. You will want to test the LMTP server is working > manually (with nc -U or something) before trying to get Postfix to > deliver to it. > > Ben > > From stan at hardwarefreak.com Mon Nov 26 23:15:42 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Mon, 26 Nov 2012 15:15:42 -0600 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <50B3C9F3.6070709@1stwebdesigns.com> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> <50A0DA65.9080503@1stwebdesigns.com> <50AE15E8.7050400@hardwarefreak.com> <50AE9880.7040405@1stwebdesigns.com> <50AF12A4.7060201@hardwarefreak.com> <50AF5FA6.5070500@1stwebdesigns.com> <50AFE3B3.2020408@hardwarefreak.com> <50B3C9F3.6070709@1stwebdesigns.com> Message-ID: <50B3DBFE.1090400@hardwarefreak.com> On 11/26/2012 1:58 PM, 1st WebDesigns wrote: > >> So this is a step in the right direction. But still far less than >> optimal. The read/write lock contention on mbox is unnecessarily eating >> up system resources (mainly memory), and causing unnecessary delivery >> delays to the mailbox. You should really start looking at migrating to >> maildir. It's not that difficult (though maybe more so with 1.0.7) if >> you don't have a ton of mailboxes, and especially with POP since the >> mailboxes typically wont be holding much mail to migrate. How many do >> you have? > > There's around four hundred mail boxes or so. Some used more > intensively than others. There are methods to convert one mailbox at a time, groups of mailboxes, or all mailboxes in one fell swoop in a batch mode. I'm uncertain WRT the status of the tools in 1.0.7, but given the age of that release you may avoid problems by upgrading to Dovecot 1.2.x or later before doing the conversion. If you attempt the conversion on 1.0.7 and hit snags, this mailing list may not be of much help as nobody has used 1.0.7 for years. You may want to post a new thread asking Timo about such a conversion with 1.0.7. He doesn't seem to be paying attention to this thread. >>> Our server is with Rackspace, and RHEL5 is the OS they offered us as an >>> upgrade path from RHEL4. So they're getting the support from Red Hat >>> and we're getting the support from Rackspace. >> >> The plot thickens again. You're using a rented server. Sigh... >> >> This entire thread could have been greatly shortened, saving all of us >> much time, if you'd have given all these details up front. >> >> Is this a cloud server (shared host), or a dedicated server? > > It's a dedicated server > >> >> FWIW, you don't have RHEL5, but CentOS 5. Hosting companies don't pay >> for RHEL licenses for 10s of thousands of hosts. > > It's RHEL5: > > $cat /etc/issue > Red Hat Enterprise Linux Server release 5.8 (Tikanga) > > The cost of the license is included in our contract. Now that's interesting. >> >> I have a few salient recommendations for you: >> >> 1. Migrate to maildir. It is far more appropriate for a POP workload. > > Yes, this will be our next course of action > >> 2. Switch to a hosting provider that offers much more recent software. > > We can upgrade the software if we wish, but will no longer get full > support from Rackspace if we do this. And you consider this a net loss? If you're that dependent on your provider's tit, find one that can suckle you on RHEL 6.3. Or buy your copy/license directly from Red Hat and get support directly from them. >> 3. Or, get a colo server so you can use whatever software you wish. > > We can install whatever software we wish at the moment, but see the > point above. See my point above. And WRT Dovecot and most other application software, you'll get better support from the community than your bulk hosting provider anyway. Their primary business is making $$ from providing you a host and a pipe. Customer support is a cost, especially application support, not a profit center, and thus is almost always a secondary concern at best. Red Hat's entire business model is customer support, same for SuSE. >> Finally, if this email service you're providing isn't all that critical >> to you or your organization, simply prod along as you have been, >> fighting these problems frequently along the way. > > It's kind of working ok now but we will go with your recommendation of > switching to maildir when we have time. Thanks for your help As I said, you can migrate users individually. You could easily do 10 users a day during coffee breaks etc and be done in a month plus. Do 40 a day and you're done in 10 days. The only time you'll burn is in the learning curve, not the actual mailbox migration which takes no time at all with POP accounts. Always test with a dummy mailbox first to iron out any issues. Then start migrating the problem users first, the smart phone users who tie up their mailboxes for many minutes during download. -- Stan From trusktr at gmail.com Mon Nov 26 23:15:56 2012 From: trusktr at gmail.com (/#!/JoePea) Date: Mon, 26 Nov 2012 13:15:56 -0800 Subject: [Dovecot] Dovecot sieve with postfix. In-Reply-To: <50B3C265.5060409@theitidea.ru> References: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> <50AA66A5.4050702@fi4it.de> <50B3C265.5060409@theitidea.ru> Message-ID: <CAKU1PAVGcAMwPPENVoN8t23zhd5xehKQ2tSB-=4SPVOwT3dNEA@mail.gmail.com> Hi, thanks for the reply, What's the difference between dovecot-lda and deliver? Are they the same? The manpages are identical. I tried both and I also tried adding the -a ${recipient} argument but there was no change. It still doesn't work. Any other ideas? */#!/*JoePea On Mon, Nov 26, 2012 at 11:26 AM, ??????? ???????? <klimenko.n at theitidea.ru>wrote: > may be this is the best way > > > dovecot unix - n n - - pipe > flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} > -d ${recipient} -a ${recipient} > > parameter-a $ {recipient} > allow to keep the recipient's address in the headers "from:" > > > 19.11.12 21:04, Fi4IT - Daniel Fischer ?????: > > Hello Joe, >> >> i use this: >> main.cf >> virtual_transport = dovecot >> >> master.cf >> dovecot unix - n n - - pipe >> flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} >> -d ${recipient} >> >> /etc/dovecot/conf.d/15-lda.**conf >> protocol lda { >> log_path = /var/log/sieve.log >> mail_plugins = acl sieve >> } >> >> and that works fine with my tested clients (tb,outlook,roundcube) >> >> daniel >> >> Am 19.11.2012 15:17, schrieb /#!/JoePea: >> >>> Hi all, >>> >>> I can't get dovecot working with postfix. If I leave virtual_transport >>> set >>> to "virtual", I can send and receive messages just fine in roundcube. If >>> I >>> set virtual_transport to "dovecot", I can only send messages in >>> roundcube, >>> but incoming messages never arrive. Seems I can't get dovecot-lda to >>> work. >>> I need dovecot-lda in order for sieve filters to work. >>> >>> Any idea what I'm doing wrong? >>> >>> Here's `doveconf -n`: >>> http://pastie.org/5401133 >>> >>> `postconf -n`: >>> http://pastie.org/5401157 >>> >>> and `postconf -M`: >>> http://pastie.org/5401177 >>> >>> Note: All I have to do is change virtual_transport = dovecot to >>> virtual_transport >>> = virtual and all will be fine, except for that I won't have sieve >>> filtering which is what I really want. >>> >>> */#!/*JoePea >>> >>> > From design at 1stwebdesigns.com Mon Nov 26 23:39:18 2012 From: design at 1stwebdesigns.com (1st WebDesigns) Date: Mon, 26 Nov 2012 21:39:18 +0000 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <50B3DBFE.1090400@hardwarefreak.com> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> <50A0DA65.9080503@1stwebdesigns.com> <50AE15E8.7050400@hardwarefreak.com> <50AE9880.7040405@1stwebdesigns.com> <50AF12A4.7060201@hardwarefreak.com> <50AF5FA6.5070500@1stwebdesigns.com> <50AFE3B3.2020408@hardwarefreak.com> <50B3C9F3.6070709@1stwebdesigns.com> <50B3DBFE.1090400@hardwarefreak.com> Message-ID: <50B3E186.2040501@1stwebdesigns.com> Thanks, all your comments are noted. > As I said, you can migrate users individually. You could easily do 10 > users a day during coffee breaks etc and be done in a month plus. Do 40 > a day and you're done in 10 days. The only time you'll burn is in the > learning curve, not the actual mailbox migration which takes no time at > all with POP accounts. That's interesting, as I (wrongly) assumed switching from mbox to maildir was an all or nothing process. You're saying we can run half the mailboxes in mbox format and the other half in maildir format? In which case we can get going with this sooner than I thought. > > Always test with a dummy mailbox first to iron out any issues. Then > start migrating the problem users first, the smart phone users who tie > up their mailboxes for many minutes during download. > Thank you - I would probably start with the CEO's mailbox first and then go from there >:-D From ben at morrow.me.uk Tue Nov 27 00:14:59 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Mon, 26 Nov 2012 22:14:59 +0000 Subject: [Dovecot] Vacation messages come from POSTMASTER, not user In-Reply-To: <5fa7ee2d078f950032e1147105f2b61a@scss.tcd.ie> References: <1ae8ff5c569ca991558585c3071131c2@scss.tcd.ie> <20121126175935.GF76138@anubis.morrow.me.uk> <5fa7ee2d078f950032e1147105f2b61a@scss.tcd.ie> Message-ID: <20121126221458.GG76138@anubis.morrow.me.uk> At 6PM +0000 on 26/11/12 you (cfowler) wrote: > On 26-11-2012 17:59, Ben Morrow wrote: > > At 5PM +0000 on 26/11/12 you (cfowler) wrote: > >> Problem : All vacation autoreplies come from the postmaster address. > >> Expected behavior : vacation notice comes from the user who set the > >> vacation. > >> Platform : Dovecot 2.1.7 on Debian Squeeze ( See below for example > >> reply, sieve script and dovecot -n output) > > <snip> > > > >> sieve_vacation_dont_check_recipient = yes > > > > Why have you set this? Normally vacation will refuse to respond to a > > message which doesn't have your address in one of the recipient > > header fields; in fact the standard says that it MUST NOT respond > > unless this is the case. (Stephan has explained that I am wrong here: that's what comes from reading the code rather than running it...) > This feature is the reason I've upgraded to 2.1.7 from 1.2.15 > > Our users have addresses like bmorrow at foo.com > We also store aliases for them in LDAP like ben.morrow at foo.com. Postfix > knows of these aliases and accepts mail for them. Most of our users > prefer to hand out this alias as their email address > > Mails to bmorrow at foo.com were receiving vacation auto-replies as you'd > expect in 1.2.15 > Mails to ben.morrow at foo.com were not due to the infamous "discarding > vacation response for message implicitly delivered to bmorrow at foo.com" > message. > > I know the correct behavior is for the users to write a correct sieve > script with an addresses: line, but that's not going to happen > unfortunately. The users just want "Push button to make vacation go". I see... this is a little tricky, yes, and I think you're right this is the only straightforward solution at the moment. You do want to be a little careful about enabling this, though: the restriction is there in the standard to prevent automated replies from being sent for messages to mailing lists and group aliases and such, where the sender does not (and should not) know the list of final delivery addresses, and certainly doesn't want vacation replies from all of them. Since most mailing lists now set the List-* headers (which prevent vacation replies anyway), they should be OK, so this is probably only a problem if you use internal aliases which expand to lists of users. Ideally pigeonhole would take advantage of this paragraph in the standard An email address is considered to belong to the recipient if it is one of: 1. an email address known by the implementation to be associated with the recipient, and allow you to specify a dict in which to lookup a default :addresses list for each recipient. That way you could turn this parameter back off, but instead give Dovecot the information it needs to determine that a message To: <ben.morrow at foo.com> was in fact directly addressed to this user. I wonder how difficult that would be... > > If you send a message with the user's email address in To:, do you > > get a > > vacation response From: the correct address? > > > > No, mails to bmorrow at foo.com also get Postmaster replies. > With 1.2.15 we were at least getting autoreplies from bmorrow at foo.com > when a mail was sent to bmorrow at foo.com. Stephan said xthread that this has now been fixed. Ben From stan at hardwarefreak.com Tue Nov 27 02:27:58 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Mon, 26 Nov 2012 18:27:58 -0600 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <50B3E186.2040501@1stwebdesigns.com> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> <50A0DA65.9080503@1stwebdesigns.com> <50AE15E8.7050400@hardwarefreak.com> <50AE9880.7040405@1stwebdesigns.com> <50AF12A4.7060201@hardwarefreak.com> <50AF5FA6.5070500@1stwebdesigns.com> <50AFE3B3.2020408@hardwarefreak.com> <50B3C9F3.6070709@1stwebdesigns.com> <50B3DBFE.1090400@hardwarefreak.com> <50B3E186.2040501@1stwebdesigns.com> Message-ID: <50B4090E.1090809@hardwarefreak.com> On 11/26/2012 3:39 PM, 1st WebDesigns wrote: > Thanks, all your comments are noted. > >> As I said, you can migrate users individually. You could easily do 10 >> users a day during coffee breaks etc and be done in a month plus. Do 40 >> a day and you're done in 10 days. The only time you'll burn is in the >> learning curve, not the actual mailbox migration which takes no time at >> all with POP accounts. > > That's interesting, as I (wrongly) assumed switching from mbox to > maildir was an all or nothing process. You're saying we can run half > the mailboxes in mbox format and the other half in maildir format? > > In which case we can get going with this sooner than I thought. Yes, this can be done. But if you're using UNIX system user accounts IIRC you'll have to convert to virtual users before you can migrate one user at a time. Virtual user setup is required to change mail_location on a per user basis. With system users mail_location is defined once for all users. Converting to virtual users first makes the process more painful. I've not done such a POP mbox<>maildir migration myself, so hopefully someone who has will chime in. If not start a new thread called "need POP mbox<>maildir migration help" or similar. And again, I wouldn't try any of this with 1.0.7. Upgrade to at least 1.2.x first. >> Always test with a dummy mailbox first to iron out any issues. Then >> start migrating the problem users first, the smart phone users who tie >> up their mailboxes for many minutes during download. >> > > Thank you - I would probably start with the CEO's mailbox first and then > go from there >:-D Start a new thread as I suggested. State your version, current user account type (system or virtual), and post your dovecot -n at the end of the email. You'll get many more helpful suggestions and insight from people who've actually done this migration. -- Stan From tss at iki.fi Tue Nov 27 02:42:20 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 02:42:20 +0200 Subject: [Dovecot] lmtp_rcpt_check_quota working somewhere? In-Reply-To: <alpine.DEB.2.02.1211261658550.3077@pc-2m63nn> References: <alpine.DEB.2.02.1211261658550.3077@pc-2m63nn> Message-ID: <19E4CB4D-7961-49A2-84CD-D0370A0B364A@iki.fi> On 26.11.2012, at 18.07, Steffen Kaiser wrote: > I'm running Dovecot v2.1 and enabled the > > lmtp_rcpt_check_quota > > option in conf.d/20-lmtp.conf, because I just found it in the sample config. > > Is this option working somewhere? > > When I have the option enabled, I get _no_ response in the RCPT TO phase, if the user is under quota. If I go on and enter the DATA keyword eventually, I get "554 5.5.1 No valid recipients", so it looks like, the user is really ignored at all. Fixed: http://hg.dovecot.org/dovecot-2.1/rev/bebe54e1d640 From tss at iki.fi Tue Nov 27 03:00:29 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 03:00:29 +0200 Subject: [Dovecot] shared mailboxes and indexes In-Reply-To: <099qpni2j8v8@mids.svenhartge.de> References: <50A61147.5040201@um.es> <14BDCFB7-B11E-4D4A-95AD-5BB92085DB91@iki.fi> <50AF5D9C.7050204@skye.it> <7DEEDB49-0441-4194-911D-6B5E4E5ADCD1@iki.fi> <099qpni2j8v8@mids.svenhartge.de> Message-ID: <4FC65E25-4154-4F8E-A1DB-D4BD7A900A98@iki.fi> On 23.11.2012, at 17.53, Sven Hartge wrote: >>>> BTW. Do you have multiple Dovecot backend servers? Director works >>>> only when you're not using shared mailboxes.. > >> You can't reliably do it if the mailboxes are accessed directly via >> NFS. The current idea to solve this is to use imapc backend with >> master users, so the actual mailbox access for each user is always >> done by only one server. I think someone already managed to configure >> such a setup. > > This was me. > > It works (with one minor quirk, more on this later) in my current test > setup like so: > > a) 1 to X user-servers with the users mailboxes on them > b) 1 shared-server with the shared mailboxes on them For implementing shared mailboxes between all user servers, I think what would need to be developed is: > imapc_host = m-st-sh-01.example.com > imapc_master_user = %u > imapc_user = shared Somehow being able to set "imapc_user = %%u" where %%u expands to the shared namespace's username. Or maybe setting the imapc_user automatically to that when accessing it via type=shared namespace. > Note: You CANNOT have ACLs activated on the users-servers, because this > will interfere with the permissions of ht IMAPShared namespace, > rendering the mailboxes located in there unavailable for your users. And some way to disable ACLs for shared namespaces that use imapc. Not sure what would be a nice way of doing this. The attached patch contains these two changes. The first one I could commit immediately. The second one probably would need to be configurable somehow (maybe a generic disable_acls=yes setting for namespace?) -------------- next part -------------- A non-text attachment was scrubbed... Name: diff Type: application/octet-stream Size: 1148 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121127/1d852c4f/attachment.obj> -------------- next part -------------- > Now the mentioned quirk: Because all connections on the shared-server > are made to the same user "shared" and are coming from very few IPs > (the 1 to X user-servers), you need to set a very high > mail_max_userip_connections value. > > I set mine to 1000 just to be sure. > > ---> But: I have NOT configured login_trusted_networks, so this may be > my error in that case. I don't think that setting helps. From tss at iki.fi Tue Nov 27 03:01:23 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 03:01:23 +0200 Subject: [Dovecot] shared mailboxes and indexes In-Reply-To: <4FC65E25-4154-4F8E-A1DB-D4BD7A900A98@iki.fi> References: <50A61147.5040201@um.es> <14BDCFB7-B11E-4D4A-95AD-5BB92085DB91@iki.fi> <50AF5D9C.7050204@skye.it> <7DEEDB49-0441-4194-911D-6B5E4E5ADCD1@iki.fi> <099qpni2j8v8@mids.svenhartge.de> <4FC65E25-4154-4F8E-A1DB-D4BD7A900A98@iki.fi> Message-ID: <EACB2A56-A9B7-4F4E-8BAB-97ADC617678D@iki.fi> On 27.11.2012, at 3.00, Timo Sirainen wrote: >> Now the mentioned quirk: Because all connections on the shared-server >> are made to the same user "shared" and are coming from very few IPs >> (the 1 to X user-servers), you need to set a very high >> mail_max_userip_connections value. >> >> I set mine to 1000 just to be sure. >> >> ---> But: I have NOT configured login_trusted_networks, so this may be >> my error in that case. > > I don't think that setting helps. But something like this should help: remote 10.0.0.0/8 { mail_max_userip_connections = 0 } From tss at iki.fi Tue Nov 27 03:04:07 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 03:04:07 +0200 Subject: [Dovecot] Default fallback behaviour In-Reply-To: <CANYsE-wYxa1hf=Z4Kom5pTWoFji_aqMous9Gty_zBNhynnzkAA@mail.gmail.com> References: <CANYsE-wYxa1hf=Z4Kom5pTWoFji_aqMous9Gty_zBNhynnzkAA@mail.gmail.com> Message-ID: <B4D76870-723B-414E-8DCB-9F4595F5A42F@iki.fi> On 23.11.2012, at 9.46, Nikita Koshikov wrote: > Hello list, > > Here is the problem: > I have few: > passdb { > #1 > } > passdb { > #2 > } > And relative userdb sections. If user not found in 1) section it fallbacks > to next one - it's expected and right, IMHO. But when the user exists in > both section and password verification fails on 1) database it successfully > authenticated on next one. I think this behaviour should be configured. The > main goal of 1) section for this server is to overwrite users in main > (section2) database. It's not always possible to know why #1 failed. For example PAM doesn't always tell if the password was wrong or if the user didn't exist. > Maybe I missed something and this option is already in dovecot code and I > can't find it ? Or if not - will it be added in the future ? I'm not very interested in adding it, especially because it can't be done reliably. From tss at iki.fi Tue Nov 27 03:09:06 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 03:09:06 +0200 Subject: [Dovecot] Folder layout after Cyrus to Dovecot migration In-Reply-To: <20121123115405.5224b630@kae.tiger-computing.wbp> References: <20121116093329.045f4585@kae.tiger-computing.wbp> <20121123115405.5224b630@kae.tiger-computing.wbp> Message-ID: <B5E1E1EB-3B7B-4334-99CE-79E2B5DE5CD2@iki.fi> On 23.11.2012, at 13.54, Keith Edmunds wrote: > Problem: We have some folders (eg, Trash) appearing both as sibling folders > to INBOX and as subfolders to INBOX. We want them only to appear at the > sibling level. You're breaking all the assumptions that IMAP clients can make about mailbox names and namespaces. Bad idea, don't do it. From tss at iki.fi Tue Nov 27 03:17:00 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 03:17:00 +0200 Subject: [Dovecot] Plugin help, number of messages in mailbox In-Reply-To: <E1F02117-7120-4920-9807-4295BD5732A5@tucows.com> References: <E1F02117-7120-4920-9807-4295BD5732A5@tucows.com> Message-ID: <E0CA4C97-9FFB-4497-ADA4-EE35B4818222@iki.fi> On 22.11.2012, at 17.06, Richard Platel wrote: > We use Dovecot for IMAP and POP (but not LDA), we want to do something when a user has an INBOX that becomes empty, or becomes not empty (set a flag in memcached, but that's not really important). > > I'm writing a plugin (for Dovecot 2.1.7). On mailbox_open() I can use mailbox_get_status() to get a count of messages in the mailbox, and then decrement this in expunge() or increment it in mailbox save_finish() (for IMAP APPEND or COPY commands). So all mailbox access goes through Dovecot. Nothing else changes the underlying storage directly? > However in expunge() and mailbox_save_finish, even after calling the super function, mailbox_get_status doesn't update the number of messages in the mailbox. You'll get the updated count only after mailbox_sync_deinit(). > This is a problem if (for example) there are concurrent POP sessions. Two POP sessions could get all the messages in INBOX, one could logout, calling expunge a few times, eventually causing my plugin to note that the inbox is empty, then our LDA could deliver a message, mark the INBOX not empty, then the other POP session could log out, call expunge and cause my plugin to mark the INBOX empty, when it's not. > > > So in summation: how can a plugin be notified of changes to a mailbox, and then accurately get the real number of messages in that mailbox? I think if you hook into sync_deinit() and use a local lock file while you send the notification it would probably be race-free. From tss at iki.fi Tue Nov 27 03:18:03 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 03:18:03 +0200 Subject: [Dovecot] Filesystem quotas In-Reply-To: <50AD10BF.8040500@cs.ucy.ac.cy> References: <50AD10BF.8040500@cs.ucy.ac.cy> Message-ID: <47CD6D34-3EAB-47FB-9B2D-7A29B2BD15C5@iki.fi> On 21.11.2012, at 19.34, Andreas Kasenides wrote: > I could not determine if when using filesystem quotas (http://wiki2.dovecot.org/Quota/FS) > Dovecot will use the reported quota and limits without the need of configuring them > via "quota_rules". Is this possible somehow? Such a feature would determine the quota limits > automatically from the filesystem quotas thereby allowing to make use of them in quota warnings. > Dovecot already knows the quota settings and limits. Here is evidence from the logs > >> Nov 21 19:24:22 iolaos dovecot: imap(user): Debug: box=/Mail/ank mount=/newmail match=yes >> Nov 21 19:24:22 iolaos dovecot: imap(user): Debug: quota-fs: host=xxxx.xxxx.ucy.xx.cy, path=/mail, uid=211, bytes >> Nov 21 19:24:22 iolaos dovecot: imap(user): Debug: quota-fs: uid=211, value=2779115520, limit=8388608000 > I am using (testing) version 2.2alpha1. With fs quota Dovecot itself doesn't enforce any limits, and the limits are read from the filesystem. So quota_rules are ignored. From sven at svenhartge.de Tue Nov 27 03:24:57 2012 From: sven at svenhartge.de (Sven Hartge) Date: Tue, 27 Nov 2012 02:24:57 +0100 Subject: [Dovecot] shared mailboxes and indexes References: <50A61147.5040201@um.es> <14BDCFB7-B11E-4D4A-95AD-5BB92085DB91@iki.fi> <50AF5D9C.7050204@skye.it> <7DEEDB49-0441-4194-911D-6B5E4E5ADCD1@iki.fi> <099qpni2j8v8@mids.svenhartge.de> <4FC65E25-4154-4F8E-A1DB-D4BD7A900A98@iki.fi> Message-ID: <b9a3pg22j8v8@mids.svenhartge.de> Timo Sirainen <tss at iki.fi> wrote: > On 23.11.2012, at 17.53, Sven Hartge wrote: >>>>> BTW. Do you have multiple Dovecot backend servers? Director works >>>>> only when you're not using shared mailboxes.. >> >>> You can't reliably do it if the mailboxes are accessed directly via >>> NFS. The current idea to solve this is to use imapc backend with >>> master users, so the actual mailbox access for each user is always >>> done by only one server. I think someone already managed to >>> configure such a setup. >> >> This was me. >> >> It works (with one minor quirk, more on this later) in my current >> test setup like so: >> >> a) 1 to X user-servers with the users mailboxes on them >> b) 1 shared-server with the shared mailboxes on them > For implementing shared mailboxes between all user servers, I think > what would need to be developed is: >> imapc_host = m-st-sh-01.example.com >> imapc_master_user = %u >> imapc_user = shared > Somehow being able to set "imapc_user = %%u" where %%u expands to the > shared namespace's username. Or maybe setting the imapc_user > automatically to that when accessing it via type=shared namespace. Wouldn't you still need the target users host because this will be dynamic depending on the target user? Gr??e, Sven. -- Sigmentation fault. Core dumped. From tss at iki.fi Tue Nov 27 03:50:38 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 03:50:38 +0200 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <50A8F688.2040802@gei.de> References: <50A8F688.2040802@gei.de> Message-ID: <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> On 18.11.2012, at 16.54, Robert Str?tgen wrote: > Nov 18, 2012 2:59:09 PM org.apache.solr.common.SolrException log > SEVERE: org.apache.solr.common.SolrException: Invalid UTF-8 start byte > 0xfc (at char #25214836, byte #26687495) Annoying. I guess these fix it: http://hg.dovecot.org/dovecot-2.1/rev/172295f5a78b http://hg.dovecot.org/dovecot-2.1/rev/01550514f189 http://hg.dovecot.org/dovecot-2.1/rev/339e654f371e From tss at iki.fi Tue Nov 27 03:53:53 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 03:53:53 +0200 Subject: [Dovecot] fs_flush_file_handle_cache_dir: rmdir(/var/mail) AGAIN In-Reply-To: <50AA3BF3.6060802@mathcs.emory.edu> References: <50AA3BF3.6060802@mathcs.emory.edu> Message-ID: <5D64E8C8-813C-4FD0-8FCE-409DE51EECDC@iki.fi> On 19.11.2012, at 16.02, Ken Mandelberg wrote: > We are running Dovecot 2.0.12. It runs on only one server and /var/mail is local where all the INBOX's are stored. Users other IMAP folders are NFS mounted on the server. > > We see frequent > > Error: nfs_flush_file_handle_cache_dir: rmdir(/var/mail) failed: Device busy > > I know this error message has been around a long time. Should we still be seeing it on 2.0.12 with a local /var/mail. Perhaps the message is misleading and really complaining about folders other than INBOX that are NFS mounted. > > Our config has > > dovecot.conf:mail_nfs_index = no > dovecot.conf:mail_nfs_storage = yes With just one Dovecot server you don't need mail_nfs_storage=yes setting. Just set it to "no" and the error disappears. > Also, does the flush error messages have any real consequences? My understanding is that the rmdir is meant to fail, just to force a flush. Yeah, nothing breaks, just extra logging. From tss at iki.fi Tue Nov 27 03:55:33 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 03:55:33 +0200 Subject: [Dovecot] shared mailboxes and indexes In-Reply-To: <b9a3pg22j8v8@mids.svenhartge.de> References: <50A61147.5040201@um.es> <14BDCFB7-B11E-4D4A-95AD-5BB92085DB91@iki.fi> <50AF5D9C.7050204@skye.it> <7DEEDB49-0441-4194-911D-6B5E4E5ADCD1@iki.fi> <099qpni2j8v8@mids.svenhartge.de> <4FC65E25-4154-4F8E-A1DB-D4BD7A900A98@iki.fi> <b9a3pg22j8v8@mids.svenhartge.de> Message-ID: <2B57036A-34C8-45C2-9479-839BA095450D@iki.fi> On 27.11.2012, at 3.24, Sven Hartge wrote: >> For implementing shared mailboxes between all user servers, I think >> what would need to be developed is: > >>> imapc_host = m-st-sh-01.example.com >>> imapc_master_user = %u >>> imapc_user = shared > >> Somehow being able to set "imapc_user = %%u" where %%u expands to the >> shared namespace's username. Or maybe setting the imapc_user >> automatically to that when accessing it via type=shared namespace. > > Wouldn't you still need the target users host because this will be > dynamic depending on the target user? imapc_host = director Also the database of which users have mailboxes shared to others would need to be something that all the servers can access. Either via NFS or with SQL backend. From tss at iki.fi Tue Nov 27 06:29:24 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 06:29:24 +0200 Subject: [Dovecot] Dovecot director doveadm with switch "-A" error In-Reply-To: <453DDEEC-1372-40D2-ADD5-00F56904C52A@uib.es> References: <453DDEEC-1372-40D2-ADD5-00F56904C52A@uib.es> Message-ID: <B528BA8C-9575-4C3C-B154-F243252B4B6F@iki.fi> On 21.11.2012, at 15.05, Ramon Frontera wrote: > we have a problem with our director proxy configuration. > When we run on proxy server the doveadm command with -A switch, fails with the error: > > # doveadm -D quota get -A > doveadm(user1): Debug: auth input: user=user1 proxy starttls=any-cert > doveadm(user1): Error: Proxy is missing destination host > doveadm: Error: Failed to iterate through some users Well, I fixed various bugs in doveadm code related to this: http://hg.dovecot.org/dovecot-2.1/rev/6f19c535110e http://hg.dovecot.org/dovecot-2.1/rev/275a57b8dc70 http://hg.dovecot.org/dovecot-2.1/rev/0dc3f56e6468 http://hg.dovecot.org/dovecot-2.1/rev/fdc509644d05 But I don't think they fix your specific issue. It looks as if doveadm is connecting to auth process directly instead of director.. Do: strace -s 1000 -o log doveadm quota get -A and send me the log? Note that the log contains the doveadm_password in the base64 strings. From dmiller at amfes.com Tue Nov 27 06:51:04 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Mon, 26 Nov 2012 20:51:04 -0800 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> Message-ID: <assp.1678966eea.50B446B8.6070701@amfes.com> On 11/26/2012 5:50 PM, Timo Sirainen wrote: > On 18.11.2012, at 16.54, Robert Str?tgen wrote: > >> Nov 18, 2012 2:59:09 PM org.apache.solr.common.SolrException log >> SEVERE: org.apache.solr.common.SolrException: Invalid UTF-8 start byte >> 0xfc (at char #25214836, byte #26687495) > Annoying. I guess these fix it: > > http://hg.dovecot.org/dovecot-2.1/rev/172295f5a78b > http://hg.dovecot.org/dovecot-2.1/rev/01550514f189 > http://hg.dovecot.org/dovecot-2.1/rev/339e654f371e > These patches have improved fts for me - but I still have errors like: Nov 26 20:49:29 bubba dovecot: indexer-worker(dmiller at amfes.com): Panic: file solr-connection.c: line 547 (solr_connection_post_more): assertion failed: (maxfd >= 0) Nov 26 20:49:29 bubba dovecot: indexer-worker(dmiller at amfes.com): Error: Raw backtrace: /usr/local/lib/dovecot/libdovecot.so.0(+0x45cea) [0x7f0c66c33cea] -> /usr/local/lib/dovecot/libdovecot.so.0(+0x45d2e) [0x7f0c66c33d2e] -> /usr/local/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f0c66c07d10] -> /usr/local/lib/dovecot/lib21_fts_solr_plugin.so(+0x6de5) [0x7f0c653a6de5] -> /usr/local/lib/dovecot/lib21_fts_solr_plugin.so(+0x3867) [0x7f0c653a3867] -> /usr/local/lib/dovecot/lib20_fts_plugin.so(fts_build_mail+0x53b) [0x7f0c655b2b2b] -> /usr/local/lib/dovecot/lib20_fts_plugin.so(+0xc530) [0x7f0c655b7530] -> dovecot/indexer-worker [dmiller at amfes.com Archives/2010 - 7000/7266]() [0x402326] -> dovecot/indexer-worker [dmiller at amfes.com Archives/2010 - 7000/7266]() [0x4026cc] -> /usr/local/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x36) [0x7f0c66c40b76] -> /usr/local/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xa7) [0x7f0c66c419c7] -> /usr/local/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7f0c66c406b8] -> /usr/local/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f0c66c2c203] -> dovecot/indexer-worker [dmiller at amfes.com Archives/2010 - 7000/7266](main+0x10a) [0x401dfa] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed) [0x7f0c6685276d] -> dovecot/indexer-worker [dmiller at amfes.com Archives/2010 - 7000/7266]() [0x401e9d] The solr log shows: Nov 26, 2012 8:49:29 PM org.apache.solr.common.SolrException log SEVERE: org.apache.solr.common.SolrException: Illegal character ((CTRL-CHAR, code 8)) at [row,col {unknown-source}]: [1011144,197790] -- Daniel From dmiller at amfes.com Tue Nov 27 06:54:56 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Mon, 26 Nov 2012 20:54:56 -0800 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> Message-ID: <assp.16787275b5.50B447A0.3000502@amfes.com> On 11/26/2012 5:50 PM, Timo Sirainen wrote: > On 18.11.2012, at 16.54, Robert Str?tgen wrote: > >> Nov 18, 2012 2:59:09 PM org.apache.solr.common.SolrException log >> SEVERE: org.apache.solr.common.SolrException: Invalid UTF-8 start byte >> 0xfc (at char #25214836, byte #26687495) > Annoying. I guess these fix it: > > http://hg.dovecot.org/dovecot-2.1/rev/172295f5a78b > http://hg.dovecot.org/dovecot-2.1/rev/01550514f189 > http://hg.dovecot.org/dovecot-2.1/rev/339e654f371e > The "waitFlush" option for solr's commit method has been deprecated - and removed completely in the current version. Suggest a change to fts-backend-solr.c: in fts_backend_solr_update_deinit() str = t_strdup_printf("<commit " "waitSearcher=\"%s\"/>", ctx->documents_added ? "true" : "false"); -- Daniel From tss at iki.fi Tue Nov 27 07:50:51 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 07:50:51 +0200 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <assp.1678966eea.50B446B8.6070701@amfes.com> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> <assp.1678966eea.50B446B8.6070701@amfes.com> Message-ID: <4ED5439E-C949-4F63-A01C-15869DA43FBA@iki.fi> On 27.11.2012, at 6.51, Daniel L. Miller wrote: > On 11/26/2012 5:50 PM, Timo Sirainen wrote: >> On 18.11.2012, at 16.54, Robert Str?tgen wrote: >> >>> Nov 18, 2012 2:59:09 PM org.apache.solr.common.SolrException log >>> SEVERE: org.apache.solr.common.SolrException: Invalid UTF-8 start byte >>> 0xfc (at char #25214836, byte #26687495) >> Annoying. I guess these fix it: >> >> http://hg.dovecot.org/dovecot-2.1/rev/172295f5a78b >> http://hg.dovecot.org/dovecot-2.1/rev/01550514f189 >> http://hg.dovecot.org/dovecot-2.1/rev/339e654f371e Ugh. Should have known this was already being done. Reversed the whole thing. > These patches have improved fts for me - but I still have errors like: .. > Nov 26, 2012 8:49:29 PM org.apache.solr.common.SolrException log > SEVERE: org.apache.solr.common.SolrException: Illegal character ((CTRL-CHAR, code 8)) > at [row,col {unknown-source}]: [1011144,197790] Something's wrong. The Solr code was already supposed to catch all of these. From tss at iki.fi Tue Nov 27 08:08:05 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 08:08:05 +0200 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <4ED5439E-C949-4F63-A01C-15869DA43FBA@iki.fi> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> <assp.1678966eea.50B446B8.6070701@amfes.com> <4ED5439E-C949-4F63-A01C-15869DA43FBA@iki.fi> Message-ID: <FD146DEE-48AF-4D3C-B6FB-9C850205A8AC@iki.fi> On 27.11.2012, at 7.50, Timo Sirainen wrote: >> Nov 26, 2012 8:49:29 PM org.apache.solr.common.SolrException log >> SEVERE: org.apache.solr.common.SolrException: Illegal character ((CTRL-CHAR, code 8)) >> at [row,col {unknown-source}]: [1011144,197790] > > Something's wrong. The Solr code was already supposed to catch all of these. http://dovecot.org/tmp/allchars.gz If you send this mail to yourself and index it, does it fail? (Works for me.) From klimenko.n at theitidea.ru Tue Nov 27 08:19:56 2012 From: klimenko.n at theitidea.ru (=?UTF-8?B?0J3QuNC60L7Qu9Cw0Lkg0JrQu9C40LzQtdC90LrQvg==?=) Date: Tue, 27 Nov 2012 10:19:56 +0400 Subject: [Dovecot] Dovecot sieve with postfix. In-Reply-To: <CAKU1PAVGcAMwPPENVoN8t23zhd5xehKQ2tSB-=4SPVOwT3dNEA@mail.gmail.com> References: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> <50AA66A5.4050702@fi4it.de> <50B3C265.5060409@theitidea.ru> <CAKU1PAVGcAMwPPENVoN8t23zhd5xehKQ2tSB-=4SPVOwT3dNEA@mail.gmail.com> Message-ID: <50B45B8C.9010501@theitidea.ru> 1. clear the log 2. Send message 3. show mail.log mail.err you should add following in main.cf dovecot_destination_recipient_limit = 1 27.11.12 1:15, /#!/JoePea ?????: > Hi, thanks for the reply, > What's the difference between dovecot-lda and deliver? Are they the > same? The manpages are identical. I tried both and I also tried adding > the -a ${recipient} argument but there was no change. It still doesn't > work. Any other ideas? > > */#/!//*JoePea > > > On Mon, Nov 26, 2012 at 11:26 AM, ??????? ???????? > <klimenko.n at theitidea.ru <mailto:klimenko.n at theitidea.ru>> wrote: > > may be this is the best way > > > dovecot unix - n n - - pipe > flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f > ${sender} -d ${recipient} -a ${recipient} > > parameter-a $ {recipient} > allow to keep the recipient's address in the headers "from:" > > > 19.11.12 21:04, Fi4IT - Daniel Fischer ?????: > > Hello Joe, > > i use this: > main.cf <http://main.cf> > virtual_transport = dovecot > > master.cf <http://master.cf> > dovecot unix - n n - - pipe > flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f > ${sender} -d ${recipient} > > /etc/dovecot/conf.d/15-lda.conf > protocol lda { > log_path = /var/log/sieve.log > mail_plugins = acl sieve > } > > and that works fine with my tested clients (tb,outlook,roundcube) > > daniel > > Am 19.11.2012 15:17, schrieb /#!/JoePea: > > Hi all, > > I can't get dovecot working with postfix. If I leave > virtual_transport set > to "virtual", I can send and receive messages just fine in > roundcube. If I > set virtual_transport to "dovecot", I can only send > messages in roundcube, > but incoming messages never arrive. Seems I can't get > dovecot-lda to work. > I need dovecot-lda in order for sieve filters to work. > > Any idea what I'm doing wrong? > > Here's `doveconf -n`: > http://pastie.org/5401133 > > `postconf -n`: > http://pastie.org/5401157 > > and `postconf -M`: > http://pastie.org/5401177 > > Note: All I have to do is change virtual_transport = > dovecot to > virtual_transport > = virtual and all will be fine, except for that I won't > have sieve > filtering which is what I really want. > > */#!/*JoePea > > From tss at iki.fi Tue Nov 27 08:39:49 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 08:39:49 +0200 Subject: [Dovecot] memory allocation issues In-Reply-To: <20121126200314.GH62311@corp.sonic.net> References: <20121109004915.GJ70186@corp.sonic.net> <840D1B6B-956A-442C-8550-62EBAD352B73@iki.fi> <20121126200314.GH62311@corp.sonic.net> Message-ID: <6489C384-2930-4AFE-B60D-1A446DADFB95@iki.fi> On 26.11.2012, at 22.03, Kelsey Cummings wrote: >>> auth: Error: malloc: 58012: Cannot allocate memory >>> auth: Error: Unable to allocate memory for mutexes from the region >>> auth: Error: PANIC: Cannot allocate memory >>> auth: passwd(test,1.1.1.1,<8HTlNHzNIQBAjhKC>): unknown user .. >> Memory leak maybe? service auth { vsz_limit } anyway was reached (default 256 MB). > > It is currently set to 768M, I'll go ahead and raise it up to 1G. > Anything I can do to help see if it is a memory leak? Is it really the auth master process that fails? > passdb { > args = imap > driver = pam > } .. > userdb { > driver = passwd > } Both of these lookups should be done by auth-worker processes. So why is it the auth process that complains? Anyway .. if the problem really is auth-worker and this is only a logging problem (I would have expected auth-worker: prefix in log lines), then the solution is simple. Just restart the auth-worker processes every 1000 lookups: service auth-worker { service_count = 1000 } From tss at iki.fi Tue Nov 27 08:45:14 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 08:45:14 +0200 Subject: [Dovecot] memory allocation issues In-Reply-To: <6489C384-2930-4AFE-B60D-1A446DADFB95@iki.fi> References: <20121109004915.GJ70186@corp.sonic.net> <840D1B6B-956A-442C-8550-62EBAD352B73@iki.fi> <20121126200314.GH62311@corp.sonic.net> <6489C384-2930-4AFE-B60D-1A446DADFB95@iki.fi> Message-ID: <DC6AD7F4-163F-4A9E-ADA3-70900E8E1C11@iki.fi> On 27.11.2012, at 8.39, Timo Sirainen wrote: >> userdb { >> driver = passwd >> } > > Both of these lookups should be done by auth-worker processes. So why is it the auth process that complains? Because of a bug in v2.0.16+ :( http://hg.dovecot.org/dovecot-2.1/rev/8e5d9d88e250 As a workaround you can use for existing versions: userdb { driver = passwd args = blocking=yes } From dmalolepszy at optusnet.com.au Tue Nov 27 08:48:23 2012 From: dmalolepszy at optusnet.com.au (Dominic Malolepszy) Date: Tue, 27 Nov 2012 17:48:23 +1100 Subject: [Dovecot] Dovecot IMAP/POP3 auto creating maildir Message-ID: <50B46237.1070204@optusnet.com.au> Hi I have observed that after deleting a mailbox and removing the user from the userdb, immediately accessing the mail account via POP3/IMAP causes Dovecot to auto create an empty mailbox, because the userdb/passdb details are still cached for 10minutes. Is there any option to tell Dovecot POP3/IMAP not to auto create the mailbox if it does not exist? Alternatively and less desirably is there a mechanism for telling Dovecot to expire a userdb/passdb cached entry? Running Dovecot 2.1.9 Dominic From tss at iki.fi Tue Nov 27 09:07:47 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 09:07:47 +0200 Subject: [Dovecot] Dovecot IMAP/POP3 auto creating maildir In-Reply-To: <50B46237.1070204@optusnet.com.au> References: <50B46237.1070204@optusnet.com.au> Message-ID: <50942EFA-4921-4E3D-9161-0D1E92531E44@iki.fi> On 27.11.2012, at 8.48, Dominic Malolepszy wrote: > I have observed that after deleting a mailbox and removing the user from the userdb, immediately accessing the mail account via POP3/IMAP causes Dovecot to auto create an empty mailbox, because the userdb/passdb details are still cached for 10minutes. Is there any option to tell Dovecot POP3/IMAP not to auto create the mailbox if it does not exist? Change the parent directory permissions so that the mkdir() fails. > Alternatively and less desirably is there a mechanism for telling Dovecot to expire a userdb/passdb cached entry? v2.1.9+ has: doveadm auth cache flush user at domain From tss at iki.fi Tue Nov 27 09:11:07 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 09:11:07 +0200 Subject: [Dovecot] Feature request: add information to error message: client doesn't have lookup permissions for this user: userdb reply doesn't contain uid (change userdb socket permissions) In-Reply-To: <alpine.DEB.2.02.1211021622060.8405@pc-2m63nn> References: <alpine.DEB.2.02.1211021622060.8405@pc-2m63nn> Message-ID: <0BA25BE4-76C4-41BA-85CC-57FE896AB555@iki.fi> On 2.11.2012, at 17.55, Steffen Kaiser wrote: > Please add the information to this error, which socket has the problem and which uid access is and what is expected. > > For instance, when the quota dict request fails, because of permission problems, you get a very detailed info about the current problem. And, further more, hints to solve it. > > BTW: I'm trying to configure shared mailboxes for a virtual user system, when one user with ACLs on other mailboxes requests a LIST, I get this error. In my case, I solved the problem by chmod u+x auth-userdb . http://hg.dovecot.org/dovecot-2.1/rev/c811aab61355 ? From tss at iki.fi Tue Nov 27 09:18:53 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 09:18:53 +0200 Subject: [Dovecot] imap-login hanging when firewall blocks ssl handshaking In-Reply-To: <AED7EBF0-A31F-4171-88DC-F07463A9E0B1@usc.edu> References: <B7D3B051-AEFD-42CD-87DC-60764AF401D4@usc.edu> <8EDD59BD-AC4B-442F-B148-285BC368B49B@iki.fi> <AED7EBF0-A31F-4171-88DC-F07463A9E0B1@usc.edu> Message-ID: <1354000733.2844.25.camel@innu> Could you try with the attached patch, and with only the problematic client running? What does it log (the beginning of the session until it starts repeating the same lines)? On Sat, 2012-11-24 at 00:16 -0800, Erik A Johnson wrote: > Thanks, Timo. Nope, still an infinite loop. Anything I can try using gdb to trace? > > > On Nov 22, 2012, at 10:52 PM, Timo Sirainen <tss at iki.fi> wrote: > > > On 10.11.2012, at 12.44, Erik A Johnson wrote: > > > >> imap-login processes are hanging (using 100% of CPU) when connected from a client that is partially blocked by a firewall. It appears that imap-login is stuck in a loop trying to complete an ssl handshake. imap-login is working fine for other clients not blocked by the firewall (including localhost). > >> > >> This is dovecot 2.1.10 under Mac OS X 10.8.2 (compiled from sources); the firewall is Little Snitch 3.0.1 blocking port 993, which appears to let the connection initiate but then squashes and disconnects the socket during ssl handshaking. > >> > >> gdb backtrace and Activity Monitor's "Sample Process" show that imap-login is stuck calling ioloop-kqueue's io_loop_handler_run -> io_loop_call_io -> ssl_step repeatedly; dtruss shows that it is repeatedly making system calls to kevent and read, the latter returning -1 with errno 57=ENOTCONN="Socket is not connected". (I also tried ./configure --with-ioloop=poll and --with-iopoll=select instead of the default best = kqueue but the results were the same; --with-iopoll=epoll didn't work because epoll is not available on this machine.) The client, initiated by the command "openssl s_client -connect SERVER:993", first responds "CONNECTED(00000003)" but then immediately the error "60278:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:/SourceCache/OpenSSL098/OpenSSL098-44/src/ssl/s23_lib.c:182:". The infinite loop is in src/lib/ioloop.c in the function "io_loop_run" where the statement "while (ioloop->running) io_loop_handler_run(ioloop)" is executed. > > > > I wonder if this fixes it? http://hg.dovecot.org/dovecot-2.1/rev/e95479f439aa > > > -------------- next part -------------- A non-text attachment was scrubbed... Name: diff Type: text/x-patch Size: 1876 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121127/5e11a288/attachment-0001.bin> From koshikov at gmail.com Tue Nov 27 09:37:51 2012 From: koshikov at gmail.com (Nikita Koshikov) Date: Tue, 27 Nov 2012 09:37:51 +0200 Subject: [Dovecot] Default fallback behaviour In-Reply-To: <B4D76870-723B-414E-8DCB-9F4595F5A42F@iki.fi> References: <CANYsE-wYxa1hf=Z4Kom5pTWoFji_aqMous9Gty_zBNhynnzkAA@mail.gmail.com> <B4D76870-723B-414E-8DCB-9F4595F5A42F@iki.fi> Message-ID: <CANYsE-yb59rWePexi-U0foG0xMB13FWGru5awwnBk_7hVz5gDQ@mail.gmail.com> On Tue, Nov 27, 2012 at 3:04 AM, Timo Sirainen <tss at iki.fi> wrote: > On 23.11.2012, at 9.46, Nikita Koshikov wrote: > > > Hello list, > > > > Here is the problem: > > I have few: > > passdb { > > #1 > > } > > passdb { > > #2 > > } > > And relative userdb sections. If user not found in 1) section it > fallbacks > > to next one - it's expected and right, IMHO. But when the user exists in > > both section and password verification fails on 1) database it > successfully > > authenticated on next one. I think this behaviour should be configured. > The > > main goal of 1) section for this server is to overwrite users in main > > (section2) database. > > It's not always possible to know why #1 failed. For example PAM doesn't > always tell if the password was wrong or if the user didn't exist. > > > Maybe I missed something and this option is already in dovecot code and I > > can't find it ? Or if not - will it be added in the future ? > > > I'm not very interested in adding it, especially because it can't be done > reliably. > > Thank's for the anwer. It's a pity to hear, because it's security feature I need to provide. The problem - that main passdb - is ldap and there are about - 5-7 people who can edit it and simply to login as different users. Yes, activity is logged - but mailbox can be read\stolen. The main goal for passwd-file database is to revrite ldap very critical mailboxes to local file. It can be edited only but 1 person - it is nativly to trust 1, but not to 7. From tss at iki.fi Tue Nov 27 09:42:50 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 09:42:50 +0200 Subject: [Dovecot] Default fallback behaviour In-Reply-To: <CANYsE-yb59rWePexi-U0foG0xMB13FWGru5awwnBk_7hVz5gDQ@mail.gmail.com> References: <CANYsE-wYxa1hf=Z4Kom5pTWoFji_aqMous9Gty_zBNhynnzkAA@mail.gmail.com> <B4D76870-723B-414E-8DCB-9F4595F5A42F@iki.fi> <CANYsE-yb59rWePexi-U0foG0xMB13FWGru5awwnBk_7hVz5gDQ@mail.gmail.com> Message-ID: <5E10AA5C-DF78-4F87-B9E2-EA69E4A94C3C@iki.fi> On 27.11.2012, at 9.37, Nikita Koshikov wrote: >>> Here is the problem: >>> I have few: >>> passdb { >>> #1 >>> } >>> passdb { >>> #2 >>> } >>> And relative userdb sections. If user not found in 1) section it >> fallbacks >>> to next one - it's expected and right, IMHO. But when the user exists in >>> both section and password verification fails on 1) database it >> successfully >>> authenticated on next one. I think this behaviour should be configured. >> The >>> main goal of 1) section for this server is to overwrite users in main >>> (section2) database. >> > Thank's for the anwer. It's a pity to hear, because it's security feature I > need to provide. The problem - that main passdb - is ldap and there are > about - 5-7 people who can edit it and simply to login as different users. > Yes, activity is logged - but mailbox can be read\stolen. The main goal for > passwd-file database is to revrite ldap very critical mailboxes to local > file. It can be edited only but 1 person - it is nativly to trust 1, but > not to 7. Try if a modified version of Alessio's suggestion works: passdb { driver = passwd-file args = /etc/passwd.important } passdb { driver = passwd-file args = /etc/passwd.important deny = yes } passdb { driver = ldap } From tss at iki.fi Tue Nov 27 10:42:03 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 10:42:03 +0200 Subject: [Dovecot] Rebuilding indexes fails on inconsistent mdbox In-Reply-To: <20121109161845.503766441fbb2a1df97d7220@mjh.name> References: <20121024132811.7cf18fdf7343b4dd961b2858@mjh.name> <394FADB5-4E6C-4179-BF30-244390964FA4@iki.fi> <20121109161845.503766441fbb2a1df97d7220@mjh.name> Message-ID: <EB83079A-E6DB-44B0-B436-359AC455EAD8@iki.fi> On 9.11.2012, at 17.18, Milan Holz?pfel wrote: >>> Oct 24 10:45:19 two dovecot: imap(listen at mjh.name): Panic: file mdbox-storage-rebuild.c: line 773 (rebuild_update_refcounts): assertion failed: (map_uid < msgs[i]->map_uid) Finally looked into this and fixed: http://hg.dovecot.org/dovecot-2.1/rev/8770940057b9 From tss at iki.fi Tue Nov 27 10:53:35 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 10:53:35 +0200 Subject: [Dovecot] v2.1.11 soon Message-ID: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> Just to let you know: I'm planning on releasing v2.1.11 today/tomorrow. If you wish to get something fixed for it, ask quickly. :) From skdovecot at smail.inf.fh-brs.de Tue Nov 27 12:01:50 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Tue, 27 Nov 2012 11:01:50 +0100 (CET) Subject: [Dovecot] Feature request: add information to error message: client doesn't have lookup permissions for this user: userdb reply doesn't contain uid (change userdb socket permissions) In-Reply-To: <0BA25BE4-76C4-41BA-85CC-57FE896AB555@iki.fi> References: <alpine.DEB.2.02.1211021622060.8405@pc-2m63nn> <0BA25BE4-76C4-41BA-85CC-57FE896AB555@iki.fi> Message-ID: <alpine.DEB.1.10.1211271100160.6954@pc-2m63a.inf.fh-bonn-rhein-sieg.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 27 Nov 2012, Timo Sirainen wrote: > On 2.11.2012, at 17.55, Steffen Kaiser wrote: > >> Please add the information to this error, which socket has the problem >> and which uid access is and what is expected. >> >> For instance, when the quota dict request fails, because of permission >> problems, you get a very detailed info about the current problem. And, >> further more, hints to solve it. > > http://hg.dovecot.org/dovecot-2.1/rev/c811aab61355 ? Many thanks ! - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBULSPj2oxLS8a3A9mAQJTYggAq8OJPR4wZMUalZeuMAjLQAeb7pWTEK5k w5HeamqZH6rjVq5wk7ln2dFsPQm4+RZPtohenMh8sYChvg2YJLulTp0/I0lra2k2 9CU8kO9YgnUL5yZnnixMOJuZG7mze8DlcmH8lmsf7hg2P8YD2WE0S1F9ro3UquCW Y7b8oVU1j2k8n05QD1tu8TwFuxPWRdlCHg3C1J1KLhl0xH7nAdHk3WItE73a5vZ7 9gEDfInnM0UAhBzRb0QxV/6i4s03hv7k8f15MxN5dqIrqKfhVrmWXDmpG5SGr0dz 83CioJo/KZGnJufTqGnrA3iMvovhoPdkw9QToVHcbbaDhaZohK/G7A== =TPv5 -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Tue Nov 27 12:13:37 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Tue, 27 Nov 2012 11:13:37 +0100 (CET) Subject: [Dovecot] lmtp_rcpt_check_quota working somewhere? In-Reply-To: <19E4CB4D-7961-49A2-84CD-D0370A0B364A@iki.fi> References: <alpine.DEB.2.02.1211261658550.3077@pc-2m63nn> <19E4CB4D-7961-49A2-84CD-D0370A0B364A@iki.fi> Message-ID: <alpine.DEB.1.10.1211271111050.6954@pc-2m63a.inf.fh-bonn-rhein-sieg.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 27 Nov 2012, Timo Sirainen wrote: > On 26.11.2012, at 18.07, Steffen Kaiser wrote: > >> I'm running Dovecot v2.1 and enabled the >> >> lmtp_rcpt_check_quota >> >> option in conf.d/20-lmtp.conf, because I just found it in the sample config. >> >> When I have the option enabled, I get _no_ response in the RCPT TO phase, if the user is under quota. If I go on and enter the DATA keyword eventually, I get "554 5.5.1 No valid recipients", so it looks like, the user is really ignored at all. > > Fixed: http://hg.dovecot.org/dovecot-2.1/rev/bebe54e1d640 That seems to fix the problem. Works with single and multiple recipients. Thanks, - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBULSSUWoxLS8a3A9mAQLCJgf/apcvh+4WAYQEPciD4UNAAKmRO04naVxZ 6y/Ik/jGfbtmwEHG+k6n9anIIuVwivfs0G7qugN5Drw3rQC//FEMlfpmtIFf7wBg vS5nvb5m58i6QFTxBzZWbJ11CE5YIN4wG23OzegvvA7xDp6tQmZDNDJUhjQMfnfW Cs4wOnFj5ZTkX9M+GURXiLJfQCBvqOCktuuocoSo3iJaiDwyhcrKSnqTmeJ474UC 5ZRT6AOjvnaHzYYHXyIFu2Th3fNR0qiurQFub//INCwKNqiDCAa+xFSMIkYaDidS cFQjAMo/dFS+meEi1h8/S0HwDbO1KjZ6f+05oFB4B3EaA13ubHUPbA== =Avwv -----END PGP SIGNATURE----- From noel.butler at ausics.net Tue Nov 27 14:19:27 2012 From: noel.butler at ausics.net (Noel Butler) Date: Tue, 27 Nov 2012 22:19:27 +1000 Subject: [Dovecot] v2.1.11 soon In-Reply-To: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> References: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> Message-ID: <1354018767.25506.25.camel@tardis> On Tue, 2012-11-27 at 10:53 +0200, Timo Sirainen wrote: > Just to let you know: I'm planning on releasing v2.1.11 today/tomorrow. If you wish to get something fixed for it, ask quickly. :) > hah, but u won t do it... -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20121127/7e2120c3/attachment.bin> From pw at wk-serv.de Tue Nov 27 14:22:57 2012 From: pw at wk-serv.de (Patrick Westenberg) Date: Tue, 27 Nov 2012 13:22:57 +0100 Subject: [Dovecot] v2.1.11 soon In-Reply-To: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> References: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> Message-ID: <50B4B0A1.4060906@wk-serv.de> Timo Sirainen schrieb: > Just to let you know: I'm planning on releasing v2.1.11 today/tomorrow. If you wish to get something fixed for it, ask quickly. :) Backend-Failover would be nice ;-) From ramon.frontera at uib.es Tue Nov 27 14:27:25 2012 From: ramon.frontera at uib.es (Ramon Frontera) Date: Tue, 27 Nov 2012 13:27:25 +0100 Subject: [Dovecot] Dovecot director doveadm with switch "-A" error In-Reply-To: <B528BA8C-9575-4C3C-B154-F243252B4B6F@iki.fi> References: <453DDEEC-1372-40D2-ADD5-00F56904C52A@uib.es> <B528BA8C-9575-4C3C-B154-F243252B4B6F@iki.fi> Message-ID: <8874EC16-C9A2-4689-91E6-71453FF6ED65@uib.es> Hi, I send you attached the command's output. -------------- next part -------------- A non-text attachment was scrubbed... Name: dovelog.zip Type: application/zip Size: 16759 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121127/d0784542/attachment-0001.zip> -------------- next part -------------- Thanks! -- ------------------------------------------ Ramon Frontera Gallardo Centre de Tecnologies de la Informaci? Universitat de les Illes Balears Ctra. Valldemossa km 7,5 07122 Palma de Mallorca El 27/11/2012, a las 05:29, Timo Sirainen escribi?: > On 21.11.2012, at 15.05, Ramon Frontera wrote: > >> we have a problem with our director proxy configuration. >> When we run on proxy server the doveadm command with -A switch, fails with the error: >> >> # doveadm -D quota get -A >> doveadm(user1): Debug: auth input: user=user1 proxy starttls=any-cert >> doveadm(user1): Error: Proxy is missing destination host >> doveadm: Error: Failed to iterate through some users > > Well, I fixed various bugs in doveadm code related to this: > > http://hg.dovecot.org/dovecot-2.1/rev/6f19c535110e > http://hg.dovecot.org/dovecot-2.1/rev/275a57b8dc70 > http://hg.dovecot.org/dovecot-2.1/rev/0dc3f56e6468 > http://hg.dovecot.org/dovecot-2.1/rev/fdc509644d05 > > But I don't think they fix your specific issue. It looks as if doveadm is connecting to auth process directly instead of director.. Do: > > strace -s 1000 -o log doveadm quota get -A > > and send me the log? Note that the log contains the doveadm_password in the base64 strings. > > From raabe at froglogic.com Tue Nov 27 14:53:37 2012 From: raabe at froglogic.com (Frerich Raabe) Date: Tue, 27 Nov 2012 13:53:37 +0100 Subject: [Dovecot] Cannot STORE \Seen flag on some mails Message-ID: <50B4B7D1.5080204@froglogic.com> Hi, I'm running Dovecot 1.2.17 on FreeBSD (exact output of 'dovecot -n' is atttached to this mail). The machine is serving a public mailinglist archive which is read-only; all mail arriving for the archive is marked as \Seen using Sieve script. This setup works well most of the time, but I noticed that for *some* mails, the \Seen flag doesn't seem to be stored. Right now I have 31255 mails in one of my folders and I can't seem to mark five of them as \Seen - the others work just fine. I first suspected a client issue so I did a little IMAP session by hand: * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready. . LOGIN "xxxxxx" "yyyyyy" . OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT IDLE CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS ACL RIGHTS=texk] Logged in . SELECT "Lists/Archive/squish" * FLAGS (\Answered \Flagged \Deleted \Seen \Draft $NotJunk) * OK [PERMANENTFLAGS ()] Read-only mailbox. * 31250 EXISTS * 0 RECENT * OK [UNSEEN 27126] First unseen. * OK [UIDVALIDITY 1350573750] UIDs valid * OK [UIDNEXT 31265] Predicted next UID * OK [HIGHESTMODSEQ 9512] Highest . OK [READ-ONLY] Select completed. . SEARCH UNSEEN * SEARCH 27126 27127 28484 29835 29838 . OK Search completed (0.000 secs). . STORE 27126 FLAGS \SEEN . OK Store completed. . SEARCH UNSEEN * SEARCH 27126 27127 28484 29835 29838 . OK Search completed (0.000 secs). . LOGOUT * BYE Logging out . OK Logout completed. Note how the first 'SEARCH UNSEEN' command shows that '27126' is unseen, the subsequent 'STORE' command succeeds - but then 'SEARCH UNSEEN' still shows 27126 as unseen! I have all four logging levels being piped to /var/log/maillog (I verified this by running dovecot --log-error) but the file does not show any problems. I checked the file permissions of the Maildir directories, and it all looks dandy to me. Does anybody have some suggestions how to debug this further, or what the reason for this may be? -- Frerich Raabe - raabe at froglogic.com www.froglogic.com - Multi-Platform GUI Testing -------------- next part -------------- # 1.2.17: /usr/local/etc/dovecot.conf # OS: FreeBSD 9.0-RELEASE i386 protocols: imap imaps managesieve listen(default): * listen(imap): * listen(managesieve): *:2000 *:4190 disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable(default): /usr/local/libexec/dovecot/imap-login login_executable(imap): /usr/local/libexec/dovecot/imap-login login_executable(managesieve): /usr/local/libexec/dovecot/managesieve-login verbose_proctitle: yes first_valid_uid: 1000 first_valid_gid: 1000 mail_privileged_group: mail mail_location: maildir:~/Maildir mail_executable(default): /usr/local/libexec/dovecot/imap mail_executable(imap): /usr/local/libexec/dovecot/imap mail_executable(managesieve): /usr/local/libexec/dovecot/managesieve mail_process_size: 512 mail_plugins(default): acl imap_acl fts fts_squat mail_plugins(imap): acl imap_acl fts fts_squat mail_plugins(managesieve): mail_plugin_dir(default): /usr/local/lib/dovecot/imap mail_plugin_dir(imap): /usr/local/lib/dovecot/imap mail_plugin_dir(managesieve): /usr/local/lib/dovecot/managesieve imap_client_workarounds(default): delay-newmail netscape-eoh tb-extra-mailbox-sep imap_client_workarounds(imap): delay-newmail netscape-eoh tb-extra-mailbox-sep imap_client_workarounds(managesieve): namespace: type: private separator: / inbox: yes list: yes subscriptions: yes namespace: type: public separator: / prefix: Lists/ location: maildir:/home/vmail/lists/Maildir:CONTROL=~/Maildir/lists:INDEX=~/Maildir/lists list: yes namespace: type: public separator: / prefix: Lists/Archive/ location: maildir:/home/vmail/lists/archive/Maildir list: yes lda: postmaster_address: postmaster at imap2.froglogic.com mail_plugins: sieve acl sendmail_path: /usr/sbin/sendmail auth default: mechanisms: plain login username_format: %Lu passdb: driver: pam args: session=yes dovecot passdb: driver: ldap args: /usr/local/etc/dovecot-ldap.conf userdb: driver: passwd-file args: username_format=%n /usr/local/etc/dovecot-pseudo-users.passwd userdb: driver: ldap args: /usr/local/etc/dovecot-ldap.conf plugin: acl: vfile sieve_before: /usr/local/etc/keep-broadcast-mail.sieve fts: squat fts_squat: partial=4 full=4 From raabe at froglogic.com Tue Nov 27 15:06:19 2012 From: raabe at froglogic.com (Frerich Raabe) Date: Tue, 27 Nov 2012 14:06:19 +0100 Subject: [Dovecot] Cannot STORE \Seen flag on some mails In-Reply-To: <50B4B7D1.5080204@froglogic.com> References: <50B4B7D1.5080204@froglogic.com> Message-ID: <50B4BACB.3020207@froglogic.com> Am 11/27/2012 1:53 PM, schrieb Frerich Raabe: > I first suspected a client issue so I did a little IMAP session by hand: [..] > Note how the first 'SEARCH UNSEEN' command shows that '27126' is unseen, > the subsequent 'STORE' command succeeds - but then 'SEARCH UNSEEN' still > shows 27126 as unseen! Sorry, I only now realized that my IMAP session wasn't very useful since the dovecot-acl file didn't allow my user to modify the \Seen flag (it only allowed it for the user which runs the Sieve script filing the mail into the archive [and marking it as seen]) in the first place. If I relax the ACL, I can mark the mail as seen myself. I guess that means the question is - why didn't the sieve_before manage to set the flag in all cases. -- Frerich Raabe - raabe at froglogic.com www.froglogic.com - Multi-Platform GUI Testing From koshikov at gmail.com Tue Nov 27 15:26:22 2012 From: koshikov at gmail.com (Nikita Koshikov) Date: Tue, 27 Nov 2012 15:26:22 +0200 Subject: [Dovecot] Default fallback behaviour In-Reply-To: <5E10AA5C-DF78-4F87-B9E2-EA69E4A94C3C@iki.fi> References: <CANYsE-wYxa1hf=Z4Kom5pTWoFji_aqMous9Gty_zBNhynnzkAA@mail.gmail.com> <B4D76870-723B-414E-8DCB-9F4595F5A42F@iki.fi> <CANYsE-yb59rWePexi-U0foG0xMB13FWGru5awwnBk_7hVz5gDQ@mail.gmail.com> <5E10AA5C-DF78-4F87-B9E2-EA69E4A94C3C@iki.fi> Message-ID: <CANYsE-yco7OxvQco_nk1wBsCnDb7gJMTpZoo0dnSC6D40OHWbQ@mail.gmail.com> Yes, thanks a lot - this config is working as expected. From petsy12 at lavabit.com Tue Nov 27 15:32:33 2012 From: petsy12 at lavabit.com (petsy12 at lavabit.com) Date: Tue, 27 Nov 2012 08:32:33 -0500 (EST) Subject: [Dovecot] IMAP over SSL Message-ID: <22331.77.247.181.164.1354023153.squirrel@lavabit.com> Hello. I've never tried Dovecot. Here is my attempt to enable IMAP over SSL on port 993. (BTW, I don't want to use port 143 at all.) # dovecot -n log_timestamp: %Y-%m-%d %H:%M:%S protocols: imaps listen: *:143,[::]:143 ssl_listen: *:993,[::]:993 ssl: required ssl_cert_file: /etc/dovecot/keycert.pem ssl_key_file: /etc/dovecot/keycert.pem ssl_cipher_list: TLSv1+HIGH:!SSLv2:!aNULL:!eNULL:!NULL:@STRENGTH login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/imap-login mail_privileged_group: mail mail_location: maildir:~/Maildir mbox_write_locks: fcntl dotlock auth default: passdb: driver: pam userdb: driver: passwd 1. Here is a snippet from dovecot.conf. Is it correct? Should I change something? (Note that I don't want to enable IMAP on port 143.) protocols = imaps protocol imap { listen = *:143,[::]:143 ssl_listen = *:993,[::]:993 } disable_plaintext_auth = yes ssl_listen = *:993,[::]:933 ssl = required ssl_cert_file = /etc/dovecot/keycert.pem ssl_key_file = /etc/dovecot/keycert.pem ssl_cipher_list = TLSv1+HIGH:!SSLv2:!aNULL:!eNULL:!NULL:@STRENGTH 2. I don't understand the syntax connected with auth. What auth options are enabled by default? dovecot.conf: No sections (e.g. namespace {}) or plugin settings are added by default, they're listed only as examples. Does it mean that passdb pam will use defaults (e.g. session=yes, setrcred=yes)? passdb pam { # [session=yes] [setcred=yes] [failure_show_msg=yes] [max_requests=<n>] # [cache_key=<key>] [<service name>] # # session=yes makes Dovecot open and immediately close PAM session. Some # PAM plugins need this to work, such as pam_mkhomedir. # # setcred=yes makes Dovecot establish PAM credentials if some PAM plugins # need that. They aren't ever deleted though, so this isn't enabled by # default. # # max_requests specifies how many PAM lookups to do in one process before # recreating the process. The default is 100, because many PAM plugins # leak memory. # # cache_key can be used to enable authentication caching for PAM # (auth_cache_size also needs to be set). It isn't enabled by default # because PAM modules can do all kinds of checks besides checking password, # such as checking IP address. Dovecot can't know about these checks # without some help. cache_key is simply a list of variables (see # /usr/share/doc/dovecot-common/wiki/Variables.txt) which must match # for the cached data to be used. # Here are some examples: # %u - Username must match. Probably sufficient for most uses. # %u%r - Username and remote IP address must match. # %u%s - Username and service (ie. IMAP, POP3) must match. # # The service name can contain variables, for example %Ls expands to # pop3 or imap. # # Some examples: # args = session=yes %Ls # args = cache_key=%u dovecot #args = dovecot } 3. Here is the output of `openssl s_client -tls1 -connect mail.example.com:993`. Is it OK? [snip] New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA Server public key is 2048 bit Secure Renegotiation IS supported Compression: zlib compression Expansion: zlib compression [snip] Verify return code: 18 (self signed certificate) --- * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE AUTH=PLAIN] Dovecot ready. Also, where can I read about these options? Any comments are appreciated. From CMarcus at Media-Brokers.com Tue Nov 27 17:23:45 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Tue, 27 Nov 2012 10:23:45 -0500 Subject: [Dovecot] IMAP over SSL In-Reply-To: <22331.77.247.181.164.1354023153.squirrel@lavabit.com> References: <22331.77.247.181.164.1354023153.squirrel@lavabit.com> Message-ID: <50B4DB01.7090705@Media-Brokers.com> On 2012-11-27 8:32 AM, petsy12 at lavabit.com <petsy12 at lavabit.com> wrote: > I've never tried Dovecot. Here is my attempt to enable IMAP over SSL > on port 993. (BTW, I don't want to use port 143 at all.) > > # dovecot -n > > log_timestamp: %Y-%m-%d %H:%M:%S > protocols: imaps Please don't trim the doveconf -n output... It shows the version of dovecot (so no one has to ask)... -- Best regards, Charles From dmiller at amfes.com Tue Nov 27 17:28:37 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Tue, 27 Nov 2012 07:28:37 -0800 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <FD146DEE-48AF-4D3C-B6FB-9C850205A8AC@iki.fi> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> <assp.1678966eea.50B446B8.6070701@amfes.com> <4ED5439E-C949-4F63-A01C-15869DA43FBA@iki.fi> <FD146DEE-48AF-4D3C-B6FB-9C850205A8AC@iki.fi> Message-ID: <assp.0678bad85b.50B4DC25.1000700@amfes.com> On 11/26/2012 10:08 PM, Timo Sirainen wrote: > On 27.11.2012, at 7.50, Timo Sirainen wrote: > >>> Nov 26, 2012 8:49:29 PM org.apache.solr.common.SolrException log >>> SEVERE: org.apache.solr.common.SolrException: Illegal character ((CTRL-CHAR, code 8)) >>> at [row,col {unknown-source}]: [1011144,197790] >> Something's wrong. The Solr code was already supposed to catch all of these. > http://dovecot.org/tmp/allchars.gz > > If you send this mail to yourself and index it, does it fail? (Works for me.) > I think it works - I tried sending it as an attachment (unzipped) and then with a command of "sendmail -t dmiller at amfes.com < allchars" - I don't know how else to do it. Following that by a "doveadm search -u dmiller at amfes.com mailbox INBOX text test" indexed a couple new messages, including I assume these, without errors. Some of my other mailboxes continue to break. I know you've got a filter that strips out control characters prior to sending to solr - so I'm left to assume: 1. solr is breaking on its own 2. I have a hardware problem that is corrupting memory (possible, but this server is using ECC, so I don't think so). 3. Somehow in the communication with solr, control characters are being introduced. Perhaps it's a maximum length or buffer issue? 4. Could it be attachment related? 5. Could it be zlib related - as in compressed mail, or a mix of compressed & uncompressed mail, being processed? -- Daniel From dmiller at amfes.com Tue Nov 27 17:38:10 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Tue, 27 Nov 2012 07:38:10 -0800 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <50B4DC25.1000700@amfes.com> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> <50B446B8.6070701@amfes.com> <4ED5439E-C949-4F63-A01C-15869DA43FBA@iki.fi> <FD146DEE-48AF-4D3C-B6FB-9C850205A8AC@iki.fi> <50B4DC25.1000700@amfes.com> Message-ID: <assp.067872074e.50B4DE62.4070403@amfes.com> On 11/27/2012 7:28 AM, Daniel L. Miller wrote: > On 11/26/2012 10:08 PM, Timo Sirainen wrote: >> On 27.11.2012, at 7.50, Timo Sirainen wrote: >> >>>> Nov 26, 2012 8:49:29 PM org.apache.solr.common.SolrException log >>>> SEVERE: org.apache.solr.common.SolrException: Illegal character >>>> ((CTRL-CHAR, code 8)) >>>> at [row,col {unknown-source}]: [1011144,197790] >>> Something's wrong. The Solr code was already supposed to catch all >>> of these. >> I was taking a brief scan of the code - and as usual I'm probably wrong - but I believe the protection comes from the xml_encode functions. Could it be that there are some solr writes that don't go through that function - because it is assumed that the data in question doesn't need that processing? Like mailbox names, field names, or uids - that SHOULDN'T have any garbage but maybe something is creeping in? -- Daniel From tss at iki.fi Tue Nov 27 23:07:53 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 23:07:53 +0200 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <assp.067872074e.50B4DE62.4070403@amfes.com> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> <50B446B8.6070701@amfes.com> <4ED5439E-C949-4F63-A01C-15869DA43FBA@iki.fi> <FD146DEE-48AF-4D3C-B6FB-9C850205A8AC@iki.fi> <50B4DC25.1000700@amfes.com> <assp.067872074e.50B4DE62.4070403@amfes.com> Message-ID: <45DDC47A-3170-4370-8202-03DBCF91581A@iki.fi> On 27.11.2012, at 17.38, Daniel L. Miller wrote: > On 11/27/2012 7:28 AM, Daniel L. Miller wrote: >> On 11/26/2012 10:08 PM, Timo Sirainen wrote: >>> On 27.11.2012, at 7.50, Timo Sirainen wrote: >>> >>>>> Nov 26, 2012 8:49:29 PM org.apache.solr.common.SolrException log >>>>> SEVERE: org.apache.solr.common.SolrException: Illegal character ((CTRL-CHAR, code 8)) >>>>> at [row,col {unknown-source}]: [1011144,197790] >>>> Something's wrong. The Solr code was already supposed to catch all of these. >>> > > I was taking a brief scan of the code - and as usual I'm probably wrong - but I believe the protection comes from the xml_encode functions. Could it be that there are some solr writes that don't go through that function - because it is assumed that the data in question doesn't need that processing? Like mailbox names, field names, or uids - that SHOULDN'T have any garbage but maybe something is creeping in? I did go through the code looking for that a few times already but didn't notice anything. I went through it once more, and finally found the problem. :) http://hg.dovecot.org/dovecot-2.1/rev/6a97faf3e500 From daniel.parthey at informatik.tu-chemnitz.de Tue Nov 27 23:47:49 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Tue, 27 Nov 2012 22:47:49 +0100 Subject: [Dovecot] v2.1.11 soon In-Reply-To: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> References: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> Message-ID: <20121127214749.GA11546@daniel.localdomain> Timo Sirainen wrote: > Just to let you know: I'm planning on releasing v2.1.11 today/tomorrow. If you wish to get something fixed for it, ask quickly. :) Can you fix these strange stats plugin errors please? These are the only errors regularly occurring in our 2.1.10 logs: Nov 27 08:06:54 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 429 < 622 Nov 27 08:07:06 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 436 < 622 Nov 27 08:07:36 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 443 < 622 Nov 27 08:07:51 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 455 < 622 Nov 27 08:08:21 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 474 < 622 Nov 27 08:08:51 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 477 < 622 Nov 27 08:09:21 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 477 < 622 Nov 27 08:14:21 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 477 < 622 Nov 27 08:19:21 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 477 < 622 Nov 27 16:18:44 10.129.3.213 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mrcount 11 < 13 Nov 27 16:24:20 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 1 < 2 These messages occur after imap/pop3 logouts. Only dovecot.conf attached (director does not produce these errors). Thanks a lot, Daniel -- https://plus.google.com/103021802792276734820 -------------- next part -------------- # 2.1.10: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-44-server x86_64 Ubuntu 10.04.4 LTS auth_cache_negative_ttl = 0 auth_cache_size = 10 M auth_cache_ttl = 1 mins auth_verbose = yes auth_verbose_passwords = sha1 deliver_log_format = mailbox: deliver: session=<%{session}> msgid=%m from=%f: %$ dict { quota = mysql:/etc/dovecot/conf.d/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no doveadm_password = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx imapc_features = rfc822.size imapc_host = local-mailbox imapc_port = 18143 instance_name = dovecot-mailbox lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes login_greeting = Mailbox login_log_format = mailbox: login: %$: %s login_trusted_networks = 10.129.3.0/24 mail_debug = yes mail_fsync = always mail_gid = vmail mail_home = /mail/dovecot/%d/%n mail_location = mdbox:~/mail mail_log_prefix = "mailbox: mail: %s(%u): <%{session}>: " mail_plugins = quota stats mail_privileged_group = vmail mail_uid = vmail managesieve_implementation_string = Sieve managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mdbox_rotate_interval = 1 weeks mdbox_rotate_size = 50 M mmap_disable = yes namespace { inbox = yes location = mailbox Archives { special_use = \Archive } mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / type = private } passdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } plugin { quota = dict:User quota::proxy::quota quota_rule = *:storage=10G quota_rule2 = Trash:storage=+100M quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_dir = ~/sieve stats_refresh = 30 secs stats_track_cmds = yes } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { group = dovecot user = dovecot } } service dict { unix_listener dict { group = vmail mode = 0660 } } service doveadm { inet_listener doveadm-server { port = 19000 } } service imap-login { inet_listener imap { port = 19143 } } service imap-postlogin { executable = script-login /usr/local/bin/dovecot-postlogin user = $default_internal_user } service imap { executable = imap imap-postlogin } service lmtp { inet_listener lmtp-without-quota { address = * port = 19025 } inet_listener lmtp { address = * port = 19024 } } service managesieve-login { inet_listener sieve { port = 19200 } } service pop3-login { inet_listener pop3 { port = 19110 } } service pop3-postlogin { executable = script-login /usr/local/bin/dovecot-postlogin user = $default_internal_user } service pop3 { executable = pop3 pop3-postlogin } service quota-warning { executable = script /usr/local/bin/quota-warning extra_groups = dovecot unix_listener quota-warning { user = vmail } user = vmail } service stats { fifo_listener stats-mail { mode = 0600 user = vmail } } ssl = no syslog_facility = local1 userdb { driver = prefetch } userdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } verbose_proctitle = yes protocol imap { imap_client_workarounds = delay-newmail tb-extra-mailbox-sep mail_plugins = quota stats imap_quota imap_stats } protocol lmtp { mail_plugins = quota stats sieve } From ben at morrow.me.uk Wed Nov 28 02:32:07 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Wed, 28 Nov 2012 00:32:07 +0000 Subject: [Dovecot] Dovecot sieve with postfix. In-Reply-To: <CAKU1PAXy2P0u+qvi7_k9MygZ_QLd2=zJ9Xeck3B6WdOCYoEZMA@mail.gmail.com> References: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> <20121119164753.GK94077@anubis.morrow.me.uk> <CAKU1PAUj2gR5PGqWK8TZEOCQn3tYDgE69NrFWbB5bmL=y56qYw@mail.gmail.com> <20121126115235.GC76138@anubis.morrow.me.uk> <CAKU1PAXy2P0u+qvi7_k9MygZ_QLd2=zJ9Xeck3B6WdOCYoEZMA@mail.gmail.com> Message-ID: <20121128003206.GH76138@anubis.morrow.me.uk> At 12PM -0800 on 26/11/12 /#!/JoePea wrote: > Hi Ben, > Indeed, the mailq command shows my test messages sitting there with "mail > transport unavailable". > > > ??[11:48:22/hypership/root/~] > > ??? mailq > > -Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient------- > > 2DCCB580C01 1901 Mon Nov 26 11:45:02 trusktr at gmail.com > > (mail transport > > unavailable) > > trusktr at bettafootwear.com > > > > B1449580C03 1895 Mon Nov 26 11:48:41 trusktr at gmail.com > > (mail transport > > unavailable) > > trusktr at bettafootwear.com > > > > -- 5 Kbytes in 2 Requests. > > I checked in /etc/syslog-ng/syslog-ng.conf and it shows destination d_mail > { file("/var/log/mail.log"); }; but there is no such mail.log file so I > created one. I don't know how syslog-ng works, but you need to be able to see the Postfix logs to have any chance of debugging this. Read your system documentation and get that working before trying anything else. > I logged in as mailman by doing su -s /bin/bash mailman then ran > > /usr/lib/dovecot/dovecot-lda -f trusktr at gmail.com -d > trusktr at bettafootwear.com </home/mailman/test_msg.txt > > where /home/mailman/test_msg.txt contains a plain text sentence. A single sentence is not a valid mail. Dovecot mostly doesn't care, but you will see odd client behaviour if you deliver invalid mails... > After doing that, mailq shows the new messages, but with the same "mail > transport unavailable" message. (I assume here that you only see the same list as before you attempted the new delivery? Delivering to LDA by hand shouldn't go anywhere near the Postfix queue.) > However, in Roundcube I see a new blank message with no subject for each > attempt of the dovecot-lda command. ...such as this. It looks like the 'mail' is being successfully delivered; if you try with a proper mail, something like From: root at localhost To: root at localhost Subject: testing dovecot-lda 1 2 3 it should show up properly in your client. At this point I think this is a Postfix problem, not a Dovecot problem. You can apparently successfully deliver mail using dovecot-lda, so something in your Postfix config is not invoking it properly. Ben From tss at iki.fi Wed Nov 28 03:15:05 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 28 Nov 2012 03:15:05 +0200 Subject: [Dovecot] Dovecot director doveadm with switch "-A" error In-Reply-To: <8874EC16-C9A2-4689-91E6-71453FF6ED65@uib.es> References: <453DDEEC-1372-40D2-ADD5-00F56904C52A@uib.es> <B528BA8C-9575-4C3C-B154-F243252B4B6F@iki.fi> <8874EC16-C9A2-4689-91E6-71453FF6ED65@uib.es> Message-ID: <1354065305.2844.30.camel@innu> On Tue, 2012-11-27 at 13:27 +0100, Ramon Frontera wrote: > > >> # doveadm -D quota get -A > >> doveadm(user1): Debug: auth input: user=user1 proxy > starttls=any-cert > >> doveadm(user1): Error: Proxy is missing destination host > >> doveadm: Error: Failed to iterate through some users .. > connect(8, {sa_family=AF_FILE, path="/var/run/dovecot//auth-userdb"}, > 110) = 0 It's connecting to auth-userdb, while it should be connecting to director-userdb. This should have been done by this setting: protocol doveadm { auth_socket_path = director-userdb } Make sure doveconf -n shows that. And if nothing seems to work, this at least should: doveadm -o auth_socket_path=director-userdb quota get -A From tss at iki.fi Wed Nov 28 03:26:52 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 28 Nov 2012 03:26:52 +0200 Subject: [Dovecot] Cannot STORE \Seen flag on some mails In-Reply-To: <50B4BACB.3020207@froglogic.com> References: <50B4B7D1.5080204@froglogic.com> <50B4BACB.3020207@froglogic.com> Message-ID: <CE2A5500-6A3B-49D1-A1DD-B86CF0C4BD89@iki.fi> On 27.11.2012, at 15.06, Frerich Raabe wrote: > Am 11/27/2012 1:53 PM, schrieb Frerich Raabe: >> I first suspected a client issue so I did a little IMAP session by hand: > > [..] > >> Note how the first 'SEARCH UNSEEN' command shows that '27126' is unseen, >> the subsequent 'STORE' command succeeds - but then 'SEARCH UNSEEN' still >> shows 27126 as unseen! > > Sorry, I only now realized that my IMAP session wasn't very useful since the dovecot-acl file didn't allow my user to modify the \Seen flag (it only allowed it for the user which runs the Sieve script filing the mail into the archive [and marking it as seen]) in the first place. > > If I relax the ACL, I can mark the mail as seen myself. I guess that means the question is - why didn't the sieve_before manage to set the flag in all cases. Difficult to say, but I don't think it's worth debugging with v1.2. Might be fixed already in v2.1.. From tss at iki.fi Wed Nov 28 04:31:13 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 28 Nov 2012 04:31:13 +0200 Subject: [Dovecot] v2.1.11 soon In-Reply-To: <20121127214749.GA11546@daniel.localdomain> References: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> <20121127214749.GA11546@daniel.localdomain> Message-ID: <CBBB237A-B634-43E8-B785-134A95203201@iki.fi> On 27.11.2012, at 23.47, Daniel Parthey wrote: > Timo Sirainen wrote: >> Just to let you know: I'm planning on releasing v2.1.11 today/tomorrow. If you wish to get something fixed for it, ask quickly. :) > > Can you fix these strange stats plugin errors please? > These are the only errors regularly occurring in our 2.1.10 logs: > > Nov 27 08:06:54 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 429 < 622 > Nov 27 08:07:06 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 436 < 622 It's strange that I can't figure out how to reproduce this no matter what I do. Could you with latest hg, especially: http://hg.dovecot.org/dovecot-2.1/rev/c81f1ca3cda6 and also the attached patch, which simplifies the stats plugin? -------------- next part -------------- A non-text attachment was scrubbed... Name: diff Type: application/octet-stream Size: 2959 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121128/d081bdcd/attachment.obj> -------------- next part -------------- From tss at iki.fi Wed Nov 28 04:36:44 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 28 Nov 2012 04:36:44 +0200 Subject: [Dovecot] v2.1.11 soon In-Reply-To: <CBBB237A-B634-43E8-B785-134A95203201@iki.fi> References: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> <20121127214749.GA11546@daniel.localdomain> <CBBB237A-B634-43E8-B785-134A95203201@iki.fi> Message-ID: <C081AC31-C264-46E2-BF93-2FD2873523E3@iki.fi> On 28.11.2012, at 4.31, Timo Sirainen wrote: > On 27.11.2012, at 23.47, Daniel Parthey wrote: > >> Timo Sirainen wrote: >>> Just to let you know: I'm planning on releasing v2.1.11 today/tomorrow. If you wish to get something fixed for it, ask quickly. :) >> >> Can you fix these strange stats plugin errors please? >> These are the only errors regularly occurring in our 2.1.10 logs: >> >> Nov 27 08:06:54 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 429 < 622 >> Nov 27 08:07:06 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 436 < 622 Also, can you reproduce this really easily? For example with pop3: telnet localhost 110 user foo pass bar list retr 1 quit Does that log about this? If not, what about if you run imaptest (http://imapwiki.org/ImapTest) against some test user? From dmiller at amfes.com Wed Nov 28 04:43:40 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Tue, 27 Nov 2012 18:43:40 -0800 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <45DDC47A-3170-4370-8202-03DBCF91581A@iki.fi> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> <50B446B8.6070701@amfes.com> <4ED5439E-C949-4F63-A01C-15869DA43FBA@iki.fi> <FD146DEE-48AF-4D3C-B6FB-9C850205A8AC@iki.fi> <50B4DC25.1000700@amfes.com> <50B4DE62.4070403@amfes.com> <45DDC47A-3170-4370-8202-03DBCF91581A@iki.fi> Message-ID: <assp.1679c30da7.50B57A5C.1000300@amfes.com> On 11/27/2012 1:07 PM, Timo Sirainen wrote: > On 27.11.2012, at 17.38, Daniel L. Miller wrote: > >> On 11/27/2012 7:28 AM, Daniel L. Miller wrote: >>> On 11/26/2012 10:08 PM, Timo Sirainen wrote: >>>> On 27.11.2012, at 7.50, Timo Sirainen wrote: >>>> >>>>>> Nov 26, 2012 8:49:29 PM org.apache.solr.common.SolrException log >>>>>> SEVERE: org.apache.solr.common.SolrException: Illegal character ((CTRL-CHAR, code 8)) >>>>>> at [row,col {unknown-source}]: [1011144,197790] >>>>> Something's wrong. The Solr code was already supposed to catch all of these. >> I was taking a brief scan of the code - and as usual I'm probably wrong - but I believe the protection comes from the xml_encode functions. Could it be that there are some solr writes that don't go through that function - because it is assumed that the data in question doesn't need that processing? Like mailbox names, field names, or uids - that SHOULDN'T have any garbage but maybe something is creeping in? > I did go through the code looking for that a few times already but didn't notice anything. I went through it once more, and finally found the problem. :) http://hg.dovecot.org/dovecot-2.1/rev/6a97faf3e500 > :( Mine still breaks. Both UTF-8 and Control-Char errors. -- Daniel From tss at iki.fi Wed Nov 28 04:45:21 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 28 Nov 2012 04:45:21 +0200 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <assp.1679c30da7.50B57A5C.1000300@amfes.com> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> <50B446B8.6070701@amfes.com> <4ED5439E-C949-4F63-A01C-15869DA43FBA@iki.fi> <FD146DEE-48AF-4D3C-B6FB-9C850205A8AC@iki.fi> <50B4DC25.1000700@amfes.com> <50B4DE62.4070403@amfes.com> <45DDC47A-3170-4370-8202-03DBCF91581A@iki.fi> <assp.1679c30da7.50B57A5C.1000300@amfes.com> Message-ID: <B141B96E-0384-4A73-873C-DA3B5B0BAD03@iki.fi> On 28.11.2012, at 4.43, Daniel L. Miller wrote: >> I did go through the code looking for that a few times already but didn't notice anything. I went through it once more, and finally found the problem. :) http://hg.dovecot.org/dovecot-2.1/rev/6a97faf3e500 >> > :( Mine still breaks. Both UTF-8 and Control-Char errors. Can you grab the network traffic between Dovecot and Solr and find the problematic stream? From dave at morsberger.com Wed Nov 28 05:21:07 2012 From: dave at morsberger.com (David Morsberger) Date: Tue, 27 Nov 2012 22:21:07 -0500 Subject: [Dovecot] Missing Messages on IOS device Message-ID: <CA3255CA-B8B2-4BBB-A1D3-395C1FADBA92@morsberger.com> Resending because I didn't get any responses from my first post: I just converted my old server running UW/Panda to a Mac Mini Server running Mountain Lion (ML) Server. I'm using the postfix / dovecot setup provided by Apple. My IMAP clients are not showing all my emails. The Mail App on my iPhone and iPad is behaving the worse. I can see the emails that are not showing up in the cur directory. The ML Mail App is stating there are 3854 emails in my INBOX. There are 3948 files in the 'cur' directory ('ls cur | wc -l' returns 3948). Other mailboxes and directories have the same behavior. I'm not sure what to expect here. My method of conversion was to bulk copy (drag and drop) all the messages from one the UW server to the Dovecot server using the Apple Desktop Mail App in Mountain Lion. Any idea why these messages are not showing up on my devices and how I can get them to show up? bash-3.2# /Applications/Server.app/Contents/ServerRoot/usr/sbin/dovecotd --version 2.0.19apple1 bash-3.2# /Applications/Server.app/Contents/ServerRoot/usr/sbin/dovecotd -n # 2.0.19apple1: /Library/Server/Mail/Config/dovecot/dovecot.conf # OS: Darwin 12.2.1 x86_64 hfs aps_topic = com.apple.mail.XServer.fc3bb7c3-c8ef-4fe2-aff3-95ecd927fb11 auth_mechanisms = cram-md5 x-plain-submit plain login apop digest-md5 auth_socket_path = /var/run/dovecot/auth-userdb auth_username_format = %n default_internal_user = _dovecot default_login_user = _dovenull disable_plaintext_auth = no first_valid_gid = 6 first_valid_uid = 6 mail_access_groups = mail mail_location = maildir:/Library/Server/Mail/Data/mail/%u mail_log_prefix = "%s(pid %p user %u): " mail_plugins = quota zlib fts fts_sk managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mdbox_rotate_size = 200 M passdb { args = /Library/Server/Mail/Config/dovecot/submit.passdb driver = passwd-file pass = yes submit = yes } passdb { driver = od } plugin { fts = sk quota = maildir:User quota quota_warning = storage=100%% quota-exceeded %u sieve = /Library/Server/Mail/Data/rules/%u/dovecot.sieve sieve_dir = /Library/Server/Mail/Data/rules/%u } postmaster_address = postmaster at mini.mmpcrofton.com protocols = imap pop3 lmtp sieve quota_full_tempfail = yes service auth { extra_groups = _keytabusers idle_kill = 15 mins unix_listener auth-userdb { user = _dovecot } } service dns_client { unix_listener dns-client { mode = 0600 } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } service_count = 0 } service imap { client_limit = 5 process_limit = 200 service_count = 0 } service lmtp { unix_listener lmtp { mode = 0600 } } service managesieve-login { inet_listener sieve { port = 4190 } } service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } } service pop3 { client_limit = 5 process_limit = 200 service_count = 0 } service quota-exceeded { executable = script /Applications/Server.app/Contents/ServerRoot/usr/libexec/dovecot/quota-exceeded.sh unix_listener quota-exceeded { group = mail mode = 0660 user = _dovecot } user = _dovecot } service quota-warning { executable = script /Applications/Server.app/Contents/ServerRoot/usr/libexec/dovecot/quota-warning.sh unix_listener quota-warning { group = mail mode = 0660 user = _dovecot } user = _dovecot } ssl_ca = </etc/certificates/*.chain.pem ssl_cert = </etc/certificates/*.cert.pem ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL:!ADH:!eNULL ssl_key = </etc/certificates/*.key.pem ssl_key_path = /etc/certificates/*.key.pem syslog_facility = local6 userdb { args = partition=/Library/Server/Mail/Config/dovecot/partition_map.conf enforce_quotas=no driver = od } verbose_proctitle = yes protocol lmtp { mail_plugins = quota zlib fts fts_sk sieve push_notify } protocol lda { mail_plugins = quota zlib fts fts_sk sieve push_notify } protocol imap { imap_id_log = * imap_id_send = "name" * "version" * mail_max_userip_connections = 20 mail_plugins = quota zlib fts fts_sk imap_quota imap_zlib imap_fts urlauth } protocol pop3 { mail_max_userip_connections = 6 } From stan at hardwarefreak.com Wed Nov 28 07:49:55 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Tue, 27 Nov 2012 23:49:55 -0600 Subject: [Dovecot] Missing Messages on IOS device In-Reply-To: <CA3255CA-B8B2-4BBB-A1D3-395C1FADBA92@morsberger.com> References: <CA3255CA-B8B2-4BBB-A1D3-395C1FADBA92@morsberger.com> Message-ID: <50B5A603.5060509@hardwarefreak.com> On 11/27/2012 9:21 PM, David Morsberger wrote: > Resending because I didn't get any responses from my first post: > > I just converted my old server running UW/Panda to a Mac Mini Server running Mountain Lion (ML) Server. I'm using the postfix / dovecot setup provided by Apple. > > My IMAP clients are not showing all my emails. The Mail App on my iPhone and iPad is behaving the worse. I can see the emails that are not showing up in the cur directory. > > The ML Mail App is stating there are 3854 emails in my INBOX. There are 3948 files in the 'cur' directory ('ls cur | wc -l' returns 3948). Other mailboxes and directories have the same behavior. I'm not sure what to expect here. > > My method of conversion was to bulk copy (drag and drop) all the messages from one the UW server to the Dovecot server using the Apple Desktop Mail App in Mountain Lion. > > Any idea why these messages are not showing up on my devices and how I can get them to show up? Not really. Problem reports are typically accompanied by errors in log files. You've provided none. You've provided only subjective observation which is rarely useful in troubleshooting. If you provide some Dovecot logging related to the problem we may be able to help. Short of that we can only make wild ass guesses. Are your clients subscribing all IMAP folders? Are your clients checking all folders for new mail? -- Stan From tss at iki.fi Wed Nov 28 08:56:26 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 28 Nov 2012 08:56:26 +0200 Subject: [Dovecot] Missing Messages on IOS device In-Reply-To: <CA3255CA-B8B2-4BBB-A1D3-395C1FADBA92@morsberger.com> References: <CA3255CA-B8B2-4BBB-A1D3-395C1FADBA92@morsberger.com> Message-ID: <EA205FFA-14CE-4C5A-B7FC-7DAFC27754EE@iki.fi> On 28.11.2012, at 5.21, David Morsberger wrote: > My IMAP clients are not showing all my emails. The Mail App on my iPhone and iPad is behaving the worse. I can see the emails that are not showing up in the cur directory. Delete the account on iPhone and recreate it. Does that help? From dmiller at amfes.com Wed Nov 28 10:50:29 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Wed, 28 Nov 2012 00:50:29 -0800 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <B141B96E-0384-4A73-873C-DA3B5B0BAD03@iki.fi> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> <50B446B8.6070701@amfes.com> <4ED5439E-C949-4F63-A01C-15869DA43FBA@iki.fi> <FD146DEE-48AF-4D3C-B6FB-9C850205A8AC@iki.fi> <50B4DC25.1000700@amfes.com> <50B4DE62.4070403@amfes.com> <45DDC47A-3170-4370-8202-03DBCF91581A@iki.fi> <50B57A5C.1000300@amfes.com> <B141B96E-0384-4A73-873C-DA3B5B0BAD03@iki.fi> Message-ID: <assp.167950d733.50B5D055.6010605@amfes.com> On 11/27/2012 6:45 PM, Timo Sirainen wrote: > On 28.11.2012, at 4.43, Daniel L. Miller wrote: > >>> I did go through the code looking for that a few times already but didn't notice anything. I went through it once more, and finally found the problem. :) http://hg.dovecot.org/dovecot-2.1/rev/6a97faf3e500 >>> >> :( Mine still breaks. Both UTF-8 and Control-Char errors. > Can you grab the network traffic between Dovecot and Solr and find the problematic stream? > Tell me how and I'll be happy to! -- Daniel From raabe at froglogic.com Wed Nov 28 10:52:48 2012 From: raabe at froglogic.com (Frerich Raabe) Date: Wed, 28 Nov 2012 09:52:48 +0100 Subject: [Dovecot] Cannot STORE \Seen flag on some mails In-Reply-To: <CE2A5500-6A3B-49D1-A1DD-B86CF0C4BD89@iki.fi> References: <50B4B7D1.5080204@froglogic.com> <50B4BACB.3020207@froglogic.com> <CE2A5500-6A3B-49D1-A1DD-B86CF0C4BD89@iki.fi> Message-ID: <50B5D0E0.2090906@froglogic.com> Am 11/28/2012 2:26 AM, schrieb Timo Sirainen: > On 27.11.2012, at 15.06, Frerich Raabe wrote: >> If I relax the ACL, I can mark the mail as seen myself. I guess >> that means the question is - why didn't the sieve_before manage to >> set the flag in all cases. > > Difficult to say, but I don't think it's worth debugging with v1.2. > Might be fixed already in v2.1.. Hm, maybe indeed a reason to stop tip-toeing around upgrading to v2.1... the christmas season is coming, maybe this upgrade would be a good proejct for the vacation. ;-) Thanks for your comment! -- Frerich Raabe - raabe at froglogic.com www.froglogic.com - Multi-Platform GUI Testing From tss at iki.fi Wed Nov 28 10:55:46 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 28 Nov 2012 10:55:46 +0200 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <assp.167950d733.50B5D055.6010605@amfes.com> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> <50B446B8.6070701@amfes.com> <4ED5439E-C949-4F63-A01C-15869DA43FBA@iki.fi> <FD146DEE-48AF-4D3C-B6FB-9C850205A8AC@iki.fi> <50B4DC25.1000700@amfes.com> <50B4DE62.4070403@amfes.com> <45DDC47A-3170-4370-8202-03DBCF91581A@iki.fi> <50B57A5C.1000300@amfes.com> <B141B96E-0384-4A73-873C-DA3B5B0BAD03@iki.fi> <assp.167950d733.50B5D055.6010605@amfes.com> Message-ID: <2745DFD2-9D73-4E17-95A5-F7B858C54DB4@iki.fi> On 28.11.2012, at 10.50, Daniel L. Miller wrote: > On 11/27/2012 6:45 PM, Timo Sirainen wrote: >> On 28.11.2012, at 4.43, Daniel L. Miller wrote: >> >>>> I did go through the code looking for that a few times already but didn't notice anything. I went through it once more, and finally found the problem. :) http://hg.dovecot.org/dovecot-2.1/rev/6a97faf3e500 >>>> >>> :( Mine still breaks. Both UTF-8 and Control-Char errors. >> Can you grab the network traffic between Dovecot and Solr and find the problematic stream? >> > Tell me how and I'll be happy to! Maybe the easiest would be to use tcpflow. It outputs different TCP streams to different files. From them you can then grep for the error and look closer into it. I guess something like wireshark would work too, but I've never been able to use its GUI in a useful way. From Jost.Krieger+dovecot at rub.de Wed Nov 28 10:57:30 2012 From: Jost.Krieger+dovecot at rub.de (Jost Krieger) Date: 28 Nov 2012 09:57:30 +0100 Subject: [Dovecot] Any chance to access read-only mdboxes? Message-ID: <20121128085702.GA28525@ruhr-uni-bochum.de> We would like to provide a self-service restore function to our users using their IMAP client of choice.. Our idea was to use a snapshot (under ZFS, btrfs, whatever) and have it available to the user in a namespace. Unfortunately, but understandably, dovecot doesn't like the mdbox structure to be read-only. Is there any chance to change that? In the meantime, we could use a read-write snapshot, but we wouldn't like the users to really do changes to that snapshot. Our next attempt is to use ACLs, but it's a bit hard to gt the ACLs to the correct place in the snapshots, at least for thousands of users. Our currents solution (in test) is a quick and dirty patch to introduce inheritance to the ACLs by walking up the directory tree, so we need only one ACL. A cleaner solution would be very much appreciated. Yours Jost Krieger -- | Helft Spam ausrotten! HTML in Mail ist unh?flich. | | Postmaster, JAPH, manchmal Wahrsager am RZ der RUB | | Wahre Worte sind nicht gef?llig, gef?llige Worte sind nicht wahr.| | Lao Tse, Tao Te King 81 | From tss at iki.fi Wed Nov 28 11:01:23 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 28 Nov 2012 11:01:23 +0200 Subject: [Dovecot] Any chance to access read-only mdboxes? In-Reply-To: <20121128085702.GA28525@ruhr-uni-bochum.de> References: <20121128085702.GA28525@ruhr-uni-bochum.de> Message-ID: <62077D8D-92EC-4F1A-AD22-E4B7377D2B85@iki.fi> On 28.11.2012, at 10.57, Jost Krieger wrote: > We would like to provide a self-service restore function to our users > using their IMAP client of choice.. > > Our idea was to use a snapshot (under ZFS, btrfs, whatever) and have it > available to the user in a namespace. > > Unfortunately, but understandably, dovecot doesn't like the mdbox > structure to be read-only. Is there any chance to change that? I think it would be possible. I already added some code for that, but apparently it wasn't enough and I stopped because it's a pretty low priority issue.. Anyway, I think the code changes would be pretty easy to do. So start finding the problematic parts and fixing them and sending me patches. :) > Our next attempt is to use ACLs, but it's a bit hard to gt the ACLs to > the correct place in the snapshots, at least for thousands of users. > > Our currents solution (in test) is a quick and dirty patch to introduce > inheritance to the ACLs by walking up the directory tree, so we need > only one ACL. For a long time I've wanted a "default acl" file that applies to the whole namespace. Never got around to implementing that either. Anyway, ACLs don't help when the reading code itself decides to write to indexes (which it does). From rs at sys4.de Wed Nov 28 11:21:55 2012 From: rs at sys4.de (Robert Schetterer) Date: Wed, 28 Nov 2012 10:21:55 +0100 Subject: [Dovecot] Any chance to access read-only mdboxes? In-Reply-To: <20121128085702.GA28525@ruhr-uni-bochum.de> References: <20121128085702.GA28525@ruhr-uni-bochum.de> Message-ID: <50B5D7B3.1000905@sys4.de> Am 28.11.2012 09:57, schrieb Jost Krieger: > We would like to provide a self-service restore function to our users > using their IMAP client of choice.. > > Our idea was to use a snapshot (under ZFS, btrfs, whatever) and have it > available to the user in a namespace. > > Unfortunately, but understandably, dovecot doesn't like the mdbox > structure to be read-only. Is there any chance to change that? > > In the meantime, we could use a read-write snapshot, but we wouldn't > like the users to really do changes to that snapshot. > > Our next attempt is to use ACLs, but it's a bit hard to gt the ACLs to > the correct place in the snapshots, at least for thousands of users. > > Our currents solution (in test) is a quick and dirty patch to introduce > inheritance to the ACLs by walking up the directory tree, so we need > only one ACL. > > A cleaner solution would be very much appreciated. > > Yours > Jost Krieger > a workaround perhaps is, postfix bcc archive mailboxes with a sieve rule which also sort mails spam/in/out/day/month/year in subfolders and then set subfolders acl read only for their related users ( scriptable at user creation time, and/or external sieve plugin),archive mailboxes may show up in their shared namespace then, also forbid pop3 download on the archive mailbox subfolders, if archive shouldnt exist for ever ,use dove expunge on the archive mailboxes/subfolders for x days/weeks/months/years ,whatever you prefer Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From Jost.Krieger at ruhr-uni-bochum.de Wed Nov 28 11:09:55 2012 From: Jost.Krieger at ruhr-uni-bochum.de (Jost Krieger) Date: 28 Nov 2012 10:09:55 +0100 Subject: [Dovecot] Any chance to access read-only mdboxes? In-Reply-To: <62077D8D-92EC-4F1A-AD22-E4B7377D2B85@iki.fi> References: <20121128085702.GA28525@ruhr-uni-bochum.de> <62077D8D-92EC-4F1A-AD22-E4B7377D2B85@iki.fi> Message-ID: <20121128090954.GB28525@ruhr-uni-bochum.de> On Wed 28 Nov 2012 11:01:23 AM GMT, Timo Sirainen wrote: > > On 28.11.2012, at 10.57, Jost Krieger wrote: > > I think it would be possible. I already added some code for that, but apparently it wasn't enough and I stopped because it's a pretty low priority issue.. Anyway, I think the code changes would be pretty easy to do. So start finding the problematic parts and fixing them and sending me patches. :) Will try, but don't hold your breath :-) > > Our currents solution (in test) is a quick and dirty patch to introduce > > inheritance to the ACLs by walking up the directory tree, so we need > > only one ACL. > > For a long time I've wanted a "default acl" file that applies to the whole namespace. Never got around to implementing that either. We'll at least post the patch. > Anyway, ACLs don't help when the reading code itself decides to write to indexes (which it does). That's not so important for us, we don't want to protect the snapshot from dovecot, but from user stupidity^Wintervention, like: "But I need that mails, that I moved over yesterday from the snapshot and that are gone now, again." Yours Jost Krieger -- | Jost.Krieger+sig at ruhr-uni-bochum.de Please help stamp out spam! | | Postmaster, JAPH, resident answer machine at RUB Comp. Center | | Sincere words are not sweet, sweet words are not sincere. | | Lao Tse, Tao Te King 81 | From Jost.Krieger+dovecot at rub.de Wed Nov 28 11:31:06 2012 From: Jost.Krieger+dovecot at rub.de (Jost Krieger) Date: 28 Nov 2012 10:31:06 +0100 Subject: [Dovecot] Any chance to access read-only mdboxes? In-Reply-To: <62077D8D-92EC-4F1A-AD22-E4B7377D2B85@iki.fi> References: <20121128085702.GA28525@ruhr-uni-bochum.de> <62077D8D-92EC-4F1A-AD22-E4B7377D2B85@iki.fi> Message-ID: <20121128093106.GG28525@ruhr-uni-bochum.de> On Wed 28 Nov 2012 11:01:23 AM GMT, Timo Sirainen wrote: > > On 28.11.2012, at 10.57, Jost Krieger wrote: > > I think it would be possible. I already added some code for that, but apparently it wasn't enough and I stopped because it's a pretty low priority issue.. Anyway, I think the code changes would be pretty easy to do. So start finding the problematic parts and fixing them and sending me patches. :) Will try, but don't hold your breath :-) > > Our currents solution (in test) is a quick and dirty patch to introduce > > inheritance to the ACLs by walking up the directory tree, so we need > > only one ACL. > > For a long time I've wanted a "default acl" file that applies to the whole namespace. Never got around to implementing that either. We'll at least post the patch. > Anyway, ACLs don't help when the reading code itself decides to write to indexes (which it does). That's not so important for us, we don't want to protect the snapshot from dovecot, but from user stupidity^Wintervention, like: "But I need that mails, that I moved over yesterday from the snapshot and that are gone now, again." Yours Jost Krieger -- | Jost.Krieger+sig at ruhr-uni-bochum.de Please help stamp out spam! | | Postmaster, JAPH, resident answer machine at RUB Comp. Center | | Sincere words are not sweet, sweet words are not sincere. | | Lao Tse, Tao Te King 81 | From skdovecot at smail.inf.fh-brs.de Wed Nov 28 11:38:16 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Wed, 28 Nov 2012 10:38:16 +0100 (CET) Subject: [Dovecot] backtrace from postgres dict Message-ID: <alpine.DEB.2.02.1211281007050.3077@pc-2m63nn> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, since I enabled ACLs I get following backtrace. It looks like that it happens if the ACLs had been changed only. Also, it looks like that it always happens 1 minute after last "dict: Info: pgsql(localhost): Connected to database dovecot", no matter if the user is logged in (and idle) or logged off. Postgres logs: "could not receive data from client: Connection reset by peer" and "unexpected EOF on client connection". Is there some TCP keep alive issue? Postgres is using the "system default" for TCP keep alive. I'm currently testing ACLs via telnet, so the activity with the ACL dict is pretty low, hence, an idle timeout would make much sense. # ../../sbin/dovecot --version 2.1.10 (a4f02f6c0d32) dict connect string: connect = host=localhost dbname=db user=user 2012-11-28 10:03:39 dict: Info: pgsql(localhost): Connected to database dovecot 2012-11-28 10:03:39 dict: Info: pgsql(localhost): Connected to database dovecot 2012-11-28 10:03:39 dict: Info: pgsql(localhost): Connected to database dovecot 2012-11-28 10:03:58 IMAP(user) [22922]: Info: Disconnected: Logged out in=23 out=763 2012-11-28 10:04:41 dict: Panic: file driver-pgsql.c: line 84 (driver_pgsql_set_state): assertion failed: (state == SQL_DB_STATE_BUSY || db->cur_result == NULL) 2012-11-28 10:04:41 dict: Error: Raw backtrace: /usr/local/dovecot-2.1.10/lib/dovecot/libdovecot.so.0(+0x4857a) [0x7f91f511157a] -> /usr/local/dovecot-2.1.10/lib/dovecot/libdovecot.so.0(+0x485c6) [0x7f91f51115c6] -> /usr/local/dovecot-2.1.10/lib/dovecot/libdovecot.so.0(i_error+0) [0x7f91f50e4eaf] -> dovecot2.1/dict() [0x40aa36] -> dovecot2.1/dict() [0x40aa91] -> dovecot2.1/dict() [0x40bed3] -> dovecot2.1/dict() [0x409504] - -> dovecot2.1/dict(sql_db_cache_deinit+0x20) [0x408a60] -> dovecot2.1/dict(main+0x169) [0x405a59] -> /lib/libc.so.6(__libc_start_main+0xfd) [0x7f91f4b5cc8d] -> dovecot2.1/dict() [0x404bb9] 2012-11-28 10:04:41 dict: Fatal: master: service(dict): child 22923 killed with signal 6 (core not dumped) - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBULXbiGoxLS8a3A9mAQI9Ywf/YItPO4fFT70HcuwCkDXgx0Sn7CEyXu2j +1VzOu3R/TMs1rcxYJIvWiei6Nk3wXywzQl84POadJn61Yf2NuT80nMxwBsBbgio e+0oRE9JNVSjtvX5l7kehEdUDQjqRRKyrhWG9KDlpjWidGsYh7pQg0rDtp3UwG57 HuSBMiBAZ9t9sC2DXjn9wT9vweH3gMIhc/K5U0BLF5JG/K8UAKc5QBUgezjIYzvn KP90TJ4RoZ2vnPzmWfeIsjffRBvvC6UUgWmU02e2H9xJxzF32Nix0s8YWi7G91sH Ei057HW5NsKNDtp6B5fYk+xCpC6ucQiwFSr/ZG+uZCAdtTd2qmf60g== =tQYK -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Wed Nov 28 11:42:35 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Wed, 28 Nov 2012 10:42:35 +0100 (CET) Subject: [Dovecot] doveadm acl recalc (was Re: v2.1.11 soon) In-Reply-To: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> References: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> Message-ID: <alpine.DEB.2.02.1211281040420.3077@pc-2m63nn> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 27 Nov 2012, Timo Sirainen wrote: > Just to let you know: I'm planning on releasing v2.1.11 today/tomorrow. > If you wish to get something fixed for it, ask quickly. :) doveadm acl recalc -u user to update ACL backend information with user's dovecot-acl files. Kind regards, - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBULXcjGoxLS8a3A9mAQIuDwgAo4LYKrQkZ/JXrHJ+e5vWW9+vTg9lqKZD IJybqc5dE9RUPUCiSa2wZ/HP+Wz/V9GcE399Wq+gOMKpB5WTKs3LYkXTKAWDBM4F 6MLArX/XXQ7xaHdsBAVc1Z13D18uErzCt43pLXxy/EoH8hilaPaghD2XJVXb1k32 zZ8FhkiPcMffoQaMM3fsaMm6cUGVHvbnbwkwR2z3Vc640QuuaW85qik3LMvNWUEx fK9GrUphZ3DxGi6dbWQLKBS8vakwtaCPI0O8LKNFNmlq5Waq6iB7IsuyoDF8Jot6 xhcSFDedKD1RD6hmjH0FChKU2tA8RomacrpUNkEZWRKGAble7zr9nA== =zPuV -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Wed Nov 28 12:43:23 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Wed, 28 Nov 2012 11:43:23 +0100 (CET) Subject: [Dovecot] dict sql iterate failed: Not connected to database (was Re: backtrace from postgres dict) In-Reply-To: <alpine.DEB.2.02.1211281007050.3077@pc-2m63nn> References: <alpine.DEB.2.02.1211281007050.3077@pc-2m63nn> Message-ID: <alpine.DEB.2.02.1211281125550.3077@pc-2m63nn> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 28 Nov 2012, Steffen Kaiser wrote: hmm, it seems to be more than just an idle timeout. > since I enabled ACLs I get following backtrace. It looks like that it happens > if the ACLs had been changed only. Also, it looks like that it always happens > 1 minute after last "dict: Info: pgsql(localhost): Connected to database > dovecot", no matter if the user is logged in (and idle) or logged off. > Postgres logs: "could not receive data from client: Connection reset by peer" > and "unexpected EOF on client connection". > > Is there some TCP keep alive issue? > Postgres is using the "system default" for TCP keep alive. > I'm currently testing ACLs via telnet, so the activity with the ACL dict is > pretty low, hence, an idle timeout would make much sense. When I use this script: ( echo 1 login user pass sleep 1 echo 2 getacl Junk sleep 1 for a in $(seq 1 ${1-4}); do echo 3-$a deleteAcl Junk user2 sleep 30 echo 3-$a SetAcl Junk user2 kxilrsc sleep 30 done echo + logout ) | nc -q1 localhost 143 I get (attached are more lines of the log): 2012-11-28 11:08:07 dict: Info: pgsql(localhost): Connected to database dovecot scanning for dovecot-acl 2012-11-28 11:09:07 dict: Info: pgsql(localhost): Connected to database dovecot scanning for dovecot-acl 2012-11-28 11:09:37 dict: Info: pgsql(localhost): Connected to database dovecot scanning for dovecot-acl 2012-11-28 11:10:07 dict: Error: dict sql iterate failed: Not connected to database 2012-11-28 11:10:07 IMAP(user) [23358]: Error: acl: dict iteration failed, can't update dict scanning for dovecot-acl After that the connection is broken and I get the backtrace eventually. > # ../../sbin/dovecot --version > 2.1.10 (a4f02f6c0d32) > > dict connect string: > connect = host=localhost dbname=db user=user - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBULXqy2oxLS8a3A9mAQL4+Af+PQIzpT0/kbot90jYRYmRBA96frDlDubc lsl9iktKGYyxLOQXRLLcUpOgzWqUvxoLtsCMlkcOG8tjyQLr2OsAufnVUL7LUH8y iGIi8lZjfHRUQWWLgC6KG0eNOMT5PEGLB5dBcqMZxsgENjoe0SEYf3SN2bT7UxR7 N6/cbU+qnQ/IVpCCcFTtY1Nv7pHcpBwt7IQqaLTdFJ2OQBtUCFsZlkH2SArBZktC 82rHKvHkN4rsYiOhKQFyG3p7mmdmq3snUpP9fvUE+2nxsIQw2BIht8gGPMsuVoTb DC1JjE6JGuj4z3HrEs2tYRHgnTUuUn2j28bXIp2gNDLUQzbL5DLfLQ== =XUQP -----END PGP SIGNATURE----- -------------- next part -------------- A non-text attachment was scrubbed... Name: acl-pg-error.log.gz Type: application/octet-stream Size: 1139 bytes Desc: URL: <http://dovecot.org/pipermail/dovecot/attachments/20121128/ee569960/attachment.obj> From benedetto.vassallo at unipa.it Wed Nov 28 13:17:36 2012 From: benedetto.vassallo at unipa.it (Benedetto Vassallo) Date: Wed, 28 Nov 2012 12:17:36 +0100 Subject: [Dovecot] v2.1.11 soon In-Reply-To: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> References: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> Message-ID: <20121128121736.12111dhmxva4dqds@webmail.unipa.it> Def. Quota Timo Sirainen <tss at iki.fi>: > Just to let you know: I'm planning on releasing v2.1.11 > today/tomorrow. If you wish to get something fixed for it, ask > quickly. :) > > Please it is possible to have maildir hardlinks working like in v2.0.13? Thank you. -- Benedetto Vassallo Sistema Informativo di Ateneo Settore Gestione Reti Hardware e Software U.O.B. Sviluppo e manutenzione dei sistemi Universit? degli studi di Palermo Phone: +3909123860056 Fax: +390916529124 ------------------------------------------------------------------------- This message was sent using the University of Palermo web mail interface. From cfowler at scss.tcd.ie Wed Nov 28 13:24:43 2012 From: cfowler at scss.tcd.ie (Colin Fowler) Date: Wed, 28 Nov 2012 11:24:43 +0000 Subject: [Dovecot] Vacation messages come from POSTMASTER, not user In-Reply-To: <50B3CE72.3040507@rename-it.nl> References: <1ae8ff5c569ca991558585c3071131c2@scss.tcd.ie> <50B3CE72.3040507@rename-it.nl> Message-ID: <50B5F47B.6040107@scss.tcd.ie> On 26/11/12 20:17, Stephan Bosch wrote: > On 11/26/2012 6:31 PM, cfowler wrote: >> Problem : All vacation autoreplies come from the postmaster address. >> Expected behavior : vacation notice comes from the user who set the >> vacation. >> Platform : Dovecot 2.1.7 on Debian Squeeze ( See below for example >> reply, sieve script and dovecot -n output) >> >> Any help appreciated! > > This should fix that: > > http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/b56711807edc > > Regards, > > Stephan. > Sorry for the late reply. I've been off work sick :( Excellent Work Stephan! Thank you so much. do you know if this patch will make it into 2.1.11? regards, Colin From cfowler at scss.tcd.ie Wed Nov 28 13:27:13 2012 From: cfowler at scss.tcd.ie (Colin Fowler) Date: Wed, 28 Nov 2012 11:27:13 +0000 Subject: [Dovecot] v2.1.11 soon In-Reply-To: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> References: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> Message-ID: <50B5F511.5070009@scss.tcd.ie> On 27/11/12 08:53, Timo Sirainen wrote: > Just to let you know: I'm planning on releasing v2.1.11 today/tomorrow. If you wish to get something fixed for it, ask quickly. :) > Will this patch be in 2.1.11? http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/b56711807edc Stephan Bosch wrote this to fix an unintended issue whereby vacation notices were coming from postmaster. regards, Colin From stephan at rename-it.nl Wed Nov 28 13:29:57 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Wed, 28 Nov 2012 12:29:57 +0100 Subject: [Dovecot] v2.1.11 soon In-Reply-To: <50B5F511.5070009@scss.tcd.ie> References: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> <50B5F511.5070009@scss.tcd.ie> Message-ID: <50B5F5B5.6060709@rename-it.nl> Op 11/28/2012 12:27 PM, Colin Fowler schreef: > On 27/11/12 08:53, Timo Sirainen wrote: >> Just to let you know: I'm planning on releasing v2.1.11 >> today/tomorrow. If you wish to get something fixed for it, ask >> quickly. :) >> > Will this patch be in 2.1.11? > > http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/b56711807edc > > Stephan Bosch wrote this to fix an unintended issue whereby vacation > notices were coming from postmaster. Pigeonhole is not part of Dovecot, so that is released separately. Regards, Stephan. From tss at iki.fi Wed Nov 28 13:33:02 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 28 Nov 2012 13:33:02 +0200 Subject: [Dovecot] v2.1.11 soon In-Reply-To: <20121128121736.12111dhmxva4dqds@webmail.unipa.it> References: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> <20121128121736.12111dhmxva4dqds@webmail.unipa.it> Message-ID: <4D484A24-7BD9-4175-939C-696DB663F696@iki.fi> On 28.11.2012, at 13.17, Benedetto Vassallo wrote: > Def. Quota Timo Sirainen <tss at iki.fi>: > >> Just to let you know: I'm planning on releasing v2.1.11 today/tomorrow. If you wish to get something fixed for it, ask quickly. :) > > Please it is possible to have maildir hardlinks working like in v2.0.13? Not in the same way. That would break other peoples' installations. From btj at havleik.no Wed Nov 28 14:12:15 2012 From: btj at havleik.no (=?UTF-8?B?QmrDuHJu?= T Johansen) Date: Wed, 28 Nov 2012 13:12:15 +0100 Subject: [Dovecot] Shutting down my Dovecot server? Message-ID: <20121128131215.1d7c4d66@havleik.no> I am planning to shut down my own Dovecot server and start using the other Dovecot server I am administering together with a friend.. And I was thinking that I don't want to copy the emails I have on my server so I want to start from scratch on the other server.. But I would like to be able to look at the old emails if I need to, so was wondering if there is a way to do this without using an imap server? Can I convert my mails stored in the maildir format to mbox or is there a better way to solve my problem? Regards, BTJ -- ----------------------------------------------------------------------------------------------- Bj?rn T Johansen btj at havleik.no ----------------------------------------------------------------------------------------------- Someone wrote: "I understand that if you play a Windows CD backwards you hear strange Satanic messages" To which someone replied: "It's even worse than that; play it forwards and it installs Windows" ----------------------------------------------------------------------------------------------- -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From benedetto.vassallo at unipa.it Wed Nov 28 14:22:14 2012 From: benedetto.vassallo at unipa.it (Benedetto Vassallo) Date: Wed, 28 Nov 2012 13:22:14 +0100 Subject: [Dovecot] v2.1.11 soon In-Reply-To: <4D484A24-7BD9-4175-939C-696DB663F696@iki.fi> References: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> <20121128121736.12111dhmxva4dqds@webmail.unipa.it> <4D484A24-7BD9-4175-939C-696DB663F696@iki.fi> Message-ID: <20121128132214.17661rqf1u7a9q0m@webmail.unipa.it> Def. Quota Timo Sirainen <tss at iki.fi>: > On 28.11.2012, at 13.17, Benedetto Vassallo wrote: > >> Def. Quota Timo Sirainen <tss at iki.fi>: >> >>> Just to let you know: I'm planning on releasing v2.1.11 >>> today/tomorrow. If you wish to get something fixed for it, ask >>> quickly. :) >> >> Please it is possible to have maildir hardlinks working like in v2.0.13? > > Not in the same way. That would break other peoples' installations. > > I see. So, please what kind of permission I have to set in the MailDir directory? I tryed to set 700, 770, 777 but it doesn't work. My environment is the following: All users mapped in ldap having the same group. The /home/user permissions are 755 and the /home/user directory is owned by user:group The /home/user/MailDir directory have 755 permissions and is owned by user:group Here is the output of my dovecot -n (v2.0.13) where all works fine for me: # 2.0.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-279.1.1.el6.x86_64 x86_64 CentOS release 6.3 (Final) auth_cache_negative_ttl = 0 auth_cache_size = 10 M auth_cache_ttl = 5 mins auth_socket_path = /var/run/dovecot/auth-master auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_ auth_verbose = yes base_dir = /var/run/dovecot/ default_client_limit = 6500 default_process_limit = 3000 default_vsz_limit = 512 M deliver_log_format = msgid=%m: %$ %f %s %p disable_plaintext_auth = no first_valid_gid = 12 first_valid_uid = 8 lda_original_recipient_header = X-Original-To listen = 147.163.1.137 log_path = /var/log/dovecot.log login_greeting = University of Palermo mail server ready. mail_cache_min_mail_count = 100 mail_gid = mail mail_location = maildir:~/MailDir:LAYOUT=fs mail_plugins = quota mail_privileged_group = mail mail_uid = mail maildir_very_dirty_syncs = yes mbox_write_locks = fcntl passdb { args = /etc/dovecot/conf.d/dovecot-ldap.conf.ext driver = ldap } plugin { expire = Trash 30 Spam 7 fts = squat fts_squat = partial=4 full=10 mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid from subject size quota = maildir:User quota quota_rule2 = Trash:storage=+200M trash = /etc/dovecot/conf.d/trash.conf.ext } postmaster_address = postmaster at unipa.it rejection_subject = Automatically Rejected Mail: %s sendmail_path = /usr/lib/sendmail service auth-worker { user = $default_internal_user } service auth { client_limit = 42288 executable = /usr/libexec/dovecot/auth unix_listener auth-client { mode = 0660 } unix_listener auth-master { group = root mode = 0600 user = root } user = $default_internal_user } service imap-login { chroot = login executable = /usr/libexec/dovecot/imap-login inet_listener imap { port = 143 } process_limit = 1200 process_min_avail = 8 service_count = 0 user = dovenull vsz_limit = 128 M } service imap { executable = /usr/libexec/dovecot/imap process_limit = 1200 vsz_limit = 256 M } service lmtp { inet_listener lmtp { address = 127.0.0.1 port = 24 } unix_listener lmtp { mode = 0666 } } service pop3-login { chroot = login executable = /usr/libexec/dovecot/pop3-login inet_listener pop3 { port = 110 } process_limit = 600 process_min_avail = 4 service_count = 0 user = dovenull vsz_limit = 256 M } service pop3 { executable = /usr/libexec/dovecot/pop3 process_limit = 800 vsz_limit = 256 M } ssl = no userdb { args = /etc/dovecot/conf.d/dovecot-ldap.conf.ext driver = ldap } protocol lda { mail_plugin_dir = /usr/lib64/dovecot mail_plugins = quota } protocol imap { imap_client_workarounds = delay-newmail tb-extra-mailbox-sep imap_idle_notify_interval = 2 mins imap_logout_format = bytes=%i/%o imap_max_line_length = 64 k mail_max_userip_connections = 20 mail_plugin_dir = /usr/lib64/dovecot mail_plugins = quota imap_quota } protocol lmtp { mail_plugins = acl quota } protocol pop3 { mail_max_userip_connections = 1 mail_plugin_dir = /usr/lib64/dovecot pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_enable_last = no pop3_lock_session = yes pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s pop3_no_flag_updates = no pop3_reuse_xuidl = yes pop3_save_uidl = yes pop3_uidl_format = %08Xu%08Xv } The same config in v2.1.10 works fine but it don't use maildir hardlinks. I want to update my dovecot installation to set up sieve in my production server, but I am blocked becouse maildir hardlinks does'nt work. Any help would be really appreciated. Thank you. -- Benedetto Vassallo Sistema Informativo di Ateneo Settore Gestione Reti Hardware e Software U.O.B. Sviluppo e manutenzione dei sistemi Universit? degli studi di Palermo Phone: +3909123860056 Fax: +390916529124 ------------------------------------------------------------------------- This message was sent using the University of Palermo web mail interface. From h.reindl at thelounge.net Wed Nov 28 14:22:22 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Wed, 28 Nov 2012 13:22:22 +0100 Subject: [Dovecot] Shutting down my Dovecot server? In-Reply-To: <20121128131215.1d7c4d66@havleik.no> References: <20121128131215.1d7c4d66@havleik.no> Message-ID: <50B601FE.9010201@thelounge.net> Am 28.11.2012 13:12, schrieb Bj?rn T Johansen: > I am planning to shut down my own Dovecot server and start using the other Dovecot server I am administering together with a friend.. > > And I was thinking that I don't want to copy the emails I have on my server so I want to start from scratch on the other server.. > But I would like to be able to look at the old emails if I need to, so was wondering if there is a way to do this without using an imap server? > Can I convert my mails stored in the maildir format to mbox or is there a better way to solve my problem? why not simply drag&drop them to thunderbird or whatever MUA you are using? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 261 bytes Desc: OpenPGP digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121128/7adf7ed6/attachment.bin> From btj at havleik.no Wed Nov 28 14:31:07 2012 From: btj at havleik.no (=?UTF-8?B?QmrDuHJu?= T Johansen) Date: Wed, 28 Nov 2012 13:31:07 +0100 Subject: [Dovecot] Shutting down my Dovecot server? In-Reply-To: <50B601FE.9010201@thelounge.net> References: <20121128131215.1d7c4d66@havleik.no> <50B601FE.9010201@thelounge.net> Message-ID: <20121128133107.5aabc2df@havleik.no> On Wed, 28 Nov 2012 13:22:22 +0100 Reindl Harald <h.reindl at thelounge.net> wrote: > > > Am 28.11.2012 13:12, schrieb Bj?rn T Johansen: > > I am planning to shut down my own Dovecot server and start using the other Dovecot server I am administering together with a friend.. > > > > And I was thinking that I don't want to copy the emails I have on my server so I want to start from scratch on the other server.. > > But I would like to be able to look at the old emails if I need to, so was wondering if there is a way to do this without using an imap server? > > Can I convert my mails stored in the maildir format to mbox or is there a better way to solve my problem? > > why not simply drag&drop them to thunderbird or whatever MUA > you are using? > Well, I am using Claws Mail but you are thinking about make my emails available in offline modus? Guess that might be one way to go but I was just trying to figure out my options as I have never done this before... :) BTJ -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From skdovecot at smail.inf.fh-brs.de Wed Nov 28 15:20:58 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Wed, 28 Nov 2012 14:20:58 +0100 (CET) Subject: [Dovecot] Shutting down my Dovecot server? In-Reply-To: <20121128133107.5aabc2df@havleik.no> References: <20121128131215.1d7c4d66@havleik.no> <50B601FE.9010201@thelounge.net> <20121128133107.5aabc2df@havleik.no> Message-ID: <alpine.DEB.2.02.1211281419320.3077@pc-2m63nn> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 28 Nov 2012, Bj?rn T Johansen wrote: >> Am 28.11.2012 13:12, schrieb Bj?rn T Johansen: >>> I am planning to shut down my own Dovecot server and start using the other Dovecot server I am administering together with a friend.. >>> >>> And I was thinking that I don't want to copy the emails I have on my server so I want to start from scratch on the other server.. >>> But I would like to be able to look at the old emails if I need to, so was wondering if there is a way to do this without using an imap server? >>> Can I convert my mails stored in the maildir format to mbox or is there a better way to solve my problem? >> >> why not simply drag&drop them to thunderbird or whatever MUA >> you are using? >> > > Well, I am using Claws Mail but you are thinking about make my emails available in offline modus? Guess that might be one way to go but I was just trying to figure out my options > as I have never done this before... :) With Thunderbird you can drop a mbox file into the "Local Folders" directory in the profile. Next start this mbox is displayed as mail folder. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBULYPumoxLS8a3A9mAQIP1AgAjNIFKP21/770mqG55CJnjG/IEFKIaywj Waa94H/eu+6eZQ14Yw4pTVWEdIJxhv+56Yu0qdQo7MXer1haASirGf6z9eZPGg3C WI84qp5ma++y5E35t9LimpdE0i8ox6zu/A+fcxusFat9UHp02BWqunykmim6uHKa yVSjb+mzwOr8IQyCAM5zRi8EXWwKZzG2uo2GbrrYGEWUsbphurapgvv3oato+lmU Msd1D/iOAjkiTKq+5UWHk+21EKa1gX9Ng9rQpftLLDEveBd/EsQJLMRtLNP0Agem +6UbkQDrfcL1md531wOpNjpMhxKLQfBsNe7r9SOLUHxDp2QtsFgGkw== =GRBQ -----END PGP SIGNATURE----- From rs at sys4.de Wed Nov 28 15:53:48 2012 From: rs at sys4.de (Robert Schetterer) Date: Wed, 28 Nov 2012 14:53:48 +0100 Subject: [Dovecot] Shutting down my Dovecot server? In-Reply-To: <20121128131215.1d7c4d66@havleik.no> References: <20121128131215.1d7c4d66@havleik.no> Message-ID: <50B6176C.9010807@sys4.de> Am 28.11.2012 13:12, schrieb Bj?rn T Johansen: > I am planning to shut down my own Dovecot server and start using the other Dovecot server I am administering together with a friend.. > > And I was thinking that I don't want to copy the emails I have on my server so I want to start from scratch on the other server.. > But I would like to be able to look at the old emails if I need to, so was wondering if there is a way to do this without using an imap server? > Can I convert my mails stored in the maildir format to mbox or is there a better way to solve my problem? > > > Regards, > > BTJ > thunderbird since vers 12 has maildir format as option there are also some import and export plugins look i.e here http://jaisejames.wordpress.com/tag/maildir-for-thunderbird/ ( sorry if pop ups ,couldnt get better site quick ) Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From marco.sacchetto at pradac.it Wed Nov 28 16:18:58 2012 From: marco.sacchetto at pradac.it (Marco Sacchetto) Date: Wed, 28 Nov 2012 15:18:58 +0100 Subject: [Dovecot] problems with quota and clients Message-ID: <50B61D52.7070407@pradac.it> Hi, I had configured dovecot in a pretty standard way and had it working nicely enough with maildir quotas (no tests done apart for reaching the quota and looking at mails coming back). Still I wanted to have the quota and the actual quota usage displayed in postfixadmin (3.5) but I think I messed with something. Now I can connect to the mailbox, send mail, receive mail, see the quota usage in postfixadmin but: * thunderbird: can create a subfolder if i do so by hand from the client. But if I try sending a mail i get a [TRYCREATE] mailbox error as it seems that thunderbird can't create the Sent box anymore by its own; * thunderbird: when i delete mail, it goes in the trash folder. I try then to delete it from there. In thunderbird indeed I see no mail anymore but the quota level remain the same. Then I try to browser the mail directory and... yep, all the messages are still there! How come? This is the output of dovecot -n and the relevant sql configuration : # 2.0.19: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-33-generic i686 Ubuntu 12.04.1 LTS ext4 auth_mechanisms = plain login auth_realms = yyyyyyyyy.it aaaaaaa.com xxxxx.it auth_verbose_passwords = plain debug_log_path = syslog dict { quotadict = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext sqlquota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext } first_valid_uid = 150 info_log_path = /var/log/syslog last_valid_uid = 150 listen = * mail_debug = yes mail_gid = mail mail_location = maildir:/var/vmail/%d/%u mail_plugins = " quota" mail_uid = vmail passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid size quota = dict:User quota::proxy::sqlquota quota_rule = *:storage=50M quota_rule2 = Trash:storage=+10M } postmaster_address = xxxxxxxx at yyyyyyyyy.it protocols = " imap pop3" service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } unix_listener auth-userdb { group = mail mode = 0600 user = vmail } } service dict { unix_listener dict { group = mail mode = 0660 user = vmail } } ssl_cert = </etc/ssl/certs/dovecot.pem ssl_key = </etc/ssl/private/dovecot.pem userdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } protocol lda { mail_plugins = quota } protocol imap { mail_plugins = quota imap_quota } protocol pop3 { mail_plugins = quota } >>grep -v '^ *\(#.*\)\?$' dovecot-dict-sql.conf.ext connect = host=127.0.0.1 dbname=mail user=mail password=xxxxxxx map { pattern = priv/quota/storage table = quota2 username_field = username value_field = bytes } map { pattern = priv/quota/messages table = quota2 username_field = username value_field = messages } >>grep -v '^ *\(#.*\)\?$' dovecot-sql.conf.ext driver = mysql connect = host=localhost dbname=mail user=mail password=xxxxxxx default_pass_scheme = MD5-CRYPT password_query = \ SELECT username as user, password, '/var/vmail/%d/%u' as userdb_home, \ 'maildir:/var/vmail/%d/%u' as userdb_mail, 150 as userdb_uid, 8 as userdb_gid \ FROM mailbox WHERE username = '%u' AND active = '1' user_query = \ SELECT '/var/vmail/%d/%u' as home, 'maildir:/var/vmail/%d/%u' as mail, \ 150 AS uid, 8 AS gid, CONCAT('*:storage=',ROUND(mailbox.quota / 1024)) AS quota_rule \ FROM mailbox WHERE username = '%u' AND active = '1' iterate_query = SELECT username AS user FROM mailbox -- -- Questo messaggio ? di carattere riservato ed ? indirizzato esclusivamente al destinatario specificato. L'accesso, la divulgazione, la copia o la diffusione sono vietate a chiunque altro ai sensi delle normative vigenti, e possono costituire una violazione penale. Nel caso abbiate ricevuto questo messaggio per errore siete tenuti a cancellarlo immediatamente confermando al mittente, a mezzo e-mail, l'avvenuta cancellazione. (Legge Italiana 196/2003). From ramon.frontera at uib.es Wed Nov 28 16:50:18 2012 From: ramon.frontera at uib.es (Ramon Frontera) Date: Wed, 28 Nov 2012 15:50:18 +0100 Subject: [Dovecot] Dovecot director doveadm with switch "-A" error In-Reply-To: <1354065305.2844.30.camel@innu> References: <453DDEEC-1372-40D2-ADD5-00F56904C52A@uib.es> <B528BA8C-9575-4C3C-B154-F243252B4B6F@iki.fi> <8874EC16-C9A2-4689-91E6-71453FF6ED65@uib.es> <1354065305.2844.30.camel@innu> Message-ID: <E7FBFA98-4819-4D82-A82E-86455EEAD055@uib.es> Hi, Dovecot -n show the correct configuration like you explain. The command doveadm -o auth_socket_path=director-userdb quota get -A works fine on the proxy and now assigns host. Now, the problem is that when we execute doveadm -A or doveadm -u *something* the command fails in the mailserver with this error: dovecot: doveadm: Fatal: master: service(doveadm): child 13482 killed with signal 11 (core dumps disabled) This errors occurs when the search finds more than one user. When we execute doveadm -u user it works fine I send attached the strace of the mailserver -------------- next part -------------- A non-text attachment was scrubbed... Name: doveadm.log.zip Type: application/zip Size: 21683 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121128/05a435c7/attachment-0001.zip> -------------- next part -------------- Thanks in advance! -- ------------------------------------------ Ramon Frontera Gallardo Centre de Tecnologies de la Informaci? Universitat de les Illes Balears Ctra. Valldemossa km 7,5 07122 Palma de Mallorca El 28/11/2012, a las 02:15, Timo Sirainen escribi?: > On Tue, 2012-11-27 at 13:27 +0100, Ramon Frontera wrote: >> >>>> # doveadm -D quota get -A >>>> doveadm(user1): Debug: auth input: user=user1 proxy >> starttls=any-cert >>>> doveadm(user1): Error: Proxy is missing destination host >>>> doveadm: Error: Failed to iterate through some users > .. > >> connect(8, {sa_family=AF_FILE, path="/var/run/dovecot//auth-userdb"}, >> 110) = 0 > > > It's connecting to auth-userdb, while it should be connecting to > director-userdb. This should have been done by this setting: > > protocol doveadm { > auth_socket_path = director-userdb > } > > Make sure doveconf -n shows that. And if nothing seems to work, this at > least should: > > doveadm -o auth_socket_path=director-userdb quota get -A > > From sven at svenhartge.de Wed Nov 28 17:10:49 2012 From: sven at svenhartge.de (Sven Hartge) Date: Wed, 28 Nov 2012 16:10:49 +0100 Subject: [Dovecot] shared mailboxes and indexes References: <50A61147.5040201@um.es> <14BDCFB7-B11E-4D4A-95AD-5BB92085DB91@iki.fi> <50AF5D9C.7050204@skye.it> <7DEEDB49-0441-4194-911D-6B5E4E5ADCD1@iki.fi> <099qpni2j8v8@mids.svenhartge.de> <4FC65E25-4154-4F8E-A1DB-D4BD7A900A98@iki.fi> <b9a3pg22j8v8@mids.svenhartge.de> <2B57036A-34C8-45C2-9479-839BA095450D@iki.fi> Message-ID: <e9a7uej2j8v8@mids.svenhartge.de> Timo Sirainen <tss at iki.fi> wrote: > On 27.11.2012, at 3.24, Sven Hartge wrote: >>> For implementing shared mailboxes between all user servers, I think >>> what would need to be developed is: >> >>>> imapc_host = m-st-sh-01.example.com >>>> imapc_master_user = %u >>>> imapc_user = shared >> >>> Somehow being able to set "imapc_user = %%u" where %%u expands to the >>> shared namespace's username. Or maybe setting the imapc_user >>> automatically to that when accessing it via type=shared namespace. >> >> Wouldn't you still need the target users host because this will be >> dynamic depending on the target user? > imapc_host = director Is this "director" intended to be a 'magic' string or the hostname of the director? Gr??e, Sven. -- Sigmentation fault. Core dumped. From dmiller at amfes.com Wed Nov 28 18:49:07 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Wed, 28 Nov 2012 08:49:07 -0800 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <2745DFD2-9D73-4E17-95A5-F7B858C54DB4@iki.fi> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> <50B446B8.6070701@amfes.com> <4ED5439E-C949-4F63-A01C-15869DA43FBA@iki.fi> <FD146DEE-48AF-4D3C-B6FB-9C850205A8AC@iki.fi> <50B4DC25.1000700@amfes.com> <50B4DE62.4070403@amfes.com> <45DDC47A-3170-4370-8202-03DBCF91581A@iki.fi> <50B57A5C.1000300@amfes.com> <B141B96E-0384-4A73-873C-DA3B5B0BAD03@iki.fi> <50B5D055.6010605@amfes.com> <2745DFD2-9D73-4E17-95A5-F7B858C54DB4@iki.fi> Message-ID: <assp.0679ec27b1.50B64083.1060605@amfes.com> On 11/28/2012 12:55 AM, Timo Sirainen wrote: > On 28.11.2012, at 10.50, Daniel L. Miller wrote: > >> On 11/27/2012 6:45 PM, Timo Sirainen wrote: >>> On 28.11.2012, at 4.43, Daniel L. Miller wrote: >>> >>>>> I did go through the code looking for that a few times already but didn't notice anything. I went through it once more, and finally found the problem. :) http://hg.dovecot.org/dovecot-2.1/rev/6a97faf3e500 >>>>> >>>> :( Mine still breaks. Both UTF-8 and Control-Char errors. >>> Can you grab the network traffic between Dovecot and Solr and find the problematic stream? >>> >> Tell me how and I'll be happy to! > Maybe the easiest would be to use tcpflow. It outputs different TCP streams to different files. From them you can then grep for the error and look closer into it. I guess something like wireshark would work too, but I've never been able to use its GUI in a useful way. > Would I just do "tcpflow -i lo port 8983"? Or something else? -- Daniel From metro_domain_admin at fastmail.fm Wed Nov 28 18:54:04 2012 From: metro_domain_admin at fastmail.fm (Metro Domain Admin) Date: Wed, 28 Nov 2012 11:54:04 -0500 Subject: [Dovecot] corrupt mdbox, force-resync segfaults Message-ID: <1354121644.30622.140661159272889.146CA37B@webmail.messagingengine.com> I could use some help with a corrupt mdbox. doveadm force-resync is crashing (see below), but I really need just to get this account functioning. What's my next step, as far as deleting index files? These were the earliest errors I could find: Nov 28 09:40:21 macy dovecot[6615]: imap(cory at metro-email.com): Error: Corrupted index cache file /opt/mail/metro-email.com/cory/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index.cache: field index too large (66 >= 30)Nov 28 09:40:21 macy dovecot[6615]: imap(cory at metro-email.com): Error: mdbox map /opt/mail/metro-email.com/cory/mdbox/storage/dovecot.map.index corrupted: Unexpectedly lost INBOX uid=1233 map_uid=1708 As for the segfaults, I am getting this regardless of which mailbox I specify: # /opt/dovecot/bin/doveadm -Dv force-resync -u cory INBOX doveadm(root): Debug: Loading modules from directory: /opt/dovecot/lib/dovecot doveadm(root): Debug: Module loaded: /opt/dovecot/lib/dovecot/lib15_notify_plugin.so doveadm(root): Debug: Module loaded: /opt/dovecot/lib/dovecot/lib20_fts_plugin.so doveadm(root): Debug: Module loaded: /opt/dovecot/lib/dovecot/lib20_mail_log_plugin.so doveadm(root): Debug: Module loaded: /opt/dovecot/lib/dovecot/lib21_fts_squat_plugin.so doveadm(root): Debug: Loading modules from directory: /opt/dovecot-2.1.10/lib/dovecot/doveadm doveadm(root): Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: dlopen(/opt/dovecot-2.1.10/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so, 10): Symbol not found: _acl_user_module Referenced from: /opt/dovecot-2.1.10/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so Expected in: flat namespace in /opt/dovecot-2.1.10/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: dlopen(/opt/dovecot-2.1.10/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so, 10): Symbol not found: _expire_set_deinit Referenced from: /opt/dovecot-2.1.10/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so Expected in: flat namespace in /opt/dovecot-2.1.10/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_quota_plugin, because dlopen() failed: dlopen(/opt/dovecot-2.1.10/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so, 10): Symbol not fo und: _quota_user_module Referenced from: /opt/dovecot-2.1.10/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so Expected in: flat namespace in /opt/dovecot-2.1.10/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_zlib_plugin, because dlopen() failed: dlopen(/opt/dovecot-2.1.10/lib/dovecot/doveadm/lib10_doveadm_zlib_plugin.so, 10): Symbol not found: _i_stream_create_deflate Referenced from: /opt/dovecot-2.1.10/lib/dovecot/doveadm/lib10_doveadm_zlib_plugin.so Expected in: flat namespace in /opt/dovecot-2.1.10/lib/dovecot/doveadm/lib10_doveadm_zlib_plugin.so (this is usually intentional, so just ignore this message) doveadm(root): Debug: Module loaded: /opt/dovecot-2.1.10/lib/dovecot/doveadm/lib20_doveadm_fts_plugin.so doveadm(cory): Debug: auth input: cory at domain.com uid=302 gid=6 home=/opt/mail/domain.com/cory doveadm(cory): Debug: changed username to cory at domain.com doveadm(cory): Debug: Effective uid=302, gid=6, home=/opt/mail/domain.com/cory doveadm(cory): Debug: Namespace inbox: type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=mdbox:/opt/mail/domain.com/cory/mdbox doveadm(cory): Debug: fs: root=/opt/mail/domain.com/cory/mdbox, index=, control=, inbox=, alt= doveadm(cory): Debug: Namespace : Using permissions from /opt/mail/domain.com/cory/mdbox: mode=0700 gid=-1 doveadm(cory): Warning: mdbox /opt/mail/domain.com/cory/mdbox/storage: rebuilding indexes doveadm(cory): Error: mdbox /opt/mail/domain.com/cory/mdbox/storage: Duplicate GUID c3bbb2234d93af505873010097ac0257 in m.1:428519 and m.1:441340 doveadm(cory): Error: mdbox /opt/mail/domain.com/cory/mdbox/storage: Duplicate GUID c3bbb2234d93af505873010097ac0257 in m.1:428519 and m.1:453628 [...] doveadm(cory): Error: mdbox /opt/mail/domain.com/cory/mdbox/storage: Duplicate GUID d45f7f111894af506273010097ac0257 in m.83:8565306 and m.83:8594879 Segmentation fault: 11 macy:postfix root# /opt/dovecot/bin/doveconf -n # 2.1.10: /opt/dovecot-2.1.10/etc/dovecot/dovecot.conf doveconf: Warning: service anvil { client_limit=1000 } is lower than required under max. load (1503) # OS: Darwin 11.4.2 x86_64 auth_cache_negative_ttl = 0 auth_cache_size = 1 M auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain login auth_username_format = %n at domain.com auth_verbose = yes auth_verbose_passwords = plain default_internal_user = _dovecot default_login_user = _dovenull default_process_limit = 500 disable_plaintext_auth = no first_valid_uid = 300 instance_name = dovecot-2.1.10 listen = 192.168.20.123 mail_debug = yes mail_location = mdbox:%h/mdbox mail_plugin_dir = /opt/dovecot/lib/dovecot mail_plugins = fts fts_squat mail_log notify mail_privileged_group = mail maildir_very_dirty_syncs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mdbox_rotate_size = 10 M namespace inbox { inbox = yes location = prefix = separator = / } passdb { args = scheme=CRYPT username_format=%u /opt/dovecot/etc/dovecot/users driver = passwd-file } plugin { fts = squat mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid size from subject } protocols = imap lmtp service aggregator { fifo_listener replication-notify-fifo { mode = 00 } } service auth { unix_listener /opt/local/var/spool/postfix/private/auth { group = _postfix mode = 0660 user = _postfix } unix_listener auth-userdb { group = mail mode = 0660 user = admin } } service director { fifo_listener login/proxy-notify { mode = 00 } } service imap { executable = imap postlogin } service lmtp { unix_listener /opt/local/var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } } service postlogin { executable = script-login rawlog -t } service stats { fifo_listener stats-mail { mode = 00 } } ssl_cert = </apposite/etc/ssl/mail_domain_com/mail_domain_com.crt ssl_key = </apposite/etc/ssl/mail_domain_com/mail_domain_com.key userdb { args = username_format=%u /opt/dovecot/etc/dovecot/users driver = passwd-file } verbose_proctitle = yes protocol imap { mail_max_userip_connections = 16 } From dmiller at amfes.com Wed Nov 28 18:57:04 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Wed, 28 Nov 2012 08:57:04 -0800 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <50B64083.1060605@amfes.com> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> <50B446B8.6070701@amfes.com> <4ED5439E-C949-4F63-A01C-15869DA43FBA@iki.fi> <FD146DEE-48AF-4D3C-B6FB-9C850205A8AC@iki.fi> <50B4DC25.1000700@amfes.com> <50B4DE62.4070403@amfes.com> <45DDC47A-3170-4370-8202-03DBCF91581A@iki.fi> <50B57A5C.1000300@amfes.com> <B141B96E-0384-4A73-873C-DA3B5B0BAD03@iki.fi> <50B5D055.6010605@amfes.com> <2745DFD2-9D73-4E17-95A5-F7B858C54DB4@iki.fi> <50B64083.1060605@amfes.com> Message-ID: <assp.06796557cc.50B64260.4030704@amfes.com> On 11/28/2012 8:49 AM, Daniel L. Miller wrote: > On 11/28/2012 12:55 AM, Timo Sirainen wrote: >> On 28.11.2012, at 10.50, Daniel L. Miller wrote: >> >>> On 11/27/2012 6:45 PM, Timo Sirainen wrote: >>>> On 28.11.2012, at 4.43, Daniel L. Miller wrote: >>>> >>>>>> I did go through the code looking for that a few times already >>>>>> but didn't notice anything. I went through it once more, and >>>>>> finally found the problem. :) >>>>>> http://hg.dovecot.org/dovecot-2.1/rev/6a97faf3e500 >>>>>> >>>>> :( Mine still breaks. Both UTF-8 and Control-Char errors. >>>> Can you grab the network traffic between Dovecot and Solr and find >>>> the problematic stream? >>>> >>> Tell me how and I'll be happy to! >> Maybe the easiest would be to use tcpflow. It outputs different TCP >> streams to different files. From them you can then grep for the error >> and look closer into it. I guess something like wireshark would work >> too, but I've never been able to use its GUI in a useful way. >> > Would I just do "tcpflow -i lo port 8983"? Or something else? > Stream capture sent to you. -- Daniel From slitt at troubleshooters.com Wed Nov 28 19:10:40 2012 From: slitt at troubleshooters.com (Steve Litt) Date: Wed, 28 Nov 2012 12:10:40 -0500 Subject: [Dovecot] Shutting down my Dovecot server? In-Reply-To: <20121128131215.1d7c4d66@havleik.no> References: <20121128131215.1d7c4d66@havleik.no> Message-ID: <20121128121040.3dd3da7a@mydesk> On Wed, 28 Nov 2012 13:12:15 +0100, Bj?rn T Johansen said: > I am planning to shut down my own Dovecot server and start using the > other Dovecot server I am administering together with a friend.. > > And I was thinking that I don't want to copy the emails I have on my > server so I want to start from scratch on the other server.. But I > would like to be able to look at the old emails if I need to, so was > wondering if there is a way to do this without using an imap server? > Can I convert my mails stored in the maildir format to mbox or is > there a better way to solve my problem? I'm not sure why you want to convert to mbox, especially when there are multiple mbox versions. I'm also not sure why you don't want to copy emails. How else would they appear on the new server. I suppose you could use rsync to copy the data itself. You use Claws-Mail. If I were in your shoes, I'd bring up the empty Dovecot server and make a new Claws-Mail account for that empty server. Then in Claws-Mail I'd use the copy feature to copy whole folder trees to the new server. Once that's done, I'd reconfigure your original Dovecot so it can serve only on its local machine, and bang, you have your new server, with old emails you can look at. This is similar to the procedure I used to move my Kmail folders (over 100K messages) to Dovecot. http://www.troubleshooters.com/lpm/201202/201202.htm HTH, SteveT Steve Litt * http://www.troubleshooters.com/ * http://twitter.com/stevelitt Troubleshooting Training * Human Performance From btj at havleik.no Wed Nov 28 22:52:37 2012 From: btj at havleik.no (=?UTF-8?Q?Bj=C3=B8rn_T_Johansen?=) Date: Wed, 28 Nov 2012 21:52:37 +0100 Subject: [Dovecot] =?utf-8?q?Shutting_down_my_Dovecot_server=3F?= In-Reply-To: <20121128121040.3dd3da7a@mydesk> References: <20121128131215.1d7c4d66@havleik.no> <20121128121040.3dd3da7a@mydesk> Message-ID: <a837b28f89bbee3195bd1e679bc73711@havleik.no> On 28.11.2012 18:10, Steve Litt wrote: > On Wed, 28 Nov 2012 13:12:15 +0100, Bj?rn T Johansen said: >> I am planning to shut down my own Dovecot server and start using the >> other Dovecot server I am administering together with a friend.. >> >> And I was thinking that I don't want to copy the emails I have on my >> server so I want to start from scratch on the other server.. But I >> would like to be able to look at the old emails if I need to, so was >> wondering if there is a way to do this without using an imap server? >> Can I convert my mails stored in the maildir format to mbox or is >> there a better way to solve my problem? > > I'm not sure why you want to convert to mbox, especially when there > are > multiple mbox versions. > > I'm also not sure why you don't want to copy emails. How else would > they appear on the new server. I suppose you could use rsync to copy > the data itself. > > You use Claws-Mail. If I were in your shoes, I'd bring up the empty > Dovecot server and make a new Claws-Mail account for that empty > server. > Then in Claws-Mail I'd use the copy feature to copy whole folder > trees > to the new server. Once that's done, I'd reconfigure your original > Dovecot so it can serve only on its local machine, and bang, you have > your new server, with old emails you can look at. > > This is similar to the procedure I used to move my Kmail folders > (over > 100K messages) to Dovecot. > > http://www.troubleshooters.com/lpm/201202/201202.htm > > HTH, > > SteveT Well, I could do that... But you see, there is not much of the emails I have at the moment that I really need, I might need one now and then... So that is why I don't want to copy almost 10GB of email to the new server... But I guess that might be the most practical solution perhaps... Doesn't seem to be a better solution.... BTJ -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From h.reindl at thelounge.net Wed Nov 28 22:57:19 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Wed, 28 Nov 2012 21:57:19 +0100 Subject: [Dovecot] Shutting down my Dovecot server? In-Reply-To: <a837b28f89bbee3195bd1e679bc73711@havleik.no> References: <20121128131215.1d7c4d66@havleik.no> <20121128121040.3dd3da7a@mydesk> <a837b28f89bbee3195bd1e679bc73711@havleik.no> Message-ID: <50B67AAF.6080806@thelounge.net> Am 28.11.2012 21:52, schrieb Bj?rn T Johansen: > Well, I could do that... But you see, there is not much of the emails I have at the moment that I really need, I > might need one now and then... > So that is why I don't want to copy almost 10GB of email to the new server... again: if you do NOT want them on the new server drag them to your local MUA - what the hell do you imagine as third option * not on the server * not on the local MUA so where do you believe they are? well, you could delete them but you said you want them archied............ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 261 bytes Desc: OpenPGP digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121128/976a0920/attachment-0001.bin> From btj at havleik.no Thu Nov 29 00:04:32 2012 From: btj at havleik.no (=?UTF-8?B?QmrDuHJu?= T Johansen) Date: Wed, 28 Nov 2012 23:04:32 +0100 Subject: [Dovecot] Shutting down my Dovecot server? In-Reply-To: <50B67AAF.6080806@thelounge.net> References: <20121128131215.1d7c4d66@havleik.no> <20121128121040.3dd3da7a@mydesk> <a837b28f89bbee3195bd1e679bc73711@havleik.no> <50B67AAF.6080806@thelounge.net> Message-ID: <20121128230432.37c89c4d@havleik.no> On Wed, 28 Nov 2012 21:57:19 +0100 Reindl Harald <h.reindl at thelounge.net> wrote: > > > Am 28.11.2012 21:52, schrieb Bj?rn T Johansen: > > Well, I could do that... But you see, there is not much of the emails I have at the moment that I really need, I > > might need one now and then... > > So that is why I don't want to copy almost 10GB of email to the new server... > > again: > if you do NOT want them on the new server drag them to > your local MUA - what the hell do you imagine as > third option > > * not on the server > * not on the local MUA > > so where do you believe they are? > > well, you could delete them but you said you want > them archied............ > Yes, the other solution I was looking for has to be a away to open the mail in my local MUA, just wondering if there were more than one way to do that... But thx for your suggestions... BTJ -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From tss at iki.fi Thu Nov 29 00:45:50 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 29 Nov 2012 00:45:50 +0200 Subject: [Dovecot] Dovecot director doveadm with switch "-A" error In-Reply-To: <E7FBFA98-4819-4D82-A82E-86455EEAD055@uib.es> References: <453DDEEC-1372-40D2-ADD5-00F56904C52A@uib.es> <B528BA8C-9575-4C3C-B154-F243252B4B6F@iki.fi> <8874EC16-C9A2-4689-91E6-71453FF6ED65@uib.es> <1354065305.2844.30.camel@innu> <E7FBFA98-4819-4D82-A82E-86455EEAD055@uib.es> Message-ID: <1E3289A4-6787-4743-B3F2-D098C6748271@iki.fi> On 28.11.2012, at 16.50, Ramon Frontera wrote: > Dovecot -n show the correct configuration like you explain. > The command doveadm -o auth_socket_path=director-userdb quota get -A works fine on the proxy and now assigns host. Then doveadm isn't seeing the same configuration as what you're looking at. For example did you restart dovecot since the change? Does this return the correct path? : doveconf -m doveadm -f service=doveadm auth_socket_path > Now, the problem is that when we execute doveadm -A or doveadm -u *something* the command fails in the mailserver with this error: > > dovecot: doveadm: Fatal: master: service(doveadm): child 13482 killed with signal 11 (core dumps disabled) I fixed several bugs related to this in hg. I think you hit one of them. > This errors occurs when the search finds more than one user. > When we execute doveadm -u user it works fine > > > I send attached the strace of the mailserver<doveadm.log.zip> strace isn't very useful in debugging crashes. gdb backtraces are: http://dovecot.org/bugreport.html From slitt at troubleshooters.com Thu Nov 29 02:34:57 2012 From: slitt at troubleshooters.com (Steve Litt) Date: Wed, 28 Nov 2012 19:34:57 -0500 Subject: [Dovecot] Shutting down my Dovecot server? In-Reply-To: <a837b28f89bbee3195bd1e679bc73711@havleik.no> References: <20121128131215.1d7c4d66@havleik.no> <20121128121040.3dd3da7a@mydesk> <a837b28f89bbee3195bd1e679bc73711@havleik.no> Message-ID: <20121128193457.019b3e19@mydesk> On Wed, 28 Nov 2012 21:52:37 +0100, Bj?rn T Johansen said: > On 28.11.2012 18:10, Steve Litt wrote: > > On Wed, 28 Nov 2012 13:12:15 +0100, Bj?rn T Johansen said: > >> I am planning to shut down my own Dovecot server and start using > >> the other Dovecot server I am administering together with a > >> friend.. > >> > >> And I was thinking that I don't want to copy the emails I have on > >> my server so I want to start from scratch on the other server.. > >> But I would like to be able to look at the old emails if I need > >> to, so was wondering if there is a way to do this without using an > >> imap server? Can I convert my mails stored in the maildir format > >> to mbox or is there a better way to solve my problem? > > > > I'm not sure why you want to convert to mbox, especially when there > > are > > multiple mbox versions. > > > > I'm also not sure why you don't want to copy emails. How else would > > they appear on the new server. I suppose you could use rsync to copy > > the data itself. > > > > You use Claws-Mail. If I were in your shoes, I'd bring up the empty > > Dovecot server and make a new Claws-Mail account for that empty > > server. > > Then in Claws-Mail I'd use the copy feature to copy whole folder > > trees > > to the new server. Once that's done, I'd reconfigure your original > > Dovecot so it can serve only on its local machine, and bang, you > > have your new server, with old emails you can look at. > > > > This is similar to the procedure I used to move my Kmail folders > > (over > > 100K messages) to Dovecot. > > > > http://www.troubleshooters.com/lpm/201202/201202.htm > > > > HTH, > > > > SteveT > > Well, I could do that... But you see, there is not much of the emails > I have at the moment that I really need, I might need one now and > then... So that is why I don't want to copy almost 10GB of email to > the new server... > > But I guess that might be the most practical solution perhaps... > Doesn't seem to be a better solution.... > > > BTJ Hi Bj?rn, Here's the thought process that led me to the suggestion. All email clients suck. Right now Claws-Mail sucks the least, but that could change in a heartbeat. In my experience, a Dovecot server is a much more reliable place to *keep* email than is any client, because you can access it from *any* IMAP aware email client. A localhost-only Dovecot isn't any harder to set up than an email client, but in my experience it's a much better steward of your email. Imagine if, two years ago, you had kept such emails in Kmail, and then upgraded your Linux and been forced into Kmail2. It would have been a disaster. The other thing is, I'm not really sure what your goal is. It sounds like you want your emails on yours and your friends IMAP server, and then a copy locally. Or perhaps you wanted your old email only locally. Either of those speaks to a local Dovecot server. Thanks SteveT Steve Litt * http://www.troubleshooters.com/ * http://twitter.com/stevelitt Troubleshooting Training * Human Performance From daniel.parthey at informatik.tu-chemnitz.de Thu Nov 29 02:40:28 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Thu, 29 Nov 2012 01:40:28 +0100 Subject: [Dovecot] stats error: stats shrank In-Reply-To: <C081AC31-C264-46E2-BF93-2FD2873523E3@iki.fi> References: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> <20121127214749.GA11546@daniel.localdomain> <CBBB237A-B634-43E8-B785-134A95203201@iki.fi> <C081AC31-C264-46E2-BF93-2FD2873523E3@iki.fi> Message-ID: <20121129004028.GA16494@daniel.localdomain> Timo Sirainen wrote: > On 28.11.2012, at 4.31, Timo Sirainen wrote: > > On 27.11.2012, at 23.47, Daniel Parthey wrote: > >> Timo Sirainen wrote: > >>> Just to let you know: I'm planning on releasing v2.1.11 today/tomorrow. If you wish to get something fixed for it, ask quickly. :) > >> > >> Can you fix these strange stats plugin errors please? > >> These are the only errors regularly occurring in our 2.1.10 logs: > >> > >> Nov 27 08:06:54 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 429 < 622 > >> Nov 27 08:07:06 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 436 < 622 > > Also, can you reproduce this really easily? For example with pop3: Unfortunately not, it occurs sporadically. > telnet localhost 110 > user foo > pass bar > list > retr 1 > quit > > Does that log about this? No it doesn't. Seems to need some more investigation, It logs about 10 to 100 Errors over one day with 10000 lmtp deliveries. Perhaps you could just add some debugging into the logging for upcoming releases, so we can identify the source of the problem? The message "mlpath 429 < 622" actually doesn't tell me anything, neither which user is affected, nor which session. Regards Daniel -- https://plus.google.com/103021802792276734820 From johnsone at usc.edu Thu Nov 29 07:45:51 2012 From: johnsone at usc.edu (Erik A Johnson) Date: Wed, 28 Nov 2012 21:45:51 -0800 Subject: [Dovecot] imap-login hanging when firewall blocks ssl handshaking In-Reply-To: <AED7EBF0-A31F-4171-88DC-F07463A9E0B1@usc.edu> References: <B7D3B051-AEFD-42CD-87DC-60764AF401D4@usc.edu> <8EDD59BD-AC4B-442F-B148-285BC368B49B@iki.fi> <AED7EBF0-A31F-4171-88DC-F07463A9E0B1@usc.edu> Message-ID: <0EBE238A-77D0-4736-86DB-1248BB67F591@usc.edu> Here's the log: Nov 28 21:28:11 macbookpro-e17d.home dovecot[54139]: master: Dovecot v2.1.10 starting up (core dumps disabled) Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: ssl_step() Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: ssl_handshake: SSL_accept()=-1 Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: SSL_get_error() = 2 Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: - want_read Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: ssl_set_io(0) [last 5 lines are repeated until process is killed] On Nov 26, 2012, as 11:38PM PST, Timo Sirainen <tss at iki.fi> wrote: > > Could you try with the attached patch, and with only the problematic > client running? What does it log (the beginning of the session until it > starts repeating the same lines)? > > On 10.11.2012, at 12.44, Erik A Johnson wrote: >> imap-login processes are hanging (using 100% of CPU) when connected from a client that is partially blocked by a firewall. It appears that imap-login is stuck in a loop trying to complete an ssl handshake. imap-login is working fine for other clients not blocked by the firewall (including localhost). >> >> This is dovecot 2.1.10 under Mac OS X 10.8.2 (compiled from sources); the firewall is Little Snitch 3.0.1 blocking port 993, which appears to let the connection initiate but then squashes and disconnects the socket during ssl handshaking. >> >> gdb backtrace and Activity Monitor's "Sample Process" show that imap-login is stuck calling ioloop-kqueue's io_loop_handler_run -> io_loop_call_io -> ssl_step repeatedly; dtruss shows that it is repeatedly making system calls to kevent and read, the latter returning -1 with errno 57=ENOTCONN="Socket is not connected". (I also tried ./configure --with-ioloop=poll and --with-iopoll=select instead of the default best = kqueue but the results were the same; --with-iopoll=epoll didn't work because epoll is not available on this machine.) The client, initiated by the command "openssl s_client -connect SERVER:993", first responds "CONNECTED(00000003)" but then immediately the error "60278:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:/SourceCache/OpenSSL098/OpenSSL098-44/src/ssl/s23_lib.c:182:". The infinite loop is in src/lib/ioloop.c in the function "io_loop_run" where the statement "while (ioloop->running) io_loop_handler_run(ioloop)" is executed. From tss at iki.fi Thu Nov 29 08:18:07 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 29 Nov 2012 08:18:07 +0200 Subject: [Dovecot] imap-login hanging when firewall blocks ssl handshaking In-Reply-To: <0EBE238A-77D0-4736-86DB-1248BB67F591@usc.edu> References: <B7D3B051-AEFD-42CD-87DC-60764AF401D4@usc.edu> <8EDD59BD-AC4B-442F-B148-285BC368B49B@iki.fi> <AED7EBF0-A31F-4171-88DC-F07463A9E0B1@usc.edu> <0EBE238A-77D0-4736-86DB-1248BB67F591@usc.edu> Message-ID: <0F84131D-D17A-4AEC-BFBC-623C859B1ACD@iki.fi> This is either OSX bug or OpenSSL bug.. Apparently what happens is: 1. Client sends SYN packet to Dovecot 2. Dovecot accept()s the connection (sends SYN-ACK) and goes into OpenSSL code 3. Client doesn't send ACK to Dovecot. Does it send RST or nothing or something else? I don't know. 4. OSX notices anyway that something is wrong with the socket, and kqueue says that the socket is ready for reading 5. OpenSSL read()s, which fails with ENOTCONN. But OpenSSL thinks this is a non-fatal error and simply asks to be notified again when something can be read 6. goto 4 So, whose bug is it? OpenSSL's ENOTCONN handling probably makes sense for client connections where connect() hasn't finished yet. But then again, this is accept()ed connection where it typically should fail like that. Except I guess it might be correct behavior if read() is done after SYN-ACK but before receiving ACK. While OSX is receiving ACK from the client, it shouldn't say that the fd is readable. It probably doesn't. But after it receives <something> it realizes that the socket is disconnected. So read() probably shouldn't be returning ENOTCONN anymore at this point, but instead ECONNRESET or ETIMEDOUT. See if the attached patch helps. -------------- next part -------------- A non-text attachment was scrubbed... Name: diff Type: application/octet-stream Size: 754 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121129/9a40215c/attachment.obj> -------------- next part -------------- On 29.11.2012, at 7.45, Erik A Johnson wrote: > Here's the log: > > Nov 28 21:28:11 macbookpro-e17d.home dovecot[54139]: master: Dovecot v2.1.10 starting up (core dumps disabled) > Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: ssl_step() > Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: ssl_handshake: SSL_accept()=-1 > Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: SSL_get_error() = 2 > Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: - want_read > Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: ssl_set_io(0) > [last 5 lines are repeated until process is killed] > > On Nov 26, 2012, as 11:38PM PST, Timo Sirainen <tss at iki.fi> wrote: >> >> Could you try with the attached patch, and with only the problematic >> client running? What does it log (the beginning of the session until it >> starts repeating the same lines)? >> >> On 10.11.2012, at 12.44, Erik A Johnson wrote: >>> imap-login processes are hanging (using 100% of CPU) when connected from a client that is partially blocked by a firewall. It appears that imap-login is stuck in a loop trying to complete an ssl handshake. imap-login is working fine for other clients not blocked by the firewall (including localhost). >>> >>> This is dovecot 2.1.10 under Mac OS X 10.8.2 (compiled from sources); the firewall is Little Snitch 3.0.1 blocking port 993, which appears to let the connection initiate but then squashes and disconnects the socket during ssl handshaking. >>> >>> gdb backtrace and Activity Monitor's "Sample Process" show that imap-login is stuck calling ioloop-kqueue's io_loop_handler_run -> io_loop_call_io -> ssl_step repeatedly; dtruss shows that it is repeatedly making system calls to kevent and read, the latter returning -1 with errno 57=ENOTCONN="Socket is not connected". (I also tried ./configure --with-ioloop=poll and --with-iopoll=select instead of the default best = kqueue but the results were the same; --with-iopoll=epoll didn't work because epoll is not available on this machine.) The client, initiated by the command "openssl s_client -connect SERVER:993", first responds "CONNECTED(00000003)" but then immediately the error "60278:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:/SourceCache/OpenSSL098/OpenSSL098-44/src/ssl/s23_lib.c:182:". The infinite loop is in src/lib/ioloop.c in the function "io_loop_run" where the statement "while (ioloop->running) io_loop_handler_run(ioloop)" is executed. > > From sobotka.karel at gmail.com Thu Nov 29 03:58:00 2012 From: sobotka.karel at gmail.com (sobotka karel) Date: Thu, 29 Nov 2012 02:58:00 +0100 Subject: [Dovecot] Umask of Homedir Message-ID: <CAMQF1N0WoVy2AUsmNKPOuDNeukawzrBBk5nimKceBsxc==MA0w@mail.gmail.com> Hi, I know it's a while since you've had this issue, but still do you remember by any chance how you solved this? I'm having the same problems, when all the directories are created with 700 and I need a group permissions to be at least 750. Thanks! regards, From tss at iki.fi Thu Nov 29 08:44:34 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 29 Nov 2012 08:44:34 +0200 Subject: [Dovecot] v2.1.11 released Message-ID: <1354171474.13277.5.camel@hurina> http://dovecot.org/releases/2.1/dovecot-2.1.11.tar.gz http://dovecot.org/releases/2.1/dovecot-2.1.11.tar.gz.sig * lmtp/lda: dovecot.index.cache file is no longer fully mapped to memory, allowing mail deliveries to work even if the file is huge. * auth: userdb passwd lookups are now done by auth worker processes instead of auth master process (as it was documented, but accidentally didn't work that way). + lmtp: lmtp_rcpt_check_quota=yes setting checks quota on RCPT TO. - lmtp: After successful proxying RCPT TO, the next one to a nonexistent user gave tempfail error instead of "user not found". - lmtp proxy: Fixed hanging if remote server was down. - imap: Fixed crash when SEARCH contained multiple KEYWORD parameters. - doveadm: Various fixes to handling doveadm-server connections. - -i <instance name> parameter for Dovecot tools didn't work correctly. - director was somewhat broken in v2.1.10. This version also includes various reliability enhancements. - auth: passdb imap was broken in v2.1.10. From tss at iki.fi Thu Nov 29 08:48:40 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 29 Nov 2012 08:48:40 +0200 Subject: [Dovecot] corrupt mdbox, force-resync segfaults In-Reply-To: <1354121644.30622.140661159272889.146CA37B@webmail.messagingengine.com> References: <1354121644.30622.140661159272889.146CA37B@webmail.messagingengine.com> Message-ID: <6D8CCCFE-8599-4EC3-B90B-5D06F25D75DD@iki.fi> On 28.11.2012, at 18.54, Metro Domain Admin wrote: > I could use some help with a corrupt mdbox. doveadm force-resync is > crashing (see below), but I really need just to get this account > functioning. What's my next step, as far as deleting index files? gdb backtrace would be helpful in fixing the crash. http://dovecot.org/bugreport.html Probably you can do simply: gdb --args /opt/dovecot/bin/doveadm -Dv force-resync -u cory INBOX run bt full or if that doesn't work (or simply gives "??" lines or other unusable garbage), try: ulimit -c unlimited /opt/dovecot/bin/doveadm -Dv force-resync -u cory INBOX gdb /opt/dovecot/bin/doveadm core bt full Also the just released v2.1.11 fixes some potential crashes. From btj at havleik.no Thu Nov 29 09:02:19 2012 From: btj at havleik.no (=?UTF-8?B?QmrDuHJu?= T Johansen) Date: Thu, 29 Nov 2012 08:02:19 +0100 Subject: [Dovecot] Shutting down my Dovecot server? In-Reply-To: <20121128193457.019b3e19@mydesk> References: <20121128131215.1d7c4d66@havleik.no> <20121128121040.3dd3da7a@mydesk> <a837b28f89bbee3195bd1e679bc73711@havleik.no> <20121128193457.019b3e19@mydesk> Message-ID: <20121129080219.2edfd707@havleik.no> On Wed, 28 Nov 2012 19:34:57 -0500 Steve Litt <slitt at troubleshooters.com> wrote: > On Wed, 28 Nov 2012 21:52:37 +0100, Bj?rn T Johansen said: > > On 28.11.2012 18:10, Steve Litt wrote: > > > On Wed, 28 Nov 2012 13:12:15 +0100, Bj?rn T Johansen said: > > >> I am planning to shut down my own Dovecot server and start using > > >> the other Dovecot server I am administering together with a > > >> friend.. > > >> > > >> And I was thinking that I don't want to copy the emails I have on > > >> my server so I want to start from scratch on the other server.. > > >> But I would like to be able to look at the old emails if I need > > >> to, so was wondering if there is a way to do this without using an > > >> imap server? Can I convert my mails stored in the maildir format > > >> to mbox or is there a better way to solve my problem? > > > > > > I'm not sure why you want to convert to mbox, especially when there > > > are > > > multiple mbox versions. > > > > > > I'm also not sure why you don't want to copy emails. How else would > > > they appear on the new server. I suppose you could use rsync to copy > > > the data itself. > > > > > > You use Claws-Mail. If I were in your shoes, I'd bring up the empty > > > Dovecot server and make a new Claws-Mail account for that empty > > > server. > > > Then in Claws-Mail I'd use the copy feature to copy whole folder > > > trees > > > to the new server. Once that's done, I'd reconfigure your original > > > Dovecot so it can serve only on its local machine, and bang, you > > > have your new server, with old emails you can look at. > > > > > > This is similar to the procedure I used to move my Kmail folders > > > (over > > > 100K messages) to Dovecot. > > > > > > http://www.troubleshooters.com/lpm/201202/201202.htm > > > > > > HTH, > > > > > > SteveT > > > > Well, I could do that... But you see, there is not much of the emails > > I have at the moment that I really need, I might need one now and > > then... So that is why I don't want to copy almost 10GB of email to > > the new server... > > > > But I guess that might be the most practical solution perhaps... > > Doesn't seem to be a better solution.... > > > > > > BTJ > > > > Hi Bj?rn, > > Here's the thought process that led me to the suggestion. All email > clients suck. Right now Claws-Mail sucks the least, but that could > change in a heartbeat. In my experience, a Dovecot server is a much > more reliable place to *keep* email than is any client, because you can > access it from *any* IMAP aware email client. A localhost-only Dovecot > isn't any harder to set up than an email client, but in my experience > it's a much better steward of your email. > > Imagine if, two years ago, you had kept such emails in Kmail, and then > upgraded your Linux and been forced into Kmail2. It would have been a > disaster. > > The other thing is, I'm not really sure what your goal is. It sounds > like you want your emails on yours and your friends IMAP server, and > then a copy locally. Or perhaps you wanted your old email only locally. > Either of those speaks to a local Dovecot server. > > Thanks > > SteveT > > Steve Litt * http://www.troubleshooters.com/ > * http://twitter.com/stevelitt > Troubleshooting Training * Human Performance > > I only want my old mails locally but I think I have to consider a local Dovecot installation; the more I think about it the more that seems to be the best solution... :) BTJ -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From nanashi at otenet.gr Thu Nov 29 11:00:52 2012 From: nanashi at otenet.gr (nanashi) Date: Thu, 29 Nov 2012 11:00:52 +0200 Subject: [Dovecot] Missing quotes in dovecot-config causes pigeonhole to failed. Message-ID: <50B72444.5000707@otenet.gr> I had to manually quote in dovecot-config LIBDOVECOT_LOGIN='-ldovecot-login -lssl -lcrypto ' by default was LIBDOVECOT_LOGIN=-ldovecot-login -lssl -lcrypto That cause pigeonhole to failed. Regards nanashi From tss at iki.fi Thu Nov 29 12:45:38 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 29 Nov 2012 12:45:38 +0200 Subject: [Dovecot] Missing quotes in dovecot-config causes pigeonhole to failed. In-Reply-To: <50B72444.5000707@otenet.gr> References: <50B72444.5000707@otenet.gr> Message-ID: <149B855F-C5F7-46A6-BF04-CB102ECA3E47@iki.fi> On 29.11.2012, at 11.00, nanashi wrote: > I had to manually quote in dovecot-config > LIBDOVECOT_LOGIN='-ldovecot-login -lssl -lcrypto ' > by default was > LIBDOVECOT_LOGIN=-ldovecot-login -lssl -lcrypto > > That cause pigeonhole to failed. Oh, annoying :( I guess I'll release 2.1.12 with this one change.. or maybe wait a few more hours to see if people find anything else. http://hg.dovecot.org/dovecot-2.1/rev/f77e87298a66 From matt at orphans.co.uk Thu Nov 29 13:02:28 2012 From: matt at orphans.co.uk (Matt Jones) Date: Thu, 29 Nov 2012 11:02:28 +0000 Subject: [Dovecot] Problem with mail_location and INDEX location Message-ID: <50B740C4.9090003@orphans.co.uk> HI, I'm pulling my hair out a little trying to get dovecot to save it's index locally rather than in the NFS mount. No matter what I do it seems to save the indices in the Maildir on the NFS. I'm using dovecot 2.0.18 on CentOS 6.3. The relevant config I'm using: mmap_disable = no dotlock_use_excl = no # only needed with NFSv2, NFSv3+ supports O_EXCL and it's faster mail_fsync = always mail_nfs_storage = yes mail_nfs_index = no lock_method = dotlock # Mail location and mailbox format. mail_location = maildir:/%Lh/Maildir/:INDEX=/var/indexes/%Ld/%Lu/ Dovecot runs under the user:group vmail:vmail, and the user has write access to those directories. [root at tay var]# ls -al total 96 drwxr-xr-x. 24 root root 4096 Nov 29 09:36 . dr-xr-xr-x. 23 root root 4096 Nov 28 15:26 .. drwxr-x--- 5 amavis amavis 4096 Nov 29 09:21 amavis drwxr-xr-x. 10 root root 4096 Nov 28 15:14 cache drwxr-xr-x. 2 clamav clamav 4096 Nov 29 03:49 clamav drwxr-xr-x. 3 root root 4096 Nov 28 14:21 db drwxr-xr-x. 3 root root 4096 Nov 28 13:35 empty drwxr-xr-x. 2 root root 4096 Sep 23 2011 games drwx------ 2 vmail vmail 4096 Nov 29 10:42 indexes drwxr-xr-x. 25 root root 4096 Nov 28 15:15 lib drwxr-xr-x. 2 root root 4096 Sep 23 2011 local drwxrwxr-x. 5 root lock 4096 Nov 29 03:49 lock drwxr-xr-x. 5 root root 4096 Nov 29 04:10 log lrwxrwxrwx. 1 root root 10 Nov 28 13:34 mail -> spool/mail drwxr-xr-x. 2 root root 4096 Sep 23 2011 nis drwxr-xr-x. 2 root root 4096 Sep 23 2011 opt drwxr-xr-x. 2 root root 4096 Sep 23 2011 preserve drwxr-xr-x. 20 root root 4096 Nov 29 09:51 run drwxr-xr-x. 9 root root 4096 Nov 28 15:14 spool drwxrwxrwt. 3 root root 4096 Nov 29 09:22 tmp drwxr-x--- 2 amavis amavis 4096 Jun 8 15:39 virusmails drwx------. 5 vmail vmail 4096 Nov 29 09:35 vmail drwx------. 3 root bin 4096 Nov 29 09:22 webmin drwxr-xr-x. 12 root root 4096 Nov 28 15:17 www drwxr-xr-x. 2 root root 4096 Sep 23 2011 yp After restarting dovecot, and logging in via imap, I see the following under the Maildir: [root at tay Maildir]# ls -al /var/vmail/vmail1/orphans.co.uk/m/a/t/matt-2011.07.06.09.41.05/Maildir total 56 drwx------ 9 vmail vmail 4096 Nov 29 10:57 . drwx------ 3 vmail vmail 4096 Nov 29 10:17 .. drwx------ 2 vmail vmail 4096 Nov 29 10:41 cur -rw------- 1 vmail vmail 248 Nov 29 10:41 dovecot.index.log -rw------- 1 vmail vmail 120 Nov 29 10:41 dovecot.mailbox.log -rw------- 1 vmail vmail 51 Nov 29 10:41 dovecot-uidlist -rw------- 1 vmail vmail 8 Nov 29 10:41 dovecot-uidvalidity -r--r--r-- 1 vmail vmail 0 Nov 29 10:41 dovecot-uidvalidity.50b73be3 drwx------ 5 vmail vmail 4096 Nov 29 10:41 .Drafts drwx------ 5 vmail vmail 4096 Nov 29 10:41 .Junk drwx------ 2 vmail vmail 4096 Nov 29 10:41 new drwx------ 5 vmail vmail 4096 Nov 29 10:41 .Sent -rw------- 1 vmail vmail 29 Nov 29 10:41 subscriptions drwx------ 2 vmail vmail 4096 Nov 29 10:41 tmp drwx------ 5 vmail vmail 4096 Nov 29 10:41 .Trash [root at tay Maildir]# ls -al /var/indexes/ total 8 drwx------ 2 vmail vmail 4096 Nov 29 10:42 . drwxr-xr-x. 24 root root 4096 Nov 29 09:36 .. Any ideas? Matt From benedetto.vassallo at unipa.it Thu Nov 29 14:01:56 2012 From: benedetto.vassallo at unipa.it (Benedetto Vassallo) Date: Thu, 29 Nov 2012 13:01:56 +0100 Subject: [Dovecot] Maildir hardlinks with sieve Message-ID: <20121129130156.86002utrv14t9eic@webmail.unipa.it> Hi all, First of all, excuse me for my previous posts (Maildir hardlinks). Today I realized the following issue. Maildir hardlinks works OK on dovecot 2.1.10 without sieve. If set sieve plugin in dovecot-lmtp hardlinks stop working. Is there a way to have both sieve and hardlinks working? Thank you -- Benedetto Vassallo Sistema Informativo di Ateneo Settore Gestione Reti Hardware e Software U.O.B. Sviluppo e manutenzione dei sistemi Universit? degli studi di Palermo Phone: +3909123860056 Fax: +390916529124 ------------------------------------------------------------------------- This message was sent using the University of Palermo web mail interface. From CMarcus at Media-Brokers.com Thu Nov 29 14:16:32 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Thu, 29 Nov 2012 07:16:32 -0500 Subject: [Dovecot] Problem with mail_location and INDEX location In-Reply-To: <50B740C4.9090003@orphans.co.uk> References: <50B740C4.9090003@orphans.co.uk> Message-ID: <50B75220.6050308@Media-Brokers.com> On 2012-11-29 6:02 AM, Matt Jones <matt at orphans.co.uk> wrote: > The relevant config I'm using: > > > mmap_disable = no Please only/always post full output of doveconf -n, not copy/pastes from the config file... this is the only way to be sure that you are using the config you *think* you are using... -- Best regards, Charles From dave at morsberger.com Thu Nov 29 14:45:02 2012 From: dave at morsberger.com (David Morsberger) Date: Thu, 29 Nov 2012 07:45:02 -0500 Subject: [Dovecot] Missing Messages on IOS device In-Reply-To: <50B5A603.5060509@hardwarefreak.com> References: <CA3255CA-B8B2-4BBB-A1D3-395C1FADBA92@morsberger.com> <50B5A603.5060509@hardwarefreak.com> Message-ID: <2E5CBC77-023F-48A5-B1A8-709334B3C21E@morsberger.com> I checked again and I did not see any log entries on the server or client. Not sure how to debug iPhone/iPad. I'm sure this isn't a bug in dovecot per se because the behavior is different on the different client types. I was just wondering if someone else has seen similar behavior before and worked through it. Thanks, David On Nov 28, 2012, at 12:49 AM, Stan Hoeppner <stan at hardwarefreak.com> wrote: > On 11/27/2012 9:21 PM, David Morsberger wrote: >> Resending because I didn't get any responses from my first post: >> >> I just converted my old server running UW/Panda to a Mac Mini Server running Mountain Lion (ML) Server. I'm using the postfix / dovecot setup provided by Apple. >> >> My IMAP clients are not showing all my emails. The Mail App on my iPhone and iPad is behaving the worse. I can see the emails that are not showing up in the cur directory. >> >> The ML Mail App is stating there are 3854 emails in my INBOX. There are 3948 files in the 'cur' directory ('ls cur | wc -l' returns 3948). Other mailboxes and directories have the same behavior. I'm not sure what to expect here. >> >> My method of conversion was to bulk copy (drag and drop) all the messages from one the UW server to the Dovecot server using the Apple Desktop Mail App in Mountain Lion. >> >> Any idea why these messages are not showing up on my devices and how I can get them to show up? > > Not really. Problem reports are typically accompanied by errors in log > files. You've provided none. You've provided only subjective > observation which is rarely useful in troubleshooting. If you provide > some Dovecot logging related to the problem we may be able to help. > Short of that we can only make wild ass guesses. > > Are your clients subscribing all IMAP folders? Are your clients > checking all folders for new mail? > > -- > Stan > From ramon.frontera at uib.es Thu Nov 29 16:22:49 2012 From: ramon.frontera at uib.es (Ramon Frontera) Date: Thu, 29 Nov 2012 15:22:49 +0100 Subject: [Dovecot] Dovecot director doveadm with switch "-A" error In-Reply-To: <1E3289A4-6787-4743-B3F2-D098C6748271@iki.fi> References: <453DDEEC-1372-40D2-ADD5-00F56904C52A@uib.es> <B528BA8C-9575-4C3C-B154-F243252B4B6F@iki.fi> <8874EC16-C9A2-4689-91E6-71453FF6ED65@uib.es> <1354065305.2844.30.camel@innu> <E7FBFA98-4819-4D82-A82E-86455EEAD055@uib.es> <1E3289A4-6787-4743-B3F2-D098C6748271@iki.fi> Message-ID: <0202B7EE-0411-46BA-ACF2-6C378C7443B4@uib.es> Hi, we have installed dovecot version 2.1.11 Now we have found 3 problems with doveadm on proxy server: 1 problem: In our configuration we have: protocol doveadm { auth_socket_path = director-userdb } I have executed this: # doveconf -m doveadm -f service=doveadm auth_socket_path auth_socket_path = director-userdb Now when We execute doveadm quota get -A we have this error: doveadm(user1): Error: /var/run/dovecot//auth-userdb: Proxy is missing destination host (maybe set auth_socket_path=director-userdb) doveadm: Error: Failed to iterate through some users with "-o auth_socket_path=director-userdb " it works for the early users. 2 problem when we execute doveadm -o auth_socket_path=director-userdb quota get -A it works for the early users and then return this error on proxy: doveadm(userabc): Fatal: table formatter doesn't support multi-line values 3 problem I have tested other doveadm command on proxy wich also fails: # doveadm -o auth_socket_path=director-userdb search -u user mailbox Trash savedbefore 1d on proxy we have this error: " doveadm(user): Error: xx.xx.xx.xx:24245: Internal failure for user" on mailserver we have this error: "doveadm: Fatal: master: service(doveadm): child 22171 killed with signal 11 (core dumps disabled)" I put the gdm bt output hope it help you. (mailserver) Core was generated by `dovecot/doveadm-server'. Program terminated with signal 11, Segmentation fault. #0 auth_master_user_list_next (ctx=0x0) at auth-master.c:680 680 auth-master.c: No such file or directory. in auth-master.c Missing separate debuginfos, use: debuginfo-install dovecot-2.1.11-1_136.el6.x86_64 (gdb) bt full #0 auth_master_user_list_next (ctx=0x0) at auth-master.c:680 No locals. #1 0x00007f2dfe414f23 in mail_storage_service_all_next (ctx=0xf92900, username_r=0x7fff4306cab8) at mail-storage-service.c:1215 __FUNCTION__ = "mail_storage_service_all_next" #2 0x00007f2dfd0b0ed2 in doveadm_expire_mail_init (ctx=0xf89020) at doveadm-expire.c:420 ectx = 0xf89198 dict = 0xf93110 query = <value optimized out> expire_dict = <value optimized out> username = 0x0 value = <value optimized out> username_dup = <value optimized out> #3 0x000000000040aa1a in doveadm_mail_single_user () No symbol table info available. #4 0x00000000004121b9 in client_connection_input () No symbol table info available. #5 0x00007f2dfe14f2c6 in io_loop_call_io (io=0xf8e7a0) at ioloop.c:379 ioloop = 0xf84690 t_id = 2 #6 0x00007f2dfe1502ef in io_loop_handler_run (ioloop=<value optimized out>) at ioloop-epoll.c:213 ---Type <return> to continue, or q <return> to quit--- ctx = 0xf874c0 events = <value optimized out> event = 0xf87530 list = 0xf8e7f0 io = <value optimized out> tv = {tv_sec = 2147483, tv_usec = 0} msecs = <value optimized out> ret = 1 i = <value optimized out> call = <value optimized out> #7 0x00007f2dfe14f268 in io_loop_run (ioloop=0xf84690) at ioloop.c:398 No locals. #8 0x00007f2dfe13ac73 in master_service_run (service=0xf84540, callback=<value optimized out>) at master-service.c:544 No locals. #9 0x00000000004128f1 in main () No symbol table info available. Thanks in advance!!!! -- ------------------------------------------ Ramon Frontera Gallardo Universitat de les Illes Balears El 28/11/2012, a las 23:45, Timo Sirainen escribi?: > On 28.11.2012, at 16.50, Ramon Frontera wrote: > >> Dovecot -n show the correct configuration like you explain. >> The command doveadm -o auth_socket_path=director-userdb quota get -A works fine on the proxy and now assigns host. > > Then doveadm isn't seeing the same configuration as what you're looking at. For example did you restart dovecot since the change? Does this return the correct path? : > > doveconf -m doveadm -f service=doveadm auth_socket_path > >> Now, the problem is that when we execute doveadm -A or doveadm -u *something* the command fails in the mailserver with this error: >> >> dovecot: doveadm: Fatal: master: service(doveadm): child 13482 killed with signal 11 (core dumps disabled) > > I fixed several bugs related to this in hg. I think you hit one of them. > >> This errors occurs when the search finds more than one user. >> When we execute doveadm -u user it works fine >> >> >> I send attached the strace of the mailserver<doveadm.log.zip> > > strace isn't very useful in debugging crashes. gdb backtraces are: http://dovecot.org/bugreport.html > From lists at kokelnet.de Thu Nov 29 16:57:00 2012 From: lists at kokelnet.de (Tobias Hachmer) Date: Thu, 29 Nov 2012 15:57 +0100 Subject: [Dovecot] cmd-vacation.c:4:17: fatal error: lib.h: No such file or directory && ./configure: line 11410: -lssl: command not found Message-ID: <2005376.op1lL5WuKO@tobias-pc> Hello Timo, Building 2.1.11 was ok, but rebuilding pigeonhole 0.3.3 for dovecot 2.1.11 show up the following errors: checking for dovecot-config in "/usr/lib/dovecot"... /usr/lib/dovecot/dovecot- config ./configure: line 11410: -lssl: command not found checking whether OS supports plugin dependencies... yes configure: creating ./config.status config.status: creating Makefile config.status: creating doc/Makefile config.status: creating doc/man/Makefile config.status: creating doc/example-config/Makefile config.status: creating doc/example-config/conf.d/Makefile config.status: creating doc/rfc/Makefile config.status: creating src/Makefile config.status: creating src/lib-sieve/Makefile config.status: creating src/lib-sieve/plugins/Makefile config.status: creating src/lib-sieve/plugins/vacation/Makefile config.status: creating src/lib-sieve/plugins/subaddress/Makefile config.status: creating src/lib-sieve/plugins/comparator-i-ascii- numeric/Makefile config.status: creating src/lib-sieve/plugins/relational/Makefile config.status: creating src/lib-sieve/plugins/regex/Makefile config.status: creating src/lib-sieve/plugins/imap4flags/Makefile config.status: creating src/lib-sieve/plugins/copy/Makefile config.status: creating src/lib-sieve/plugins/include/Makefile config.status: creating src/lib-sieve/plugins/body/Makefile config.status: creating src/lib-sieve/plugins/variables/Makefile config.status: creating src/lib-sieve/plugins/enotify/Makefile config.status: creating src/lib-sieve/plugins/enotify/mailto/Makefile config.status: creating src/lib-sieve/plugins/notify/Makefile config.status: creating src/lib-sieve/plugins/environment/Makefile config.status: creating src/lib-sieve/plugins/mailbox/Makefile config.status: creating src/lib-sieve/plugins/date/Makefile config.status: creating src/lib-sieve/plugins/spamvirustest/Makefile config.status: creating src/lib-sieve/plugins/ihave/Makefile config.status: creating src/lib-sieve/plugins/editheader/Makefile config.status: creating src/lib-sieve/plugins/vnd.dovecot/Makefile config.status: creating src/lib-sieve/plugins/vnd.dovecot/debug/Makefile config.status: creating src/lib-sieve/plugins/vnd.dovecot/duplicate/Makefile config.status: creating src/lib-sieve-tool/Makefile config.status: creating src/lib-sievestorage/Makefile config.status: creating src/lib-managesieve/Makefile config.status: creating src/plugins/Makefile config.status: creating src/plugins/lda-sieve/Makefile config.status: creating src/sieve-tools/Makefile config.status: creating src/managesieve/Makefile config.status: creating src/managesieve-login/Makefile config.status: creating src/testsuite/Makefile config.status: creating stamp.h config.status: creating dummy-config.h config.status: creating pigeonhole-config.h config.status: executing depfiles commands config.status: executing libtool commands dh_testdir # Add here commands to compile the package. /usr/bin/make make[1]: Entering directory `/home/tobias/pighole_test/dovecot-2.1- pigeonhole-0.3.3' /usr/bin/make all-recursive make[2]: Entering directory `/home/tobias/pighole_test/dovecot-2.1- pigeonhole-0.3.3' Making all in src make[3]: Entering directory `/home/tobias/pighole_test/dovecot-2.1- pigeonhole-0.3.3/src' Making all in lib-sieve make[4]: Entering directory `/home/tobias/pighole_test/dovecot-2.1- pigeonhole-0.3.3/src/lib-sieve' Making all in plugins make[5]: Entering directory `/home/tobias/pighole_test/dovecot-2.1- pigeonhole-0.3.3/src/lib-sieve/plugins' Making all in vacation make[6]: Entering directory `/home/tobias/pighole_test/dovecot-2.1- pigeonhole-0.3.3/src/lib-sieve/plugins/vacation' /bin/bash ../../../../libtool --tag=CC --mode=compile x86_64-linux-gnu-gcc - DHAVE_CONFIG_H -I. -I../../../.. -I./../../ -D_FORTIFY_SOURCE=2 -std=gnu99 -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security - Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar- subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict- aliasing=2 -MT cmd-vacation.lo -MD -MP -MF .deps/cmd-vacation.Tpo -c -o cmd- vacation.lo cmd-vacation.c libtool: compile: x86_64-linux-gnu-gcc -DHAVE_CONFIG_H -I. -I../../../.. - I./../../ -D_FORTIFY_SOURCE=2 -std=gnu99 -g -O2 -fstack-protector --param=ssp- buffer-size=4 -Wformat -Wformat-security -Wall -W -Wmissing-prototypes - Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad- function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -MT cmd-vacation.lo - MD -MP -MF .deps/cmd-vacation.Tpo -c cmd-vacation.c -fPIC -DPIC -o .libs/cmd- vacation.o cmd-vacation.c:4:17: fatal error: lib.h: No such file or directory compilation terminated. make[6]: *** [cmd-vacation.lo] Error 1 make[6]: Leaving directory `/home/tobias/pighole_test/dovecot-2.1- pigeonhole-0.3.3/src/lib-sieve/plugins/vacation' make[5]: *** [all-recursive] Error 1 make[5]: Leaving directory `/home/tobias/pighole_test/dovecot-2.1- pigeonhole-0.3.3/src/lib-sieve/plugins' make[4]: *** [all-recursive] Error 1 make[4]: Leaving directory `/home/tobias/pighole_test/dovecot-2.1- pigeonhole-0.3.3/src/lib-sieve' make[3]: *** [all-recursive] Error 1 make[3]: Leaving directory `/home/tobias/pighole_test/dovecot-2.1- pigeonhole-0.3.3/src' make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory `/home/tobias/pighole_test/dovecot-2.1- pigeonhole-0.3.3' make[1]: *** [all] Error 2 make[1]: Leaving directory `/home/tobias/pighole_test/dovecot-2.1- pigeonhole-0.3.3' make: *** [build-stamp] Error 2 my configure options: ./configure --with-dovecot=/usr/lib/dovecot --prefix=/usr --sysconfdir=/etc -- libexecdir=/usr/lib --localstatedir=/var --mandir=/usr/share/man -- infodir=/usr/share/info --with-moduledir=/usr/lib/dovecot/modules Regards, Tobias Hachmer From gilles.chauvin at univ-rouen.fr Thu Nov 29 17:09:35 2012 From: gilles.chauvin at univ-rouen.fr (Gilles Chauvin) Date: Thu, 29 Nov 2012 16:09:35 +0100 Subject: [Dovecot] cmd-vacation.c:4:17: fatal error: lib.h: No such file or directory && ./configure: line 11410: -lssl: command not found In-Reply-To: <2005376.op1lL5WuKO@tobias-pc> References: <2005376.op1lL5WuKO@tobias-pc> Message-ID: <50B77AAF.1080906@univ-rouen.fr> On 29/11/2012 15:57, Tobias Hachmer wrote:> Hello Timo, > > Building 2.1.11 was ok, but rebuilding pigeonhole 0.3.3 for dovecot 2.1.11 > show up the following errors: > > [...] > Hi, Just have a look at: http://www.dovecot.org/list/dovecot/2012-November/069722.html ;). Regards, Gilles.-- ========================================================= Gilles CHAUVIN P?le Syst?me Direction des Syst?mes d'information et de l'Informatique Universit? de Rouen B?timent 16 - IRESE-B Place ?mile Blondel 76821 MONT-SAINT-AIGNAN CEDEX ? http://goo.gl/cYgtX T?l: +33 (0)2 35 14 82 92 Fax: +33 (0)2 35 14 64 64 Mail fonc: systeme at univ-rouen.fr Mail pers: gilles.chauvin at univ-rouen.fr ========================================================= From lists at kokelnet.de Thu Nov 29 17:14:05 2012 From: lists at kokelnet.de (Tobias Hachmer) Date: Thu, 29 Nov 2012 16:14:05 +0100 Subject: [Dovecot] cmd-vacation.c:4:17: fatal error: lib.h: No such file or directory && ./configure: line 11410: -lssl: command not found In-Reply-To: <50B77AAF.1080906@univ-rouen.fr> References: <2005376.op1lL5WuKO@tobias-pc> <50B77AAF.1080906@univ-rouen.fr> Message-ID: <16123573.A1ZQnkdqxL@tobias-pc> On Thursday 29 November 2012 16:09:35 Gilles Chauvin wrote: > Just have a look at: > http://www.dovecot.org/list/dovecot/2012-November/069722.html ;). Yeah, I saw your post. But Timo asked for another possible errors. I don't know if this error belongs to your error: cmd-vacation.c:4:17: fatal error: lib.h: No such file or directory That's why I posted this. Greetz, Tobias Hachmer From gilles.chauvin at univ-rouen.fr Thu Nov 29 17:18:14 2012 From: gilles.chauvin at univ-rouen.fr (Gilles Chauvin) Date: Thu, 29 Nov 2012 16:18:14 +0100 Subject: [Dovecot] cmd-vacation.c:4:17: fatal error: lib.h: No such file or directory && ./configure: line 11410: -lssl: command not found In-Reply-To: <16123573.A1ZQnkdqxL@tobias-pc> References: <2005376.op1lL5WuKO@tobias-pc> <50B77AAF.1080906@univ-rouen.fr> <16123573.A1ZQnkdqxL@tobias-pc> Message-ID: <50B77CB6.5090009@univ-rouen.fr> On 29/11/2012 16:14, Tobias Hachmer wrote: > On Thursday 29 November 2012 16:09:35 Gilles Chauvin wrote: >> Just have a look at: >> http://www.dovecot.org/list/dovecot/2012-November/069722.html ;). > > Yeah, I saw your post. But Timo asked for another possible errors. I don't > know if this error belongs to your error: > > cmd-vacation.c:4:17: fatal error: lib.h: No such file or directory > > That's why I posted this. > > Greetz, > Tobias Hachmer > Tobias, The post I linked above wasn't my post but I had the exact same problem this morning while trying to compile pigeonhole against dovecot 2.1.11. Manually adding the quotes in the dovecot-config file fixed the issue for me. Regards, Gilles. From lists at kokelnet.de Thu Nov 29 17:38:44 2012 From: lists at kokelnet.de (Tobias Hachmer) Date: Thu, 29 Nov 2012 16:38:44 +0100 Subject: [Dovecot] cmd-vacation.c:4:17: fatal error: lib.h: No such file or directory && ./configure: line 11410: -lssl: command not found In-Reply-To: <50B77CB6.5090009@univ-rouen.fr> References: <2005376.op1lL5WuKO@tobias-pc> <16123573.A1ZQnkdqxL@tobias-pc> <50B77CB6.5090009@univ-rouen.fr> Message-ID: <2382092.SW9rUM1cA3@tobias-pc> On Thursday 29 November 2012 16:18:14 Gilles Chauvin wrote: > The post I linked above wasn't my post but I had the exact same problem > this morning while trying to compile pigeonhole against dovecot 2.1.11. > Manually adding the quotes in the dovecot-config file fixed the issue > for me. Oh, sorry, I will test, thanks! Regards, Tobias Hachmer From johnsone at usc.edu Thu Nov 29 17:42:44 2012 From: johnsone at usc.edu (Erik A Johnson) Date: Thu, 29 Nov 2012 07:42:44 -0800 Subject: [Dovecot] imap-login hanging when firewall blocks ssl handshaking In-Reply-To: <AED7EBF0-A31F-4171-88DC-F07463A9E0B1@usc.edu> References: <B7D3B051-AEFD-42CD-87DC-60764AF401D4@usc.edu> <8EDD59BD-AC4B-442F-B148-285BC368B49B@iki.fi> <AED7EBF0-A31F-4171-88DC-F07463A9E0B1@usc.edu> Message-ID: <43B7D59A-BEE2-4954-862D-6B8DF521EB38@usc.edu> No, the test to bug out doesn't work because net_geterror(proxy->fd_ssl) returns 0 in the statement if (!proxy->client_proxy && net_geterror(proxy->fd_ssl) == ENOTCONN) { However, errno is indeed ENOTCONN. Changing the test to if (!proxy->client_proxy && errno == ENOTCONN) { does do the job (i.e., stopping the process with the "syscall failed" error message), though I'm sure I don't understand the ins and outs well enough to know if that is an appropriate test. The full log line is: Nov 29 07:39:14 SERVER dovecot[24362]: imap-login: Disconnected (disconnected before greeting, waited 0 secs): user=<>, rip=CLIENTIP, lip=SERVERIP, TLS handshaking: SSL_accept() syscall failed: Socket is not connected, session=<d5DNFaTP8QAKAAFi> Thoughts? On Nov 28, 2012, at 10:18PM PST, Timo Sirainen <tss at iki.fi> wrote: > This is either OSX bug or OpenSSL bug.. Apparently what happens is: > > 1. Client sends SYN packet to Dovecot > 2. Dovecot accept()s the connection (sends SYN-ACK) and goes into OpenSSL code > 3. Client doesn't send ACK to Dovecot. Does it send RST or nothing or something else? I don't know. > 4. OSX notices anyway that something is wrong with the socket, and kqueue says that the socket is ready for reading > 5. OpenSSL read()s, which fails with ENOTCONN. But OpenSSL thinks this is a non-fatal error and simply asks to be notified again when something can be read > 6. goto 4 > > So, whose bug is it? OpenSSL's ENOTCONN handling probably makes sense for client connections where connect() hasn't finished yet. But then again, this is accept()ed connection where it typically should fail like that. Except I guess it might be correct behavior if read() is done after SYN-ACK but before receiving ACK. > > While OSX is receiving ACK from the client, it shouldn't say that the fd is readable. It probably doesn't. But after it receives <something> it realizes that the socket is disconnected. So read() probably shouldn't be returning ENOTCONN anymore at this point, but instead ECONNRESET or ETIMEDOUT. > > See if the attached patch helps. > > > On 29.11.2012, at 7.45, Erik A Johnson wrote: >> Here's the log: >> >> Nov 28 21:28:11 macbookpro-e17d.home dovecot[54139]: master: Dovecot v2.1.10 starting up (core dumps disabled) >> Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: ssl_step() >> Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: ssl_handshake: SSL_accept()=-1 >> Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: SSL_get_error() = 2 >> Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: - want_read >> Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: ssl_set_io(0) >> [last 5 lines are repeated until process is killed] >> >> On Nov 26, 2012, as 11:38PM PST, Timo Sirainen <tss at iki.fi> wrote: >>> >>> Could you try with the attached patch, and with only the problematic >>> client running? What does it log (the beginning of the session until it >>> starts repeating the same lines)? >>> >>> On 10.11.2012, at 12.44, Erik A Johnson wrote: >>>> imap-login processes are hanging (using 100% of CPU) when connected from a client that is partially blocked by a firewall. It appears that imap-login is stuck in a loop trying to complete an ssl handshake. imap-login is working fine for other clients not blocked by the firewall (including localhost). >>>> >>>> This is dovecot 2.1.10 under Mac OS X 10.8.2 (compiled from sources); the firewall is Little Snitch 3.0.1 blocking port 993, which appears to let the connection initiate but then squashes and disconnects the socket during ssl handshaking. >>>> >>>> gdb backtrace and Activity Monitor's "Sample Process" show that imap-login is stuck calling ioloop-kqueue's io_loop_handler_run -> io_loop_call_io -> ssl_step repeatedly; dtruss shows that it is repeatedly making system calls to kevent and read, the latter returning -1 with errno 57=ENOTCONN="Socket is not connected". (I also tried ./configure --with-ioloop=poll and --with-iopoll=select instead of the default best = kqueue but the results were the same; --with-iopoll=epoll didn't work because epoll is not available on this machine.) The client, initiated by the command "openssl s_client -connect SERVER:993", first responds "CONNECTED(00000003)" but then immediately the error "60278:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:/SourceCache/OpenSSL098/OpenSSL098-44/src/ssl/s23_lib.c:182:". The infinite loop is in src/lib/ioloop.c in the function "io_loop_run" where the statement "while (ioloop->running) io_loop_handler_run(ioloop)" is executed. > > From tss at iki.fi Thu Nov 29 22:43:42 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 29 Nov 2012 22:43:42 +0200 Subject: [Dovecot] imap-login hanging when firewall blocks ssl handshaking In-Reply-To: <43B7D59A-BEE2-4954-862D-6B8DF521EB38@usc.edu> References: <B7D3B051-AEFD-42CD-87DC-60764AF401D4@usc.edu> <8EDD59BD-AC4B-442F-B148-285BC368B49B@iki.fi> <AED7EBF0-A31F-4171-88DC-F07463A9E0B1@usc.edu> <43B7D59A-BEE2-4954-862D-6B8DF521EB38@usc.edu> Message-ID: <D3941117-A149-47BB-9E4E-E82631FC04F0@iki.fi> On 29.11.2012, at 17.42, Erik A Johnson wrote: > No, the test to bug out doesn't work because net_geterror(proxy->fd_ssl) returns 0 in the statement > > if (!proxy->client_proxy && > net_geterror(proxy->fd_ssl) == ENOTCONN) { > > However, errno is indeed ENOTCONN. Changing the test to > > if (!proxy->client_proxy && > errno == ENOTCONN) { This change isn't very reliable, since the previous call might not have been read().. I wonder if something like would work: if (!proxy->client && read(proxy->fd_ssl, &err, 0) < 0 && errno == ENOTCONN) { From ben at morrow.me.uk Fri Nov 30 00:12:18 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Thu, 29 Nov 2012 22:12:18 +0000 Subject: [Dovecot] imap-login hanging when firewall blocks ssl handshaking In-Reply-To: <D3941117-A149-47BB-9E4E-E82631FC04F0@iki.fi> References: <B7D3B051-AEFD-42CD-87DC-60764AF401D4@usc.edu> <8EDD59BD-AC4B-442F-B148-285BC368B49B@iki.fi> <AED7EBF0-A31F-4171-88DC-F07463A9E0B1@usc.edu> <43B7D59A-BEE2-4954-862D-6B8DF521EB38@usc.edu> <D3941117-A149-47BB-9E4E-E82631FC04F0@iki.fi> Message-ID: <20121129221217.GL76138@anubis.morrow.me.uk> At 10PM +0200 on 29/11/12 Timo Sirainen wrote: > On 29.11.2012, at 17.42, Erik A Johnson wrote: > > > No, the test to bug out doesn't work because net_geterror(proxy->fd_ssl) returns 0 in the statement > > > > if (!proxy->client_proxy && > > net_geterror(proxy->fd_ssl) == ENOTCONN) { > > > > However, errno is indeed ENOTCONN. Changing the test to > > > > if (!proxy->client_proxy && > > errno == ENOTCONN) { > > This change isn't very reliable, since the previous call might not > have been read().. I wonder if something like would work: > > if (!proxy->client && read(proxy->fd_ssl, &err, 0) < 0 && errno == ENOTCONN) { How about calling getpeername on fd_ssl? That should reliably tell you if the socket is connected or not. http://cr.yp.to/docs/connect.html suggests that read is not always a reliable test for that. Ben From tss at iki.fi Fri Nov 30 00:39:51 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 30 Nov 2012 00:39:51 +0200 Subject: [Dovecot] imap-login hanging when firewall blocks ssl handshaking In-Reply-To: <20121129221217.GL76138@anubis.morrow.me.uk> References: <B7D3B051-AEFD-42CD-87DC-60764AF401D4@usc.edu> <8EDD59BD-AC4B-442F-B148-285BC368B49B@iki.fi> <AED7EBF0-A31F-4171-88DC-F07463A9E0B1@usc.edu> <43B7D59A-BEE2-4954-862D-6B8DF521EB38@usc.edu> <D3941117-A149-47BB-9E4E-E82631FC04F0@iki.fi> <20121129221217.GL76138@anubis.morrow.me.uk> Message-ID: <E5427A32-1E02-48E6-9B8B-FA7A70960688@iki.fi> On 30.11.2012, at 0.12, Ben Morrow wrote: >> This change isn't very reliable, since the previous call might not >> have been read().. I wonder if something like would work: >> >> if (!proxy->client && read(proxy->fd_ssl, &err, 0) < 0 && errno == ENOTCONN) { > > How about calling getpeername on fd_ssl? That should reliably tell you > if the socket is connected or not. http://cr.yp.to/docs/connect.html > suggests that read is not always a reliable test for that. Yes, that sounds like it would work better: if (!proxy->client && net_getpeername(proxy->fd_ssl, NULL, NULL) < 0 && errno == ENOTCONN) { From tss at iki.fi Fri Nov 30 03:17:29 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 30 Nov 2012 03:17:29 +0200 Subject: [Dovecot] Dovecot director doveadm with switch "-A" error In-Reply-To: <0202B7EE-0411-46BA-ACF2-6C378C7443B4@uib.es> References: <453DDEEC-1372-40D2-ADD5-00F56904C52A@uib.es> <B528BA8C-9575-4C3C-B154-F243252B4B6F@iki.fi> <8874EC16-C9A2-4689-91E6-71453FF6ED65@uib.es> <1354065305.2844.30.camel@innu> <E7FBFA98-4819-4D82-A82E-86455EEAD055@uib.es> <1E3289A4-6787-4743-B3F2-D098C6748271@iki.fi> <0202B7EE-0411-46BA-ACF2-6C378C7443B4@uib.es> Message-ID: <1F75A354-F909-4BAB-8843-1821332BFC12@iki.fi> On 29.11.2012, at 16.22, Ramon Frontera wrote: > Now we have found 3 problems with doveadm on proxy server: > > 1 problem: > In our configuration we have: > protocol doveadm { > auth_socket_path = director-userdb > } > > I have executed this: > # doveconf -m doveadm -f service=doveadm auth_socket_path > auth_socket_path = director-userdb > > Now when We execute doveadm quota get -A > we have this error: > doveadm(user1): Error: /var/run/dovecot//auth-userdb: Proxy is missing destination host (maybe set auth_socket_path=director-userdb) > doveadm: Error: Failed to iterate through some users > > with "-o auth_socket_path=director-userdb " it works for the early users. That's strange. I don't really have any ideas left how to debug it easily. > 2 problem > when we execute doveadm -o auth_socket_path=director-userdb quota get -A it works for the early users and then return this error on proxy: > > doveadm(userabc): Fatal: table formatter doesn't support multi-line values Oh. Hmm. I see the problem.. I'll fix it later. For now you could change the formatter with doveadm -f tab or -f flow > 3 problem > I have tested other doveadm command on proxy wich also fails: > > # doveadm -o auth_socket_path=director-userdb search -u user mailbox Trash savedbefore 1d > > on proxy we have this error: " doveadm(user): Error: xx.xx.xx.xx:24245: Internal failure for user" > on mailserver we have this error: "doveadm: Fatal: master: service(doveadm): child 22171 killed with signal 11 (core dumps disabled)" > > I put the gdm bt output hope it help you. (mailserver) > > #0 auth_master_user_list_next (ctx=0x0) at auth-master.c:680 > No locals. > #1 0x00007f2dfe414f23 in mail_storage_service_all_next (ctx=0xf92900, > username_r=0x7fff4306cab8) at mail-storage-service.c:1215 > __FUNCTION__ = "mail_storage_service_all_next" > #2 0x00007f2dfd0b0ed2 in doveadm_expire_mail_init (ctx=0xf89020) > at doveadm-expire.c:420 This should fix it: http://hg.dovecot.org/dovecot-2.1/rev/75dc4cb4bfe0 From dmiller at amfes.com Fri Nov 30 07:32:05 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Thu, 29 Nov 2012 21:32:05 -0800 Subject: [Dovecot] Tcpflow capture In-Reply-To: <41FE2822-B20E-4219-9710-3B0815D96767@iki.fi> References: <50B64243.3090708@amfes.com> <D135A531-7D64-4ACF-9B70-6E257B0739CE@iki.fi> <50B6E458.2060707@amfes.com> <0155E88D-B115-4D63-A134-A69FF13E26E0@iki.fi> <50B6F6FA.4050208@amfes.com> <2F5AA701-1C65-4406-A000-4FBC4502E45B@iki.fi> <50B7880A.6080205@amfes.com> <41FE2822-B20E-4219-9710-3B0815D96767@iki.fi> Message-ID: <assp.0681f97e83.50B844D5.4050705@amfes.com> On 11/29/2012 12:49 PM, Timo Sirainen wrote: > On 29.11.2012, at 18.06, Daniel L. Miller wrote: > >> On 11/28/2012 10:37 PM, Timo Sirainen wrote: >>> On 29.11.2012, at 7.47, Daniel L. Miller wrote: >>> >>>>> doveadm fetch text -u amiller at amfes.com mailbox-guid a47e4e264aa1c94cc35100003bc41c5f uid 12891 >>>>> >>>> The result of that, when adding a "> test", generates a 11 byte file. >>>> >>>> Hexedit shows me that as: >>>> 74 65 78 74 3A 0A 1F 8B 08 0C 0A >>>> >>>> Otherwise a simple 'less' give me: >>>> text: >>>> ^_<8B>^H^L >>>> >>>> Does this tell you anything? >>> First of all it tells me that you either have some very corrupted messages in your mailbox, or you have some compressed messages but without zlib plugin enabled. >> 10-mail.conf - mail_plugins = fts fts_solr acl >> 15-lda.conf - mail_plugins = $mail_plugins sieve >> 20-imap.conf - mail_plugins = $mail_plugins zlib imap_acl >> 20-lmtp.conf - mail_plugins = $mail_plugins sieve > OK, so all of the compressed mails will be indexed as garbage. > >> My intent was to be able to read zlib mails, but not write new ones. I may change this to just have zlib in 10-mail and start writing compressed. Unless this is/will cause corruption. > Enabling zlib plugin doesn't enable compression on writing. plugin { zlib_save=yes } is required for that. > I (hopefully) fixed my config - put 'zlib' into 10-mail.conf and removed it from the others. Re-indexing is now good on some mailboxes that were broken before - but I still have a fault on others. -- Daniel From dmiller at amfes.com Fri Nov 30 07:57:02 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Thu, 29 Nov 2012 21:57:02 -0800 Subject: [Dovecot] Tcpflow capture In-Reply-To: <50B844D5.4050705@amfes.com> References: <50B64243.3090708@amfes.com> <D135A531-7D64-4ACF-9B70-6E257B0739CE@iki.fi> <50B6E458.2060707@amfes.com> <0155E88D-B115-4D63-A134-A69FF13E26E0@iki.fi> <50B6F6FA.4050208@amfes.com> <2F5AA701-1C65-4406-A000-4FBC4502E45B@iki.fi> <50B7880A.6080205@amfes.com> <41FE2822-B20E-4219-9710-3B0815D96767@iki.fi> <50B844D5.4050705@amfes.com> Message-ID: <assp.16818e0f90.50B84AAE.8080905@amfes.com> On 11/29/2012 9:32 PM, Daniel L. Miller wrote: > > I (hopefully) fixed my config - put 'zlib' into 10-mail.conf and > removed it from the others. Re-indexing is now good on some mailboxes > that were broken before - but I still have a fault on others. > Using the tcpflow dump, I found a couple bad messages that I didn't care about storing - so I deleted them. Then, after no change - I remembered to do a "compact" in my MUA. That cleared up one mailbox - then dovecot complained about various errors & corruption on another mailbox. So I'll start a new thread for that as it looks like the solr interface is now good! -- Daniel From dmiller at amfes.com Fri Nov 30 08:03:36 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Thu, 29 Nov 2012 22:03:36 -0800 Subject: [Dovecot] mdbox corruption Message-ID: <assp.06814fa592.50B84C38.2020500@amfes.com> Trying to clean up the last of the corruption caused by my own stupidity. I now have two mailboxes for one user that give errors such as: doveadm(fax at amfes.com): Error: zlib.read(/var/mail/amfes.com/fax/mdbox/storage/m.9): gz trailer has wrong CRC value at 20065618 doveadm(fax at amfes.com): Error: read(/var/mail/amfes.com/fax/mdbox/storage/m.9) failed: Invalid argument (uid=238) doveadm(fax at amfes.com): Error: zlib.read(/var/mail/amfes.com/fax/mdbox/storage/m.9): corrupted data at 20145217 [...] doveadm(fax at amfes.com): Error: read(/var/mail/amfes.com/fax/mdbox/storage/m.20) failed: Invalid argument (uid=5155) doveadm(fax at amfes.com): Error: zlib.read(/var/mail/amfes.com/fax/mdbox/storage/m.20): corrupted data at 24779604 doveadm(fax at amfes.com): Error: Cached message size smaller than expected (1259 < 1260) doveadm(fax at amfes.com): Error: Corrupted index cache file /var/mail/amfes.com/fax/mdbox/mailboxes/INBOX/2010/dbox-Mails/dovecot.index.cache: Broken physical size for mail UID 5158 'doveadm force-resync' does not appear to fix these. There appear to be only the two mdbox files affected and I see about 40 errors. I would prefer to salvage as much as possible of these. What options do I have? Do a dsync to another location and take whatever I get? -- Daniel From tss at iki.fi Fri Nov 30 08:09:03 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 30 Nov 2012 08:09:03 +0200 Subject: [Dovecot] Tcpflow capture In-Reply-To: <assp.16818e0f90.50B84AAE.8080905@amfes.com> References: <50B64243.3090708@amfes.com> <D135A531-7D64-4ACF-9B70-6E257B0739CE@iki.fi> <50B6E458.2060707@amfes.com> <0155E88D-B115-4D63-A134-A69FF13E26E0@iki.fi> <50B6F6FA.4050208@amfes.com> <2F5AA701-1C65-4406-A000-4FBC4502E45B@iki.fi> <50B7880A.6080205@amfes.com> <41FE2822-B20E-4219-9710-3B0815D96767@iki.fi> <50B844D5.4050705@amfes.com> <assp.16818e0f90.50B84AAE.8080905@amfes.com> Message-ID: <25C2B424-F8D5-4C8E-86C0-3131F95FBF91@iki.fi> On 30.11.2012, at 7.57, Daniel L. Miller wrote: > On 11/29/2012 9:32 PM, Daniel L. Miller wrote: >> >> I (hopefully) fixed my config - put 'zlib' into 10-mail.conf and removed it from the others. Re-indexing is now good on some mailboxes that were broken before - but I still have a fault on others. >> > Using the tcpflow dump, I found a couple bad messages that I didn't care about storing - so I deleted them. Then, after no change - I remembered to do a "compact" in my MUA. That cleared up one mailbox - then dovecot complained about various errors & corruption on another mailbox. So I'll start a new thread for that as it looks like the solr interface is now good! Well, there is still bug somewhere if Dovecot can cause Solr to fail.. I just can't figure out how that could happen. From tss at iki.fi Fri Nov 30 08:10:47 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 30 Nov 2012 08:10:47 +0200 Subject: [Dovecot] mdbox corruption In-Reply-To: <assp.06814fa592.50B84C38.2020500@amfes.com> References: <assp.06814fa592.50B84C38.2020500@amfes.com> Message-ID: <DFF9836F-AE6A-4639-A126-322A66A8DC4C@iki.fi> On 30.11.2012, at 8.03, Daniel L. Miller wrote: > Trying to clean up the last of the corruption caused by my own stupidity. I now have two mailboxes for one user that give errors such as: > > doveadm(fax at amfes.com): Error: zlib.read(/var/mail/amfes.com/fax/mdbox/storage/m.9): gz trailer has wrong CRC value at 20065618 > doveadm(fax at amfes.com): Error: read(/var/mail/amfes.com/fax/mdbox/storage/m.9) failed: Invalid argument (uid=238) > doveadm(fax at amfes.com): Error: zlib.read(/var/mail/amfes.com/fax/mdbox/storage/m.9): corrupted data at 20145217 > [...] > doveadm(fax at amfes.com): Error: read(/var/mail/amfes.com/fax/mdbox/storage/m.20) failed: Invalid argument (uid=5155) > doveadm(fax at amfes.com): Error: zlib.read(/var/mail/amfes.com/fax/mdbox/storage/m.20): corrupted data at 24779604 > doveadm(fax at amfes.com): Error: Cached message size smaller than expected (1259 < 1260) > doveadm(fax at amfes.com): Error: Corrupted index cache file /var/mail/amfes.com/fax/mdbox/mailboxes/INBOX/2010/dbox-Mails/dovecot.index.cache: Broken physical size for mail UID 5158 > > 'doveadm force-resync' does not appear to fix these. There appear to be only the two mdbox files affected and I see about 40 errors. I would prefer to salvage as much as possible of these. What options do I have? Do a dsync to another location and take whatever I get? There are no tools to fix broken compressed mails. I guess if dsync doesn't stop in the middle that would work. If it does stop, you'd need to figure out which messages those are (with doveadm dump) and delete them. From dmiller at amfes.com Fri Nov 30 08:18:13 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Thu, 29 Nov 2012 22:18:13 -0800 Subject: [Dovecot] Tcpflow capture In-Reply-To: <25C2B424-F8D5-4C8E-86C0-3131F95FBF91@iki.fi> References: <50B64243.3090708@amfes.com> <D135A531-7D64-4ACF-9B70-6E257B0739CE@iki.fi> <50B6E458.2060707@amfes.com> <0155E88D-B115-4D63-A134-A69FF13E26E0@iki.fi> <50B6F6FA.4050208@amfes.com> <2F5AA701-1C65-4406-A000-4FBC4502E45B@iki.fi> <50B7880A.6080205@amfes.com> <41FE2822-B20E-4219-9710-3B0815D96767@iki.fi> <50B844D5.4050705@amfes.com> <50B84AAE.8080905@amfes.com> <25C2B424-F8D5-4C8E-86C0-3131F95FBF91@iki.fi> Message-ID: <assp.168101c61b.50B84FA5.9070907@amfes.com> On 11/29/2012 10:09 PM, Timo Sirainen wrote: > On 30.11.2012, at 7.57, Daniel L. Miller wrote: > >> On 11/29/2012 9:32 PM, Daniel L. Miller wrote: >>> I (hopefully) fixed my config - put 'zlib' into 10-mail.conf and removed it from the others. Re-indexing is now good on some mailboxes that were broken before - but I still have a fault on others. >>> >> Using the tcpflow dump, I found a couple bad messages that I didn't care about storing - so I deleted them. Then, after no change - I remembered to do a "compact" in my MUA. That cleared up one mailbox - then dovecot complained about various errors & corruption on another mailbox. So I'll start a new thread for that as it looks like the solr interface is now good! > Well, there is still bug somewhere if Dovecot can cause Solr to fail.. I just can't figure out how that could happen. > At this moment, after your last bugfix and my correct plugin config - Solr no longer crashes. Dovecot complains about the corruption - but it never hits solr. Now, I suppose I could break my config again to see if reading compressed mails without zlib enabled still outputs garbage to Solr... -- Daniel From hostmaster at taunusstein.net Fri Nov 30 08:35:08 2012 From: hostmaster at taunusstein.net (Christian Felsing) Date: Fri, 30 Nov 2012 07:35:08 +0100 Subject: [Dovecot] v2.1.11 released In-Reply-To: <1354171474.13277.5.camel@hurina> References: <1354171474.13277.5.camel@hurina> Message-ID: <50B8539C.5000507@taunusstein.net> Hi, seems v2.1.11 has broken Pigeonhole 0.3.3 Christian Am 29.11.2012 07:44, schrieb Timo Sirainen: > http://dovecot.org/releases/2.1/dovecot-2.1.11.tar.gz > http://dovecot.org/releases/2.1/dovecot-2.1.11.tar.gz.sig > > * lmtp/lda: dovecot.index.cache file is no longer fully mapped to > memory, allowing mail deliveries to work even if the file is huge. > * auth: userdb passwd lookups are now done by auth worker processes > instead of auth master process (as it was documented, but > accidentally didn't work that way). > > + lmtp: lmtp_rcpt_check_quota=yes setting checks quota on RCPT TO. > - lmtp: After successful proxying RCPT TO, the next one to a > nonexistent user gave tempfail error instead of "user not found". > - lmtp proxy: Fixed hanging if remote server was down. > - imap: Fixed crash when SEARCH contained multiple KEYWORD parameters. > - doveadm: Various fixes to handling doveadm-server connections. > - -i <instance name> parameter for Dovecot tools didn't work correctly. > - director was somewhat broken in v2.1.10. This version also includes > various reliability enhancements. > - auth: passdb imap was broken in v2.1.10. > > > From tss at iki.fi Fri Nov 30 09:01:10 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 30 Nov 2012 09:01:10 +0200 Subject: [Dovecot] v2.1.12 released Message-ID: <1354258870.2844.32.camel@innu> http://dovecot.org/releases/2.1/dovecot-2.1.12.tar.gz http://dovecot.org/releases/2.1/dovecot-2.1.12.tar.gz.sig The dovecot-config file installed by v2.1.11 was missing quotes, which broke building Pigeonhole. This release fixes that. From stsiol at yahoo.co.uk Fri Nov 30 10:13:07 2012 From: stsiol at yahoo.co.uk (Spyros Tsiolis) Date: Fri, 30 Nov 2012 08:13:07 +0000 (GMT) Subject: [Dovecot] v2.1.12 released In-Reply-To: <1354258870.2844.32.camel@innu> References: <1354258870.2844.32.camel@innu> Message-ID: <1354263187.38918.YahooMailNeo@web132203.mail.ird.yahoo.com> >________________________________ > From: Timo Sirainen <tss at iki.fi> >To: dovecot-news at dovecot.org; dovecot at dovecot.org >Sent: Friday, 30 November 2012, 9:01 >Subject: [Dovecot] v2.1.12 released > >http://dovecot.org/releases/2.1/dovecot-2.1.12.tar.gz >http://dovecot.org/releases/2.1/dovecot-2.1.12.tar.gz.sig > >The dovecot-config file installed by v2.1.11 was missing quotes, which >broke building Pigeonhole. This release fixes that. > Wow ! Boy you're fast ! s. ---- "I merely function as a channel that filters music through the chaos of noise" - Vangelis From lists at kokelnet.de Fri Nov 30 10:30:28 2012 From: lists at kokelnet.de (Tobias Hachmer) Date: Fri, 30 Nov 2012 09:30:28 +0100 Subject: [Dovecot] 2.1.12 - Pigeonhole 0.3.3 build failed: /usr/bin/ld: cannot find -lssl -lcrypto Message-ID: <2172377.X0VnGmhlpd@tobias-pc> Hello list, Although timos bugfix release this morning I can't build pigeonhole 0.3.3 for dovecot 2.1.12 successfully. I don't know if it is a new bug or if I do something wrong but with dovecot 2.1.10 all worked fine, with the same configure options. configure options (out of debian/rules for building debian package): ./configure --with-dovecot=/usr/lib/dovecot \ --host=$(DEB_HOST_GNU_TYPE) \ --build=$(DEB_BUILD_GNU_TYPE) \ --prefix=/usr \ --sysconfdir=/etc \ --libexecdir=\$${prefix}/lib \ --localstatedir=/var \ --mandir=\$${prefix}/share/man \ --infodir=\$${prefix}/share/info \ --with-moduledir=\$${prefix}/lib/dovecot/modules buildlogextraction with error, the full log is available here: https://launchpadlibrarian.net/124478979/buildlog_ubuntu-precise- amd64.dovecot-2.1-pigeonhole_0.3.3-7~kokelnet~precise_FAILEDTOBUILD.txt.gz Thanks in advance for any help, Tobias Hachmer Making all in lib-sieve-tool make[4]: Entering directory `/build/buildd/dovecot-2.1- pigeonhole-0.3.3/src/lib-sieve-tool' /bin/bash ../../libtool --tag=CC --mode=compile x86_64-linux-gnu-gcc - DHAVE_CONFIG_H -I. -I../.. -I../../src/lib-sieve -I/usr/include/dovecot - D_FORTIFY_SOURCE=2 -std=gnu99 -g -O2 -fstack-protector --param=ssp-buffer- size=4 -Wformat -Wformat-security -Wall -W -Wmissing-prototypes -Wmissing- declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -MT sieve-tool.lo -MD -MP -MF .deps/sieve-tool.Tpo -c -o sieve-tool.lo sieve-tool.c libtool: compile: x86_64-linux-gnu-gcc -DHAVE_CONFIG_H -I. -I../.. - I../../src/lib-sieve -I/usr/include/dovecot -D_FORTIFY_SOURCE=2 -std=gnu99 -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security - Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar- subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict- aliasing=2 -MT sieve-tool.lo -MD -MP -MF .deps/sieve-tool.Tpo -c sieve-tool.c -fPIC -DPIC -o .libs/sieve-tool.o libtool: compile: x86_64-linux-gnu-gcc -DHAVE_CONFIG_H -I. -I../.. - I../../src/lib-sieve -I/usr/include/dovecot -D_FORTIFY_SOURCE=2 -std=gnu99 -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security - Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar- subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict- aliasing=2 -MT sieve-tool.lo -MD -MP -MF .deps/sieve-tool.Tpo -c sieve-tool.c -o sieve-tool.o >/dev/null 2>&1 mv -f .deps/sieve-tool.Tpo .deps/sieve-tool.Plo /bin/bash ../../libtool --tag=CC --mode=compile x86_64-linux-gnu-gcc - DHAVE_CONFIG_H -I. -I../.. -I../../src/lib-sieve -I/usr/include/dovecot - D_FORTIFY_SOURCE=2 -std=gnu99 -g -O2 -fstack-protector --param=ssp-buffer- size=4 -Wformat -Wformat-security -Wall -W -Wmissing-prototypes -Wmissing- declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -MT mail-raw.lo -MD -MP -MF .deps/mail-raw.Tpo -c -o mail-raw.lo mail-raw.c libtool: compile: x86_64-linux-gnu-gcc -DHAVE_CONFIG_H -I. -I../.. - I../../src/lib-sieve -I/usr/include/dovecot -D_FORTIFY_SOURCE=2 -std=gnu99 -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security - Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar- subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict- aliasing=2 -MT mail-raw.lo -MD -MP -MF .deps/mail-raw.Tpo -c mail-raw.c -fPIC -DPIC -o .libs/mail-raw.o libtool: compile: x86_64-linux-gnu-gcc -DHAVE_CONFIG_H -I. -I../.. - I../../src/lib-sieve -I/usr/include/dovecot -D_FORTIFY_SOURCE=2 -std=gnu99 -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security - Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar- subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict- aliasing=2 -MT mail-raw.lo -MD -MP -MF .deps/mail-raw.Tpo -c mail-raw.c -o mail-raw.o >/dev/null 2>&1 mv -f .deps/mail-raw.Tpo .deps/mail-raw.Plo /bin/bash ../../libtool --tag=CC --mode=link x86_64-linux-gnu-gcc - std=gnu99 -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat- security -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime - Wstrict-aliasing=2 -Wl,-Bsymbolic-functions -Wl,-z,relro -o libsieve-tool.la sieve-tool.lo mail-raw.lo -lrt libtool: link: ar cru .libs/libsieve-tool.a .libs/sieve-tool.o .libs/mail- raw.o libtool: link: ranlib .libs/libsieve-tool.a libtool: link: ( cd ".libs" && rm -f "libsieve-tool.la" && ln -s "../libsieve- tool.la" "libsieve-tool.la" ) make[4]: Leaving directory `/build/buildd/dovecot-2.1- pigeonhole-0.3.3/src/lib-sieve-tool' Making all in sieve-tools make[4]: Entering directory `/build/buildd/dovecot-2.1- pigeonhole-0.3.3/src/sieve-tools' x86_64-linux-gnu-gcc -DHAVE_CONFIG_H -I. -I../.. -I../../src/lib-sieve - I../../src/lib-sieve-tool -I./debug -I/usr/include/dovecot - D_FORTIFY_SOURCE=2 -std=gnu99 -g -O2 -fstack-protector --param=ssp-buffer- size=4 -Wformat -Wformat-security -Wall -W -Wmissing-prototypes -Wmissing- declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -MT sievec.o -MD -MP -MF .deps/sievec.Tpo -c -o sievec.o sievec.c mv -f .deps/sievec.Tpo .deps/sievec.Po /bin/bash ../../libtool --tag=CC --mode=link x86_64-linux-gnu-gcc - std=gnu99 -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat- security -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime - Wstrict-aliasing=2 -export-dynamic -Wl,-Bsymbolic-functions -Wl,-z,relro -o sievec sievec.o ../../src/lib-sieve/libdovecot-sieve.la ../../src/lib-sieve- tool/libsieve-tool.la -ldovecot-storage -lssl -lcrypto -ldovecot-lda - L/usr/lib/dovecot -ldovecot -lrt libtool: link: x86_64-linux-gnu-gcc -std=gnu99 -g -O2 -fstack-protector -- param=ssp-buffer-size=4 -Wformat -Wformat-security -Wall -W -Wmissing- prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -Wl,-Bsymbolic- functions -Wl,-z -Wl,relro -o .libs/sievec sievec.o -Wl,--export-dynamic ../../src/lib-sieve/.libs/libdovecot-sieve.so ../../src/lib-sieve- tool/.libs/libsieve-tool.a /usr/lib/dovecot/libdovecot-storage.so -lssl - lcrypto /usr/lib/dovecot/libdovecot-lda.so -L/usr/lib/dovecot /usr/lib/dovecot/libdovecot.so -lrt -Wl,-rpath -Wl,/usr/lib/dovecot /usr/bin/ld: cannot find -lssl /usr/bin/ld: cannot find -lcrypto collect2: ld returned 1 exit status make[4]: *** [sievec] Error 1 make[4]: Leaving directory `/build/buildd/dovecot-2.1- pigeonhole-0.3.3/src/sieve-tools' make[3]: *** [all-recursive] Error 1 make[3]: Leaving directory `/build/buildd/dovecot-2.1-pigeonhole-0.3.3/src' make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory `/build/buildd/dovecot-2.1-pigeonhole-0.3.3' make[1]: *** [all] Error 2 make[1]: Leaving directory `/build/buildd/dovecot-2.1-pigeonhole-0.3.3' make: *** [build-stamp] Error 2 From tss at iki.fi Fri Nov 30 10:44:48 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 30 Nov 2012 10:44:48 +0200 Subject: [Dovecot] 2.1.12 - Pigeonhole 0.3.3 build failed: /usr/bin/ld: cannot find -lssl -lcrypto In-Reply-To: <2172377.X0VnGmhlpd@tobias-pc> References: <2172377.X0VnGmhlpd@tobias-pc> Message-ID: <8BCFDF68-BE1D-4F9E-9E70-4FE6355F50BE@iki.fi> On 30.11.2012, at 10.30, Tobias Hachmer wrote: > Although timos bugfix release this morning I can't build pigeonhole 0.3.3 for > dovecot 2.1.12 successfully. I don't know if it is a new bug or if I do > something wrong but with dovecot 2.1.10 all worked fine, with the same configure > options. Yes, the build was changed since v2.1.10 because the old way didn't work with some systems. > configure options (out of debian/rules for building debian package): .. > /usr/bin/ld: cannot find -lssl > /usr/bin/ld: cannot find -lcrypto You built Dovecot from a Debian package too, but don't have OpenSSL installed?.. From lists at kokelnet.de Fri Nov 30 11:02:22 2012 From: lists at kokelnet.de (Tobias Hachmer) Date: Fri, 30 Nov 2012 10:02:22 +0100 Subject: [Dovecot] 2.1.12 - Pigeonhole 0.3.3 build failed: /usr/bin/ld: cannot find -lssl -lcrypto In-Reply-To: <8BCFDF68-BE1D-4F9E-9E70-4FE6355F50BE@iki.fi> References: <2172377.X0VnGmhlpd@tobias-pc> <8BCFDF68-BE1D-4F9E-9E70-4FE6355F50BE@iki.fi> Message-ID: <2236844.32HTZT9t1K@tobias-pc> On Friday 30 November 2012 10:44:48 Timo Sirainen wrote: > You built Dovecot from a Debian package too, but don't have OpenSSL > installed?.. Thanks Timo for hte hint. openssl was installed, but the openssl development files (libssl-dev) dependency for my dovecot-dev package was missing. Regards, Tobias Hachmer From ramon.frontera at uib.es Fri Nov 30 11:22:19 2012 From: ramon.frontera at uib.es (Ramon Frontera) Date: Fri, 30 Nov 2012 10:22:19 +0100 Subject: [Dovecot] Dovecot director doveadm with switch "-A" error In-Reply-To: <1F75A354-F909-4BAB-8843-1821332BFC12@iki.fi> References: <453DDEEC-1372-40D2-ADD5-00F56904C52A@uib.es> <B528BA8C-9575-4C3C-B154-F243252B4B6F@iki.fi> <8874EC16-C9A2-4689-91E6-71453FF6ED65@uib.es> <1354065305.2844.30.camel@innu> <E7FBFA98-4819-4D82-A82E-86455EEAD055@uib.es> <1E3289A4-6787-4743-B3F2-D098C6748271@iki.fi> <0202B7EE-0411-46BA-ACF2-6C378C7443B4@uib.es> <1F75A354-F909-4BAB-8843-1821332BFC12@iki.fi> Message-ID: <9D166B16-D94E-4AFB-B87D-A3AA5090B877@uib.es> Hi, Thanks Timo for your help! I have installed dovecot version 2.1.12 changing format has solved "doveadm -o auth_socket_path=director-userdb quota get -A" Now, "doveadm -o auth_socket_path=director-userdb search -u user mailbox Trash savedbefore 1d" works fine!!!! Best regards! -- ------------------------------------------ Ramon Frontera Gallardo Universitat de les Illes Balears El 30/11/2012, a las 02:17, Timo Sirainen escribi?: > On 29.11.2012, at 16.22, Ramon Frontera wrote: > >> Now we have found 3 problems with doveadm on proxy server: >> >> 1 problem: >> In our configuration we have: >> protocol doveadm { >> auth_socket_path = director-userdb >> } >> >> I have executed this: >> # doveconf -m doveadm -f service=doveadm auth_socket_path >> auth_socket_path = director-userdb >> >> Now when We execute doveadm quota get -A >> we have this error: >> doveadm(user1): Error: /var/run/dovecot//auth-userdb: Proxy is missing destination host (maybe set auth_socket_path=director-userdb) >> doveadm: Error: Failed to iterate through some users >> >> with "-o auth_socket_path=director-userdb " it works for the early users. > > That's strange. I don't really have any ideas left how to debug it easily. > >> 2 problem >> when we execute doveadm -o auth_socket_path=director-userdb quota get -A it works for the early users and then return this error on proxy: >> >> doveadm(userabc): Fatal: table formatter doesn't support multi-line values > > Oh. Hmm. I see the problem.. I'll fix it later. For now you could change the formatter with doveadm -f tab or -f flow > >> 3 problem >> I have tested other doveadm command on proxy wich also fails: >> >> # doveadm -o auth_socket_path=director-userdb search -u user mailbox Trash savedbefore 1d >> >> on proxy we have this error: " doveadm(user): Error: xx.xx.xx.xx:24245: Internal failure for user" >> on mailserver we have this error: "doveadm: Fatal: master: service(doveadm): child 22171 killed with signal 11 (core dumps disabled)" >> >> I put the gdm bt output hope it help you. (mailserver) >> >> #0 auth_master_user_list_next (ctx=0x0) at auth-master.c:680 >> No locals. >> #1 0x00007f2dfe414f23 in mail_storage_service_all_next (ctx=0xf92900, >> username_r=0x7fff4306cab8) at mail-storage-service.c:1215 >> __FUNCTION__ = "mail_storage_service_all_next" >> #2 0x00007f2dfd0b0ed2 in doveadm_expire_mail_init (ctx=0xf89020) >> at doveadm-expire.c:420 > > This should fix it: http://hg.dovecot.org/dovecot-2.1/rev/75dc4cb4bfe0 > From fesarlis at gmail.com Fri Nov 30 12:22:43 2012 From: fesarlis at gmail.com (Aristidis Fesarlis) Date: Fri, 30 Nov 2012 12:22:43 +0200 Subject: [Dovecot] Maildir conversion Message-ID: <50B888F3.7010005@gmail.com> Hi all, I am using Dovecot 1.2.7, and trying to do my first Mbox to Maildir conversion. So I created a small script: > #!/bin/bash > > ls > userlist.txt > > for i in `cat userlist.txt`; do > echo "---------------------"; > echo "Converting user $i..."; > echo "---------------------"; > > su - $i -s /bin/bash -c "/opt/scripts/mb2md.pl -s mail -R"; > su - $i -s /bin/bash -c "/opt/scripts/mb2md.pl -m -s > /var/mail/$i"; > su - $i -s /bin/bash -c "cp ~$i/mail/.subscriptions > ~$i/Maildir/subscriptions"; > done > > rm -f userlist.txt I would like some help with the following: 1. Trying it, I get multiple warnings for some mailboxes like this: > "WARNING: UID from X-UID: header too low. Ignoring it Is this a problem? Or I can ignore it? 2. I understand that I also have to instruct my MDA (procmail) to deliver mail to the new location. I found that I have to create an /etc/procmailrc with the following line: > DEFAULT=$HOME/Maildir/ My question is: Some users have their own .procmailrc file inside their home directory, to filter mail etc. Their file does not contain the above statement. Would the default procmailrc file be processed for them as well? Or their file takes precedence, causing the default file not to be processed at all? Thank you From sirtcp at gmail.com Fri Nov 30 18:20:10 2012 From: sirtcp at gmail.com (Muhammad Yousuf Khan) Date: Fri, 30 Nov 2012 21:20:10 +0500 Subject: [Dovecot] Newbie Basic ACL issue Message-ID: <CAGWVfMncYwZF3mA37un4uqinGSJR+h3zxzTv=yRxetZ3B3+Uzw@mail.gmail.com> i can not impliment a basic acl to a /public/.News folder. however with out ACL it works great but after implementing acl "Public" folder can be seen while subscribing but i can not create folder inside it nor i can view already created ".News" folder. when i restart dovecot it shows me some thing like this root at mailsrv:/public/.News# /etc/init.d/dovecot restart Restarting IMAP/POP3 mail server: dovecotILoading modules from directory: /usr/lib/dovecot/modules/imap IModule loaded: /usr/lib/dovecot/modules/imap/lib01_acl_plugin.so IModule loaded: /usr/lib/dovecot/modules/imap/lib02_imap_acl_plugin.so IEffective uid=65534, gid=65534, home=/tmp Iacl: No acl_shared_dict setting - shared mailbox listing is disabled root at mailsrv:/public/.News# dovecot -n # 1.2.15: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.6 log_timestamp: %Y-%m-%d %H:%M:%S ssl_cert_file: /etc/ssl/certs/postfix.pem ssl_key_file: /etc/ssl/private/postfix.key login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/imap-login mail_privileged_group: mail mail_location: maildir:~/Maildir:INBOX=~/Maildir/:INDEX=~/Maildir/index mail_debug: yes mbox_write_locks: fcntl dotlock mail_plugins: acl imap_acl namespace: type: private separator: / inbox: yes list: yes subscriptions: yes namespace: type: public separator: / prefix: Public/ location: maildir:/public:INDEX=/public/index list: yes subscriptions: yes lda: mail_plugins: acl auth default: mechanisms: plain login passdb: driver: pam userdb: driver: passwd socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: postfix plugin: acl: vfile as i read in few howto's that "dovecot-acl" file should be placed in the mail publish folder like in my case "/public/.News/dovecot-acl" here is the output of my file root at mailsrv:/public/.News# cat dovecot-acl owner lrwstipekxa anyone= lr now after this implimentation i can see the folder "Public" in subscription now when i try to create a new folder inside ".News" folder via outlook 2007 it says "cannot move the item. the server responded: 'NOPERM] Permission denied" i think i am messed up permission actually i have 2 users "tom" and "fmaster" both doing the same thing. weather i write this "anyone lrwstpekxa" or "user=tom lrwstpekxa" it does the same for both user what i want is just a simple thing. i want tom to be the owner of .News and fmaster has read only. so he can only read the news but can not delete even can not change the flag to read or unread. Note: both are system users (not virtual users) Nov 30 20:50:42 mailsrv dovecot: IMAP(fmaster): open(/public/.News/dovecot-uidlist) failed: Permission denied Nov 30 20:50:42 mailsrv dovecot: IMAP(fmaster): open(/public/.News/dovecot-uidlist) failed: Permission denied Nov 30 20:54:45 mailsrv dovecot: IMAP(fmaster): open(/public/index/.News/dovecot.index.log) failed: Permission denied (euid=1001(fmaster) egid=1001(fmaster) missing +w perm: /public/index/.News/dovecot.index.log) Nov 30 20:54:50 mailsrv dovecot: IMAP(fmaster): open(/public/index/.News/dovecot.index.log) failed: Permission denied (euid=1001(fmaster) egid=1001(fmaster) missing +w perm: /public/index/.News/dovecot.index.log) i thought its a system level permission issue so i pass this command "chmod 777 /public -R" but still i receive the same outlook error but no errors in /var/log/mail.err. please hell me what kind of user right should be on the .News folder. for example, tom or root which one should have the "rwx" rights on the folder. and what kind of changes should i made in deovecot-acl any help, tip would be highly appreciated. Thanks, From ssilva at sgvwater.com Fri Nov 30 20:42:12 2012 From: ssilva at sgvwater.com (Scott Silva) Date: Fri, 30 Nov 2012 10:42:12 -0800 Subject: [Dovecot] Maildir conversion In-Reply-To: <50B888F3.7010005@gmail.com> References: <50B888F3.7010005@gmail.com> Message-ID: <k9aum1$tep$1@ger.gmane.org> <snip> > > 2. I understand that I also have to instruct my MDA (procmail) to deliver mail > to the new location. I found that I have to create an /etc/procmailrc with the > following line: > >> DEFAULT=$HOME/Maildir/ > > My question is: Some users have their own .procmailrc file inside their home > directory, to filter mail etc. Their file does not contain the above > statement. Would the default procmailrc file be processed for them as well? Or > their file takes precedence, causing the default file not to be processed at all? > > Thank you > > On my systems it works that way. Only the /etc/procmailrc file has that statement. From fuf at phuph.org Thu Nov 1 04:42:59 2012 From: fuf at phuph.org (Faheem Patel) Date: Wed, 31 Oct 2012 22:42:59 -0400 Subject: [Dovecot] =?utf-8?q?Modifying_mailbox_GUIDs=3F?= Message-ID: <7c0d1aa0d7c1974f917c17290e719788@horizon.phuph.org> Greetings all, I can view a mailbox's GUID like so: doveadm mailbox status -u guid However, how may I *modify* a mailbox GUID? Can this be done using doveadm or some other tool? If not, how may I go about modifying the dovecot.mailbox.log (where I assume GUID data is stored)? My specific use case has to do with me wanting to modify an existing mailbox's GUID so that its messages are mirrored into a folder of the same name using "dsync mirror". (As we know, dsync utilizes GUIDs to determine mailbox uniqueness) Thanks! -- - Faheem From fuf at phuph.org Thu Nov 1 05:13:37 2012 From: fuf at phuph.org (Faheem Patel) Date: Wed, 31 Oct 2012 23:13:37 -0400 Subject: [Dovecot] =?utf-8?q?Modifying_mailbox_GUIDs=3F?= In-Reply-To: <7c0d1aa0d7c1974f917c17290e719788@horizon.phuph.org> References: <7c0d1aa0d7c1974f917c17290e719788@horizon.phuph.org> Message-ID: <778d2396116c03d4b1d12234846aa12f@horizon.phuph.org> I see that the GUID is actually in readable text on the first line in "dovecot-uidlist". Is it really as simple as modifying the string here? - Faheem On Wed, 31 Oct 2012 22:42:59 -0400, Faheem Patel wrote: > Greetings all, > > I can view a mailbox's GUID like so: doveadm mailbox status -u guid > > However, how may I *modify* a mailbox GUID? Can this be done using doveadm or some other tool? > > If not, how may I go about modifying the dovecot.mailbox.log (where I assume GUID data is stored)? > > My specific use case has to do with me wanting to modify an existing mailbox's GUID so that its messages are mirrored into a folder of the same name using "dsync mirror". (As we know, dsync utilizes GUIDs to determine mailbox uniqueness) > > Thanks! > > -- > - Faheem From dmiller at amfes.com Thu Nov 1 06:16:11 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Wed, 31 Oct 2012 21:16:11 -0700 Subject: [Dovecot] Pigeonhole 3.3 broken against Dovecot 2.1.10 In-Reply-To: <A1559EE9-2F7A-406A-9799-D60339BF9E6F@iki.fi> References: <508FEB83.5010209@amfes.com> <A1559EE9-2F7A-406A-9799-D60339BF9E6F@iki.fi> Message-ID: <assp.16521f86e8.295e4368e20c518ae72a7d8c726f8869@amfes.com> On 31.10.2012 04:26, Timo Sirainen wrote: > On 30.10.2012, at 17.00, Daniel L. Miller wrote: > >> I'm compiling as I normally do. The config line for Dovecot is: configure --with-ldap --with-ssl --with-bzlib --with-zlib --with-stemmer --with-lucene --with-ldap followed by make & make install Then a 'configure' for Pigeonhole, followed by make, yields: libtool: link: gcc -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -o .libs/sieve-dump sieve-dump.o -Wl,--export-dynamic ../../src/lib-sieve/.libs/libdovecot-sieve.so ../../src/lib-sieve-tool/.libs/libsieve-tool.a /usr/local/lib/dovecot/libdovecot-storage.so /usr/local/lib/dovecot/libdovecot-lda.so -L/usr/local/lib/dovecot /usr/local/lib/dovecot/libdovecot.so -lrt -Wl,-rpath -Wl,/usr/local/lib/dovecot libtool: link: gcc -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -o .libs/sievec sievec.o -Wl,--export-dynamic ../../src/lib-sieve/.libs/libdovecot-sieve.so ../../src/lib-sieve-tool/.libs/libsieve-tool.a /usr/local/lib/dovecot/libdovecot-storage.so /usr/local/lib/dovecot/libdovecot-lda.so -L/usr/local/lib/dovecot /usr/local/lib/dovecot/libdovecot.so -lrt -Wl,-rpath -Wl,/usr/local/lib/dovecot /usr/local/lib/dovecot/libdovecot-storage.so: undefined reference to `sk_new_null at OPENSSL_1.0.0' /usr/local/lib/dovecot/libdovecot-storage.so: undefined reference to `SSL_get_error at OPENSSL_1.0.0' > > I think this is a Dovecot bug, fixed by: http://hg.dovecot.org/dovecot-2.1/rev/7d931927e4ac [1] > > You could also do this by adding -lssl -lcrypto manually to the installed dovecot-config and running configure again for pigeonhole. I see "-lssl -lcrypto" already in the DOVECOT_SSL_LIBS section of /usr/local/lib/dovecot/dovecot-config. What should be changed? -- Daniel Links: ------ [1] http://hg.dovecot.org/dovecot-2.1/rev/7d931927e4ac From dmiller at amfes.com Thu Nov 1 06:23:45 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Wed, 31 Oct 2012 21:23:45 -0700 Subject: [Dovecot] Pigeonhole 3.3 broken against Dovecot 2.1.10 In-Reply-To: <295e4368e20c518ae72a7d8c726f8869@amfes.com> References: <508FEB83.5010209@amfes.com> <A1559EE9-2F7A-406A-9799-D60339BF9E6F@iki.fi> <295e4368e20c518ae72a7d8c726f8869@amfes.com> Message-ID: <assp.16520a4294.f9b09819410325694141b18341f3ac8a@amfes.com> On 31.10.2012 21:16, Daniel L. Miller wrote: > On 31.10.2012 04:26, Timo Sirainen wrote: > >> I think this is a Dovecot bug, fixed > > by: http://hg.dovecot.org/dovecot-2.1/rev/7d931927e4ac [1][1] > >> You > > could also do this by adding -lssl -lcrypto manually to the installed > dovecot-config and running configure again for pigeonhole. > > I see "-lssl > -lcrypto" already in the DOVECOT_SSL_LIBS section of > /usr/local/lib/dovecot/dovecot-config. What should be changed? Ok - I read the patch, and modified the LIBDOVECOT_STORAGE section accordingly. Same compile error for Pigeonhole after performing a 'make clean' and 'configure'. -- Daniel Links: ------ [1] http://hg.dovecot.org/dovecot-2.1/rev/7d931927e4ac From dmiller at amfes.com Thu Nov 1 06:25:14 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Wed, 31 Oct 2012 21:25:14 -0700 Subject: [Dovecot] Pigeonhole 3.3 broken against Dovecot 2.1.10 In-Reply-To: <f9b09819410325694141b18341f3ac8a@amfes.com> References: <508FEB83.5010209@amfes.com> <A1559EE9-2F7A-406A-9799-D60339BF9E6F@iki.fi> <295e4368e20c518ae72a7d8c726f8869@amfes.com> <f9b09819410325694141b18341f3ac8a@amfes.com> Message-ID: <assp.1652bc0f4c.bb603fbd89dcd3fc446eb6d8ac5f5e45@amfes.com> On 31.10.2012 21:23, Daniel L. Miller wrote: > On 31.10.2012 21:16, Daniel L. Miller wrote: > >> On 31.10.2012 > > 04:26, Timo Sirainen wrote: > >>> I think this is a Dovecot bug, fixed > could also do this by adding -lssl -lcrypto manually to the > > installed > dovecot-config and > >> -left:#1010ff 2px solid; margin-left:5px; width:100%">I see > pto" already in the DOVECOT_SSL_LIBS section of > > /usr/local/lib/dovecot/dovecot-config. What should be changed? > > Ok - I > read the patch, and modified the LIBDOVECOT_STORAGE section accordingly. > Same comp> > >> I take that back - it's not exactly the same compile error. Now it references libdovecot-login.so for the undefined SSL references. -- Daniel From dmiller at amfes.com Thu Nov 1 06:27:13 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Wed, 31 Oct 2012 21:27:13 -0700 Subject: [Dovecot] Pigeonhole 3.3 broken against Dovecot 2.1.10 In-Reply-To: <f9b09819410325694141b18341f3ac8a@amfes.com> References: <508FEB83.5010209@amfes.com> <A1559EE9-2F7A-406A-9799-D60339BF9E6F@iki.fi> <295e4368e20c518ae72a7d8c726f8869@amfes.com> <f9b09819410325694141b18341f3ac8a@amfes.com> Message-ID: <assp.16521dc96c.8ec1943dc195ccfba443017997b837dc@amfes.com> On 31.10.2012 21:23, Daniel L. Miller wrote: > On 31.10.2012 21:16, Daniel L. Miller wrote: > >> On 31.10.2012 > > 04:26, Timo Sirainen wrote: > >>> I think this is a Dovecot bug, fixed > could also do this by adding -lssl -lcrypto manually to the > > installed > dovecot-config and > >> -left:#1010ff 2px solid; margin-left:5px; width:100%">I see > pto" already in the DOVECOT_SSL_LIBS section of > > /usr/local/lib/dovecot/dovecot-config. What should be changed? > > Ok - I > read the patch, and modified the LIBDOVECOT_STORAGE section accordingly. > Same comp> > >> Thought I'd see if I could guess the next fix - added the parms to LIBDOVECOT_LOGIN as well. Seems to have fixed it. Sorry for the multiple posts - it's been a long day. -- Daniel From tlx at leuxner.net Thu Nov 1 12:27:34 2012 From: tlx at leuxner.net (Thomas Leuxner) Date: Thu, 1 Nov 2012 11:27:34 +0100 Subject: [Dovecot] 2.2.alpha1 (626a9df21e62): LMTP Core Dump Message-ID: <20121101102734.GA20126@nihlus.leuxner.net> Please find Backtrace for LMTP Core Dump below: [...] ==> /var/log/dovecot/dovecot.log <== Nov 1 11:16:14 spectre dovecot: lmtp(17245): Connect from local Nov 1 11:16:14 spectre dovecot: lmtp(17245): Fatal: master: service(lmtp): child 17245 killed with signal 11 (core dumped) ==> /var/log/mail.log <== Nov 1 11:16:14 spectre postfix/lmtp[17204]: 3Xsj4G11MrzNY: to=<tlx at leuxner.net>, relay=spectre.leuxner.net[private/dovecot-lmtp], delay=0.11, delays=0.06/0/0.01/0.04, dsn=4.4.2, status=deferred (lost connection with spectre.leuxner.net[private/dovecot-lmtp] while sending MAIL FROM) [...] $ gdb /usr/lib/dovecot/lmtp /tmp/core Program terminated with signal 11, Segmentation fault. #0 0x00007f6174db3d35 in mail_storage_service_lookup (ctx=0x1160640, input=0x7fff905265d0, user_r=<value optimized out>, error_r=<value optimized out>) at mail-storage-service.c:1013 1013 mail-storage-service.c: No such file or directory. in mail-storage-service.c (gdb) bt full #0 0x00007f6174db3d35 in mail_storage_service_lookup (ctx=0x1160640, input=0x7fff905265d0, user_r=<value optimized out>, error_r=<value optimized out>) at mail-storage-service.c:1013 flags = 675 user = <value optimized out> username = 0x11540b0 "tlx at leuxner.net" user_info = 0x1163718 user_set = <value optimized out> userdb_fields = 0x1173dd8 error = <value optimized out> reply = {uid = 0, gid = 0, home = 0x7f6175249712 "H\211\303d\213\004%\030", chroot = 0x7f6100000001 <Address 0x7f6100000001 out of bounds>, extra_fields = {arr = {buffer = 0x0, element_size = 18170192}, v = 0x0, v_modifiable = 0x0}, anonymous = 0} set_parser = 0x1167500 sets = 0x0 user_pool = 0x11705e0 temp_pool = 0x1173db0 ret = 1 #1 0x0000000000406c16 in cmd_rcpt (client=0x1161e70, args=0x116d623 "") at commands.c:545 rcpt = {address = 0x0, detail = 0x0, service_user = 0x0} input = {module = 0x40823a "lmtp", service = 0x40823a "lmtp", username = 0x11540b0 "tlx at leuxner.net", session_id = 0x0, local_ip = {family = 0, u = {ip6 = {__in6_u = { __u6_addr8 = '\000' <repeats 15 times>, __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = {s_addr = 0}}}, remote_ip = {family = 0, u = {ip6 = {__in6_u = { __u6_addr8 = '\000' <repeats 15 times>, __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = {s_addr = 0}}}, local_port = 0, remote_port = 0, userdb_fields = 0x0, flags_override_add = 0, flags_override_remove = 0, no_userdb_lookup = 0} address = 0x11540b0 "tlx at leuxner.net" username = 0x11540b0 "tlx at leuxner.net" detail = 0x4086a3 "" error = 0x0 ret = <value optimized out> #2 0x00000000004055fb in client_input_line (client=0x1161e70) at client.c:60 cmd = <value optimized out> args = 0x116d60f "TO:<tlx at leuxner.net>" #3 client_input_handle (client=0x1161e70) at client.c:113 _data_stack_cur_id = 3 output = 0x11610e8 line = <value optimized out> ret = <value optimized out> #4 0x00007f6174afd186 in io_loop_call_io (io=0x1161190) at ioloop.c:387 ioloop = 0x115c670 t_id = 2 #5 0x00007f6174afe1d7 in io_loop_handler_run (ioloop=<value optimized out>) at ioloop-epoll.c:215 ctx = 0x115f4a0 event = 0x115f510 list = 0x11611e0 io = 0x11540b0 tv = {tv_sec = 299, tv_usec = 999016} msecs = <value optimized out> ret = 1 i = 0 call = false #6 0x00007f6174afd128 in io_loop_run (ioloop=0x115c670) at ioloop.c:406 No locals. #7 0x00007f6174ae6473 in master_service_run (service=0x115c510, callback=0x1173e08) at master-service.c:546 No locals. #8 0x0000000000404a06 in main (argc=1, argv=0x115c370) at main.c:122 set_roots = {0x60a8e0, 0x408e20, 0x0} service_flags = <value optimized out> storage_service_flags = 675 c = <value optimized out> [ doveconf -n ] # 2.2.alpha1 (626a9df21e62): /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.6 auth_cache_size = 16 k auth_verbose = yes mail_location = mdbox:~/mdbox mail_plugins = acl quota stats namespace { list = yes location = mdbox:/var/vmail/public prefix = Public/ separator = / subscriptions = no type = public } namespace inbox { hidden = no inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / type = private } passdb { args = username_format=%u /var/vmail/auth.d/%d/passwd driver = passwd-file } plugin { acl = vfile:/var/vmail/conf.d/%d/acls:cache_secs=300 mail_log_events = expunge mailbox_delete quota = dict:user::file:%h/mdbox/dovecot-quota quota_rule = *:storage=1GB quota_rule2 = Trash:storage=+10%% sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_global_dir = /var/vmail/conf.d/%d/sieve stats_refresh = 30s stats_track_cmds = yes } protocols = " imap lmtp" quota_full_tempfail = yes service auth-worker { unix_listener auth-worker { user = doveauth } user = doveauth } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } user = doveauth } service imap-login { inet_listener imap { address = 1.2.3.4 port = 143 } inet_listener imaps { port = 0 } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } } service stats { fifo_listener stats-mail { mode = 0600 user = vmail } } ssl_ca = </etc/ssl/certs/SSL123_CA_Bundle.pem ssl_cert = </etc/ssl/certs/host_domain_tld.crt ssl_key = </etc/ssl/private/host_domain_tld.key syslog_facility = local1 userdb { args = username_format=%u /var/vmail/auth.d/%d/passwd driver = passwd-file } verbose_proctitle = yes protocol lmtp { mail_plugins = acl quota stats sieve } protocol imap { mail_max_userip_connections = 20 mail_plugins = acl quota stats imap_acl imap_quota mail_log notify imap_stats } -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121101/da4b9bfe/attachment-0002.bin> From dave at boostpro.com Thu Nov 1 15:08:43 2012 From: dave at boostpro.com (Dave Abrahams) Date: Thu, 01 Nov 2012 09:08:43 -0400 Subject: [Dovecot] Indexing problems Message-ID: <m2k3u5ii78.fsf@cone.luannocracy.com> It looks like something is going very wrong here. Any advice? --8<---------------cut here---------------start------------->8--- $ doveadm -vvvD index '*' doveadm(dave): Debug: Loading modules from directory: /usr/local/lib/dovecot doveadm(dave): Debug: Module loaded: /usr/local/lib/dovecot/lib20_fts_plugin.so doveadm(dave): Debug: Module loaded: /usr/local/lib/dovecot/lib20_zlib_plugin.so doveadm(dave): Debug: Module loaded: /usr/local/lib/dovecot/lib21_fts_lucene_plugin.so doveadm(dave): Debug: Loading modules from directory: /usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm doveadm(dave): Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: dlopen(/usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so, 10): Symbol not found: _acl_user_module Referenced from: /usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so Expected in: flat namespace in /usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so (this is usually intentional, so just ignore this message) doveadm(dave): Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: dlopen(/usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so, 10): Symbol not found: _expire_set_deinit Referenced from: /usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so Expected in: flat namespace in /usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so (this is usually intentional, so just ignore this message) doveadm(dave): Debug: Skipping module doveadm_quota_plugin, because dlopen() failed: dlopen(/usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so, 10): Symbol not found: _quota_user_module Referenced from: /usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so Expected in: flat namespace in /usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so (this is usually intentional, so just ignore this message) doveadm(dave): Debug: Module loaded: /usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm/lib10_doveadm_zlib_plugin.so doveadm(dave): Debug: Module loaded: /usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm/lib20_doveadm_fts_lucene_plugin.so doveadm(dave): Debug: Module loaded: /usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm/lib20_doveadm_fts_plugin.so doveadm(dave): Debug: Effective uid=501, gid=20, home=/Users/dave doveadm(dave): Debug: Namespace inbox: type=private, prefix=, sep=., inbox=yes, hidden=no, list=yes, subscriptions=yes location=mdbox:/Users/dave/Library/Data/LocalIMAP/mdbox doveadm(dave): Debug: fs: root=/Users/dave/Library/Data/LocalIMAP/mdbox, index=, control=, inbox=, alt= doveadm(dave): Debug: Namespace : Using permissions from /Users/dave/Library/Data/LocalIMAP/mdbox: mode=0700 gid=-1 doveadm(dave): Info: [Gmail].All: Cache is already up to date doveadm(dave): Info: [Gmail].All Mail: Caching mails seq=2..231746 8000/231745Assertion failed: (numDocsInStore*8 == directory->fileLength( (docStoreSegment + "." + IndexFileNames::FIELDS_INDEX_EXTENSION).c_str() )), function closeDocStore, file /tmp/clucene-gmYE/src/core/CLucene/index/DocumentsWriter.cpp, line 210. Abort trap: 6 cone:local dave$ --8<---------------cut here---------------end--------------->8--- -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From mancyborg at gmail.com Thu Nov 1 17:20:49 2012 From: mancyborg at gmail.com (mancyborg at gmail.com) Date: Thu, 1 Nov 2012 16:20:49 +0100 Subject: [Dovecot] dovecot dimensioning Message-ID: <20121101162049.77c57503@uplink> Hi All, first post here, nice to meet you :) I've been using dovecot + postfix + clamav + spamassassin for years but always with few users. Now i must build a server for 1500 users, they will use various email software (thunderbird, outlook, ..) the webmail (i'm not sure if squirrelmail or roundcube) and blackberry devices (with the BIS service). There will be around 1000 domains (virtual_domains) and postfix will read its users and domains from mysql. Let's say that they will send and receive around 5000 emails per hour (10K in total per hour). I was thinking to use karspersky server instead of clamav. I already have the hardware, it is a server with 4 physical cpu (Intel Xeon E5504 @ 2.00GHz) and 24 gb of ram, do you think it is enough ? Thanks for supporting, regards and have a nice day, Mike From mancyborg at gmail.com Thu Nov 1 21:32:36 2012 From: mancyborg at gmail.com (mancyborg at gmail.com) Date: Thu, 1 Nov 2012 20:32:36 +0100 Subject: [Dovecot] dovecot dimensioning In-Reply-To: <0C621B8F-997C-43D2-9923-B7FBB8552676@us.es> References: <20121101162049.77c57503@uplink> <0C621B8F-997C-43D2-9923-B7FBB8552676@us.es> Message-ID: <20121101203236.1803e9de@uplink> Hi Javier, yes i see. Storage for now is just a 3tb sata2 hdd, so i guess that write performance is around 100 MB/s What do you think about that ? Thanks and regards, Mike On Thu, 1 Nov 2012 19:55:35 +0100 Javier de Miguel Rodriguez <javierdemiguel-ext at us.es> wrote: > > IMHO, fast storage is the main requirement for dovecot. > > > > El 01/11/2012, a las 16:20, "mancyborg at gmail.com" <mancyborg at gmail.com> escribi?: > > > Hi All, first post here, nice to meet you :) > > > > I've been using dovecot + postfix + clamav + spamassassin for years but always with few users. > > > > Now i must build a server for 1500 users, > > they will use various email software (thunderbird, outlook, ..) > > the webmail (i'm not sure if squirrelmail or roundcube) > > and blackberry devices (with the BIS service). > > > > There will be around 1000 domains (virtual_domains) and postfix will read its users and domains from mysql. > > > > Let's say that they will send and receive around 5000 emails per hour (10K in total per hour). > > > > I was thinking to use karspersky server instead of clamav. > > > > I already have the hardware, it is a server with 4 physical cpu (Intel Xeon E5504 @ 2.00GHz) and 24 gb of ram, > > do you think it is enough ? > > > > > > Thanks for supporting, > > regards and have a nice day, > > Mike From dave at boostpro.com Thu Nov 1 16:38:04 2012 From: dave at boostpro.com (Dave Abrahams) Date: Thu, 01 Nov 2012 10:38:04 -0400 Subject: [Dovecot] No manpage for "doveadm fts" command Message-ID: <m2pq3xfkxf.fsf@cone.luannocracy.com> Just wanted to make sure this issue was registered separately from the overall confusion I'm exploring in another thread, even though I mention this there too. -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From dave at boostpro.com Thu Nov 1 16:37:00 2012 From: dave at boostpro.com (Dave Abrahams) Date: Thu, 01 Nov 2012 10:37:00 -0400 Subject: [Dovecot] When are search indexes updated? References: <m2pq43k7n3.fsf@cone.luannocracy.com> <508C9C8A.8000309@hardwarefreak.com> Message-ID: <m2vcdpfkz7.fsf@cone.luannocracy.com> on Sat Oct 27 2012, Stan Hoeppner <stan-AT-hardwarefreak.com> wrote: > On 10/27/2012 3:00 PM, David Abrahams wrote: >> >> I noticed that occasionally searching in my huge archive mailbox can be >> really slow, so I tried doveadm index on it and it seemed to do a lot of >> work, which seemed strange given, for example, that dovecot-lda says it >> keeps Dovecot index files up-to-date. Then I thought, "maybe these are >> different files than the search indices." If so, that's not entirely >> clear from the docs and Wiki. So, questions: > > Mailbox and search indexes are separate. If so, I hereby request that they be properly and explicitly distinguished from one another, every place "index" is mentioned on the wiki. > Look in your mailbox directory and you'll see them, such as on 1.2.x > with mbox: I'm on 2.x with mdbox, FWIW. > $ la /home/stan/mail/.imap/1-Dovecot > total 3.4M > drwx------ 2 stan stan 135 Oct 25 21:39 . > drwx------ 51 stan stan 4.0K Apr 13 2012 .. > -rw------- 1 stan stan 44K Oct 27 13:28 dovecot.index > -rw------- 1 stan stan 1.2M Oct 27 21:23 dovecot.index.cache > -rw------- 1 stan stan 18K Oct 27 21:23 dovecot.index.log > -rw------- 1 stan stan 1.1M May 20 06:32 dovecot.index.search > -rw------- 1 stan stan 1.1M May 20 06:32 dovecot.index.search.uids > > I've not full text searched this folder for quite some time, thus the > search indexes are not current, and the next FTS of this mail folder > will take much more time than if the FTS indexes were current. > >> * When are search indexes updated? > > When the index is stale. That's pretty vague :-) >> * Are they updated incrementally? >> * If not, why not? >> * If so, why would a mailbox's index drift out-of-date, as mine had? > > When a sufficient number of messages are added to an IMAP folder the FTS > index becomes stale. That's a little less vague, thanks :-) > This index is not updated in real time. This is why Timo and others > recommend cron'ing a script to index folders regularly that are > searched regularly. And how does one index the folders for search? Is that "doveadm index" or "doveadm fts rescan" (which I see at http://wiki2.dovecot.org/Plugins/FTS but NOT in the manpage), or...? > This keeps the indexes up to date and keeps searches fast. If you > don't do this or search often, your indexes become stale. Then each > time you do an FTS search the first thing that happens is an FTS > re-indexing of the mail folder. Only then does it display the search > results. > >> BTW, I'm using the clucene search backend. > > I've not used Lucene, but I believe the default behavior is similar to > the Dovecot 1.2.x FTS indexer. Not sure what conclusion to draw from that, thanks. -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From dave at boostpro.com Thu Nov 1 22:28:15 2012 From: dave at boostpro.com (Dave Abrahams) Date: Thu, 01 Nov 2012 16:28:15 -0400 Subject: [Dovecot] "starting" dovecot Message-ID: <m2zk31gja8.fsf@pluto.luannocracy.com> My system never issues the "dovecot start" command. I do, however, run /usr/local/libexec/dovecot/imap on port 9xxx. I talk to the server through port 9xxx and through the preauth tunnel. Is this arrangement OK? Are there some things that will only work if "dovecot" is invoked? Thanks, -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From gfinch at ldmltd.ca Fri Nov 2 01:12:43 2012 From: gfinch at ldmltd.ca (Gregory Finch) Date: Thu, 01 Nov 2012 16:12:43 -0700 Subject: [Dovecot] dovecot dimensioning In-Reply-To: <20121101203236.1803e9de@uplink> References: <20121101162049.77c57503@uplink> <0C621B8F-997C-43D2-9923-B7FBB8552676@us.es> <20121101203236.1803e9de@uplink> Message-ID: <509301EB.1070508@ldmltd.ca> I believe that Javier is talking IOPS, not throughput. You need a storage system that is able to provide a high random read + write IOPS. That single drive is going to cause you issues when things get busy. -Greg On 2012-11-01 12:32 PM, mancyborg at gmail.com wrote: > Hi Javier, yes i see. > Storage for now is just a 3tb sata2 hdd, so i guess that write performance is around 100 MB/s > > What do you think about that ? > > Thanks and regards, > Mike > > > On Thu, 1 Nov 2012 19:55:35 +0100 > Javier de Miguel Rodriguez <javierdemiguel-ext at us.es> wrote: > >> IMHO, fast storage is the main requirement for dovecot. >> >> >> >> El 01/11/2012, a las 16:20, "mancyborg at gmail.com" <mancyborg at gmail.com> escribi?: >> >>> Hi All, first post here, nice to meet you :) >>> >>> I've been using dovecot + postfix + clamav + spamassassin for years but always with few users. >>> >>> Now i must build a server for 1500 users, >>> they will use various email software (thunderbird, outlook, ..) >>> the webmail (i'm not sure if squirrelmail or roundcube) >>> and blackberry devices (with the BIS service). >>> >>> There will be around 1000 domains (virtual_domains) and postfix will read its users and domains from mysql. >>> >>> Let's say that they will send and receive around 5000 emails per hour (10K in total per hour). >>> >>> I was thinking to use karspersky server instead of clamav. >>> >>> I already have the hardware, it is a server with 4 physical cpu (Intel Xeon E5504 @ 2.00GHz) and 24 gb of ram, >>> do you think it is enough ? >>> >>> >>> Thanks for supporting, >>> regards and have a nice day, >>> Mike -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 260 bytes Desc: OpenPGP digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121101/b90ee575/attachment-0002.bin> From delrio at mie.utoronto.ca Fri Nov 2 15:39:56 2012 From: delrio at mie.utoronto.ca (Oscar del Rio) Date: Fri, 02 Nov 2012 09:39:56 -0400 Subject: [Dovecot] dovecot dimensioning In-Reply-To: <509301EB.1070508@ldmltd.ca> References: <20121101162049.77c57503@uplink> <0C621B8F-997C-43D2-9923-B7FBB8552676@us.es> <20121101203236.1803e9de@uplink> <509301EB.1070508@ldmltd.ca> Message-ID: <5093CD2C.8020502@mie.utoronto.ca> On 11/ 1/12 07:12 PM, Gregory Finch wrote: > I believe that Javier is talking IOPS, not throughput. You need a > storage system that is able to provide a high random read + write IOPS. > That single drive is going to cause you issues when things get busy. And a disaster when the single drive fails! From dave at boostpro.com Fri Nov 2 09:52:45 2012 From: dave at boostpro.com (Dave Abrahams) Date: Fri, 02 Nov 2012 03:52:45 -0400 Subject: [Dovecot] "starting" dovecot References: <m2zk31gja8.fsf@pluto.luannocracy.com> Message-ID: <m2390sfnle.fsf@cone.luannocracy.com> on Thu Nov 01 2012, Dave Abrahams <dave-AT-boostpro.com> wrote: > My system never issues the "dovecot start" command. I do, however, run > /usr/local/libexec/dovecot/imap on port 9xxx. I talk to the server > through port 9xxx and through the preauth tunnel. Is this arrangement > OK? Are there some things that will only work if "dovecot" is invoked? In particular, I'm curious because of messages like the one below that I got from "doveadm search": doveadm(dave): Error: net_connect_unix(/usr/local/var/run/dovecot/indexer) failed: No such file or directory Is the lack of this (or any other) socket attributable to not having started dovecot itself? -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From skdovecot at smail.inf.fh-brs.de Fri Nov 2 17:55:42 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 2 Nov 2012 16:55:42 +0100 (CET) Subject: [Dovecot] Feature request: add information to error message: client doesn't have lookup permissions for this user: userdb reply doesn't contain uid (change userdb socket permissions) Message-ID: <alpine.DEB.2.02.1211021622060.8405@pc-2m63nn> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Please add the information to this error, which socket has the problem and which uid access is and what is expected. For instance, when the quota dict request fails, because of permission problems, you get a very detailed info about the current problem. And, further more, hints to solve it. BTW: I'm trying to configure shared mailboxes for a virtual user system, when one user with ACLs on other mailboxes requests a LIST, I get this error. In my case, I solved the problem by chmod u+x auth-userdb . Kind regards, - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUJPs/2oxLS8a3A9mAQLQxwf/ZkhmER1q/+rlZCIdQ70x6TDwS1nwJI6J FHyr8UFgV0xXBeX8OW+UDl8N4OzXOiReygHnrcpYE4BCEQmeQC9YUU7mCcC6tpqG cg+uYMAPap3Zx8WkAqsmDnnqHe4xX7GUscoiVh1vxYdiRkHwikiKEfuve+SwTpyj wmAK5CMGLBifWPk6bmFP7YR+sJnG/E1vKxEUMEKEKjMfubsCCqc95NNCOiVTwCTG Y15eIhyJTBBjrGuLSeiHb40sPnOE/OgO9r00+OXrZOtuouYZlsMENsDXSFFLoC7v MpABu57w3GRC0p33bjSuX8ZGinEd8fFz9mbUCSvBmLLL7rOZVR6FDw== =Rf46 -----END PGP SIGNATURE----- From mancyborg at gmail.com Fri Nov 2 18:37:00 2012 From: mancyborg at gmail.com (mancyborg at gmail.com) Date: Fri, 2 Nov 2012 17:37:00 +0100 Subject: [Dovecot] dovecot dimensioning In-Reply-To: <5093CD2C.8020502@mie.utoronto.ca> References: <20121101162049.77c57503@uplink> <0C621B8F-997C-43D2-9923-B7FBB8552676@us.es> <20121101203236.1803e9de@uplink> <509301EB.1070508@ldmltd.ca> <5093CD2C.8020502@mie.utoronto.ca> Message-ID: <20121102173700.4a378b98@uplink> Hi thanks to all for your pointers, very interesting. I'll do my homework about local SAS disks and SANs. Thanks and regards :) Mike On Fri, 02 Nov 2012 09:39:56 -0400 Oscar del Rio <delrio at mie.utoronto.ca> wrote: > On 11/ 1/12 07:12 PM, Gregory Finch wrote: > > I believe that Javier is talking IOPS, not throughput. You need a > > storage system that is able to provide a high random read + write IOPS. > > That single drive is going to cause you issues when things get busy. > > And a disaster when the single drive fails! > From al-dovecot at none.at Sat Nov 3 01:51:56 2012 From: al-dovecot at none.at (Aleksandar Lazic) Date: Sat, 03 Nov 2012 00:51:56 +0100 Subject: [Dovecot] sessionid in logout line Message-ID: <1d2773bf5d07449f37b9af8c4cd8d699@none.at> Dear listmembers. I have the following login_log_format_elements = service=%s user=<%u> session=%{session} method=%m rip=%r lip=%l mpid=%e %c %k Maybe I have overseen the config option to add the %{session} also to the logout line. Here a example from my log: ### Nov 3 00:46:43 <HOST> dovecot: imap-login: Login: service=imap, user=<USER>, session=ETV8v4vNfwB/AAAB, method=CRAM-MD5, rip=127.0.0.1, lip=127.0.0.1, mpid=14874, TLS, TLSv1.1 with cipher AES256-SHA (256/256 bits) zlib compression Nov 3 00:46:43 external dovecot: imap(USER): Disconnected: Logged out in=15649 out=80199 ### Thanks for help and answers. Best regards Aleks From user+dovecot at localhost.localdomain.org Sat Nov 3 02:01:28 2012 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Sat, 03 Nov 2012 01:01:28 +0100 Subject: [Dovecot] sessionid in logout line In-Reply-To: <1d2773bf5d07449f37b9af8c4cd8d699@none.at> References: <1d2773bf5d07449f37b9af8c4cd8d699@none.at> Message-ID: <50945ED8.1060403@localhost.localdomain.org> On 11/03/2012 12:51 AM Aleksandar Lazic wrote: > Dear listmembers. > > I have the following > > login_log_format_elements = service=%s user=<%u> session=%{session} > method=%m rip=%r lip=%l mpid=%e %c %k > > Maybe I have overseen the config option to add the %{session} also to > the logout line. > ? I use: imap_logout_format = in=%i out=%o, session=<%{session}> Regards, Pascal -- The trapper recommends today: c01dcofe.1230800 at localdomain.org From al-dovecot at none.at Sat Nov 3 11:06:10 2012 From: al-dovecot at none.at (Aleksandar Lazic) Date: Sat, 03 Nov 2012 10:06:10 +0100 Subject: [Dovecot] sessionid in logout line In-Reply-To: <50945ED8.1060403@localhost.localdomain.org> References: <1d2773bf5d07449f37b9af8c4cd8d699@none.at> <50945ED8.1060403@localhost.localdomain.org> Message-ID: <3a40500f7994634c97bf7fd35c9d8c63@none.at> Dear Pascal, Am 03-11-2012 01:01, schrieb Pascal Volk: > On 11/03/2012 12:51 AM Aleksandar Lazic wrote: >> Dear listmembers. >> [snipp] >> Maybe I have overseen the config option to add the %{session} also >> to >> the logout line. >> ? > > I use: imap_logout_format = in=%i out=%o, session=<%{session}> AH thanks I have overlooked this with dovecot config|egrep -i log Best regards Aleks From ice3wtt at gmail.com Sat Nov 3 11:18:11 2012 From: ice3wtt at gmail.com (mican zhang) Date: Sat, 3 Nov 2012 17:18:11 +0800 Subject: [Dovecot] dovecot default service Message-ID: <CAMgUSrVMS-mZwt1oSA-7Kzs8bzR51AxwCK2vsjNFraJ-hr4FXw@mail.gmail.com> i install dovecot 2 and when i try ps auxw|grep "dovecot" i just get only 5processes, root 21861 0.0 0.0 14884 980 ? Ss 16:53 0:00 /usr/local/sbin /dovecot dovecot 21862 0.0 0.0 12740 968 ? S 16:53 0:00 dovecot/anvil root 21863 0.0 0.0 12872 1088 ? S 16:53 0:00 dovecot/log root 21865 0.0 0.0 15356 1468 ? S 16:53 0:00 dovecot/config root 21945 0.0 0.0 61148 800 pts/0 S+ 17:04 0:00 grep dovecot , my os is redhat 5.4 and i just install like ./configure make &make install i don't what's wrong?i also test on centos 6.2,and result is the same does anyone has the same issue?and what should i do to fix this? From dovecot at vosslamber.nl Sat Nov 3 11:22:26 2012 From: dovecot at vosslamber.nl (Luuk@dovecot) Date: Sat, 03 Nov 2012 10:22:26 +0100 Subject: [Dovecot] dovecot default service In-Reply-To: <CAMgUSrVMS-mZwt1oSA-7Kzs8bzR51AxwCK2vsjNFraJ-hr4FXw@mail.gmail.com> References: <CAMgUSrVMS-mZwt1oSA-7Kzs8bzR51AxwCK2vsjNFraJ-hr4FXw@mail.gmail.com> Message-ID: <5094E252.4020407@vosslamber.nl> On 03-11-2012 10:18, mican zhang wrote: > i install dovecot 2 and when i try ps auxw|grep "dovecot" > i just get only 5processes, > root 21861 0.0 0.0 14884 980 ? Ss 16:53 0:00 > /usr/local/sbin > /dovecot > dovecot 21862 0.0 0.0 12740 968 ? S 16:53 0:00 > dovecot/anvil > root 21863 0.0 0.0 12872 1088 ? S 16:53 0:00 dovecot/log > root 21865 0.0 0.0 15356 1468 ? S 16:53 0:00 > dovecot/config > root 21945 0.0 0.0 61148 800 pts/0 S+ 17:04 0:00 grep > dovecot > , > my os is redhat 5.4 and i just install like ./configure make &make install > i don't what's wrong?i also test on centos 6.2,and result is the same > does anyone has the same issue?and what should i do to fix this? > maybe you should do: ps auxw|grep "dovecot" | awk '{ print $0; print $0 }' than you would get 10 lines of output...... but seriously: - What processes do you miss? - Why do you thing 5 processes are nog enough? From ice3wtt at gmail.com Sat Nov 3 11:28:35 2012 From: ice3wtt at gmail.com (mican zhang) Date: Sat, 3 Nov 2012 17:28:35 +0800 Subject: [Dovecot] dovecot default service In-Reply-To: <5094E252.4020407@vosslamber.nl> References: <CAMgUSrVMS-mZwt1oSA-7Kzs8bzR51AxwCK2vsjNFraJ-hr4FXw@mail.gmail.com> <5094E252.4020407@vosslamber.nl> Message-ID: <CAMgUSrXWwWhabu4C5S63OCLxhv0MqvVybCrXoOU76OLECPmsWw@mail.gmail.com> thanks for you help ,and i still not resolve my issus. i what dovecot as postfix's stmp auth and imap server,so iguess its must have auth process and imap process,official documents also have more processes than 5 i try telnet localhost 110,and telnet localhost 143,i got : Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. Connection closed by foreign host. On Sat, Nov 3, 2012 at 5:22 PM, Luuk at dovecot <dovecot at vosslamber.nl> wrote: > On 03-11-2012 10:18, mican zhang wrote: > >> i install dovecot 2 and when i try ps auxw|grep "dovecot" >> i just get only 5processes, >> root 21861 0.0 0.0 14884 980 ? Ss 16:53 0:00 >> /usr/local/sbin >> /dovecot >> dovecot 21862 0.0 0.0 12740 968 ? S 16:53 0:00 >> dovecot/anvil >> root 21863 0.0 0.0 12872 1088 ? S 16:53 0:00 >> dovecot/log >> root 21865 0.0 0.0 15356 1468 ? S 16:53 0:00 >> dovecot/config >> root 21945 0.0 0.0 61148 800 pts/0 S+ 17:04 0:00 grep >> dovecot >> , >> my os is redhat 5.4 and i just install like ./configure make &make >> install >> i don't what's wrong?i also test on centos 6.2,and result is the same >> does anyone has the same issue?and what should i do to fix this? >> >> > > maybe you should do: > ps auxw|grep "dovecot" | awk '{ print $0; print $0 }' > > than you would get 10 lines of output...... > > but seriously: > - What processes do you miss? > - Why do you thing 5 processes are nog enough? > From dovecot at vosslamber.nl Sat Nov 3 11:41:20 2012 From: dovecot at vosslamber.nl (Luuk@dovecot) Date: Sat, 03 Nov 2012 10:41:20 +0100 Subject: [Dovecot] dovecot default service In-Reply-To: <CAMgUSrXWwWhabu4C5S63OCLxhv0MqvVybCrXoOU76OLECPmsWw@mail.gmail.com> References: <CAMgUSrVMS-mZwt1oSA-7Kzs8bzR51AxwCK2vsjNFraJ-hr4FXw@mail.gmail.com> <5094E252.4020407@vosslamber.nl> <CAMgUSrXWwWhabu4C5S63OCLxhv0MqvVybCrXoOU76OLECPmsWw@mail.gmail.com> Message-ID: <5094E6C0.9090200@vosslamber.nl> On 03-11-2012 10:28, mican zhang wrote: > thanks for you help ,and i still not resolve my issus. > i what dovecot as postfix's stmp auth and imap server,so iguess its must > have auth process and imap process,official documents also have more > processes than 5 > i try telnet localhost 110,and telnet localhost 143,i got : > Trying 127.0.0.1... > Connected to localhost. > Escape character is '^]'. > Connection closed by foreign host. > > Have a look at: http://wiki2.dovecot.org/#Dovecot_configuration It tells you how to configure dovecot.... ;) From davide.marchi at mail.cgilfe.it Sat Nov 3 11:45:58 2012 From: davide.marchi at mail.cgilfe.it (Davide) Date: Sat, 03 Nov 2012 10:45:58 +0100 Subject: [Dovecot] LMTP benefit vs LDA Message-ID: <5094E7D6.5000109@mail.cgilfe.it> Hi to all, my question is what is benefit implementing LMTP service replacing LDA i have dovecot 2.1.8 with vpoipmail+qmail and about 500 users now i'm using LDA and i'm interested on LMTP service. Thanks in advance -- */Davide Marchi /Teorema Ferrara Srl /(Tel: /**/+39 0532 783161)/**/ (Fax: +/**/39 0532 783368/**/)/**//**/ /**//**/Davide.Marchi at mail.cgilfe.it <mailto:davide.marchi at mail.cgilfe.it?subject=Info> /CONFIDENZIALITA? *** Questo messaggio, inclusi gli eventuali allegati, ? indirizzato solo ai destinatari e pu? contenere informazioni riservate e confidenziali. Se avete ricevuto il messaggio senza esserne un destinatario, siete pregati di non utilizzare, copiare o distribuire questo messaggio o i suoi allegati. Se avete ricevuto il messaggio per errore, siete pregati di cancellarlo dal vostro sistema, assieme a tutti gli allegati, e di informare immediatamente il mittente,sia ai sensi dell'art. 616 c.p., sia ai sensi del DL n. 196/03. *CONFIDENTIALITY*** This message and any attachments are intended only for the use of the addressee(s) and may contain information that is privileged and/or confidential. If the reader of the message is not the intended recipient(s) or an authorized representative of the intended recipient(s), please do not use, copy, distribute this email or its attachments or take action based on them. If you have received this communication in error, please notify us immediately by email and delete the message and any attachments from your system. *Teorema FerraraSrl - Via Spronello, 7 - 44121 Ferrara Italia - P. IVA 01244490387** P**S**tampa questo messaggio solo se veramente necessario, pensa alla natura! - Please consider whether it is necessary to print this e-mail* From janfrode at tanso.net Sat Nov 3 12:19:16 2012 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Sat, 3 Nov 2012 11:19:16 +0100 Subject: [Dovecot] LMTP benefit vs LDA In-Reply-To: <5094E7D6.5000109@mail.cgilfe.it> References: <5094E7D6.5000109@mail.cgilfe.it> Message-ID: <CAHwPatgTfwOYQt2=6RCRnDNwHqLQgO=sYtqLEVE3ALGjuxR7Jw@mail.gmail.com> On Sat, Nov 3, 2012 at 10:45 AM, Davide <davide.marchi at mail.cgilfe.it> wrote: > Hi to all, > my question is what is benefit implementing LMTP service replacing LDA i > have dovecot 2.1.8 with vpoipmail+qmail and about 500 users now i'm using > LDA and i'm interested on LMTP service. > Thanks in advance For us it has the benefit that we don't need to run any SMTP servers on the backend dovecot servers, and we can have our frontend postfix servers deliver incoming messages trough the dovecot director so that the users are sticky to their servers. For a single server running everything, I don't know if there's any point. -jf From daniel.parthey at informatik.tu-chemnitz.de Sat Nov 3 14:41:49 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 3 Nov 2012 13:41:49 +0100 Subject: [Dovecot] LMTP benefit vs LDA In-Reply-To: <5094E7D6.5000109@mail.cgilfe.it> References: <5094E7D6.5000109@mail.cgilfe.it> Message-ID: <20121103124149.GA12562@daniel.localdomain> Davide wrote: > my question is what is benefit implementing LMTP service replacing > LDA i have dovecot 2.1.8 with vpoipmail+qmail and about 500 users > now i'm using LDA and i'm interested on LMTP service. with LMTP... * you dont need to care about mail filesystem permissions * you can use dovecot lmtp proxy and/or director * you don't need to spawn a new process for each message Regards Daniel -- https://plus.google.com/103021802792276734820 From jtam.home at gmail.com Sun Nov 4 10:16:00 2012 From: jtam.home at gmail.com (Joseph Tam) Date: Sun, 4 Nov 2012 01:16:00 -0700 (PDT) Subject: [Dovecot] LMTP benefit vs LDA In-Reply-To: <mailman.3270.1351946511.3160.dovecot@dovecot.org> References: <mailman.3270.1351946511.3160.dovecot@dovecot.org> Message-ID: <Pine.GSO.4.64.1211040057360.27220@mnc.zngu.hop.pn> Daniel Parthey writes: > Davide wrote: >> my question is what is benefit implementing LMTP service replacing >> LDA i have dovecot 2.1.8 with vpoipmail+qmail and about 500 users >> now i'm using LDA and i'm interested on LMTP service. > > with LMTP... > * you dont need to care about mail filesystem permissions > * you can use dovecot lmtp proxy and/or director > * you don't need to spawn a new process for each message One of the (potential) benefit is that a LMTP, because it can handle multiple recipients, has the ability to optimize I/O (or storage?) by using hardlinking to a single copy of a message (deduping). I don't know if Dovecot takes advantage of this in any way though. Joseph Tam <jtam.home at gmail.com> From cr at sys4.de Sun Nov 4 22:34:30 2012 From: cr at sys4.de (=?iso-8859-1?Q?Christian_R=F6=DFner?=) Date: Sun, 4 Nov 2012 21:34:30 +0100 Subject: [Dovecot] Quota Message-ID: <C513B517-18AD-4CDB-8A4E-76A2AD48FCD7@sys4.de> Hi, is it possible to ask Dovecot for a users quota by talking to the Dovecot server over TCP? I know about doveadm quota -u <user>, but I would like to know, if I can query for that over a network connection (on the Postfix ML they suggested writing a policy service that checks quota. Postfix is not always on the same server as Dovecot is). Does the LMTP protocol give that information somehow? I am not so familiar with LMTP. Or some Unix-Socket to query that could also be configured as inet_listener? Thanks in advance -Christian R??ner -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From daniel.parthey at informatik.tu-chemnitz.de Sun Nov 4 23:57:11 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sun, 4 Nov 2012 22:57:11 +0100 Subject: [Dovecot] Quota In-Reply-To: <C513B517-18AD-4CDB-8A4E-76A2AD48FCD7@sys4.de> References: <C513B517-18AD-4CDB-8A4E-76A2AD48FCD7@sys4.de> Message-ID: <20121104215711.GA12735@daniel.localdomain> Christian R??ner wrote: > is it possible to ask Dovecot for a users quota by talking to the Dovecot > server over TCP? I know about doveadm quota -u <user>, but I would like to > know, if I can query for that over a network connection (on the Postfix ML > they suggested writing a policy service that checks quota. Postfix is not > always on the same server as Dovecot is). > > Does the LMTP protocol give that information somehow? > I am not so familiar with LMTP. Or some Unix-Socket to > query that could also be configured as inet_listener? LMTP only returns an error if you're already over quota. You can query the quota of a specific mailbox via IMAP using GETQUOTAROOT: http://tools.ietf.org/rfc/rfc2087.txt Several script languages provide helper functions for this: perl: IMAP::Admin->get_quotaroot php: imap_get_quota ruby: Net::IMAP::MailboxQuota Regards Daniel -- https://plus.google.com/103021802792276734820 From cr at sys4.de Mon Nov 5 00:31:39 2012 From: cr at sys4.de (=?utf-8?Q?Christian_R=C3=B6=C3=9Fner?=) Date: Sun, 4 Nov 2012 23:31:39 +0100 Subject: [Dovecot] Quota In-Reply-To: <20121104215711.GA12735@daniel.localdomain> References: <C513B517-18AD-4CDB-8A4E-76A2AD48FCD7@sys4.de> <20121104215711.GA12735@daniel.localdomain> Message-ID: <C5E7083E-C2B8-417B-B9A1-AA636B839164@sys4.de> Hi > perl: IMAP::Admin->get_quotaroot > php: imap_get_quota > ruby: Net::IMAP::MailboxQuota python-imaplib in my case ;) If connecting from the policy service, can I use Dovecot master password to get quota over IMAP? Thanks again Christian > > Regards > Daniel > -- > https://plus.google.com/103021802792276734820 From tss at iki.fi Mon Nov 5 00:37:58 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 5 Nov 2012 00:37:58 +0200 Subject: [Dovecot] Quota In-Reply-To: <C513B517-18AD-4CDB-8A4E-76A2AD48FCD7@sys4.de> References: <C513B517-18AD-4CDB-8A4E-76A2AD48FCD7@sys4.de> Message-ID: <386ECE99-CE25-46E1-84DD-878B7B1BBA60@iki.fi> On 4.11.2012, at 22.34, Christian R??ner wrote: > is it possible to ask Dovecot for a users quota by talking to the Dovecot server over TCP? I know about doveadm quota -u <user>, but I would like to know, if I can query for that over a network connection (on the Postfix ML they suggested writing a policy service that checks quota. Postfix is not always on the same server as Dovecot is). > > Does the LMTP protocol give that information somehow? I am not so familiar with LMTP. Or some Unix-Socket to query that could also be configured as inet_listener? You could connect to doveadm-server socket and basically ask the "doveadm quota" command via it. There's not much documentation about it though. But I'm sure I've mentioned details a couple of times in this mailing list.. I've also had some plans to make a somewhat easier socket for asking this. Maybe using doveadm-server process, or maybe a whole new quota-query binary that can talk multiple protocols.. It would be pretty easy to do, mainly I just haven't been sure what would be the cleanest way to implement this. From daniel.parthey at informatik.tu-chemnitz.de Mon Nov 5 01:03:13 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Mon, 5 Nov 2012 00:03:13 +0100 Subject: [Dovecot] Quota In-Reply-To: <C5E7083E-C2B8-417B-B9A1-AA636B839164@sys4.de> References: <C513B517-18AD-4CDB-8A4E-76A2AD48FCD7@sys4.de> <20121104215711.GA12735@daniel.localdomain> <C5E7083E-C2B8-417B-B9A1-AA636B839164@sys4.de> Message-ID: <20121104230313.GA15736@daniel.localdomain> Christian R??ner wrote: > > perl: IMAP::Admin->get_quotaroot > > php: imap_get_quota > > ruby: Net::IMAP::MailboxQuota > > python-imaplib in my case ;) > > If connecting from the policy service, can I use Dovecot master password to get quota over IMAP? Yes, I think a master user login should work as if the user has logged in. If you store quota in a database, the policy service could query the database. Regards Daniel -- https://plus.google.com/103021802792276734820 From calestyo at scientia.net Mon Nov 5 01:20:15 2012 From: calestyo at scientia.net (Christoph Anton Mitterer) Date: Mon, 05 Nov 2012 00:20:15 +0100 Subject: [Dovecot] maildir S= and W= In-Reply-To: <5091312F.1080603@skye.it> References: <1351645983.24721.0.camel@fermat.scientia.net> <5090D14B.9080805@skye.it> <1351683711.7825.0.camel@heisenberg.scientia.net> <509113CB.7020402@skye.it> <1351691732.8425.1.camel@heisenberg.scientia.net> <5091312F.1080603@skye.it> Message-ID: <1352071215.4979.9.camel@fermat.scientia.net> FYI: On Wed, 2012-10-31 at 15:09 +0100, Alessio Cecchi wrote: > Yes, W= is not set by maildrop I had some conversation with Sam (the maildrop upstream), who said he would accept a patch adding ,W= support to maildrop. He may even look at it himself, when he should ever find some time being very bored ;) Given that maildrop is one of the most important MDAs, perhaps someone of the dovecot developers may have also an interest in this :) Cheers, Chris. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5113 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121105/ee8d9bde/attachment-0002.bin> From dave at boostpro.com Mon Nov 5 04:51:28 2012 From: dave at boostpro.com (Dave Abrahams) Date: Sun, 04 Nov 2012 21:51:28 -0500 Subject: [Dovecot] [bump] Re: "starting" dovecot References: <m2zk31gja8.fsf@pluto.luannocracy.com> <m2390sfnle.fsf@cone.luannocracy.com> Message-ID: <m2390obw3z.fsf_-_@pluto.luannocracy.com> Timo? on Fri Nov 02 2012, Dave Abrahams <dave-AT-boostpro.com> wrote: > on Thu Nov 01 2012, Dave Abrahams <dave-AT-boostpro.com> wrote: > >> My system never issues the "dovecot start" command. I do, however, run >> /usr/local/libexec/dovecot/imap on port 9xxx. I talk to the server >> through port 9xxx and through the preauth tunnel. Is this arrangement >> OK? Are there some things that will only work if "dovecot" is invoked? > > In particular, I'm curious because of messages like the one below that I > got from "doveadm search": > > doveadm(dave): Error: > net_connect_unix(/usr/local/var/run/dovecot/indexer) failed: No such > file or directory > > Is the lack of this (or any other) socket attributable to not having > started dovecot itself? -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From daniel.parthey at informatik.tu-chemnitz.de Mon Nov 5 05:04:29 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Mon, 5 Nov 2012 04:04:29 +0100 Subject: [Dovecot] "starting" dovecot In-Reply-To: <m2zk31gja8.fsf@pluto.luannocracy.com> References: <m2zk31gja8.fsf@pluto.luannocracy.com> Message-ID: <20121105030429.GA19861@daniel.localdomain> Hi Dave, Dave Abrahams wrote: > My system never issues the "dovecot start" command. I do, however, run > /usr/local/libexec/dovecot/imap on port 9xxx. I talk to the server > through port 9xxx and through the preauth tunnel. Is this arrangement > OK? No, most probably not. You try to investigate why dovecot does not run: http://wiki2.dovecot.org/WhyDoesItNotWork Show your "doveconf -n" output and dovecot logfile content please. > Are there some things that will only work if "dovecot" is invoked? The dovecot main process spawns all the services and sockets, you should invoke service binaries directly only for debugging purposes. Regards Daniel -- https://plus.google.com/103021802792276734820 From cr at sys4.de Mon Nov 5 10:05:27 2012 From: cr at sys4.de (=?iso-8859-1?Q?Christian_R=F6=DFner?=) Date: Mon, 5 Nov 2012 09:05:27 +0100 Subject: [Dovecot] Quota In-Reply-To: <20121104230313.GA15736@daniel.localdomain> References: <C513B517-18AD-4CDB-8A4E-76A2AD48FCD7@sys4.de> <20121104215711.GA12735@daniel.localdomain> <C5E7083E-C2B8-417B-B9A1-AA636B839164@sys4.de> <20121104230313.GA15736@daniel.localdomain> Message-ID: <20741D9A-A20D-435B-8B77-1E85C79761FC@sys4.de> Hi, >> If connecting from the policy service, can I use Dovecot master password to get quota over IMAP? > > Yes, I think a master user login should work as if the user has logged in. > > If you store quota in a database, the policy service could query the database. thanks a lot for your information. I have written a policy service in python for Postfix that can check "over quota" in Dovecot. Using IMAPS and the master user to check quota. If someone is interested, I can send a copy off list. -Christian R??ner -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From dave at boostpro.com Mon Nov 5 12:15:35 2012 From: dave at boostpro.com (Dave Abrahams) Date: Mon, 05 Nov 2012 05:15:35 -0500 Subject: [Dovecot] "starting" dovecot In-Reply-To: <20121105030429.GA19861@daniel.localdomain> (Daniel Parthey's message of "Mon, 5 Nov 2012 04:04:29 +0100") References: <m2zk31gja8.fsf@pluto.luannocracy.com> <20121105030429.GA19861@daniel.localdomain> Message-ID: <m2ip9k9wzc.fsf@pluto.luannocracy.com> on Sun Nov 04 2012, Daniel Parthey <daniel.parthey-AT-informatik.tu-chemnitz.de> wrote: > Hi Dave, > > Dave Abrahams wrote: >> My system never issues the "dovecot start" command. I do, however, run >> /usr/local/libexec/dovecot/imap on port 9xxx. I talk to the server >> through port 9xxx and through the preauth tunnel. Is this arrangement >> OK? > > No, most probably not. You try to investigate why dovecot does not run: > http://wiki2.dovecot.org/WhyDoesItNotWork I know why it doesn't run: it doesn't run because I haven't done anything to make it run (e.g. no init script launches it). I've been running its "imap" executable from an init script (or launchd, the equivalent on my Mac), and most things seem to work just fine. > Show your "doveconf -n" output and dovecot logfile content please. It's on a different machine than the one I'm using. I could post it later if you still think it's a good idea. >> Are there some things that will only work if "dovecot" is invoked? > > The dovecot main process spawns all the services and sockets, > you should invoke service binaries directly only for debugging purposes. OK, I think this is the definitive answer I was looking for. Thanks very much! -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From mrubinsk at horde.org Mon Nov 5 18:13:33 2012 From: mrubinsk at horde.org (Michael J Rubinsky) Date: Mon, 05 Nov 2012 11:13:33 -0500 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE Message-ID: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> I've been seeing the following wonky behavior with Dovecot. Currently this is with Dovecot 2.0.19, but I was also seeing it in earlier versions as well, including versions from the 1.x series. Some background, this is from Horde's ActiveSync library, when it is trying to determine what UIDs have recently been expunged. I can guarantee that when this command was sent, there was only one or two emails that were removed since the provided MODSEQ value. C: 8 UID FETCH 1:* UID (VANISHED CHANGEDSINCE 587742) S: * VANISHED (EARLIER) 1:119944,119947:123482,123484:128043,128045:130388,130390:130456,130458:132127,132129:135832,135834:136201,136203:136301,136303:136316,136318:138502,138504:140099,140101:141908,141910:142607,142609:142744,142746:142865,142867:143160,143164:143173,143176:143179,143181:143187,143189:143190,143192:143195,143197:143270,143272:143273,143275:143280,143282:143302,143305:143307,143309:143318,143320:143333,143335:143337,143339:143341,143343:143375,143377:143400,143402:143551,143553:143637,143640:143706,143708:144069,144071:144178,144180:144307,144309:144316,144318:144329,144331:144931,144933:144983,144985:145000,145002:145069,145071:145072,145074:145132,145136:145178,145180:145191,145193 Also, to verify it wasn't something screwy with my server, Michael Slusarz provided me with this from his server: <quote> There's definitely something wonky going on in the code. There's a certain tipping point of modseqs where the values become incorrect. For a mailbox with HIGHESTMODSEQ of 54004, I see this: a uid fetch 1:* UID (VANISHED CHANGEDSINCE 53881) * VANISHED (EARLIER) 1:37308,37310:40788,40791:41032,41034:41083 a OK Fetch completed. b uid fetch 1:* UID (VANISHED CHANGEDSINCE 53882) * VANISHED (EARLIER) 41029:41030,41047:41083 b OK Fetch completed. </quote> Thanks for any guidance. -- mike The Horde Project (www.horde.org) mrubinsk at horde.org -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 6062 bytes Desc: S/MIME Cryptographic Signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121105/c62a8af1/attachment-0002.bin> From slusarz at curecanti.org Mon Nov 5 20:06:52 2012 From: slusarz at curecanti.org (Michael M Slusarz) Date: Mon, 05 Nov 2012 11:06:52 -0700 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> Message-ID: <20121105110652.Horde.ZrxCN4F5lbhQmAA8mg3zyOA@bigworm.curecanti.org> Quoting Michael J Rubinsky <mrubinsk at horde.org>: > Also, to verify it wasn't something screwy with my server, Michael > Slusarz provided me with this from his server: > > <quote> > There's definitely something wonky going on in the code. There's a > certain tipping point of modseqs where the values become incorrect. > For a mailbox with HIGHESTMODSEQ of 54004, I see this: > > a uid fetch 1:* UID (VANISHED CHANGEDSINCE 53881) > * VANISHED (EARLIER) 1:37308,37310:40788,40791:41032,41034:41083 > a OK Fetch completed. > b uid fetch 1:* UID (VANISHED CHANGEDSINCE 53882) > * VANISHED (EARLIER) 41029:41030,41047:41083 > b OK Fetch completed. > </quote> FYI, this is output from Dovecot 2.1.10. michael From tss at iki.fi Mon Nov 5 20:16:03 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 5 Nov 2012 20:16:03 +0200 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> Message-ID: <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> On 5.11.2012, at 18.13, Michael J Rubinsky wrote: > I've been seeing the following wonky behavior with Dovecot. Currently this is with Dovecot 2.0.19, but I was also seeing it in earlier versions as well, including versions from the 1.x series. Some background, this is from Horde's ActiveSync library, when it is trying to determine what UIDs have recently been expunged. I can guarantee that when this command was sent, there was only one or two emails that were removed since the provided MODSEQ value. .. > <quote> > There's definitely something wonky going on in the code. There's a certain tipping point of modseqs where the values become incorrect. I don't think they become incorrect, just that there are more of them than really necessary? Yes, there's a tipping point. It's when the modseq no longer exists in the dovecot.index.log* files, which get rotated once in a while. This shouldn't happen very often. > For a mailbox with HIGHESTMODSEQ of 54004, I see this: > > a uid fetch 1:* UID (VANISHED CHANGEDSINCE 53881) > * VANISHED (EARLIER) 1:37308,37310:40788,40791:41032,41034:41083 > a OK Fetch completed. > b uid fetch 1:* UID (VANISHED CHANGEDSINCE 53882) > * VANISHED (EARLIER) 41029:41030,41047:41083 > b OK Fetch completed. > </quote> So in b) case Dovecot read the dovecot.index.log and returned the expunges found from there. In a) case it didn't know what was expunged since the modseq, so it returned UIDs of all the expunged mails. From mrubinsk at horde.org Mon Nov 5 20:37:48 2012 From: mrubinsk at horde.org (Michael J Rubinsky) Date: Mon, 05 Nov 2012 13:37:48 -0500 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> Message-ID: <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> Quoting Timo Sirainen <tss at iki.fi>: > On 5.11.2012, at 18.13, Michael J Rubinsky wrote: > >> I've been seeing the following wonky behavior with Dovecot. >> Currently this is with Dovecot 2.0.19, but I was also seeing it in >> earlier versions as well, including versions from the 1.x series. >> Some background, this is from Horde's ActiveSync library, when it >> is trying to determine what UIDs have recently been expunged. I >> can guarantee that when this command was sent, there was only one >> or two emails that were removed since the provided MODSEQ value. > .. >> <quote> >> There's definitely something wonky going on in the code. There's a >> certain tipping point of modseqs where the values become incorrect. > > I don't think they become incorrect, just that there are more of > them than really necessary? Yes, there's a tipping point. It's when > the modseq no longer exists in the dovecot.index.log* files, which > get rotated once in a while. This shouldn't happen very often. FYI, I see this about once every two weeks, sometimes more frequently. Is there anything we can do to reduce the chance of this happening? -- mike The Horde Project (www.horde.org) mrubinsk at horde.org -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 6062 bytes Desc: S/MIME Cryptographic Signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121105/f2e3f96d/attachment-0002.bin> From tss at iki.fi Mon Nov 5 20:43:46 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 5 Nov 2012 20:43:46 +0200 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> Message-ID: <CEC36A2A-C750-4DCB-A99C-273E9C562F47@iki.fi> On 5.11.2012, at 20.37, Michael J Rubinsky wrote: >> On 5.11.2012, at 18.13, Michael J Rubinsky wrote: >> >>> I've been seeing the following wonky behavior with Dovecot. Currently this is with Dovecot 2.0.19, but I was also seeing it in earlier versions as well, including versions from the 1.x series. Some background, this is from Horde's ActiveSync library, when it is trying to determine what UIDs have recently been expunged. I can guarantee that when this command was sent, there was only one or two emails that were removed since the provided MODSEQ value. >> .. >>> <quote> >>> There's definitely something wonky going on in the code. There's a certain tipping point of modseqs where the values become incorrect. >> >> I don't think they become incorrect, just that there are more of them than really necessary? Yes, there's a tipping point. It's when the modseq no longer exists in the dovecot.index.log* files, which get rotated once in a while. This shouldn't happen very often. > > FYI, I see this about once every two weeks, sometimes more frequently. Is there anything we can do to reduce the chance of this happening? How do you see it? Does it break something? Why? You can change it only by increasing the dovecot.index.log sizes, which requires changing the code. From skdovecot at smail.inf.fh-brs.de Mon Nov 5 20:58:06 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Mon, 5 Nov 2012 19:58:06 +0100 (CET) Subject: [Dovecot] %{ldap:nonExistantAttribut} (was Re: v2.2.alpha1 released) In-Reply-To: <1351544456.13571.102.camel@hurina> References: <1351544456.13571.102.camel@hurina> Message-ID: <alpine.DEB.1.10.1211051947560.7480@pc-2m63a.inf.fh-bonn-rhein-sieg.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 29 Oct 2012, Timo Sirainen wrote: this syntax is now replaced by an empty string, if the attribute is missing, instead of generating a backtrace as in v2.1. http://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb?highlight=(%25{ldap) is the only reference I found so far and the TODO file. If the attribute does not exist, there should be a default value, you can specify, e.g.: %{ldap:attrName[,]:default value} . [,] the optional delimiter from the TODO. Or if the attribute is missing, the rule is ignored. Kind regards, - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUJgMPmoxLS8a3A9mAQJzRAf8CNz8vs4JkYisO52ajT8fzYsv8cHSHeqH G9Tqnz3IM2UjxRkSHWh3XJcf8pG2tmAns7ib1nH3WUuz99I3JG6exxiOX+PhdZnF BXWQRRSUXl5xsf1qqOIqNXTtqSwzEY/ucXrZi8ZdzYPArq2cN6YDsI/qacgyS+Md c1BWxdtC3DX1d+aBYreQ8oopyhahaLYS6p366bkh5Olemjb9ofkhJfi1EoUpXko3 pU+wXovIXH5xhvlis91FUJfF6gk1zGfBBcnhym/EJVkRyNMf+smeUL1AcGvLs0FJ scCq/QU9U9t4C91aooQzdiE+p4i9I2mpprPJsC2Bb4FdnlSQbspjDQ== =Xp2l -----END PGP SIGNATURE----- From mrubinsk at horde.org Mon Nov 5 20:59:51 2012 From: mrubinsk at horde.org (Michael J Rubinsky) Date: Mon, 05 Nov 2012 13:59:51 -0500 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <CEC36A2A-C750-4DCB-A99C-273E9C562F47@iki.fi> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <CEC36A2A-C750-4DCB-A99C-273E9C562F47@iki.fi> Message-ID: <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> Quoting Timo Sirainen <tss at iki.fi>: > On 5.11.2012, at 20.37, Michael J Rubinsky wrote: > >>> On 5.11.2012, at 18.13, Michael J Rubinsky wrote: >>> >>>> I've been seeing the following wonky behavior with Dovecot. >>>> Currently this is with Dovecot 2.0.19, but I was also seeing it >>>> in earlier versions as well, including versions from the 1.x >>>> series. Some background, this is from Horde's ActiveSync >>>> library, when it is trying to determine what UIDs have recently >>>> been expunged. I can guarantee that when this command was sent, >>>> there was only one or two emails that were removed since the >>>> provided MODSEQ value. >>> .. >>>> <quote> >>>> There's definitely something wonky going on in the code. There's >>>> a certain tipping point of modseqs where the values become >>>> incorrect. >>> >>> I don't think they become incorrect, just that there are more of >>> them than really necessary? Yes, there's a tipping point. It's >>> when the modseq no longer exists in the dovecot.index.log* files, >>> which get rotated once in a while. This shouldn't happen very often. >> >> FYI, I see this about once every two weeks, sometimes more >> frequently. Is there anything we can do to reduce the chance of >> this happening? > > How do you see it? Does it break something? Why? > > You can change it only by increasing the dovecot.index.log sizes, > which requires changing the code. It breaks ActiveSync synchronization of mailboxes. When this happens, the sync state of the mailbox needs to be reset, which causes the entire mailbox to be resynchronized to the mobile device. This can lead to a not-insignificant amount of wasted bandwidth and battery power for the device. There have been times when this has happened multiple times in a single day. Not resetting the state leads to multiple issues on the device due to sending it thousands of deletion commands for messages it knows nothing about. -- mike The Horde Project (www.horde.org) mrubinsk at horde.org -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 6062 bytes Desc: S/MIME Cryptographic Signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121105/21a6ea0a/attachment-0002.bin> From slusarz at curecanti.org Mon Nov 5 21:43:11 2012 From: slusarz at curecanti.org (Michael M Slusarz) Date: Mon, 05 Nov 2012 12:43:11 -0700 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <CEC36A2A-C750-4DCB-A99C-273E9C562F47@iki.fi> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> Message-ID: <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> Quoting Michael J Rubinsky <mrubinsk at horde.org>: >>>> I don't think they become incorrect, just that there are more of >>>> them than really necessary? Yes, there's a tipping point. It's >>>> when the modseq no longer exists in the dovecot.index.log* files, >>>> which get rotated once in a while. This shouldn't happen very >>>> often. >>> >>> FYI, I see this about once every two weeks, sometimes more >>> frequently. Is there anything we can do to reduce the chance of >>> this happening? >> >> How do you see it? Does it break something? Why? >> >> You can change it only by increasing the dovecot.index.log sizes, >> which requires changing the code. > > It breaks ActiveSync synchronization of mailboxes. When this > happens, the sync state of the mailbox needs to be reset, which > causes the entire mailbox to be resynchronized to the mobile device. > This can lead to a not-insignificant amount of wasted bandwidth and > battery power for the device. There have been times when this has > happened multiple times in a single day. > > Not resetting the state leads to multiple issues on the device due > to sending it thousands of deletion commands for messages it knows > nothing about. My argument is much simpler: it is blatantly breaking the RFC. From RFC 5162 [3.2]: The VANISHED UID FETCH modifier instructs the server to report those messages from the UID set parameter that have been expunged and whose associated mod-sequence is larger than the specified mod-sequence. **That is, the client requests to be informed of messages from the specified set that were expunged since the specified mod-sequence.** (emphasis added) If you are including UIDs in the FETCH return that have NOT been expunged since the given mod-sequence, that directly contradicts this language. The clear intent of VANISHED UID FETCH is to provide the list of messages that existed in the mailbox at mod-sequence and no longer exist in the mailbox as of the current HIGHESTMODSEQ. As Mike R. has demonstrated, it is plausible that an MUA can only provide the MODSEQ of its cache state and has no knowledge of the UIDs it has actually cached. So having to parse through a (potentially) giant list of UIDs can be a performance killer (imagine the wasted bandwidth of having to upload a million UIDs to a phone every time you sync). michael From tss at iki.fi Mon Nov 5 23:28:07 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 05 Nov 2012 23:28:07 +0200 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <CEC36A2A-C750-4DCB-A99C-273E9C562F47@iki.fi> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> Message-ID: <1352150887.13571.105.camel@hurina> On Mon, 2012-11-05 at 12:43 -0700, Michael M Slusarz wrote: > My argument is much simpler: it is blatantly breaking the RFC. From > RFC 5162 [3.2]: > > The VANISHED UID FETCH modifier instructs the server to report those > messages from the UID set parameter that have been expunged and whose > associated mod-sequence is larger than the specified mod-sequence. > **That is, the client requests to be informed of messages from the > specified set that were expunged since the specified > mod-sequence.** (emphasis added) > > If you are including UIDs in the FETCH return that have NOT been > expunged since the given mod-sequence, that directly contradicts this > language. The clear intent of VANISHED UID FETCH is to provide the > list of messages that existed in the mailbox at mod-sequence and no > longer exist in the mailbox as of the current HIGHESTMODSEQ. That would require infinitely storing the modseq of when each message was expunged. Not very nice. Also the RFC talks a lot about this situation. The SELECT command has two optional parameters to optimize it. From tss at iki.fi Mon Nov 5 23:40:33 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 05 Nov 2012 23:40:33 +0200 Subject: [Dovecot] v2.1 memory usage In-Reply-To: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> References: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> Message-ID: <1352151633.13571.116.camel@hurina> On Tue, 2012-09-11 at 21:43 +0300, Timo Sirainen wrote: > v2.1's imap/pop3 processes are linked with OpenSSL by default, because of imapc/pop3c storages. I wonder if you notice any actual (system-global) memory usage reduction when compiling without those and you have thousands of imap processes? > > ./configure --with-storages=mdbox sdbox maildir mbox cydir > > I guess I could try it myself also but maybe someone else wanting to reduce memory usage is quicker? :) > > Related to that, you can look at where imap processes' memory goes with: http://dovecot.org/tools/linux-maps-parse-imap.pl > I don't know how much memory those (writable!) file-backed memory areas actually use per-process. Maybe nothing, maybe something.. http://dovecot.org/tmp/proctest.sh can be used to easily test this. Looks like simply linking a binary with -lcrypto increases each process's memory usage by something like: * RHEL5: 50 kB * RHEL6/Debian/Ubuntu: 150-200 kB * Solaris: 100 kB * OpenBSD: 20 kB * OSX: 0 kB Looks like it's the linker that uses up all of this memory. I'm not sure why exactly though, I couldn't create a test library that had the same effect. I also tried imap binary that was statically built vs. linked with libdovecot*.so, and the difference was pretty small (.so used maybe 10-20k more). Anyway, looks like Dovecot can't link OpenSSL to imap/pop3 processes without wasting a ton of memory. In v2.2 I already moved imapc/pop3c backend code to plugins to avoid this. Looks like similar ugliness is needed for other features/backends also that may end up using SSL code. (We were wondering with Stephan what to do about his new HTTP library code that added support for SSL. It would be nice to keep it in the core libdovecot.so, but not if it links with SSL. So looks like we'll need some kind of a http-ssl plugin that is loaded only when needed.) From rgelfand2 at gmail.com Tue Nov 6 01:19:14 2012 From: rgelfand2 at gmail.com (Roman Gelfand) Date: Mon, 5 Nov 2012 18:19:14 -0500 Subject: [Dovecot] Security precautions for remote clients Message-ID: <CAJbW+rnc1sZYuAdCFk=c1DiHip7t60+M0G_GsnAiJDEY060OBA@mail.gmail.com> Where can I find something like remote client secure dovecot best practices or, perhaps, if there is not many, if you could list major configuration/setup points. Thanks in advance From tss at iki.fi Tue Nov 6 01:22:37 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 06 Nov 2012 01:22:37 +0200 Subject: [Dovecot] v2.1 memory usage In-Reply-To: <1352151633.13571.116.camel@hurina> References: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> <1352151633.13571.116.camel@hurina> Message-ID: <1352157757.13571.121.camel@hurina> On Mon, 2012-11-05 at 23:40 +0200, Timo Sirainen wrote: > Anyway, looks like Dovecot can't link OpenSSL to imap/pop3 processes > without wasting a ton of memory. In v2.2 I already moved imapc/pop3c > backend code to plugins to avoid this. Looks like similar ugliness is > needed for other features/backends also that may end up using SSL code. > (We were wondering with Stephan what to do about his new HTTP library > code that added support for SSL. It would be nice to keep it in the core > libdovecot.so, but not if it links with SSL. So looks like we'll need > some kind of a http-ssl plugin that is loaded only when needed.) Implemented it a bit easier way that also gets rid of imapc/pop3c plugins and simplifies other things: lib-ssl-iostream now loads OpenSSL dynamically: http://hg.dovecot.org/dovecot-2.2/rev/68d21f872fd7 This also provides a nice abstraction to OpenSSL, making it again possible to implement other backends like GnuTLS or NSS. (Except login process code doesn't use lib-ssl-iostream yet.) From mrubinsk at horde.org Tue Nov 6 03:49:53 2012 From: mrubinsk at horde.org (Michael J Rubinsky) Date: Mon, 05 Nov 2012 20:49:53 -0500 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <1352150887.13571.105.camel@hurina> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <CEC36A2A-C750-4DCB-A99C-273E9C562F47@iki.fi> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> Message-ID: <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> Quoting Timo Sirainen <tss at iki.fi>: > On Mon, 2012-11-05 at 12:43 -0700, Michael M Slusarz wrote: >> My argument is much simpler: it is blatantly breaking the RFC. From >> RFC 5162 [3.2]: >> >> The VANISHED UID FETCH modifier instructs the server to report those >> messages from the UID set parameter that have been expunged and whose >> associated mod-sequence is larger than the specified mod-sequence. >> **That is, the client requests to be informed of messages from the >> specified set that were expunged since the specified >> mod-sequence.** (emphasis added) >> >> If you are including UIDs in the FETCH return that have NOT been >> expunged since the given mod-sequence, that directly contradicts this >> language. The clear intent of VANISHED UID FETCH is to provide the >> list of messages that existed in the mailbox at mod-sequence and no >> longer exist in the mailbox as of the current HIGHESTMODSEQ. > > That would require infinitely storing the modseq of when each message > was expunged. Not very nice. Also the RFC talks a lot about this > situation. The SELECT command has two optional parameters to optimize > it. The RFC *does* indicate that a server implementation could, strictly speaking, be considered in compliance without remembering modsequences for all expunged messages, but it does explicitly discourage such implementations. From RFC 5162 [4.1]: Strictly speaking, a server implementation that doesn't remember mod- sequences associated with expunged messages can be considered compliant with this specification. Such implementations return all expunged messages specified in the UID set of the UID FETCH (VANISHED) command every time, without paying attention to the specified CHANGEDSINCE mod-sequence. Such implementations are discouraged, as they can end up returning VANISHED responses that are bigger than the result of a UID SEARCH command for the same UID set. Clients that use the message sequence match data can reduce the scope of this VANISHED response substantially in the typical case where expunges have not happened, or happen only toward the end of the mailbox. It also gives advice to avoid infinitely storing the modsequences such as "expiring" sequences associated with older expunged messages, but assigning a single modsequence value to all of the expired expunged messages. -- mike The Horde Project (www.horde.org) mrubinsk at horde.org -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 6062 bytes Desc: S/MIME Cryptographic Signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121105/78fdff80/attachment-0002.bin> From massimiliano at cianelli.eu Tue Nov 6 07:09:55 2012 From: massimiliano at cianelli.eu (Massimiliano Cianelli) Date: Tue, 06 Nov 2012 06:09:55 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. Message-ID: <xndp03a53uf87fh3ljptt6i7.1352177540982@email.android.com> Hi, My setup: Dovecot 2 latest, installed to replace courrier IMAP, and off course configured with the dot separator and all folder under INBOX.*. The problem: My phone was driving me mad during the test, due that it will only recognize Inbox. How found the solution: I've started sniffing IMAP traffic on my server and ended up with one difference: On courier it ask for namespace, on dovecot it won't. I gives a better look, and noticed that courier show namespace capability on prelogin banner, adding it too solved the problem. Reason: Android ICS stock client seems do not honor the capability gived after the login. Request: Maybe is possible to put namespace capability in prelogin banner for the next version? That will solve trouble with a setup like the mine and android stock email client. Thank you, Best regards Sent from Galaxy Nexus From ben at morrow.me.uk Tue Nov 6 08:08:31 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Tue, 6 Nov 2012 06:08:31 +0000 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: <xndp03a53uf87fh3ljptt6i7.1352177540982@email.android.com> References: <xndp03a53uf87fh3ljptt6i7.1352177540982@email.android.com> Message-ID: <20121106060831.GA37663@anubis.morrow.me.uk> At 6AM +0100 on 6/11/12 you (Massimiliano Cianelli) wrote: > Hi, > > My setup: > Dovecot 2 latest, installed to replace courrier IMAP, and off course > configured with the dot separator and all folder under INBOX.*. > > The problem: > My phone was driving me mad during the test, due that it will only > recognize Inbox. > > How found the solution: > I've started sniffing IMAP traffic on my server and ended up with one > difference: > On courier it ask for namespace, on dovecot it won't. > > I gives a better look, and noticed that courier show namespace > capability on prelogin banner, adding it too solved the problem. > > Reason: > Android ICS stock client seems do not honor the capability gived after > the login. See http://wiki2.dovecot.org/Upgrading/2.0?highlight=%28capability%29 ; you need to set imap_capability and/or get your client fixed. Ben From alessio at skye.it Tue Nov 6 09:24:26 2012 From: alessio at skye.it (Alessio Cecchi) Date: Tue, 06 Nov 2012 08:24:26 +0100 Subject: [Dovecot] Security precautions for remote clients In-Reply-To: <CAJbW+rnc1sZYuAdCFk=c1DiHip7t60+M0G_GsnAiJDEY060OBA@mail.gmail.com> References: <CAJbW+rnc1sZYuAdCFk=c1DiHip7t60+M0G_GsnAiJDEY060OBA@mail.gmail.com> Message-ID: <5098BB2A.2020206@skye.it> Il 06/11/2012 00:19, Roman Gelfand ha scritto: > Where can I find something like remote client secure dovecot best > practices or, perhaps, if there is not many, if you could list major > configuration/setup points. > > Thanks in advance > Dovecot configuration is secure by default. For more information see "High-security mode" in Wiki http://wiki2.dovecot.org/LoginProcess Ciao -- Alessio Cecchi is: @ ILS -> http://www.linux.it/~alessice/ on LinkedIn -> http://www.linkedin.com/in/alessice Assistenza Sistemi GNU/Linux -> http://www.cecchi.biz/ @ PLUG -> ex-Presidente, adesso senatore a vita, http://www.prato.linux.it From alessio at skye.it Tue Nov 6 09:32:58 2012 From: alessio at skye.it (Alessio Cecchi) Date: Tue, 06 Nov 2012 08:32:58 +0100 Subject: [Dovecot] LMTP benefit vs LDA In-Reply-To: <20121103124149.GA12562@daniel.localdomain> References: <5094E7D6.5000109@mail.cgilfe.it> <20121103124149.GA12562@daniel.localdomain> Message-ID: <5098BD2A.9010704@skye.it> Il 03/11/2012 13:41, Daniel Parthey ha scritto: > Davide wrote: >> my question is what is benefit implementing LMTP service replacing >> LDA i have dovecot 2.1.8 with vpoipmail+qmail and about 500 users >> now i'm using LDA and i'm interested on LMTP service. > with LMTP... [...] > * you don't need to spawn a new process for each message For me this options is the most valuable. I'm also running qmail+vpopmail and dovecot as LDA and with thousand of users spawn a new process for each message could be a problem. But you need to swith to postfix, or have you some idea on how to run qmail and LMTP together? -- Alessio Cecchi is: @ ILS -> http://www.linux.it/~alessice/ on LinkedIn -> http://www.linkedin.com/in/alessice Assistenza Sistemi GNU/Linux -> http://www.cecchi.biz/ @ PLUG -> ex-Presidente, adesso senatore a vita, http://www.prato.linux.it From cr at sys4.de Tue Nov 6 09:59:31 2012 From: cr at sys4.de (=?iso-8859-1?Q?Christian_R=F6=DFner?=) Date: Tue, 6 Nov 2012 08:59:31 +0100 Subject: [Dovecot] sieve Message-ID: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> Hi, is there a sieve option that can reject a mail directly without creating a new mail and sending that out? I know about reject "Reject message goes here"; but I am looking for a mechanism that can reject Mail. Postfix can use reject_unverified_recipient to connect to LMTP and ask if a mail would successfully be enqueued and will return the status gotten from the LMTP server if not. Chances are high that the mechanism would work, too, if Dovecot would know about the sieve rule, while getting a connection on LMTP. Does Dovecot know all rules at this point or is sieve handled after the mail has already been accepted? Kind regards -Christian R??ner -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From tom at whyscream.net Tue Nov 6 10:18:46 2012 From: tom at whyscream.net (Tom Hendrikx) Date: Tue, 06 Nov 2012 09:18:46 +0100 Subject: [Dovecot] sieve In-Reply-To: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> References: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> Message-ID: <5098C7E6.7090903@whyscream.net> On 11/6/12 8:59 AM, Christian R??ner wrote: > Hi, > > is there a sieve option that can reject a mail directly without > creating a new mail and sending that out? I know about > > reject "Reject message goes here"; > > but I am looking for a mechanism that can reject Mail. Postfix can > use reject_unverified_recipient to connect to LMTP and ask if a mail > would successfully be enqueued and will return the status gotten from > the LMTP server if not. Chances are high that the mechanism would > work, too, if Dovecot would know about the sieve rule, while getting > a connection on LMTP. Does Dovecot know all rules at this point or is > sieve handled after the mail has already been accepted? > I have no idea if your above idea would actually work, but having followed your questions on the postfix ml and your interests in using reject_unverified_recipient and its cache with lmtp, it would be very unwise to cache deliverability on the postfix side based on sieve results, since sieve is able to reject/bounce on any part of the message including message body contents and such. This could lead to very unpredictable rejects to unrelated messages, since the cache could obtain reject policies from sieve for a recipient based on a single rejected message containing the word '<insert spammy term here>'. -- Tom From cr at sys4.de Tue Nov 6 10:29:42 2012 From: cr at sys4.de (=?iso-8859-1?Q?Christian_R=F6=DFner?=) Date: Tue, 6 Nov 2012 09:29:42 +0100 Subject: [Dovecot] sieve In-Reply-To: <5098C7E6.7090903@whyscream.net> References: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> <5098C7E6.7090903@whyscream.net> Message-ID: <F3890D25-7C0A-47B4-A9BB-2988EC3FCE1C@sys4.de> Hi, >> but I am looking for a mechanism that can reject Mail. Postfix can >> use reject_unverified_recipient to connect to LMTP and ask if a mail >> would successfully be enqueued and will return the status gotten from >> the LMTP server if not. Chances are high that the mechanism would >> work, too, if Dovecot would know about the sieve rule, while getting >> a connection on LMTP. Does Dovecot know all rules at this point or is >> sieve handled after the mail has already been accepted? >> > > I have no idea if your above idea would actually work, but having > followed your questions on the postfix ml and your interests in using > reject_unverified_recipient and its cache with lmtp, it would be very > unwise to cache deliverability on the postfix side based on sieve > results, since sieve is able to reject/bounce on any part of the message > including message body contents and such. yes I know what you mean. The problem is that a user can decide to "reject" not based on "from" leading in rejects to other mails coming in to the same user. Probably a problem. The idea came up, as I work for a little ISP/ESP here. Sometimes I get calls, where I get asked if I could reject mails from "xyz". And with a robut good working mechanism, where people could reject on their on decisions would make things easier. So I thought about sieve as being a workable solution. Another solution would be to write some kind of milter/policy-service with a web-interface, where people can reject mails directly on the postfix side. But this is a lot of work. Kind regards -Christian R??ner -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From rs at sys4.de Tue Nov 6 10:47:15 2012 From: rs at sys4.de (Robert Schetterer) Date: Tue, 06 Nov 2012 09:47:15 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: <20121106060831.GA37663@anubis.morrow.me.uk> References: <xndp03a53uf87fh3ljptt6i7.1352177540982@email.android.com> <20121106060831.GA37663@anubis.morrow.me.uk> Message-ID: <5098CE93.8060101@sys4.de> Am 06.11.2012 07:08, schrieb Ben Morrow: > At 6AM +0100 on 6/11/12 you (Massimiliano Cianelli) wrote: >> Hi, >> >> My setup: >> Dovecot 2 latest, installed to replace courrier IMAP, and off course >> configured with the dot separator and all folder under INBOX.*. >> >> The problem: >> My phone was driving me mad during the test, due that it will only >> recognize Inbox. >> >> How found the solution: >> I've started sniffing IMAP traffic on my server and ended up with one >> difference: >> On courier it ask for namespace, on dovecot it won't. >> >> I gives a better look, and noticed that courier show namespace >> capability on prelogin banner, adding it too solved the problem. >> >> Reason: >> Android ICS stock client seems do not honor the capability gived after >> the login. > > See http://wiki2.dovecot.org/Upgrading/2.0?highlight=%28capability%29 ; > you need to set imap_capability and/or get your client fixed. > > Ben > Hi, first ,what is the exact meaning of "Android ICS stock client" do you mean default included email client in standard android in imap mode, when yes, which version of Android , i like to test my own however is there changelog/code etc at google for this behave? conf example # Override the IMAP CAPABILITY response. If the value begins with '+', # add the given capabilities on top of the defaults (e.g. +XFOO XBAR). #imap_capability = setting stuff here might be complex , or lead to trouble with other clients, if setting this might fix problems ,with clients it should be advised in the wiki/example-conf and/or Timo or the other way ,for massive used clients there should be a seperate workaround section in the conf But fixing behave clients should be prime option anyway Meanwhile use K9mail in Android as best free option in imap mode servers Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From skdovecot at smail.inf.fh-brs.de Tue Nov 6 11:09:20 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Tue, 6 Nov 2012 10:09:20 +0100 (CET) Subject: [Dovecot] sieve In-Reply-To: <F3890D25-7C0A-47B4-A9BB-2988EC3FCE1C@sys4.de> References: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> <5098C7E6.7090903@whyscream.net> <F3890D25-7C0A-47B4-A9BB-2988EC3FCE1C@sys4.de> Message-ID: <alpine.DEB.1.10.1211061001290.7480@pc-2m63a.inf.fh-bonn-rhein-sieg.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 6 Nov 2012, Christian R??ner wrote: >>> but I am looking for a mechanism that can reject Mail. Postfix can >>> use reject_unverified_recipient to connect to LMTP and ask if a mail >>> would successfully be enqueued and will return the status gotten from >>> the LMTP server if not. Chances are high that the mechanism would >>> work, too, if Dovecot would know about the sieve rule, while getting >>> a connection on LMTP. Does Dovecot know all rules at this point or is >>> sieve handled after the mail has already been accepted? That is actually the point. As far as I know, all MTAs have already accepted the message, before they try to deliver it. If delivering fails, they queue them for retry. >> I have no idea if your above idea would actually work, but having >> followed your questions on the postfix ml and your interests in using >> reject_unverified_recipient and its cache with lmtp, it would be very >> unwise to cache deliverability on the postfix side based on sieve >> results, since sieve is able to reject/bounce on any part of the message >> including message body contents and such. > > yes I know what you mean. The problem is that a user can decide to > "reject" not based on "from" leading in rejects to other mails coming in > to the same user. Probably a problem. Dunno about that discussion, did it included messages to multiple recipients, of which some reject and some accept the message? In SMTP you cannot individually fail a message after DATA phase. > The idea came up, as I work for a little ISP/ESP here. Sometimes I get calls, where I get asked if I could reject mails from "xyz". And with a robut good working mechanism, where people could reject on their on decisions would make things easier. So I thought about sieve as being a workable solution. > > Another solution would be to write some kind of milter/policy-service > with a web-interface, where people can reject mails directly on the > postfix side. But this is a lot of work. Look at CanIT / MIMEDefang. Kind regards, - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBUJjTwGoxLS8a3A9mAQKCuggAnAvnsShCbbEQGDgsR93aIg+Vc1w9HC7m NKWddvYIXRgTKC0qr6QM4tqkCIrtGVviylp+wFwyI+9ZvLx5t+3f8JFKHg0hO5MM Sbuu0ZmjCbm9STkNv2xvl72TBh5IWpByeKQt6fJQ5aT1f0Iqxo6i0+/Q0eoi5p82 HDgx27ASAtUqCHf+iPUg8G/FSndxxEcOvrSACn+hLfv71YU2iovgYTZazLt3u4pz hSWMQkpQyBwCxj75bz6y72sJxyMtd7XOMV5lGHumbSX6jg7WdI/cCScv14d2Uh5S D6yNya6+WB3AIGFg+NK9LuSz6IBq/eqIJivTGWvljOOIYsONnT8hbg== =/nYA -----END PGP SIGNATURE----- From rs at sys4.de Tue Nov 6 11:25:51 2012 From: rs at sys4.de (Robert Schetterer) Date: Tue, 06 Nov 2012 10:25:51 +0100 Subject: [Dovecot] sieve In-Reply-To: <alpine.DEB.1.10.1211061001290.7480@pc-2m63a.inf.fh-bonn-rhein-sieg.de> References: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> <5098C7E6.7090903@whyscream.net> <F3890D25-7C0A-47B4-A9BB-2988EC3FCE1C@sys4.de> <alpine.DEB.1.10.1211061001290.7480@pc-2m63a.inf.fh-bonn-rhein-sieg.de> Message-ID: <5098D79F.9080707@sys4.de> Am 06.11.2012 10:09, schrieb Steffen Kaiser: > Another solution would be to write some kind of milter/policy-service > with a web-interface, where people can reject mails directly on the > postfix side. But this is a lot of work. it existed in horde 3 ingo, no idea for horde 5 stable https://github.com/wrobel/horde-fw3/blob/master/ingo/scripts/ingo-postfix-policyd but if used you cant have ingo as sieve gui too at my knowledege i suggested cloning this as on own horde module like "blocker" etc long time ago but i cant code it my own anyway having such gui option for a reject policy server included in some webmail or postfixadmin , modoboa.org would be a really good idea Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From berni at birkenwald.de Tue Nov 6 11:38:14 2012 From: berni at birkenwald.de (Bernhard Schmidt) Date: Tue, 6 Nov 2012 09:38:14 +0000 (UTC) Subject: [Dovecot] LDAP congestion Message-ID: <k7alq6$klp$1@ger.gmane.org> Hello, I've been asked to have a look at a misbehaving mail server of some colleagues today where almost all logins where failing or excessively delayed, while the LDAP database itself was pretty fast. They run Dovecot 1.2.11 (yes, I know, stoneage) against an LDAP server run by a 3rd party, auth_bind=yes (required). The problem is that this third party LDAP server delays bindResponse 3 seconds when the password is wrong. A user wanted to login every 2-3 seconds this morning with the wrong password, which effectively killed the system because the LDAP connection was mostly stalled waiting for the auth timeout. >From a previous discussion with Timo I know that bindRequests cannot be parallelized in LDAP, so the problem does not come completely unexpected. Other than removing the failure delay in the LDAP server, is there anything one can do? If there is any change in newer Dovecot versions about that please tell me so I can encourage them to upgrade, but I haven't seen anything in the changelog. Any way to get several LDAP workers/connections for passdb in parallel? Thanks, Bernhard From radikn at seznam.cz Tue Nov 6 12:00:20 2012 From: radikn at seznam.cz (=?UTF-8?Q?Radek_Novotn=C3=BD?=) Date: Tue, 06 Nov 2012 11:00:20 +0100 Subject: [Dovecot] sieve In-Reply-To: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> References: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> Message-ID: <8fc7635340b15e568a9845c7fa7dbeae@r-n.cz> May be, that solution of yout problem is mailfromd http://puszcza.gnu.org.ua/software/mailfromd/ Dne 6.11.2012 08:59, Christian R??ner napsal: > Hi, > > is there a sieve option that can reject a mail directly without > creating a new mail and sending that out? I know about > > reject "Reject message goes here"; > > but I am looking for a mechanism that can reject Mail. Postfix can > use reject_unverified_recipient to connect to LMTP and ask if a mail > would successfully be enqueued and will return the status gotten from > the LMTP server if not. Chances are high that the mechanism would > work, too, if Dovecot would know about the sieve rule, while getting > a > connection on LMTP. Does Dovecot know all rules at this point or is > sieve handled after the mail has already been accepted? > > Kind regards > > -Christian R??ner > > -- > [*] sys4 AG > > http://sys4.de, +49 (89) 30 90 46 64 > Franziskanerstra?e 15, 81669 M?nchen > > Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 > Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer > Aufsichtsratsvorsitzender: Joerg Heidrich From amateo at um.es Tue Nov 6 13:08:05 2012 From: amateo at um.es (Angel L. Mateo) Date: Tue, 06 Nov 2012 12:08:05 +0100 Subject: [Dovecot] Auth USER lookup failed Message-ID: <5098EF95.8060005@um.es> Hello, I'm running dovecot 2.1.9 and I'm trying to configure shared folders. So, as described at http://wiki2.dovecot.org/SharedMailboxes/Shared I have configured a namespace like this: namespace { type = shared separator = / prefix = shared/%%u/ location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u subscriptions = no list = yes } In one user (user1) I have configured ACLs so another one (user2) has access to a folder. Now, I want to susbscribe user2 to this folder. The problem I have is that whenever I try to list folders for this user (running thunderbird client) I get a panic and an error in the dovecot server (I have attached the complete log). The error says: Nov 6 11:58:56 myotis30 dovecot: auth: Error: userdb(user1): client doesn't have lookup permissions for this user: userdb uid (113246) doesn't match peer uid (14585) (change userdb socket permissions) Nov 6 11:58:56 myotis30 dovecot: auth: Debug: master out: FAIL#0112 Nov 6 11:58:56 myotis30 dovecot: imap(user2): Error: user user1: Auth USER lookup failed Nov 6 11:58:56 myotis30 dovecot: imap(user2): Debug: auth input: Nov 6 11:58:56 myotis30 dovecot: imap(user2): Error: Couldn't create namespace 'shared/' for user user1: userdb didn't return a home directory, but plugin setting quota used it (%h): dict:User quota::file:%h/Maildir/dovecot.quota It seems that imap process running for user2 is trying to a user lookup that fails. So I have manually tried it root at myotis30:/etc/dovecot/conf.d# sudo -u user2 doveadm user user2 userdb: user2 home : <homeDirectory> uid : 14585 gid : 404 root at myotis30:/etc/dovecot/conf.d# sudo -u user2 doveadm user user1 doveadm(user2): Error: user user1: Auth USER lookup failed doveadm(user2): Error: userdb lookup failed for user1 I have checked the socket permissions, but they are 0666 (if I'm looking the right socket): root at myotis30:/etc/dovecot/conf.d# ls -l /var/run/dovecot/auth-userdb srwxrwxrwx 1 dovecot root 0 nov 6 11:43 /var/run/dovecot/auth-userdb In fact, I have tried to put all sockets with permissions 0666 and 0777, but the error persists. Any idea? -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n y las Comunicaciones Aplicadas (ATICA) http://www.um.es/atica Tfo: 868889150 Fax: 868888337 -------------- next part -------------- Nov 6 11:58:55 myotis30 dovecot: auth: Debug: master in: USER#0111#011user1#011service=imap Nov 6 11:58:55 myotis30 dovecot: auth: Debug: prefetch(user1): passdb didn't return userdb entries, trying the next userdb Nov 6 11:58:55 myotis30 dovecot: auth: Debug: userdb-cache(user1): hit: user1#011home=/home/alumnos/46/113246#011uid=113246#011gid=1001#011quota_rule=*:storage=10G Nov 6 11:58:55 myotis30 dovecot: auth: Error: userdb(user1): client doesn't have lookup permissions for this user: userdb uid (113246) doesn't match peer uid (14585) (change userdb socket permissions) Nov 6 11:58:55 myotis30 dovecot: auth: Debug: master out: FAIL#0111 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Error: user user1: Auth USER lookup failed Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: auth input: Nov 6 11:58:55 myotis30 dovecot: imap(user2): Error: Couldn't create namespace 'shared/' for user user1: userdb didn't return a home directory, but plugin setting quota used it (%h): dict:User quota::file:%h/Maildir/dovecot.quota Nov 6 11:58:55 myotis30 dovecot: auth: Debug: master in: USER#0112#011user1#011service=imap Nov 6 11:58:55 myotis30 dovecot: auth: Debug: prefetch(user1): passdb didn't return userdb entries, trying the next userdb Nov 6 11:58:55 myotis30 dovecot: auth: Debug: userdb-cache(user1): hit: user1#011home=/home/alumnos/46/113246#011uid=113246#011gid=1001#011quota_rule=*:storage=10G Nov 6 11:58:55 myotis30 dovecot: auth: Error: userdb(user1): client doesn't have lookup permissions for this user: userdb uid (113246) doesn't match peer uid (14585) (change userdb socket permissions) Nov 6 11:58:55 myotis30 dovecot: auth: Debug: master out: FAIL#0112 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Error: user user1: Auth USER lookup failed Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: auth input: Nov 6 11:58:55 myotis30 dovecot: imap(user2): Error: Couldn't create namespace 'shared/' for user user1: userdb didn't return a home directory, but plugin setting quota used it (%h): dict:User quota::file:%h/Maildir/dovecot.quota Nov 6 11:58:55 myotis30 dovecot: imap(user2): Warning: Subscriptions file /home/pas/85/014585/Maildir/subscriptions: Removing invalid entry: shared/user1/kk Nov 6 11:58:55 myotis30 dovecot: imap(user2): Panic: shared mailbox list: Can't return a temp prefix for 'shared/' Nov 6 11:58:55 myotis30 dovecot: imap(user2): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x3f9ca) [0x7f1a5770c9ca] -> /usr/lib/dovecot/libdovecot.so.0(+0x3fa0e) [0x7f1a5770ca0e] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f1a576e0d90] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x2991d) [0x7f1a5798291d] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_list_subscriptions_refresh+0x2c1) [0x7f1a579dd801] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_list_iter_init_multiple+0x71) [0x7f1a579d0dc1] -> dovecot/imap(+0xd598) [0x7f1a57e84598] -> dovecot/imap(cmd_list_full+0x4b8) [0x7f1a57e84bb8] -> dovecot/imap(command_exec+0x3d) [0x7f1a57e8949d] -> dovecot/imap(+0x114ee) [0x7f1a57e884ee] -> dovecot/imap(+0x115c5) [0x7f1a57e885c5] -> dovecot/imap(client_handle_input+0x125) [0x7f1a57e88815] -> dovecot/imap(client_input+0x65) [0x7f1a57e890f5] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x36) [0x7f1a57719946] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xa7) [0x7f1a5771a637] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7f1a57719358] -> /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f1a57704fe3] -> dovecot/imap(main+0x295) [0x7f1a57e807e5] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed) [0x7f1a5732f76d] -> dovecot/imap(+0x9969) [0x7f1a57e80969] Nov 6 11:58:55 myotis30 dovecot: imap(user2): Fatal: master: service(imap): child 6604 killed with signal 6 (core dumps disabled) Nov 6 11:58:55 myotis30 dovecot: auth: Debug: auth client connected (pid=6657) Nov 6 11:58:55 myotis30 dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=imap#011session=zbsBfdHN9ACbNkMF#011lip=155.54.211.169#011rip=155.54.67.5#011lport=143#011rport=56308 Nov 6 11:58:55 myotis30 dovecot: auth: Debug: client out: CONT#0111#011 Nov 6 11:58:55 myotis30 dovecot: auth: Debug: client in: CONT<hidden> Nov 6 11:58:55 myotis30 dovecot: auth: Debug: cache(user2,155.54.67.5,<zbsBfdHN9ACbNkMF>): hit: <hidden>#011userdb_home=/home/pas/85/014585#011userdb_uid=14585#011userdb_gid=404 Nov 6 11:58:55 myotis30 dovecot: auth: Debug: client out: OK#0111#011user=user2 Nov 6 11:58:55 myotis30 dovecot: auth: Debug: master in: REQUEST#0111406664705#0116657#0111#0117c7aa4c4342037d77879c13562726d53 Nov 6 11:58:55 myotis30 dovecot: auth: Debug: prefetch(user2,155.54.67.5,<zbsBfdHN9ACbNkMF>): success Nov 6 11:58:55 myotis30 dovecot: auth: Debug: master out: USER#0111406664705#011user2#011home=/home/pas/85/014585#011uid=14585#011gid=404 Nov 6 11:58:55 myotis30 dovecot: imap: Debug: Loading modules from directory: /usr/lib/dovecot/modules Nov 6 11:58:55 myotis30 dovecot: imap: Debug: Module loaded: /usr/lib/dovecot/modules/lib01_acl_plugin.so Nov 6 11:58:55 myotis30 dovecot: imap: Debug: Module loaded: /usr/lib/dovecot/modules/lib02_imap_acl_plugin.so Nov 6 11:58:55 myotis30 dovecot: imap: Debug: Module loaded: /usr/lib/dovecot/modules/lib02_lazy_expunge_plugin.so Nov 6 11:58:55 myotis30 dovecot: imap: Debug: Module loaded: /usr/lib/dovecot/modules/lib10_quota_plugin.so Nov 6 11:58:55 myotis30 dovecot: imap: Debug: Module loaded: /usr/lib/dovecot/modules/lib11_imap_quota_plugin.so Nov 6 11:58:55 myotis30 dovecot: imap: Debug: Module loaded: /usr/lib/dovecot/modules/lib20_zlib_plugin.so Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: Effective uid=14585, gid=404, home=/home/pas/85/014585 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl: No acl_shared_dict setting - shared mailbox listing is disabled Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: Quota root: name=User quota backend=dict args=:file:/home/pas/85/014585/Maildir/dovecot.quota Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: Quota rule: root=User quota mailbox=* bytes=10737418240 messages=0 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: Quota rule: root=User quota mailbox=Trash bytes=+1073741824 messages=0 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: dict quota: user=user2, uri=file:/home/pas/85/014585/Maildir/dovecot.quota, noenforcing=0 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: Namespace : type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:~/Maildir:INDEX=/var/indexes/user2 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: maildir++: root=/home/pas/85/014585/Maildir, index=/var/indexes/user2, control=, inbox=/home/pas/85/014585/Maildir, alt= Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl: initializing backend with data: vfile Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl: acl username = user2 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl: owner = 1 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl vfile: Global ACL directory: (none) Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: Namespace : type=shared, prefix=shared/%u/, sep=/, inbox=no, hidden=no, list=yes, subscriptions=no location=maildir:%h/Maildir:INDEX=~/Maildir/shared/%u Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: shared: root=/var/run/dovecot, index=, control=, inbox=, alt= Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl: initializing backend with data: vfile Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl: acl username = user2 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl: owner = 0 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl vfile: Global ACL directory: (none) Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: Namespace : type=private, prefix=BORRADOS/, sep=/, inbox=no, hidden=no, list=no, subscriptions=yes location=maildir:~/Maildir/expunged/ Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: maildir++: root=/home/pas/85/014585/Maildir/expunged, index=, control=, inbox=, alt= Nov 6 11:58:55 myotis30 dovecot: imap-login: Login: user=<user2>, method=PLAIN, rip=155.54.67.5, lip=155.54.211.169, mpid=6633, session=<zbsBfdHN9ACbNkMF> Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl: initializing backend with data: vfile Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl: acl username = user2 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl: owner = 1 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl vfile: Global ACL directory: (none) Nov 6 11:58:56 myotis30 dovecot: auth: Debug: master in: USER#0111#011user1#011service=imap Nov 6 11:58:56 myotis30 dovecot: auth: Debug: prefetch(user1): passdb didn't return userdb entries, trying the next userdb Nov 6 11:58:56 myotis30 dovecot: auth: Debug: userdb-cache(user1): hit: user1#011home=/home/alumnos/46/113246#011uid=113246#011gid=1001#011quota_rule=*:storage=10G Nov 6 11:58:56 myotis30 dovecot: auth: Error: userdb(user1): client doesn't have lookup permissions for this user: userdb uid (113246) doesn't match peer uid (14585) (change userdb socket permissions) Nov 6 11:58:56 myotis30 dovecot: auth: Debug: master out: FAIL#0111 Nov 6 11:58:56 myotis30 dovecot: imap(user2): Error: user user1: Auth USER lookup failed Nov 6 11:58:56 myotis30 dovecot: imap(user2): Debug: auth input: Nov 6 11:58:56 myotis30 dovecot: imap(user2): Error: Couldn't create namespace 'shared/' for user user1: userdb didn't return a home directory, but plugin setting quota used it (%h): dict:User quota::file:%h/Maildir/dovecot.quota Nov 6 11:58:56 myotis30 dovecot: auth: Debug: master in: USER#0112#011user1#011service=imap Nov 6 11:58:56 myotis30 dovecot: auth: Debug: prefetch(user1): passdb didn't return userdb entries, trying the next userdb Nov 6 11:58:56 myotis30 dovecot: auth: Debug: userdb-cache(user1): hit: user1#011home=/home/alumnos/46/113246#011uid=113246#011gid=1001#011quota_rule=*:storage=10G Nov 6 11:58:56 myotis30 dovecot: auth: Error: userdb(user1): client doesn't have lookup permissions for this user: userdb uid (113246) doesn't match peer uid (14585) (change userdb socket permissions) Nov 6 11:58:56 myotis30 dovecot: auth: Debug: master out: FAIL#0112 Nov 6 11:58:56 myotis30 dovecot: imap(user2): Error: user user1: Auth USER lookup failed Nov 6 11:58:56 myotis30 dovecot: imap(user2): Debug: auth input: Nov 6 11:58:56 myotis30 dovecot: imap(user2): Error: Couldn't create namespace 'shared/' for user user1: userdb didn't return a home directory, but plugin setting quota used it (%h): dict:User quota::file:%h/Maildir/dovecot.quota Nov 6 11:58:56 myotis30 dovecot: imap(user2): Warning: Subscriptions file /home/pas/85/014585/Maildir/subscriptions: Removing invalid entry: shared/user1/kk Nov 6 11:58:56 myotis30 dovecot: imap(user2): Panic: shared mailbox list: Can't return a temp prefix for 'shared/' Nov 6 11:58:56 myotis30 dovecot: imap(user2): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x3f9ca) [0x7effec3dd9ca] -> /usr/lib/dovecot/libdovecot.so.0(+0x3fa0e) [0x7effec3dda0e] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7effec3b1d90] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x2991d) [0x7effec65391d] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_list_subscriptions_refresh+0x2c1) [0x7effec6ae801] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_list_iter_init_multiple+0x71) [0x7effec6a1dc1] -> dovecot/imap(+0xd598) [0x7effecb55598] -> dovecot/imap(cmd_list_full+0x4b8) [0x7effecb55bb8] -> dovecot/imap(command_exec+0x3d) [0x7effecb5a49d] -> dovecot/imap(+0x114ee) [0x7effecb594ee] -> dovecot/imap(+0x115c5) [0x7effecb595c5] -> dovecot/imap(client_handle_input+0x125) [0x7effecb59815] -> dovecot/imap(client_input+0x65) [0x7effecb5a0f5] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x36) [0x7effec3ea946] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xa7) [0x7effec3eb637] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7effec3ea358] -> /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7effec3d5fe3] -> dovecot/imap(main+0x295) [0x7effecb517e5] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed) [0x7effec00076d] -> dovecot/imap(+0x9969) [0x7effecb51969] Nov 6 11:58:56 myotis30 dovecot: imap(user2): Fatal: master: service(imap): child 6633 killed with signal 6 (core dumps disabled) Nov 6 11:59:06 myotis30 dovecot: auth: Debug: auth client connected (pid=6659) Nov 6 11:59:06 myotis30 dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=155.54.211.187, lip=155.54.211.169, secured, session=<RNyhfdHNqwCbNtO7> Nov 6 11:59:06 myotis30 dovecot: auth: Debug: auth client connected (pid=6660) Nov 6 11:59:06 myotis30 dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=155.54.211.187, lip=155.54.211.169, secured, session=<3+ihfdHNbwCbNtO7> -------------- next part -------------- # 2.1.9: /etc/dovecot/dovecot.conf # OS: Linux 3.4.0-030400-generic x86_64 Ubuntu 12.04.1 LTS auth_anonymous_username = anonymous auth_cache_negative_ttl = 1 hours auth_cache_size = 20 M auth_cache_ttl = 1 days auth_debug = yes auth_debug_passwords = no auth_default_realm = auth_failure_delay = 2 secs auth_first_valid_uid = 500 auth_gssapi_hostname = auth_krb5_keytab = auth_last_valid_uid = 0 auth_master_user_separator = * auth_mechanisms = plain auth_proxy_self = auth_realms = auth_socket_path = auth-userdb auth_ssl_require_client_cert = no auth_ssl_username_from_cert = no auth_use_winbind = no auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ auth_username_format = %Lu auth_username_translation = auth_verbose = yes auth_verbose_passwords = no auth_winbind_helper_path = /usr/bin/ntlm_auth auth_worker_max_count = 30 base_dir = /var/run/dovecot config_cache_size = 1 M debug_log_path = default_client_limit = 1000 default_idle_kill = 1 mins default_internal_user = dovecot default_login_user = dovenull default_process_limit = 1000 default_vsz_limit = 256 M deliver_log_format = msgid=%m: %$ dict_db_config = director_doveadm_port = 0 director_mail_servers = director_servers = director_user_expire = 15 mins director_username_hash = %u disable_plaintext_auth = no dotlock_use_excl = yes doveadm_allowed_commands = doveadm_password = doveadm_proxy_port = 0 doveadm_socket_path = doveadm-server doveadm_worker_count = 0 dsync_alt_char = _ dsync_remote_cmd = ssh -l%{login} %{host} doveadm dsync-server -u%u -l%{lock_timeout} -n%{namespace} first_valid_gid = 1 first_valid_uid = 500 hostname = imap_capability = imap_client_workarounds = imap_id_log = imap_id_send = imap_idle_notify_interval = 2 mins imap_logout_format = in=%i out=%o imap_max_line_length = 64 k imapc_features = imapc_host = imapc_list_prefix = imapc_master_user = imapc_password = imapc_port = 143 imapc_rawlog_dir = imapc_ssl = no imapc_ssl_ca_dir = imapc_ssl_verify = yes imapc_user = %u import_environment = TZ info_log_path = instance_name = dovecot last_valid_gid = 0 last_valid_uid = 0 lda_mailbox_autocreate = no lda_mailbox_autosubscribe = no lda_original_recipient_header = libexec_dir = /usr/lib/dovecot listen = *, :: lmtp_address_translate = lmtp_proxy = no lmtp_save_to_detail_mailbox = no lock_method = fcntl log_path = syslog log_timestamp = %Y-%m-%d %H:%M:%S login_access_sockets = login_greeting = Dovecot ready. login_log_format = %$: %s login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c session=<%{session}> login_trusted_networks = 155.54.211.176/28 mail_access_groups = mail_attachment_dir = mail_attachment_fs = sis posix mail_attachment_hash = %{sha1} mail_attachment_min_size = 128 k mail_cache_fields = flags mail_cache_min_mail_count = 0 mail_chroot = mail_debug = yes mail_fsync = optimized mail_full_filesystem_access = no mail_gid = mail_home = mail_location = maildir:~/Maildir:INDEX=/var/indexes/%n mail_log_prefix = "%s(%u): " mail_max_keyword_length = 50 mail_max_lock_timeout = 0 mail_max_userip_connections = 10 mail_never_cache_fields = imap.envelope mail_nfs_index = no mail_nfs_storage = no mail_plugin_dir = /usr/lib/dovecot/modules mail_plugins = quota zlib lazy_expunge acl mail_prefetch_count = 0 mail_privileged_group = mail mail_save_crlf = no mail_shared_explicit_inbox = yes mail_temp_dir = /tmp mail_temp_scan_interval = 1 weeks mail_uid = mailbox_idle_check_interval = 30 secs mailbox_list_index = no maildir_broken_filename_sizes = no maildir_copy_with_hardlinks = yes maildir_stat_dirs = no maildir_very_dirty_syncs = yes managesieve_client_workarounds = managesieve_implementation_string = Dovecot Pigeonhole managesieve_logout_format = bytes=%i/%o managesieve_max_compile_errors = 5 managesieve_max_line_length = 65536 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave imapflags master_user_separator = mbox_dirty_syncs = yes mbox_dotlock_change_timeout = 2 mins mbox_lazy_writes = yes mbox_lock_timeout = 5 mins mbox_md5 = apop3d mbox_min_index_size = 0 mbox_read_locks = fcntl mbox_very_dirty_syncs = no mbox_write_locks = dotlock fcntl mdbox_preallocate_space = no mdbox_rotate_interval = 0 mdbox_rotate_size = 20 M mmap_disable = no namespace { hidden = no ignore_on_failure = no inbox = yes list = yes location = prefix = separator = / subscriptions = yes type = private } namespace { hidden = no ignore_on_failure = no inbox = no list = yes location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u prefix = shared/%%u/ separator = / subscriptions = no type = shared } namespace { hidden = no ignore_on_failure = no inbox = no list = no location = maildir:~/Maildir/expunged/ prefix = BORRADOS/ separator = / subscriptions = yes type = private } passdb { args = /etc/dovecot/master-users default_fields = deny = no driver = passwd-file master = yes override_fields = pass = yes } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext default_fields = deny = no driver = ldap master = no override_fields = pass = no } passdb { args = session=yes dovecot default_fields = deny = no driver = pam master = no override_fields = pass = no } plugin { acl = vfile lazy_expunge = BORRADOS/ quota = dict:User quota::file:%h/Maildir/dovecot.quota quota_rule = *:storage=10G quota_rule2 = Trash:storage=+1G sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = +imapflags sieve_max_redirects = 15 zlib_save = gz zlib_save_level = 6 } pop3_client_workarounds = pop3_enable_last = no pop3_fast_size_lookups = no pop3_lock_session = no pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s pop3_no_flag_updates = no pop3_reuse_xuidl = no pop3_save_uidl = no pop3_uidl_duplicates = allow pop3_uidl_format = %08Xu%08Xv pop3c_host = pop3c_master_user = pop3c_password = pop3c_port = 110 pop3c_rawlog_dir = pop3c_ssl = no pop3c_ssl_ca_dir = pop3c_ssl_verify = yes pop3c_user = %u postmaster_address = postmaster at um.es protocols = imap pop3 lmtp sieve quota_full_tempfail = no recipient_delimiter = + rejection_reason = Your message to <%t> was automatically rejected:%n%r rejection_subject = Rejected: %s replication_full_sync_interval = 12 hours replication_max_conns = 10 replicator_host = replicator replicator_port = 0 sendmail_path = /usr/sbin/sendmail service aggregator { chroot = . client_limit = 0 drop_priv_before_exec = no executable = aggregator extra_groups = fifo_listener replication-notify-fifo { group = mode = 0600 user = } group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener replication-notify { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service anvil { chroot = empty client_limit = 2003 drop_priv_before_exec = no executable = anvil extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 1 protocol = service_count = 0 type = anvil unix_listener anvil-auth-penalty { group = mode = 0600 user = } unix_listener anvil { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service auth-worker { chroot = client_limit = 1 drop_priv_before_exec = no executable = auth -w extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 1 type = unix_listener auth-worker { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service auth { chroot = client_limit = 3000 drop_priv_before_exec = no executable = auth extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener auth-client { group = mode = 0600 user = } unix_listener auth-login { group = mode = 0600 user = $default_internal_user } unix_listener auth-master { group = mode = 0600 user = } unix_listener auth-userdb { group = mode = 0666 user = $default_internal_user } unix_listener login/login { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service config { chroot = client_limit = 0 drop_priv_before_exec = no executable = config extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = config unix_listener config { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service dict { chroot = client_limit = 1 drop_priv_before_exec = no executable = dict extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dict { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service director { chroot = . client_limit = 0 drop_priv_before_exec = no executable = director extra_groups = fifo_listener login/proxy-notify { group = mode = 00 user = } group = idle_kill = 4294967295 secs inet_listener { address = port = 0 ssl = no } privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener director-admin { group = mode = 0600 user = } unix_listener director-userdb { group = mode = 0600 user = } unix_listener login/director { group = mode = 00 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service dns_client { chroot = client_limit = 1 drop_priv_before_exec = no executable = dns-client extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dns-client { group = mode = 0666 user = } unix_listener login/dns-client { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service doveadm { chroot = client_limit = 1 drop_priv_before_exec = no executable = doveadm-server extra_groups = group = idle_kill = 0 inet_listener { address = port = 24245 ssl = no } privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 1 type = unix_listener doveadm-server { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service imap-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = imap-login extra_groups = group = idle_kill = 0 inet_listener imap { address = port = 143 ssl = no } inet_listener imaps { address = port = 993 ssl = yes } privileged_group = process_limit = 0 process_min_avail = 0 protocol = imap service_count = 1 type = login user = $default_login_user vsz_limit = 18446744073709551615 B } service imap { chroot = client_limit = 1 drop_priv_before_exec = no executable = imap extra_groups = group = idle_kill = 0 privileged_group = process_limit = 5120 process_min_avail = 2 protocol = imap service_count = 1 type = unix_listener login/imap { group = mode = 0666 user = } user = vsz_limit = 512 M } service indexer-worker { chroot = client_limit = 1 drop_priv_before_exec = no executable = indexer-worker extra_groups = group = idle_kill = 0 privileged_group = process_limit = 10 process_min_avail = 0 protocol = service_count = 0 type = unix_listener indexer-worker { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service indexer { chroot = client_limit = 0 drop_priv_before_exec = no executable = indexer extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener indexer { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service ipc { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = ipc extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener ipc { group = mode = 0600 user = dovecot } unix_listener login/ipc-proxy { group = mode = 0600 user = $default_login_user } user = $default_internal_user vsz_limit = 18446744073709551615 B } service lmtp { chroot = client_limit = 1 drop_priv_before_exec = no executable = lmtp extra_groups = group = idle_kill = 0 inet_listener lmtp { address = port = 24 ssl = no } privileged_group = process_limit = 0 process_min_avail = 10 protocol = lmtp service_count = 0 type = unix_listener lmtp { group = mode = 0666 user = } user = vsz_limit = 512 M } service log { chroot = client_limit = 0 drop_priv_before_exec = no executable = log extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = log unix_listener log-errors { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service managesieve-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = managesieve-login extra_groups = group = idle_kill = 0 inet_listener sieve { address = port = 4190 ssl = no } privileged_group = process_limit = 0 process_min_avail = 0 protocol = sieve service_count = 1 type = login user = $default_login_user vsz_limit = 18446744073709551615 B } service managesieve { chroot = client_limit = 1 drop_priv_before_exec = no executable = managesieve extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = sieve service_count = 1 type = unix_listener login/sieve { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service pop3-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = pop3-login extra_groups = group = idle_kill = 0 inet_listener pop3 { address = port = 110 ssl = no } inet_listener pop3s { address = port = 995 ssl = yes } privileged_group = process_limit = 0 process_min_avail = 0 protocol = pop3 service_count = 1 type = login user = $default_login_user vsz_limit = 18446744073709551615 B } service pop3 { chroot = client_limit = 1 drop_priv_before_exec = no executable = pop3 extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1024 process_min_avail = 2 protocol = pop3 service_count = 1 type = unix_listener login/pop3 { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service replicator { chroot = client_limit = 0 drop_priv_before_exec = no executable = replicator extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener replicator { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service ssl-params { chroot = client_limit = 0 drop_priv_before_exec = no executable = ssl-params extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = startup unix_listener login/ssl-params { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service stats { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = stats extra_groups = fifo_listener stats-mail { group = mode = 0600 user = } group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener stats { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } shutdown_clients = yes ssl = no ssl_ca = ssl_cert = </etc/ssl/certs/dovecot.pem ssl_cert_username_field = commonName ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL ssl_client_cert = ssl_client_key = ssl_crypto_device = ssl_key = </etc/ssl/private/dovecot.pem ssl_key_password = ssl_parameters_regenerate = 1 weeks ssl_protocols = !SSLv2 ssl_require_crl = yes ssl_verify_client_cert = no stats_command_min_time = 1 mins stats_domain_min_time = 12 hours stats_ip_min_time = 12 hours stats_memory_limit = 16 M stats_session_min_time = 15 mins stats_user_min_time = 1 hours submission_host = syslog_facility = mail userdb { args = default_fields = driver = prefetch override_fields = } userdb { args = /etc/dovecot/dovecot-ldap.conf.ext default_fields = driver = ldap override_fields = } valid_chroot_dirs = verbose_proctitle = no verbose_ssl = no version_ignore = no protocol lda { mail_plugins = quota zlib lazy_expunge acl sieve } protocol imap { mail_plugins = quota zlib lazy_expunge acl imap_quota imap_acl } protocol lmtp { mail_plugins = quota zlib lazy_expunge acl sieve } protocol pop3 { pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, in=%i, out=%o } local 155.54.211.160/27/27 { doveadm_password = ]dWhu5kB } From andreas.thomsen at dadgmbh.de Tue Nov 6 13:51:47 2012 From: andreas.thomsen at dadgmbh.de (Andreas Thomsen) Date: Tue, 06 Nov 2012 12:51:47 +0100 Subject: [Dovecot] doveadm import doesn't work Message-ID: <5098F9D3.80708@dadgmbh.de> Hello, we are running dovecot 2.0.4 on openSuse 11.2. mailboxes are in mdbox-format on local filesystem. we had a powerfailure resulting in many corrupted files and i had to restore some mailboxes. as descibed in wiki, i tried : doveadm import -u <username> mdbox:/path/to/backup/<username>/mdbox INBOX all or doveadm import -u <username> mdbox:/path/to/backup/<username>/mdbox mdbox:/path/to/mailbox/<username>/mdbox all all i get is : usage: doveadm [-Dv] [-f <formatter>] <command> [<args>] altmove [-u <user>|-A] <search query> auth [-a <auth socket path>] [-x <auth info>] <user> [<password>] config [doveconf parameters] director add|flush|map|remove|status dump [-t <type>] <path> expunge [-u <user>|-A] <search query> fetch [-u <user>|-A] <fields> <search query> force-resync [-u <user>|-A] <mailbox> help <cmd> kick [-a <anvil socket path>] [-f] <user mask>[|]<ip/bits> log find|reopen|test mailbox create|delete|list|mutf7|rename|status|subscribe|unsubscribe penalty [-a <anvil socket path>] [<ip/bits>] purge [-u <user>|-A] pw [-l] [-p plaintext] [-r rounds] [-s scheme] [-u user] [-V] quota get|recalc reload search [-u <user>|-A] <search query> stop user [-a <userdb socket path>] [-x <auth info>] <user mask> [...] who [-a <anvil socket path>] [-1] [<user mask>] [<ip/bits>] any idea, whats the problem? kind regards Andreas Thomsen -- DAD Deutscher Adressdienst GmbH Alter Wall 65 20457 Hamburg Postfach 11 35 58 20435 Hamburg Deutschland Tel. 0049 (0)40 7511990 Fax 0049 (0)40 75119911 Amtsgericht Hamburg HRB 88115 Gesch?ftsf?hrerin: Daniela Kunst Steuernummer 48/714/02030 Ust-IdNr. DE813739877 From tss at iki.fi Tue Nov 6 14:17:21 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 6 Nov 2012 14:17:21 +0200 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <CEC36A2A-C750-4DCB-A99C-273E9C562F47@iki.fi> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> Message-ID: <D418AF48-DAC7-4CF7-BD25-DFEEBCCC89E5@iki.fi> On 6.11.2012, at 3.49, Michael J Rubinsky wrote: >> That would require infinitely storing the modseq of when each message >> was expunged. Not very nice. Also the RFC talks a lot about this >> situation. The SELECT command has two optional parameters to optimize >> it. > > The RFC *does* indicate that a server implementation could, strictly speaking, be considered in compliance without remembering modsequences for all expunged messages, but it does explicitly discourage such implementations. From RFC 5162 [4.1]: > > Strictly speaking, a server implementation that doesn't remember mod- > sequences associated with expunged messages can be considered > compliant with this specification. Such implementations return all > expunged messages specified in the UID set of the UID FETCH > (VANISHED) command every time, without paying attention to the > specified CHANGEDSINCE mod-sequence. Such implementations are > discouraged, as they can end up returning VANISHED responses that are > bigger than the result of a UID SEARCH command for the same UID set. This is talking about a server that doesn't permanently remember ANY modseqs for expunges. Dovecot remembers them, not not infinitely. > It also gives advice to avoid infinitely storing the modsequences such as "expiring" sequences associated with older expunged messages, but assigning a single modsequence value to all of the expired expunged messages. Dovecot behaves as the section 4.3 describes. Note especially: Note that indefinitely storing information about expunged messages can cause storage and related problems for an implementation. .. Hence, implementations are encouraged to adopt strategies to protect against such storage problems, such as limiting the size of the queue used to store mod-sequences for expunged messages and "expiring" older records when this limit is reached. When the selected implementation-specific queue limit is reached, the oldest record(s) are deleted from the queue (note that such records are located at the queue head). For all such "expired" records, the server needs to store a single mod-sequence, which is the highest mod-sequence for all "expired" expunged messages. This is exactly what Dovecot does. There is a single modseq associated with all the previously expunged messages. If you try to request expunges for that modseq, it returns all of the expunged messages, which is what you're seeing as a problem. It might be helpful in some situations to decrease the precision and remember for example: * UIDs 1-100 were deleted with modseq 10 (in reality multiple times between modseqs 1..10) * UIDs 101-130 were deleted with modseq 15 (in reality with modseqs 11..15) .. and so on But this assumes that the expunged UID ranges compress well. If UIDs are being deleted here and there it's still pretty wasteful to store them. And yes, the current way may be forgetting them a bit too early when a lot of other unrelated changes are happening. It would be possible to keep a separate expunge log which could remember the expunges longer. But that would be yet another different index file for Dovecot, which annoyingly complicates everything. And currently since it sounds like the only problem is activesync implementation using it, I'm not very interested in spending a lot of time on it. These defines in mail-transaction-log-private.h anyway can be changed to make it much less likely to see your problem: /* Rotate when log is older than ROTATE_TIME and larger than MIN_SIZE */ #define MAIL_TRANSACTION_LOG_ROTATE_MIN_SIZE (1024*32) /* If log is larger than MAX_SIZE, rotate regardless of the time */ #define MAIL_TRANSACTION_LOG_ROTATE_MAX_SIZE (1024*1024) #define MAIL_TRANSACTION_LOG_ROTATE_TIME (60*5) /* Delete .log.2 files older than this many seconds. Don't be too eager, older files are useful for QRESYNC and dsync. */ #define MAIL_TRANSACTION_LOG2_STALE_SECS (60*60*24*2) Maybe the defaults could be changed.. From tlx at leuxner.net Tue Nov 6 14:27:07 2012 From: tlx at leuxner.net (Thomas Leuxner) Date: Tue, 6 Nov 2012 13:27:07 +0100 Subject: [Dovecot] doveadm import doesn't work In-Reply-To: <5098F9D3.80708@dadgmbh.de> References: <5098F9D3.80708@dadgmbh.de> Message-ID: <20121106122707.GA9945@nihlus.leuxner.net> On Tue, Nov 06, 2012 at 12:51:47PM +0100, Andreas Thomsen wrote: > any idea, whats the problem? http://www.dovecot.org/list/dovecot-news/2010-October/000179.html Yes. It simply wasn't implemented in 2.0.4 which is ages old btw. Regards Thomas -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121106/3887567b/attachment-0002.bin> From andreas.thomsen at dadgmbh.de Tue Nov 6 14:38:25 2012 From: andreas.thomsen at dadgmbh.de (Andreas Thomsen) Date: Tue, 06 Nov 2012 13:38:25 +0100 Subject: [Dovecot] doveadm import doesn't work In-Reply-To: <20121106122707.GA9945@nihlus.leuxner.net> References: <5098F9D3.80708@dadgmbh.de> <20121106122707.GA9945@nihlus.leuxner.net> Message-ID: <509904C1.5020104@dadgmbh.de> Thank you, Thomas. I think, i will install a newer version.. Am 06.11.2012 13:27, schrieb Thomas Leuxner: > On Tue, Nov 06, 2012 at 12:51:47PM +0100, Andreas Thomsen wrote: >> any idea, whats the problem? > http://www.dovecot.org/list/dovecot-news/2010-October/000179.html > > Yes. It simply wasn't implemented in 2.0.4 which is ages old btw. > > Regards > Thomas -- DAD Deutscher Adressdienst GmbH Alter Wall 65 20457 Hamburg Postfach 11 35 58 20435 Hamburg Deutschland Tel. 0049 (0)40 7511990 Fax 0049 (0)40 75119911 Amtsgericht Hamburg HRB 88115 Gesch?ftsf?hrerin: Daniela Kunst Steuernummer 48/714/02030 Ust-IdNr. DE813739877 From ben at morrow.me.uk Tue Nov 6 14:43:06 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Tue, 6 Nov 2012 12:43:06 +0000 Subject: [Dovecot] sieve In-Reply-To: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> References: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> Message-ID: <20121106124305.GB37663@anubis.morrow.me.uk> At 8AM +0100 on 6/11/12 you (Christian R??ner) wrote: > > is there a sieve option that can reject a mail directly without > creating a new mail and sending that out? I know about > > reject "Reject message goes here"; > > but I am looking for a mechanism that can reject Mail. You want 'ereject', RFC 5429, but Pigeonhole currently only implements it as a synonym for reject. I'm not sure if this is within-spec or not: this paragraph The "ereject" action MUST NOT be available in environments that do not support protocol-level rejection, e.g., an MUA, and MUST be available in all other environments that support the "reject" action. makes me think that perhaps it's not; in any case, Dovecot's implementation won't do what you want. Ben From stan at hardwarefreak.com Tue Nov 6 15:04:56 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Tue, 06 Nov 2012 07:04:56 -0600 Subject: [Dovecot] sieve In-Reply-To: <F3890D25-7C0A-47B4-A9BB-2988EC3FCE1C@sys4.de> References: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> <5098C7E6.7090903@whyscream.net> <F3890D25-7C0A-47B4-A9BB-2988EC3FCE1C@sys4.de> Message-ID: <50990AF8.7010303@hardwarefreak.com> On 11/6/2012 2:29 AM, Christian R??ner wrote: > Another solution would be to write some kind of milter/policy-service with a web-interface, where people can reject mails directly on the postfix side. But this is a lot of work. Use a web interface that requires auth. But I'd not use a milter/policy service--too complicated and unnecessary. Just use a regular access(5) table in db format. Simply write your script to append new addresses or domains to the table with a REJECT action. Then add to main.cf an appropriate restriction such as check_sender_access. Changes are picked up automatically each time a new smtpd is fired so no postmap command is required to make the change active. -- Stan From rs at sys4.de Tue Nov 6 15:35:22 2012 From: rs at sys4.de (Robert Schetterer) Date: Tue, 06 Nov 2012 14:35:22 +0100 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <D418AF48-DAC7-4CF7-BD25-DFEEBCCC89E5@iki.fi> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <CEC36A2A-C750-4DCB-A99C-273E9C562F47@iki.fi> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> <D418AF48-DAC7-4CF7-BD25-DFEEBCCC89E5@iki.fi> Message-ID: <5099121A.5010208@sys4.de> Am 06.11.2012 13:17, schrieb Timo Sirainen: > the only problem is activesync implementation using it Hi, Michael, as i am going to implement horde 5 active sync server in near Future with dovecot , i followed this in high interest I know horde active sync server is different to z-push so sorry my question, i recent use z-push with dovecot and never noticed any problems with it, so how does z-push handle this "problem" comparing horde, any chance to workaround it in horde code ? Hacking dovecot might be complex, as it should fit in so many stuff and setups Anyway i agree many people using active sync in their smartphone these days and new outlook will also have a active sync mode, so there shouldnt stay any fixable problems ( where ever they may be ), but in my understanding the imap server ( dovecot ) acts more like a backhand here did you test against recent versions of cyrus etc, how is their behave in this case ? Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From mrubinsk at horde.org Tue Nov 6 16:23:10 2012 From: mrubinsk at horde.org (Michael J Rubinsky) Date: Tue, 06 Nov 2012 09:23:10 -0500 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <5099121A.5010208@sys4.de> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <CEC36A2A-C750-4DCB-A99C-273E9C562F47@iki.fi> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> <D418AF48-DAC7-4CF7-BD25-DFEEBCCC89E5@iki.fi> <5099121A.5010208@sys4.de> Message-ID: <20121106092310.Horde.5x2cUpcRtLVQmR1OBJCiTiA@h4.theupstairsroom.com> Quoting Robert Schetterer <rs at sys4.de>: > Am 06.11.2012 13:17, schrieb Timo Sirainen: >> the only problem is activesync implementation using it > > Hi, Michael, > as i am going to implement horde 5 active sync server in near Future > with dovecot , i followed this in high interest > > I know horde active sync server is different to z-push > so sorry my question, i recent use z-push with dovecot and never noticed > any problems with it, so how does z-push handle this "problem" comparing > horde, any chance to workaround it in horde code ? ZPush's default "imap backend" implementation uses PHP's imap implementation, which has _many_ problems. Horde's uses Horde_Imap_Client a PHP native implementation with tons of improvements over just about any other available IMAP client implementation in PHP. The problem I'm describing stems from our ActiveSync code trying to take advantage of IMAP extensions such as QRESYNC, where the server can track and report things like expunged messages, flag changes etc... since a known point without us having to cache and track every bit of information about the device's state. This is what ZPush does, it uses plaintext files on the server and writes out all the message ids and flag states that were sent to each device. Then during every sync, it retrieves the complete list of message ids and flag state from the IMAP server again and compares them against the data in the text file to determine the deltas. There is already a work around for this in place - if we detect a UID being returned from one of these VANISHED responses that is older than the oldest known UID we know was sent to the device then we reset the device's mailbox state, causing the mailbox to resync. We already track the UIDs of all email sent to the device in our state tables when using a server that does not support QRESYNC, I plan on extending/improving this and getting rid of the current use VANISHED data completely. For further information about our code vs ZPush you can read a basic overview on our wiki page http://wiki.horde.org/ActiveSync. I'm in the process of a more detailed feature comparison grid, but it's far from ready. Please move any further discussion specific to Horde's ActiveSync code to the dev at lists.horde.org mailing list. > Hacking dovecot might be complex, as it should fit in so many stuff and > setups I would never suggest people should hack server code to get other code to work :) > Anyway i agree many people using active sync in their smartphone these > days and new outlook will also have a active sync mode, so there > shouldnt stay any fixable problems ( where ever they may be ), but in my > understanding the imap server ( dovecot ) acts more like a backhand here > did you test against recent versions of cyrus etc, how is their behave > in this case? I have not personally tested against cyrus, but I know some of our other devs use cyrus with the ActiveSync code base. -- mike The Horde Project (www.horde.org) mrubinsk at horde.org -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 6062 bytes Desc: S/MIME Cryptographic Signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121106/f2affb1e/attachment-0002.bin> From mrubinsk at horde.org Tue Nov 6 16:24:07 2012 From: mrubinsk at horde.org (Michael J Rubinsky) Date: Tue, 06 Nov 2012 09:24:07 -0500 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <D418AF48-DAC7-4CF7-BD25-DFEEBCCC89E5@iki.fi> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <CEC36A2A-C750-4DCB-A99C-273E9C562F47@iki.fi> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> <D418AF48-DAC7-4CF7-BD25-DFEEBCCC89E5@iki.fi> Message-ID: <20121106092407.Horde.ORo9AZcRtLVQmR2HfZMiToA@h4.theupstairsroom.com> Quoting Timo Sirainen <tss at iki.fi>: > On 6.11.2012, at 3.49, Michael J Rubinsky wrote: > >>> That would require infinitely storing the modseq of when each message >>> was expunged. Not very nice. Also the RFC talks a lot about this >>> situation. The SELECT command has two optional parameters to optimize >>> it. >> >> The RFC *does* indicate that a server implementation could, >> strictly speaking, be considered in compliance without remembering >> modsequences for all expunged messages, but it does explicitly >> discourage such implementations. From RFC 5162 [4.1]: >> >> Strictly speaking, a server implementation that doesn't remember mod- >> sequences associated with expunged messages can be considered >> compliant with this specification. Such implementations return all >> expunged messages specified in the UID set of the UID FETCH >> (VANISHED) command every time, without paying attention to the >> specified CHANGEDSINCE mod-sequence. Such implementations are >> discouraged, as they can end up returning VANISHED responses that are >> bigger than the result of a UID SEARCH command for the same UID set. > > This is talking about a server that doesn't permanently remember ANY > modseqs for expunges. Dovecot remembers them, not not infinitely. > >> It also gives advice to avoid infinitely storing the modsequences >> such as "expiring" sequences associated with older expunged >> messages, but assigning a single modsequence value to all of the >> expired expunged messages. > > Dovecot behaves as the section 4.3 describes. Note especially: > > Note that indefinitely storing information about expunged messages > can cause storage and related problems for an implementation. > .. > Hence, implementations are encouraged to adopt strategies to protect > against such storage problems, such as limiting the size of the queue > used to store mod-sequences for expunged messages and "expiring" > older records when this limit is reached. When the selected > implementation-specific queue limit is reached, the oldest record(s) > are deleted from the queue (note that such records are located at the > queue head). For all such "expired" records, the server needs to > store a single mod-sequence, which is the highest mod-sequence for > all "expired" expunged messages. > > This is exactly what Dovecot does. There is a single modseq > associated with all the previously expunged messages. If you try to > request expunges for that modseq, it returns all of the expunged > messages, which is what you're seeing as a problem. > > It might be helpful in some situations to decrease the precision and > remember for example: > * UIDs 1-100 were deleted with modseq 10 (in reality multiple times > between modseqs 1..10) > * UIDs 101-130 were deleted with modseq 15 (in reality with modseqs 11..15) > .. and so on > > But this assumes that the expunged UID ranges compress well. If UIDs > are being deleted here and there it's still pretty wasteful to store > them. > > And yes, the current way may be forgetting them a bit too early when > a lot of other unrelated changes are happening. It would be possible > to keep a separate expunge log which could remember the expunges > longer. But that would be yet another different index file for > Dovecot, which annoyingly complicates everything. And currently > since it sounds like the only problem is activesync implementation > using it, I'm not very interested in spending a lot of time on it. > These defines in mail-transaction-log-private.h anyway can be > changed to make it much less likely to see your problem: > > /* Rotate when log is older than ROTATE_TIME and larger than MIN_SIZE */ > #define MAIL_TRANSACTION_LOG_ROTATE_MIN_SIZE (1024*32) > /* If log is larger than MAX_SIZE, rotate regardless of the time */ > #define MAIL_TRANSACTION_LOG_ROTATE_MAX_SIZE (1024*1024) > #define MAIL_TRANSACTION_LOG_ROTATE_TIME (60*5) > > /* Delete .log.2 files older than this many seconds. Don't be too eager, > older files are useful for QRESYNC and dsync. */ > #define MAIL_TRANSACTION_LOG2_STALE_SECS (60*60*24*2) > > Maybe the defaults could be changed.. Thanks for the information and clarification, Timo. -- mike The Horde Project (www.horde.org) mrubinsk at horde.org -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 6062 bytes Desc: S/MIME Cryptographic Signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121106/792f95ca/attachment-0002.bin> From tss at iki.fi Tue Nov 6 16:57:00 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 6 Nov 2012 16:57:00 +0200 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <D418AF48-DAC7-4CF7-BD25-DFEEBCCC89E5@iki.fi> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <CEC36A2A-C750-4DCB-A99C-273E9C562F47@iki.fi> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> <D418AF48-DAC7-4CF7-BD25-DFEEBCCC89E5@iki.fi> Message-ID: <C7D43F23-AF8A-47AF-9053-1600BEADFBB4@iki.fi> On 6.11.2012, at 14.17, Timo Sirainen wrote: > It would be possible to keep a separate expunge log which could remember the expunges longer. But that would be yet another different index file for Dovecot, which annoyingly complicates everything. And currently since it sounds like the only problem is activesync implementation using it, I'm not very interested in spending a lot of time on it. Here's an idea how it could maybe be done without too much complexity: Before deleting/replacing dovecot.index.log.2 file, scan all of the expunges from it and append them to dovecot.index.log.expunges file using the normal transaction log file format. Change the reader code to use it only when a special flag is enabled (because it has no other changes, it shouldn't normally be used). Use that flag when looking for old expunges. Once in a while recreate the file and drop some of the oldest expunges. The annoying thing with that is that the file format wastes disk space. An alternative would be to write to the file using yet another format optimized for it, and then have a separate "expunge scanner" API that scans the expunge file and the transaction logs. Anyway, not something I have time to implement myself anytime soon. From cr at sys4.de Tue Nov 6 17:04:33 2012 From: cr at sys4.de (=?iso-8859-1?Q?Christian_R=F6=DFner?=) Date: Tue, 6 Nov 2012 16:04:33 +0100 Subject: [Dovecot] sieve In-Reply-To: <50990AF8.7010303@hardwarefreak.com> References: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> <5098C7E6.7090903@whyscream.net> <F3890D25-7C0A-47B4-A9BB-2988EC3FCE1C@sys4.de> <50990AF8.7010303@hardwarefreak.com> Message-ID: <8828DC32-59FB-4EA7-8D73-6B7E740092E4@sys4.de> Hi, >> Another solution would be to write some kind of milter/policy-service with a web-interface, where people can reject mails directly on the postfix side. But this is a lot of work. > > Use a web interface that requires auth. But I'd not use a milter/policy > service--too complicated and unnecessary. Just use a regular access(5) > table in db format. Simply write your script to append new addresses or > domains to the table with a REJECT action. Then add to main.cf an > appropriate restriction such as check_sender_access. Changes are picked > up automatically each time a new smtpd is fired so no postmap command is > required to make the change active. thanks to all of you. I think I have enough feedback and now I can decide what to do. Kind regards -Christian R??ner -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From lists at wildgooses.com Tue Nov 6 17:26:43 2012 From: lists at wildgooses.com (Ed W) Date: Tue, 06 Nov 2012 15:26:43 +0000 Subject: [Dovecot] v2.1 memory usage In-Reply-To: <1352157757.13571.121.camel@hurina> References: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> <1352151633.13571.116.camel@hurina> <1352157757.13571.121.camel@hurina> Message-ID: <50992C33.8030505@wildgooses.com> On 05/11/2012 23:22, Timo Sirainen wrote: > On Mon, 2012-11-05 at 23:40 +0200, Timo Sirainen wrote: >> Anyway, looks like Dovecot can't link OpenSSL to imap/pop3 processes >> without wasting a ton of memory. In v2.2 I already moved imapc/pop3c >> backend code to plugins to avoid this. Looks like similar ugliness is >> needed for other features/backends also that may end up using SSL code. >> (We were wondering with Stephan what to do about his new HTTP library >> code that added support for SSL. It would be nice to keep it in the core >> libdovecot.so, but not if it links with SSL. So looks like we'll need >> some kind of a http-ssl plugin that is loaded only when needed.) > Implemented it a bit easier way that also gets rid of imapc/pop3c > plugins and simplifies other things: lib-ssl-iostream now loads OpenSSL > dynamically: http://hg.dovecot.org/dovecot-2.2/rev/68d21f872fd7 > > This also provides a nice abstraction to OpenSSL, making it again > possible to implement other backends like GnuTLS or NSS. (Except login > process code doesn't use lib-ssl-iostream yet.) Does libtomcrypt implement enough? Ed From stephan at rename-it.nl Tue Nov 6 17:26:31 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Tue, 06 Nov 2012 16:26:31 +0100 Subject: [Dovecot] sieve In-Reply-To: <20121106124305.GB37663@anubis.morrow.me.uk> References: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> <20121106124305.GB37663@anubis.morrow.me.uk> Message-ID: <50992C27.4030008@rename-it.nl> Op 11/6/2012 1:43 PM, Ben Morrow schreef: > You want 'ereject', RFC 5429, but Pigeonhole currently only implements > it as a synonym for reject. I'm not sure if this is within-spec or not: > this paragraph > > The "ereject" action MUST NOT be available in environments that do > not support protocol-level rejection, e.g., an MUA, and MUST be > available in all other environments that support the "reject" > action. > > makes me think that perhaps it's not; in any case, Dovecot's > implementation won't do what you want. That feature is under development, and such features aren't compiled unless people add `--with-unfinished-features' to their configure line. So, don't worry, Pigeonhole does not normally violate the specification in this regard. Regards, Stephan. From ben at morrow.me.uk Tue Nov 6 20:00:23 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Tue, 6 Nov 2012 18:00:23 +0000 Subject: [Dovecot] sieve In-Reply-To: <50992C27.4030008@rename-it.nl> References: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> <20121106124305.GB37663@anubis.morrow.me.uk> <50992C27.4030008@rename-it.nl> Message-ID: <20121106180022.GC37663@anubis.morrow.me.uk> At 4PM +0100 on 6/11/12 you (Stephan Bosch) wrote: > Op 11/6/2012 1:43 PM, Ben Morrow schreef: > > You want 'ereject', RFC 5429, but Pigeonhole currently only implements > > it as a synonym for reject. I'm not sure if this is within-spec or not: > > this paragraph > > > > The "ereject" action MUST NOT be available in environments that do > > not support protocol-level rejection, e.g., an MUA, and MUST be > > available in all other environments that support the "reject" > > action. > > > > makes me think that perhaps it's not; in any case, Dovecot's > > implementation won't do what you want. > > That feature is under development, and such features aren't compiled > unless people add `--with-unfinished-features' to their configure line. > So, don't worry, Pigeonhole does not normally violate the specification > in this regard. Oh, cool, I missed that on my quick look through the source. Ben From tss at iki.fi Tue Nov 6 22:30:46 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 6 Nov 2012 22:30:46 +0200 Subject: [Dovecot] v2.1 memory usage In-Reply-To: <50992C33.8030505@wildgooses.com> References: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> <1352151633.13571.116.camel@hurina> <1352157757.13571.121.camel@hurina> <50992C33.8030505@wildgooses.com> Message-ID: <5A7F7F7A-9CEB-4A20-B03C-99EE81351114@iki.fi> On 6.11.2012, at 17.26, Ed W wrote: > On 05/11/2012 23:22, Timo Sirainen wrote: >> On Mon, 2012-11-05 at 23:40 +0200, Timo Sirainen wrote: >>> Anyway, looks like Dovecot can't link OpenSSL to imap/pop3 processes >>> without wasting a ton of memory. In v2.2 I already moved imapc/pop3c >>> backend code to plugins to avoid this. Looks like similar ugliness is >>> needed for other features/backends also that may end up using SSL code. >>> (We were wondering with Stephan what to do about his new HTTP library >>> code that added support for SSL. It would be nice to keep it in the core >>> libdovecot.so, but not if it links with SSL. So looks like we'll need >>> some kind of a http-ssl plugin that is loaded only when needed.) >> Implemented it a bit easier way that also gets rid of imapc/pop3c >> plugins and simplifies other things: lib-ssl-iostream now loads OpenSSL >> dynamically: http://hg.dovecot.org/dovecot-2.2/rev/68d21f872fd7 >> >> This also provides a nice abstraction to OpenSSL, making it again >> possible to implement other backends like GnuTLS or NSS. (Except login >> process code doesn't use lib-ssl-iostream yet.) > > Does libtomcrypt implement enough? It doesn't do SSL, which is all Dovecot cares about. From daniel.parthey at informatik.tu-chemnitz.de Wed Nov 7 02:02:49 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Wed, 7 Nov 2012 01:02:49 +0100 Subject: [Dovecot] LMTP benefit vs LDA In-Reply-To: <5098BD2A.9010704@skye.it> References: <5094E7D6.5000109@mail.cgilfe.it> <20121103124149.GA12562@daniel.localdomain> <5098BD2A.9010704@skye.it> Message-ID: <20121107000249.GA10057@daniel.localdomain> Alessio Cecchi wrote: > Daniel Parthey wrote: > > Davide wrote: > >>my question is what is benefit implementing LMTP service replacing > >>LDA i have dovecot 2.1.8 with vpopmail+qmail and about 500 users > >>now i'm using LDA and i'm interested on LMTP service. > >with LMTP... > >* you don't need to spawn a new process for each message > > For me this options is the most valuable. I'm also running > qmail+vpopmail and dovecot as LDA and with thousand of users spawn a > new process for each message could be a problem. > > But you need to switch to postfix, or have you some idea on how to > run qmail and LMTP together? You will need an MTA with LMTP client support, e.g. postfix or exim: http://wiki2.dovecot.org/HowTo/PostfixDovecotLMTP Regards Daniel -- https://plus.google.com/103021802792276734820 From massimiliano at cianelli.eu Wed Nov 7 09:13:08 2012 From: massimiliano at cianelli.eu (Massimiliano Cianelli) Date: Wed, 07 Nov 2012 08:13:08 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. Message-ID: <8egwclxks8cpdyupbs5slf3n.1352226340948@email.android.com> Hello, My phone: Android ics 4.1.2 on galaxy nexus. And yes, stock mean the default client that come with the os in IMAP mode. I already know about that configuration parameter, but it will display two time namespace in postlogin capabilities, and so I like much more to adjust the source code to fix the issue. Yes there is k9 but I didn't like it too much, I prefer the stock client and is much important to keep compatibility with stock client then user-installed client. About the issue on Google code, there is thr issue on google code... but Google is a lot slow in fixing those things. http://code.google.com/p/android/issues/detail?id=1811 In a few hour I'll update the issue noticing where is hidden the problem. Regards Sent from Galaxy Nexus Robert Schetterer <rs at sys4.de> ha scritto: >Am 06.11.2012 07:08, schrieb Ben Morrow: >> At 6AM +0100 on 6/11/12 you (Massimiliano Cianelli) wrote: >>> Hi, >>> >>> My setup: >>> Dovecot 2 latest, installed to replace courrier IMAP, and off course >>> configured with the dot separator and all folder under INBOX.*. >>> >>> The problem: >>> My phone was driving me mad during the test, due that it will only >>> recognize Inbox. >>> >>> How found the solution: >>> I've started sniffing IMAP traffic on my server and ended up with one >>> difference: >>> On courier it ask for namespace, on dovecot it won't. >>> >>> I gives a better look, and noticed that courier show namespace >>> capability on prelogin banner, adding it too solved the problem. >>> >>> Reason: >>> Android ICS stock client seems do not honor the capability gived after >>> the login. >> >> See http://wiki2.dovecot.org/Upgrading/2.0?highlight=%28capability%29 ; >> you need to set imap_capability and/or get your client fixed. >> >> Ben >> > >Hi, first ,what is the exact meaning of > >"Android ICS stock client" > >do you mean default included email client in standard android in imap >mode, when yes, which version of Android , i like to test my own >however is there changelog/code etc at google for this behave? > >conf example > ># Override the IMAP CAPABILITY response. If the value begins with '+', > # add the given capabilities on top of the defaults (e.g. +XFOO XBAR). > #imap_capability = > >setting stuff here might be complex , or lead to trouble with other >clients, if setting this might fix problems ,with clients it should be >advised in the wiki/example-conf and/or Timo > >or the other way ,for massive used clients there should be >a seperate workaround section in the conf > >But fixing behave clients should be prime option anyway > >Meanwhile use K9mail in Android as best free option in imap mode servers > >Best Regards >MfG Robert Schetterer > >-- >[*] sys4 AG > >http://sys4.de, +49 (89) 30 90 46 64 >Franziskanerstra?e 15, 81669 M?nchen > >Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 >Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer >Aufsichtsratsvorsitzender: Joerg Heidrich From rs at sys4.de Wed Nov 7 10:16:54 2012 From: rs at sys4.de (Robert Schetterer) Date: Wed, 07 Nov 2012 09:16:54 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: <8egwclxks8cpdyupbs5slf3n.1352226340948@email.android.com> References: <8egwclxks8cpdyupbs5slf3n.1352226340948@email.android.com> Message-ID: <509A18F6.1060507@sys4.de> Am 07.11.2012 08:13, schrieb Massimiliano Cianelli: > Hello, > > My phone: > Android ics 4.1.2 on galaxy nexus. > And yes, stock mean the default client that come with the os in IMAP mode. > > I already know about that configuration parameter, but it will display two time namespace in postlogin capabilities, and so I like much more to adjust the source code to fix the issue. > > Yes there is k9 but I didn't like it too much, I prefer the stock client and is much important to keep compatibility with stock client then user-installed client. > > About the issue on Google code, there is thr issue on google code... but Google is a lot slow in fixing those things. > http://code.google.com/p/android/issues/detail?id=1811 > > In a few hour I'll update the issue noticing where is hidden the problem. > > Regards > Sent from Galaxy Nexus Hi , i shortly tested this with android sdk jelly bean 4.1.1 and "my setup" dovecot 2.1.10 with included orginal android mail app in imap mode, ,leaving IMAP prefix blank, everything works as expected, no double shown inbox, namespace problems etc so you might have to fit your namespace setup. Also you might follow allready given advice from here. Anyway , i understand you using "stock client" but you have to understand that the producers of mail clients optimize their stuff fitting best in their own server structure making money with it, therefor their motivation coding better imap code is not very high, same case is for outlook and microsoft however, i would say, fixing bugs is on the google site here, looks like there is patch at http://code.google.com/p/android/issues/detail?id=1811 and the issue seems long known i dont see any hard relation to dovecot in this case meanwhile using k9mail seems the best way to workaround there are lots of other bugs around android versions over the years i dont expect google to fix them > > Robert Schetterer <rs at sys4.de> ha scritto: > >> Am 06.11.2012 07:08, schrieb Ben Morrow: >>> At 6AM +0100 on 6/11/12 you (Massimiliano Cianelli) wrote: >>>> Hi, >>>> >>>> My setup: >>>> Dovecot 2 latest, installed to replace courrier IMAP, and off course >>>> configured with the dot separator and all folder under INBOX.*. >>>> >>>> The problem: >>>> My phone was driving me mad during the test, due that it will only >>>> recognize Inbox. >>>> >>>> How found the solution: >>>> I've started sniffing IMAP traffic on my server and ended up with one >>>> difference: >>>> On courier it ask for namespace, on dovecot it won't. >>>> >>>> I gives a better look, and noticed that courier show namespace >>>> capability on prelogin banner, adding it too solved the problem. >>>> >>>> Reason: >>>> Android ICS stock client seems do not honor the capability gived after >>>> the login. >>> >>> See http://wiki2.dovecot.org/Upgrading/2.0?highlight=%28capability%29 ; >>> you need to set imap_capability and/or get your client fixed. >>> >>> Ben >>> >> >> Hi, first ,what is the exact meaning of >> >> "Android ICS stock client" >> >> do you mean default included email client in standard android in imap >> mode, when yes, which version of Android , i like to test my own >> however is there changelog/code etc at google for this behave? >> >> conf example >> >> # Override the IMAP CAPABILITY response. If the value begins with '+', >> # add the given capabilities on top of the defaults (e.g. +XFOO XBAR). >> #imap_capability = >> >> setting stuff here might be complex , or lead to trouble with other >> clients, if setting this might fix problems ,with clients it should be >> advised in the wiki/example-conf and/or Timo >> >> or the other way ,for massive used clients there should be >> a seperate workaround section in the conf >> >> But fixing behave clients should be prime option anyway >> >> Meanwhile use K9mail in Android as best free option in imap mode servers >> >> Best Regards >> MfG Robert Schetterer >> >> -- >> [*] sys4 AG >> >> http://sys4.de, +49 (89) 30 90 46 64 >> Franziskanerstra?e 15, 81669 M?nchen >> >> Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 >> Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer >> Aufsichtsratsvorsitzender: Joerg Heidrich Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From laurent.foucher at iut-tlse3.fr Wed Nov 7 10:25:08 2012 From: laurent.foucher at iut-tlse3.fr (Laurent Foucher) Date: Wed, 07 Nov 2012 09:25:08 +0100 Subject: [Dovecot] acl and subfolder Message-ID: <20121107092508.Horde.KXj9QTZfwM9QmhrkNMYwS9A@webmail.iut-tlse3.fr> hello, I'm using dovecot 2.0.16 and i would like to use acl for subfolder. The file dovecot-acl is well written in both folder test and the subfolder test/Test : cat /home/user2/Maildir/.test.Test/dovecot-acl user=user1 ilrws cat /home/user2/Maildir/.test/dovecot-acl user=user1 ilprws When user1 want to list, the folder test is well shown, but not the subfolder test/Test. This is the logs : Debug: acl: acl username = user1 imap(laurent.foucher): Debug: acl: owner = 0 Shuka-a dovecot: imap(user1): Debug: acl vfile: Global ACL directory: (none) Shuka-a dovecot: imap(user1): Debug: acl vfile: reading file /home/user2/Maildir/.test/dovecot-acl [....] imap(user1): Debug: acl: Mailbox not in dovecot-acl-list: Partages/user2/test/Test I don't userstand why the file dovecot-acl is not read from the subfolder, while user1 and user2 have the same gid and write access to the directories. Thanks for your answers. dovecot -n auth_cache_size = 512 M default_client_limit = 8400 disable_plaintext_auth = no mail_access_groups = dovecot mail_debug = yes mail_location = maildir:~/Maildir mail_plugins = acl mail_privileged_group = dovecot managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave imapflags notify namespace { inbox = yes location = prefix = separator = / type = private } namespace { list = children location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u prefix = Partages/%%u/ separator = / subscriptions = no type = shared } passdb { args = cache_key=%u%s * driver = pam } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { acl = vfile acl_shared_dict = file:/var/lib/dovecot/shared-mailboxes.db mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid size sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = +notify +imapflags } postmaster_address = postmaster at iut-tlse3.fr protocols = " imap sieve" service auth { client_limit = 8500 unix_listener auth-userdb { group = Personnel_IUT mode = 0666 } } service imap-login { process_limit = 4096 process_min_avail = 16 service_count = 0 vsz_limit = 256 M } service imap { process_limit = 4096 vsz_limit = 3036 M } ssl_cert = </etc/ssl/certs/cert-5383-imaps.iut-tlse3.fr.pem ssl_key = </etc/ssl/private/imaps.iut-tlse3.fr.key userdb { driver = passwd } userdb { driver = prefetch } protocol lda { info_log_path = /var/log/dovecot/dovecot-lda.log log_path = /var/log/dovecot/dovecot-lda-errors.log mail_plugins = acl sieve } protocol imap { imap_id_log = * mail_plugins = acl imap_acl listescape } -- - Laurent Foucher < I U T 'A' Paul Sabatier > laurent.foucher at iut-tlse3.fr Enseignant/Charg? de mission Syst?mes & R?seau From yngve_l2 at hotmail.com Wed Nov 7 11:13:28 2012 From: yngve_l2 at hotmail.com (ycc_Swe) Date: Wed, 7 Nov 2012 01:13:28 -0800 (PST) Subject: [Dovecot] Dovecot ok for port 110, but not for SSL (beginner asking) Message-ID: <1352279608118-38611.post@n4.nabble.com> Hello, I just installed Dovecot. It works for plaintext autorization, port 110. It has connected with Telnet, Thunderbird and an on-line pop3 client. Telnet: +OK Dovecot ready. user nnnnn -ERR Unknown command. user nnnnn +OK pass xxxxxxxxxx +OK Logged in. stat +OK 1 1553 retr 1 +OK 1553 octets Return-path: <sssssss at hotmail.com> Envelope-to: nnnnnn at mydomain.com Delivery-date: Tue, 06 Nov 2012 12:02:28 +0100 Received: from bay0-xcvxcv-xvxcv.bay333.hotmail.com ([123.123.123.123]) by deb7.pc with esmtp (Exim 4.80) But when I try ssl (port 995) with an on-line pop3 client, it will not work: /var/log/mail.log Nov 7 02:46:55 deb7 dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=12.12.12.7, lip=123.123.123.123, TLS: Disconnected, session=<Iza75N3NlABBNykH> Nov 7 02:46:56 deb7 dovecot: pop3-login: Disconnected (no auth attempts in 1 secs): user=<>, rip=12.12.12.7, lip=123.123.123.123, TLS: Disconnected, session=<nWTF5N3NlQBBNykH> root at deb7:~# doveconf -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-3-686-pae i686 disable_plaintext_auth = no mail_gid = mail mail_location = mbox:~/mail:INBOX=/var/mail/%u namespace inbox { inbox = yes location = prefix = } passdb { args = username_format=%u /etc/dovecot/users driver = passwd-file } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = " imap pop3" ssl_cert = </etc/ssl/certs/dovecot.pem ssl_key = </etc/ssl/private/dovecot.pem userdb { args = username_format=%u /etc/dovecot/users driver = passwd-file } I know very little about mail and ssl. I have assumed that ssl will be set up "automatically" when Dovecot is installed. But maybe I have missed something here. Please give me pointers. The following two files contain ssl keys: ssl_cert = </etc/ssl/certs/dovecot.pem ssl_key = </etc/ssl/private/dovecot.pem I have tried changing the ssl parameter ("yes", "required") in 10-ssl.conf but with no change except that port 110 login becomes disabled. As you can see I am a beginner with Dovecot, I hope it is still OK to ask on this mailing list. Thanks. -- View this message in context: http://dovecot.2317879.n4.nabble.com/Dovecot-ok-for-port-110-but-not-for-SSL-beginner-asking-tp38611.html Sent from the Dovecot mailing list archive at Nabble.com. From rs at sys4.de Wed Nov 7 12:19:44 2012 From: rs at sys4.de (Robert Schetterer) Date: Wed, 07 Nov 2012 11:19:44 +0100 Subject: [Dovecot] Dovecot ok for port 110, but not for SSL (beginner asking) In-Reply-To: <1352279608118-38611.post@n4.nabble.com> References: <1352279608118-38611.post@n4.nabble.com> Message-ID: <509A35C0.8040209@sys4.de> Am 07.11.2012 10:13, schrieb ycc_Swe: > Hello, > > I just installed Dovecot. It works for plaintext autorization, port 110. It > has connected with Telnet, Thunderbird and an on-line pop3 client. > > Telnet: > +OK Dovecot ready. > user nnnnn > -ERR Unknown command. > user nnnnn > +OK > pass xxxxxxxxxx > +OK Logged in. > stat > +OK 1 1553 > retr 1 > +OK 1553 octets > Return-path: <sssssss at hotmail.com> > Envelope-to: nnnnnn at mydomain.com > Delivery-date: Tue, 06 Nov 2012 12:02:28 +0100 > Received: from bay0-xcvxcv-xvxcv.bay333.hotmail.com ([123.123.123.123]) > by deb7.pc with esmtp (Exim 4.80) > > But when I try ssl (port 995) with an on-line pop3 client, it will not work: > /var/log/mail.log > Nov 7 02:46:55 deb7 dovecot: pop3-login: Disconnected (no auth attempts in > 0 secs): user=<>, rip=12.12.12.7, lip=123.123.123.123, TLS: Disconnected, > session=<Iza75N3NlABBNykH> > Nov 7 02:46:56 deb7 dovecot: pop3-login: Disconnected (no auth attempts in > 1 secs): user=<>, rip=12.12.12.7, lip=123.123.123.123, TLS: Disconnected, > session=<nWTF5N3NlQBBNykH> > > root at deb7:~# doveconf -n > # 2.1.7: /etc/dovecot/dovecot.conf > # OS: Linux 3.2.0-3-686-pae i686 > disable_plaintext_auth = no > mail_gid = mail > mail_location = mbox:~/mail:INBOX=/var/mail/%u > namespace inbox { > inbox = yes > location = > prefix = > } > passdb { > args = username_format=%u /etc/dovecot/users > driver = passwd-file > } > plugin { > sieve = ~/.dovecot.sieve > sieve_dir = ~/sieve > } > protocols = " imap pop3" > ssl_cert = </etc/ssl/certs/dovecot.pem > ssl_key = </etc/ssl/private/dovecot.pem > userdb { > args = username_format=%u /etc/dovecot/users > driver = passwd-file > } > > I know very little about mail and ssl. I have assumed that ssl will be set > up "automatically" when Dovecot is installed. But maybe I have missed > something here. Please give me pointers. > The following two files contain ssl keys: > ssl_cert = </etc/ssl/certs/dovecot.pem > ssl_key = </etc/ssl/private/dovecot.pem > > I have tried changing the ssl parameter ("yes", "required") in 10-ssl.conf > but with no change except that port 110 login becomes disabled. > > As you can see I am a beginner with Dovecot, I hope it is still OK to ask on > this mailing list. Thanks. > > > > -- > View this message in context: http://dovecot.2317879.n4.nabble.com/Dovecot-ok-for-port-110-but-not-for-SSL-beginner-asking-tp38611.html > Sent from the Dovecot mailing list archive at Nabble.com. > have a look http://wiki2.dovecot.org/SSL/DovecotConfiguration Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From CMarcus at Media-Brokers.com Wed Nov 7 15:01:13 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 07 Nov 2012 08:01:13 -0500 Subject: [Dovecot] Solr 4.0 - lucene - FTS Message-ID: <509A5B99.1000900@Media-Brokers.com> Hi Timo, As one who is interested in implementing FTS sometime in the future, I'm curious about what is in store as far as improvements go... Specifically, any plans for implementing immediate/automatic index updates at delivery time? The lack of automatically updated indexes is one downside for its implementation... Also, does the release of Solr 4.0 mean anything for the lucene library used by dovecot? http://www.marketwatch.com/story/lucidworks-congratulates-apache-foundation-on-general-release-of-solr-40-2012-10-15 Thanks, -- Best regards, Charles From tss at iki.fi Wed Nov 7 17:14:18 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:14:18 +0200 Subject: [Dovecot] Solr 4.0 - lucene - FTS In-Reply-To: <509A5B99.1000900@Media-Brokers.com> References: <509A5B99.1000900@Media-Brokers.com> Message-ID: <385519A7-AE91-4C38-94C6-7CD8A957E178@iki.fi> On 7.11.2012, at 15.01, Charles Marcus wrote: > As one who is interested in implementing FTS sometime in the future, I'm curious about what is in store as far as improvements go... > > Specifically, any plans for implementing immediate/automatic index updates at delivery time? The lack of automatically updated indexes is one downside for its implementation... Nothing really prevents from adding that very easily .. I guess it would need a new setting, which is always the most annoying part of small changes. :) I think it would have to have a setting equivalent to doveadm index -n parameter, which allows indexing most users, except those who pretty much never read their emails. So with doveadm index -n 1000 you could set that if the mailbox's \Recent count is over 1000, don't index the mailbox. So .. hmm. I guess two settings would be cleaner: plugin { fts_autoindex = yes fts_autoindex_max_recent = 1000 } Or maybe there's a better name than "autoindex" for this feature. SEARCH always autoindexes anyway. > Also, does the release of Solr 4.0 mean anything for the lucene library used by dovecot? No, fts-lucene and fts-solr are separate backends. But I do have some small plans to add a few more features to fts-solr. From tss at iki.fi Wed Nov 7 17:21:59 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:21:59 +0200 Subject: [Dovecot] mbox2mdir... what about UIDs/etc? (was: how to best import Evolution/Thunderbird mail into dovecot?) In-Reply-To: <1351557745.3435.106.camel@fermat.scientia.net> References: <1350429674.3360.27.camel@fermat.scientia.net> <20121017145144.GA777@PC211.ikt.de> <loom.20121017T174523-947@post.gmane.org> <1351557745.3435.106.camel@fermat.scientia.net> Message-ID: <3ACD269C-EBFA-42D5-B984-97342E669D08@iki.fi> On 30.10.2012, at 2.42, Christoph Anton Mitterer wrote: > Which I'll base upon mb2md[1] respectively it's Dovecot-izsed > version[2]. > I diffed the two, and it seems the only differences are that the later > handles the following in addition: > 1) keywords (via X-IMAP, X-IMAPbase and X-Keywords) > 2) UIDs, UIDVALITIDYs and UIDLASTs (via the X-IMAP, X-IMAPbase and X-UID > mail headers of the mboxes > 3) ,S= and ,W= tags > > (Guess that's it right?) > > > Now I have some questions: > to 1) I never used keywords on mails myself so far,... so if any > X-Keywords headers exist, these were sent from remote. > So I guess I _really want_ to ignore them (and not let remote people set > my local keywords), right? Yes. > to 2) I haven't had time yet to read into the IMAP4 RFC (though I'll > need to do so soon),... but AFAIU the UIDs, UIDVALITIDYs and UIDLASTs > are used for the server/clients to identify which message they talk > about and avoid unnecessary reloading and to assure statuses are set on > the right message, etc. > > All mails that I migrate were only used locally by one client. > So I guess I can fully ignore any UID/UIDVALITIDY/UIDLAST preservation, > right? Yeah, they're not that important if you don't care about clients redownloading cached messages. > So in principle I can use plain mb2md (without the dovecot mods)... and > simply convert all my mboxes to maildir, put them in the dovecot mail > (having the mails in the ../new dirs) location and start dovecot, right? > > Now will dovecot itself assign fresh consecutive UIDs to all maildir > files? Or will I get into troubles? Dovecot will generate new UIDs. > to 3) If dovecot can make use of these,.. I'm happy with having them > set, but analogous to (2): > If I use plain mb2md (without the dovecot mods)... and simply convert > all my mboxes to maildir, put them in the dovecot mail (having the mails > in the ../new dirs) location and start dovecot.... > > Can I make dovecot to calculate these fields by itself when it loads? Dovecot doesn't add them to the filenames, but adds them to dovecot-uidlist and/or dovecot.index.cache. If you're using Maildir++ quota then this isn't good enough, but when using Dovecot LDA there's no reason to use Maildir++ quota anyway, so it doesn't matter. From tss at iki.fi Wed Nov 7 17:23:05 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:23:05 +0200 Subject: [Dovecot] dovecot-lda not correct folder In-Reply-To: <508F66A2.7010809@gmx.de> References: <508F66A2.7010809@gmx.de> Message-ID: <933B1D72-3DAC-4D5C-88B0-78849B7655D9@iki.fi> On 30.10.2012, at 7.33, tony.blue.mailinglist at gmx.de wrote: > ZUSATZORDNER="$DELIVERMAIL -e -d $LOGNAME -m .optionalfolder" > ... > > dovecot-lda puts the mails for the optionalfolder always in the .cur (INBOX). > > What?s the correct dovecot-lda parameter to put the mails in the optionalfolder? -m optionalfolder, without the dot. Also you may need to set lda_mailbox_autocreate=yes if it doesn't already exist. From tss at iki.fi Wed Nov 7 17:26:04 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:26:04 +0200 Subject: [Dovecot] mbox vs. maildir storage block waste In-Reply-To: <508FB360.5090704@Media-Brokers.com> References: <1351544049.3435.47.camel@fermat.scientia.net> <9D29C5F7-A6BC-4D74-AAA9-14675035D09C@iki.fi> <1351545330.3435.66.camel@fermat.scientia.net> <22F4E090-F572-40F4-8B69-D48E48856815@iki.fi> <508FB360.5090704@Media-Brokers.com> Message-ID: <C343D0F4-43E5-4A17-AE42-D1F7BDBB39F1@iki.fi> On 30.10.2012, at 13.00, Charles Marcus wrote: > On 2012-10-29 5:42 PM, Timo Sirainen <tss at iki.fi> wrote: >> On 29.10.2012, at 23.15, Christoph Anton Mitterer wrote: >> >>> btw: What are the actual advantages of sdbox over maildir? >> * Not moving files from new/ to cur/ directory >> * Not renaming files when changing message flags >> * Not readdir()ing directories (although maildir_very_dirty_syncs=yes helps a lot with this) >> >> Basically less disk I/O and making it possible to have mailboxes with a huge number of messages without everything slowing down horribly. > > I had been wanting to ask about this too... > > So... what are the disadvantages? Message flags are stored only in dovecot.index files, and files get somewhat more easily corrupted than the whole filesystem. Having a separate dovecot.index.backup file helps with this though. Also there's the disadvantages if you can't easily switch away from Maildir because you're using some non-Dovecot tools to access it. From tss at iki.fi Wed Nov 7 17:30:35 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:30:35 +0200 Subject: [Dovecot] mbox vs. maildir storage block waste In-Reply-To: <1351556165.3435.88.camel@fermat.scientia.net> References: <1351544049.3435.47.camel@fermat.scientia.net> <9D29C5F7-A6BC-4D74-AAA9-14675035D09C@iki.fi> <1351545330.3435.66.camel@fermat.scientia.net> <22F4E090-F572-40F4-8B69-D48E48856815@iki.fi> <1351547682.3435.76.camel@fermat.scientia.net> <A15D492A-72F5-44F9-9167-6E1AE8CC9647@iki.fi> <1351556165.3435.88.camel@fermat.scientia.net> Message-ID: <9C95F27A-0D85-4CD4-8172-9829BC026A14@iki.fi> On 30.10.2012, at 2.16, Christoph Anton Mitterer wrote: > Have you ever thought about adding a "real" DB backend? Nothing against > dbox... :) ... and I have no performance comparison of dbox with what > could be done with a DBMS... but the advantage of the later would be > that you get all fancy features from database systems for free... like > fast indexing, online replication, etc. p.. > > One might even reuse something like AOX for this. SQL indexes aren't very helpful for IMAP-like data. It would be fun to some day have SQL backend in Dovecot (there already is read-only INBOX-only SQL backend), but I don't expect it to have very good performance. From tss at iki.fi Wed Nov 7 17:32:25 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:32:25 +0200 Subject: [Dovecot] copymail deleted In-Reply-To: <09B9ED24-9319-48A7-85D4-0FF7D12F6296@sys4.de> References: <BF13BA6C-5A8D-446B-B654-663864AA8D9C@sys4.de> <2B52CF76-2638-45C8-BD75-1773EAB99D0E@iki.fi> <62B9745B-844F-4A83-8B87-F5DED1389180@sys4.de> <CF0DCCC7-C667-4F34-B888-83D6EB55C513@iki.fi> <09B9ED24-9319-48A7-85D4-0FF7D12F6296@sys4.de> Message-ID: <660E3B26-F98C-4790-BFC5-8F77390C043E@iki.fi> On 30.10.2012, at 16.44, Christian R??ner wrote: >> So if you create /attachments/6a/50/6a506530265ef7c9feb396410eaf6946036e9a79-b034401e794009503a0400002cb72ff6 that is 949170 bytes long, and do the same for the rest of the attachments, you should be able to read this mail without errors. >> >> You can easily create the files without wasting space with: >> dd if=/dev/zero of=foo bs=1 seek=949169 count=1 > > Thanks. I have calculated both other files and recreated zero padded files. Now I am going to watch the log file and see, if errors are gone. > > One last question: If the user now opens a mail, where the attachments are broken and he/she removes the mail, are the created hand-made files be removed automatically? Yes. From tss at iki.fi Wed Nov 7 17:33:43 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:33:43 +0200 Subject: [Dovecot] maildir and end-of-line encoding In-Reply-To: <1351648223.24721.4.camel@fermat.scientia.net> References: <1351648223.24721.4.camel@fermat.scientia.net> Message-ID: <A52B651B-B5D8-4B16-9A79-4231CAAD4ECD@iki.fi> On 31.10.2012, at 3.50, Christoph Anton Mitterer wrote: > I just wondered, the following: > > My MDA may get mails that use LF or CR/LF end of line encodings and > deliver them into maildirs. > > > I couldn't find any information about, whether one should or must > convert all into one format, cause AFAIK at least on the IMAP side, > CR/LF is always used? > > How does this work on the maildir/backend side of dovcot? Can it work > with both and simply automatically convert LF into CR/LF? Dovecot automatically adds CRs where necessary. Even within the same file there can be mixed LF/CRLF lines. From tss at iki.fi Wed Nov 7 17:38:26 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:38:26 +0200 Subject: [Dovecot] backtrace for non-existant %{ldap:attr} on login In-Reply-To: <alpine.DEB.2.02.1210311001310.3009@pc-2m63nn> References: <alpine.DEB.2.02.1210311001310.3009@pc-2m63nn> Message-ID: <F3C8E55F-6258-4B1B-B2B6-D51DB4E4E656@iki.fi> On 31.10.2012, at 11.08, Steffen Kaiser wrote: > If mailQuotaBytesTrash or mailQuotaBytes is not present, the LOGIN process does not work: .. > 2012-10-31 09:56:51 auth: Panic: pool_data_stack_realloc(): stack frame changed I'm not entirely sure why that happens when nonexistent attributes, but this fixes the crash: http://hg.dovecot.org/dovecot-2.1/rev/3a33e686fc38 Maybe there's another bug in there as well that tries to write some large garbage to the string instead?.. From tss at iki.fi Wed Nov 7 17:41:47 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:41:47 +0200 Subject: [Dovecot] Error: Internal quota calculation error In-Reply-To: <87d2zyxxjm.fsf@minnow.riseup.net> References: <87d2zyxxjm.fsf@minnow.riseup.net> Message-ID: <11465F19-4310-4B44-8955-F03FB65EFC5F@iki.fi> On 31.10.2012, at 21.15, Micah Anderson wrote: > I'm using 2.1.7 with seive and mysql quotas. We had an outage the other > day where the database server where quotas are stored was not available > for a short period of time. > > In dovecot land, the following types of errors occured in that scenario: > > Oct 26 22:19:01 grosbeak dovecot: lda(example at riseup.net): Error: Internal quota calculation error Hmm. I wonder if I should add more error message logging in here.. Although I think the main reason is that dict isn't connected to SQL database, and it should have logged about it already. > Oct 26 22:19:01 grosbeak dovecot: lda(example at riseup.net): Error: sieve: msgid=<20122132765181x.ABCCE457 at example.com>: failed to store into mailbox 'Trash': Internal error occurred. Refer to server log for more information. [2012-10-26 22:19:01] > Oct 26 22:19:01 grosbeak dovecot: lda(example at riseup.net): Error: sieve: script /maildir/e/example/.dovecot.sieve failed with unsuccessful implicit keep (user logfile /maildir/e/example/.dovecot.sieve.log may reveal additional details) > > I expect that there would be quota calculation errors as dovecot could > not reach the database server, but what worried me was the 'failed to > store into mailbox' message from sieve. The 'Trash' mailbox in this > particular seive script is the correct location for the message to be > filed into, but the worrisome message is the 'failed with unsuccessful > implicit keep'. Dovecot returns temporary failure and the mail should get redelivered. v2.1.9+ has also plugin { quota_ignore_save_errors=yes } setting, which is the default also with v2.2. From tss at iki.fi Wed Nov 7 17:42:29 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:42:29 +0200 Subject: [Dovecot] Modifying mailbox GUIDs? In-Reply-To: <778d2396116c03d4b1d12234846aa12f@horizon.phuph.org> References: <7c0d1aa0d7c1974f917c17290e719788@horizon.phuph.org> <778d2396116c03d4b1d12234846aa12f@horizon.phuph.org> Message-ID: <6B841CE1-CF08-49FD-9E6B-82DF385E20AE@iki.fi> I guess you could do that.. In v2.2 the dsync is smarter and can change the GUID automatically when needed. On 1.11.2012, at 5.13, Faheem Patel wrote: > > > I see that the GUID is actually in readable text on the first line > in "dovecot-uidlist". Is it really as simple as modifying the string > here? > > - Faheem > > On Wed, 31 Oct 2012 22:42:59 -0400, Faheem Patel > wrote: > >> Greetings all, >> >> I can view a mailbox's GUID like so: > doveadm mailbox status -u guid >> >> However, how may I *modify* a > mailbox GUID? Can this be done using doveadm or some other tool? >> >> > If not, how may I go about modifying the dovecot.mailbox.log (where I > assume GUID data is stored)? >> >> My specific use case has to do with > me wanting to modify an existing mailbox's GUID so that its messages are > mirrored into a folder of the same name using "dsync mirror". (As we > know, dsync utilizes GUIDs to determine mailbox uniqueness) >> >> > Thanks! >> >> -- >> - Faheem From tss at iki.fi Wed Nov 7 17:45:58 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:45:58 +0200 Subject: [Dovecot] 2.2.alpha1 (626a9df21e62): LMTP Core Dump In-Reply-To: <20121101102734.GA20126@nihlus.leuxner.net> References: <20121101102734.GA20126@nihlus.leuxner.net> Message-ID: <B896861D-63AD-4356-A7CF-BDBC91AB54F4@iki.fi> On 1.11.2012, at 12.27, Thomas Leuxner wrote: > Nov 1 11:16:14 spectre dovecot: lmtp(17245): Fatal: master: service(lmtp): child 17245 killed with signal 11 (core dumped) .. > #0 0x00007f6174db3d35 in mail_storage_service_lookup (ctx=0x1160640, input=0x7fff905265d0, user_r=<value optimized out>, error_r=<value optimized out>) at mail-storage-service.c:1013 > 1013 mail-storage-service.c: No such file or directory. > in mail-storage-service.c > (gdb) bt full Fixed a few days ago: http://hg.dovecot.org/dovecot-2.2/rev/1ad12af6efe4 From tss at iki.fi Wed Nov 7 17:46:34 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:46:34 +0200 Subject: [Dovecot] No manpage for "doveadm fts" command In-Reply-To: <m2pq3xfkxf.fsf@cone.luannocracy.com> References: <m2pq3xfkxf.fsf@cone.luannocracy.com> Message-ID: <F34F3350-E698-4D5E-A320-1373A2B92C9D@iki.fi> On 1.11.2012, at 16.38, Dave Abrahams wrote: > Just wanted to make sure this issue was registered separately from the > overall confusion I'm exploring in another thread, even though I mention > this there too. Yes, and dsync also needs to be moved into doveadm sync/backup. And some other things. Feel free to write :) From tss at iki.fi Wed Nov 7 17:47:35 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:47:35 +0200 Subject: [Dovecot] Indexing problems In-Reply-To: <m2k3u5ii78.fsf@cone.luannocracy.com> References: <m2k3u5ii78.fsf@cone.luannocracy.com> Message-ID: <8EFED980-1F94-45A2-811B-036EE2DAF48F@iki.fi> On 1.11.2012, at 15.08, Dave Abrahams wrote: > It looks like something is going very wrong here. Any advice? .. > doveadm(dave): Info: [Gmail].All Mail: Caching mails seq=2..231746 > 8000/231745Assertion failed: (numDocsInStore*8 == directory->fileLength( (docStoreSegment + "." + IndexFileNames::FIELDS_INDEX_EXTENSION).c_str() )), function closeDocStore, file /tmp/clucene-gmYE/src/core/CLucene/index/DocumentsWriter.cpp, line 210. > Abort trap: 6 > cone:local dave$ Looks like a bug in CLucene library. Probably nothing I can do about it.. Just delete the lucene-indexes directory and run doveadm fts rescan. From tss at iki.fi Wed Nov 7 17:50:19 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:50:19 +0200 Subject: [Dovecot] "starting" dovecot In-Reply-To: <m2390sfnle.fsf@cone.luannocracy.com> References: <m2zk31gja8.fsf@pluto.luannocracy.com> <m2390sfnle.fsf@cone.luannocracy.com> Message-ID: <2DA5EE7F-8C23-4233-AF51-138C81F3DB8D@iki.fi> On 2.11.2012, at 9.52, Dave Abrahams wrote: > > on Thu Nov 01 2012, Dave Abrahams <dave-AT-boostpro.com> wrote: > >> My system never issues the "dovecot start" command. I do, however, run >> /usr/local/libexec/dovecot/imap on port 9xxx. I talk to the server >> through port 9xxx and through the preauth tunnel. Is this arrangement >> OK? Are there some things that will only work if "dovecot" is invoked? > > In particular, I'm curious because of messages like the one below that I > got from "doveadm search": > > doveadm(dave): Error: net_connect_unix(/usr/local/var/run/dovecot/indexer) failed: No such file or directory > > Is the lack of this (or any other) socket attributable to not having > started dovecot itself? Yes, fts indexing is always done via the indexer process currently. You need dovecot master process running for that. I don't think there are other such things currently. You could patch fts code to not use indexer process, probably a one line change. Except when running that way if two processes try to update the Lucene at the same time you'll get some errors. From tss at iki.fi Wed Nov 7 18:01:25 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 18:01:25 +0200 Subject: [Dovecot] %{ldap:nonExistantAttribut} (was Re: v2.2.alpha1 released) In-Reply-To: <alpine.DEB.1.10.1211051947560.7480@pc-2m63a.inf.fh-bonn-rhein-sieg.de> References: <1351544456.13571.102.camel@hurina> <alpine.DEB.1.10.1211051947560.7480@pc-2m63a.inf.fh-bonn-rhein-sieg.de> Message-ID: <F64A14D2-3C1E-4FA3-90AA-22AD5D4330F8@iki.fi> On 5.11.2012, at 20.58, Steffen Kaiser wrote: > http://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb?highlight=(%25{ldap) > > is the only reference I found so far and the TODO file. > > If the attribute does not exist, there should be a default value, you can specify, e.g.: %{ldap:attrName[,]:default value} . [,] the optional delimiter from the TODO. Where do you see "," as optional delimiter? But yeah, %{ldap:attrName:default} would be simple to do. Attached patch to do it. Let me know if it works. -------------- next part -------------- A non-text attachment was scrubbed... Name: ldap.diff Type: application/octet-stream Size: 1713 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121107/ce3e05b4/attachment-0002.obj> -------------- next part -------------- > Or if the attribute is missing, the rule is ignored. Hmm. What if there are two attributes and one of them exists and the other one doesn't?.. From tss at iki.fi Wed Nov 7 18:03:27 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 18:03:27 +0200 Subject: [Dovecot] LDAP congestion In-Reply-To: <k7alq6$klp$1@ger.gmane.org> References: <k7alq6$klp$1@ger.gmane.org> Message-ID: <A1095E0E-01F9-4746-B7C8-94A3AC915827@iki.fi> On 6.11.2012, at 11.38, Bernhard Schmidt wrote: > I've been asked to have a look at a misbehaving mail server of some > colleagues today where almost all logins where failing or excessively > delayed, while the LDAP database itself was pretty fast. > > They run Dovecot 1.2.11 (yes, I know, stoneage) against an LDAP server > run by a 3rd party, auth_bind=yes (required). The problem is that this > third party LDAP server delays bindResponse 3 seconds when the password > is wrong. A user wanted to login every 2-3 seconds this morning with the > wrong password, which effectively killed the system because the LDAP > connection was mostly stalled waiting for the auth timeout. > > From a previous discussion with Timo I know that bindRequests cannot be > parallelized in LDAP, so the problem does not come completely > unexpected. Other than removing the failure delay in the LDAP server, is > there anything one can do? If there is any change in newer Dovecot > versions about that please tell me so I can encourage them to upgrade, > but I haven't seen anything in the changelog. > > Any way to get several LDAP workers/connections for passdb in parallel? Multiple LDAP connections is in TODO. The only alternative right is to use e.g. checkpassword backend that does the ldap lookup in a script. From tss at iki.fi Wed Nov 7 18:14:44 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 18:14:44 +0200 Subject: [Dovecot] Auth USER lookup failed In-Reply-To: <5098EF95.8060005@um.es> References: <5098EF95.8060005@um.es> Message-ID: <B59A6D06-4809-4F9B-AEA4-426877D426F4@iki.fi> On 6.11.2012, at 13.08, Angel L. Mateo wrote: > Nov 6 11:58:56 myotis30 dovecot: auth: Error: userdb(user1): client doesn't have lookup permissions for this user: userdb uid (113246) doesn't match peer uid (14585) (change userdb socket permissions) .. > I have checked the socket permissions, but they are 0666 (if I'm looking the right socket): > > root at myotis30:/etc/dovecot/conf.d# ls -l /var/run/dovecot/auth-userdb > srwxrwxrwx 1 dovecot root 0 nov 6 11:43 /var/run/dovecot/auth-userdb Nowadays the auth-userdb permissions are 0666, which add the extra check that you can only lookup yourself. Since you're not looking up yourself, you're getting the permission error about it. > In fact, I have tried to put all sockets with permissions 0666 and 0777, but the error persists. If the socket is 0777 this error shouldn't happen. Note that you need to change it from dovecot.conf, chmod doesn't matter after startup anymore. This will probably be helpful in future: http://hg.dovecot.org/dovecot-2.1/rev/c811aab61355 From tss at iki.fi Wed Nov 7 18:18:12 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 18:18:12 +0200 Subject: [Dovecot] acl and subfolder In-Reply-To: <20121107092508.Horde.KXj9QTZfwM9QmhrkNMYwS9A@webmail.iut-tlse3.fr> References: <20121107092508.Horde.KXj9QTZfwM9QmhrkNMYwS9A@webmail.iut-tlse3.fr> Message-ID: <41C6AD30-8F9B-4DFC-8488-618D25F05CA0@iki.fi> On 7.11.2012, at 10.25, Laurent Foucher wrote: > I'm using dovecot 2.0.16 and i would like to use acl for subfolder. The file dovecot-acl is well written in both folder test and the subfolder test/Test : > > cat /home/user2/Maildir/.test.Test/dovecot-acl > user=user1 ilrws > cat /home/user2/Maildir/.test/dovecot-acl > user=user1 ilprws > > When user1 want to list, the folder test is well shown, but not the subfolder test/Test. v2.1 has a nice and helpful "doveadm acl debug" command to tell what is wrong. > imap(user1): Debug: acl: Mailbox not in dovecot-acl-list: Partages/user2/test/Test I guess this is the reason. See if deleting dovecot-acl-list helps. From CMarcus at Media-Brokers.com Wed Nov 7 18:21:38 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 07 Nov 2012 11:21:38 -0500 Subject: [Dovecot] Solr 4.0 - lucene - FTS In-Reply-To: <385519A7-AE91-4C38-94C6-7CD8A957E178@iki.fi> References: <509A5B99.1000900@Media-Brokers.com> <385519A7-AE91-4C38-94C6-7CD8A957E178@iki.fi> Message-ID: <509A8A92.3060801@Media-Brokers.com> On 2012-11-07 10:14 AM, Timo Sirainen <tss at iki.fi> wrote: >> Specifically, any plans for implementing immediate/automatic index updates at delivery time? The lack of automatically updated indexes is one downside for its implementation... > Nothing really prevents from adding that very easily .. I guess it would need a new setting, which is always the most annoying part of small changes.:) I think it would have to have a setting equivalent to doveadm index -n parameter, which allows indexing most users, except those who pretty much never read their emails. So with doveadm index -n 1000 you could set that if the mailbox's \Recent count is over 1000, don't index the mailbox. So .. hmm. I guess two settings would be cleaner: > > plugin { > fts_autoindex = yes > fts_autoindex_max_recent = 1000 > } And this would work in conjunction with (and require) the dovecot LDA / LMTP? -- Best regards, Charles From tss at iki.fi Wed Nov 7 18:29:38 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 18:29:38 +0200 Subject: [Dovecot] Solr 4.0 - lucene - FTS In-Reply-To: <509A8A92.3060801@Media-Brokers.com> References: <509A5B99.1000900@Media-Brokers.com> <385519A7-AE91-4C38-94C6-7CD8A957E178@iki.fi> <509A8A92.3060801@Media-Brokers.com> Message-ID: <13E793E4-68A9-4B82-8D63-BC525C01A233@iki.fi> On 7.11.2012, at 18.21, Charles Marcus wrote: > On 2012-11-07 10:14 AM, Timo Sirainen <tss at iki.fi> wrote: >>> Specifically, any plans for implementing immediate/automatic index updates at delivery time? The lack of automatically updated indexes is one downside for its implementation... >> Nothing really prevents from adding that very easily .. I guess it would need a new setting, which is always the most annoying part of small changes.:) I think it would have to have a setting equivalent to doveadm index -n parameter, which allows indexing most users, except those who pretty much never read their emails. So with doveadm index -n 1000 you could set that if the mailbox's \Recent count is over 1000, don't index the mailbox. So .. hmm. I guess two settings would be cleaner: >> >> plugin { >> fts_autoindex = yes >> fts_autoindex_max_recent = 1000 >> } > > And this would work in conjunction with (and require) the dovecot LDA / LMTP? Yes. For non-Dovecot LDA/LMTP you can already run "doveadm index" after the delivery. Or you could do that already with dovecot-lda as well. From CMarcus at Media-Brokers.com Wed Nov 7 19:12:26 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 07 Nov 2012 12:12:26 -0500 Subject: [Dovecot] Solr 4.0 - lucene - FTS In-Reply-To: <13E793E4-68A9-4B82-8D63-BC525C01A233@iki.fi> References: <509A5B99.1000900@Media-Brokers.com> <385519A7-AE91-4C38-94C6-7CD8A957E178@iki.fi> <509A8A92.3060801@Media-Brokers.com> <13E793E4-68A9-4B82-8D63-BC525C01A233@iki.fi> Message-ID: <509A967A.1050705@Media-Brokers.com> On 2012-11-07 11:29 AM, Timo Sirainen <tss at iki.fi> wrote: > On 7.11.2012, at 18.21, Charles Marcus wrote: > >> On 2012-11-07 10:14 AM, Timo Sirainen<tss at iki.fi> wrote: >>>> Specifically, any plans for implementing immediate/automatic index updates at delivery time? The lack of automatically updated indexes is one downside for its implementation... >>> Nothing really prevents from adding that very easily .. I guess it would need a new setting, which is always the most annoying part of small changes.:) I think it would have to have a setting equivalent to doveadm index -n parameter, which allows indexing most users, except those who pretty much never read their emails. So with doveadm index -n 1000 you could set that if the mailbox's \Recent count is over 1000, don't index the mailbox. So .. hmm. I guess two settings would be cleaner: >>> >>> plugin { >>> fts_autoindex = yes >>> fts_autoindex_max_recent = 1000 >>> } >> And this would work in conjunction with (and require) the dovecot LDA / LMTP? > Yes. For non-Dovecot LDA/LMTP you can already run "doveadm index" after the delivery. Or you could do that already with dovecot-lda as well. Gotcha... just confirming that as long as you were using dovecot LDA/LMTP, index updates would be immediate and not impact system performance. Thanks... looking forward to its implementation someday. ;) -- Best regards, Charles From laurent.foucher at iut-tlse3.fr Wed Nov 7 20:15:14 2012 From: laurent.foucher at iut-tlse3.fr (Laurent Foucher) Date: Wed, 07 Nov 2012 19:15:14 +0100 Subject: [Dovecot] acl and subfolder In-Reply-To: <41C6AD30-8F9B-4DFC-8488-618D25F05CA0@iki.fi> References: <20121107092508.Horde.KXj9QTZfwM9QmhrkNMYwS9A@webmail.iut-tlse3.fr> <41C6AD30-8F9B-4DFC-8488-618D25F05CA0@iki.fi> Message-ID: <20121107191514.Horde.B2lVWjZfwM9QmqUygEaBcaA@webmail.iut-tlse3.fr> ----- Message de Timo Sirainen <tss at iki.fi> --------- Date: Wed, 7 Nov 2012 18:18:12 +0200 De: Timo Sirainen <tss at iki.fi> Objet: Re: [Dovecot] acl and subfolder ?: Laurent Foucher <laurent.foucher at iut-tlse3.fr> Cc: dovecot at dovecot.org > On 7.11.2012, at 10.25, Laurent Foucher wrote: > >> I'm using dovecot 2.0.16 and i would like to use acl for subfolder. >> The file dovecot-acl is well written in both folder test and the >> subfolder test/Test : >> >> cat /home/user2/Maildir/.test.Test/dovecot-acl >> user=user1 ilrws >> cat /home/user2/Maildir/.test/dovecot-acl >> user=user1 ilprws >> >> When user1 want to list, the folder test is well shown, but not the >> subfolder test/Test. > > v2.1 has a nice and helpful "doveadm acl debug" command to tell what > is wrong. > >> imap(user1): Debug: acl: Mailbox not in dovecot-acl-list: >> Partages/user2/test/Test > > I guess this is the reason. See if deleting dovecot-acl-list helps. I deleted dovecot-acl-list and unfortunately my problem persit. -- - Laurent Foucher -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-keys Size: 1703 bytes Desc: Cl? publique PGP URL: <http://dovecot.org/pipermail/dovecot/attachments/20121107/557ff2f4/attachment-0002.bin> From tlx at leuxner.net Wed Nov 7 20:30:59 2012 From: tlx at leuxner.net (Thomas Leuxner) Date: Wed, 7 Nov 2012 19:30:59 +0100 Subject: [Dovecot] 2.2.alpha1 (626a9df21e62): LMTP Core Dump In-Reply-To: <B896861D-63AD-4356-A7CF-BDBC91AB54F4@iki.fi> References: <20121101102734.GA20126@nihlus.leuxner.net> <B896861D-63AD-4356-A7CF-BDBC91AB54F4@iki.fi> Message-ID: <24432423-5D31-479F-950A-39663CB8D5FC@leuxner.net> > On 1.11.2012, at 12.27, Thomas Leuxner wrote: > >> Nov 1 11:16:14 spectre dovecot: lmtp(17245): Fatal: master: service(lmtp): child 17245 killed with signal 11 (core dumped) > .. >> #0 0x00007f6174db3d35 in mail_storage_service_lookup (ctx=0x1160640, input=0x7fff905265d0, user_r=<value optimized out>, error_r=<value optimized out>) at mail-storage-service.c:1013 >> 1013 mail-storage-service.c: No such file or directory. >> in mail-storage-service.c >> (gdb) bt full > > Fixed a few days ago: http://hg.dovecot.org/dovecot-2.2/rev/1ad12af6efe4 Thanks and confirmed. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4364 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121107/be2e2c64/attachment-0002.bin> From dave at boostpro.com Wed Nov 7 21:51:17 2012 From: dave at boostpro.com (Dave Abrahams) Date: Wed, 07 Nov 2012 14:51:17 -0500 Subject: [Dovecot] No manpage for "doveadm fts" command In-Reply-To: <F34F3350-E698-4D5E-A320-1373A2B92C9D@iki.fi> (Timo Sirainen's message of "Wed, 7 Nov 2012 17:46:34 +0200") References: <m2pq3xfkxf.fsf@cone.luannocracy.com> <F34F3350-E698-4D5E-A320-1373A2B92C9D@iki.fi> Message-ID: <m2ip9hxkcq.fsf@dhcp192-1-114-088.bbn.com> on Wed Nov 07 2012, Timo Sirainen <tss-AT-iki.fi> wrote: > On 1.11.2012, at 16.38, Dave Abrahams wrote: > >> Just wanted to make sure this issue was registered separately from the >> overall confusion I'm exploring in another thread, even though I mention >> this there too. > > Yes, and dsync also needs to be moved into doveadm sync/backup. And > some other things. Feel free to write :) I'm still trying to figure out what these things do, which is why I'm looking for a manpage. I'm not exactly in a position to write anything. -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From tony.blue.mailinglist at gmx.de Wed Nov 7 22:48:01 2012 From: tony.blue.mailinglist at gmx.de (tony.blue.mailinglist at gmx.de) Date: Wed, 07 Nov 2012 21:48:01 +0100 Subject: [Dovecot] dovecot-lda not correct folder In-Reply-To: <933B1D72-3DAC-4D5C-88B0-78849B7655D9@iki.fi> References: <508F66A2.7010809@gmx.de> <933B1D72-3DAC-4D5C-88B0-78849B7655D9@iki.fi> Message-ID: <509AC901.4010407@gmx.de> Am 07.11.2012 16:23, schrieb Timo Sirainen: > On 30.10.2012, at 7.33, tony.blue.mailinglist at gmx.de wrote: > > -m optionalfolder, without the dot. Also you may need to set > lda_mailbox_autocreate=yes if it doesn't already exist. Thanks Timo, that was the solution of my problem. From slusarz at curecanti.org Thu Nov 8 00:08:44 2012 From: slusarz at curecanti.org (Michael M Slusarz) Date: Wed, 07 Nov 2012 15:08:44 -0700 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <D418AF48-DAC7-4CF7-BD25-DFEEBCCC89E5@iki.fi> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <CEC36A2A-C750-4DCB-A99C-273E9C562F47@iki.fi> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> <D418AF48-DAC7-4CF7-BD25-DFEEBCCC89E5@iki.fi> Message-ID: <20121107150844.Horde.ZgCuUYF5lbhQmtvsBlqlJvA@bigworm.curecanti.org> Quoting Timo Sirainen <tss at iki.fi>: > On 6.11.2012, at 3.49, Michael J Rubinsky wrote: > > These defines in mail-transaction-log-private.h anyway can be > changed to make it much less likely to see your problem: > > /* Rotate when log is older than ROTATE_TIME and larger than MIN_SIZE */ > #define MAIL_TRANSACTION_LOG_ROTATE_MIN_SIZE (1024*32) > /* If log is larger than MAX_SIZE, rotate regardless of the time */ > #define MAIL_TRANSACTION_LOG_ROTATE_MAX_SIZE (1024*1024) > #define MAIL_TRANSACTION_LOG_ROTATE_TIME (60*5) > > /* Delete .log.2 files older than this many seconds. Don't be too eager, > older files are useful for QRESYNC and dsync. */ > #define MAIL_TRANSACTION_LOG2_STALE_SECS (60*60*24*2) > > Maybe the defaults could be changed.. I'm not sure changing the defaults is a good idea. But if someone does want to use a particular dovecot server as the backend for activesync clients, for example, it would probably make sense to allow these values to be tweaked via the config files. (I can see an organization having a "normal" IMAP server and a "activesync" IMAP server that differ in these details, and also in things like IDLE timeouts). michael From slusarz at curecanti.org Thu Nov 8 00:11:31 2012 From: slusarz at curecanti.org (Michael M Slusarz) Date: Wed, 07 Nov 2012 15:11:31 -0700 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <D418AF48-DAC7-4CF7-BD25-DFEEBCCC89E5@iki.fi> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <CEC36A2A-C750-4DCB-A99C-273E9C562F47@iki.fi> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> <D418AF48-DAC7-4CF7-BD25-DFEEBCCC89E5@iki.fi> Message-ID: <20121107151131.Horde.Tp2zboF5lbhQmtyTFrVVJuA@bigworm.curecanti.org> Quoting Timo Sirainen <tss at iki.fi>: > On 6.11.2012, at 3.49, Michael J Rubinsky wrote: > >>> That would require infinitely storing the modseq of when each message >>> was expunged. Not very nice. Also the RFC talks a lot about this >>> situation. The SELECT command has two optional parameters to optimize >>> it. >> >> The RFC *does* indicate that a server implementation could, >> strictly speaking, be considered in compliance without remembering >> modsequences for all expunged messages, but it does explicitly >> discourage such implementations. From RFC 5162 [4.1]: >> >> Strictly speaking, a server implementation that doesn't remember mod- >> sequences associated with expunged messages can be considered >> compliant with this specification. Such implementations return all >> expunged messages specified in the UID set of the UID FETCH >> (VANISHED) command every time, without paying attention to the >> specified CHANGEDSINCE mod-sequence. Such implementations are >> discouraged, as they can end up returning VANISHED responses that are >> bigger than the result of a UID SEARCH command for the same UID set. > > This is talking about a server that doesn't permanently remember ANY > modseqs for expunges. Dovecot remembers them, not not infinitely. > >> It also gives advice to avoid infinitely storing the modsequences >> such as "expiring" sequences associated with older expunged >> messages, but assigning a single modsequence value to all of the >> expired expunged messages. > > Dovecot behaves as the section 4.3 describes. Note especially: > > Note that indefinitely storing information about expunged messages > can cause storage and related problems for an implementation. > .. > Hence, implementations are encouraged to adopt strategies to protect > against such storage problems, such as limiting the size of the queue > used to store mod-sequences for expunged messages and "expiring" > older records when this limit is reached. When the selected > implementation-specific queue limit is reached, the oldest record(s) > are deleted from the queue (note that such records are located at the > queue head). For all such "expired" records, the server needs to > store a single mod-sequence, which is the highest mod-sequence for > all "expired" expunged messages. > > This is exactly what Dovecot does. There is a single modseq > associated with all the previously expunged messages. If you try to > request expunges for that modseq, it returns all of the expunged > messages, which is what you're seeing as a problem. I see your point, but the problem is that is not intuitive when reading the RFC. One part of the RFC defines the behavior of VANISHED (EARLIER) as only returning changes since the mod-sequence given. And you are correct that another part of the RFC says that, essentially, a server is allowed to break this required response. I'm thinking that this is more of an issue with the way the RFC is written. I'll move this over to the imap protocol list to get further input. michael From tss at iki.fi Thu Nov 8 00:23:37 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 8 Nov 2012 00:23:37 +0200 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <20121107150844.Horde.ZgCuUYF5lbhQmtvsBlqlJvA@bigworm.curecanti.org> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <CEC36A2A-C750-4DCB-A99C-273E9C562F47@iki.fi> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> <D418AF48-DAC7-4CF7-BD25-DFEEBCCC89E5@iki.fi> <20121107150844.Horde.ZgCuUYF5lbhQmtvsBlqlJvA@bigworm.curecanti.org> Message-ID: <21244A16-773D-42E2-A2C4-2366F51006D1@iki.fi> On 8.11.2012, at 0.08, Michael M Slusarz wrote: >> These defines in mail-transaction-log-private.h anyway can be changed to make it much less likely to see your problem: >> >> /* Rotate when log is older than ROTATE_TIME and larger than MIN_SIZE */ >> #define MAIL_TRANSACTION_LOG_ROTATE_MIN_SIZE (1024*32) >> /* If log is larger than MAX_SIZE, rotate regardless of the time */ >> #define MAIL_TRANSACTION_LOG_ROTATE_MAX_SIZE (1024*1024) >> #define MAIL_TRANSACTION_LOG_ROTATE_TIME (60*5) >> >> /* Delete .log.2 files older than this many seconds. Don't be too eager, >> older files are useful for QRESYNC and dsync. */ >> #define MAIL_TRANSACTION_LOG2_STALE_SECS (60*60*24*2) >> >> Maybe the defaults could be changed.. > > I'm not sure changing the defaults is a good idea. But if someone does want to use a particular dovecot server as the backend for activesync clients, for example, it would probably make sense to allow these values to be tweaked via the config files. (I can see an organization having a "normal" IMAP server and a "activesync" IMAP server that differ in these details, and also in things like IDLE timeouts). Well .. I hate adding more settings. :) There are way too many already. Ideally Dovecot would automatically do the right thing anyway. Just like it already caches only those things that are needed. It could also increase these values when QRESYNC is used, or even better to actually have the separate expunge log that I mentioned. From slusarz at curecanti.org Thu Nov 8 00:34:39 2012 From: slusarz at curecanti.org (Michael M Slusarz) Date: Wed, 07 Nov 2012 15:34:39 -0700 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <20121107151131.Horde.Tp2zboF5lbhQmtyTFrVVJuA@bigworm.curecanti.org> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <CEC36A2A-C750-4DCB-A99C-273E9C562F47@iki.fi> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> <D418AF48-DAC7-4CF7-BD25-DFEEBCCC89E5@iki.fi> <20121107151131.Horde.Tp2zboF5lbhQmtyTFrVVJuA@bigworm.curecanti.org> Message-ID: <20121107153439.Horde.5pF3bIF5lbhQmuH-kqfFJuA@bigworm.curecanti.org> Quoting Michael M Slusarz <slusarz at curecanti.org>: > I see your point, but the problem is that is not intuitive when > reading the RFC. One part of the RFC defines the behavior of > VANISHED (EARLIER) as only returning changes since the mod-sequence > given. And you are correct that another part of the RFC says that, > essentially, a server is allowed to break this required response. > > I'm thinking that this is more of an issue with the way the RFC is > written. I'll move this over to the imap protocol list to get > further input. Sigh. Never mind. For some reason, I completely ignored (missed?) this part of the RFC: Note: A server that receives a mod-sequence smaller than <minmodseq>, where <minmodseq> is the value of the smallest expunged mod-sequence it remembers minus one, MUST behave as if it was requested to report all expunged messages from the provided UID set parameter. So you are right, I was wrong, and the world is good. michael From tss at iki.fi Thu Nov 8 00:41:04 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 8 Nov 2012 00:41:04 +0200 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <20121107153439.Horde.5pF3bIF5lbhQmuH-kqfFJuA@bigworm.curecanti.org> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <CEC36A2A-C750-4DCB-A99C-273E9C562F47@iki.fi> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> <D418AF48-DAC7-4CF7-BD25-DFEEBCCC89E5@iki.fi> <20121107151131.Horde.Tp2zboF5lbhQmtyTFrVVJuA@bigworm.curecanti.org> <20121107153439.Horde.5pF3bIF5lbhQmuH-kqfFJuA@bigworm.curecanti.org> Message-ID: <2A0F5B1A-190E-469A-B52F-43969E49B9F3@iki.fi> On 8.11.2012, at 0.34, Michael M Slusarz wrote: > Quoting Michael M Slusarz <slusarz at curecanti.org>: > >> I see your point, but the problem is that is not intuitive when reading the RFC. One part of the RFC defines the behavior of VANISHED (EARLIER) as only returning changes since the mod-sequence given. And you are correct that another part of the RFC says that, essentially, a server is allowed to break this required response. >> >> I'm thinking that this is more of an issue with the way the RFC is written. I'll move this over to the imap protocol list to get further input. > > Sigh. Never mind. For some reason, I completely ignored (missed?) this part of the RFC: > > Note: A server that receives a mod-sequence smaller than <minmodseq>, > where <minmodseq> is the value of the smallest expunged mod-sequence > it remembers minus one, MUST behave as if it was requested to report > all expunged messages from the provided UID set parameter. > > So you are right, I was wrong, and the world is good. I wonder how much would it help if you a) Used the uidset/seqset parameters with SELECT command and optionally b) Dovecot implemented it slightly better than required by RFC: http://www.ietf.org/mail-archive/web/lemonade/current/msg04771.html From slusarz at curecanti.org Thu Nov 8 00:41:48 2012 From: slusarz at curecanti.org (Michael M Slusarz) Date: Wed, 07 Nov 2012 15:41:48 -0700 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <21244A16-773D-42E2-A2C4-2366F51006D1@iki.fi> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <CEC36A2A-C750-4DCB-A99C-273E9C562F47@iki.fi> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> <D418AF48-DAC7-4CF7-BD25-DFEEBCCC89E5@iki.fi> <20121107150844.Horde.ZgCuUYF5lbhQmtvsBlqlJvA@bigworm.curecanti.org> <21244A16-773D-42E2-A2C4-2366F51006D1@iki.fi> Message-ID: <20121107154148.Horde.poUtfYF5lbhQmuOsHYn1JuA@bigworm.curecanti.org> Quoting Timo Sirainen <tss at iki.fi>: > On 8.11.2012, at 0.08, Michael M Slusarz wrote: > >> I'm not sure changing the defaults is a good idea. But if someone >> does want to use a particular dovecot server as the backend for >> activesync clients, for example, it would probably make sense to >> allow these values to be tweaked via the config files. (I can see >> an organization having a "normal" IMAP server and a "activesync" >> IMAP server that differ in these details, and also in things like >> IDLE timeouts). > > Well .. I hate adding more settings. :) There are way too many > already. Ideally Dovecot would automatically do the right thing > anyway. Just like it already caches only those things that are > needed. It could also increase these values when QRESYNC is used, or > even better to actually have the separate expunge log that I > mentioned. Thinking about this more, this can really all be handled by proper MUA design. In short, it is never a good idea to send a '1:*' UID range to a VANISHED CHANGEDSINCE FETCH. It remains a reasonable MUA design decision to not send the actual cached UID list to the FETCH command: if this cached UID list is thousands of messages long, obtaining this list, (optionally) sequence set compressing, and sending via the command may take more time/resources than it saves. But a MUA should, at a minimum, keep track of the minimum UID it is aware of in order to limit the possible response. This is a trivial amount of extra overhead and would prevent a large number of spurious VANISHED UIDs to need to be traversed. michael From slusarz at curecanti.org Thu Nov 8 01:14:18 2012 From: slusarz at curecanti.org (Michael M Slusarz) Date: Wed, 07 Nov 2012 16:14:18 -0700 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <2A0F5B1A-190E-469A-B52F-43969E49B9F3@iki.fi> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <CEC36A2A-C750-4DCB-A99C-273E9C562F47@iki.fi> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> <D418AF48-DAC7-4CF7-BD25-DFEEBCCC89E5@iki.fi> <20121107151131.Horde.Tp2zboF5lbhQmtyTFrVVJuA@bigworm.curecanti.org> <20121107153439.Horde.5pF3bIF5lbhQmuH-kqfFJuA@bigworm.curecanti.org> <2A0F5B1A-190E-469A-B52F-43969E49B9F3@iki.fi> Message-ID: <20121107161418.Horde.W3tHNoF5lbhQmutKaM-FJxA@bigworm.curecanti.org> Quoting Timo Sirainen <tss at iki.fi>: > On 8.11.2012, at 0.34, Michael M Slusarz wrote: > >> Quoting Michael M Slusarz <slusarz at curecanti.org>: >> >>> I see your point, but the problem is that is not intuitive when >>> reading the RFC. One part of the RFC defines the behavior of >>> VANISHED (EARLIER) as only returning changes since the >>> mod-sequence given. And you are correct that another part of the >>> RFC says that, essentially, a server is allowed to break this >>> required response. >>> >>> I'm thinking that this is more of an issue with the way the RFC is >>> written. I'll move this over to the imap protocol list to get >>> further input. >> >> Sigh. Never mind. For some reason, I completely ignored (missed?) >> this part of the RFC: >> >> Note: A server that receives a mod-sequence smaller than <minmodseq>, >> where <minmodseq> is the value of the smallest expunged mod-sequence >> it remembers minus one, MUST behave as if it was requested to report >> all expunged messages from the provided UID set parameter. >> >> So you are right, I was wrong, and the world is good. > > I wonder how much would it help if you > > a) Used the uidset/seqset parameters with SELECT command We *do* use this information. However, this is not (necessarily) useful for the activesync query that was the genesis of this thread. A bit of background on our MUA design is necessary. For Horde/IMP, all IMAP server configuration is done through the IMP application. As part of this configuration, a cache backend can be configured. There are multiple potential users of this IMAP object. Within IMP itself, multiple sessions can be open at any one time. Additionally, several views of IMP, our dynamic view and our smartmobile view, have another cache of messages kept on the browser side. Finally, the ActiveSync library also uses the IMAP object configured by IMP. Anytime the IMAP object is accessed, we are syncing the mailbox with the IMP-configured cache. For QRESYNC, we use the SELECT/EXAMINE uidset parameter. The problem is that any particular view may not be sync'd to the same state as the IMP cache. For example, if someone is using the web application and their phone is syncing via ActiveSync, it is quite likely that the activesync cached mod-sequence value will NOT equal the IMP cached mod-sequence value. So this is when explicitly calling FETCH VANISHED CHANGEDSINCE is needed. The good news: once we get the CHANGEDSINCE FETCH information, we don't need to do a separate flags sync since this information has already been cached within the IMAP object (via either the CHANGEDSINCE call or, more likely, a previous FETCH call in another session). Further optimization: in the case where the original QRESYNC/CONDSTORE sync matches the mod-sequence of whatever object/view is accessing the IMAP object, which should be the most common occurrence, there is no need to perform any additional FETCH/SEARCH calls since we cache the results of the initial mailbox sync and return this data. Might be a long-winded explanation, but just wanted to show why FETCH VANISHED CHANGEDSINCE MUST be used by a client even if taking advantage of QRESYNC SELECT/EXAMINE syncing. In other words - I'd like to think that my imap implementation is not broken :) > b) Dovecot implemented it slightly better than required by RFC: > http://www.ietf.org/mail-archive/web/lemonade/current/msg04771.html I spent a week or so trying to cache message sequence number -> UID mapping. And determined it was more trouble than it was worth. The gains from more compact VANISHED responses in SELECT/EXAMINE are minimal compared to the expense to track them. And the only other reason for tracking - the possibility that EXPUNGEs return EXPUNGED responses instead of VANISHED if the UIDs of the actually expunged messages are needed - can be worked around by doing a UID SEARCH call after the EXPUNGE is over and comparing to the list of UIDs that were given to UID EXPUNGE (with the further optimization that I cache MSN->UID while in a mailbox, which should catch the "STORE (\Deleted)/EXPUNGE" common when using a Trash mailbox or immediate message deletion). Unless I am missing something else that MSNs are necessary? michael From massimiliano at cianelli.eu Thu Nov 8 01:24:38 2012 From: massimiliano at cianelli.eu (Massimiliano Cianelli) Date: Thu, 08 Nov 2012 00:24:38 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. Message-ID: <n2ks0xmebooc8ajg4t5bijon.1352328640116@email.android.com> Hi, Yes w/o prefix work as expected, try to add a prefix like courier does (eg. Inbox.) It will not work as expected. Due I'm upgrading an old installed server, I've to keep everything as much transparent I can... it includes IMAP folder and subscription. Looking at that I've encountered that issue, and analyzed for fix it (thank you open source), not everyone will want to use/use k9.. but you can be 100% sure the stock client is there. Due that Google act like BlackBerry, Microsoft,etc.. (hovewer they will not fix it soon, or really respect the rfc), it's much simple add Namespace on prelogin banner then wait or have to tell someone to install another client for that mailbox. I didn't know the history, but looking at change log seems that idle as been put back to prelogin client for some kind of compatibility with their service. Anyway, the most important reason that got me to subscribe the mailing list for write those emails, is share with the community that problem and provide a solution.. for someone in the future that have the same problem and will search on internet for a solution (like I've does.. before analyze it on my own). If the workaround will be added to the wiki or will be put in the source.. the important thing is that there is a solution simple and fast (two.. the source modify, and the configuration file) and someone can find it.. (Sarcastic) And if the mayans were right we can't wait for google to fix it :p Best Regards Sent from Galaxy Nexus Robert Schetterer <rs at sys4.de> ha scritto: >Am 07.11.2012 08:13, schrieb Massimiliano Cianelli: >> Hello, >> >> My phone: >> Android ics 4.1.2 on galaxy nexus. >> And yes, stock mean the default client that come with the os in IMAP mode. >> >> I already know about that configuration parameter, but it will display two time namespace in postlogin capabilities, and so I like much more to adjust the source code to fix the issue. >> >> Yes there is k9 but I didn't like it too much, I prefer the stock client and is much important to keep compatibility with stock client then user-installed client. >> >> About the issue on Google code, there is thr issue on google code... but Google is a lot slow in fixing those things. >> http://code.google.com/p/android/issues/detail?id=1811 >> >> In a few hour I'll update the issue noticing where is hidden the problem. >> >> Regards >> Sent from Galaxy Nexus > >Hi , i shortly tested this with android sdk jelly bean 4.1.1 and "my >setup" dovecot 2.1.10 with included orginal android mail app in imap mode, >,leaving IMAP prefix blank, everything works as expected, no double >shown inbox, namespace problems etc >so you might have to fit your namespace setup. >Also you might follow allready given advice from here. > >Anyway , i understand you using "stock client" >but you have to understand that the producers of mail clients >optimize their stuff fitting best in their own server structure >making money with it, therefor their motivation coding better imap code >is not very high, same case is for outlook and microsoft >however, i would say, fixing bugs is on the google site here, looks like >there is patch >at >http://code.google.com/p/android/issues/detail?id=1811 >and the issue seems long known > >i dont see any hard relation to dovecot in this case >meanwhile using k9mail seems the best way to workaround >there are lots of other bugs around android versions >over the years i dont expect google to fix them > > >> >> Robert Schetterer <rs at sys4.de> ha scritto: >> >>> Am 06.11.2012 07:08, schrieb Ben Morrow: >>>> At 6AM +0100 on 6/11/12 you (Massimiliano Cianelli) wrote: >>>>> Hi, >>>>> >>>>> My setup: >>>>> Dovecot 2 latest, installed to replace courrier IMAP, and off course >>>>> configured with the dot separator and all folder under INBOX.*. >>>>> >>>>> The problem: >>>>> My phone was driving me mad during the test, due that it will only >>>>> recognize Inbox. >>>>> >>>>> How found the solution: >>>>> I've started sniffing IMAP traffic on my server and ended up with one >>>>> difference: >>>>> On courier it ask for namespace, on dovecot it won't. >>>>> >>>>> I gives a better look, and noticed that courier show namespace >>>>> capability on prelogin banner, adding it too solved the problem. >>>>> >>>>> Reason: >>>>> Android ICS stock client seems do not honor the capability gived after >>>>> the login. >>>> >>>> See http://wiki2.dovecot.org/Upgrading/2.0?highlight=%28capability%29 ; >>>> you need to set imap_capability and/or get your client fixed. >>>> >>>> Ben >>>> >>> >>> Hi, first ,what is the exact meaning of >>> >>> "Android ICS stock client" >>> >>> do you mean default included email client in standard android in imap >>> mode, when yes, which version of Android , i like to test my own >>> however is there changelog/code etc at google for this behave? >>> >>> conf example >>> >>> # Override the IMAP CAPABILITY response. If the value begins with '+', >>> # add the given capabilities on top of the defaults (e.g. +XFOO XBAR). >>> #imap_capability = >>> >>> setting stuff here might be complex , or lead to trouble with other >>> clients, if setting this might fix problems ,with clients it should be >>> advised in the wiki/example-conf and/or Timo >>> >>> or the other way ,for massive used clients there should be >>> a seperate workaround section in the conf >>> >>> But fixing behave clients should be prime option anyway >>> >>> Meanwhile use K9mail in Android as best free option in imap mode servers >>> >>> Best Regards >>> MfG Robert Schetterer >>> >>> -- >>> [*] sys4 AG >>> >>> http://sys4.de, +49 (89) 30 90 46 64 >>> Franziskanerstra?e 15, 81669 M?nchen >>> >>> Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 >>> Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer >>> Aufsichtsratsvorsitzender: Joerg Heidrich > > > >Best Regards >MfG Robert Schetterer > >-- >[*] sys4 AG > >http://sys4.de, +49 (89) 30 90 46 64 >Franziskanerstra?e 15, 81669 M?nchen > >Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 >Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer >Aufsichtsratsvorsitzender: Joerg Heidrich From tss at iki.fi Thu Nov 8 01:42:17 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 8 Nov 2012 01:42:17 +0200 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: <n2ks0xmebooc8ajg4t5bijon.1352328640116@email.android.com> References: <n2ks0xmebooc8ajg4t5bijon.1352328640116@email.android.com> Message-ID: <DC1B4E39-DC89-47DB-842A-8D08DF082494@iki.fi> On 8.11.2012, at 1.24, Massimiliano Cianelli wrote: > Due that Google act like BlackBerry, Microsoft,etc.. (hovewer they will not fix it soon, or really respect the rfc), it's much simple add Namespace on prelogin banner then wait or have to tell someone to install another client for that mailbox. > > I didn't know the history, but looking at change log seems that idle as been put back to prelogin client for some kind of compatibility with their service. Luckily the big ones only needed IDLE to work. I'm hoping to avoid adding anything else. And Dovecot is currently the most widely used IMAP server, so I think there's a good chance of client developers actually fixing their clients. From massimiliano at cianelli.eu Thu Nov 8 01:48:57 2012 From: massimiliano at cianelli.eu (Massimiliano Cianelli) Date: Thu, 08 Nov 2012 00:48:57 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: <DC1B4E39-DC89-47DB-842A-8D08DF082494@iki.fi> References: <n2ks0xmebooc8ajg4t5bijon.1352328640116@email.android.com> <DC1B4E39-DC89-47DB-842A-8D08DF082494@iki.fi> Message-ID: <3b757e0a-bc1a-48af-a4b3-582a886e650b@email.android.com> I've noticed an error in my sentence about the change log, it was referred to blackberry.. not to Google Google need only 'namespace', I will try to update the issue (due that every IMAP server that will respect the rfc will not work as expected in that condition).. pointing the problem on post login capability... and we will see when Google will want to fix it. Regards Timo Sirainen <tss at iki.fi> ha scritto: >On 8.11.2012, at 1.24, Massimiliano Cianelli wrote: > >> Due that Google act like BlackBerry, Microsoft,etc.. (hovewer they >will not fix it soon, or really respect the rfc), it's much simple add >Namespace on prelogin banner then wait or have to tell someone to >install another client for that mailbox. >> >> I didn't know the history, but looking at change log seems that idle >as been put back to prelogin client for some kind of compatibility with >their service. > >Luckily the big ones only needed IDLE to work. I'm hoping to avoid >adding anything else. > >And Dovecot is currently the most widely used IMAP server, so I think >there's a good chance of client developers actually fixing their >clients. -- testing k9 From tss at iki.fi Thu Nov 8 01:55:33 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 8 Nov 2012 01:55:33 +0200 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: <3b757e0a-bc1a-48af-a4b3-582a886e650b@email.android.com> References: <n2ks0xmebooc8ajg4t5bijon.1352328640116@email.android.com> <DC1B4E39-DC89-47DB-842A-8D08DF082494@iki.fi> <3b757e0a-bc1a-48af-a4b3-582a886e650b@email.android.com> Message-ID: <88042DDA-00C2-4143-86C5-CD6B62D397AD@iki.fi> Even gmail itself isn't advertising all capabilities before login: * CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA ID XLIST CHILDREN X-GM-EXT-1 XYZZY SASL-IR AUTH=XOAUTH AUTH=XOAUTH2 vs. * CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA ID XLIST CHILDREN X-GM-EXT-1 UIDPLUS COMPRESS=DEFLATE UIDPLUS especially has been very widely used long before gmail. I guess they also don't want to advertise unnecessary capabilities before login and have determined that all the important clients supporting UIDPLUS support receiving after it post-login. On 8.11.2012, at 1.48, Massimiliano Cianelli wrote: > I've noticed an error in my sentence about the change log, it was referred to blackberry.. not to Google > > Google need only 'namespace', I will try to update the issue (due that every IMAP server that will respect the rfc will not work as expected in that condition).. pointing the problem on post login capability... and we will see when Google will want to fix it. > > Regards > > Timo Sirainen <tss at iki.fi> ha scritto: > >> On 8.11.2012, at 1.24, Massimiliano Cianelli wrote: >> >>> Due that Google act like BlackBerry, Microsoft,etc.. (hovewer they >> will not fix it soon, or really respect the rfc), it's much simple add >> Namespace on prelogin banner then wait or have to tell someone to >> install another client for that mailbox. >>> >>> I didn't know the history, but looking at change log seems that idle >> as been put back to prelogin client for some kind of compatibility with >> their service. >> >> Luckily the big ones only needed IDLE to work. I'm hoping to avoid >> adding anything else. >> >> And Dovecot is currently the most widely used IMAP server, so I think >> there's a good chance of client developers actually fixing their >> clients. > > -- testing k9 > From massimiliano at cianelli.eu Thu Nov 8 02:01:49 2012 From: massimiliano at cianelli.eu (Massimiliano Cianelli) Date: Thu, 08 Nov 2012 01:01:49 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: <88042DDA-00C2-4143-86C5-CD6B62D397AD@iki.fi> References: <n2ks0xmebooc8ajg4t5bijon.1352328640116@email.android.com> <DC1B4E39-DC89-47DB-842A-8D08DF082494@iki.fi> <3b757e0a-bc1a-48af-a4b3-582a886e650b@email.android.com> <88042DDA-00C2-4143-86C5-CD6B62D397AD@iki.fi> Message-ID: <a7e99d4d-2566-4b50-bdf0-838b0e77b729@email.android.com> Yes, but namespace is in prelogin... and anyway they will say that the team which will make the gmail app is different then the email app. IMHO there is only a commercial reason.. keep people use gmail and force company and private to use Google apps... in that way they will not have issue and have push delivery (also called IMAP idle that is not supported). Timo Sirainen <tss at iki.fi> ha scritto: >Even gmail itself isn't advertising all capabilities before login: > >* CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA ID XLIST CHILDREN >X-GM-EXT-1 XYZZY SASL-IR AUTH=XOAUTH AUTH=XOAUTH2 > >vs. > >* CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA ID XLIST CHILDREN >X-GM-EXT-1 UIDPLUS COMPRESS=DEFLATE > >UIDPLUS especially has been very widely used long before gmail. I guess >they also don't want to advertise unnecessary capabilities before login >and have determined that all the important clients supporting UIDPLUS >support receiving after it post-login. > >On 8.11.2012, at 1.48, Massimiliano Cianelli wrote: > >> I've noticed an error in my sentence about the change log, it was >referred to blackberry.. not to Google >> >> Google need only 'namespace', I will try to update the issue (due >that every IMAP server that will respect the rfc will not work as >expected in that condition).. pointing the problem on post login >capability... and we will see when Google will want to fix it. >> >> Regards >> >> Timo Sirainen <tss at iki.fi> ha scritto: >> >>> On 8.11.2012, at 1.24, Massimiliano Cianelli wrote: >>> >>>> Due that Google act like BlackBerry, Microsoft,etc.. (hovewer they >>> will not fix it soon, or really respect the rfc), it's much simple >add >>> Namespace on prelogin banner then wait or have to tell someone to >>> install another client for that mailbox. >>>> >>>> I didn't know the history, but looking at change log seems that >idle >>> as been put back to prelogin client for some kind of compatibility >with >>> their service. >>> >>> Luckily the big ones only needed IDLE to work. I'm hoping to avoid >>> adding anything else. >>> >>> And Dovecot is currently the most widely used IMAP server, so I >think >>> there's a good chance of client developers actually fixing their >>> clients. >> >> -- testing k9 >> -- Inviato dal mio cellulare Android con K-9 Mail. From tss at iki.fi Thu Nov 8 02:10:33 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 8 Nov 2012 02:10:33 +0200 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: <a7e99d4d-2566-4b50-bdf0-838b0e77b729@email.android.com> References: <n2ks0xmebooc8ajg4t5bijon.1352328640116@email.android.com> <DC1B4E39-DC89-47DB-842A-8D08DF082494@iki.fi> <3b757e0a-bc1a-48af-a4b3-582a886e650b@email.android.com> <88042DDA-00C2-4143-86C5-CD6B62D397AD@iki.fi> <a7e99d4d-2566-4b50-bdf0-838b0e77b729@email.android.com> Message-ID: <3A1F6CA1-423F-4DF7-905C-9B161463D024@iki.fi> Yes, different teams, but I think Google is still a lot more reasonable company to deal with things like this than Microsoft. Although surprisingly even Microsoft appears to support SPECIAL-USE in the next Outlook(?) client. On 8.11.2012, at 2.01, Massimiliano Cianelli wrote: > Yes, but namespace is in prelogin... and anyway they will say that the team which will make the gmail app is different then the email app. > > IMHO there is only a commercial reason.. keep people use gmail and force company and private to use Google apps... in that way they will not have issue and have push delivery (also called IMAP idle that is not supported). > > Timo Sirainen <tss at iki.fi> ha scritto: > >> Even gmail itself isn't advertising all capabilities before login: >> >> * CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA ID XLIST CHILDREN >> X-GM-EXT-1 XYZZY SASL-IR AUTH=XOAUTH AUTH=XOAUTH2 >> >> vs. >> >> * CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA ID XLIST CHILDREN >> X-GM-EXT-1 UIDPLUS COMPRESS=DEFLATE >> >> UIDPLUS especially has been very widely used long before gmail. I guess >> they also don't want to advertise unnecessary capabilities before login >> and have determined that all the important clients supporting UIDPLUS >> support receiving after it post-login. >> >> On 8.11.2012, at 1.48, Massimiliano Cianelli wrote: >> >>> I've noticed an error in my sentence about the change log, it was >> referred to blackberry.. not to Google >>> >>> Google need only 'namespace', I will try to update the issue (due >> that every IMAP server that will respect the rfc will not work as >> expected in that condition).. pointing the problem on post login >> capability... and we will see when Google will want to fix it. >>> >>> Regards >>> >>> Timo Sirainen <tss at iki.fi> ha scritto: >>> >>>> On 8.11.2012, at 1.24, Massimiliano Cianelli wrote: >>>> >>>>> Due that Google act like BlackBerry, Microsoft,etc.. (hovewer they >>>> will not fix it soon, or really respect the rfc), it's much simple >> add >>>> Namespace on prelogin banner then wait or have to tell someone to >>>> install another client for that mailbox. >>>>> >>>>> I didn't know the history, but looking at change log seems that >> idle >>>> as been put back to prelogin client for some kind of compatibility >> with >>>> their service. >>>> >>>> Luckily the big ones only needed IDLE to work. I'm hoping to avoid >>>> adding anything else. >>>> >>>> And Dovecot is currently the most widely used IMAP server, so I >> think >>>> there's a good chance of client developers actually fixing their >>>> clients. >>> >>> -- testing k9 >>> > > -- Inviato dal mio cellulare Android con K-9 Mail. From massimiliano at cianelli.eu Thu Nov 8 02:18:48 2012 From: massimiliano at cianelli.eu (Massimiliano Cianelli) Date: Thu, 08 Nov 2012 01:18:48 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: <3A1F6CA1-423F-4DF7-905C-9B161463D024@iki.fi> References: <n2ks0xmebooc8ajg4t5bijon.1352328640116@email.android.com> <DC1B4E39-DC89-47DB-842A-8D08DF082494@iki.fi> <3b757e0a-bc1a-48af-a4b3-582a886e650b@email.android.com> <88042DDA-00C2-4143-86C5-CD6B62D397AD@iki.fi> <a7e99d4d-2566-4b50-bdf0-838b0e77b729@email.android.com> <3A1F6CA1-423F-4DF7-905C-9B161463D024@iki.fi> Message-ID: <da6b3938-5081-43c1-ab67-bd60dea8e6a9@email.android.com> If you give a look to Google code there are a lot of important bugs keep open from years. I like a lot android... but they have to spent a little more on it. Only in that way it will be the best mobile os around. Now it have some goods and some bads things.. like every os around us.. the only big good thing... it is open. Timo Sirainen <tss at iki.fi> ha scritto: >Yes, different teams, but I think Google is still a lot more reasonable >company to deal with things like this than Microsoft. Although >surprisingly even Microsoft appears to support SPECIAL-USE in the next >Outlook(?) client. > >On 8.11.2012, at 2.01, Massimiliano Cianelli wrote: > >> Yes, but namespace is in prelogin... and anyway they will say that >the team which will make the gmail app is different then the email app. >> >> IMHO there is only a commercial reason.. keep people use gmail and >force company and private to use Google apps... in that way they will >not have issue and have push delivery (also called IMAP idle that is >not supported). >> >> Timo Sirainen <tss at iki.fi> ha scritto: >> >>> Even gmail itself isn't advertising all capabilities before login: >>> >>> * CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA ID XLIST >CHILDREN >>> X-GM-EXT-1 XYZZY SASL-IR AUTH=XOAUTH AUTH=XOAUTH2 >>> >>> vs. >>> >>> * CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA ID XLIST >CHILDREN >>> X-GM-EXT-1 UIDPLUS COMPRESS=DEFLATE >>> >>> UIDPLUS especially has been very widely used long before gmail. I >guess >>> they also don't want to advertise unnecessary capabilities before >login >>> and have determined that all the important clients supporting >UIDPLUS >>> support receiving after it post-login. >>> >>> On 8.11.2012, at 1.48, Massimiliano Cianelli wrote: >>> >>>> I've noticed an error in my sentence about the change log, it was >>> referred to blackberry.. not to Google >>>> >>>> Google need only 'namespace', I will try to update the issue (due >>> that every IMAP server that will respect the rfc will not work as >>> expected in that condition).. pointing the problem on post login >>> capability... and we will see when Google will want to fix it. >>>> >>>> Regards >>>> >>>> Timo Sirainen <tss at iki.fi> ha scritto: >>>> >>>>> On 8.11.2012, at 1.24, Massimiliano Cianelli wrote: >>>>> >>>>>> Due that Google act like BlackBerry, Microsoft,etc.. (hovewer >they >>>>> will not fix it soon, or really respect the rfc), it's much simple >>> add >>>>> Namespace on prelogin banner then wait or have to tell someone to >>>>> install another client for that mailbox. >>>>>> >>>>>> I didn't know the history, but looking at change log seems that >>> idle >>>>> as been put back to prelogin client for some kind of compatibility >>> with >>>>> their service. >>>>> >>>>> Luckily the big ones only needed IDLE to work. I'm hoping to avoid >>>>> adding anything else. >>>>> >>>>> And Dovecot is currently the most widely used IMAP server, so I >>> think >>>>> there's a good chance of client developers actually fixing their >>>>> clients. >>>> >>>> -- testing k9 >>>> >> >> -- Inviato dal mio cellulare Android con K-9 Mail. Sent from Galaxy Nexus From calestyo at scientia.net Thu Nov 8 04:57:19 2012 From: calestyo at scientia.net (Christoph Anton Mitterer) Date: Thu, 08 Nov 2012 03:57:19 +0100 Subject: [Dovecot] maildir and end-of-line encoding In-Reply-To: <A52B651B-B5D8-4B16-9A79-4231CAAD4ECD@iki.fi> References: <1351648223.24721.4.camel@fermat.scientia.net> <A52B651B-B5D8-4B16-9A79-4231CAAD4ECD@iki.fi> Message-ID: <1352343439.5059.202.camel@fermat.scientia.net> On Wed, 2012-11-07 at 17:33 +0200, Timo Sirainen wrote: > Dovecot automatically adds CRs where necessary. Even within the same file there can be mixed LF/CRLF lines. Can you detail this a bit, or point me to the specific code areas? 1) Is only CR added? Or also LF? 2) What happens e.g. when LFCR is found? Is that then "doubled" to CRLFCR or even CRLFCRLF? 3) When does it "add" these chars? Only when using dovecot-lda? Or also when some other MDA places files into e.g. a maildir? I did some reading on the RFC 5322 which says: - new mails must not have single CR or LF, both may only occur as CRL - but from the previous RFCs, it allows existing messages to have CR and LF alone, in which case they are not newlines as CRLF, but rather the CR and LF characters in the their meaning as control characters. 4) So from that point of view... automatic conversion may actually "corrupt" things in a strict sense. (One should hope of course, that only few people use(d) CR or LF alone to get their control character meaning... but rather that these are just cases of accidents.) 5) I agree with you that mails should be stored with CRLF, as this is their native format.... and I found nothing on the maildir[++] standards that would forbid that (neither that would encourage it). But for mbox there are "definitions" that _always_ LF is used (AFAIU, even on non-UNIX platforms. 6) I went through my mails and basically I found everything: CR, LF, CRLF and even LFCR. Now I have no real idea how to deal with that? Keep all as is? Make all LFs CRLFs and/or all CFs to CRLFs? What about the LFCRs? Handle them as group and perhaps swap them to CRLF. Or doing the same as with single LFs and CRs. Cheers, Chris. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5113 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121108/d8f4f38e/attachment-0002.bin> From p at sys4.de Thu Nov 8 07:25:50 2012 From: p at sys4.de (Patrick Ben Koetter) Date: Thu, 8 Nov 2012 06:25:50 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: <3A1F6CA1-423F-4DF7-905C-9B161463D024@iki.fi> References: <n2ks0xmebooc8ajg4t5bijon.1352328640116@email.android.com> <DC1B4E39-DC89-47DB-842A-8D08DF082494@iki.fi> <3b757e0a-bc1a-48af-a4b3-582a886e650b@email.android.com> <88042DDA-00C2-4143-86C5-CD6B62D397AD@iki.fi> <a7e99d4d-2566-4b50-bdf0-838b0e77b729@email.android.com> <3A1F6CA1-423F-4DF7-905C-9B161463D024@iki.fi> Message-ID: <20121108052550.GC11584@sys4.de> * Timo Sirainen <dovecot at dovecot.org>: > Yes, different teams, but I think Google is still a lot more reasonable company to deal with things like this than Microsoft. Although surprisingly even Microsoft appears to support SPECIAL-USE in the next Outlook(?) client. confirmed. p at rick -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From rs at sys4.de Thu Nov 8 09:31:38 2012 From: rs at sys4.de (Robert Schetterer) Date: Thu, 08 Nov 2012 08:31:38 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: <n2ks0xmebooc8ajg4t5bijon.1352328640116@email.android.com> References: <n2ks0xmebooc8ajg4t5bijon.1352328640116@email.android.com> Message-ID: <509B5FDA.2050002@sys4.de> Am 08.11.2012 00:24, schrieb Massimiliano Cianelli: > Hi, > > Yes w/o prefix work as expected, try to add a prefix like courier does (eg. Inbox.) It will not work as expected. I see you point, but as i have seen other mail clients have problems with prefix namespace in the past, i am using the most unproblematic setup, there will never be an universal best config for all imap software existing, dont try to find it > > Due I'm upgrading an old installed server, I've to keep everything as much transparent I can... it includes IMAP folder and subscription. look at dovecot migration sites for examples, but it may stay a problem ever ,that some imap clients with broken stuff do not behave proper after migration again this should be fixed on the client side > > Looking at that I've encountered that issue, and analyzed for fix it (thank you open source), not everyone will want to use/use k9.. but you can be 100% sure the stock client is there. thats right, but if its failing with some servers, it has to be fixed at the "source of evil" first *g, anyway i dont see the point dovecot related, but your info is usefull anyway > > Due that Google act like BlackBerry, Microsoft,etc.. (hovewer they will not fix it soon, or really respect the rfc), it's much simple add Namespace on prelogin banner then wait or have to tell someone to install another client for that mailbox. > > I didn't know the history, but looking at change log seems that idle as been put back to prelogin client for some kind of compatibility with their service. > > Anyway, the most important reason that got me to subscribe the mailing list for write those emails, is share with the community that problem and provide a solution.. for someone in the future that have the same problem and will search on internet for a solution (like I've does.. before analyze it on my own). > > If the workaround will be added to the wiki or will be put in the source.. the important thing is that there is a solution simple and fast (two.. the source modify, and the configuration file) and someone can find it.. > > (Sarcastic) And if the mayans were right we can't wait for google to fix it :p Dovecot has mass of config parameter, try find out what set best to workaround your problem, then post it to the wiki, it will be welcomed > > Best Regards > Sent from Galaxy Nexus > > Robert Schetterer <rs at sys4.de> ha scritto: > >> Am 07.11.2012 08:13, schrieb Massimiliano Cianelli: >>> Hello, >>> >>> My phone: >>> Android ics 4.1.2 on galaxy nexus. >>> And yes, stock mean the default client that come with the os in IMAP mode. >>> >>> I already know about that configuration parameter, but it will display two time namespace in postlogin capabilities, and so I like much more to adjust the source code to fix the issue. >>> >>> Yes there is k9 but I didn't like it too much, I prefer the stock client and is much important to keep compatibility with stock client then user-installed client. >>> >>> About the issue on Google code, there is thr issue on google code... but Google is a lot slow in fixing those things. >>> http://code.google.com/p/android/issues/detail?id=1811 >>> >>> In a few hour I'll update the issue noticing where is hidden the problem. >>> >>> Regards >>> Sent from Galaxy Nexus >> >> Hi , i shortly tested this with android sdk jelly bean 4.1.1 and "my >> setup" dovecot 2.1.10 with included orginal android mail app in imap mode, >> ,leaving IMAP prefix blank, everything works as expected, no double >> shown inbox, namespace problems etc >> so you might have to fit your namespace setup. >> Also you might follow allready given advice from here. >> >> Anyway , i understand you using "stock client" >> but you have to understand that the producers of mail clients >> optimize their stuff fitting best in their own server structure >> making money with it, therefor their motivation coding better imap code >> is not very high, same case is for outlook and microsoft >> however, i would say, fixing bugs is on the google site here, looks like >> there is patch >> at >> http://code.google.com/p/android/issues/detail?id=1811 >> and the issue seems long known >> >> i dont see any hard relation to dovecot in this case >> meanwhile using k9mail seems the best way to workaround >> there are lots of other bugs around android versions >> over the years i dont expect google to fix them >> >> >>> >>> Robert Schetterer <rs at sys4.de> ha scritto: >>> >>>> Am 06.11.2012 07:08, schrieb Ben Morrow: >>>>> At 6AM +0100 on 6/11/12 you (Massimiliano Cianelli) wrote: >>>>>> Hi, >>>>>> >>>>>> My setup: >>>>>> Dovecot 2 latest, installed to replace courrier IMAP, and off course >>>>>> configured with the dot separator and all folder under INBOX.*. >>>>>> >>>>>> The problem: >>>>>> My phone was driving me mad during the test, due that it will only >>>>>> recognize Inbox. >>>>>> >>>>>> How found the solution: >>>>>> I've started sniffing IMAP traffic on my server and ended up with one >>>>>> difference: >>>>>> On courier it ask for namespace, on dovecot it won't. >>>>>> >>>>>> I gives a better look, and noticed that courier show namespace >>>>>> capability on prelogin banner, adding it too solved the problem. >>>>>> >>>>>> Reason: >>>>>> Android ICS stock client seems do not honor the capability gived after >>>>>> the login. >>>>> >>>>> See http://wiki2.dovecot.org/Upgrading/2.0?highlight=%28capability%29 ; >>>>> you need to set imap_capability and/or get your client fixed. >>>>> >>>>> Ben >>>>> >>>> >>>> Hi, first ,what is the exact meaning of >>>> >>>> "Android ICS stock client" >>>> >>>> do you mean default included email client in standard android in imap >>>> mode, when yes, which version of Android , i like to test my own >>>> however is there changelog/code etc at google for this behave? >>>> >>>> conf example >>>> >>>> # Override the IMAP CAPABILITY response. If the value begins with '+', >>>> # add the given capabilities on top of the defaults (e.g. +XFOO XBAR). >>>> #imap_capability = >>>> >>>> setting stuff here might be complex , or lead to trouble with other >>>> clients, if setting this might fix problems ,with clients it should be >>>> advised in the wiki/example-conf and/or Timo >>>> >>>> or the other way ,for massive used clients there should be >>>> a seperate workaround section in the conf >>>> >>>> But fixing behave clients should be prime option anyway >>>> >>>> Meanwhile use K9mail in Android as best free option in imap mode servers >>>> >>>> Best Regards >>>> MfG Robert Schetterer >>>> >>>> -- >>>> [*] sys4 AG >>>> >>>> http://sys4.de, +49 (89) 30 90 46 64 >>>> Franziskanerstra?e 15, 81669 M?nchen >>>> >>>> Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 >>>> Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer >>>> Aufsichtsratsvorsitzender: Joerg Heidrich >> >> >> >> Best Regards >> MfG Robert Schetterer >> >> -- >> [*] sys4 AG >> >> http://sys4.de, +49 (89) 30 90 46 64 >> Franziskanerstra?e 15, 81669 M?nchen >> >> Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 >> Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer >> Aufsichtsratsvorsitzender: Joerg Heidrich Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From rs at sys4.de Thu Nov 8 09:40:22 2012 From: rs at sys4.de (Robert Schetterer) Date: Thu, 08 Nov 2012 08:40:22 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: <da6b3938-5081-43c1-ab67-bd60dea8e6a9@email.android.com> References: <n2ks0xmebooc8ajg4t5bijon.1352328640116@email.android.com> <DC1B4E39-DC89-47DB-842A-8D08DF082494@iki.fi> <3b757e0a-bc1a-48af-a4b3-582a886e650b@email.android.com> <88042DDA-00C2-4143-86C5-CD6B62D397AD@iki.fi> <a7e99d4d-2566-4b50-bdf0-838b0e77b729@email.android.com> <3A1F6CA1-423F-4DF7-905C-9B161463D024@iki.fi> <da6b3938-5081-43c1-ab67-bd60dea8e6a9@email.android.com> Message-ID: <509B61E6.3090604@sys4.de> Am 08.11.2012 01:18, schrieb Massimiliano Cianelli: > Yes, different teams, but I think Google is still a lot more reasonable >>company to deal with things like this than Microsoft. Although >>surprisingly even Microsoft appears to support SPECIAL-USE in the next >>Outlook(?) client. yeah it works, but they had bugged it for my last tests, mail in sent folder ( which is corect in use by SPECIAL-USE ) always stay unread, seems they have had design problems using now a standard outgoing folder, however there is a bug report about that and they anounced to fix it, but it isnt in my last tests after the last upgrade, if they dont fix it you cant use the sent folder via imap in a handy way , and you have to disable the feature in total ( this point was changed also ), and need to set this function via filter wizard like long time ago outlook versions needed it Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From pshirkey at boosthardware.com Thu Nov 8 09:48:46 2012 From: pshirkey at boosthardware.com (Patrick Shirkey) Date: Thu, 8 Nov 2012 18:48:46 +1100 (EST) Subject: [Dovecot] pop3 exim4 dovecot Message-ID: <63736.188.25.63.54.1352360926.squirrel@boosthardware.com> Hi, I have an exim4 and dovecot system. The system has multiple accounts. Exim4 is receiving emails in the /var/mail/user files and dovecot is configured to use /home/user/mail (mbox) folder. I have one account that dovecot is not processing replies/bounces/etc... The data is being written in the /var/mail/user file by exim4 but as far as dovecot is aware there is nothing in the pop3 inbox. Can anyone suggest how I can enable dovecot to know that the data is in the /var/mail/user file and deliver it to the pop3 inbox for this account? -- Patrick Shirkey Boost Hardware Ltd From yngve_l2 at hotmail.com Thu Nov 8 09:54:21 2012 From: yngve_l2 at hotmail.com (ycc_Swe) Date: Wed, 7 Nov 2012 23:54:21 -0800 (PST) Subject: [Dovecot] Dovecot ok for port 110, but not for SSL (beginner asking) In-Reply-To: <509A35C0.8040209@sys4.de> References: <1352279608118-38611.post@n4.nabble.com> <509A35C0.8040209@sys4.de> Message-ID: <1352361261767-38656.post@n4.nabble.com> Thank you for your reply. I read the page you link to. As I understand I should set the ssl-parameter in 10-ssl.conf to "yes" or "required". I should also have permissions like this: root at deb7:/etc/dovecot/conf.d# ls -l /etc/ssl/*/dovecot.pem -r--r--r-- 1 root root 1326 Nov 3 14:24 /etc/ssl/certs/dovecot.pem -r-------- 1 root root 1704 Nov 3 14:24 /etc/ssl/private/dovecot.pem root at deb7:/etc/dovecot/conf.d# Other information on the page, as I understand, has to do with more "advanced" setups than mine. I still have the same problem. When I set ssl parameter to yes/required I can still not connect to port 995. This time I set ssl=verbose. This is what the log shows when I try to connect with ssl. Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x10, ret=1: before/accept initialization [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: before/accept initialization [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read client hello A [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write server hello A [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write certificate A [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write server done A [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 flush data [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2002, ret=-1: SSLv3 read client certificate A [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2002, ret=-1: SSLv3 read client certificate A [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read client key exchange A [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read finished A [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write change cipher spec A [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write finished A [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 flush data [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x20, ret=1: SSL negotiation finished successfully [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2002, ret=1: SSL negotiation finished successfully [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL alert: where=0x4008, ret=256: warning close notify [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=12.12.12.7, lip=13.13.13.239, TLS: Disconnected, session=<zrnz+fbNpwBBNykH> Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x10, ret=1: before/accept initialization [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: before/accept initialization [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read client hello A [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write server hello A [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write certificate A [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write server done A [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 flush data [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2002, ret=-1: SSLv3 read client certificate A [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2002, ret=-1: SSLv3 read client certificate A [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read client key exchange A [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read finished A [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write change cipher spec A [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write finished A [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 flush data [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x20, ret=1: SSL negotiation finished successfully [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2002, ret=1: SSL negotiation finished successfully [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL alert: where=0x4008, ret=256: warning close notify [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=12.12.12.7, lip=13.13.13.239, TLS: Disconnected, session=<N9L9+fbNqABBNykH> root at deb7:/etc/dovecot/conf.d# root at deb7:/etc/dovecot/conf.d# doveconf -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-3-686-pae i686 Debian wheezy/sid disable_plaintext_auth = no mail_gid = mail mail_location = mbox:~/mail:INBOX=/var/mail/%u namespace inbox { inbox = yes location = prefix = } passdb { args = scheme=CRYPT username_format=%u /etc/dovecot/users driver = passwd-file } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = " imap pop3" ssl = required ssl_cert = </etc/ssl/certs/dovecot.pem ssl_key = </etc/ssl/private/dovecot.pem userdb { args = username_format=%u /etc/dovecot/users driver = passwd-file } root at deb7:/etc/dovecot/conf.d# Thanks for repying. I still have the same problem. Dovecot works for me on port 110, but not on 995/ssl. -- View this message in context: http://dovecot.2317879.n4.nabble.com/Dovecot-ok-for-port-110-but-not-for-SSL-beginner-asking-tp38611p38656.html Sent from the Dovecot mailing list archive at Nabble.com. From rs at sys4.de Thu Nov 8 10:18:53 2012 From: rs at sys4.de (Robert Schetterer) Date: Thu, 08 Nov 2012 09:18:53 +0100 Subject: [Dovecot] Dovecot ok for port 110, but not for SSL (beginner asking) In-Reply-To: <1352361261767-38656.post@n4.nabble.com> References: <1352279608118-38611.post@n4.nabble.com> <509A35C0.8040209@sys4.de> <1352361261767-38656.post@n4.nabble.com> Message-ID: <509B6AED.7070107@sys4.de> Am 08.11.2012 08:54, schrieb ycc_Swe: > Thanks for repying. I still have the same problem. Dovecot works for me on > port 110, but not on 995/ssl. look here http://wiki2.dovecot.org/TestPop3Installation look for your auth fit what you want disable_plaintext_auth.... verify your pem/crt is not broken look http://wiki2.dovecot.org/AuthDatabase/PasswdFile Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From rs at sys4.de Thu Nov 8 10:21:26 2012 From: rs at sys4.de (Robert Schetterer) Date: Thu, 08 Nov 2012 09:21:26 +0100 Subject: [Dovecot] pop3 exim4 dovecot In-Reply-To: <63736.188.25.63.54.1352360926.squirrel@boosthardware.com> References: <63736.188.25.63.54.1352360926.squirrel@boosthardware.com> Message-ID: <509B6B86.6050600@sys4.de> Am 08.11.2012 08:48, schrieb Patrick Shirkey: > Hi, > > I have an exim4 and dovecot system. The system has multiple accounts. > Exim4 is receiving emails in the /var/mail/user files and dovecot is > configured to use /home/user/mail (mbox) folder. > > I have one account that dovecot is not processing replies/bounces/etc... > The data is being written in the /var/mail/user file by exim4 but as far > as dovecot is aware there is nothing in the pop3 inbox. > > Can anyone suggest how I can enable dovecot to know that the data is in > the /var/mail/user file and deliver it to the pop3 inbox for this account? > > > > -- > Patrick Shirkey > Boost Hardware Ltd > show logs and config like doveconf -n Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From design at 1stwebdesigns.com Thu Nov 8 10:29:05 2012 From: design at 1stwebdesigns.com (1st WebDesigns) Date: Thu, 08 Nov 2012 08:29:05 +0000 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access Message-ID: <509B6D51.8030408@1stwebdesigns.com> Hi there, We're using Dovecot version 1.0.7 and Postfix, and since upgrading our Linux box we're getting this in the maillog: Nov 8 07:49:11 server1 postfix/local[27901]: 04B8E7081DA: to=<xyz at xyz.com>, orig_to=<abc at abc.com>, relay=local, delay=19, delays=0.07/0/0/19, dsn=4.2.0, status=deferred (cannot update mailbox /var/spool/mail/abc for user abc. unable to lock for exclusive access: Resource temporarily unavailable) Postfix is currently set to: mailbox_delivery_lock = fcntl, dotlock Dovecot has this: mbox_read_locks = fcntl mbox_write_locks = fcntl dotlock I've scoured the web and tried all kinds of different locking mechanisms and combinations to no avail. The mail is eventually delivered but on a busy day this can take several hours. In the evening it generally doesn't happen, which leads me to believe it occurs during the day when people have their mail clients open. However, this particular issue doesn't affect every user that has their mail client open, only some! We currently have the mailboxes in mbox format - yes I know we should upgrade to maildir which we will eventually, however we've been using mbox for the last 10 years and this has only become an issue since upgrading. What I have discovered this morning is a Dovecot connection that is open for 6 minutes before disconnection. During this 6 minutes the above problem occurs (new mail cannot get an exclusive lock). The same user will have connected and disconnected several times before and after, with a connection taking no more than a few seconds. But it seems sometimes the connection is taking longer than it should and I suspect the problem lies here. Please can anyone help! Thank you, G From p at sys4.de Thu Nov 8 10:34:56 2012 From: p at sys4.de (Patrick Ben Koetter) Date: Thu, 8 Nov 2012 09:34:56 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: <509B61E6.3090604@sys4.de> References: <n2ks0xmebooc8ajg4t5bijon.1352328640116@email.android.com> <DC1B4E39-DC89-47DB-842A-8D08DF082494@iki.fi> <3b757e0a-bc1a-48af-a4b3-582a886e650b@email.android.com> <88042DDA-00C2-4143-86C5-CD6B62D397AD@iki.fi> <a7e99d4d-2566-4b50-bdf0-838b0e77b729@email.android.com> <3A1F6CA1-423F-4DF7-905C-9B161463D024@iki.fi> <da6b3938-5081-43c1-ab67-bd60dea8e6a9@email.android.com> <509B61E6.3090604@sys4.de> Message-ID: <20121108083456.GA8522@sys4.de> * Robert Schetterer <rs at sys4.de>: > Am 08.11.2012 01:18, schrieb Massimiliano Cianelli: > > Yes, different teams, but I think Google is still a lot more reasonable > >>company to deal with things like this than Microsoft. Although > >>surprisingly even Microsoft appears to support SPECIAL-USE in the next > >>Outlook(?) client. > > yeah it works, but they had bugged it for my last tests, > mail in sent folder ( which is corect in use by SPECIAL-USE ) > always stay unread, seems they have had design problems using now a > standard outgoing folder, however there is a bug report about that > and they anounced to fix it, but it isnt in my last tests after the last > upgrade, if they dont fix it you cant use the sent folder via imap in a > handy way , and you have to disable the feature in total ( this point > was changed also ), and need to set this function via filter wizard like > long time ago outlook versions needed it We could work around this with a SIEVE rule that marks the message 'read' when it is put into the Sent folder, couldn't we? p at rick -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From pshirkey at boosthardware.com Thu Nov 8 10:36:54 2012 From: pshirkey at boosthardware.com (Patrick Shirkey) Date: Thu, 8 Nov 2012 19:36:54 +1100 (EST) Subject: [Dovecot] pop3 exim4 dovecot In-Reply-To: <509B6B86.6050600@sys4.de> References: <63736.188.25.63.54.1352360926.squirrel@boosthardware.com> <509B6B86.6050600@sys4.de> Message-ID: <64315.188.25.63.54.1352363814.squirrel@boosthardware.com> On Thu, November 8, 2012 7:21 pm, Robert Schetterer wrote: > Am 08.11.2012 08:48, schrieb Patrick Shirkey: >> Hi, >> >> I have an exim4 and dovecot system. The system has multiple accounts. >> Exim4 is receiving emails in the /var/mail/user files and dovecot is >> configured to use /home/user/mail (mbox) folder. >> >> I have one account that dovecot is not processing replies/bounces/etc... >> The data is being written in the /var/mail/user file by exim4 but as far >> as dovecot is aware there is nothing in the pop3 inbox. >> >> Can anyone suggest how I can enable dovecot to know that the data is in >> the /var/mail/user file and deliver it to the pop3 inbox for this >> account? >> >> >> >> -- >> Patrick Shirkey >> Boost Hardware Ltd >> > > show logs > and config like doveconf -n > > There is nothing in the dovecot logs afaict echo "my test" | mail -s "test message" test at xxx 2012-11-08 08:34:38 1TWNZO-0000TG-8s <= root at xxx U=root P=local S=398 2012-11-08 08:34:38 1TWNZO-0000TG-8s => xxx <test at xxx> R=local_user T=mail_spool 2012-11-08 08:34:38 1TWNZO-0000TG-8s Completed exim -bt test at xxx R: system_aliases for xxx at localhost R: userforward for xxx at localhost R: procmail for xxx at localhost R: maildrop for xxx at localhost R: lowuid_aliases for xxx at localhost (UID 1238) R: local_user for xxx at localhost xxx at localhost <-- test at xxx router = local_user, transport = mail_spool - Here's the dovecot config: # dovecot -n # 1.2.15: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.6 log_timestamp: %Y-%m-%d %H:%M:%S protocols: pop3 pop3s listen: 127.0.0.1 login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/pop3-login mail_privileged_group: mail mail_location: mbox:~/mail mail_debug: yes mbox_write_locks: fcntl dotlock mail_executable: /usr/lib/dovecot/pop3 mail_plugin_dir: /usr/lib/dovecot/modules/pop3 auth default: debug: yes passdb: driver: pam userdb: driver: passwd -- Patrick Shirkey Boost Hardware Ltd From skdovecot at smail.inf.fh-brs.de Thu Nov 8 11:21:30 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 8 Nov 2012 10:21:30 +0100 (CET) Subject: [Dovecot] %{ldap:nonExistantAttribut} (was Re: v2.2.alpha1 released) In-Reply-To: <F64A14D2-3C1E-4FA3-90AA-22AD5D4330F8@iki.fi> References: <1351544456.13571.102.camel@hurina> <alpine.DEB.1.10.1211051947560.7480@pc-2m63a.inf.fh-bonn-rhein-sieg.de> <F64A14D2-3C1E-4FA3-90AA-22AD5D4330F8@iki.fi> Message-ID: <alpine.DEB.2.02.1211081018070.3023@pc-2m63nn> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 7 Nov 2012, Timo Sirainen wrote: > >> http://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb?highlight=(%25{ldap) >> >> is the only reference I found so far and the TODO file. >> >> If the attribute does not exist, there should be a default value, you can specify, e.g.: %{ldap:attrName[,]:default value} . [,] the optional delimiter from the TODO. > > Where do you see "," as optional delimiter? But yeah, The TODO file contains the snippet: - multiple ldap values could be joined into one field with specified separator (e.g. mail_access_groups=%{ldap:gidNumber:,}) Well, I did ignored the colon in front of the ','. > %{ldap:attrName:default} would be simple to do. Attached patch to do it. > Let me know if it works. I applied it to v2.1. It works like charm, thanks :) - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUJt5mmoxLS8a3A9mAQJpRgf+JviFB7+za6bODz2eWdWCMeSy7GocD9Zc VvmqlcRqCSgGD/37h6m6cyhJ9/XkUm+Z2dbGH5RaznIqEPcQ0GwlIcrkUzfvSSrv ByMRSFDPpu1kWYC1/ieajUrIZTUvhxctpQMtIFkm2Vi6TusgXuTWQGgbf69sIJEF COfPpCO6UYZFe96biNEE171wl+KpEeDBx8xwb4lu+tOXFNbCQEqUMe1kgF6Qda3i cfnAIb+pU+ljYMMQbpuIBpA14i9GGsQAzd39HL3aFKqGq3WU54M8xOZqDfSeUGjh ES/y4U20kbogfUZTUkbA7j3tO463RvCCvFjWh1/FvYLrouAVo2p43A== =Kkac -----END PGP SIGNATURE----- From stan at hardwarefreak.com Thu Nov 8 11:23:51 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Thu, 08 Nov 2012 03:23:51 -0600 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <509B6D51.8030408@1stwebdesigns.com> References: <509B6D51.8030408@1stwebdesigns.com> Message-ID: <509B7A27.3080308@hardwarefreak.com> On 11/8/2012 2:29 AM, 1st WebDesigns wrote: > Hi there, > > We're using Dovecot version 1.0.7 and Postfix, and since upgrading our > Linux box we're getting this in the maillog: 1.0.7 is absolutely ancient and no longer officially supported. You need 1.2.x minimum, 2.x.x even better. And you say you just recently upgraded your Linux distro? What planet do you live on son? You're a few light years behind current stable software. > Nov 8 07:49:11 server1 postfix/local[27901]: 04B8E7081DA: > to=<xyz at xyz.com>, orig_to=<abc at abc.com>, relay=local, delay=19, > delays=0.07/0/0/19, dsn=4.2.0, status=deferred (cannot update mailbox > /var/spool/mail/abc for user abc. unable to lock for exclusive access: > Resource temporarily unavailable) The simple permanent fix to Postfix/Dovecot mbox locking issues is switching from Postfix LOCAL to Dovecot LDA for mailbox delivery. 1.0.7 is before my time. I do not know if LDA was available then. Upgrade and you'll have it, and you'll also fix other problems you're not even aware of yet. > Postfix is currently set to: > mailbox_delivery_lock = fcntl, dotlock > > Dovecot has this: > mbox_read_locks = fcntl > mbox_write_locks = fcntl dotlock LDA completely eliminates lock contention. http://wiki.dovecot.org/LDA/Postfix http://wiki2.dovecot.org/LDA/Postfix -- Stan From rs at sys4.de Thu Nov 8 11:56:42 2012 From: rs at sys4.de (Robert Schetterer) Date: Thu, 08 Nov 2012 10:56:42 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: <20121108083456.GA8522@sys4.de> References: <n2ks0xmebooc8ajg4t5bijon.1352328640116@email.android.com> <DC1B4E39-DC89-47DB-842A-8D08DF082494@iki.fi> <3b757e0a-bc1a-48af-a4b3-582a886e650b@email.android.com> <88042DDA-00C2-4143-86C5-CD6B62D397AD@iki.fi> <a7e99d4d-2566-4b50-bdf0-838b0e77b729@email.android.com> <3A1F6CA1-423F-4DF7-905C-9B161463D024@iki.fi> <da6b3938-5081-43c1-ab67-bd60dea8e6a9@email.android.com> <509B61E6.3090604@sys4.de> <20121108083456.GA8522@sys4.de> Message-ID: <509B81DA.3080804@sys4.de> Am 08.11.2012 09:34, schrieb Patrick Ben Koetter: > * Robert Schetterer <rs at sys4.de>: >> Am 08.11.2012 01:18, schrieb Massimiliano Cianelli: >>> Yes, different teams, but I think Google is still a lot more reasonable >>>> company to deal with things like this than Microsoft. Although >>>> surprisingly even Microsoft appears to support SPECIAL-USE in the next >>>> Outlook(?) client. >> >> yeah it works, but they had bugged it for my last tests, >> mail in sent folder ( which is corect in use by SPECIAL-USE ) >> always stay unread, seems they have had design problems using now a >> standard outgoing folder, however there is a bug report about that >> and they anounced to fix it, but it isnt in my last tests after the last >> upgrade, if they dont fix it you cant use the sent folder via imap in a >> handy way , and you have to disable the feature in total ( this point >> was changed also ), and need to set this function via filter wizard like >> long time ago outlook versions needed it > > We could work around this with a SIEVE rule that marks the message 'read' when > it is put into the Sent folder, couldn't we? > > p at rick > its a copy/move imap to sent folder act, cant see how we could get sieve involved in that "for now" , cause sieve only act when lda or lmtp is used ,in my understandig but lets hope microsoft has/will fix it, i will test the stable new outlook, until i get more powerfull hardware to install it, i am also looking forward whats happening with imap special use on different language versions Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From skdovecot at smail.inf.fh-brs.de Thu Nov 8 12:01:45 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 8 Nov 2012 11:01:45 +0100 (CET) Subject: [Dovecot] %{ldap:nonExistantAttribut} (was Re: v2.2.alpha1 released) In-Reply-To: <alpine.DEB.2.02.1211081018070.3023@pc-2m63nn> References: <1351544456.13571.102.camel@hurina> <alpine.DEB.1.10.1211051947560.7480@pc-2m63a.inf.fh-bonn-rhein-sieg.de> <F64A14D2-3C1E-4FA3-90AA-22AD5D4330F8@iki.fi> <alpine.DEB.2.02.1211081018070.3023@pc-2m63nn> Message-ID: <alpine.DEB.2.02.1211081059430.3023@pc-2m63nn> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 8 Nov 2012, Steffen Kaiser wrote: >> %{ldap:attrName:default} would be simple to do. Attached patch to do it. >> Let me know if it works. > > I applied it to v2.1. It works like charm, thanks :) yes, works in v2.2 alpha 15390:af331bc452d0, too. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUJuDCWoxLS8a3A9mAQLqowf9HRhh84cjgaE1nAxZ9VwmJK+83wPVNGoQ E2wMudyTcAuzZU/hZUMNTqXZjnS6Ono/bDBhizK3QfrPQ+3KgxbBDXa76csVt+G4 /vWic3jOWMboSw76Gg6u7g+rXrsikdkzNcNh/qxonK0W0k316gI8J/YN3W2vgR0H EVkSF+qfLFEs9I4+LjvX86e3VfVCkQ8ekOJyuf5gMyweQOCAi2+04aQRRZ5vVmir 8hf4LWsmedEiDZOX8FTG1IDXDWDppcBlsQOhm3QeQqoQX0Ew2OTxLY//qspIYASW I8bWxqCWGRoScpSJGVKPlmBtjxRJmPx4FX7VGBPyWn5SDLuEbRgN9Q== =tHXu -----END PGP SIGNATURE----- From CMarcus at Media-Brokers.com Thu Nov 8 13:45:41 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Thu, 08 Nov 2012 06:45:41 -0500 Subject: [Dovecot] Solr 4.0 - lucene - FTS In-Reply-To: <385519A7-AE91-4C38-94C6-7CD8A957E178@iki.fi> References: <509A5B99.1000900@Media-Brokers.com> <385519A7-AE91-4C38-94C6-7CD8A957E178@iki.fi> Message-ID: <509B9B65.4020801@Media-Brokers.com> On 2012-11-07 10:14 AM, Timo Sirainen <tss at iki.fi> wrote: > No, fts-lucene and fts-solr are separate backends. But I do have some small plans to add a few more features to fts-solr. Thanks again Timo, but one last follow-up... According to the wiki, Solr is the preferred method, but that seems weird to me - it requires a full blown Solr server that dovecot communicates with using HTTP/XML queries? Maybe not that big a deal, but just sounds like overkill to me, unless you are maybe already using Solr for website searches (which I'm not and have no need for). I would much prefer something simpler that doesn't require any external dependencies like that, so, next choice is Lucene... Looks much simpler, only requires Lucene's C++ library... But it builds only a single Lucene index for all mailboxes - not sure if this is good or bad? Seems like it would be better/more efficient (and less chance of index corruption, but most importantly, less overhead in the event that one gets hosed and dovecot needs to rebuild it) to build individual indexes for each mailbox, then, maybe, to provide support for searching ALL mailboxes, have a master index that basically just maintains a list of all of the individual indexes to be used for the search (so it doesn't have to scan all available mailboxes, but which it can do in the event that *it* ever got hosed). Obviously I don't know much about all this, so may be totally off base... Thanks again, and for listening to my ramblings, -- Best regards, Charles From odhiambo at gmail.com Thu Nov 8 15:13:07 2012 From: odhiambo at gmail.com (Odhiambo Washington) Date: Thu, 8 Nov 2012 16:13:07 +0300 Subject: [Dovecot] pop3 exim4 dovecot In-Reply-To: <64315.188.25.63.54.1352363814.squirrel@boosthardware.com> References: <63736.188.25.63.54.1352360926.squirrel@boosthardware.com> <509B6B86.6050600@sys4.de> <64315.188.25.63.54.1352363814.squirrel@boosthardware.com> Message-ID: <CAAdA2WMPNiAJ8-Q7Pr-=YrgqKhjJNMKyBg5EjLSkBHtKNs2EMw@mail.gmail.com> On Thu, Nov 8, 2012 at 11:36 AM, Patrick Shirkey <pshirkey at boosthardware.com > wrote: > > On Thu, November 8, 2012 7:21 pm, Robert Schetterer wrote: > > Am 08.11.2012 08:48, schrieb Patrick Shirkey: > >> Hi, > >> > >> I have an exim4 and dovecot system. The system has multiple accounts. > >> Exim4 is receiving emails in the /var/mail/user files and dovecot is > >> configured to use /home/user/mail (mbox) folder. > >> > >> I have one account that dovecot is not processing replies/bounces/etc... > >> The data is being written in the /var/mail/user file by exim4 but as far > >> as dovecot is aware there is nothing in the pop3 inbox. > >> > >> Can anyone suggest how I can enable dovecot to know that the data is in > >> the /var/mail/user file and deliver it to the pop3 inbox for this > >> account? > >> > >> > >> > >> -- > >> Patrick Shirkey > >> Boost Hardware Ltd > >> > > > > show logs > > and config like doveconf -n > > > > > > There is nothing in the dovecot logs afaict > > echo "my test" | mail -s "test message" test at xxx > > 2012-11-08 08:34:38 1TWNZO-0000TG-8s <= root at xxx U=root P=local S=398 > 2012-11-08 08:34:38 1TWNZO-0000TG-8s => xxx <test at xxx> R=local_user > T=mail_spool > 2012-11-08 08:34:38 1TWNZO-0000TG-8s Completed > > > exim -bt test at xxx > R: system_aliases for xxx at localhost > R: userforward for xxx at localhost > R: procmail for xxx at localhost > R: maildrop for xxx at localhost > R: lowuid_aliases for xxx at localhost (UID 1238) > R: local_user for xxx at localhost > xxx at localhost > <-- test at xxx > router = local_user, transport = mail_spool > > > - Here's the dovecot config: > > # dovecot -n > # 1.2.15: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.6 > log_timestamp: %Y-%m-%d %H:%M:%S > protocols: pop3 pop3s > listen: 127.0.0.1 > login_dir: /var/run/dovecot/login > login_executable: /usr/lib/dovecot/pop3-login > mail_privileged_group: mail > mail_location: mbox:~/mail > mail_debug: yes > mbox_write_locks: fcntl dotlock > mail_executable: /usr/lib/dovecot/pop3 > mail_plugin_dir: /usr/lib/dovecot/modules/pop3 > auth default: > debug: yes > passdb: > driver: pam > userdb: > driver: passwd > > > You are telling dovecot that mails are in mbox format (why you even use mbox instead of Maildir++ beats me, but that's not what you asked for help with) and are stored in /home/$user/mbox so go ahead at also tell Exim to deliver to the same location! If you want Exim to deliver to /var/mail/$user then change your mail_location in dovecot.conf to point to this too. -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ I can't hear you -- I'm using the scrambler. From pshirkey at boosthardware.com Thu Nov 8 16:03:11 2012 From: pshirkey at boosthardware.com (Patrick Shirkey) Date: Fri, 9 Nov 2012 01:03:11 +1100 (EST) Subject: [Dovecot] pop3 exim4 dovecot In-Reply-To: <CAAdA2WMPNiAJ8-Q7Pr-=YrgqKhjJNMKyBg5EjLSkBHtKNs2EMw@mail.gmail.com> References: <63736.188.25.63.54.1352360926.squirrel@boosthardware.com> <509B6B86.6050600@sys4.de> <64315.188.25.63.54.1352363814.squirrel@boosthardware.com> <CAAdA2WMPNiAJ8-Q7Pr-=YrgqKhjJNMKyBg5EjLSkBHtKNs2EMw@mail.gmail.com> Message-ID: <50869.188.25.63.54.1352383391.squirrel@boosthardware.com> On Fri, November 9, 2012 12:13 am, Odhiambo Washington wrote: > On Thu, Nov 8, 2012 at 11:36 AM, Patrick Shirkey > <pshirkey at boosthardware.com >> wrote: > >> >> On Thu, November 8, 2012 7:21 pm, Robert Schetterer wrote: >> > Am 08.11.2012 08:48, schrieb Patrick Shirkey: >> >> Hi, >> >> >> >> I have an exim4 and dovecot system. The system has multiple accounts. >> >> Exim4 is receiving emails in the /var/mail/user files and dovecot is >> >> configured to use /home/user/mail (mbox) folder. >> >> >> >> I have one account that dovecot is not processing >> replies/bounces/etc... >> >> The data is being written in the /var/mail/user file by exim4 but as >> far >> >> as dovecot is aware there is nothing in the pop3 inbox. >> >> >> >> Can anyone suggest how I can enable dovecot to know that the data is >> in >> >> the /var/mail/user file and deliver it to the pop3 inbox for this >> >> account? >> >> >> >> >> >> >> >> -- >> >> Patrick Shirkey >> >> Boost Hardware Ltd >> >> >> > >> > show logs >> > and config like doveconf -n >> > >> > >> >> There is nothing in the dovecot logs afaict >> >> echo "my test" | mail -s "test message" test at xxx >> >> 2012-11-08 08:34:38 1TWNZO-0000TG-8s <= root at xxx U=root P=local S=398 >> 2012-11-08 08:34:38 1TWNZO-0000TG-8s => xxx <test at xxx> R=local_user >> T=mail_spool >> 2012-11-08 08:34:38 1TWNZO-0000TG-8s Completed >> >> >> exim -bt test at xxx >> R: system_aliases for xxx at localhost >> R: userforward for xxx at localhost >> R: procmail for xxx at localhost >> R: maildrop for xxx at localhost >> R: lowuid_aliases for xxx at localhost (UID 1238) >> R: local_user for xxx at localhost >> xxx at localhost >> <-- test at xxx >> router = local_user, transport = mail_spool >> >> >> - Here's the dovecot config: >> >> # dovecot -n >> # 1.2.15: /etc/dovecot/dovecot.conf >> # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.6 >> log_timestamp: %Y-%m-%d %H:%M:%S >> protocols: pop3 pop3s >> listen: 127.0.0.1 >> login_dir: /var/run/dovecot/login >> login_executable: /usr/lib/dovecot/pop3-login >> mail_privileged_group: mail >> mail_location: mbox:~/mail >> mail_debug: yes >> mbox_write_locks: fcntl dotlock >> mail_executable: /usr/lib/dovecot/pop3 >> mail_plugin_dir: /usr/lib/dovecot/modules/pop3 >> auth default: >> debug: yes >> passdb: >> driver: pam >> userdb: >> driver: passwd >> >> >> > You are telling dovecot that mails are in mbox format (why you even use > mbox instead of Maildir++ beats me, but that's not what you asked for help > with) and are stored in /home/$user/mbox so go ahead at also tell Exim to > deliver to the same location! > If you want Exim to deliver to /var/mail/$user then change your > mail_location in dovecot.conf to point to this too. > > Thanks for your advice. I inherited this system and it is a live B2B system so I am trying not to break it as well as to keep it running :-) I have seen some unusual behaviour now. 1: According to my script to process the inbox for each account the pop3 account was empty. The code was previously working for many months. I thought it might be related to the missing mail_location directive because the home/xxx/mail folder was missing for the specific account that was having a problem so I added it as above but it didn't appear to fix the problem. 2: I modified it as suggested : mail_location = INBOX=/var/mail/%u That gave me an error Nov 8 13:47:03 mail dovecot: POP3(xxx): mail_location: Ambiguous mail location setting, don't know what to do with it: INBOX=/var/mail/xxx (try prefixing it with mbox: or maildir:) Nov 8 13:47:03 mail dovecot: POP3(xxx): Fatal: Namespace initialization failed 3: I then disabled the directive and restarted dovecot. The processing script now appears to be working but I see this message in the maillog: Nov 8 13:48:00 mail dovecot: POP3(xxx): fchown(/home/xxx/mail/.imap/INBOX/dovecot.index.tmp, -1, 8(mail)) failed: Operation not permitted (egid=1238(xxx), group based on /var/mail/xxx) Nov 8 13:48:00 mail dovecot: POP3(xxx): fchown(/home/xxx/mail/.imap/INBOX/dovecot.index.log.newlock, -1, 8(mail)) failed: Operation not permitted (egid=1238(xxx), group based on /var/mail/xxx) Nov 8 13:48:00 mail dovecot: POP3(xxx): fchown(/home/xxx/mail/.imap/INBOX/dovecot.index.cache.lock, -1, 8(mail)) failed: Operation not permitted (egid=1238(xxx), group based on /var/mail/xxx) So it looks like setting the mail_location to the /home/user did actually help but only after the mbox was auto created by dovecot and then the directive disabled and dovecot restarted. Based on this it appears that this system is configured to use both the /var/mail/user and /home/user/mail folders. I suppose it is a useful backup to have exim4 write to /var/mail/user and have dovecot transfer the data to /home/user/mail as it is received? Everything was working for many months so I'm not sure why the /home/user/mail folder was not auto created for this new account. AFAICT it is supposed to be handled by dovecot when a mail is received and the default location is /home/user/mail so setting it in dovecot.conf is not explicitly required? -- Patrick Shirkey Boost Hardware Ltd From pshirkey at boosthardware.com Thu Nov 8 16:39:55 2012 From: pshirkey at boosthardware.com (Patrick Shirkey) Date: Fri, 9 Nov 2012 01:39:55 +1100 (EST) Subject: [Dovecot] pop3 exim4 dovecot In-Reply-To: <CAAdA2WOxGoRTMFSzz0BLmHDeF2ZhA+bb_h=U=ppq3cQrBn2jQw@mail.gmail.com> References: <63736.188.25.63.54.1352360926.squirrel@boosthardware.com> <509B6B86.6050600@sys4.de> <64315.188.25.63.54.1352363814.squirrel@boosthardware.com> <CAAdA2WMPNiAJ8-Q7Pr-=YrgqKhjJNMKyBg5EjLSkBHtKNs2EMw@mail.gmail.com> <50869.188.25.63.54.1352383391.squirrel@boosthardware.com> <CAAdA2WOxGoRTMFSzz0BLmHDeF2ZhA+bb_h=U=ppq3cQrBn2jQw@mail.gmail.com> Message-ID: <51168.188.25.63.54.1352385595.squirrel@boosthardware.com> On Fri, November 9, 2012 1:10 am, Odhiambo Washington wrote: > On Thu, Nov 8, 2012 at 5:03 PM, Patrick Shirkey > <pshirkey at boosthardware.com>wrote: > >> >> On Fri, November 9, 2012 12:13 am, Odhiambo Washington wrote: >> > On Thu, Nov 8, 2012 at 11:36 AM, Patrick Shirkey >> > <pshirkey at boosthardware.com >> >> wrote: >> > >> >> >> >> On Thu, November 8, 2012 7:21 pm, Robert Schetterer wrote: >> >> > Am 08.11.2012 08:48, schrieb Patrick Shirkey: >> >> >> Hi, >> >> >> >> >> >> I have an exim4 and dovecot system. The system has multiple >> accounts. >> >> >> Exim4 is receiving emails in the /var/mail/user files and dovecot >> is >> >> >> configured to use /home/user/mail (mbox) folder. >> >> >> >> >> >> I have one account that dovecot is not processing >> >> replies/bounces/etc... >> >> >> The data is being written in the /var/mail/user file by exim4 but >> as >> >> far >> >> >> as dovecot is aware there is nothing in the pop3 inbox. >> >> >> >> >> >> Can anyone suggest how I can enable dovecot to know that the data >> is >> >> in >> >> >> the /var/mail/user file and deliver it to the pop3 inbox for this >> >> >> account? >> >> >> >> >> >> >> >> >> >> >> >> -- >> >> >> Patrick Shirkey >> >> >> Boost Hardware Ltd >> >> >> >> >> > >> >> > show logs >> >> > and config like doveconf -n >> >> > >> >> > >> >> >> >> There is nothing in the dovecot logs afaict >> >> >> >> echo "my test" | mail -s "test message" test at xxx >> >> >> >> 2012-11-08 08:34:38 1TWNZO-0000TG-8s <= root at xxx U=root P=local S=398 >> >> 2012-11-08 08:34:38 1TWNZO-0000TG-8s => xxx <test at xxx> R=local_user >> >> T=mail_spool >> >> 2012-11-08 08:34:38 1TWNZO-0000TG-8s Completed >> >> >> >> >> >> exim -bt test at xxx >> >> R: system_aliases for xxx at localhost >> >> R: userforward for xxx at localhost >> >> R: procmail for xxx at localhost >> >> R: maildrop for xxx at localhost >> >> R: lowuid_aliases for xxx at localhost (UID 1238) >> >> R: local_user for xxx at localhost >> >> xxx at localhost >> >> <-- test at xxx >> >> router = local_user, transport = mail_spool >> >> >> >> >> >> - Here's the dovecot config: >> >> >> >> # dovecot -n >> >> # 1.2.15: /etc/dovecot/dovecot.conf >> >> # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.6 >> >> log_timestamp: %Y-%m-%d %H:%M:%S >> >> protocols: pop3 pop3s >> >> listen: 127.0.0.1 >> >> login_dir: /var/run/dovecot/login >> >> login_executable: /usr/lib/dovecot/pop3-login >> >> mail_privileged_group: mail >> >> mail_location: mbox:~/mail >> >> mail_debug: yes >> >> mbox_write_locks: fcntl dotlock >> >> mail_executable: /usr/lib/dovecot/pop3 >> >> mail_plugin_dir: /usr/lib/dovecot/modules/pop3 >> >> auth default: >> >> debug: yes >> >> passdb: >> >> driver: pam >> >> userdb: >> >> driver: passwd >> >> >> >> >> >> >> > You are telling dovecot that mails are in mbox format (why you even >> use >> > mbox instead of Maildir++ beats me, but that's not what you asked for >> help >> > with) and are stored in /home/$user/mbox so go ahead at also tell Exim >> to >> > deliver to the same location! >> > If you want Exim to deliver to /var/mail/$user then change your >> > mail_location in dovecot.conf to point to this too. >> > >> > >> >> >> Thanks for your advice. I inherited this system and it is a live B2B >> system so I am trying not to break it as well as to keep it running :-) >> >> I have seen some unusual behaviour now. >> >> 1: According to my script to process the inbox for each account the pop3 >> account was empty. The code was previously working for many months. I >> thought it might be related to the missing mail_location directive >> because >> the home/xxx/mail folder was missing for the specific account that was >> having a problem so I added it as above but it didn't appear to fix the >> problem. >> > > You DO NOT need to add it manually. All you have to do is to send a test > mail to the user and the mbox will be created with the correct > permissions. > > >> >> 2: I modified it as suggested : mail_location = INBOX=/var/mail/%u >> >> That gave me an error >> >> Nov 8 13:47:03 mail dovecot: POP3(xxx): mail_location: Ambiguous mail >> location setting, don't know what to do with it: INBOX=/var/mail/xxx >> (try >> prefixing it with mbox: or maildir:) >> Nov 8 13:47:03 mail dovecot: POP3(xxx): Fatal: Namespace initialization >> failed >> > > > You must RTFM. The examples are in conf.d/10-mail.conf and they have the > following text: > > <quote> > ## Mailbox locations and namespaces > ## > > # Location for users' mailboxes. The default is empty, which means that > Dovecot > # tries to find the mailboxes automatically. This won't work if the user > # doesn't yet have any mail, so you should explicitly tell Dovecot the > full > # location. > # > # If you're using mbox, giving a path to the INBOX file (eg. /var/mail/%u) > # isn't enough. You'll also need to tell Dovecot where the other mailboxes > are > # kept. This is called the "root mail directory", and it must be the first > # path given in the mail_location setting. > # > # There are a few special variables you can use, eg.: > # > # %u - username > # %n - user part in user at domain, same as %u if there's no domain > # %d - domain part in user at domain, empty if there's no domain > # %h - home directory > # > # See doc/wiki/Variables.txt for full list. Some examples: > # > # mail_location = maildir:~/Maildir > # mail_location = mbox:~/mail:INBOX=/var/mail/%u > # mail_location = mbox:/var/mail/%d/%1n/%n:INDEX=/var/indexes/%d/%1n/%n > # > # <doc/wiki/MailLocation.txt> > </quote> > > ... make sense? > Starting to now. My first attempt to *not* break the existing system was to try with the following: mail_location = mbox:~/mail But that didn't work so I asked here and according to your first email it seemed this config was necessary: mail_location = INBOX=/var/mail/%u But after re reading the docs it appears that *both* locations are required: mail_location = mbox:~/mail:INBOX=/var/mail/%u -- Patrick Shirkey Boost Hardware Ltd From list at airstreamcomm.net Thu Nov 8 16:45:03 2012 From: list at airstreamcomm.net (list at airstreamcomm.net) Date: Thu, 08 Nov 2012 08:45:03 -0600 Subject: [Dovecot] IMAP session state inconsistent Message-ID: <509BC56F.6030606@airstreamcomm.net> Running Dovecot 1.2.12 (we are in the process of upgrading to 2.1.x) Didn't find much in old threads, but we are seeing the following in the logs this morning: dovecot: imap-login: Login: user=<wajabrun>, method=PLAIN, rip=x.x.x.x, lip=y.y.y.y dovecot: IMAP(wajabrun): Disconnected: IMAP session state is inconsistent, please relogin. bytes=443/1146 dovecot: imap-login: Login: user=<wajabrun>, method=PLAIN, rip=x.x.x.x, lip=y.y.y.y dovecot: IMAP(wajabrun): Disconnected: IMAP session state is inconsistent, please relogin. bytes=561/1637 dovecot: imap-login: Login: user=<wajabrun>, method=PLAIN, rip=x.x.x.x, lip=y.y.y.y dovecot: IMAP(wajabrun): file_dotlock_open() failed with file /mail/w/a/wajabrun/Maildir/.INBOX.02 ORDERS.Gaiam/dovecot.index.log: No such file or directory dovecot: IMAP(wajabrun): file_dotlock_open() failed with file /mail/w/a/wajabrun/Maildir/.INBOX.02 ORDERS.Gaiam/dovecot.index.log: No such file or directory Not sure what to make of this sequence? From davide.marchi at mail.cgilfe.it Thu Nov 8 16:51:35 2012 From: davide.marchi at mail.cgilfe.it (Davide) Date: Thu, 08 Nov 2012 15:51:35 +0100 Subject: [Dovecot] Hardlink with Maildir a brief help Message-ID: <509BC6F7.1050107@mail.cgilfe.it> Hi to all, my question is: Is possible implementing SIS (with hardlink) with maildir instead of *dbox format? If yes in dovecot.conf it's only necessary the below parameters or what else? mail_attachment_dir = /var/qmail/attachments I have also acting the zlib plugin it is not a problem isn't it? Thanks in advance for any response -- */Davide Marchi /Teorema Ferrara Srl /(Tel: /**/+39 0532 783161)/**/ (Fax: +/**/39 0532 783368/**/)/**//**/ /**//**/Davide.Marchi at mail.cgilfe.it <mailto:davide.marchi at mail.cgilfe.it?subject=Info> /CONFIDENZIALITA? *** Questo messaggio, inclusi gli eventuali allegati, ? indirizzato solo ai destinatari e pu? contenere informazioni riservate e confidenziali. Se avete ricevuto il messaggio senza esserne un destinatario, siete pregati di non utilizzare, copiare o distribuire questo messaggio o i suoi allegati. Se avete ricevuto il messaggio per errore, siete pregati di cancellarlo dal vostro sistema, assieme a tutti gli allegati, e di informare immediatamente il mittente,sia ai sensi dell'art. 616 c.p., sia ai sensi del DL n. 196/03. *CONFIDENTIALITY*** This message and any attachments are intended only for the use of the addressee(s) and may contain information that is privileged and/or confidential. If the reader of the message is not the intended recipient(s) or an authorized representative of the intended recipient(s), please do not use, copy, distribute this email or its attachments or take action based on them. If you have received this communication in error, please notify us immediately by email and delete the message and any attachments from your system. *Teorema FerraraSrl - Via Spronello, 7 - 44121 Ferrara Italia - P. IVA 01244490387** P**S**tampa questo messaggio solo se veramente necessario, pensa alla natura! - Please consider whether it is necessary to print this e-mail* From jerry at seibercom.net Thu Nov 8 16:56:50 2012 From: jerry at seibercom.net (Jerry) Date: Thu, 8 Nov 2012 09:56:50 -0500 Subject: [Dovecot] pop3 exim4 dovecot In-Reply-To: <51168.188.25.63.54.1352385595.squirrel@boosthardware.com> References: <63736.188.25.63.54.1352360926.squirrel@boosthardware.com> <509B6B86.6050600@sys4.de> <64315.188.25.63.54.1352363814.squirrel@boosthardware.com> <CAAdA2WMPNiAJ8-Q7Pr-=YrgqKhjJNMKyBg5EjLSkBHtKNs2EMw@mail.gmail.com> <50869.188.25.63.54.1352383391.squirrel@boosthardware.com> <CAAdA2WOxGoRTMFSzz0BLmHDeF2ZhA+bb_h=U=ppq3cQrBn2jQw@mail.gmail.com> <51168.188.25.63.54.1352385595.squirrel@boosthardware.com> Message-ID: <20121108095650.6696cb85@scorpio> On Fri, 9 Nov 2012 01:39:55 +1100 (EST) Patrick Shirkey articulated: > My first attempt to *not* break the existing system was to try with > the following: > > mail_location = mbox:~/mail > > But that didn't work so I asked here and according to your first > email it seemed this config was necessary: > > mail_location = INBOX=/var/mail/%u > > But after re reading the docs it appears that *both* locations are > required: > > mail_location = mbox:~/mail:INBOX=/var/mail/%u Seriously, how much effort does it actually take to trim the excess garbage off of a post before replying to it? Personally, once I have to page through four pages of old nonsense I totally lose interest in the thread. -- Jerry ? Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From tlx at leuxner.net Thu Nov 8 17:18:06 2012 From: tlx at leuxner.net (Thomas Leuxner) Date: Thu, 8 Nov 2012 16:18:06 +0100 Subject: [Dovecot] pop3 exim4 dovecot In-Reply-To: <63736.188.25.63.54.1352360926.squirrel@boosthardware.com> References: <63736.188.25.63.54.1352360926.squirrel@boosthardware.com> Message-ID: <20121108151806.GA5906@nihlus.leuxner.net> On Thu, Nov 08, 2012 at 06:48:46PM +1100, Patrick Shirkey wrote: > I have one account that dovecot is not processing replies/bounces/etc... > The data is being written in the /var/mail/user file by exim4 but as far > as dovecot is aware there is nothing in the pop3 inbox. > > Can anyone suggest how I can enable dovecot to know that the data is in > the /var/mail/user file and deliver it to the pop3 inbox for this account? It's possible to override locations per user, if that's what your trying to achieve: http://wiki.dovecot.org/MailLocation http://wiki.dovecot.org/UserDatabase http://wiki.dovecot.org/UserDatabase/ExtraFields Regards Thomas -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121108/8a6379d1/attachment-0002.bin> From ben at morrow.me.uk Thu Nov 8 21:16:51 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Thu, 8 Nov 2012 19:16:51 +0000 Subject: [Dovecot] Dovecot ok for port 110, but not for SSL (beginner asking) In-Reply-To: <1352361261767-38656.post@n4.nabble.com> References: <1352279608118-38611.post@n4.nabble.com> <509A35C0.8040209@sys4.de> <1352361261767-38656.post@n4.nabble.com> Message-ID: <20121108191650.GA89679@anubis.morrow.me.uk> At 11PM -0800 on 7/11/12 you (ycc_Swe) wrote: > > I still have the same problem. When I set ssl parameter to yes/required I > can still not connect to port 995. > This time I set ssl=verbose. This is what the log shows when I try to > connect with ssl. > <snip> > Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2002, > ret=-1: SSLv3 read client certificate A [12.12.12.7] Are you trying to authenticate with a client certificate, or with user/password under SSL? Using a client certificate requires more configuration than you have used. Does your dovecot machine have a proper publically-signed SSL certificate, or are you using a self-signed cert? If you're using a self-signed cert you'll probably find third-pary systems (like the website you're using for testing) won't accept it, and will disconnect immediately. Can you connect with 'openssl s_client' and log in manually, as you did with telnet before? Can you connect to port 110 and upgrade to SSL with 'STLS' (s_client will try this for you if you pass -starttls pop3)? Ben From fxmulder at gmail.com Thu Nov 8 22:03:57 2012 From: fxmulder at gmail.com (James Devine) Date: Thu, 8 Nov 2012 13:03:57 -0700 Subject: [Dovecot] IP/SSL configuration Message-ID: <CAPmoJaN6=bAOJa9fdd2zxivKp79jO-SJ9ogoyBNOMdGhEuB4Fw@mail.gmail.com> Is there a way I can have something like the following setup: 192.168.0.2 port 110/143, with no starttls/ssl 192.168.0.3 port 110,995/143,993 with starttls/ssl 192.168.0.4 port 110,995/143,993 with starttls/ssl I am looking to setup dovecot so that some IPs will run without any notion of SSL whereas other IPs will run with with ssl/starttls available, each with its own certs From cullinan at rocketmail.com Thu Nov 8 23:21:48 2012 From: cullinan at rocketmail.com (cullinan at rocketmail.com) Date: Thu, 08 Nov 2012 22:21:48 +0100 Subject: [Dovecot] Mails don't get deleted after POP3 Message-ID: <509C226C.9090208@rocketmail.com> Hi, there! Well, I am new to dovecot, so please be patient with me: I have a virtual server and want to setup simple mail delivery. postfix, saslauthd and dovecot basically work fine. The only open issue is, that (I guess) dovecot doesn't remove the mail when it's retrieved via pop3 from the server. It keeps sending me the same emails again and again. (The mail client (Thunderbird) is configured to remove the messages from the server - it was working already.) I guess that dovecot cannot write to some files / has problems with write permissions. But it doesn't tell me anything... Can you tell me, what configuration might be wrong or how can I enable more debugging to see what dovecot is doing after the mails got sent out via pop3? Here is the configuration: # dovecot -n # 1.2.15: /etc/dovecot/dovecot.conf # OS: Linux 2.6.38-8-server x86_64 Ubuntu 11.04 log_timestamp: %Y-%m-%d %H:%M:%S protocols: pop3 pop3s login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/pop3-login mail_privileged_group: mail mbox_write_locks: fcntl dotlock mail_executable: /usr/lib/dovecot/pop3 mail_plugin_dir: /usr/lib/dovecot/modules/pop3 auth default: passdb: driver: pam userdb: driver: passwd -----8<----- # dovecot -a # 1.2.15: /etc/dovecot/dovecot.conf # OS: Linux 2.6.38-8-server x86_64 Ubuntu 11.04 base_dir: /var/run/dovecot log_path: info_log_path: log_timestamp: %Y-%m-%d %H:%M:%S syslog_facility: mail protocols: pop3 pop3s listen: * ssl_listen: ssl: yes ssl_ca_file: ssl_cert_file: /etc/ssl/certs/dovecot.pem ssl_key_file: /etc/ssl/private/dovecot.pem ssl_key_password: ssl_parameters_regenerate: 168 ssl_cipher_list: ssl_cert_username_field: commonName ssl_verify_client_cert: no disable_plaintext_auth: yes verbose_ssl: no shutdown_clients: yes nfs_check: yes version_ignore: no login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/pop3-login login_user: dovecot login_greeting: Dovecot ready. login_log_format_elements: user=<%u> method=%m rip=%r lip=%l %c login_log_format: %$: %s login_process_per_connection: yes login_chroot: yes login_trusted_networks: login_process_size: 64 login_processes_count: 3 login_max_processes_count: 128 login_max_connections: 256 valid_chroot_dirs: mail_chroot: max_mail_processes: 512 mail_max_userip_connections: 10 verbose_proctitle: no first_valid_uid: 500 last_valid_uid: 0 first_valid_gid: 1 last_valid_gid: 0 mail_access_groups: mail_privileged_group: mail mail_uid: mail_gid: mail_location: mail_cache_fields: mail_never_cache_fields: imap.envelope mail_cache_min_mail_count: 0 mailbox_idle_check_interval: 30 mail_debug: no mail_full_filesystem_access: no mail_max_keyword_length: 50 mail_save_crlf: no mmap_disable: no dotlock_use_excl: yes fsync_disable: no mail_nfs_storage: no mail_nfs_index: no mailbox_list_index_disable: yes lock_method: fcntl maildir_stat_dirs: no maildir_copy_with_hardlinks: yes maildir_copy_preserve_filename: no maildir_very_dirty_syncs: no mbox_read_locks: fcntl mbox_write_locks: fcntl dotlock mbox_lock_timeout: 300 mbox_dotlock_change_timeout: 120 mbox_min_index_size: 0 mbox_dirty_syncs: yes mbox_very_dirty_syncs: no mbox_lazy_writes: yes dbox_rotate_size: 2048 dbox_rotate_min_size: 16 dbox_rotate_days: 1 mail_drop_priv_before_exec: no mail_executable: /usr/lib/dovecot/pop3 mail_process_size: 256 mail_plugins: mail_plugin_dir: /usr/lib/dovecot/modules/pop3 mail_log_prefix: %Us(%u): mail_log_max_lines_per_sec: 10 imap_max_line_length: 65536 imap_capability: imap_client_workarounds: imap_logout_format: bytes=%i/%o imap_id_send: imap_id_log: imap_idle_notify_interval: 120 pop3_no_flag_updates: no pop3_enable_last: no pop3_reuse_xuidl: no pop3_save_uidl: no pop3_lock_session: no pop3_uidl_format: %08Xu%08Xv pop3_client_workarounds: pop3_logout_format: top=%t/%p, retr=%r/%b, del=%d/%m, size=%s dict_db_config: dict_process_count: 1 managesieve_max_line_length: 65536 managesieve_logout_format: bytes=%i/%o managesieve_implementation_string: dovecot auth default: mechanisms: plain realms: default_realm: cache_size: 0 cache_ttl: 3600 cache_negative_ttl: 3600 executable: /usr/lib/dovecot/dovecot-auth user: root chroot: username_chars: abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ username_translation: username_format: master_user_separator: anonymous_username: anonymous krb5_keytab: gssapi_hostname: winbind_helper_path: /usr/bin/ntlm_auth failure_delay: 2 verbose: no debug: no debug_passwords: no ssl_require_client_cert: no ssl_username_from_cert: no use_winbind: no count: 1 worker_max_count: 30 process_size: 256 passdb: driver: pam args: deny: no pass: no master: no userdb: driver: passwd args: -----8<----- Please let me know if you need more. Thank you in advance! Regards, Rob From daniel.parthey at informatik.tu-chemnitz.de Thu Nov 8 23:46:17 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Thu, 8 Nov 2012 22:46:17 +0100 Subject: [Dovecot] Mails don't get deleted after POP3 In-Reply-To: <509C226C.9090208@rocketmail.com> References: <509C226C.9090208@rocketmail.com> Message-ID: <20121108214616.GA16774@daniel.localdomain> cullinan at rocketmail.com wrote: > Can you tell me, how can I enable more debugging > to see what dovecot is doing after the mails got sent out via pop3? You can log mail actions session with MailLog: http://wiki.dovecot.org/Plugins/MailLog Regards Daniel -- https://plus.google.com/103021802792276734820 From stan at hardwarefreak.com Thu Nov 8 23:55:12 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Thu, 08 Nov 2012 15:55:12 -0600 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <509B86C2.90207@1stwebdesigns.com> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <509B86C2.90207@1stwebdesigns.com> Message-ID: <509C2A40.9000400@hardwarefreak.com> Please always reply to the list, not individuals. On 11/8/2012 4:17 AM, 1st WebDesigns wrote: > On 08/11/2012 09:23, Stan Hoeppner wrote: >> On 11/8/2012 2:29 AM, 1st WebDesigns wrote: >>> Hi there, >>> >>> We're using Dovecot version 1.0.7 and Postfix, and since upgrading our >>> Linux box we're getting this in the maillog: >> >> 1.0.7 is absolutely ancient and no longer officially supported. You >> need 1.2.x minimum, 2.x.x even better. And you say you just recently >> upgraded your Linux distro? What planet do you live on son? You're a >> few light years behind current stable software. >> >>> Nov 8 07:49:11 server1 postfix/local[27901]: 04B8E7081DA: >>> to=<xyz at xyz.com>, orig_to=<abc at abc.com>, relay=local, delay=19, >>> delays=0.07/0/0/19, dsn=4.2.0, status=deferred (cannot update mailbox >>> /var/spool/mail/abc for user abc. unable to lock for exclusive access: >>> Resource temporarily unavailable) >> >> The simple permanent fix to Postfix/Dovecot mbox locking issues is >> switching from Postfix LOCAL to Dovecot LDA for mailbox delivery. 1.0.7 >> is before my time. I do not know if LDA was available then. Upgrade >> and you'll have it, and you'll also fix other problems you're not even >> aware of yet. >> >>> Postfix is currently set to: >>> mailbox_delivery_lock = fcntl, dotlock >>> >>> Dovecot has this: >>> mbox_read_locks = fcntl >>> mbox_write_locks = fcntl dotlock >> >> LDA completely eliminates lock contention. >> >> http://wiki.dovecot.org/LDA/Postfix >> http://wiki2.dovecot.org/LDA/Postfix >> > > Thanks for your reply. We have upgraded from RHEL4 to RHEL5, so 1.0.7 > is the "stable" version that they provide RHEL 5 is also ancient, released in March 2007, over 5 years ago. The current stable release is RHEL 6.3, released in June 2012. What is the valid reason preventing you from upgrading to the 6.x distribution? The packages in general in 6.x are 5 years newer than 5.x. And given the fact that RHEL runs miles behind the bleeding edge, you're way behind the curve even with a recent RHEL distribution. You can probably find a much newer version of Dovecot in an RPM somewhere, and Postfix for that matter. But it would be better for you if you simply upgraded to RHEL 6.3. -- Stan From ben at morrow.me.uk Fri Nov 9 01:53:35 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Thu, 8 Nov 2012 23:53:35 +0000 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <509B7A27.3080308@hardwarefreak.com> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> Message-ID: <20121108235334.GB89679@anubis.morrow.me.uk> At 3AM -0600 on 8/11/12 you (Stan Hoeppner) wrote: > > 1.0.7 is absolutely ancient and no longer officially supported. You > need 1.2.x minimum, 2.x.x even better. And you say you just recently > upgraded your Linux distro? What planet do you live on son? You're a > few light years behind current stable software. [A light-year is a measure of distance, not of time.] > LDA completely eliminates lock contention. As we have discussed before, using the LDA does not prevent lock contention, it just prevents the problems that arise when different software is using different locking strategies on the same mailbox (assuming nothing except LDA and imap is touching the mailbox directly). There are valid reasons for not using the LDA: the OP might be already using procmail, for instance, and have users with procmail recipies which sort into IMAP folders. These folders will need to be locked by procmail even if the default delivery to INBOX is changed (globally) to happen through dovecot-lda. While migrating to sieve (and mdbox, and LMTP) would, IMHO, be the best long-term solution, this isn't necessarily something that can be set up overnight. Ben From calestyo at scientia.net Fri Nov 9 02:22:37 2012 From: calestyo at scientia.net (Christoph Anton Mitterer) Date: Fri, 09 Nov 2012 01:22:37 +0100 Subject: [Dovecot] mbox vs. maildir storage block waste In-Reply-To: <9C95F27A-0D85-4CD4-8172-9829BC026A14@iki.fi> References: <1351544049.3435.47.camel@fermat.scientia.net> <9D29C5F7-A6BC-4D74-AAA9-14675035D09C@iki.fi> <1351545330.3435.66.camel@fermat.scientia.net> <22F4E090-F572-40F4-8B69-D48E48856815@iki.fi> <1351547682.3435.76.camel@fermat.scientia.net> <A15D492A-72F5-44F9-9167-6E1AE8CC9647@iki.fi> <1351556165.3435.88.camel@fermat.scientia.net> <9C95F27A-0D85-4CD4-8172-9829BC026A14@iki.fi> Message-ID: <1352420557.5071.54.camel@fermat.scientia.net> On Wed, 2012-11-07 at 17:30 +0200, Timo Sirainen wrote: > On 30.10.2012, at 2.16, Christoph Anton Mitterer wrote: > > Have you ever thought about adding a "real" DB backend? Nothing against > > dbox... :) ... and I have no performance comparison of dbox with what > > could be done with a DBMS... but the advantage of the later would be > > that you get all fancy features from database systems for free... like > > fast indexing, online replication, etc. p.. > > One might even reuse something like AOX for this. > SQL indexes aren't very helpful for IMAP-like data. It would be fun to > some day have SQL backend in Dovecot (there already is read-only > INBOX-only SQL backend), but I don't expect it to have very good > performance. I see... well I haven't tested AOX or dbmail so far (especially as they're not in Debian and I was too lazy till now to compile them)... At least I had the impression that performance (especially in searches) was one of the major things these people were proud of. I'll stay tuned, whether we ever see a fully usable SQL backend for Dovecot :) Cheers, Chris. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5113 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121109/bfa44548/attachment-0002.bin> From kgc at corp.sonic.net Fri Nov 9 02:49:15 2012 From: kgc at corp.sonic.net (Kelsey Cummings) Date: Thu, 8 Nov 2012 16:49:15 -0800 Subject: [Dovecot] memory allocation issues Message-ID: <20121109004915.GJ70186@corp.sonic.net> One of our dovecot backend servers ran into a problem with it's auth process a few days ago. This doesn't appear to be the error logged when dovecot hits its internal limit so I'm not sure what is going on here. auth: Error: malloc: 58012: Cannot allocate memory auth: Error: Unable to allocate memory for mutexes from the region auth: Error: PANIC: Cannot allocate memory auth: passwd(test,1.1.1.1,<8HTlNHzNIQBAjhKC>): unknown user pop3: Error: Authenticated user not found from userdb, auth lookup +id=2509111297 (client-pid=4781 client-id=1) pop3-login: Internal login failure (pid=4781 id=1) (internal failure, 1 +succesful auths): user=<test>... There was at least 10+GB free RAM on the server and no indication of a system level issue at the same time. The server is running 2.1.9. There were about 3,200 active sessions, with something like 12 new sessions/sec. The other identical servers are/were handling virtually identical load with the same service uptime and haven't had any issues so far. (Crash happened 7 days ago.) -- Kelsey Cummings - kgc at corp.sonic.net sonic.net, inc. System Architect 2260 Apollo Way 707.522.1000 Santa Rosa, CA 95407 From dovecot at r.paypc.com Fri Nov 9 03:54:11 2012 From: dovecot at r.paypc.com (Robin) Date: Thu, 08 Nov 2012 17:54:11 -0800 Subject: [Dovecot] mbox vs. maildir storage block waste In-Reply-To: <1352420557.5071.54.camel@fermat.scientia.net> References: <1351544049.3435.47.camel@fermat.scientia.net> <9D29C5F7-A6BC-4D74-AAA9-14675035D09C@iki.fi> <1351545330.3435.66.camel@fermat.scientia.net> <22F4E090-F572-40F4-8B69-D48E48856815@iki.fi> <1351547682.3435.76.camel@fermat.scientia.net> <A15D492A-72F5-44F9-9167-6E1AE8CC9647@iki.fi> <1351556165.3435.88.camel@fermat.scientia.net> <9C95F27A-0D85-4CD4-8172-9829BC026A14@iki.fi> <1352420557.5071.54.camel@fermat.scientia.net> Message-ID: <509C6243.9040002@r.paypc.com> Obvious caveats and qualifications apply here throughout this email. Christoph Anton Mitterer <calestyo at scientia.net> wrote: > I see... well I haven't tested AOX or dbmail so far (especially as > they're not in Debian and I was too lazy till now to compile them)... > > At least I had the impression that performance (especially in searches) > was one of the major things these people were proud of. > > > I'll stay tuned, whether we ever see a fully usable SQL backend for > Dovecot :) I wouldn't hold your breath. It's a recurringly seductive "meme" in email circles, but the reality is that email is mostly unstructured data with a few fields of reasonably structured data (dates, from, to, maybe attachment types + filenames). The bulk of the emails, and the part of the emails that people really want to search quickly: the body, is unstructured, and doesn't perform quickly with the stock "full text search" modules in the main SQL engines. I'd given dbmail2 a try with MySQL 5, 5.5, and Postgres 8.4 and 9.1 branches. I've dedicated 16GB of DDR3-1800/3.4GHz 6-core AMD 1090T with hardware RAID local storage (12 x Seagate ES 7200RPM spindles). (64 bit Slackware 13.37 running Linux 3.2 kernels built for the platform.) The performance is surprisingly bad ... doing almost everything. Searches through IMAP, bulk importation of mail folders, large numbers of simultaneous mail deliveries, you name it. There wasn't a task that the dbmail setup performed faster than Dovecot, in either low or high load situations. When I tossed a test load that introduced lots of mail deliveries as well as searches and full folder pulls, things got really pear-shaped. Even putting dovecot's mailstore on NFS (GigE) didn't really slow Dovecot down enough to make dbmail competitive. When pressed on this lack of performance, I was instructed to "add more RAM" to the DB machine, and that for ideal performance I should have more RAM than my mailbox sizes. *sigh* This sounds great for a very small installation, but this clearly is not something that scales. I think the final humiliation was comparing the body + header searching performance using Timo's practically obsolete fts_squat plugin against dbmail's. Wow. Squat was multiple orders of magnitude faster. Lucene and Solr are even moreso when fed large datasets (mail folder hives of about 100GB). The SQL setups hit the obvious performance shelf once they were unable to maintain everything in RAM or cache. The dbmail folk are earnest and hard-working, and I don't mean to cast the slightest bit of negativity on their project. I think the assumptions about what SQL servers can do well often doesn't square with the reality of many applications that people try to fit them into. On my first initial round of tests, I imported 24,000 emails comprising a mere 560MB of space. Just about all of the non-SQL imap servers handled the importation (basically IMAP APPENDs) within 6 minutes. dbmail2 required hours (using MySQL), and a bit shorter time (but still hours') with Postgres. >From an old email: > Searching INBOX #msgs = 24714 > [NOFIND] Time=2.072423, matches=24714 <--- this should be zero *BUG* > [date] Time=2.07519, matches=24714 <--- this is correct > [here] Time=2.072075, matches=24714 <--- this should be about 30% of total # of msgs *BUG* > > Does dbmail break IMAP SEARCH TEXT (i.e., search both body + headers)? Is this a result of relying on MySQL's search algorithms in text-like fields? I'm still puzzled, because I can't believe that 'here' appears in EVERY email. It looks like dbmail's returning EVERY email on a SEARCH TEXT. This is not correct operation. > > When I alter the search to use "FROM" as the key instead of "TEXT", the results are more discriminating and meet expectations. > > Searching INBOX #msgs = 24714 > [NOFIND] Time=2.161049, matches=0 > [james] Time=2.273255, matches=1049 > [here] Time=2.165406, matches=2 > > Not that it matters, but it's much slower than Dovecot's fts_squat for substring searches. > > Dovecot's fts_squat IMAP SEARCH TEXT results are: > > Searching INBOX #msgs = 55731 > [Updating Index] Time=78.184637 (66% of the mailbox unindexed at start) > [NOFIND] Time=0.045654, matches=0 > [date] Time=0.13364, matches=55731 > [here] Time=0.069091, matches=24663 FWIW, I found Postgres to be faster than MySQL (5 and 5.5, though 5.5 with a hand-rolled config file using metrics supplied by a dbmail/MySQL guru helped a great deal for size(data_set) < size(PHYSICAL MEMORY) cases. Where lots of write-commits were involved on the same exact setup. MySQL "got close" to PSQL's performance when I did crazy things like remove filesystem journaling, write barriers, etc on the mail db mountpoint. Obviously, this is desperation talking. I concede that the motivations behind SQLising mail storage extends to administration/replication and other non-performance/scalability aspects. I suspect what constitutes "good enough" performance when squared against those other considerations may raise a SQL approach high enough for some people to use it. I suspect a "NoSQL" key-value store type of database to offer much better performance than SQL RDBs, since most of the assumptions behind the storage and access patterns of email don't really fit into the SQL RDB model very efficiently. dbmail's author and a couple of key dbmail users are very active and responsive on their mailing list, and bend over backwards to try to help new users with tuning and performance related problems. I simply don't have enough of a budget for populating my DB machines with TBs of RAM to make it work as quickly as I need it to for my midrange mail store (10TB). Good luck! =R= From bangkokmaco at gmail.com Fri Nov 9 04:05:49 2012 From: bangkokmaco at gmail.com (cc "maco" young) Date: Fri, 9 Nov 2012 09:05:49 +0700 Subject: [Dovecot] mbox vs. maildir storage block waste In-Reply-To: <509C6243.9040002@r.paypc.com> References: <1351544049.3435.47.camel@fermat.scientia.net> <9D29C5F7-A6BC-4D74-AAA9-14675035D09C@iki.fi> <1351545330.3435.66.camel@fermat.scientia.net> <22F4E090-F572-40F4-8B69-D48E48856815@iki.fi> <1351547682.3435.76.camel@fermat.scientia.net> <A15D492A-72F5-44F9-9167-6E1AE8CC9647@iki.fi> <1351556165.3435.88.camel@fermat.scientia.net> <9C95F27A-0D85-4CD4-8172-9829BC026A14@iki.fi> <1352420557.5071.54.camel@fermat.scientia.net> <509C6243.9040002@r.paypc.com> Message-ID: <CAJ1RXL8SDKRpmg3-S49GbWqJKLoXYgCyZCBXZO9gqYvtHRra1g@mail.gmail.com> robin - what a great write up! thanks! On Fri, Nov 9, 2012 at 8:54 AM, Robin <dovecot at r.paypc.com> wrote: > Obvious caveats and qualifications apply here throughout this email. > > Christoph Anton Mitterer <calestyo at scientia.net> wrote: > > I see... well I haven't tested AOX or dbmail so far (especially as > > they're not in Debian and I was too lazy till now to compile them)... > > > > At least I had the impression that performance (especially in searches) > > was one of the major things these people were proud of. > > > > > > I'll stay tuned, whether we ever see a fully usable SQL backend for > > Dovecot :) > > I wouldn't hold your breath. > > It's a recurringly seductive "meme" in email circles, but the reality is > that email is mostly unstructured data with a few fields of reasonably > structured data (dates, from, to, maybe attachment types + filenames). The > bulk of the emails, and the part of the emails that people really want to > search quickly: the body, is unstructured, and doesn't perform quickly with > the stock "full text search" modules in the main SQL engines. > > I'd given dbmail2 a try with MySQL 5, 5.5, and Postgres 8.4 and 9.1 > branches. I've dedicated 16GB of DDR3-1800/3.4GHz 6-core AMD 1090T with > hardware RAID local storage (12 x Seagate ES 7200RPM spindles). (64 bit > Slackware 13.37 running Linux 3.2 kernels built for the platform.) > > The performance is surprisingly bad ... doing almost everything. Searches > through IMAP, bulk importation of mail folders, large numbers of > simultaneous mail deliveries, you name it. There wasn't a task that the > dbmail setup performed faster than Dovecot, in either low or high load > situations. When I tossed a test load that introduced lots of mail > deliveries as well as searches and full folder pulls, things got really > pear-shaped. Even putting dovecot's mailstore on NFS (GigE) didn't really > slow Dovecot down enough to make dbmail competitive. > > When pressed on this lack of performance, I was instructed to "add more > RAM" to the DB machine, and that for ideal performance I should have more > RAM than my mailbox sizes. *sigh* This sounds great for a very small > installation, but this clearly is not something that scales. > > I think the final humiliation was comparing the body + header searching > performance using Timo's practically obsolete fts_squat plugin against > dbmail's. Wow. Squat was multiple orders of magnitude faster. Lucene and > Solr are even moreso when fed large datasets (mail folder hives of about > 100GB). The SQL setups hit the obvious performance shelf once they were > unable to maintain everything in RAM or cache. > > The dbmail folk are earnest and hard-working, and I don't mean to cast the > slightest bit of negativity on their project. I think the assumptions > about what SQL servers can do well often doesn't square with the reality of > many applications that people try to fit them into. > > On my first initial round of tests, I imported 24,000 emails comprising a > mere 560MB of space. Just about all of the non-SQL imap servers handled > the importation (basically IMAP APPENDs) within 6 minutes. dbmail2 > required hours (using MySQL), and a bit shorter time (but still hours') > with Postgres. > > From an old email: > > > Searching INBOX #msgs = 24714 > > [NOFIND] Time=2.072423, matches=24714 <--- this should be zero *BUG* > > [date] Time=2.07519, matches=24714 <--- this is correct > > [here] Time=2.072075, matches=24714 <--- this should be about 30% of > total # of msgs *BUG* > > > > Does dbmail break IMAP SEARCH TEXT (i.e., search both body + headers)? > Is this a result of relying on MySQL's search algorithms in text-like > fields? I'm still puzzled, because I can't believe that 'here' appears in > EVERY email. It looks like dbmail's returning EVERY email on a SEARCH > TEXT. This is not correct operation. > > > > When I alter the search to use "FROM" as the key instead of "TEXT", the > results are more discriminating and meet expectations. > > > > Searching INBOX #msgs = 24714 > > [NOFIND] Time=2.161049, matches=0 > > [james] Time=2.273255, matches=1049 > > [here] Time=2.165406, matches=2 > > > > Not that it matters, but it's much slower than Dovecot's fts_squat for > substring searches. > > > > Dovecot's fts_squat IMAP SEARCH TEXT results are: > > > > Searching INBOX #msgs = 55731 > > [Updating Index] Time=78.184637 (66% of the mailbox unindexed at start) > > [NOFIND] Time=0.045654, matches=0 > > [date] Time=0.13364, matches=55731 > > [here] Time=0.069091, matches=24663 > > FWIW, I found Postgres to be faster than MySQL (5 and 5.5, though 5.5 with > a hand-rolled config file using metrics supplied by a dbmail/MySQL guru > helped a great deal for size(data_set) < size(PHYSICAL MEMORY) cases. > > Where lots of write-commits were involved on the same exact setup. MySQL > "got close" to PSQL's performance when I did crazy things like remove > filesystem journaling, write barriers, etc on the mail db mountpoint. > Obviously, this is desperation talking. > > I concede that the motivations behind SQLising mail storage extends to > administration/replication and other non-performance/scalability aspects. > I suspect what constitutes "good enough" performance when squared against > those other considerations may raise a SQL approach high enough for some > people to use it. > > I suspect a "NoSQL" key-value store type of database to offer much better > performance than SQL RDBs, since most of the assumptions behind the storage > and access patterns of email don't really fit into the SQL RDB model very > efficiently. > > dbmail's author and a couple of key dbmail users are very active and > responsive on their mailing list, and bend over backwards to try to help > new users with tuning and performance related problems. > > I simply don't have enough of a budget for populating my DB machines with > TBs of RAM to make it work as quickly as I need it to for my midrange mail > store (10TB). > > Good luck! > > =R= > From yngve_l2 at hotmail.com Fri Nov 9 06:32:18 2012 From: yngve_l2 at hotmail.com (ycc_Swe) Date: Thu, 8 Nov 2012 20:32:18 -0800 (PST) Subject: [Dovecot] Dovecot ok for port 110, but not for SSL (beginner asking) In-Reply-To: <20121108191650.GA89679@anubis.morrow.me.uk> References: <1352279608118-38611.post@n4.nabble.com> <509A35C0.8040209@sys4.de> <1352361261767-38656.post@n4.nabble.com> <20121108191650.GA89679@anubis.morrow.me.uk> Message-ID: <1352435538283-38686.post@n4.nabble.com> Thank you for your replies. I am trying to authenticate with user/password under SSL (port 995). Ben wrote: Does your dovecot machine have a proper publically-signed SSL certificate, or are you using a self-signed cert? If you're using a self-signed cert you'll probably find third-pary systems (like the website you're using for testing) won't accept it, and will disconnect immediately. *Thank you very much for your comment Ben, I think you spotted my problem. I just use the certificate and key that are generated during the installation. To be able to make web-sites connect I must have a proper "publically-signed SSL". Thanks, this question is solved, at least for the time being.* -- View this message in context: http://dovecot.2317879.n4.nabble.com/Dovecot-ok-for-port-110-but-not-for-SSL-beginner-asking-tp38611p38686.html Sent from the Dovecot mailing list archive at Nabble.com. From mrn666 at yahoo.com Fri Nov 9 07:37:29 2012 From: mrn666 at yahoo.com (Jay) Date: Thu, 8 Nov 2012 21:37:29 -0800 (PST) Subject: [Dovecot] Is there a hook for a plugin to do some transient operation on the mail body ... Message-ID: <1352439449.79235.YahooMailNeo@web165005.mail.bf1.yahoo.com> ... when the MUA has issued a FETCH? ? I am a Dovecot newbie ... so please bear with me if this is obvious. Basically what I am trying to do is process the mail body (in my own specific way) before Dovecot serves it up to the MUA. I want to do it as a transient operation in memory. So think of the scenario as ... ? - the MUA issues a FETCH ? - Dovecot intercepts the FETCH ? - Dovecot internally gets the mail from the storage into a buffer in memory ? ----> This is where I'd like to apply a function to the mail body and modify the mail body?in the buffer (not in the storage) ? - Dovecot serves up the (modified) mail to the MUA ? Looking for a hook that allows me to do it using a plugin. Looks like the zlib plugin does something similar ... applies a decompression function ... but I am not 100% sure. ? Thanks for your help. -- J. From rs at sys4.de Fri Nov 9 09:05:50 2012 From: rs at sys4.de (Robert Schetterer) Date: Fri, 09 Nov 2012 08:05:50 +0100 Subject: [Dovecot] Mails don't get deleted after POP3 In-Reply-To: <509C226C.9090208@rocketmail.com> References: <509C226C.9090208@rocketmail.com> Message-ID: <509CAB4E.7020909@sys4.de> Am 08.11.2012 22:21, schrieb cullinan at rocketmail.com: > Hi, there! > > Well, I am new to dovecot, so please be patient with me: > > I have a virtual server and want to setup simple mail delivery. > postfix, saslauthd and dovecot basically work fine. > > The only open issue is, that (I guess) dovecot doesn't remove the > mail when it's retrieved via pop3 from the server. > It keeps sending me the same emails again and again. > (The mail client (Thunderbird) is configured to remove the messages > from the server - it was working already.) 1.2.15 is very old, consider upgrade to recent version if it allready worked ,what did you changed in the near past double check your thunderbird settings look at your logs , switch them to be more verbose Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From rs at sys4.de Fri Nov 9 09:10:01 2012 From: rs at sys4.de (Robert Schetterer) Date: Fri, 09 Nov 2012 08:10:01 +0100 Subject: [Dovecot] mbox vs. maildir storage block waste In-Reply-To: <509C6243.9040002@r.paypc.com> References: <1351544049.3435.47.camel@fermat.scientia.net> <9D29C5F7-A6BC-4D74-AAA9-14675035D09C@iki.fi> <1351545330.3435.66.camel@fermat.scientia.net> <22F4E090-F572-40F4-8B69-D48E48856815@iki.fi> <1351547682.3435.76.camel@fermat.scientia.net> <A15D492A-72F5-44F9-9167-6E1AE8CC9647@iki.fi> <1351556165.3435.88.camel@fermat.scientia.net> <9C95F27A-0D85-4CD4-8172-9829BC026A14@iki.fi> <1352420557.5071.54.camel@fermat.scientia.net> <509C6243.9040002@r.paypc.com> Message-ID: <509CAC49.1010802@sys4.de> Am 09.11.2012 02:54, schrieb Robin: > I'll stay tuned, whether we ever see a fully usable SQL backend for >> Dovecot :) thats not a new idea, but there is still tons of stuff which has to coded in more prime, as dovecot works nice with other existing storage file backends, there isnt hard pressure for sql storage, but feel free to code your own , youre welcome Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From cullinan at rocketmail.com Fri Nov 9 10:24:32 2012 From: cullinan at rocketmail.com (cullinan at rocketmail.com) Date: Fri, 09 Nov 2012 09:24:32 +0100 Subject: [Dovecot] Mails don't get deleted after POP3 [SOLVED] In-Reply-To: <509C226C.9090208@rocketmail.com> References: <509C226C.9090208@rocketmail.com> Message-ID: <509CBDC0.7030304@rocketmail.com> Hi, there! > I guess that dovecot cannot write to some files / has problems > with write permissions. But it doesn't tell me anything... The reason was indeed that dovecot couldn't write to /var/mail I had to chown it to the mail group as it says in: mail_privileged_group: mail Thank you, Regards, Rob Am 08.11.2012 22:21, schrieb cullinan at rocketmail.com: > Hi, there! > > Well, I am new to dovecot, so please be patient with me: > > I have a virtual server and want to setup simple mail delivery. > postfix, saslauthd and dovecot basically work fine. > > The only open issue is, that (I guess) dovecot doesn't remove the > mail when it's retrieved via pop3 from the server. > It keeps sending me the same emails again and again. > (The mail client (Thunderbird) is configured to remove the messages > from the server - it was working already.) > > I guess that dovecot cannot write to some files / has problems > with write permissions. But it doesn't tell me anything... > > Can you tell me, what configuration might be wrong or how can I > enable more debugging to see what dovecot is doing after > the mails got sent out via pop3? > > Here is the configuration: > > # dovecot -n > # 1.2.15: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.38-8-server x86_64 Ubuntu 11.04 > log_timestamp: %Y-%m-%d %H:%M:%S > protocols: pop3 pop3s > login_dir: /var/run/dovecot/login > login_executable: /usr/lib/dovecot/pop3-login > mail_privileged_group: mail > mbox_write_locks: fcntl dotlock > mail_executable: /usr/lib/dovecot/pop3 > mail_plugin_dir: /usr/lib/dovecot/modules/pop3 > auth default: > passdb: > driver: pam > userdb: > driver: passwd > > -----8<----- > > # dovecot -a > # 1.2.15: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.38-8-server x86_64 Ubuntu 11.04 > base_dir: /var/run/dovecot > log_path: > info_log_path: > log_timestamp: %Y-%m-%d %H:%M:%S > syslog_facility: mail > protocols: pop3 pop3s > listen: * > ssl_listen: > ssl: yes > ssl_ca_file: > ssl_cert_file: /etc/ssl/certs/dovecot.pem > ssl_key_file: /etc/ssl/private/dovecot.pem > ssl_key_password: > ssl_parameters_regenerate: 168 > ssl_cipher_list: > ssl_cert_username_field: commonName > ssl_verify_client_cert: no > disable_plaintext_auth: yes > verbose_ssl: no > shutdown_clients: yes > nfs_check: yes > version_ignore: no > login_dir: /var/run/dovecot/login > login_executable: /usr/lib/dovecot/pop3-login > login_user: dovecot > login_greeting: Dovecot ready. > login_log_format_elements: user=<%u> method=%m rip=%r lip=%l %c > login_log_format: %$: %s > login_process_per_connection: yes > login_chroot: yes > login_trusted_networks: > login_process_size: 64 > login_processes_count: 3 > login_max_processes_count: 128 > login_max_connections: 256 > valid_chroot_dirs: > mail_chroot: > max_mail_processes: 512 > mail_max_userip_connections: 10 > verbose_proctitle: no > first_valid_uid: 500 > last_valid_uid: 0 > first_valid_gid: 1 > last_valid_gid: 0 > mail_access_groups: > mail_privileged_group: mail > mail_uid: > mail_gid: > mail_location: > mail_cache_fields: > mail_never_cache_fields: imap.envelope > mail_cache_min_mail_count: 0 > mailbox_idle_check_interval: 30 > mail_debug: no > mail_full_filesystem_access: no > mail_max_keyword_length: 50 > mail_save_crlf: no > mmap_disable: no > dotlock_use_excl: yes > fsync_disable: no > mail_nfs_storage: no > mail_nfs_index: no > mailbox_list_index_disable: yes > lock_method: fcntl > maildir_stat_dirs: no > maildir_copy_with_hardlinks: yes > maildir_copy_preserve_filename: no > maildir_very_dirty_syncs: no > mbox_read_locks: fcntl > mbox_write_locks: fcntl dotlock > mbox_lock_timeout: 300 > mbox_dotlock_change_timeout: 120 > mbox_min_index_size: 0 > mbox_dirty_syncs: yes > mbox_very_dirty_syncs: no > mbox_lazy_writes: yes > dbox_rotate_size: 2048 > dbox_rotate_min_size: 16 > dbox_rotate_days: 1 > mail_drop_priv_before_exec: no > mail_executable: /usr/lib/dovecot/pop3 > mail_process_size: 256 > mail_plugins: > mail_plugin_dir: /usr/lib/dovecot/modules/pop3 > mail_log_prefix: %Us(%u): > mail_log_max_lines_per_sec: 10 > imap_max_line_length: 65536 > imap_capability: > imap_client_workarounds: > imap_logout_format: bytes=%i/%o > imap_id_send: > imap_id_log: > imap_idle_notify_interval: 120 > pop3_no_flag_updates: no > pop3_enable_last: no > pop3_reuse_xuidl: no > pop3_save_uidl: no > pop3_lock_session: no > pop3_uidl_format: %08Xu%08Xv > pop3_client_workarounds: > pop3_logout_format: top=%t/%p, retr=%r/%b, del=%d/%m, size=%s > dict_db_config: > dict_process_count: 1 > managesieve_max_line_length: 65536 > managesieve_logout_format: bytes=%i/%o > managesieve_implementation_string: dovecot > auth default: > mechanisms: plain > realms: > default_realm: > cache_size: 0 > cache_ttl: 3600 > cache_negative_ttl: 3600 > executable: /usr/lib/dovecot/dovecot-auth > user: root > chroot: > username_chars: abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ > username_translation: > username_format: > master_user_separator: > anonymous_username: anonymous > krb5_keytab: > gssapi_hostname: > winbind_helper_path: /usr/bin/ntlm_auth > failure_delay: 2 > verbose: no > debug: no > debug_passwords: no > ssl_require_client_cert: no > ssl_username_from_cert: no > use_winbind: no > count: 1 > worker_max_count: 30 > process_size: 256 > passdb: > driver: pam > args: > deny: no > pass: no > master: no > userdb: > driver: passwd > args: > > -----8<----- > > Please let me know if you need more. > Thank you in advance! > > Regards, > > Rob > > > From adrian.stoica at dacris.net Fri Nov 9 11:11:08 2012 From: adrian.stoica at dacris.net (Adrian Stoica) Date: Fri, 09 Nov 2012 11:11:08 +0200 Subject: [Dovecot] quota recalc does not work Message-ID: <sig.16604aa31b.509CC8AC.8050804@dacris.net> Hi I upgraded dovecot from 2.0 to 2.1 , and now i face the quota recalc problem. All settings are keep in mysql Before , after a change in mailbox.quota field, i run doveadm quota recalc and all was ok , but now that command doesn't do anything. After i change a quota for a user , i have to restart dovecot to get the new quota , or do a "doveadm reload" instead of recalc. And the doveadm quota recalc -A" give me back a lot of "doveadm(username): Info: User no longer exists, skipping" Any thoughts ? # 2.1.10: /usr/dovecot21/etc/dovecot/dovecot.conf # OS: Linux 2.6.35.4 i686 auth_cache_negative_ttl = 1 secs auth_cache_size = 2 M auth_failure_delay = 4 secs auth_mechanisms = plain login digest-md5 cram-md5 auth_worker_max_count = 100 base_dir = /var/run/dovecot/ default_client_limit = 4096 default_internal_user = vmail default_login_user = nobody default_process_limit = 256 deliver_log_format = mail delivery from=%f subject=%s msgid=%m: %$ dict { acl = mysql:/usr/dovecot21/etc/dovecot/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no first_valid_uid = 1 lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes listen = * mail_location = maildir:~/Maildir mail_plugins = " quota acl trash notify mail_log" managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace { hidden = no list = children location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u prefix = shared/%%u/ separator = / subscriptions = no type = shared } namespace inbox { inbox = yes list = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / subscriptions = yes type = private } passdb { args = /usr/dovecot21/etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { acl = vfile acl_shared_dict = proxy::acl autocreate = Trash autocreate2 = Drafts autocreate3 = Sent autosubscribe = Trash autosubscribe2 = Drafts autosubscribe3 = INBOX autosubscribe4 = Sent mail_log_events = delete mailbox_delete mailbox_rename mail_log_fields = box subject from msgid size quota = maildir:User quota quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=95%% quota-warning 90 %u quota_warning3 = storage=85%% quota-warning 85 %u sieve = ~/.dovecot.sieve sieve_dir = ~/sieve trash = /usr/dovecot21/etc/dovecot/dovecot-trash.conf.ext } postmaster_address = postmaster at dacris.net protocols = imap quota_full_tempfail = yes rejection_subject = Rejected: %s: %r service auth { unix_listener auth-client { mode = 0666 user = vmail } unix_listener auth-userdb { mode = 0666 user = vmail } } service dict { unix_listener dict { user = vmail } } service imap-login { process_min_avail = 4 } service imap-postlogin { executable = script-login /bin/imap.sh unix_listener imap-postlogin { mode = 01232 } } service imap { executable = imap imap-postlogin process_limit = 1024 vsz_limit = 1 G } service quota-warning { executable = script /bin/quota_warning.sh unix_listener quota-warning { user = vmail } user = vmail } ssl_cert = </etc/ssl/certs/dovecot.pem ssl_key = </etc/ssl/private/dovecot.pem userdb { args = /usr/dovecot21/etc/dovecot/dovecot-sql.conf.ext driver = sql } protocol lda { mail_plugins = " quota acl trash notify mail_log sieve autocreate" } protocol imap { imap_client_workarounds = delay-newmail mail_max_userip_connections = 20 mail_plugins = " quota acl trash notify mail_log imap_quota imap_acl" } dovecot-sql.conf.ext: password_query = SELECT password FROM mailbox WHERE \ username = '%Ln' AND domain = '%Ld' AND \ active = '1' user_query = SELECT CONCAT('/srv/vmail/',mailbox.domain,'/%Ln') AS 'home' ,'98' AS 'uid', '98' AS 'gid' , \ CONCAT('*:storage=', mailbox.quota,'M') AS quota_rule ,"Trash:storage=+50M" AS quota_rule2 FROM mailbox WHERE \ mailbox.username = '%Ln' AND mailbox.domain = '%Ld' AND \ mailbox.active = '1' iterate_query = SELECT username AS user , domain FROM mailbox WHERE active = '1' -------------- next part -------------- A non-text attachment was scrubbed... Name: adrian_stoica.vcf Type: text/x-vcard Size: 195 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121109/098b1027/attachment-0002.vcf> From crohmann at netcologne.de Fri Nov 9 15:24:23 2012 From: crohmann at netcologne.de (Christian Rohmann) Date: Fri, 09 Nov 2012 14:24:23 +0100 Subject: [Dovecot] Sieve puts incoming message into inbox on any problem with submission_host Message-ID: <509D0407.8070307@netcologne.de> Hello dovecot-users, I have a question/suggestion regarding the submission_host feature of the lda (either via dovecot-lda binary or lmtp) in combination with sieve. When trying to deliver message to a mailbox and this message has a sieve redirect action applied to it, dovecot is using the configured smtp server to forward the message just fine. Unfortunately, if the server configured for submission is unavailable, returns an error or cannot be found via DNS, sieve will simply put the message into the inbox and be done with it: --- dovecot.log --- dovecot: lda(user1): Error: lmtp client: DNS lookup of idonotexist.example.com failed: Name or service not known dovecot: lda(user1): Error: sieve: msgid=unspecified: failed to redirect message to <user2> (refer to server log for more information) dovecot: lda(user1): sieve: msgid=unspecified: stored mail into mailbox 'INBOX' dovecot: lda(user1): Error: sieve: execution of script /mailboxes/user1/.dovecot.sieve failed, but implicit keep was successful (user logfile /mailboxes/user1/.dovecot.sieve.log may reveal additional details) --- /dovecot.log --- The same applies to vacation messages being sent out. Especially with an (unconditional) redirect action, users don't expect to find messages in their inbox. Also problems with the submission_host could very much be temporary and a little delay in delivering a message is better then putting it somewhere the user doesn't expect a message to be. Is there any way to change the behavior of dovecot or the sieve plugin to tempfail in case a message cannot be sent out? I know that with multiple sieve actions it gets more complicated as there could be corner cases were the first message can be sent via the submission server and another message produced by the same sieve script cannot. I'd love sieve to behave like this: a) if submission host is unreachable (hostname wrong, timeout, ...) -> tempfail b) if submission host returns 4xx error -> tempfail c) if submission host returns 5xx error -> fail(-save) and just drop the message into inbox or even have an option to reject the message completely in this case. In case of a tempfail response, the mta simply queues the message and tries again later. In case of a permanent fail the mta will create a bounce message to in form the sender. Regards and have a great weekend, Christian From ramon.frontera at uib.es Fri Nov 9 17:11:59 2012 From: ramon.frontera at uib.es (Ramon Frontera) Date: Fri, 9 Nov 2012 16:11:59 +0100 Subject: [Dovecot] doveadm quota get -A via doveadm-proxy director with LDAP Message-ID: <F7BACE70-2FBE-4B5B-A938-3AAB2F28B26D@uib.es> Hi, We are running Dovecot 2.1.10 I want configure dovecot to do execute doveadm commands on the proxy server. We have 1 proxy with director and 2 mail servers. we use LDAP when I try to do doveadm quota get -u user it works fine. The problem is when I try to do doveadm quota get -A ON PROXY I have this result: doveadm(first_user): Error: Proxy is missing destination host doveadm: Error: Failed to iterate through some users Username Quota name Type Value Limit % in 10-auth.conf I have "!include auth-ldap.conf.ext" in auth-ldap.conf.ext I hve: passdb { driver = ldap args = /etc/dovecot/dovecot-ldap.conf.ext } userdb { driver = ldap args = /etc/dovecot/dovecot-ldap.conf.ext } and In dovecot-ldap.conf.ext I have: uris = ldap://ldap:port dn = xxxxx dnpass = yyyyy auth_bind = no ldap_version = 3 base =base scope = subtree user_attrs = attributes user_filter = (mail=%u) pass_attrs = userPassword=password,uid=user=%L$,cn=proxy,=starttls=any-cert pass_filter = (mail=%u) iterate_attrs = uid=user iterate_filter = (uid=*) I don't know where is my error!!! Thanks in advance -- ------------------------------------------ Ramon Frontera Gallardo Universitat de les Illes Balears From listen at mjh.name Fri Nov 9 17:18:45 2012 From: listen at mjh.name (Milan =?ISO-8859-1?Q?Holz=E4pfel?=) Date: Fri, 9 Nov 2012 16:18:45 +0100 Subject: [Dovecot] Rebuilding indexes fails on inconsistent mdbox In-Reply-To: <394FADB5-4E6C-4179-BF30-244390964FA4@iki.fi> References: <20121024132811.7cf18fdf7343b4dd961b2858@mjh.name> <394FADB5-4E6C-4179-BF30-244390964FA4@iki.fi> Message-ID: <20121109161845.503766441fbb2a1df97d7220@mjh.name> On Mon, 29 Oct 2012 17:31:42 +0200 Timo Sirainen <tss at iki.fi> wrote: > On 24.10.2012, at 14.28, Milan Holz?pfel wrote: > > > Oct 24 10:45:19 two dovecot: imap(listen at mjh.name): Panic: file mdbox-storage-rebuild.c: line 773 (rebuild_update_refcounts): assertion failed: (map_uid < msgs[i]->map_uid) > > Now this is a bug. > > > Dovecot 2.0.19-0ubuntu1 > > But the bug may have already been fixed in v2.1. I downloaded Dovecot 2.1.10 and compiled from source. Accessing the mailbox still fails: $ doveadm mailbox status all xen-devel doveadm(...): Error: mdbox map /home/test/mdbox/storage/dovecot.map.index corrupted: Unexpectedly lost xen-devel uid=108079 map_uid=809892 doveadm(...): Warning: mdbox /home/test/mdbox/storage: rebuilding indexes doveadm(...): Panic: file mdbox-storage-rebuild.c: line 743 (rebuild_update_refcounts): assertion failed: (map_uid < msgs[i]->map_uid) doveadm(...): Error: Raw backtrace: /home/test/prefix/dovecot/lib/dovecot/libdovecot.so.0(+0x45b3a) [0x7fd2942f9b3a] -> /home/test/prefix/dovecot/lib/dovecot/libdovecot.so.0(default_fatal_handler+0x2a) [0x7fd2942f9bfa] -> /home/test/prefix/dovecot/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7fd2942cdc60] -> /home/test/prefix/dovecot/lib/dovecot/libdovecot-storage.so.0(mdbox_storage_rebuild_in_context+0x105e) [0x7fd2945838be] -> /home/test/prefix/dovecot/lib/dovecot/libdovecot-storage.so.0(mdbox_storage_rebuild+0x24) [0x7fd294583a54] -> /home/test/prefix/dovecot/lib/dovecot/libdovecot-storage.so.0(+0x3b525) [0x7fd294581525] -> /home/test/prefix/dovecot/lib/dovecot/libdovecot-storage.so.0(mailbox_close+0x1a) [0x7fd2945c047a] -> /home/test/prefix/dovecot/lib/dovecot/libdovecot-storage.so.0(mailbox_free+0x13) [0x7fd2945c04c3] -> /home/test/prefix/dovecot/bin/doveadm() [0x41383d] -> /home/test/prefix/dovecot/bin/doveadm() [0x40e8e7] -> /home/test/prefix/dovecot/bin/doveadm() [0x40f3ae] -> /home/test/prefix/dovecot/bin/doveadm(doveadm_mail_try_run+0x11e) [0x40f8be] -> /home/test/prefix/dovecot/bin/doveadm(main+0x3bd) [0x40e50d] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed) [0x7fd293f1676d] -> /home/test/prefix/dovecot/bin/doveadm() [0x40e6f1] Aborted I will send you an Email with a download link for the files. Thanks for you help. Regards, Milan -- Milan Holz?pfel <listen at mjh.name> From daniel.parthey at informatik.tu-chemnitz.de Fri Nov 9 20:26:19 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Fri, 9 Nov 2012 19:26:19 +0100 Subject: [Dovecot] mbox vs. maildir storage block waste In-Reply-To: <1352420557.5071.54.camel@fermat.scientia.net> References: <1351544049.3435.47.camel@fermat.scientia.net> <9D29C5F7-A6BC-4D74-AAA9-14675035D09C@iki.fi> <1351545330.3435.66.camel@fermat.scientia.net> <22F4E090-F572-40F4-8B69-D48E48856815@iki.fi> <1351547682.3435.76.camel@fermat.scientia.net> <A15D492A-72F5-44F9-9167-6E1AE8CC9647@iki.fi> <1351556165.3435.88.camel@fermat.scientia.net> <9C95F27A-0D85-4CD4-8172-9829BC026A14@iki.fi> <1352420557.5071.54.camel@fermat.scientia.net> Message-ID: <20121109182619.GA27051@daniel.localdomain> Christoph Anton Mitterer wrote: > On Wed, 2012-11-07 at 17:30 +0200, Timo Sirainen wrote: > > On 30.10.2012, at 2.16, Christoph Anton Mitterer wrote: > > > Have you ever thought about adding a "real" DB backend? Nothing against > > > dbox... :) ... and I have no performance comparison of dbox with what > > > could be done with a DBMS... but the advantage of the later would be > > > that you get all fancy features from database systems for free... like > > > fast indexing, online replication, etc. p.. > > > One might even reuse something like AOX for this. > > > SQL indexes aren't very helpful for IMAP-like data. It would be fun to > > some day have SQL backend in Dovecot (there already is read-only > > INBOX-only SQL backend), but I don't expect it to have very good > > performance. > I see... well I haven't tested AOX or dbmail so far (especially as > they're not in Debian and I was too lazy till now to compile them)... Bad performance experiences with dbmail 2.x were the main reason why we migrated to dovecot. If you've got a MySQL database with 80 GB of binary chunks then things are getting ugly, especially when it comes to efficient backup and restore of whole mailboxes or single e-mails. The SQL backend (and the IMAP user experience) becomes very slow if the database does not fit completely into RAM. There are many performance improvements and bug fixes in dbmail 3.x, but instead of evaluating then, we decided to migrate to Dovecot. One should think twice, or even three times about how to design an efficient SQL backend for a good user experience. Regards Daniel -- https://plus.google.com/103021802792276734820 From daniel.parthey at informatik.tu-chemnitz.de Sat Nov 10 03:04:32 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 10 Nov 2012 02:04:32 +0100 Subject: [Dovecot] doveadm quota get -A via doveadm-proxy director with LDAP In-Reply-To: <F7BACE70-2FBE-4B5B-A938-3AAB2F28B26D@uib.es> References: <F7BACE70-2FBE-4B5B-A938-3AAB2F28B26D@uib.es> Message-ID: <20121110010432.GA32305@daniel.localdomain> Ramon Frontera wrote: > We are running Dovecot 2.1.10 > I want configure dovecot to do execute doveadm commands on the proxy server. > We have 1 proxy with director and 2 mail servers. we use LDAP > when I try to do doveadm quota get -u user it works fine. > The problem is when I try to do doveadm quota get -A ON PROXY > > I have this result: > doveadm(first_user): Error: Proxy is missing destination host > doveadm: Error: Failed to iterate through some users Sounds similar to the doveadm director problem described in this thread: http://dovecot.org/list/dovecot/2012-October/069100.html What do you see in your backend mail server dovecot.log? Regards Daniel -- https://plus.google.com/103021802792276734820 From JohnsonE at usc.edu Sat Nov 10 12:44:35 2012 From: JohnsonE at usc.edu (Erik A Johnson) Date: Sat, 10 Nov 2012 02:44:35 -0800 Subject: [Dovecot] imap-login hanging when firewall blocks ssl handshaking Message-ID: <B7D3B051-AEFD-42CD-87DC-60764AF401D4@usc.edu> imap-login processes are hanging (using 100% of CPU) when connected from a client that is partially blocked by a firewall. It appears that imap-login is stuck in a loop trying to complete an ssl handshake. imap-login is working fine for other clients not blocked by the firewall (including localhost). This is dovecot 2.1.10 under Mac OS X 10.8.2 (compiled from sources); the firewall is Little Snitch 3.0.1 blocking port 993, which appears to let the connection initiate but then squashes and disconnects the socket during ssl handshaking. gdb backtrace and Activity Monitor's "Sample Process" show that imap-login is stuck calling ioloop-kqueue's io_loop_handler_run -> io_loop_call_io -> ssl_step repeatedly; dtruss shows that it is repeatedly making system calls to kevent and read, the latter returning -1 with errno 57=ENOTCONN="Socket is not connected". (I also tried ./configure --with-ioloop=poll and --with-iopoll=select instead of the default best = kqueue but the results were the same; --with-iopoll=epoll didn't work because epoll is not available on this machine.) The client, initiated by the command "openssl s_client -connect SERVER:993", first responds "CONNECTED(00000003)" but then immediately the error "60278:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:/SourceCache/OpenSSL098/OpenSSL098-44/src/ssl/s23_lib.c:182:". The infinite loop is in src/lib/ioloop.c in the function "io_loop_run" where the statement "while (ioloop->running) io_loop_handler_run(ioloop)" is executed. While I think the firewall is not doing the right thing (i.e., it lets a connection start but then kills it), it seems that imap-login should fail gracefully when the socket is no longer connected. Ideas? Thanks. ----------------------------------- /usr/local/sbin/dovecot -n # 2.1.10: /usr/local/etc/dovecot/dovecot.conf # OS: Darwin 12.2.0 x86_64 default_internal_user = _dovecot default_login_user = _dovenull namespace { hidden = no list = yes location = mbox:/Users/%u/Documents/Mailboxes prefix = mbox/ separator = / type = private } namespace { inbox = yes location = maildir:/Users/%u/Documents/Maildir mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / type = private } passdb { driver = pam } protocols = imap lmtp ssl = required ssl_cert = </usr/local/etc/dovecot/dovecot.pem ssl_key = </usr/local/etc/dovecot/dovecot.pem userdb { driver = passwd } protocol imap { mail_plugins = " zlib imap_zlib" } ----------------------------------- gdb's "bt full" gives various results depending on where in the loop, but they are they same from ssl23_accept on down. (gdb) bt full #0 0x00007fff92d19f63 in sha1_block_data_order () #1 0x00007fff92d1a4ae in SHA1_Final () #2 0x00007fff92d45430 in EVP_DigestFinal_ex () #3 0x00007fff92d17d7a in ssleay_rand_add () #4 0x00007fff974529be in ssl23_accept () #5 0x000000010cac0729 in ssl_handshake [inlined] () at /private/tmp/johnsone/dovecot-2.1.10/src/login-common/ssl-proxy-openssl.c:465 ret = -949939536 #6 0x000000010cac0729 in ssl_step (proxy=0x7fff53152b90) at ssl-proxy-openssl.c:528 ret = -949939536 #7 0x000000010cb11bd1 in io_loop_call_io (io=0x7f7fa0c1c240) at ioloop.c:379 ioloop = (struct ioloop *) 0x7f7fa0c03b00 t_id = 2 #8 0x000000010cb12c69 in io_loop_handler_run (ioloop=0x0) at ioloop-kqueue.c:148 tv = { tv_sec = 130, tv_usec = 124797 } ctx = (struct ioloop_handler_context *) 0x7f7fa0c1a890 ret = 1 ts = { tv_sec = 130, tv_nsec = 124797000 } events = (struct kevent *) 0x10cb4ee78 #9 0x000000010cb11b88 in io_loop_run (ioloop=0x7fff53152b90) at ioloop.c:398 No locals. #10 0x000000010cafde9b in master_service_run (service=0x7f7fa0c039f0, callback=0x7f7fa0c1c2d8) at master-service.c:543 No locals. #11 0x000000010cabdcd1 in main_deinit [inlined] () at /private/tmp/johnsone/dovecot-2.1.10/src/login-common/main.c:406 set_pool = (pool_t) 0x7f7fa100b420 login_socket = 0x10cb4f7f8 "?9??" #12 0x000000010cabdcd1 in login_binary_run (argc=1, argv=0x7f7fa0c037c0, binary=0x7fff53152b90) at main.c:407 set_pool = (pool_t) 0x7f7fa100b420 login_socket = 0x10cb4f7f8 "?9??" #13 0x00007fff8ac847e1 in start () (gdb) bt full #0 0x00007fff96e4c110 in malloc_zone_malloc () #1 0x00007fff96e4cba7 in malloc () #2 0x00007fff92d2c9e2 in CRYPTO_malloc () #3 0x00007fff92d4535f in EVP_DigestInit_ex () #4 0x00007fff92d17caa in ssleay_rand_add () #5 0x00007fff974529be in ssl23_accept () ... #0 0x00007fff94775ffa in read () #1 0x00007fff92cf41e6 in sock_read () #2 0x00007fff92d15598 in BIO_read () #3 0x00007fff9745294a in ssl23_read_bytes () #4 0x00007fff97452c3e in ssl23_get_client_hello () #5 0x00007fff97452b4d in ssl23_accept () ... ----------------------------------- From ramon.frontera at uib.es Sat Nov 10 17:41:37 2012 From: ramon.frontera at uib.es (=?UTF-8?B?UmFtw7NuIEZyb250ZXJh?=) Date: Sat, 10 Nov 2012 16:41:37 +0100 Subject: [Dovecot] doveadm quota get -A via doveadm-proxy director with LDAP In-Reply-To: <20121110010432.GA32305@daniel.localdomain> References: <F7BACE70-2FBE-4B5B-A938-3AAB2F28B26D@uib.es> <20121110010432.GA32305@daniel.localdomain> Message-ID: <509E75B1.2010006@uib.es> Hi, I think that the problem is different to http://dovecot.org/list/dovecot/2012-October/069100.html The command don't print anything in backend mail server dovecot.log. If I do " doveadm -D quota get -u user1" on proxy it works! the backend mail server responds to proxy. If I do: doveadm -D search -A mailbox Trash savedbefore 10d I have this result: doveadm(root): Debug: Loading modules from directory: /usr/lib64/dovecot doveadm(root): Debug: Module loaded: /usr/lib64/dovecot/lib10_quota_plugin.so doveadm(root): Debug: Module loaded: /usr/lib64/dovecot/lib20_expire_plugin.so doveadm(root): Debug: Loading modules from directory: /usr/lib64/dovecot/doveadm doveadm(root): Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: /usr/lib64/dovecot/doveadm/lib10_doveadm_acl_plugin.so: undefined symbol: acl_user_module (this is usually intentional, so just ignore this message) doveadm(root): Debug: Module loaded: /usr/lib64/dovecot/doveadm/lib10_doveadm_expire_plugin.so doveadm(root): Debug: Module loaded: /usr/lib64/dovecot/doveadm/lib10_doveadm_quota_plugin.so doveadm(root): Debug: Skipping module doveadm_zlib_plugin, because dlopen() failed: /usr/lib64/dovecot/doveadm/lib10_doveadm_zlib_plugin.so: undefined symbol: i_stream_create_deflate (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib64/dovecot/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_list_backend (this is usually intentional, so just ignore this message) doveadm(root): Debug: expire: Searching only users listed in expire database doveadm(rfg144): Error: Proxy is missing destination host doveadm: Error: Failed to iterate through some users and When I try to do this: doveadm -D search -u user1 mailbox Trash savedbefore 1d I find this in the log: Nov 10 16:36:01 mail2 dovecot: doveadm: Debug: expire: Searching only users listed in expire database Nov 10 16:36:01 mail2 dovecot: doveadm: Fatal: master: service(doveadm): child 3116 killed with signal 11 (core dumped) Thanks for your help! ------------------------------------------ Ramon Frontera Gallardo Universitat de les Illes Balears El 10/11/2012 2:04, Daniel Parthey escribi?: > Ramon Frontera wrote: >> We are running Dovecot 2.1.10 >> I want configure dovecot to do execute doveadm commands on the proxy server. >> We have 1 proxy with director and 2 mail servers. we use LDAP >> when I try to do doveadm quota get -u user it works fine. >> The problem is when I try to do doveadm quota get -A ON PROXY >> >> I have this result: >> doveadm(first_user): Error: Proxy is missing destination host >> doveadm: Error: Failed to iterate through some users > Sounds similar to the doveadm director problem described in this thread: > http://dovecot.org/list/dovecot/2012-October/069100.html > > What do you see in your backend mail server dovecot.log? > > Regards > Daniel From eliezer at ngtech.co.il Sat Nov 10 18:46:44 2012 From: eliezer at ngtech.co.il (Eliezer Croitoru) Date: Sat, 10 Nov 2012 18:46:44 +0200 Subject: [Dovecot] Sieve users script problem. Message-ID: <509E84F4.4030406@ngtech.co.il> I am using Dovecot 2.1.9 which seems to solve older bug in sieve. Now I have another problem with users scripts. I want dovecot to run users scripts but it seems to not even see them. Dovecot runs the default sieve script from home dir but wont see the sieve scripts in the sieve subdirectory and some logs: Nov 10 18:35:54 lda(user at domain.local): Debug: Quota root: name=User quota backend=maildir args= Nov 10 18:35:54 lda(user at domain.local): Debug: Quota rule: root=User quota mailbox=* bytes=1073741824 messages=0 Nov 10 18:35:54 lda(user at domain.local): Debug: Quota rule: root=User quota mailbox=Trash bytes=+32212254 (3%) messages=0 Nov 10 18:35:54 lda(user at domain.local): Debug: Quota warning: bytes=1020054732 (95%) messages=0 reverse=no command=quota-warning 95 raw mail user Nov 10 18:35:54 lda(user at domain.local): Debug: Quota warning: bytes=214748364 (20%) messages=0 reverse=no command=quota-warning 20 raw mail user Nov 10 18:35:54 lda(user at domain.local): Debug: none: root=, index=, control=, inbox=, alt= Nov 10 18:35:54 lda(user at domain.local): Debug: Destination address: eliezer at domain.local (source: user at hostname) Nov 10 18:35:54 lda(user at domain.local): Debug: sieve: include: sieve_global_dir is not set; it is currently not possible to include `:global' scripts. Nov 10 18:35:54 lda(user at domain.local): Debug: sieve: using the following location for user's Sieve script: /home/vmail/domain.local/eliezer/home/.dovecot.sieve Nov 10 18:35:54 lda(user at domain.local): Debug: sieve: opening script /home/vmail/domain.local/eliezer/home/.dovecot.sieve Nov 10 18:35:54 lda(user at domain.local): Debug: sieve: script binary /home/vmail/domain.local/eliezer/home/.dovecot.svbin successfully loaded Nov 10 18:35:54 lda(user at domain.local): Debug: sieve: binary save: not saving binary /home/vmail/domain.local/eliezer/home/.dovecot.svbin, because it is already stored Nov 10 18:35:54 lda(user at domain.local): Debug: sieve: executing script from /home/vmail/domain.local/eliezer/home/.dovecot.svbin Nov 10 18:35:54 lda(user at domain.local): Info: sieve: msgid=<XXXX at XXXX>: stored mail into mailbox 'INBOX' So it recognizes the home sir but wont look at the sieve sub directory. My dovecot -n output: # 2.1.9: /etc/dovecot/dovecot.conf # OS: Linux 3.3.8-gentoo x86_64 Gentoo Base System release 2.0.3 ext3 auth_mechanisms = plain login dict { quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no first_valid_uid = 5000 last_valid_uid = 5000 log_path = /var/log/dovecot.log mail_debug = yes mail_gid = 5000 mail_location = maildir:/home/vmail/%d/%n/Maildir/ mail_plugins = " quota" mail_privileged_group = vmail mail_uid = 5000 namespace { inbox = yes list = yes location = prefix = separator = . subscriptions = yes type = private } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { quota = maildir:User quota quota_rule = *:storage=1G quota_rule2 = Trash:storage=+3%% quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=20%% quota-warning 20 %u sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = +include +vnd.dovecot.debug +imapflags +spamtest +spamtestplus +relational +comparator-i;ascii-numeric } postmaster_address = postmastert at domain.local service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-userdb { group = vmail mode = 0600 user = vmail } } service dict { unix_listener dict { group = vmail mode = 0600 user = vmail } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } } service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } } service quota-warning { executable = script /etc/dovecot/quota-warning.sh user = vmail } ssl_ca = </etc/ssl/dca.pem ssl_cert = </etc/ssl/ssl.crt ssl_key = </etc/ssl/ssl.key userdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } protocol lda { mail_plugins = " quota sieve" } protocol imap { mail_plugins = " quota imap_quota" } protocol pop3 { pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_uidl_format = %08Xu%08Xv } Thanks, Eliezer From stan at hardwarefreak.com Sat Nov 10 20:49:40 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Sat, 10 Nov 2012 12:49:40 -0600 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <20121108235334.GB89679@anubis.morrow.me.uk> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> Message-ID: <509EA1C4.3050103@hardwarefreak.com> On 11/8/2012 5:53 PM, Ben Morrow wrote: > At 3AM -0600 on 8/11/12 you (Stan Hoeppner) wrote: >> >> 1.0.7 is absolutely ancient and no longer officially supported. You >> need 1.2.x minimum, 2.x.x even better. And you say you just recently >> upgraded your Linux distro? What planet do you live on son? You're a >> few light years behind current stable software. > > [A light-year is a measure of distance, not of time.] "metric fuckload" isn't a real measurement, but that doesn't stop people from [mis]using the term to get a point across. Don't arrogantly assume that intentional misuse of a term equals mouth breathing or knuckle dragging. >> LDA completely eliminates lock contention. > > As we have discussed before, using the LDA does not prevent lock > contention, it just prevents the problems that arise when different > software is using different locking strategies on the same mailbox > (assuming nothing except LDA and imap is touching the mailbox directly). You seem to have contradicted yourself. You described lock contention to a T, and stated Dovecot does prevents that "problem", but also said Dovecot doesn't prevent lock contention. File locking != lock contention. You can have the former without the latter. > There are valid reasons for not using the LDA: the OP might be already > using procmail, for instance, and have users with procmail recipies > which sort into IMAP folders. These folders will need to be locked by > procmail even if the default delivery to INBOX is changed (globally) to > happen through dovecot-lda. While migrating to sieve (and mdbox, and > LMTP) would, IMHO, be the best long-term solution, this isn't necessarily > something that can be set up overnight. And? I'm failing to understand your point here. The OP hasn't stated yet, that I recall, if he's accessing the mbox files with anything other than Dovecot and Postfix. If he does state this, we'll make further recommendations as to how get across the LDA bridge with the same functionality, or if it's workable. None of that precludes making the LDA recommendation. Most people already running procmail or local UNIX MUAs are savvy enough to discover LDA before hitting this list. So you can assume with some surety that the OP who doesn't know about LDA likely isn't using procmail, mutt, pine, etc. Sure there are exceptions, but this is normally the case. I think the problem here, given the tone of your prose above and correcting me on the use of "light year" of all damn things, is that my earlier praise directed at you due to your slightly greater knowledge of the intricacies of file locking, has given you the impression that I'm some kind of knuckle dragging noob in need of education by you. If that is the case please read my last 500 posts to this list to dispel that misconception. You are my peer, not my superior. Keep that in mind in your future correspondence. -- Stan From ben at morrow.me.uk Sat Nov 10 22:25:29 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Sat, 10 Nov 2012 20:25:29 +0000 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <509EA1C4.3050103@hardwarefreak.com> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> <509EA1C4.3050103@hardwarefreak.com> Message-ID: <20121110202529.GA30152@anubis.morrow.me.uk> At 12PM -0600 on 10/11/12 you (Stan Hoeppner) wrote: > On 11/8/2012 5:53 PM, Ben Morrow wrote: > > At 3AM -0600 on 8/11/12 you (Stan Hoeppner) wrote: > >> > >> LDA completely eliminates lock contention. > > > > As we have discussed before, using the LDA does not prevent lock > > contention, it just prevents the problems that arise when different > > software is using different locking strategies on the same mailbox > > (assuming nothing except LDA and imap is touching the mailbox directly). > > You seem to have contradicted yourself. You described lock contention > to a T, and stated Dovecot does prevents that "problem", but also said > Dovecot doesn't prevent lock contention. File locking != lock > contention. You can have the former without the latter. The usual meaning of 'lock contention' is 'two processes legitimately competing for the *same* lock'. For instance, a search for 'lock contention' on Wikipedia leads to lock contention: This occurs whenever one process or thread attempts to acquire a lock held by another process or thread. This will still occur when using the LDA: that is, there will still be occasions where the LDA and the imap process are competing for the mbox lock, and one ends up locking the other out temporarily. The problems with locking that arise when accessing the same mailbox using both Dovecot and non-Dovecot software come from different processes using *different* locks from each other, or acquiring them in a different order. This is not ordinary lock contention: in fact, in the worst case, the two processes end up not having any locks in common, so you get no lock contention at all but data corruption instead. > > There are valid reasons for not using the LDA: the OP might be already > > using procmail, for instance, and have users with procmail recipies > > which sort into IMAP folders. These folders will need to be locked by > > procmail even if the default delivery to INBOX is changed (globally) to > > happen through dovecot-lda. While migrating to sieve (and mdbox, and > > LMTP) would, IMHO, be the best long-term solution, this isn't necessarily > > something that can be set up overnight. > > And? I'm failing to understand your point here. You appear to be advocating the LDA as the solution to all possible problems with mail delivery, and implying anyone not using it is doing something seriously wrong. I was pointing out that that is not always the case. > The OP hasn't stated > yet, that I recall, if he's accessing the mbox files with anything other > than Dovecot and Postfix. If he does state this, we'll make further > recommendations as to how get across the LDA bridge with the same > functionality, or if it's workable. None of that precludes making the > LDA recommendation. Most people already running procmail or local UNIX > MUAs are savvy enough to discover LDA before hitting this list. So you > can assume with some surety that the OP who doesn't know about LDA > likely isn't using procmail, mutt, pine, etc. Sure there are > exceptions, but this is normally the case. I believe the OP mentioned something about having run out of mboxes for 20 years? To me that suggests an old-fashioned Unix setup, which in turn suggests procmail as a likely possibility. I could, of course, be wrong. > I think the problem here, given the tone of your prose above and > correcting me on the use of "light year" of all damn things, is that my > earlier praise directed at you due to your slightly greater knowledge of > the intricacies of file locking, has given you the impression that I'm > some kind of knuckle dragging noob in need of education by you. If that > is the case please read my last 500 posts to this list to dispel that > misconception. > > You are my peer, not my superior. Keep that in mind in your future > correspondence. If I have offended you, I apologise. That was certainly not my intention. Ben From radikn at seznam.cz Sat Nov 10 22:34:07 2012 From: radikn at seznam.cz (=?UTF-8?Q?Radek_Novotn=C3=BD?=) Date: Sat, 10 Nov 2012 21:34:07 +0100 Subject: [Dovecot] User iteration with static userdb Message-ID: <97e9e4ee533292752c95ef18bdfb3367@r-n.cz> Hi all, can someone explain me, please, why user iteration (iterate_query) doesn't work with static userdb? There isn't reason why it shouldn't work. In my opinion. However static userdb doesn't mean that user list not exist. Thanks Radek From ben at morrow.me.uk Sun Nov 11 02:39:21 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Sun, 11 Nov 2012 00:39:21 +0000 Subject: [Dovecot] Sieve users script problem. In-Reply-To: <509E84F4.4030406@ngtech.co.il> References: <509E84F4.4030406@ngtech.co.il> Message-ID: <20121111003920.GD30152@anubis.morrow.me.uk> At 6PM +0200 on 10/11/12 you (Eliezer Croitoru) wrote: > I am using Dovecot 2.1.9 which seems to solve older bug in sieve. > Now I have another problem with users scripts. > I want dovecot to run users scripts but it seems to not even see them. > Dovecot runs the default sieve script from home dir but wont see the > sieve scripts in the sieve subdirectory and some logs: Sieve only runs one user-specified sieve script. The other scripts in the sieve/ directory are alternatives which can be managed and activated using managesieve. The ~/.dovecot.sieve script should be a symlink to the currently-activated script in the sieve/ directory, so that managesieve can change which script is activated. It is also possible to run other scripts from the sieve/ directory using the 'include' extension, but you must use the :personal location (or simply not specify :global, since :personal is the default). If a user wants to run several scripts in succession I believe the only way currently is to create a 'master' script which looks like require ["include"]; include "script1"; include "script2"; and activate that script. > Nov 10 18:35:54 lda(user at domain.local): Debug: sieve: include: > sieve_global_dir is not set; it is currently not possible to include > `:global' scripts. It's not clear to me what's happening here: does that script use the 'include :global' command? If you want that to work you will need to create a system-wide scripts directory and set the sieve_global_dir parameter to point to it. If OTOH you wanted to include a script from the user's sieve/ directory, you need to leave off the :global tag. Ben From emailbuilder88 at yahoo.com Sun Nov 11 09:53:20 2012 From: emailbuilder88 at yahoo.com (E.B.) Date: Sat, 10 Nov 2012 23:53:20 -0800 (PST) Subject: [Dovecot] LDA without lookup as non-root? In-Reply-To: <1352619573.99460.YahooMailNeo@web39302.mail.mud.yahoo.com> References: <1350679409.31412.YahooMailNeo@web39302.mail.mud.yahoo.com> <1350760632.64676.YahooMailNeo@web39305.mail.mud.yahoo.com> <1350765252.74118.YahooMailNeo@web39301.mail.mud.yahoo.com> <1352619573.99460.YahooMailNeo@web39302.mail.mud.yahoo.com> Message-ID: <1352620400.63560.YahooMailNeo@web39304.mail.mud.yahoo.com> Timo, Sorry I didn't see your response until now >> 3) The interesting part -- I am invoking LDA from Maildrop. See: >> http://thread.gmane.org/gmane.mail.imap.dovecot/65473 > So >> when invoked, Maildrop has already dropped to the destination UID/GID >> and the needed paths are available in the environment.? However, using >> as many permutations of calling LDA as I can think of (based on? ? >> http://wiki2.dovecot.org/LDA ), I always get this: >> >> (command line usage error. Command output: lda: Fatal: Couldn't lookup >> our? username (uid=2500) ) > > Set USER environment. Sorry, would you mind being more specific?? If you see my follow-up posts on this thread, I found a source file with this error message in it (link below) and reading that code, there is no way to avoid this error for non-system users (uid's) if you don't use -d.? (looking at the "destination" variable) http://hg.dovecot.org/dovecot-sieve-1.1/raw-rev/7d85833eff96 From stephan at rename-it.nl Mon Nov 12 01:15:22 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Mon, 12 Nov 2012 00:15:22 +0100 Subject: [Dovecot] Sieve puts incoming message into inbox on any problem with submission_host In-Reply-To: <509D0407.8070307@netcologne.de> References: <509D0407.8070307@netcologne.de> Message-ID: <50A0318A.7080005@rename-it.nl> On 11/9/2012 2:24 PM, Christian Rohmann wrote: > Hello dovecot-users, > > I have a question/suggestion regarding the submission_host feature of > the lda (either via dovecot-lda binary or lmtp) in combination with sieve. > > The same applies to vacation messages being sent out. Especially with an > (unconditional) redirect action, users don't expect to find messages in > their inbox. Also problems with the submission_host could very much be > temporary and a little delay in delivering a message is better then > putting it somewhere the user doesn't expect a message to be. Yes, I agree. With the normal sendmail configuration this situation was much less likely to occur since messages would be queued locally first. > Is there any way to change the behavior of dovecot or the sieve plugin > to tempfail in case a message cannot be sent out? Not currently, I've been thinking about something like that for use with the extprograms plugin, which presents similar challenges. > I know that with multiple sieve actions it gets more complicated as > there could be corner cases were the first message can be sent via the > submission server and another message produced by the same sieve script > cannot. Exactly. And other kind of actions even make this more annoying. The Sieve interpreter tries to do things atomically as much as possible. With outgoing messages, that is rather difficult, so these actions are performed only after all other actions, e.g. local folder deliveries, succeed. So, in the current implementation simply issuing a temp fail would yield the even nastier result of duplicating deliveries; it is not possible to simply undo local message deliveries at that stage anymore. To solve this definitively I'll have to do some redesign of the action execution sequence. > I'd love sieve to behave like this: > > a) if submission host is unreachable (hostname wrong, timeout, ...) -> > tempfail The simplest solution right now would be to perform a pre-check on whether the message submission is likely to succeed or not. Regards, Stephan. From dmiller at amfes.com Mon Nov 12 03:11:10 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Sun, 11 Nov 2012 17:11:10 -0800 Subject: [Dovecot] v2.1 memory usage In-Reply-To: <5A7F7F7A-9CEB-4A20-B03C-99EE81351114@iki.fi> References: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> <1352151633.13571.116.camel@hurina> <1352157757.13571.121.camel@hurina> <50992C33.8030505@wildgooses.com> <5A7F7F7A-9CEB-4A20-B03C-99EE81351114@iki.fi> Message-ID: <assp.1663b64dd1.50A04CAE.5040608@amfes.com> On 11/6/2012 12:30 PM, Timo Sirainen wrote: > On 6.11.2012, at 17.26, Ed W wrote: > >> On 05/11/2012 23:22, Timo Sirainen wrote: >>> On Mon, 2012-11-05 at 23:40 +0200, Timo Sirainen wrote: >>> This also provides a nice abstraction to OpenSSL, making it again >>> possible to implement other backends like GnuTLS or NSS. (Except >>> login process code doesn't use lib-ssl-iostream yet.) >> Does libtomcrypt implement enough? > It doesn't do SSL, which is all Dovecot cares about. > Can the GnuTLS OpenSSL compatibility layer be used safely? -- Daniel From h.reindl at thelounge.net Mon Nov 12 03:20:58 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Mon, 12 Nov 2012 02:20:58 +0100 Subject: [Dovecot] v2.1 memory usage In-Reply-To: <assp.1663b64dd1.50A04CAE.5040608@amfes.com> References: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> <1352151633.13571.116.camel@hurina> <1352157757.13571.121.camel@hurina> <50992C33.8030505@wildgooses.com> <5A7F7F7A-9CEB-4A20-B03C-99EE81351114@iki.fi> <assp.1663b64dd1.50A04CAE.5040608@amfes.com> Message-ID: <50A04EFA.1080202@thelounge.net> Am 12.11.2012 02:11, schrieb Daniel L. Miller: > On 11/6/2012 12:30 PM, Timo Sirainen wrote: >> On 6.11.2012, at 17.26, Ed W wrote: >> >>> On 05/11/2012 23:22, Timo Sirainen wrote: >>>> On Mon, 2012-11-05 at 23:40 +0200, Timo Sirainen wrote: >>>> This also provides a nice abstraction to OpenSSL, making it again possible to implement other backends like >>>> GnuTLS or NSS. (Except login process code doesn't use lib-ssl-iostream yet.) >>> Does libtomcrypt implement enough? >> It doesn't do SSL, which is all Dovecot cares about. >> > > Can the GnuTLS OpenSSL compatibility layer be used safely? where is the problem with openssl? please leave us in peace with gnuTLS and see how it affects OpenVAS / Greenbone Sceurity Assistant on distributions like Fedora the whole year what about config compatibility like ssl_cipher_list = ALL:!LOW:!MEDIUM:!SSLv2:!MD5:!aNULL:!eNUL:!ADH:!AESGCM:!EXP:HIGH -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 259 bytes Desc: OpenPGP digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121112/e06fa043/attachment-0002.bin> From calestyo at scientia.net Mon Nov 12 03:26:21 2012 From: calestyo at scientia.net (Christoph Anton Mitterer) Date: Mon, 12 Nov 2012 02:26:21 +0100 Subject: [Dovecot] mbox vs. maildir storage block waste In-Reply-To: <509C6243.9040002@r.paypc.com> References: <1351544049.3435.47.camel@fermat.scientia.net> <9D29C5F7-A6BC-4D74-AAA9-14675035D09C@iki.fi> <1351545330.3435.66.camel@fermat.scientia.net> <22F4E090-F572-40F4-8B69-D48E48856815@iki.fi> <1351547682.3435.76.camel@fermat.scientia.net> <A15D492A-72F5-44F9-9167-6E1AE8CC9647@iki.fi> <1351556165.3435.88.camel@fermat.scientia.net> <9C95F27A-0D85-4CD4-8172-9829BC026A14@iki.fi> <1352420557.5071.54.camel@fermat.scientia.net> <509C6243.9040002@r.paypc.com> Message-ID: <1352683581.12282.11.camel@fermat.scientia.net> On Thu, 2012-11-08 at 17:54 -0800, Robin wrote: > The performance is surprisingly bad ... doing almost everything. > Searches through IMAP, bulk importation of mail folders, large > numbers of simultaneous mail deliveries, you name it. Have you made systematic tests? I.e. compared times for all of these with those from the different dovecot backends. > There wasn't a task that the dbmail setup performed faster than > Dovecot, in either low or high load situations. Which backend did you use? > When pressed on this lack of performance, I was instructed to "add > more RAM" to the DB machine, and that for ideal performance I should > have more RAM than my mailbox sizes. *sigh* This sounds great for a > very small installation, but this clearly is not something that > scales. Yeah... that?s truly disappointing... Do you have detailed numbers? I guess you?ve "only" tried dbmail? > The dbmail folk are earnest and hard-working, and I don't mean to cast > the slightest bit of negativity on their project. I think the > assumptions about what SQL servers can do well often doesn't square > with the reality of many applications that people try to fit them > into. hmm... > remove filesystem journaling, write barriers, etc on the mail db > mountpoint. All something I wouldn?t want to do on my production systems ;) Thanks for your detailed information :) Cheers, Chris. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5113 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121112/b9ecc4c5/attachment-0002.bin> From dmiller at amfes.com Mon Nov 12 06:05:22 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Sun, 11 Nov 2012 20:05:22 -0800 Subject: [Dovecot] Solr 4.0 - lucene - FTS In-Reply-To: <509B9B65.4020801@Media-Brokers.com> References: <509A5B99.1000900@Media-Brokers.com> <385519A7-AE91-4C38-94C6-7CD8A957E178@iki.fi> <509B9B65.4020801@Media-Brokers.com> Message-ID: <assp.0663ccfa4e.1a55e639b2a9e3dfd82152de9fa2fd9a@amfes.com> On 2012-11-08 03:45, Charles Marcus wrote: > On 2012-11-07 10:14 AM, Timo Sirainen <tss at iki.fi> wrote: > >> No, fts-lucene and fts-solr are separate backends. But I do have some small plans to add a few more features to fts-solr. > > Thanks again Timo, but one last follow-up... > > According to the wiki, Solr is the preferred method, but that seems > weird to me - it requires a full blown Solr server that dovecot > communicates with using HTTP/XML queries? Maybe not that big a deal, but > just sounds like overkill to me, unless you are maybe already using Solr > for website searches (which I'm not and have no need for). I would much > prefer something simpler that doesn't require any external dependencies > like that, so, next choice is Lucene... > > Looks much simpler, only requires Lucene's C++ library... > > But it builds only a single Lucene index for all mailboxes - not sure if > this is good or bad? Seems like it would be better/more efficient (and > less chance of index corruption, but most importantly, less overhead in > the event that one gets hosed and dovecot needs to rebuild it) to build > individual indexes for each mailbox, then, maybe, to provide support for > searching ALL mailboxes, have a master index that basically just > maintains a list of all of the individual indexes to be used for the > search (so it doesn't have to scan all available mailboxes, but which it > can do in the event that *it* ever got hosed). > > Obviously I don't know much about all this, so may be totally off base... > > Thanks again, and for listening to my ramblings, My, probably wrong, impression is this: The concept of running a "full blown Solr server" seems intimidating - until you actually do it. It's just another Java process. If you're already using Java for something else then I don't think there's much concern - my (again, probably wrong) understanding is once you've got one Java process running, other than process-specific variables/caching the overall overhead of the Java VM is shared - so in for a penny in for a pound. Lucene development is actively done in Java, with Solr being the primary reference implementation. The C libraries (I know of two) are then derived from the Java library - so the C implementations always lag behind the Java one, and it looks like there's much more active work going into the Java library. There's no question the Lucene implementation in Dovecot is the simplest for an administrator to work with - but the Solr version sure looks a lot more powerful. The tradeoff is sometimes needing to fiddle with configuration settings (not like we ever need to that for anything else, right?), especially with new versions of either Dovecot or Solr. Having a single index store - I suppose theoretically increases a point of failure, but given that the FTS indexes are a partial duplicate of and generated from the mail storage I'm not losing sleep over it. I put my Solr installation on the same raid array as my mail store - I'm not seeing any issues with it but I don't claim to be a senior admin. I'm currently running Solr 4.0. A few tweaks are needed to get it running, but once it's up it goes quite smoothly. -- Daniel From dmiller at amfes.com Mon Nov 12 06:13:54 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Sun, 11 Nov 2012 20:13:54 -0800 Subject: [Dovecot] v2.1 memory usage In-Reply-To: <50A04EFA.1080202@thelounge.net> References: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> <1352151633.13571.116.camel@hurina> <1352157757.13571.121.camel@hurina> <50992C33.8030505@wildgooses.com> <5A7F7F7A-9CEB-4A20-B03C-99EE81351114@iki.fi> <50A04CAE.5040608@amfes.com> <50A04EFA.1080202@thelounge.net> Message-ID: <assp.1663a3b60b.f55349df7c455907404f9b76b8a6809e@amfes.com> On 2012-11-11 17:20, Reindl Harald wrote: > Am 12.11.2012 02:11, schrieb Daniel L. Miller: > >> On 11/6/2012 12:30 PM, Timo Sirainen wrote: >> >>> On 6.11.2012, at 17.26, Ed W wrote: >>> >>>> On 05/11/2012 23:22, Timo Sirainen wrote: >>>> >>>>> On Mon, 2012-11-05 at 23:40 +0200, Timo Sirainen wrote: This also provides a nice abstraction to OpenSSL, making it again possible to implement other backends like GnuTLS or NSS. (Except login process code doesn't use lib-ssl-iostream yet.) >>>> Does libtomcrypt implement enough? >>> It doesn't do SSL, which is all Dovecot cares about. >> Can the GnuTLS OpenSSL compatibility layer be used safely? > > where is the problem with openssl? I don't know what the problem is - I just know that I've heard from a number of developers (including the Postfix & Dovecot developers) that they don't like OpenSSL - but while GnuTLS looks interesting they aren't interested in working on the interface - though they're willing to accept patches. (My full apologies right now if Timo or Wietse are offended by my speaking out of turn). I'm no security expert, but I do know that OpenSSL has had issues with version compatiblity. I had a very troubled time during an OpenSSL/Postfix upgrade that left me non-functional until I found the exact version pairings required. The tiny bit of Googling I've done tells me GnuTLS seems to be a more standards-compliant implementation, and MAY be "safer" than OpenSSL. However, as OpenSSL is the de-facto standard used by most Linux programs, acceptance of GnuTLS is quite limited. I've been intrigued by what I've read about it, and took a quick look at enabling support in Dovecot for GnuTLS directly - but while it didn't seem overly heavy at first glance the fact that Timo doesn't want to do it tells me I'm underestimating the complexity. -- Daniel From eliezer at ngtech.co.il Mon Nov 12 06:45:00 2012 From: eliezer at ngtech.co.il (Eliezer Croitoru) Date: Mon, 12 Nov 2012 06:45:00 +0200 Subject: [Dovecot] Sieve users script problem. In-Reply-To: <20121111003920.GD30152@anubis.morrow.me.uk> References: <509E84F4.4030406@ngtech.co.il> <20121111003920.GD30152@anubis.morrow.me.uk> Message-ID: <50A07ECC.8020708@ngtech.co.il> On 11/11/2012 2:39 AM, Ben Morrow wrote: > require ["include"]; > > include "script1"; > include "script2"; > > and activate that script. > >> >Nov 10 18:35:54 lda(user at domain.local): Debug: sieve: include: >> >sieve_global_dir is not set; it is currently not possible to include >> >`:global' scripts. > It's not clear to me what's happening here: does that script use the > 'include :global' command? If you want that to work you will need to > create a system-wide scripts directory and set the sieve_global_dir > parameter to point to it. If OTOH you wanted to include a script from > the user's sieve/ directory, you need to leave off the :global tag. > > Ben > Thanks, Now I kind of understand it but from the documentation it feels like there is a default and directory which works always.(Or this what I understood) Since its not like that it makes my options limited but stil this can do what I need. I need it to filter mails into sub-directories for my user only so it's fine. Thanks Again, Eliezer -- Eliezer Croitoru https://www1.ngtech.co.il IT consulting for Nonprofit organizations eliezer <at> ngtech.co.il From lukashaase at gmx.at Mon Nov 12 11:10:09 2012 From: lukashaase at gmx.at (Lukas Haase) Date: Mon, 12 Nov 2012 01:10:09 -0800 Subject: [Dovecot] dovecot lost mail! Cause? Message-ID: <k7qedh$kg$1@ger.gmane.org> Hi, After using dovecot for several years now, today happend something which makes me really feel unconfortable: An email received was just not delivered properly, or, is lost! The mail (from an external server) was sent to two local mailboxes, user1 and user2. user1 received the message but for user2, it *magically* disappeared. MTA is exim4 which definitely processed the messages and handed over to dovecot deliver: 2012-11-12 07:28:21 1TXnVG-00053I-GD SA: [...] id=8644593.887351352701 685934.JavaMail 2012-11-12 07:28:21 1TXnVG-00053I-GD => user1 <user1 at example.com> R=dovecot T=dovecot_pipe 2012-11-12 07:28:21 1TXnVG-00053I-GD => user2 <user2 at example.com> R=dovecot T=dovecot_pipe 2012-11-12 07:28:21 1TXnVG-00053I-GD Completed Also, the log of dovecot tells that the mail should have been stored: Nov 12 07:28:21 mail dovecot: deliver(user1): sieve: msgid=<8644593.887351352701685934.JavaMail>: stored mail into mailbox 'INBOX' Nov 12 07:28:21 mail dovecot: deliver(user2): sieve: msgid=<8644593.887351352701685934.JavaMail.orbitz>: stored mail into mailbox 'INBOX' user1 received the mail but user2 not. Since user2 is myself, I *know* that I did not accidently delete any mail or something like that. It was just never received! Disk space is 3GB left, so enough. So I grepped the whole Maildir of user2 for the message ID. There is only one match in the dovecot.index.cache and within that, the most important data of the mail (Message ID, Date, Sender, Receiver, Subject) appears. But apart from that, not a single file! Is there hope to ever find out why what was going wrong here? It feels me veeeeeeeeery unconfortable because from now on I can never be sure any more that all my mails are really received :( :( However, as I said, my mail system processed maybe millions of messages the past 8 years. Although, I can not be sure if that was the case ... :( And help greatly appreciated! Luke PS: Dovecot version 1.2.15 (Debian 6.0.6) with Maildir backend on local harddrive. No NFS, nothing which can go wrong ... PPS: Original log files, just named replaced for privacy. From skdovecot at smail.inf.fh-brs.de Mon Nov 12 11:19:17 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Mon, 12 Nov 2012 10:19:17 +0100 (CET) Subject: [Dovecot] dovecot lost mail! Cause? In-Reply-To: <k7qedh$kg$1@ger.gmane.org> References: <k7qedh$kg$1@ger.gmane.org> Message-ID: <alpine.DEB.1.10.1211121018330.10160@pc-2m63a.inf.fh-bonn-rhein-sieg.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 12 Nov 2012, Lukas Haase wrote: > Nov 12 07:28:21 mail dovecot: deliver(user2): sieve: > msgid=<8644593.887351352701685934.JavaMail.orbitz>: stored mail into > mailbox 'INBOX' are there any other log lines of user2? - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBUKC/FmoxLS8a3A9mAQJLEAgAkghKGBYWFj94OMCo5mM26XV4c0nHKgob ec0ELqgOIGZf+DA7+Dztwq/MWgdkhB/ZbUSQ2rd4qQ7nf7gEO10L0WXUXWzMJ9sm upvn8JaOJDZ37Ne7AeoOib/m5fXyQUa0oiW7y8ShdeveTAOtn+Bu0OT2BuibOeT8 /EsTA+DfVlymTgHrMYU0LIjjvHh94Duj4at1k1X1So2kTaNbw48ljKYMd0qb2+pR 39D/ZtynOqnEKzj5f+JU+WmCcCAEAW9IL8U8pySvuZaXkPN+cfcLO82J9UIEmIAf IKymFt7JuNabGCsJ0FpMeuLAyXNOxJdKmGxgqmpyfilPY2ty8hstmg== =Uz9E -----END PGP SIGNATURE----- From tibby at tibby.hu Mon Nov 12 11:40:11 2012 From: tibby at tibby.hu (Tibby) Date: Mon, 12 Nov 2012 10:40:11 +0100 Subject: [Dovecot] Help me with IMAP config Message-ID: <3960A514-7030-4F63-A346-5DE5DDAA4C63@tibby.hu> Hello! I have dovecot running. Imap works fine. When i connect with outlook an when i delete a message it gets crossed out but still stays in my mailbox. I want to disable this feature. I want it once its deleted then go to trash folder on the mail server and thats it. Is there an option for this? I'm running dovecot 1.2.15 Thanks! From lukashaase at gmx.at Mon Nov 12 11:44:37 2012 From: lukashaase at gmx.at (Lukas Haase) Date: Mon, 12 Nov 2012 01:44:37 -0800 Subject: [Dovecot] dovecot lost mail! Cause? In-Reply-To: <alpine.DEB.1.10.1211121018330.10160@pc-2m63a.inf.fh-bonn-rhein-sieg.de> References: <k7qedh$kg$1@ger.gmane.org> <alpine.DEB.1.10.1211121018330.10160@pc-2m63a.inf.fh-bonn-rhein-sieg.de> Message-ID: <k7qge4$g5r$1@ger.gmane.org> Hi, On 11/12/2012 1:19 AM, Steffen Kaiser wrote: > On Mon, 12 Nov 2012, Lukas Haase wrote: > >> Nov 12 07:28:21 mail dovecot: deliver(user2): sieve: >> msgid=<8644593.887351352701685934.JavaMail.orbitz>: stored mail into >> mailbox 'INBOX' > > are there any other log lines of user2? Anfortunately not :-( Grepped everything, and I would have posted otherwise. My hope is that the dovecot.index.cache may provide some insights (I made a backup copy of it). Luke From Bill at KnoxvilleChristian.org Mon Nov 12 11:46:25 2012 From: Bill at KnoxvilleChristian.org (Bill Shirley) Date: Mon, 12 Nov 2012 04:46:25 -0500 Subject: [Dovecot] Help me with IMAP config In-Reply-To: <3960A514-7030-4F63-A346-5DE5DDAA4C63@tibby.hu> References: <3960A514-7030-4F63-A346-5DE5DDAA4C63@tibby.hu> Message-ID: <50A0C571.7000005@KnoxvilleChristian.org> On 11/12/2012 4:40 AM, Tibby wrote: > Hello! > I have dovecot running. Imap works fine. When i connect with outlook an when i delete a message it gets crossed out but still stays in my mailbox. I want to disable this feature. I want it once its deleted then go to trash folder on the mail server and thats it. Is there an option for this? I'm running dovecot 1.2.15 > > Thanks! This is the way IMAP works. Deleted items are marked delete and then removed when the client issues the 'expunge' command. It's best to change this in the email client. Look at your Outlook configuration for a way to 'move deleted items to trash' or 'expunge'. Bill From busseniu at in.tum.de Mon Nov 12 11:49:06 2012 From: busseniu at in.tum.de (=?UTF-8?B?Q2hyaXN0b3BoIEJ1w59lbml1cw==?=) Date: Mon, 12 Nov 2012 10:49:06 +0100 Subject: [Dovecot] Invalid Managesieve commands are counted twice Message-ID: <50A0C612.8020903@in.tum.de> Hi, the Managesieve server closes the connection if it receives an unknown command before authentication: "IMPLEMENTATION" "Dovecot Pigeonhole" "SIEVE" "fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave" "NOTIFY" "mailto" "SASL" "PLAIN" "STARTTLS" "VERSION" "1.0" OK "Dovecot ready." --> BOGUS NO "Error in MANAGESIEVE command received by server." NO "Error in MANAGESIEVE command received by server." BYE "Too many invalid MANAGESIEVE commands." Connection closed by foreign host. Note that only one bogus command has been sent by the client, however the server sends two identical error messages. This seems to be a bug in Pigeonhole 0.3.3. In version 0.2.6, the connection was kept open after the error message. This is actually important to us because we use the "sieveshell" utility which is shipped with the Python "managesieve" package. The managesieve.py module always sends a BOGUS command after the TLS handshake. According to its comments, this is done to work around problems with other server implementations: # Some servers send capabilities after TLS handshake, some # do not. We send a bogus command, and expect a NO. If you # get something else instead, read the extra NO to clear # the buffer. typ, data = self._command('BOGUS') (The full source is at http://pydoc.net/managesieve/0.4.2/managesieve) As a result, sieveshell cannot be used with TLS and a current Dovecot/Pigeonhole server. Cheers, Christoph -- Christoph Bu?enius Rechnerbetriebsgruppe der Fakult?ten Informatik und Mathematik Technische Universit?t M?nchen +49 89-289-18519 <> Raum 00.05.040 <> Boltzmannstr. 3 <> Garching From stephan at rename-it.nl Mon Nov 12 12:18:37 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Mon, 12 Nov 2012 11:18:37 +0100 Subject: [Dovecot] Invalid Managesieve commands are counted twice In-Reply-To: <50A0C612.8020903@in.tum.de> References: <50A0C612.8020903@in.tum.de> Message-ID: <50A0CCFD.2000900@rename-it.nl> On 11/12/2012 10:49 AM, Christoph Bu?enius wrote: > Hi, > > the Managesieve server closes the connection if it receives an unknown > command before authentication: > > Note that only one bogus command has been sent by the client, however > the server sends two identical error messages. > > This seems to be a bug in Pigeonhole 0.3.3. In version 0.2.6, the > connection was kept open after the error message. It is a bug. > As a result, sieveshell cannot be used with TLS and a current > Dovecot/Pigeonhole server. I fixed this a while back, but hasn't been released so far: http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/ceef02768dee Regards, Stephan. From busseniu at in.tum.de Mon Nov 12 12:47:00 2012 From: busseniu at in.tum.de (=?UTF-8?B?Q2hyaXN0b3BoIEJ1w59lbml1cw==?=) Date: Mon, 12 Nov 2012 11:47:00 +0100 Subject: [Dovecot] Invalid Managesieve commands are counted twice In-Reply-To: <50A0CCFD.2000900@rename-it.nl> References: <50A0C612.8020903@in.tum.de> <50A0CCFD.2000900@rename-it.nl> Message-ID: <50A0D3A4.5070906@in.tum.de> Hi Stephan, On 12.11.2012 11:18, Stephan Bosch wrote: > I fixed this a while back, but hasn't been released so far: > > http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/ceef02768dee thanks, I am going to try out the current hg version. I guess I should have tried this first... Cheers, Christoph -- Christoph Bu?enius Rechnerbetriebsgruppe der Fakult?ten Informatik und Mathematik Technische Universit?t M?nchen +49 89-289-18519 <> Raum 00.05.040 <> Boltzmannstr. 3 <> Garching From design at 1stwebdesigns.com Mon Nov 12 13:15:49 2012 From: design at 1stwebdesigns.com (1st WebDesigns) Date: Mon, 12 Nov 2012 11:15:49 +0000 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <20121108235334.GB89679@anubis.morrow.me.uk> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> Message-ID: <50A0DA65.9080503@1stwebdesigns.com> On 08/11/2012 23:53, Ben Morrow wrote: > At 3AM -0600 on 8/11/12 you (Stan Hoeppner) wrote: >> >> 1.0.7 is absolutely ancient and no longer officially supported. You >> need 1.2.x minimum, 2.x.x even better. And you say you just recently >> upgraded your Linux distro? What planet do you live on son? You're a >> few light years behind current stable software. > > [A light-year is a measure of distance, not of time.] > >> LDA completely eliminates lock contention. > > As we have discussed before, using the LDA does not prevent lock > contention, it just prevents the problems that arise when different > software is using different locking strategies on the same mailbox > (assuming nothing except LDA and imap is touching the mailbox directly). > > There are valid reasons for not using the LDA: the OP might be already > using procmail, for instance, and have users with procmail recipies > which sort into IMAP folders. These folders will need to be locked by > procmail even if the default delivery to INBOX is changed (globally) to > happen through dovecot-lda. While migrating to sieve (and mdbox, and > LMTP) would, IMHO, be the best long-term solution, this isn't necessarily > something that can be set up overnight. > > Ben > > > > ----- > No virus found in this message. > Checked by AVG - www.avg.com > Version: 2012.0.2221 / Virus Database: 2441/5382 - Release Date: 11/08/12 > > Thanks for your replies. I switched to Dovecot LDA this morning, but the issue still persists, albeit logged slightly differently by Dovecot now instead of Postfix: "save failed to INBOX: Timeout while waiting for lock" The reason is because some pop3 clients are holding their connection for 5 or 6 minutes (don't ask me why - and the iPhone seems to be the major culprit). In dovecot.conf I changed: mbox_lock_timeout = 300 to mbox_lock_timeout = 600 Which seems to have helped. I am unclear if this value only applied to Dovecot LDA or if it would have worked previously before switching to Dovecot LDA? From tss at iki.fi Mon Nov 12 13:33:45 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Nov 2012 13:33:45 +0200 Subject: [Dovecot] Commercial features in Dovecot future: Object storage, archive Message-ID: <85966921-0276-4B80-8F7B-37B5B9558FFC@iki.fi> Hi all, Dovecot Oy?s web pages at www.dovecot.fi have been updated. The products page lists two features that will be available for commercial licensing, extending the functionality of the basic open-source version of Dovecot. * Storing emails to (high-latency) object storage, initially supporting Amazon S3, Caringo CAStor and Scality. * Email archive storage. See http://www.dovecot.fi/products/index.html for details. I?ve been developing Dovecot for over 10 years now. For a long time it was my primary motivation in life to create the best IMAP server available :) I think I've pretty much accomplished that by now. The future is looking very bright for Dovecot: we will continue the open source development stronger than ever, but in addition, for the long term it needs some additional licensed components that bring the money to cover the cost for future Dovecot development and to be able to build up the support in a professional way. These new features will be added as plugins on top of Dovecot to extend the functionality. Note that I?m not just randomly choosing which features will be open and which will be licensed. Only some specific features will be licensed where my company is going to make money with partnerships and in other measurable ways. From jerry at seibercom.net Mon Nov 12 13:54:37 2012 From: jerry at seibercom.net (Jerry) Date: Mon, 12 Nov 2012 06:54:37 -0500 Subject: [Dovecot] v2.1 memory usage In-Reply-To: <assp.1663a3b60b.f55349df7c455907404f9b76b8a6809e@amfes.com> References: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> <1352151633.13571.116.camel@hurina> <1352157757.13571.121.camel@hurina> <50992C33.8030505@wildgooses.com> <5A7F7F7A-9CEB-4A20-B03C-99EE81351114@iki.fi> <50A04CAE.5040608@amfes.com> <50A04EFA.1080202@thelounge.net> <assp.1663a3b60b.f55349df7c455907404f9b76b8a6809e@amfes.com> Message-ID: <20121112065437.1f174b59@scorpio> On Sun, 11 Nov 2012 20:13:54 -0800 Daniel L. Miller articulated: > I don't know what the problem is - I just know that I've > heard from a number of developers (including the Postfix & Dovecot > developers) that they don't like OpenSSL - but while GnuTLS looks > interesting they aren't interested in working on the interface - > though they're willing to accept patches. (My full apologies right > now if Timo or Wietse are offended by my speaking out of turn). > > I'm no security > expert, but I do know that OpenSSL has had issues with version > compatiblity. I had a very troubled time during an OpenSSL/Postfix > upgrade that left me non-functional until I found the exact version > pairings required. > > The tiny bit of Googling I've done tells me GnuTLS > seems to be a more standards-compliant implementation, and MAY be > "safer" than OpenSSL. However, as OpenSSL is the de-facto standard > used by most Linux programs, acceptance of GnuTLS is quite limited. > I've been intrigued by what I've read about it, and took a quick look > at enabling support in Dovecot for GnuTLS directly - but while it > didn't seem overly heavy at first glance the fact that Timo doesn't > want to do it tells me I'm underestimating the complexity. I have OpenSSL 1.0.1c 10 May 2012 installed on a FreeBSD machine that also runs Postfix and Dovecot. When I first updated to the new version from then 0.9x branch there were some minor problems. I believe that there was something Wietse had to do to get Postfix fully functional in the new environment, but it was done extremely quickly. The biggest problem I faced was that I discovered that I had to recompile every program on my system that depended on the new version of Openssl. Once that was done, virtually every problem I experienced disappeared. I am not aware of any developer who fears using the new version of Openssl, although apparently you do. The fact that a newer version of any software is not totally compatible with an older version is nothing new. I am amazed when they are fully compatible. Openssl is the de facto standard and I think that making a concerted effort to work with it would be a wise choice. I have also Googled and have not found any evidence that GnuTLS is more "standards compliant" nor "safer". I would be interested in those URLs. I would like to know who is making those claims and what their basis for them actually is. -- Jerry ? Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From alessio at skye.it Mon Nov 12 14:00:50 2012 From: alessio at skye.it (Alessio Cecchi) Date: Mon, 12 Nov 2012 13:00:50 +0100 Subject: [Dovecot] Commercial features in Dovecot future: Object storage, archive In-Reply-To: <85966921-0276-4B80-8F7B-37B5B9558FFC@iki.fi> References: <85966921-0276-4B80-8F7B-37B5B9558FFC@iki.fi> Message-ID: <50A0E4F2.1090906@skye.it> Il 12/11/2012 12:33, Timo Sirainen ha scritto: > Hi all, > > Dovecot Oy?s web pages at www.dovecot.fi have been updated. The products page lists two features that will be available for commercial licensing, extending the functionality of the basic open-source version of Dovecot. > > * Storing emails to (high-latency) object storage, initially supporting Amazon S3, Caringo CAStor and Scality. > > * Email archive storage. > > See http://www.dovecot.fi/products/index.html for details. > > I?ve been developing Dovecot for over 10 years now. For a long time it was my primary motivation in life to create the best IMAP server available :) I think I've pretty much accomplished that by now. > > The future is looking very bright for Dovecot: we will continue the open source development stronger than ever, but in addition, for the long term it needs some additional licensed components that bring the money to cover the cost for future Dovecot development and to be able to build up the support in a professional way. > > These new features will be added as plugins on top of Dovecot to extend the functionality. Note that I?m not just randomly choosing which features will be open and which will be licensed. Only some specific features will be licensed where my company is going to make money with partnerships and in other measurable ways. > I'm really interesting in storing email into object storage, since our IaaS provider is using Scality we can simple buy dovecot's plugin for scality. I will contact Dovecot Oy for more informations. -- Alessio Cecchi is: @ ILS -> http://www.linux.it/~alessice/ on LinkedIn -> http://www.linkedin.com/in/alessice Assistenza Sistemi GNU/Linux -> http://www.cecchi.biz/ @ PLUG -> ex-Presidente, adesso senatore a vita, http://www.prato.linux.it From lists at wildgooses.com Mon Nov 12 21:31:45 2012 From: lists at wildgooses.com (Ed W) Date: Mon, 12 Nov 2012 19:31:45 +0000 Subject: [Dovecot] v2.1 memory usage In-Reply-To: <assp.1663a3b60b.f55349df7c455907404f9b76b8a6809e@amfes.com> References: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> <1352151633.13571.116.camel@hurina> <1352157757.13571.121.camel@hurina> <50992C33.8030505@wildgooses.com> <5A7F7F7A-9CEB-4A20-B03C-99EE81351114@iki.fi> <50A04CAE.5040608@amfes.com> <50A04EFA.1080202@thelounge.net> <assp.1663a3b60b.f55349df7c455907404f9b76b8a6809e@amfes.com> Message-ID: <50A14EA1.3050307@wildgooses.com> On 12/11/2012 04:13, Daniel L. Miller wrote: > The tiny bit of Googling I've done tells me GnuTLS > seems to be a more standards-compliant implementation, and MAY be > "safer" than OpenSSL. However, as OpenSSL is the de-facto standard used > by most Linux programs, acceptance of GnuTLS is quite limited. I've been > intrigued by what I've read about it, and took a quick look at enabling > support in Dovecot for GnuTLS directly - but while it didn't seem overly > heavy at first glance the fact that Timo doesn't want to do it tells me > I'm underestimating the complexity. > Openssl is a *massive* project and I'm unsure that gnutls is much smaller... We should assume that both are quite scary from a "security" point of view. Licensing is the main thing which divides them, gnutls is stated as GPL compatible (however, the nominal incompatibility of openssl seems difficult to understand?) OpenVPN integrated with PolarSSL and got Dutch government official approval for the combined package. I think elsewhere it's stated that openssl would not have been approved because something like the codebase was too large to inspect and sign off http://polarssl.org/news?item=0132 I haven't worked with PolarSSL, so no idea, but it's massively smaller codebase is likely attractive if you are the kind of person who actually *does* security audits on the software you run in secure situations. Openssl is just a complete swiss army knife of tools! Ed W From tss at iki.fi Mon Nov 12 21:44:01 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Nov 2012 21:44:01 +0200 Subject: [Dovecot] v2.1 memory usage In-Reply-To: <assp.1663a3b60b.f55349df7c455907404f9b76b8a6809e@amfes.com> References: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> <1352151633.13571.116.camel@hurina> <1352157757.13571.121.camel@hurina> <50992C33.8030505@wildgooses.com> <5A7F7F7A-9CEB-4A20-B03C-99EE81351114@iki.fi> <50A04CAE.5040608@amfes.com> <50A04EFA.1080202@thelounge.net> <assp.1663a3b60b.f55349df7c455907404f9b76b8a6809e@amfes.com> Message-ID: <974F70A7-6A21-42C0-B7D4-43CAC3D5D9CB@iki.fi> On 12.11.2012, at 6.13, Daniel L. Miller wrote: >> where is the problem with openssl? > > I don't know what the problem is - I just know that I've > heard from a number of developers (including the Postfix & Dovecot > developers) that they don't like OpenSSL - but while GnuTLS looks > interesting they aren't interested in working on the interface - though > they're willing to accept patches. (My full apologies right now if Timo > or Wietse are offended by my speaking out of turn). OpenSSL documentation is very bad. Its API has some annoying missing features. For example you can load certificates from a directory or a file but not from anything else like from a string in memory. I had to copy&paste a few functions from OpenSSL code just to be able to do them. > The tiny bit of Googling I've done tells me GnuTLS > seems to be a more standards-compliant implementation, and MAY be > "safer" than OpenSSL. However, as OpenSSL is the de-facto standard used > by most Linux programs, acceptance of GnuTLS is quite limited. I've been > intrigued by what I've read about it, and took a quick look at enabling > support in Dovecot for GnuTLS directly - but while it didn't seem overly > heavy at first glance the fact that Timo doesn't want to do it tells me > I'm underestimating the complexity. I already once wrote GnuTLS support for Dovecot, but GnuTLS changed its APIs since then and it was probably originally already buggy. I think the only somewhat "special" APIs that Dovecot needs nowadays are related to reading cert/keys from memory instead of from files. If GnuTLS can do that, I don't think there's anything special in supporting it. Although it might be a bit complex to make it work properly asynchronously. istream-openssl was a bit annoying in that way (all the data read from the fd must be parsed and decoded all the way through to the SSL istream, regardless of any max buffer limits). From dovecot at r.paypc.com Tue Nov 13 00:44:22 2012 From: dovecot at r.paypc.com (Robin) Date: Mon, 12 Nov 2012 14:44:22 -0800 Subject: [Dovecot] mbox vs. maildir storage block waste In-Reply-To: <1352683581.12282.11.camel@fermat.scientia.net> References: <1351544049.3435.47.camel@fermat.scientia.net> <9D29C5F7-A6BC-4D74-AAA9-14675035D09C@iki.fi> <1351545330.3435.66.camel@fermat.scientia.net> <22F4E090-F572-40F4-8B69-D48E48856815@iki.fi> <1351547682.3435.76.camel@fermat.scientia.net> <A15D492A-72F5-44F9-9167-6E1AE8CC9647@iki.fi> <1351556165.3435.88.camel@fermat.scientia.net> <9C95F27A-0D85-4CD4-8172-9829BC026A14@iki.fi> <1352420557.5071.54.camel@fermat.scientia.net> <509C6243.9040002@r.paypc.com> <1352683581.12282.11.camel@fermat.scientia.net> Message-ID: <50A17BC6.5070100@r.paypc.com> On 11/11/2012 5:26 PM, Christoph Anton Mitterer wrote: > Have you made systematic tests? I.e. compared times for all of these > with those from the different dovecot backends. The choice of Dovecot backends made no substantial difference. I used maildir, sdbox, and mdbox. I also added SiS (with mdbox). Initial tests were on local multi-spindle RAID5 storage, but to handicap Dovecot, I pushed it over NFS (also Linux 3.2 on a local GigE segment). It wasn't slow enough to make dbmail competitive, even though you have to start turning off performance optimisation features in Dovecot to avoid NFS bugs. >> There wasn't a task that the dbmail setup performed faster than >> Dovecot, in either low or high load situations. > Which backend did you use? Backend for dbmail? Two MySQL versions (5.0 and 5.5) - InnoDB is required for dbmail, by the way. Postgres 8.4 and 9.1 backends, using its default storage engine. I tried the tests with both a separate DB machine, as well as a cohosted one with the dbmail connector using local sockets instead of TCP/IP, but that didn't significantly alter the performance. I've found my first notes from the tests. It was the second round of tests with the latest MySQL 5.0 server given some tuning to more aggressively use system memory. You will note the puny size of the mail folder hive in this round. > The mysqld process has consumed nearly an hour of CPU time during this process. > dbmail is configured to use local sockets rather than network I/O. > > I'm using the PERL MailTools http://search.cpan.org/dist/MailTools/ > to import about 10 folders' worth of email, totaling about 560MB in raw size, > constituting about 23,000 emails. The script basically creates the folders, > and does an APPEND for each email. It's bog simple. > > I DROP the database, recreated it, added the one user, verify DBMail > accepts authentication for the newly created mailbox, and then do the import. > The MySQL files live on a freshly formatted ext4 filesystem. > > The import takes Dovecot (MailDir or mdbox format), or Panda IMAP (mix) > about six minutes to complete. > > DBMail 3 took 4h 23m. Casual inspection of the system showed modestly > high CPU usage in mysqld and dbmail-imapd (as well as the import perl > command on occasion), but the Load Average didn't get too close to 1.0, > let alone 2.0, which concerns me that I might have hit some kind of > "busy wait" pathology. To clarify the above: To streamline iterative testing, I made a script to deactivate the currently running SQL server, unmount, re-format, re-mount, and re-populate the skeletal DB directories and restart the DB engine. So between each test, no matter the imapd or DB back-end, the mailstore was presented with a freshly formatted volume on dedicated spindles. The filesystem was ext4, formatted with: lazy_itable_init=0,lazy_journal_init=0,dir_index=1,extents=1,uninit_bg=0,flex_bg=0,has_journal=0,inode_size=256,dir_index=1, > Do you have detailed numbers? Not really, but after it was clear that I wasn't going to get comparable performance even within the same magnitude, I stopped testing it. I included the IMAP SEARCH performance comparison against fts_squat in my original mail to this list. In addition to huge performance deficiencies, it also has/had fatal operational bugs. > I guess you?ve "only" tried dbmail? I did try Manitou, but the lack of a proper IMAP service for it made extensive "like for like" testing very difficult. Manitou is still in the very early days, alas. It also relies on the SQL DB's underlying authentication systems which is rather ... alarming. It performs quite a bit better than dbmail, but still it's not close to Dovecot. At the time I tested it, only custom-rolled clients could talk to it, i.e., no imap4/pop3 "gateways" to it. I think I was most alarmed to see that the widely assumed benefits of putting mail on a SQL DB, i.e., fast searching/sorting, didn't actually happen in reality. As others have mentioned, I also shudder to think of backup/restore issues, especially on a single user level. The mechanisms of backing up and restoring maildirs and even mdboxes, i.e., simple files, are not only well understood, the failure modes are generally fully recoverable. SQL-DB file blobs, especially with MySQL, remind me too much of the "PST Hell" that Exchange administrators face. But maybe that's just my ignorance talking. > All something I wouldn?t want to do on my production systems ;) Neither would I. But as I said, I was "desperate" to get this close to Dovecot's performance. I had about 2-3 weeks to pre-qualify mail storage back-ends with an eye towards 4 or 5 digits of usercount, and maybe tens to hundreds of TBs' scale of mail storage. Running across such poor performance with such relatively small loads disqualified the DB-based mail products very very quickly, for ME, anyway. If you want to run your own tests, my suggestion is to start with Postgres, put as much RAM into your DB machine as you can afford, and maybe populate your DB machine exclusively with SSDs. =R= From tss at iki.fi Tue Nov 13 01:02:26 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 13 Nov 2012 01:02:26 +0200 Subject: [Dovecot] mbox vs. maildir storage block waste In-Reply-To: <50A17BC6.5070100@r.paypc.com> References: <1351544049.3435.47.camel@fermat.scientia.net> <9D29C5F7-A6BC-4D74-AAA9-14675035D09C@iki.fi> <1351545330.3435.66.camel@fermat.scientia.net> <22F4E090-F572-40F4-8B69-D48E48856815@iki.fi> <1351547682.3435.76.camel@fermat.scientia.net> <A15D492A-72F5-44F9-9167-6E1AE8CC9647@iki.fi> <1351556165.3435.88.camel@fermat.scientia.net> <9C95F27A-0D85-4CD4-8172-9829BC026A14@iki.fi> <1352420557.5071.54.camel@fermat.scientia.net> <509C6243.9040002@r.paypc.com> <1352683581.12282.11.camel@fermat.scientia.net> <50A17BC6.5070100@r.paypc.com> Message-ID: <85E7498A-1E79-4C7A-8DDA-8ED3D841A0DF@iki.fi> On 13.11.2012, at 0.44, Robin wrote: > On 11/11/2012 5:26 PM, Christoph Anton Mitterer wrote: >> Have you made systematic tests? I.e. compared times for all of these >> with those from the different dovecot backends. > > The choice of Dovecot backends made no substantial difference. I used maildir, sdbox, and mdbox. I also added SiS (with mdbox). Initial tests were on local multi-spindle RAID5 storage, With local disks the tests often measure only the local RAM/CPU speed, unless you're testing thousands of users. > but to handicap Dovecot, I pushed it over NFS (also Linux 3.2 on a local GigE segment). It wasn't slow enough to make dbmail competitive, even though you have to start turning off performance optimisation features in Dovecot to avoid NFS bugs. NFS makes a better test case if you're measuring single user performance. Much of it is probably due to the index file access latency, although not all. In some cases Dovecot's prefetching mails can help (maildir, sdbox backends with local disks currently, nothing preventing it from working in other use cases though, even with Dovecot-SQL backend). >> I guess you?ve "only" tried dbmail? > > I did try Manitou, but the lack of a proper IMAP service for it made extensive "like for like" testing very difficult. Manitou is still in the very early days, alas. It also relies on the SQL DB's underlying authentication systems which is rather ... alarming. It performs quite a bit better than dbmail, but still it's not close to Dovecot. At the time I tested it, only custom-rolled clients could talk to it, i.e., no imap4/pop3 "gateways" to it. Manitou seems to advertise itself as being email client .. although then also seems to say SQL is faster than IMAP (which doesn't make much sense itself). > I think I was most alarmed to see that the widely assumed benefits of putting mail on a SQL DB, i.e., fast searching/sorting, didn't actually happen in reality. SQL has nothing that makes any type of email access even potentially efficient. SQL indexes are mostly about binary trees, and there are about zero things in IMAP where I have thought of binary tree being even potentially useful. (Okay, potentially for expunging old mails when you have >1M mails in one folder. Not something you normally optimize for.) With most of Dovecot's optimized lookups, latency is the most important thing. SQL is bad for latency. With remote systems it's usually much faster to just download 1 MB blob and parse it than fetch a couple of 100 byte blocks. > As others have mentioned, I also shudder to think of backup/restore issues, especially on a single user level. The mechanisms of backing up and restoring maildirs and even mdboxes, i.e., simple files, are not only well understood, the failure modes are generally fully recoverable. SQL-DB file blobs, especially with MySQL, remind me too much of the "PST Hell" that Exchange administrators face. But maybe that's just my ignorance talking. I'd think everyone would use the human-readable SQL dumps for database backups. At least with MySQL/PostgreSQL I wouldn't really trust anything else. From tss at iki.fi Tue Nov 13 01:09:44 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 13 Nov 2012 01:09:44 +0200 Subject: [Dovecot] mbox vs. maildir storage block waste In-Reply-To: <85E7498A-1E79-4C7A-8DDA-8ED3D841A0DF@iki.fi> References: <1351544049.3435.47.camel@fermat.scientia.net> <9D29C5F7-A6BC-4D74-AAA9-14675035D09C@iki.fi> <1351545330.3435.66.camel@fermat.scientia.net> <22F4E090-F572-40F4-8B69-D48E48856815@iki.fi> <1351547682.3435.76.camel@fermat.scientia.net> <A15D492A-72F5-44F9-9167-6E1AE8CC9647@iki.fi> <1351556165.3435.88.camel@fermat.scientia.net> <9C95F27A-0D85-4CD4-8172-9829BC026A14@iki.fi> <1352420557.5071.54.camel@fermat.scientia.net> <509C6243.9040002@r.paypc.com> <1352683581.12282.11.camel@fermat.scientia.net> <50A17BC6.5070100@r.paypc.com> <85E7498A-1E79-4C7A-8DDA-8ED3D841A0DF@iki.fi> Message-ID: <8445ED76-AF63-417D-95B3-CFF03E2090AF@iki.fi> Uh.. On 13.11.2012, at 1.02, Timo Sirainen wrote: > On 13.11.2012, at 0.44, Robin wrote: > >> On 11/11/2012 5:26 PM, Christoph Anton Mitterer wrote: >>> Have you made systematic tests? I.e. compared times for all of these >>> with those from the different dovecot backends. >> >> The choice of Dovecot backends made no substantial difference. I used maildir, sdbox, and mdbox. I also added SiS (with mdbox). Initial tests were on local multi-spindle RAID5 storage, > > With local disks the tests often measure only the local RAM/CPU speed, unless you're testing thousands of users. ..measuring disk I/O most importantly. >> but to handicap Dovecot, I pushed it over NFS (also Linux 3.2 on a local GigE segment). It wasn't slow enough to make dbmail competitive, even though you have to start turning off performance optimisation features in Dovecot to avoid NFS bugs. > > NFS makes a better test case if you're measuring single user performance. Much of it is probably due to the index file access latency, although not all. In some cases Dovecot's prefetching mails can help (maildir, sdbox backends with local disks currently, nothing preventing it from working in other use cases though, even with Dovecot-SQL backend). Prefetching is done only with mail_prefetch_count setting. Someone in blog.dovecot.org mentioned that it was bad for performance with local disk+maildir. Linux apparently doesn't do this with NFS. It would of course be possible to just have the prefetching create a new thread/process to download the mail locally and read it (similar to what the object storage plugin does). From symbiat at gmail.com Tue Nov 13 07:09:37 2012 From: symbiat at gmail.com (Ajai Khattri) Date: Tue, 13 Nov 2012 00:09:37 -0500 Subject: [Dovecot] Dovecot newbie (migrating from qmail) Message-ID: <CA+7x2W-yQ-XvjNardvhvwS_T+y+jbCVvwM=Gn=xsRbcgypf4JA@mail.gmail.com> Ive been using qmail+vpopmail+courier-imap for many years but its time to retire that server so I thought this might be an opportunity to see how I could use Postfix and Dovecot to provide the same services. Im running Dovecot 2.1.9 and Postfix 2.9.4. I have spent a few days reading through some of the docs on the wiki (there's doesn't seem to be any large overview of Dovecot concepts or books so bear with me). Im thinking something simple like passwd-file setup would suffice for me. I want to use completely virtual users. Id like to store mail under /home/vmail/$domain/$user. I think Ive figured out how to do that. But how do I create the maildir? I understand the need to have a mail directory but also a directory for things like sieve - how to specify that? Im thinking the structure would be something like: /home/vmail/$domain/$user/mail <-- mail stored here /home/vmail/$domain/$user/ <-- sieve and other sundry store here Or should the sieve stuff also be under its own folder alongside the maildir? Is it possible to have a separate passwd file per domain? It is possible to combine password and userdb files into one per domain? (I prefer to keep all files related to each domain in its own folder). Also would like to configure Postfix to use dovecot-sasl and I want to use dovecot-lmtp for deliveries. Any good docs / example on those? Later on, I think I want to integrate some kind of virus and spam filtering (amavisd and maybe dspam - anybody used those? would I configure Postfix to handle that or dovecot-lmtp?) Im sure Ill have more questions as I get more complicated but baby steps for now. -- Aj. From alessio at skye.it Tue Nov 13 09:04:47 2012 From: alessio at skye.it (Alessio Cecchi) Date: Tue, 13 Nov 2012 08:04:47 +0100 Subject: [Dovecot] Dovecot newbie (migrating from qmail) In-Reply-To: <CA+7x2W-yQ-XvjNardvhvwS_T+y+jbCVvwM=Gn=xsRbcgypf4JA@mail.gmail.com> References: <CA+7x2W-yQ-XvjNardvhvwS_T+y+jbCVvwM=Gn=xsRbcgypf4JA@mail.gmail.com> Message-ID: <50A1F10F.9090204@skye.it> Il 13/11/2012 06:09, Ajai Khattri ha scritto: > Ive been using qmail+vpopmail+courier-imap for many years but its time to > retire that server so I thought this might be an opportunity to see how I > could use Postfix and Dovecot to provide the same services. Im running > Dovecot 2.1.9 and Postfix 2.9.4. > > I have spent a few days reading through some of the docs on the wiki > (there's doesn't seem to be any large overview of Dovecot concepts or books > so bear with me). > > Im thinking something simple like passwd-file setup would suffice for me. I > want to use completely virtual users. > > Id like to store mail under /home/vmail/$domain/$user. I think Ive figured > out how to do that. But how do I create the maildir? Maildir/ will automatically created when the first email arrives or during the first user login. It would be better if you create the folder during the creation of the users. > > I understand the need to have a mail directory but also a directory for > things like sieve - how to specify that? > > Im thinking the structure would be something like: > /home/vmail/$domain/$user/mail <-- mail stored here Yes, better (by convention) if named Maildir/ > /home/vmail/$domain/$user/ <-- sieve and other sundry store here > Or should the sieve stuff also be under its own folder alongside the > maildir? Inside Maildir/ named sieve/ or always without tarting with a dot > > Is it possible to have a separate passwd file per domain? It is possible to > combine password and userdb files into one per domain? (I prefer to keep > all files related to each domain in its own folder). Yes, passdb { driver = passwd-file # Each domain has a separate passwd-file: args = /etc/auth/%d/passwd } Yes: http://wiki2.dovecot.org/AuthDatabase/PasswdFile > > Also would like to configure Postfix to use dovecot-sasl and I want to use > dovecot-lmtp for deliveries. Any good docs / example on those? For SASL http://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL Ciao -- Alessio Cecchi is: @ ILS -> http://www.linux.it/~alessice/ on LinkedIn -> http://www.linkedin.com/in/alessice Assistenza Sistemi GNU/Linux -> http://www.cecchi.biz/ @ PLUG -> ex-Presidente, adesso senatore a vita, http://www.prato.linux.it From janfrode at tanso.net Tue Nov 13 11:17:44 2012 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Tue, 13 Nov 2012 10:17:44 +0100 Subject: [Dovecot] Commercial features in Dovecot future: Object storage, archive In-Reply-To: <85966921-0276-4B80-8F7B-37B5B9558FFC@iki.fi> References: <85966921-0276-4B80-8F7B-37B5B9558FFC@iki.fi> Message-ID: <CAHwPatiW7OCV-WAa=n_-pEm59kU_6Hj+eKJuMx_zQpW0sCRYmg@mail.gmail.com> On Mon, Nov 12, 2012 at 12:33 PM, Timo Sirainen <tss at iki.fi> wrote: > Hi all, > > Dovecot Oy?s web pages at www.dovecot.fi have been updated. The products page lists two features that will be available for commercial licensing, extending the functionality of the basic open-source version of Dovecot. > > * Storing emails to (high-latency) object storage, initially supporting Amazon S3, Caringo CAStor and Scality. > > * Email archive storage. > > See http://www.dovecot.fi/products/index.html for details. 404 file not found, but it was not too difficult to guess where you meant. I'm not too interested in the extended functionality, but the extra tested, bugfix-only/mainly Enterprise Release sounds very interesting. That page isn't quite clear on if the enterprise release is meant to be free or not "(Some features may require license fees)". Could you please clarify? Is it available already? We're starting to be long overdue for an overhaul of our installation (currently on v2.0.14 + some fixes), so we need to do something soon... -jf From mfi at tf.uni-kiel.de Tue Nov 13 11:18:26 2012 From: mfi at tf.uni-kiel.de (Michael Firnau) Date: Tue, 13 Nov 2012 10:18:26 +0100 Subject: [Dovecot] dovecot lost mail! Cause? In-Reply-To: <k7qge4$g5r$1@ger.gmane.org> References: <k7qedh$kg$1@ger.gmane.org> <alpine.DEB.1.10.1211121018330.10160@pc-2m63a.inf.fh-bonn-rhein-sieg.de> <k7qge4$g5r$1@ger.gmane.org> Message-ID: <20121113091826.GS36787@fanty-a.tf.uni-kiel.de> On Mon, Nov 12, 2012 at 01:44:37AM -0800, Lukas Haase wrote: > Hi, > > On 11/12/2012 1:19 AM, Steffen Kaiser wrote: > > On Mon, 12 Nov 2012, Lukas Haase wrote: > > > >> Nov 12 07:28:21 mail dovecot: deliver(user2): sieve: > >> msgid=<8644593.887351352701685934.JavaMail.orbitz>: stored mail into > >> mailbox 'INBOX' > > > > are there any other log lines of user2? > > Anfortunately not :-( Grepped everything, and I would have posted otherwise. > > My hope is that the dovecot.index.cache may provide some insights (I > made a backup copy of it). Hi, yesterday i had a user missing mail and he had the junk-filter in thunderbird activated. The mail was automagically moved from the inbox to the spam folder. From the header i see you use thunderbird, so it's a shot in the dark ... Regards, Mike From marco.gatti at gmail.com Tue Nov 13 12:35:04 2012 From: marco.gatti at gmail.com (Marco Gatti) Date: Tue, 13 Nov 2012 11:35:04 +0100 Subject: [Dovecot] multiple users to same e-mail account with ldap authentication Message-ID: <CA+-Sp6nBFStLsLvxXz4uybAksN8scY=9SqF+RkbEz_v385Bh8w@mail.gmail.com> Hi, I was looking for a particular case of dovecot configuration I cannot find anywhere. Is there a way dovecot can authenticate via ldap different windows 2008 AD users that have access to the same e-mail account (like user authorization in ms exchange)? For example I want to extend AD schema to let users have 10 email accounts (with multiple domain support). If they are private accounts I think there is no problem at all. But if I want two or more users to access the same mail account what happens? Can I do it with dovecot? Or should I create AD groups and add members to that, to let user access the same mail account? Cheers -- Marco From CMarcus at Media-Brokers.com Tue Nov 13 13:14:20 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Tue, 13 Nov 2012 06:14:20 -0500 Subject: [Dovecot] dovecot lost mail! Cause? In-Reply-To: <20121113091826.GS36787@fanty-a.tf.uni-kiel.de> References: <k7qedh$kg$1@ger.gmane.org> <alpine.DEB.1.10.1211121018330.10160@pc-2m63a.inf.fh-bonn-rhein-sieg.de> <k7qge4$g5r$1@ger.gmane.org> <20121113091826.GS36787@fanty-a.tf.uni-kiel.de> Message-ID: <50A22B8C.7020409@Media-Brokers.com> On 2012-11-13 4:18 AM, Michael Firnau <mfi at tf.uni-kiel.de> wrote: > yesterday i had a user missing mail and he had the junk-filter > in thunderbird activated. The mail was automagically moved from > the inbox to the spam folder. From the header i see you use thunderbird, > so it's a shot in the dark ... I have a user that uses filters, and occasionally will shoot himself in the foot trying to be a little bit too smart trying to catch junk (his definition of junk is just anything that he doesn't want), and he calls me occasionally to come figure out why his filter is catching all of his good mail (usually a typo)... So, check for any filters too... -- Best regards, Charles From rs at sys4.de Tue Nov 13 13:32:38 2012 From: rs at sys4.de (Robert Schetterer) Date: Tue, 13 Nov 2012 12:32:38 +0100 Subject: [Dovecot] Commercial features in Dovecot future: Object storage, archive In-Reply-To: <CAHwPatiW7OCV-WAa=n_-pEm59kU_6Hj+eKJuMx_zQpW0sCRYmg@mail.gmail.com> References: <85966921-0276-4B80-8F7B-37B5B9558FFC@iki.fi> <CAHwPatiW7OCV-WAa=n_-pEm59kU_6Hj+eKJuMx_zQpW0sCRYmg@mail.gmail.com> Message-ID: <50A22FD6.2040501@sys4.de> Am 13.11.2012 10:17, schrieb Jan-Frode Myklebust: >> See http://www.dovecot.fi/products/index.html for details. > 404 file not found, but it was not too difficult to guess where you meant. no problem here Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From h.reindl at thelounge.net Tue Nov 13 13:38:05 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Tue, 13 Nov 2012 12:38:05 +0100 Subject: [Dovecot] Commercial features in Dovecot future: Object storage, archive In-Reply-To: <50A22FD6.2040501@sys4.de> References: <85966921-0276-4B80-8F7B-37B5B9558FFC@iki.fi> <CAHwPatiW7OCV-WAa=n_-pEm59kU_6Hj+eKJuMx_zQpW0sCRYmg@mail.gmail.com> <50A22FD6.2040501@sys4.de> Message-ID: <50A2311D.7060308@thelounge.net> Am 13.11.2012 12:32, schrieb Robert Schetterer: > Am 13.11.2012 10:17, schrieb Jan-Frode Myklebust: >>> See http://www.dovecot.fi/products/index.html for details. >> 404 file not found, but it was not too difficult to guess where you meant. > > no problem here having a shiny laout does not mean that you do not see a error page since it is one httpd-config-line read the page title <title>Whoops! Page Not Found | The world's most popular IMAP server! read the response-headers: HTTP/1.1 404 Not Found Date: Tue, 13 Nov 2012 11:36:40 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3 scroll down: Whoops! Page Not Found Don't fret, you didn't do anything wrong. It appears that the page you are looking for does not exist or has been moved elsewhere. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 259 bytes Desc: OpenPGP digital signature URL: From rs at sys4.de Tue Nov 13 13:40:29 2012 From: rs at sys4.de (Robert Schetterer) Date: Tue, 13 Nov 2012 12:40:29 +0100 Subject: [Dovecot] multiple users to same e-mail account with ldap authentication In-Reply-To: References: Message-ID: <50A231AD.6050308@sys4.de> Am 13.11.2012 11:35, schrieb Marco Gatti: > Hi, I was looking for a particular case of dovecot configuration I > cannot find anywhere. > Is there a way dovecot can authenticate via ldap different windows > 2008 AD users that have access to the same e-mail account (like user > authorization in ms exchange)? > For example I want to extend AD schema to let users have 10 email > accounts (with multiple domain support). If they are private accounts > I think there is no problem at all. But if I want two or more users to > access the same mail account what happens? Can I do it with dovecot? > Or should I create AD groups and add members to that, to let user > access the same mail account? > Cheers > there may more ways to goal this, for short looking one, way is described here http://wiki2.dovecot.org/HowTo/ActiveDirectoryNtlm using ldap might be better look i.e http://blog.al-shami.net/2008/05/freebsd-postfix-dovecot-and-active-directory/ http://www.howtoforge.com/postfix-dovecot-authentication-against-active-directory-on-centos-5.x for ideas Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From rs at sys4.de Tue Nov 13 13:43:14 2012 From: rs at sys4.de (Robert Schetterer) Date: Tue, 13 Nov 2012 12:43:14 +0100 Subject: [Dovecot] Commercial features in Dovecot future: Object storage, archive In-Reply-To: <50A2311D.7060308@thelounge.net> References: <85966921-0276-4B80-8F7B-37B5B9558FFC@iki.fi> <50A22FD6.2040501@sys4.de> <50A2311D.7060308@thelounge.net> Message-ID: <50A23252.1010603@sys4.de> Am 13.11.2012 12:38, schrieb Reindl Harald: > read the page title > Whoops! Page Not Found | ok , i see youre right, i am rare looking in tab text Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From tss at iki.fi Tue Nov 13 14:27:48 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 13 Nov 2012 14:27:48 +0200 Subject: [Dovecot] Commercial features in Dovecot future: Object storage, archive In-Reply-To: <CAHwPatiW7OCV-WAa=n_-pEm59kU_6Hj+eKJuMx_zQpW0sCRYmg@mail.gmail.com> References: <85966921-0276-4B80-8F7B-37B5B9558FFC@iki.fi> <CAHwPatiW7OCV-WAa=n_-pEm59kU_6Hj+eKJuMx_zQpW0sCRYmg@mail.gmail.com> Message-ID: <A2F46699-9091-4B6C-95F6-05EB8B3A0782@iki.fi> On 13.11.2012, at 11.17, Jan-Frode Myklebust wrote: > On Mon, Nov 12, 2012 at 12:33 PM, Timo Sirainen <tss at iki.fi> wrote: >> Hi all, >> >> Dovecot Oy?s web pages at www.dovecot.fi have been updated. The products page lists two features that will be available for commercial licensing, extending the functionality of the basic open-source version of Dovecot. >> >> * Storing emails to (high-latency) object storage, initially supporting Amazon S3, Caringo CAStor and Scality. >> >> * Email archive storage. >> >> See http://www.dovecot.fi/products/index.html for details. > > 404 file not found, but it was not too difficult to guess where you meant. It worked when I wrote the email, but broke since then :) > I'm not too interested in the extended functionality, but the extra > tested, bugfix-only/mainly Enterprise Release sounds very interesting. > That page isn't quite clear on if the enterprise release is meant to > be free or not "(Some features may require license fees)". Could you > please clarify? Is it available already? It's currently available if you buy a support contract. (RPMs and source tarball, DEBs should come in somewhat near future.) From andreas.schulze at datev.de Tue Nov 13 15:09:53 2012 From: andreas.schulze at datev.de (Andreas Schulze) Date: Tue, 13 Nov 2012 14:09:53 +0100 Subject: [Dovecot] older gcc don't know --as-needed Message-ID: <20121113130953.GA22714@spider.services.datevnet.de> Hi, I have to build dovecot-2.1.10 for SuSE SLES9. /bin/sh ../../libtool --tag=CC --mode=link gcc -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -no-undefined -Wl,--as-needed -o test-lib test_lib-test-lib.o test_lib-test-array.o test_lib-test-aqueue.o test_lib-test-base64.o test_lib-test-bsearch-insert-pos.o test_lib-test-buffer.o test_lib-test-crc32.o test_lib-test-hash-format.o test_lib-test-hex-binary.o test_lib-test-istream-base64-encoder.o test_lib-test-istream-concat.o test_lib-test-istream-crlf.o test_lib-test-istream-seekable.o test_lib-test-istream-tee.o test_lib-test-llist.o test_lib-test-mempool-alloconly.o test_lib-test-network.o test_lib-test-ostream-file.o test_lib-test-primes.o test_lib-test-priorityq.o test_lib-test-seq-range-array.o test_lib-test-strescape.o test_lib-test-strfuncs.o test_lib-test-str-find.o test_lib-test-str-sanitize.o test_lib-test-time-util.o test_lib-test-utc-mktime.o test_lib-test-var-expand.o ../lib-test/libtest.la liblib.la -lrt libtool: link: gcc -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wl,--as-needed -o test-lib test_lib-test-lib.o test_lib-test-array.o test_lib-test-aqueue.o test_lib-test-base64.o test_lib-test-bsearch-insert-pos.o test_lib-test-buffer.o test_lib-test-crc32.o test_lib-test-hash-format.o test_lib-test-hex-binary.o test_lib-test-istream-base64-encoder.o test_lib-test-istream-concat.o test_lib-test-istream-crlf.o test_lib-test-istream-seekable.o test_lib-test-istream-tee.o test_lib-test-llist.o test_lib-test-mempool-alloconly.o test_lib-test-network.o test_lib-test-ostream-file.o test_lib-test-primes.o test_lib-test-priorityq.o test_lib-test-seq-range-array.o test_lib-test-strescape.o test_lib-test-strfuncs.o test_lib-test-str-find.o test_lib-test-str-sanitize.o test_lib-test-time-util.o test_lib-test-utc-mktime.o test_lib-test-var-expand.o ../lib-test/.libs/libtest.a ./.libs/liblib.a -lrt /usr/lib/gcc-lib/i586-suse-linux/3.3.3/../../../../i586-suse-linux/bin/ld: unrecognized option '--as-needed' /usr/lib/gcc-lib/i586-suse-linux/3.3.3/../../../../i586-suse-linux/bin/ld: use the --help option for usage information gcc version is 3.3.3 Is there a special option to disable ithe ld option or do I have to apply a special patch? Are there other suggestions? Thanks -- Andreas Schulze Internetdienste | P252 DATEV eG 90329 N?rnberg | Telefon +49 911 319-0 | Telefax +49 911 319-3196 E-Mail info @datev.de | Internet www.datev.de Sitz: 90429 N?rnberg, Paumgartnerstr. 6-14 | Registergericht N?rnberg, GenReg Nr.70 Vorstand Prof. Dieter Kempf (Vorsitzender) Dipl.-Kfm. Wolfgang Stegmann (stellvertretender Vorsitzender) Dipl.-Kfm. Michael Leistenschneider Dipl.-Kfm. Dr. Robert Mayr J?rg Rabe v. Pappenheim Dipl.-Vw. Eckhard Schwarzer Vorsitzender des Aufsichtsrates: Reinhard Verholen From amateo at um.es Tue Nov 13 15:22:50 2012 From: amateo at um.es (Angel L. Mateo) Date: Tue, 13 Nov 2012 14:22:50 +0100 Subject: [Dovecot] Problem importing messages with lazy_expunged configured Message-ID: <50A249AA.9000704@um.es> Hello, I have a problem importing messages since I have configured lazy_expunge. My lazy_expunge configuration (that is correctly working when a message is expunged) is: plugin { lazy_expunge = BORRADOS. } namespace { hidden = yes list = no location = maildir:~/Maildir/expunged prefix = BORRADOS. separator = . } but when I try to import messages I get: amateo_adm at myotis31:~$ sudo doveadm -vD import -u angel.luis maildir:/tmp/angel.luis '' mailbox INBOX doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/lib02_lazy_expunge_plugin.so doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/lib10_quota_plugin.so doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/lib20_zlib_plugin.so doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules/doveadm doveadm(root): Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_acl_plugin.so: undefined symbol: acl_user_module (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_deinit (this is usually intentional, so just ignore this message) doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_quota_plugin.so doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_zlib_plugin.so doveadm(root): Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_backend_rescan (this is usually intentional, so just ignore this message) doveadm(root): Debug: Effective uid=0, gid=0, home=/home/amateo_adm doveadm(root): Debug: Quota root: name=User quota backend=dict args=:file:/home/amateo_adm/Maildir/dovecot.quota doveadm(root): Debug: Quota rule: root=User quota mailbox=* bytes=10737418240 messages=0 doveadm(root): Debug: Quota rule: root=User quota mailbox=Trash bytes=+1073741824 messages=0 doveadm(root): Debug: dict quota: user=doveadm, uri=file:/home/amateo_adm/Maildir/dovecot.quota, noenforcing=0 doveadm(root): Debug: maildir++: root=/tmp/angel.luis, index=, control=, inbox=/tmp/angel.luis, alt= doveadm(root): Fatal: lazy_expunge: Unknown namespace: 'BORRADOS.' in /tmp/<user> I don't have any "expunged" folder, it is just a maildir. In order to use it I have to deactivate this plugin in the running command with something like "sudo doveadm -vD -o mail_plugins='quota zlib' import -u <user> maildir:/tmp/<user> '' mailbox INBOX". Any idea? -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n y las Comunicaciones Aplicadas (ATICA) http://www.um.es/atica Tfo: 868889150 Fax: 868888337 -------------- next part -------------- # 2.1.9: /etc/dovecot/dovecot.conf # OS: Linux 3.2.19um1 x86_64 Ubuntu 12.04.1 LTS auth_cache_size = 20 M auth_cache_ttl = 1 days auth_master_user_separator = * auth_verbose = yes default_process_limit = 1024 disable_plaintext_auth = no log_timestamp = %Y-%m-%d %H:%M:%S login_trusted_networks = 155.54.211.176/28 mail_location = maildir:~/Maildir:INDEX=/var/indexes/%n mail_plugins = quota zlib lazy_expunge mail_privileged_group = mail maildir_very_dirty_syncs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave imapflags mdbox_rotate_size = 20 M namespace { inbox = yes location = prefix = separator = . } namespace { hidden = yes list = no location = maildir:~/Maildir/expunged prefix = BORRADOS. separator = . } passdb { args = /etc/dovecot/master-users driver = passwd-file master = yes pass = yes } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } passdb { args = session=yes cache_key=%n dovecot driver = pam } plugin { lazy_expunge = BORRADOS. quota = dict:User quota::file:%h/Maildir/dovecot.quota quota_rule = *:storage=10G quota_rule2 = Trash:storage=+1G sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = +imapflags sieve_max_redirects = 15 zlib_save = gz zlib_save_level = 6 } postmaster_address = postmaster at um.es protocols = imap pop3 lmtp sieve service anvil { client_limit = 3075 } service auth { client_limit = 4096 unix_listener auth-userdb { mode = 0666 } } service doveadm { inet_listener { port = 24245 } } service imap { process_limit = 5120 process_min_avail = 6 vsz_limit = 512 M } service ipc { unix_listener ipc { user = dovecot } } service lmtp { inet_listener lmtp { port = 24 } process_min_avail = 10 vsz_limit = 512 M } service pop3 { process_min_avail = 6 } ssl = no ssl_cert = </etc/ssl/certs/dovecot.pem ssl_key = </etc/ssl/private/dovecot.pem userdb { driver = prefetch } userdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } protocol lda { mail_plugins = quota zlib lazy_expunge sieve } protocol imap { mail_plugins = quota zlib lazy_expunge imap_quota } protocol lmtp { mail_plugins = quota zlib lazy_expunge sieve } protocol pop3 { pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, in=%i, out=%o } local 155.54.211.160/27/27 { doveadm_password = <password> } From marco.gatti at gmail.com Tue Nov 13 15:56:46 2012 From: marco.gatti at gmail.com (Marco Gatti) Date: Tue, 13 Nov 2012 14:56:46 +0100 Subject: [Dovecot] multiple users to same e-mail account with ldap authentication In-Reply-To: <50A231AD.6050308@sys4.de> References: <CA+-Sp6nBFStLsLvxXz4uybAksN8scY=9SqF+RkbEz_v385Bh8w@mail.gmail.com> <50A231AD.6050308@sys4.de> Message-ID: <CA+-Sp6mRy_p=_g+uRKa+-BUgNC3acFoGafzH5kQduQCPsyA_VA@mail.gmail.com> 2012/11/13 Robert Schetterer <rs at sys4.de>: > Am 13.11.2012 11:35, schrieb Marco Gatti: >> Hi, I was looking for a particular case of dovecot configuration I >> cannot find anywhere. >> Is there a way dovecot can authenticate via ldap different windows >> 2008 AD users that have access to the same e-mail account (like user >> authorization in ms exchange)? >> For example I want to extend AD schema to let users have 10 email >> accounts (with multiple domain support). If they are private accounts >> I think there is no problem at all. But if I want two or more users to >> access the same mail account what happens? Can I do it with dovecot? >> Or should I create AD groups and add members to that, to let user >> access the same mail account? >> Cheers >> > > there may more ways to goal this, for short looking one, way is > described here > > http://wiki2.dovecot.org/HowTo/ActiveDirectoryNtlm > > using ldap might be better > > look i.e > > http://blog.al-shami.net/2008/05/freebsd-postfix-dovecot-and-active-directory/ > http://www.howtoforge.com/postfix-dovecot-authentication-against-active-directory-on-centos-5.x > > > for ideas > > Best Regards > MfG Robert Schetterer > > -- > [*] sys4 AG > > http://sys4.de, +49 (89) 30 90 46 64 > Franziskanerstra?e 15, 81669 M?nchen > > Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 > Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer > Aufsichtsratsvorsitzender: Joerg Heidrich Thank you Robert for the quick reply. I'm aware of the links you sent me, however they don't give me a clue if what I was asking may me done. I'll try to give more details. I have to build a multiple domain mail server with the use of windows AD authentication. I've managed to add some extra filed in the AD schema like this: mail1: account1 at example1.com box1: /example1.com/account1/ enabled1: TRUE quota1: 1000000 mail2: account2 at example2.com box2: /example2.com/account2/ enabled2: TRUE quota2: 1000000 There could be 10 or 50 of them for each AD user. If I use NTLM or PAM authentication (after joining the AD) I have to use AD usernames to login with dovecot and I don't know how then to deal with different email addresses configured per user. If I use LDAP lookup I have to use the email address as username but then if different AD users have to access the same email account how dovecot can manage it??? For example the LDAP configuration for user and password lookup may be something like this: user_attrs = sAMAccountName=mail=maildir:/var/mail/%d/%n,=uid=102,=gid=10050 user_filter = (&(objectClass=person)(|(&(mail1=%u)(enabled1=TRUE)) (&(mail2=%u)(enabled2=TRUE)))) pass_attrs = userPassword=password pass_filter = (&(objectClass=person)(|(&(mail1=%u)(enabled1=TRUE)) (&(mail2=%u)(enabled2=TRUE)))) I think I may be missing something important in how dovecot works, but cannot find any documentation about it. Regards -- Marco From ott at mirix.org Tue Nov 13 16:10:34 2012 From: ott at mirix.org (Matthias-Christian Ott) Date: Tue, 13 Nov 2012 15:10:34 +0100 Subject: [Dovecot] v2.1 memory usage In-Reply-To: <974F70A7-6A21-42C0-B7D4-43CAC3D5D9CB@iki.fi> References: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> <1352151633.13571.116.camel@hurina> <1352157757.13571.121.camel@hurina> <50992C33.8030505@wildgooses.com> <5A7F7F7A-9CEB-4A20-B03C-99EE81351114@iki.fi> <50A04CAE.5040608@amfes.com> <50A04EFA.1080202@thelounge.net> <assp.1663a3b60b.f55349df7c455907404f9b76b8a6809e@amfes.com> <974F70A7-6A21-42C0-B7D4-43CAC3D5D9CB@iki.fi> Message-ID: <50A254DA.6040901@mirix.org> On 2012-11-12 20:44, Timo Sirainen wrote: > On 12.11.2012, at 6.13, Daniel L. Miller wrote: >> The tiny bit of Googling I've done tells me GnuTLS >> seems to be a more standards-compliant implementation, and MAY be >> "safer" than OpenSSL. However, as OpenSSL is the de-facto standard used >> by most Linux programs, acceptance of GnuTLS is quite limited. I've been >> intrigued by what I've read about it, and took a quick look at enabling >> support in Dovecot for GnuTLS directly - but while it didn't seem overly >> heavy at first glance the fact that Timo doesn't want to do it tells me >> I'm underestimating the complexity. > > I already once wrote GnuTLS support for Dovecot, but GnuTLS changed its APIs since then and it was probably originally already buggy. I think the only somewhat "special" APIs that Dovecot needs nowadays are related to reading cert/keys from memory instead of from files. If GnuTLS can do that, I don't think there's anything special in supporting it. Although it might be a bit complex to make it work properly asynchronously. istream-openssl was a bit annoying in that way (all the data read from the fd must be parsed and decoded all the way through to the SSL istream, regardless of any max buffer limits). A while ago, I started working on GnuTLS support for Dovecot. While I didn't finish the implementation due to time constraints (the "abstract" API of lib-ssl-iostream is made for OpenSSL and you have to emulate some things), I think it would be possible to add GnuTLS support and with GnuTLS it would be possible to load X.509 certificates from memory. Regards, Matthias-Christian From tibby at tibby.hu Tue Nov 13 16:44:26 2012 From: tibby at tibby.hu (tibby at tibby.hu) Date: Tue, 13 Nov 2012 15:44:26 +0100 Subject: [Dovecot] IPhone wont delete IMAP messages from dovecot mailbox Message-ID: <3d72996f8a91b2a663c0713fbe0e3697@tibby.hu> Hello! I've got dovecot running with postfix. Have virtual users under vmail folder. When I connect with outlook, I can read, delete messages. When I sign on with webmail, also can delete messages, Mutt is working as well on the mail server, can delete messages. Once the message is deleted it moves to the trash. Works as it supposed to. But on Iphone, when I add a mail user, got the mailbox synced with IMAP I can see the INBOX, but when I delete a message, get this error: "Unable to Move Message The message could not be moved to the mailbox Trash." http://www.netchimp.co.uk/webdesign/wp-content/uploads/2011/12/iphone_unable_to_move_message.png What causing this problem? Please Help. From symbiat at gmail.com Tue Nov 13 16:52:46 2012 From: symbiat at gmail.com (Ajai Khattri) Date: Tue, 13 Nov 2012 09:52:46 -0500 Subject: [Dovecot] Dovecot newbie (migrating from qmail) In-Reply-To: <50A1F10F.9090204@skye.it> References: <CA+7x2W-yQ-XvjNardvhvwS_T+y+jbCVvwM=Gn=xsRbcgypf4JA@mail.gmail.com> <50A1F10F.9090204@skye.it> Message-ID: <50A25EBE.7000605@gmail.com> On 11/13/12 2:04 AM, Alessio Cecchi wrote: > Yes, better (by convention) if named Maildir/ Incidently, Im only using maildir because Im familiar with it and it scales well. How does it compare against mdbox? Does Dovecot have its own mailbox format? -- Aj. From ben at morrow.me.uk Tue Nov 13 16:57:34 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Tue, 13 Nov 2012 14:57:34 +0000 Subject: [Dovecot] sieve-extprograms strips Return-Path headers Message-ID: <20121113145732.GB40206@anubis.morrow.me.uk> The sieve-extprograms extension strips Return-Path headers before passing mail off to the external program. The patch to remove this behavious is trivial (and attached), but since it appears to be deliberate I felt I should investigate further. I believe this is basically a cut-and-paste error. The code to strip Return-Path has been there since the sieve-pipe plugin for Dovecot 1.x, and I believe it was copied from the equivalent code in the 'redirect' action for passing mail off to sendmail(8). In that case, stripping Return-Path is correct, since the message is being resubmitted for delivery (by SMTP or otherwise), and the last step of the new delivery will (should) add a new Return-Path header with the new envelope information. In the case of sieve-extprograms, though, the filtering is happening post-delivery, so a stripped Return-Path will never be replaced. Ben -------------- next part -------------- A non-text attachment was scrubbed... Name: return-path.patch Type: text/x-diff Size: 1012 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121113/5433942f/attachment-0002.bin> From rs at sys4.de Tue Nov 13 17:15:15 2012 From: rs at sys4.de (Robert Schetterer) Date: Tue, 13 Nov 2012 16:15:15 +0100 Subject: [Dovecot] multiple users to same e-mail account with ldap authentication In-Reply-To: <CA+-Sp6mRy_p=_g+uRKa+-BUgNC3acFoGafzH5kQduQCPsyA_VA@mail.gmail.com> References: <CA+-Sp6nBFStLsLvxXz4uybAksN8scY=9SqF+RkbEz_v385Bh8w@mail.gmail.com> <50A231AD.6050308@sys4.de> <CA+-Sp6mRy_p=_g+uRKa+-BUgNC3acFoGafzH5kQduQCPsyA_VA@mail.gmail.com> Message-ID: <50A26403.3020200@sys4.de> Am 13.11.2012 14:56, schrieb Marco Gatti: > 2012/11/13 Robert Schetterer <rs at sys4.de>: >> Am 13.11.2012 11:35, schrieb Marco Gatti: >>> Hi, I was looking for a particular case of dovecot configuration I >>> cannot find anywhere. >>> Is there a way dovecot can authenticate via ldap different windows >>> 2008 AD users that have access to the same e-mail account (like user >>> authorization in ms exchange)? >>> For example I want to extend AD schema to let users have 10 email >>> accounts (with multiple domain support). If they are private accounts >>> I think there is no problem at all. But if I want two or more users to >>> access the same mail account what happens? Can I do it with dovecot? >>> Or should I create AD groups and add members to that, to let user >>> access the same mail account? >>> Cheers >>> >> >> there may more ways to goal this, for short looking one, way is >> described here >> >> http://wiki2.dovecot.org/HowTo/ActiveDirectoryNtlm >> >> using ldap might be better >> >> look i.e >> >> http://blog.al-shami.net/2008/05/freebsd-postfix-dovecot-and-active-directory/ >> http://www.howtoforge.com/postfix-dovecot-authentication-against-active-directory-on-centos-5.x >> >> >> for ideas >> >> Best Regards >> MfG Robert Schetterer >> >> -- >> [*] sys4 AG >> >> http://sys4.de, +49 (89) 30 90 46 64 >> Franziskanerstra?e 15, 81669 M?nchen >> >> Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 >> Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer >> Aufsichtsratsvorsitzender: Joerg Heidrich > > > Thank you Robert for the quick reply. > I'm aware of the links you sent me, however they don't give me a clue > if what I was asking may me done. > I'll try to give more details. > I have to build a multiple domain mail server with the use of windows > AD authentication. > I've managed to add some extra filed in the AD schema like this: > > mail1: account1 at example1.com > box1: /example1.com/account1/ > enabled1: TRUE > quota1: 1000000 > > mail2: account2 at example2.com > box2: /example2.com/account2/ > enabled2: TRUE > quota2: 1000000 > > There could be 10 or 50 of them for each AD user. > If I use NTLM or PAM authentication (after joining the AD) I have to > use AD usernames to login with dovecot and I don't know how then to > deal with different email addresses configured per user. > If I use LDAP lookup I have to use the email address as username but > then if different AD users have to access the same email account how > dovecot can manage it??? > For example the LDAP configuration for user and password lookup may be > something like this: > > user_attrs = sAMAccountName=mail=maildir:/var/mail/%d/%n,=uid=102,=gid=10050 > user_filter = (&(objectClass=person)(|(&(mail1=%u)(enabled1=TRUE)) > (&(mail2=%u)(enabled2=TRUE)))) > pass_attrs = userPassword=password > pass_filter = (&(objectClass=person)(|(&(mail1=%u)(enabled1=TRUE)) > (&(mail2=%u)(enabled2=TRUE)))) > > I think I may be missing something important in how dovecot works, but > cannot find any documentation about it. > Regards > hm thats complex, however i would not recommand trying change exchange/active dir schemas however the only reason i can think of for what you want is using dovecot as proxy? so what about this ? http://wiki2.dovecot.org/HowTo/ImapcProxy http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy http://wiki2.dovecot.org/Director Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From wgillespie+dovecot at es2eng.com Tue Nov 13 17:21:40 2012 From: wgillespie+dovecot at es2eng.com (Willie Gillespie) Date: Tue, 13 Nov 2012 08:21:40 -0700 Subject: [Dovecot] IPhone wont delete IMAP messages from dovecot mailbox In-Reply-To: <3d72996f8a91b2a663c0713fbe0e3697@tibby.hu> References: <3d72996f8a91b2a663c0713fbe0e3697@tibby.hu> Message-ID: <50A26584.7030908@es2eng.com> On 11/13/2012 07:44 AM, tibby at tibby.hu wrote: > But on Iphone, when I add a mail user, got the mailbox synced with IMAP > I can see the INBOX, but when I delete a message, get this error: > "Unable to Move Message The message could not be moved to the mailbox > Trash." Do you have a mailbox named Trash? Do the other clients move the message to Trash as well? From tom at whyscream.net Tue Nov 13 17:30:04 2012 From: tom at whyscream.net (Tom Hendrikx) Date: Tue, 13 Nov 2012 16:30:04 +0100 Subject: [Dovecot] IPhone wont delete IMAP messages from dovecot mailbox In-Reply-To: <50A26584.7030908@es2eng.com> References: <3d72996f8a91b2a663c0713fbe0e3697@tibby.hu> <50A26584.7030908@es2eng.com> Message-ID: <50A2677C.4060808@whyscream.net> On 11/13/12 4:21 PM, Willie Gillespie wrote: > On 11/13/2012 07:44 AM, tibby at tibby.hu wrote: >> But on Iphone, when I add a mail user, got the mailbox synced with IMAP >> I can see the INBOX, but when I delete a message, get this error: >> "Unable to Move Message The message could not be moved to the mailbox >> Trash." > > Do you have a mailbox named Trash? Do the other clients move the > message to Trash as well? In stead of sending us the message from the iPhone, tell us what dovecot puts in its logfile when you try this. -- Tom From tibby at tibby.hu Tue Nov 13 18:09:19 2012 From: tibby at tibby.hu (tibby at tibby.hu) Date: Tue, 13 Nov 2012 17:09:19 +0100 Subject: [Dovecot] IPhone wont delete IMAP messages from dovecot mailbox In-Reply-To: <50A2677C.4060808@whyscream.net> References: <3d72996f8a91b2a663c0713fbe0e3697@tibby.hu> <50A26584.7030908@es2eng.com> <50A2677C.4060808@whyscream.net> Message-ID: <f970ca8ed9317a52dc814c9c977f6740@tibby.hu> On 2012-11-13 16:30, Tom Hendrikx wrote: > On 11/13/12 4:21 PM, Willie Gillespie wrote: >> On 11/13/2012 07:44 AM, tibby at tibby.hu wrote: >>> But on Iphone, when I add a mail user, got the mailbox synced with >>> IMAP >>> I can see the INBOX, but when I delete a message, get this error: >>> "Unable to Move Message The message could not be moved to the >>> mailbox >>> Trash." >> >> Do you have a mailbox named Trash? Do the other clients move the >> message to Trash as well? > > In stead of sending us the message from the iPhone, tell us what > dovecot > puts in its logfile when you try this. > > -- > Tom This is the output of ls inside of the maildir: # ll total 120K 4.0K drwx------ 10 vmail 4.0K Nov 13 17:06 . 4.0K drwx------ 3 vmail 4.0K Nov 12 18:38 .. 4.0K drwx------ 2 vmail 4.0K Nov 13 16:58 cur 4.0K drwx------ 5 vmail 4.0K Nov 13 15:49 .Deleted Messages 4.0K -rw------- 1 vmail 736 Nov 13 16:53 dovecot.index 28K -rw------- 1 vmail 27K Nov 13 16:58 dovecot.index.cache 24K -rw------- 1 vmail 17K Nov 13 16:59 dovecot.index.log 4.0K -rw------- 1 vmail 180 Nov 13 16:53 dovecot.index.thread 4.0K -rw------- 1 vmail 25 Nov 12 23:26 dovecot-keywords 4.0K -rw------- 1 vmail 48 Nov 13 16:58 dovecot-quota 4.0K -rw------- 1 vmail 468 Nov 13 16:37 dovecot-uidlist 4.0K -rw------- 1 vmail 8 Nov 13 15:47 dovecot-uidvalidity 0 -rw------- 1 vmail 0 Nov 10 12:57 dovecot-uidvalidity.509e4145 4.0K drwx------ 5 vmail 4.0K Nov 13 15:44 .Drafts 4.0K drwx------ 2 vmail 4.0K Nov 13 16:53 new 4.0K drwx------ 5 vmail 4.0K Nov 13 15:47 .Notes 4.0K drwx------ 5 vmail 4.0K Nov 13 17:02 .Sent 4.0K -rw------- 1 vmail 41 Nov 13 15:47 subscriptions 4.0K drwx------ 2 vmail 4.0K Nov 13 16:37 tmp 4.0K drwx------ 5 vmail 4.0K Nov 13 17:02 .Trash The log Doesnt shows anything regarding the error on the phone. From tibby at tibby.hu Tue Nov 13 18:20:47 2012 From: tibby at tibby.hu (tibby at tibby.hu) Date: Tue, 13 Nov 2012 17:20:47 +0100 Subject: [Dovecot] IPhone wont delete IMAP messages from dovecot mailbox In-Reply-To: <f970ca8ed9317a52dc814c9c977f6740@tibby.hu> References: <3d72996f8a91b2a663c0713fbe0e3697@tibby.hu> <50A26584.7030908@es2eng.com> <50A2677C.4060808@whyscream.net> <f970ca8ed9317a52dc814c9c977f6740@tibby.hu> Message-ID: <27c6781ea65c978ef8b57dd7a54b8ac5@tibby.hu> On 2012-11-13 17:09, tibby at tibby.hu wrote: > On 2012-11-13 16:30, Tom Hendrikx wrote: >> On 11/13/12 4:21 PM, Willie Gillespie wrote: >>> On 11/13/2012 07:44 AM, tibby at tibby.hu wrote: >>>> But on Iphone, when I add a mail user, got the mailbox synced with >>>> IMAP >>>> I can see the INBOX, but when I delete a message, get this error: >>>> "Unable to Move Message The message could not be moved to the >>>> mailbox >>>> Trash." >>> >>> Do you have a mailbox named Trash? Do the other clients move the >>> message to Trash as well? >> >> In stead of sending us the message from the iPhone, tell us what >> dovecot >> puts in its logfile when you try this. >> >> -- >> Tom > > This is the output of ls inside of the maildir: > > # ll > total 120K > 4.0K drwx------ 10 vmail 4.0K Nov 13 17:06 . > 4.0K drwx------ 3 vmail 4.0K Nov 12 18:38 .. > 4.0K drwx------ 2 vmail 4.0K Nov 13 16:58 cur > 4.0K drwx------ 5 vmail 4.0K Nov 13 15:49 .Deleted Messages > 4.0K -rw------- 1 vmail 736 Nov 13 16:53 dovecot.index > 28K -rw------- 1 vmail 27K Nov 13 16:58 dovecot.index.cache > 24K -rw------- 1 vmail 17K Nov 13 16:59 dovecot.index.log > 4.0K -rw------- 1 vmail 180 Nov 13 16:53 dovecot.index.thread > 4.0K -rw------- 1 vmail 25 Nov 12 23:26 dovecot-keywords > 4.0K -rw------- 1 vmail 48 Nov 13 16:58 dovecot-quota > 4.0K -rw------- 1 vmail 468 Nov 13 16:37 dovecot-uidlist > 4.0K -rw------- 1 vmail 8 Nov 13 15:47 dovecot-uidvalidity > 0 -rw------- 1 vmail 0 Nov 10 12:57 > dovecot-uidvalidity.509e4145 > 4.0K drwx------ 5 vmail 4.0K Nov 13 15:44 .Drafts > 4.0K drwx------ 2 vmail 4.0K Nov 13 16:53 new > 4.0K drwx------ 5 vmail 4.0K Nov 13 15:47 .Notes > 4.0K drwx------ 5 vmail 4.0K Nov 13 17:02 .Sent > 4.0K -rw------- 1 vmail 41 Nov 13 15:47 subscriptions > 4.0K drwx------ 2 vmail 4.0K Nov 13 16:37 tmp > 4.0K drwx------ 5 vmail 4.0K Nov 13 17:02 .Trash > > The log Doesnt shows anything regarding the error on the phone. I have got dovecot logging in Debug mode. The only problems I see: autocreate: No namespace found for Trash autocreate: No namespace found for Spam autocreate: No namespace found for Sent autocreate: No namespace found for Trash autocreate: No namespace found for Spam autocreate: No namespace found for Sent in the config file I have: plugin { autocreate = Trash autocreate2 = Spam autocreate3 = Sent autosubscribe = Trash autosubscribe2 = Spam autosubscribe3 = Sent } Something is wrong here... From symbiat at gmail.com Tue Nov 13 18:28:05 2012 From: symbiat at gmail.com (Ajai Khattri) Date: Tue, 13 Nov 2012 11:28:05 -0500 Subject: [Dovecot] Dovecot newbie (migrating from qmail) In-Reply-To: <50A1F10F.9090204@skye.it> References: <CA+7x2W-yQ-XvjNardvhvwS_T+y+jbCVvwM=Gn=xsRbcgypf4JA@mail.gmail.com> <50A1F10F.9090204@skye.it> Message-ID: <CA+7x2W_cSQobKxEPARvvBpEr0S+R4RTthkc6A_NKUbctzW4Hig@mail.gmail.com> On Tue, Nov 13, 2012 at 2:04 AM, Alessio Cecchi <alessio at skye.it> wrote: > Maildir/ will automatically created when the first email arrives or during > the first user login. It would be better if you create the folder during > the creation of the users. Does Dovecot provide a utility to create maildirs? -- Aj. From alessio at skye.it Tue Nov 13 18:30:45 2012 From: alessio at skye.it (Alessio Cecchi) Date: Tue, 13 Nov 2012 17:30:45 +0100 Subject: [Dovecot] Dovecot newbie (migrating from qmail) In-Reply-To: <CA+7x2W_cSQobKxEPARvvBpEr0S+R4RTthkc6A_NKUbctzW4Hig@mail.gmail.com> References: <CA+7x2W-yQ-XvjNardvhvwS_T+y+jbCVvwM=Gn=xsRbcgypf4JA@mail.gmail.com> <50A1F10F.9090204@skye.it> <CA+7x2W_cSQobKxEPARvvBpEr0S+R4RTthkc6A_NKUbctzW4Hig@mail.gmail.com> Message-ID: <50A275B5.3030503@skye.it> Il 13/11/2012 17:28, Ajai Khattri ha scritto: > On Tue, Nov 13, 2012 at 2:04 AM, Alessio Cecchi <alessio at skye.it> wrote: > > >> Maildir/ will automatically created when the first email arrives or during >> the first user login. It would be better if you create the folder during >> the creation of the users. > > Does Dovecot provide a utility to create maildirs? > Yes, "maildirmake" -- Alessio Cecchi is: @ ILS -> http://www.linux.it/~alessice/ on LinkedIn -> http://www.linkedin.com/in/alessice Assistenza Sistemi GNU/Linux -> http://www.cecchi.biz/ @ PLUG -> ex-Presidente, adesso senatore a vita, http://www.prato.linux.it From ben at morrow.me.uk Tue Nov 13 19:51:50 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Tue, 13 Nov 2012 17:51:50 +0000 Subject: [Dovecot] multiple users to same e-mail account with ldap authentication In-Reply-To: <CA+-Sp6mRy_p=_g+uRKa+-BUgNC3acFoGafzH5kQduQCPsyA_VA@mail.gmail.com> References: <CA+-Sp6nBFStLsLvxXz4uybAksN8scY=9SqF+RkbEz_v385Bh8w@mail.gmail.com> <50A231AD.6050308@sys4.de> <CA+-Sp6mRy_p=_g+uRKa+-BUgNC3acFoGafzH5kQduQCPsyA_VA@mail.gmail.com> Message-ID: <20121113175149.GA94077@anubis.morrow.me.uk> At 2PM +0100 on 13/11/12 you (Marco Gatti) wrote: > 2012/11/13 Robert Schetterer <rs at sys4.de>: > > Am 13.11.2012 11:35, schrieb Marco Gatti: > >> Hi, I was looking for a particular case of dovecot configuration I > >> cannot find anywhere. > >> Is there a way dovecot can authenticate via ldap different windows > >> 2008 AD users that have access to the same e-mail account (like user > >> authorization in ms exchange)? > >> For example I want to extend AD schema to let users have 10 email > >> accounts (with multiple domain support). If they are private accounts > >> I think there is no problem at all. But if I want two or more users to > >> access the same mail account what happens? Can I do it with dovecot? > >> Or should I create AD groups and add members to that, to let user > >> access the same mail account? <snip> > I'll try to give more details. > I have to build a multiple domain mail server with the use of windows > AD authentication. > I've managed to add some extra filed in the AD schema like this: > > mail1: account1 at example1.com > box1: /example1.com/account1/ > enabled1: TRUE > quota1: 1000000 > > mail2: account2 at example2.com > box2: /example2.com/account2/ > enabled2: TRUE > quota2: 1000000 This isn't a good schema to use for this. The mail1, mail2 &c attributes represent the same property of different addresses, so they should be the same attribute on different objects. I don't know much about AD's LDAP server, is it straightforward to create brand new objectclasses? If I were doing this in an ordinary LDAP server I might create a class of objects which looked like mailboxAddr: account1 at example1.com mailboxLocation: /example1/account1 mailboxEnabled: TRUE mailboxQuota: 1000000 with mailboxAddr as the RDN, and then give each user a multi-valued mailbox attribute with the addresses that user has access to. > There could be 10 or 50 of them for each AD user. > If I use NTLM or PAM authentication (after joining the AD) I have to > use AD usernames to login with dovecot and I don't know how then to > deal with different email addresses configured per user. > If I use LDAP lookup I have to use the email address as username but > then if different AD users have to access the same email account how > dovecot can manage it??? If you want the user to be able to log in and see just one address at a time you have to have the user tell dovecot which user and which address they want when they log in. Since (usually) the only fields you have are 'user' and 'password', they will need to stuff both components into the user field somehow; perhaps by logging on with a user name of user at domain.ad!account1 at example.com You would then need (probably) to write a checkpassword userdb script to split this into username and account name, verify the user is authorized for the account, look up the mailbox location using the account name, and pass the username back to be checked against the password. So, it could be done, but it would be messy and users would get it wrong all the time. Alternatively, you could have the user log in with their ordinary AD account name, and then present them with *all* the email accounts they have access to, as separate (trees of) folders. You can do this with a post-login script which sets up a namespace for each account: see the example at the bottom of http://wiki2.dovecot.org/PostLoginScripting for something vaguely similar. You would need to use Net::LDAP (or some equivalent in some other language) to look up the user's accounts in the AD, and then create the relevant environment variables. (I'm not sure what to do about INBOX in a setup like this: I don't think you're allowed to *not* have an INBOX. Probably each user should have one 'canonical' private account, which contains their IMAP INBOX. If you didn't want to do this I expect you could set up a default namespace which is read-only, with just an empty INBOX in it.) If you want to try this, and you're having trouble getting the scripting right, I'd be happy to help you through it if you can post enough information about the LDAP schema you eventually decide on. Ben From wgillespie+dovecot at es2eng.com Tue Nov 13 19:59:22 2012 From: wgillespie+dovecot at es2eng.com (Willie Gillespie) Date: Tue, 13 Nov 2012 10:59:22 -0700 Subject: [Dovecot] multiple users to same e-mail account with ldap authentication In-Reply-To: <CA+-Sp6nBFStLsLvxXz4uybAksN8scY=9SqF+RkbEz_v385Bh8w@mail.gmail.com> References: <CA+-Sp6nBFStLsLvxXz4uybAksN8scY=9SqF+RkbEz_v385Bh8w@mail.gmail.com> Message-ID: <50A28A7A.90105@es2eng.com> On 11/13/2012 03:35 AM, Marco Gatti wrote: > Is there a way dovecot can authenticate via ldap different windows > 2008 AD users that have access to the same e-mail account (like user > authorization in ms exchange)? Symlinks on the Dovecot maildirs? You'd have to read up on the caveats of that: http://wiki.dovecot.org/SharedMailboxes/Symlinks From user+dovecot at localhost.localdomain.org Tue Nov 13 20:26:17 2012 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Tue, 13 Nov 2012 19:26:17 +0100 Subject: [Dovecot] Dovecot newbie (migrating from qmail) In-Reply-To: <CA+7x2W_cSQobKxEPARvvBpEr0S+R4RTthkc6A_NKUbctzW4Hig@mail.gmail.com> References: <CA+7x2W-yQ-XvjNardvhvwS_T+y+jbCVvwM=Gn=xsRbcgypf4JA@mail.gmail.com> <50A1F10F.9090204@skye.it> <CA+7x2W_cSQobKxEPARvvBpEr0S+R4RTthkc6A_NKUbctzW4Hig@mail.gmail.com> Message-ID: <50A290C9.9010809@localhost.localdomain.org> On 11/13/2012 05:28 PM Ajai Khattri wrote: > > Does Dovecot provide a utility to create maildirs? http://wiki2.dovecot.org/Tools/Doveadm/Mailbox#command_mailbox_create doveadm <http://wiki2.dovecot.org/Tools/Doveadm> will be your friend. Regards, Pascal -- The trapper recommends today: deadbeef.1231819 at localdomain.org From marco.gatti at gmail.com Wed Nov 14 10:55:59 2012 From: marco.gatti at gmail.com (Marco Gatti) Date: Wed, 14 Nov 2012 09:55:59 +0100 Subject: [Dovecot] multiple users to same e-mail account with ldap authentication In-Reply-To: <50A26403.3020200@sys4.de> References: <CA+-Sp6nBFStLsLvxXz4uybAksN8scY=9SqF+RkbEz_v385Bh8w@mail.gmail.com> <50A231AD.6050308@sys4.de> <CA+-Sp6mRy_p=_g+uRKa+-BUgNC3acFoGafzH5kQduQCPsyA_VA@mail.gmail.com> <50A26403.3020200@sys4.de> Message-ID: <CA+-Sp6nvGgbg5JbpZwOxm9=e+w8NfoJg06ujf6P0Lnb7SAWj-g@mail.gmail.com> 2012/11/13 Robert Schetterer <rs at sys4.de>: > Am 13.11.2012 14:56, schrieb Marco Gatti: >> 2012/11/13 Robert Schetterer <rs at sys4.de>: >>> Am 13.11.2012 11:35, schrieb Marco Gatti: >>>> Hi, I was looking for a particular case of dovecot configuration I >>>> cannot find anywhere. >>>> Is there a way dovecot can authenticate via ldap different windows >>>> 2008 AD users that have access to the same e-mail account (like user >>>> authorization in ms exchange)? >>>> For example I want to extend AD schema to let users have 10 email >>>> accounts (with multiple domain support). If they are private accounts >>>> I think there is no problem at all. But if I want two or more users to >>>> access the same mail account what happens? Can I do it with dovecot? >>>> Or should I create AD groups and add members to that, to let user >>>> access the same mail account? >>>> Cheers >>>> >>> >>> there may more ways to goal this, for short looking one, way is >>> described here >>> >>> http://wiki2.dovecot.org/HowTo/ActiveDirectoryNtlm >>> >>> using ldap might be better >>> >>> look i.e >>> >>> http://blog.al-shami.net/2008/05/freebsd-postfix-dovecot-and-active-directory/ >>> http://www.howtoforge.com/postfix-dovecot-authentication-against-active-directory-on-centos-5.x >>> >>> >>> for ideas >>> >>> Best Regards >>> MfG Robert Schetterer >>> >>> -- >>> [*] sys4 AG >>> >>> http://sys4.de, +49 (89) 30 90 46 64 >>> Franziskanerstra?e 15, 81669 M?nchen >>> >>> Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 >>> Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer >>> Aufsichtsratsvorsitzender: Joerg Heidrich >> >> >> Thank you Robert for the quick reply. >> I'm aware of the links you sent me, however they don't give me a clue >> if what I was asking may me done. >> I'll try to give more details. >> I have to build a multiple domain mail server with the use of windows >> AD authentication. >> I've managed to add some extra filed in the AD schema like this: >> >> mail1: account1 at example1.com >> box1: /example1.com/account1/ >> enabled1: TRUE >> quota1: 1000000 >> >> mail2: account2 at example2.com >> box2: /example2.com/account2/ >> enabled2: TRUE >> quota2: 1000000 >> >> There could be 10 or 50 of them for each AD user. >> If I use NTLM or PAM authentication (after joining the AD) I have to >> use AD usernames to login with dovecot and I don't know how then to >> deal with different email addresses configured per user. >> If I use LDAP lookup I have to use the email address as username but >> then if different AD users have to access the same email account how >> dovecot can manage it??? >> For example the LDAP configuration for user and password lookup may be >> something like this: >> >> user_attrs = sAMAccountName=mail=maildir:/var/mail/%d/%n,=uid=102,=gid=10050 >> user_filter = (&(objectClass=person)(|(&(mail1=%u)(enabled1=TRUE)) >> (&(mail2=%u)(enabled2=TRUE)))) >> pass_attrs = userPassword=password >> pass_filter = (&(objectClass=person)(|(&(mail1=%u)(enabled1=TRUE)) >> (&(mail2=%u)(enabled2=TRUE)))) >> >> I think I may be missing something important in how dovecot works, but >> cannot find any documentation about it. >> Regards >> > > hm thats complex, however i would not > recommand trying change exchange/active dir schemas > however the only reason i can think of for what you want is using > dovecot as proxy? > > so what about this ? > > http://wiki2.dovecot.org/HowTo/ImapcProxy > http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy > http://wiki2.dovecot.org/Director Hmm I don't know honestly. I'll give it a try. -- Marco From marco.gatti at gmail.com Wed Nov 14 11:07:47 2012 From: marco.gatti at gmail.com (Marco Gatti) Date: Wed, 14 Nov 2012 10:07:47 +0100 Subject: [Dovecot] multiple users to same e-mail account with ldap authentication In-Reply-To: <20121113175149.GA94077@anubis.morrow.me.uk> References: <CA+-Sp6nBFStLsLvxXz4uybAksN8scY=9SqF+RkbEz_v385Bh8w@mail.gmail.com> <50A231AD.6050308@sys4.de> <CA+-Sp6mRy_p=_g+uRKa+-BUgNC3acFoGafzH5kQduQCPsyA_VA@mail.gmail.com> <20121113175149.GA94077@anubis.morrow.me.uk> Message-ID: <CA+-Sp6nx+e=kB+TY-J2u0xYpRJUfdiSy+OdCcf4PGuuLHj1Jfg@mail.gmail.com> 2012/11/13 Ben Morrow <ben at morrow.me.uk>: > At 2PM +0100 on 13/11/12 you (Marco Gatti) wrote: >> 2012/11/13 Robert Schetterer <rs at sys4.de>: >> > Am 13.11.2012 11:35, schrieb Marco Gatti: >> >> Hi, I was looking for a particular case of dovecot configuration I >> >> cannot find anywhere. >> >> Is there a way dovecot can authenticate via ldap different windows >> >> 2008 AD users that have access to the same e-mail account (like user >> >> authorization in ms exchange)? >> >> For example I want to extend AD schema to let users have 10 email >> >> accounts (with multiple domain support). If they are private accounts >> >> I think there is no problem at all. But if I want two or more users to >> >> access the same mail account what happens? Can I do it with dovecot? >> >> Or should I create AD groups and add members to that, to let user >> >> access the same mail account? > <snip> >> I'll try to give more details. >> I have to build a multiple domain mail server with the use of windows >> AD authentication. >> I've managed to add some extra filed in the AD schema like this: >> >> mail1: account1 at example1.com >> box1: /example1.com/account1/ >> enabled1: TRUE >> quota1: 1000000 >> >> mail2: account2 at example2.com >> box2: /example2.com/account2/ >> enabled2: TRUE >> quota2: 1000000 > > This isn't a good schema to use for this. The mail1, mail2 &c attributes > represent the same property of different addresses, so they should be > the same attribute on different objects. > > I don't know much about AD's LDAP server, is it straightforward to > create brand new objectclasses? If I were doing this in an ordinary LDAP > server I might create a class of objects which looked like > > mailboxAddr: account1 at example1.com > mailboxLocation: /example1/account1 > mailboxEnabled: TRUE > mailboxQuota: 1000000 > > with mailboxAddr as the RDN, and then give each user a multi-valued > mailbox attribute with the addresses that user has access to. You mean multi-valued mailboxAddr, mailboxLocation, and so on? How can I extract a single one and be sure it's correct? >> There could be 10 or 50 of them for each AD user. >> If I use NTLM or PAM authentication (after joining the AD) I have to >> use AD usernames to login with dovecot and I don't know how then to >> deal with different email addresses configured per user. >> If I use LDAP lookup I have to use the email address as username but >> then if different AD users have to access the same email account how >> dovecot can manage it??? > > If you want the user to be able to log in and see just one address at a > time you have to have the user tell dovecot which user and which address > they want when they log in. Since (usually) the only fields you have are > 'user' and 'password', they will need to stuff both components into the > user field somehow; perhaps by logging on with a user name of > > user at domain.ad!account1 at example.com > > You would then need (probably) to write a checkpassword userdb script to > split this into username and account name, verify the user is authorized > for the account, look up the mailbox location using the account name, > and pass the username back to be checked against the password. So, it > could be done, but it would be messy and users would get it wrong all > the time. Since users don't configure mail clients on their own it could be a solution! > Alternatively, you could have the user log in with their ordinary AD > account name, and then present them with *all* the email accounts they > have access to, as separate (trees of) folders. You can do this with a > post-login script which sets up a namespace for each account: see the > example at the bottom of http://wiki2.dovecot.org/PostLoginScripting for > something vaguely similar. You would need to use Net::LDAP (or some > equivalent in some other language) to look up the user's accounts in the > AD, and then create the relevant environment variables. > > (I'm not sure what to do about INBOX in a setup like this: I don't think > you're allowed to *not* have an INBOX. Probably each user should have > one 'canonical' private account, which contains their IMAP INBOX. If you > didn't want to do this I expect you could set up a default namespace > which is read-only, with just an empty INBOX in it.) > > If you want to try this, and you're having trouble getting the scripting > right, I'd be happy to help you through it if you can post enough > information about the LDAP schema you eventually decide on. > > Ben > All accounts in a tree sounds bad since users won't clearly understand which is which. Thank you Ben! -- Marco From marco.gatti at gmail.com Wed Nov 14 11:15:28 2012 From: marco.gatti at gmail.com (Marco Gatti) Date: Wed, 14 Nov 2012 10:15:28 +0100 Subject: [Dovecot] multiple users to same e-mail account with ldap authentication In-Reply-To: <50A28A7A.90105@es2eng.com> References: <CA+-Sp6nBFStLsLvxXz4uybAksN8scY=9SqF+RkbEz_v385Bh8w@mail.gmail.com> <50A28A7A.90105@es2eng.com> Message-ID: <CA+-Sp6mU5keDKTpG0d89kfhjNzSuT_oS1xeZvDy-M7DXnRm3Cg@mail.gmail.com> 2012/11/13 Willie Gillespie <wgillespie+dovecot at es2eng.com>: > On 11/13/2012 03:35 AM, Marco Gatti wrote: >> >> Is there a way dovecot can authenticate via ldap different windows >> 2008 AD users that have access to the same e-mail account (like user >> authorization in ms exchange)? > > > Symlinks on the Dovecot maildirs? You'd have to read up on the caveats of > that: http://wiki.dovecot.org/SharedMailboxes/Symlinks I would like to keep the configuration of new accounts on the Windows AD only and not to deal with links every time. But the problem I have is at authentication time: avoiding the "matched multiple objects" or a general authentication failure. Cheers -- Marco From lukashaase at gmx.at Wed Nov 14 11:45:17 2012 From: lukashaase at gmx.at (Lukas Haase) Date: Wed, 14 Nov 2012 01:45:17 -0800 Subject: [Dovecot] dovecot lost mail! Cause? In-Reply-To: <20121113091826.GS36787@fanty-a.tf.uni-kiel.de> References: <k7qedh$kg$1@ger.gmane.org> <alpine.DEB.1.10.1211121018330.10160@pc-2m63a.inf.fh-bonn-rhein-sieg.de> <k7qge4$g5r$1@ger.gmane.org> <20121113091826.GS36787@fanty-a.tf.uni-kiel.de> Message-ID: <k7vp7c$e26$1@ger.gmane.org> On 11/13/2012 1:18 AM, Michael Firnau wrote: > On Mon, Nov 12, 2012 at 01:44:37AM -0800, Lukas Haase wrote: >> Hi, >> >> On 11/12/2012 1:19 AM, Steffen Kaiser wrote: >>> On Mon, 12 Nov 2012, Lukas Haase wrote: >>> >>>> Nov 12 07:28:21 mail dovecot: deliver(user2): sieve: >>>> msgid=<8644593.887351352701685934.JavaMail.orbitz>: stored mail into >>>> mailbox 'INBOX' >>> >>> are there any other log lines of user2? >> >> Anfortunately not :-( Grepped everything, and I would have posted otherwise. >> >> My hope is that the dovecot.index.cache may provide some insights (I >> made a backup copy of it). > > Hi, > > yesterday i had a user missing mail and he had the junk-filter > in thunderbird activated. The mail was automagically moved from > the inbox to the spam folder. From the header i see you use thunderbird, > so it's a shot in the dark ... Hmm, yes, but even in that case, the mail would have been moved to the Spam folder in the account (i.e., on the IMAP server) and I would have found it when grepping over anything. Thanks, Luke From burak4burak at msn.com Wed Nov 14 12:03:53 2012 From: burak4burak at msn.com (=?windows-1254?B?YnVyYWsgZ/xyZXI=?=) Date: Wed, 14 Nov 2012 12:03:53 +0200 Subject: [Dovecot] auth attempts errors Message-ID: <SNT002-W148D74260FC1A9246065436F1530@phx.gbl> i have install 2.1.1 and configured in dovecot log this error is coming every 20 seconds: dovecot: imap-login: Disconnected (no auth attempts in 0 secs): rip=**********, lip=**********, TLS handshaking: SSL_accept() syscall failed: Connection reset by peer and this error every 2 seconds: dovecot: imap-login: Disconnected (no auth attempts in 0 secs): rip=**********, lip=********** what can be the problem? thanks.. From r.zimmermann at siegnetz.de Wed Nov 14 12:29:16 2012 From: r.zimmermann at siegnetz.de (Ralf Zimmermann) Date: Wed, 14 Nov 2012 11:29:16 +0100 Subject: [Dovecot] Dovecot 2.1.10 Message-ID: <50A3727C.8040107@siegnetz.de> Hi all, I've a problem with dovecot-2.1.10. At time we use dovecot-1.2 without zlib. We setup a new server with dovecot 2.1.10. After syncing the emails everything looks fine. But if we use zlib plugin all new emails have no content. There are a lot of "Error: Maildir filename has wrong S value" log entrys. So we have compiled dovecot-2.0.18 and we use exactly the same configuration. Everything works. What can be our problem with version 2.1.10? Greets Ralf From rs at sys4.de Wed Nov 14 12:35:55 2012 From: rs at sys4.de (Robert Schetterer) Date: Wed, 14 Nov 2012 11:35:55 +0100 Subject: [Dovecot] Dovecot 2.1.10 In-Reply-To: <50A3727C.8040107@siegnetz.de> References: <50A3727C.8040107@siegnetz.de> Message-ID: <50A3740B.3030107@sys4.de> Am 14.11.2012 11:29, schrieb Ralf Zimmermann: > Hi all, > > I've a problem with dovecot-2.1.10. At time we use dovecot-1.2 without > zlib. We setup a new server with dovecot 2.1.10. After syncing the > emails everything looks fine. But if we use zlib plugin all new emails > have no content. > > There are a lot of "Error: Maildir filename has wrong S value" log entrys. > > So we have compiled dovecot-2.0.18 and we use exactly the same > configuration. Everything works. > > What can be our problem with version 2.1.10? > > Greets > > Ralf > how did you synced ? ? look list archives, this may happen at migration to 2.1 before this failure was ignored as far i remember there are scripts to fix broken mailboxes but i you do all brand new, you should try resync better Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From rs at sys4.de Wed Nov 14 12:37:29 2012 From: rs at sys4.de (Robert Schetterer) Date: Wed, 14 Nov 2012 11:37:29 +0100 Subject: [Dovecot] Dovecot 2.1.10 In-Reply-To: <50A3727C.8040107@siegnetz.de> References: <50A3727C.8040107@siegnetz.de> Message-ID: <50A37469.9070503@sys4.de> Am 14.11.2012 11:29, schrieb Ralf Zimmermann: > Maildir filename has wrong S value try set maildir_broken_filename_sizes=yes Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From CMarcus at Media-Brokers.com Wed Nov 14 13:34:39 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 14 Nov 2012 06:34:39 -0500 Subject: [Dovecot] auth attempts errors In-Reply-To: <SNT002-W148D74260FC1A9246065436F1530@phx.gbl> References: <SNT002-W148D74260FC1A9246065436F1530@phx.gbl> Message-ID: <50A381CF.6090209@Media-Brokers.com> On 2012-11-14 5:03 AM, burak g?rer <burak4burak at msn.com> wrote: > i have install 2.1.1 and configured Hopefully you meant 2.1.10? 2.1.1 is old/buggy... > in dovecot log this error is coming every 20 seconds: > > dovecot: imap-login: Disconnected (no auth attempts in 0 secs): rip=**********, lip=**********, TLS handshaking: SSL_accept() syscall failed: Connection reset by peer Looks like your SSL is broken... -- Best regards, Charles From alessio at skye.it Wed Nov 14 15:08:11 2012 From: alessio at skye.it (Alessio Cecchi) Date: Wed, 14 Nov 2012 14:08:11 +0100 Subject: [Dovecot] Dovecot 2.1.10 In-Reply-To: <50A3740B.3030107@sys4.de> References: <50A3727C.8040107@siegnetz.de> <50A3740B.3030107@sys4.de> Message-ID: <50A397BB.6060108@skye.it> Il 14/11/2012 11:35, Robert Schetterer ha scritto: > Am 14.11.2012 11:29, schrieb Ralf Zimmermann: >> Hi all, >> >> I've a problem with dovecot-2.1.10. At time we use dovecot-1.2 without >> zlib. We setup a new server with dovecot 2.1.10. After syncing the >> emails everything looks fine. But if we use zlib plugin all new emails >> have no content. >> >> There are a lot of "Error: Maildir filename has wrong S value" log entrys. >> >> So we have compiled dovecot-2.0.18 and we use exactly the same >> configuration. Everything works. >> >> What can be our problem with version 2.1.10? >> >> Greets >> >> Ralf >> > how did you synced ? ? > > look list archives, this may happen at migration to 2.1 > before this failure was ignored as far i remember > there are scripts to fix broken mailboxes > but i you do all brand new, you should try resync better Hi, with this command you can fix the problem of the wrong value doveadm fetch -u user at domains.com text all > /dev/null but I'm using dovecot 2.1.10 with zlib and, though I have those errors in the logs, users have no problem. Ciao -- Alessio Cecchi is: @ ILS -> http://www.linux.it/~alessice/ on LinkedIn -> http://www.linkedin.com/in/alessice Assistenza Sistemi GNU/Linux -> http://www.cecchi.biz/ @ PLUG -> ex-Presidente, adesso senatore a vita, http://www.prato.linux.it From hakon at alstadheim.priv.no Wed Nov 14 15:59:13 2012 From: hakon at alstadheim.priv.no (=?UTF-8?B?SMOla29uIEFsc3RhZGhlaW0=?=) Date: Wed, 14 Nov 2012 14:59:13 +0100 Subject: [Dovecot] IPhone wont delete IMAP messages from dovecot mailbox In-Reply-To: <3d72996f8a91b2a663c0713fbe0e3697@tibby.hu> References: <3d72996f8a91b2a663c0713fbe0e3697@tibby.hu> Message-ID: <50A3A3B1.9060406@alstadheim.priv.no> On 13. nov. 2012 15:44, tibby at tibby.hu wrote: > Hello! > I've got dovecot running with postfix. Have virtual users under vmail > folder. > When I connect with outlook, I can read, delete messages. > When I sign on with webmail, also can delete messages, > Mutt is working as well on the mail server, can delete messages. > > Once the message is deleted it moves to the trash. Works as it > supposed to. > > But on Iphone, when I add a mail user, got the mailbox synced with > IMAP I can see the INBOX, but when I delete a message, get this error: > "Unable to Move Message The message could not be moved to the mailbox > Trash." > > http://www.netchimp.co.uk/webdesign/wp-content/uploads/2011/12/iphone_unable_to_move_message.png > > > What causing this problem? > Please Help. > > I've seen this. Fixed it for my device by changing the settings on the Ipad, and then changing them back. Seems the local trash folder is not created automatically on iOS. From r.zimmermann at siegnetz.de Wed Nov 14 16:14:19 2012 From: r.zimmermann at siegnetz.de (Ralf Zimmermann) Date: Wed, 14 Nov 2012 15:14:19 +0100 Subject: [Dovecot] Dovecot 2.1.10 In-Reply-To: <50A3740B.3030107@sys4.de> References: <50A3727C.8040107@siegnetz.de> <50A3740B.3030107@sys4.de> Message-ID: <50A3A73B.2020406@siegnetz.de> We have synced the emails with imapsync. On 11/14/2012 11:35 AM, Robert Schetterer wrote: > Am 14.11.2012 11:29, schrieb Ralf Zimmermann: >> Hi all, >> >> I've a problem with dovecot-2.1.10. At time we use dovecot-1.2 without >> zlib. We setup a new server with dovecot 2.1.10. After syncing the >> emails everything looks fine. But if we use zlib plugin all new emails >> have no content. >> >> There are a lot of "Error: Maildir filename has wrong S value" log entrys. >> >> So we have compiled dovecot-2.0.18 and we use exactly the same >> configuration. Everything works. >> >> What can be our problem with version 2.1.10? >> >> Greets >> >> Ralf >> > > how did you synced ? ? > > look list archives, this may happen at migration to 2.1 > before this failure was ignored as far i remember > there are scripts to fix broken mailboxes > but i you do all brand new, you should try resync better > > Best Regards > MfG Robert Schetterer > Regards Ralf From tibby at tibby.hu Wed Nov 14 16:55:41 2012 From: tibby at tibby.hu (tibby at tibby.hu) Date: Wed, 14 Nov 2012 15:55:41 +0100 Subject: [Dovecot] IPhone wont delete IMAP messages from dovecot mailbox In-Reply-To: <50A3A3B1.9060406@alstadheim.priv.no> References: <3d72996f8a91b2a663c0713fbe0e3697@tibby.hu> <50A3A3B1.9060406@alstadheim.priv.no> Message-ID: <2e09cf570304a31295edf27f940ebf0d@tibby.hu> On 2012-11-14 14:59, H?kon Alstadheim wrote: > On 13. nov. 2012 15:44, tibby at tibby.hu wrote: >> Hello! >> I've got dovecot running with postfix. Have virtual users under >> vmail folder. >> When I connect with outlook, I can read, delete messages. >> When I sign on with webmail, also can delete messages, >> Mutt is working as well on the mail server, can delete messages. >> >> Once the message is deleted it moves to the trash. Works as it >> supposed to. >> >> But on Iphone, when I add a mail user, got the mailbox synced with >> IMAP I can see the INBOX, but when I delete a message, get this error: >> "Unable to Move Message The message could not be moved to the >> mailbox Trash." >> >> >> http://www.netchimp.co.uk/webdesign/wp-content/uploads/2011/12/iphone_unable_to_move_message.png >> >> >> What causing this problem? >> Please Help. >> >> > I've seen this. Fixed it for my device by changing the settings on > the Ipad, and then changing them back. Seems the local trash folder > is > not created automatically on iOS. But I dont want to use the IOS trash folder. I want the phone to use the trash on the mail server. From rs at sys4.de Wed Nov 14 17:08:29 2012 From: rs at sys4.de (Robert Schetterer) Date: Wed, 14 Nov 2012 16:08:29 +0100 Subject: [Dovecot] IPhone wont delete IMAP messages from dovecot mailbox In-Reply-To: <2e09cf570304a31295edf27f940ebf0d@tibby.hu> References: <3d72996f8a91b2a663c0713fbe0e3697@tibby.hu> <50A3A3B1.9060406@alstadheim.priv.no> <2e09cf570304a31295edf27f940ebf0d@tibby.hu> Message-ID: <50A3B3ED.4000902@sys4.de> Am 14.11.2012 15:55, schrieb tibby at tibby.hu: > On 2012-11-14 14:59, H?kon Alstadheim wrote: >> On 13. nov. 2012 15:44, tibby at tibby.hu wrote: >>> Hello! >>> I've got dovecot running with postfix. Have virtual users under vmail >>> folder. >>> When I connect with outlook, I can read, delete messages. >>> When I sign on with webmail, also can delete messages, >>> Mutt is working as well on the mail server, can delete messages. >>> >>> Once the message is deleted it moves to the trash. Works as it >>> supposed to. >>> >>> But on Iphone, when I add a mail user, got the mailbox synced with >>> IMAP I can see the INBOX, but when I delete a message, get this error: >>> "Unable to Move Message The message could not be moved to the mailbox >>> Trash." >>> >>> >>> http://www.netchimp.co.uk/webdesign/wp-content/uploads/2011/12/iphone_unable_to_move_message.png >>> >>> >>> >>> What causing this problem? >>> Please Help. >>> >>> >> I've seen this. Fixed it for my device by changing the settings on >> the Ipad, and then changing them back. Seems the local trash folder is >> not created automatically on iOS. > > But I dont want to use the IOS trash folder. I want the phone to use the > trash on the mail server. > looks like iphone is special ( why i dont wonder... ) http://support.ecenica.com/email/troubleshooting-draft-trash-folders-iphone/ some config may also conflict with "archive" settings on iphone, as ever ,behave may also different in different versions, at all ,nothing direct dovecot related , i am not up2date with apple stuff , isnt there a better imap mail client in there app store ? Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From tibby at tibby.hu Wed Nov 14 17:16:20 2012 From: tibby at tibby.hu (tibby at tibby.hu) Date: Wed, 14 Nov 2012 16:16:20 +0100 Subject: [Dovecot] IPhone wont delete IMAP messages from dovecot mailbox In-Reply-To: <50A3B3ED.4000902@sys4.de> References: <3d72996f8a91b2a663c0713fbe0e3697@tibby.hu> <50A3A3B1.9060406@alstadheim.priv.no> <2e09cf570304a31295edf27f940ebf0d@tibby.hu> <50A3B3ED.4000902@sys4.de> Message-ID: <01da87b3f4a99fc9682a577bbd966dd8@tibby.hu> On 2012-11-14 16:08, Robert Schetterer wrote: > Am 14.11.2012 15:55, schrieb tibby at tibby.hu: >> On 2012-11-14 14:59, H?kon Alstadheim wrote: >>> On 13. nov. 2012 15:44, tibby at tibby.hu wrote: >>>> Hello! >>>> I've got dovecot running with postfix. Have virtual users under >>>> vmail >>>> folder. >>>> When I connect with outlook, I can read, delete messages. >>>> When I sign on with webmail, also can delete messages, >>>> Mutt is working as well on the mail server, can delete messages. >>>> >>>> Once the message is deleted it moves to the trash. Works as it >>>> supposed to. >>>> >>>> But on Iphone, when I add a mail user, got the mailbox synced with >>>> IMAP I can see the INBOX, but when I delete a message, get this >>>> error: >>>> "Unable to Move Message The message could not be moved to the >>>> mailbox >>>> Trash." >>>> >>>> >>>> >>>> http://www.netchimp.co.uk/webdesign/wp-content/uploads/2011/12/iphone_unable_to_move_message.png >>>> >>>> >>>> >>>> What causing this problem? >>>> Please Help. >>>> >>>> >>> I've seen this. Fixed it for my device by changing the settings on >>> the Ipad, and then changing them back. Seems the local trash folder >>> is >>> not created automatically on iOS. >> >> But I dont want to use the IOS trash folder. I want the phone to use >> the >> trash on the mail server. >> > > looks like iphone is special ( why i dont wonder... ) > > > http://support.ecenica.com/email/troubleshooting-draft-trash-folders-iphone/ > > some config may also conflict with "archive" settings on iphone, > as ever ,behave may also different in different versions, > at all ,nothing direct dovecot related , i am not up2date with apple > stuff , isnt there a better imap mail client in there app store ? > > > Best Regards > MfG Robert Schetterer With the iPhone there is this guide. If I set imap prefix path to INBOX from / as it says, then works fine. What do I need to configure to get this working with / by default? I Think this would solve the problem. http://www.netchimp.co.uk/webdesign/iphone-ipad-macbook-mac/iphone-unable-to-move-message-to-trash-imap/ From h.reindl at thelounge.net Wed Nov 14 17:52:53 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Wed, 14 Nov 2012 16:52:53 +0100 Subject: [Dovecot] IPhone wont delete IMAP messages from dovecot mailbox In-Reply-To: <01da87b3f4a99fc9682a577bbd966dd8@tibby.hu> References: <3d72996f8a91b2a663c0713fbe0e3697@tibby.hu> <50A3A3B1.9060406@alstadheim.priv.no> <2e09cf570304a31295edf27f940ebf0d@tibby.hu> <50A3B3ED.4000902@sys4.de> <01da87b3f4a99fc9682a577bbd966dd8@tibby.hu> Message-ID: <50A3BE55.7020801@thelounge.net> Am 14.11.2012 16:16, schrieb tibby at tibby.hu: > With the iPhone there is this guide. > If I set imap prefix path to INBOX from / as it says, then works fine. > What do I need to configure to get this working with / by default? I Think this would solve the problem. > http://www.netchimp.co.uk/webdesign/iphone-ipad-macbook-mac/iphone-unable-to-move-message-to-trash-imap/ you simply need ACTIVLIY to configure ANY mail client using the same account, especially apple Apple Inc. is the only company which manages to have 5 sent folders over a few months because different devices and different software versions are naming them differently and the same for other special folders too and i you have more than one account go get a nex incarnation wit "special (accountname)" they are simply stoo stupid for using english words like "inbox", "sent", "trash" and DISPLAY it localized like thunderbird does since forever if you are using webmail and different clients / operating systems too you have to configure ANY client to the same folders and remove the additional created crap manually this is NOT a problem of the mailserver -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 261 bytes Desc: OpenPGP digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121114/b3a894e6/attachment-0002.bin> From ben at morrow.me.uk Wed Nov 14 19:47:26 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Wed, 14 Nov 2012 17:47:26 +0000 Subject: [Dovecot] multiple users to same e-mail account with ldap authentication In-Reply-To: <CA+-Sp6nx+e=kB+TY-J2u0xYpRJUfdiSy+OdCcf4PGuuLHj1Jfg@mail.gmail.com> References: <CA+-Sp6nBFStLsLvxXz4uybAksN8scY=9SqF+RkbEz_v385Bh8w@mail.gmail.com> <50A231AD.6050308@sys4.de> <CA+-Sp6mRy_p=_g+uRKa+-BUgNC3acFoGafzH5kQduQCPsyA_VA@mail.gmail.com> <20121113175149.GA94077@anubis.morrow.me.uk> <CA+-Sp6nx+e=kB+TY-J2u0xYpRJUfdiSy+OdCcf4PGuuLHj1Jfg@mail.gmail.com> Message-ID: <20121114174726.GC94077@anubis.morrow.me.uk> At 10AM +0100 on 14/11/12 you (Marco Gatti) wrote: > 2012/11/13 Ben Morrow <ben at morrow.me.uk>: > > At 2PM +0100 on 13/11/12 you (Marco Gatti) wrote: > > <snip> > >> I'll try to give more details. > >> I have to build a multiple domain mail server with the use of windows > >> AD authentication. > >> I've managed to add some extra filed in the AD schema like this: > >> > >> mail1: account1 at example1.com > >> box1: /example1.com/account1/ > >> enabled1: TRUE > >> quota1: 1000000 > >> > >> mail2: account2 at example2.com > >> box2: /example2.com/account2/ > >> enabled2: TRUE > >> quota2: 1000000 > > > > This isn't a good schema to use for this. The mail1, mail2 &c attributes > > represent the same property of different addresses, so they should be > > the same attribute on different objects. > > > > I don't know much about AD's LDAP server, is it straightforward to > > create brand new objectclasses? If I were doing this in an ordinary LDAP > > server I might create a class of objects which looked like > > > > mailboxAddr: account1 at example1.com > > mailboxLocation: /example1/account1 > > mailboxEnabled: TRUE > > mailboxQuota: 1000000 > > > > with mailboxAddr as the RDN, and then give each user a multi-valued > > mailbox attribute with the addresses that user has access to. > > You mean multi-valued mailboxAddr, mailboxLocation, and so on? How can > I extract a single one and be sure it's correct? No. I mean you want separate objects for the mail accounts, completely distinct from the user objects (under a different branch of the LDAP tree). Each 'mail account' object has one Addr, one Location and so on. Then, each user who should have access to one of these accounts has a multi-valued 'mailbox' attribute pointing to the mail accounts that user can see. Something like (I don't really know how AD schemas work...) dn: mailboxAddr=account1 at example.com,ou=Mailboxes,dc=example,dc=com mailboxAddr: account1 at example.com mailboxLocation: /example/account1 dn: mailboxAddr=account2 at example.com,ou=Mailboxes,dc=example,dc=com mailboxAddr: account2 at example.com mailboxLocation: /example/account2 dn: sAMAccountName=bob,ou=People,dc=example,dc=com sAMAccountName: bob mailbox: account1 at example.com mailbox: account2 at example.com dn: sAMAccountName=bill,ou=People,dc=example,dc=com sAMAccountName: bill mailbox: account2 at example.com If your 'mail account' attribute is sometimes called 'mail1' and sometimes called 'mail2' how do you expect to search for it? > >> There could be 10 or 50 of them for each AD user. > >> If I use NTLM or PAM authentication (after joining the AD) I have to > >> use AD usernames to login with dovecot and I don't know how then to > >> deal with different email addresses configured per user. > >> If I use LDAP lookup I have to use the email address as username but > >> then if different AD users have to access the same email account how > >> dovecot can manage it??? > > > > If you want the user to be able to log in and see just one address at a > > time you have to have the user tell dovecot which user and which address > > they want when they log in. Since (usually) the only fields you have are > > 'user' and 'password', they will need to stuff both components into the > > user field somehow; perhaps by logging on with a user name of > > > > user at domain.ad!account1 at example.com > > > > You would then need (probably) to write a checkpassword userdb script to > > split this into username and account name, verify the user is authorized > > for the account, look up the mailbox location using the account name, > > and pass the username back to be checked against the password. So, it > > could be done, but it would be messy and users would get it wrong all > > the time. > > Since users don't configure mail clients on their own it could be a solution! If users don't know how to choose which username they are logging in with how will they choose which account they want to look at? I *think* this is simpler than I thought: I think Dovecot's 'master user' stuff will work for this. You need to set up a master user passdb which looks up %u (or %n) as the AD account name and also checks that that user has a 'mailbox' attribute (whatever you decide to call it) of %{login_user}. > > Alternatively, you could have the user log in with their ordinary AD > > account name, and then present them with *all* the email accounts they > > have access to, as separate (trees of) folders. <snip> > All accounts in a tree sounds bad since users won't clearly understand > which is which. OK, if you say so. ISTM that having a number of top-level folders called (e.g.) 'account1 at example.com' with the mail for account1 at example.com in is much easier to deal with than magic usernames, but you know your users. Ben From burak4burak at msn.com Wed Nov 14 20:59:19 2012 From: burak4burak at msn.com (=?windows-1254?B?YnVyYWsgZ/xyZXI=?=) Date: Wed, 14 Nov 2012 20:59:19 +0200 Subject: [Dovecot] auth attempts errors In-Reply-To: <50A381CF.6090209@Media-Brokers.com> References: <SNT002-W148D74260FC1A9246065436F1530@phx.gbl>, <50A381CF.6090209@Media-Brokers.com> Message-ID: <SNT002-W146B40604902A8AB0846C6DF1530@phx.gbl> "broken!" what do you mean > Date: Wed, 14 Nov 2012 06:34:39 -0500 > From: CMarcus at Media-Brokers.com > To: dovecot at dovecot.org > Subject: Re: [Dovecot] auth attempts errors > > On 2012-11-14 5:03 AM, burak g?rer <burak4burak at msn.com> wrote: > > i have install 2.1.1 and configured > > > Hopefully you meant 2.1.10? 2.1.1 is old/buggy... > > > in dovecot log this error is coming every 20 seconds: > > > > dovecot: imap-login: Disconnected (no auth attempts in 0 secs): rip=**********, lip=**********, TLS handshaking: SSL_accept() syscall failed: Connection reset by peer > > Looks like your SSL is broken... > > -- > > Best regards, > > Charles > From CMarcus at Media-Brokers.com Wed Nov 14 21:26:15 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 14 Nov 2012 14:26:15 -0500 Subject: [Dovecot] auth attempts errors In-Reply-To: <SNT002-W146B40604902A8AB0846C6DF1530@phx.gbl> References: <SNT002-W148D74260FC1A9246065436F1530@phx.gbl>, <50A381CF.6090209@Media-Brokers.com> <SNT002-W146B40604902A8AB0846C6DF1530@phx.gbl> Message-ID: <50A3F057.5040908@Media-Brokers.com> Please don't top-post... On 2012-11-14 1:59 PM, burak g?rer <burak4burak at msn.com> wrote: >> Date: Wed, 14 Nov 2012 06:34:39 -0500 >> From: CMarcus at Media-Brokers.com >> To: dovecot at dovecot.org >> Subject: Re: [Dovecot] auth attempts errors >> >> On 2012-11-14 5:03 AM, burak g?rer<burak4burak at msn.com> wrote: >>> in dovecot log this error is coming every 20 seconds: >>> >>> dovecot: imap-login: Disconnected (no auth attempts in 0 secs): rip=**********, lip=**********, TLS handshaking: SSL_accept() syscall failed: Connection reset by peer >> Looks like your SSL is broken... > "broken!" > > what do you mean Look at the error message: "TLS handshaking: SSL_accept() syscall failed:" I'm not an expert, but thats what it looks like to me. -- Best regards, Charles From david at blue-labs.org Thu Nov 15 01:59:57 2012 From: david at blue-labs.org (David Ford) Date: Wed, 14 Nov 2012 18:59:57 -0500 Subject: [Dovecot] auth attempts errors In-Reply-To: <50A3F057.5040908@Media-Brokers.com> References: <SNT002-W148D74260FC1A9246065436F1530@phx.gbl>, <50A381CF.6090209@Media-Brokers.com> <SNT002-W146B40604902A8AB0846C6DF1530@phx.gbl> <50A3F057.5040908@Media-Brokers.com> Message-ID: <50A4307D.9090906@blue-labs.org> please don't bottom post On 11/14/2012 02:26 PM, Charles Marcus wrote: > Please don't top-post... > > On 2012-11-14 1:59 PM, burak g?rer <burak4burak at msn.com> wrote: >>> Date: Wed, 14 Nov 2012 06:34:39 -0500 >>> From: CMarcus at Media-Brokers.com >>> To: dovecot at dovecot.org >>> Subject: Re: [Dovecot] auth attempts errors >>> >>> On 2012-11-14 5:03 AM, burak g?rer<burak4burak at msn.com> wrote: >>>> in dovecot log this error is coming every 20 seconds: >>>> >>>> dovecot: imap-login: Disconnected (no auth attempts in 0 secs): >>>> rip=**********, lip=**********, TLS handshaking: SSL_accept() >>>> syscall failed: Connection reset by peer >>> Looks like your SSL is broken... > >> "broken!" >> >> what do you mean > > Look at the error message: > > "TLS handshaking: SSL_accept() syscall failed:" > > I'm not an expert, but thats what it looks like to me. > > From nick.z.edwards at gmail.com Thu Nov 15 06:55:09 2012 From: nick.z.edwards at gmail.com (Nick Edwards) Date: Thu, 15 Nov 2012 14:55:09 +1000 Subject: [Dovecot] Quotas 2.1clarification Message-ID: <CAMD-=VKpQB1Kk7RuGREOqA5jRhzpt__nTNJQYq-_Ca4zKaXqig@mail.gmail.com> Timo, I have much suspicion that our quota system is not working correctly since we migrate to 2.1 Currently using 2.1.10 Previously we had for issue of warnings quota_warning = storage=90%% /scripts/dqwarn-90.sh quota_warning2 = storage=75%% /scripts/dqwarn-75.sh worked great, these lines also migrated to new conf upon conversion. But quota conf example shows plugin { #quota_warning = storage=95%% quota-warning 95 %u #quota_warning2 = storage=80%% quota-warning 80 %u } # Example quota-warning service. The unix listener's permissions should be # set in a way that mail processes can connect to it. Below example assumes # that mail processes run as vmail user. If you use mode=0666, all system users # can generate quota warnings to anyone. #service quota-warning { # executable = script /usr/local/bin/quota-warning.sh # user = dovecot # unix_listener quota-warning { # user = vmail # } #} So this seems to indicate /scripts/dqwarn-75.sh should be a service name, which then calls the service quota-warning with that script in it etc etc etc surely this old 4 line method has not been replaced into a 20 line mess? Is this old way still functioning as I suspect it is not, and we need to write up two separate new quota warning services given our warnings are worded differently, or should the old methods still be working as they did in 1.2 and we have an error elsewhere? Niki From burak4burak at msn.com Thu Nov 15 12:10:27 2012 From: burak4burak at msn.com (=?windows-1254?B?YnVyYWsgZ/xyZXI=?=) Date: Thu, 15 Nov 2012 12:10:27 +0200 Subject: [Dovecot] auth attempts errors In-Reply-To: <50A4307D.9090906@blue-labs.org> References: <SNT002-W148D74260FC1A9246065436F1530@phx.gbl>, , <50A381CF.6090209@Media-Brokers.com>, <SNT002-W146B40604902A8AB0846C6DF1530@phx.gbl>, <50A3F057.5040908@Media-Brokers.com>, <50A4307D.9090906@blue-labs.org> Message-ID: <SNT002-W78405ED74B30D854170680F1520@phx.gbl> > Subject: Re: [Dovecot] auth attempts errors > > please don't bottom post > > On 11/14/2012 02:26 PM, Charles Marcus wrote: > > Please don't top-post... > > sorry. i am confused.. top or bottom. let me bottom-post.. anyway i have to ask: - how can i compile rpm package of dovecot. are there any guide or ... anything (or how can dovecot be compiled from source code - there is a guide here but it is for rpm version older than 4.4) - how can i create a stable TLS certificate for dovecot. are there any guide or ... anything - for this line "dovecot: imap-login: Disconnected (no auth attempts in 0 secs): rip=**********, lip=**********" in dovecot logs, any idea thanks.. From burak4burak at msn.com Thu Nov 15 13:05:13 2012 From: burak4burak at msn.com (=?windows-1254?B?YnVyYWsgZ/xyZXI=?=) Date: Thu, 15 Nov 2012 13:05:13 +0200 Subject: [Dovecot] auth attempts errors In-Reply-To: <SNT002-W78405ED74B30D854170680F1520@phx.gbl> References: <SNT002-W148D74260FC1A9246065436F1530@phx.gbl>, , <50A381CF.6090209@Media-Brokers.com>, <SNT002-W146B40604902A8AB0846C6DF1530@phx.gbl>, <50A3F057.5040908@Media-Brokers.com>, <50A4307D.9090906@blue-labs.org>, <SNT002-W78405ED74B30D854170680F1520@phx.gbl> Message-ID: <SNT002-W872ACE28F647D5345928A7F1520@phx.gbl> From: burak4burak at msn.com To: dovecot at dovecot.org Subject: RE: [Dovecot] auth attempts errors Date: Thu, 15 Nov 2012 12:10:27 +0200 > Subject: Re: [Dovecot] auth attempts errors > > please don't bottom post > > On 11/14/2012 02:26 PM, Charles Marcus wrote: > > Please don't top-post... > > sorry. i am confused.. top or bottom. let me bottom-post.. anyway i have to ask: - how can i compile rpm package of dovecot. are there any guide or ... anything (or how can dovecot be compiled from source code - there is a guide here but it is for rpm version older than 4.4) - how can i create a stable TLS certificate for dovecot. are there any guide or ... anything - for this line "dovecot: imap-login: Disconnected (no auth attempts in 0 secs): rip=**********, lip=**********" in dovecot logs, any idea thanks.. Building your own rpms link: http://wiki2.dovecot.org/PrebuiltBinaries#Building_your_own_rpms From CMarcus at Media-Brokers.com Thu Nov 15 14:55:45 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Thu, 15 Nov 2012 07:55:45 -0500 Subject: [Dovecot] auth attempts errors In-Reply-To: <50A4307D.9090906@blue-labs.org> References: <SNT002-W148D74260FC1A9246065436F1530@phx.gbl>, <50A381CF.6090209@Media-Brokers.com> <SNT002-W146B40604902A8AB0846C6DF1530@phx.gbl> <50A3F057.5040908@Media-Brokers.com> <50A4307D.9090906@blue-labs.org> Message-ID: <50A4E651.4000806@Media-Brokers.com> On 2012-11-14 6:59 PM, David Ford <david at blue-labs.org> wrote: > On 11/14/2012 02:26 PM, Charles Marcus wrote: >> Please don't top-post... >> >> On 2012-11-14 1:59 PM, burak g?rer<burak4burak at msn.com> wrote: >>>> Date: Wed, 14 Nov 2012 06:34:39 -0500 >>>> From: CMarcus at Media-Brokers.com >>>> To: dovecot at dovecot.org >>>> Subject: Re: [Dovecot] auth attempts errors >>>> >>>> On 2012-11-14 5:03 AM, burak g?rer<burak4burak at msn.com> wrote: >>>>> in dovecot log this error is coming every 20 seconds: >>>>> >>>>> dovecot: imap-login: Disconnected (no auth attempts in 0 secs): >>>>> rip=**********, lip=**********, TLS handshaking: SSL_accept() >>>>> syscall failed: Connection reset by peer >>>> Looks like your SSL is broken... >>> "broken!" >>> >>> what do you mean >> Look at the error message: >> >> "TLS handshaking: SSL_accept() syscall failed:" >> >> I'm not an expert, but thats what it looks like to me. > please don't bottom post Don't be an ass. Top-posting in a thread that is already inline/bottom posting totally breaks the thread. PLONK -- Best regards, Charles From dfischer at fi4it.de Thu Nov 15 16:20:56 2012 From: dfischer at fi4it.de (Daniel Fischer) Date: Thu, 15 Nov 2012 15:20:56 +0100 Subject: [Dovecot] emails are not displayed Message-ID: <50A4FA48.6010108@fi4it.de> Hello, i have a problem with some public folders in my testing environment. But after the series, here is my konfiguraion: doveconf -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-3-amd64 x86_64 Debian wheezy/sid hostname = ......................................... lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes listen = * mail_debug = no mail_gid = 5000 mail_location = maildir:~:INDEX=/var/mail/indexes/%d/%n mail_plugins = acl mail_privileged_group = vmail mail_uid = 5000 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace { list = children location = maildir:/var/mail/vhosts/%d/public:INDEX=/var/mail/indexes/%d/public:CONTROL=/var/mail/controls/%d/public prefix = Public. separator = . subscriptions = no type = public } namespace inbox { hidden = no inbox = yes list = yes location = prefix = separator = . subscriptions = yes type = private } passdb { args = scheme=CRAM-MD5 username_format=%u /var/mail/vhosts/auth.d/%d/shadow driver = passwd-file } plugin { acl = vfile antispam_allow_append_to_spam = no antispam_backend = pipe antispam_pipe_program = /usr/local/bin/sa-learn-pipe.sh antispam_pipe_program_notspam_arg = --ham antispam_pipe_program_spam_arg = --spam antispam_pipe_tmpdir = /tmp antispam_spam = Spam antispam_trash = Trash sieve = /var/mail/vhosts/sieve/users/%d/%n/.dovecot.sieve sieve_before = /var/mail/vhosts/sieve/%d/before sieve_dir = /var/mail/vhosts/sieve/users/%d/%n sieve_global_dir = /var/mail/vhosts/sieve/%d/global sieve_user_log = /var/mail/vhosts/sieve/users/%d/%n/.dovecot.sieve.log } postmaster_address = postmaster at ..... protocols = " imap lmtp sieve pop3" service auth { unix_listener /var/spool/postfix/private/auth { mode = 0666 } unix_listener auth-userdb { mode = 0660 user = vmail } } service managesieve-login { inet_listener sieve { port = 4190 } } ssl_cert = </etc/ssl/private/................................. ssl_key = </etc/ssl/private/......................... userdb { args = username_format=%u /var/mail/vhosts/auth.d/%d/passwd driver = passwd-file } protocol lmtp { mail_plugins = acl sieve } protocol lda { log_path = /var/log/sieve.log mail_plugins = acl sieve } protocol imap { imap_idle_notify_interval = 24 mins mail_plugins = acl imap_acl antispam } protocol sieve { managesieve_implementation_string = Dovecot Pigeonhole managesieve_logout_format = bytes=%i/%o } the problem is that any, not all public folder appear empty. if I delete the index files, I see the emails again for a while(1-2 hours) until they're gone again sometime. The directories change their content not for weeks. It is a test environment. but in one of the folders are more than 13000 mails (the Faxbox). Currently 3 of 13 folders are affected. I thought that it may be due to the size, but it is not the largest folders. For normal mail boxes I have not observed this effect. a3 EXAMINE Public.faxe * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) * OK [PERMANENTFLAGS ()] Read-only mailbox. * 0 EXISTS * 0 RECENT * OK [UIDVALIDITY 1349419566] UIDs valid * OK [UIDNEXT 141737] Predicted next UID * OK [HIGHESTMODSEQ 5] Highest Delete indexes.... /var/mail/indexes/........../public# rm -r .faxe/ a3 EXAMINE Public.faxe * OK [CLOSED] Previous mailbox closed. * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) * OK [PERMANENTFLAGS ()] Read-only mailbox. * 13778 EXISTS * 0 RECENT * OK [UIDVALIDITY 1349419566] UIDs valid * OK [UIDNEXT 141737] Predicted next UID * OK [NOMODSEQ] No permanent modsequences i would like to show you log files but i didn't see any error message. Does Have anyone an idea? Thanks for comment... Daniel From yago at ityd.com.ar Thu Nov 15 17:19:38 2012 From: yago at ityd.com.ar (Yago Alonso - Ityd) Date: Thu, 15 Nov 2012 12:19:38 -0300 Subject: [Dovecot] Change errors to spanish Message-ID: <CAOPFTw85ZMh171dmMZnXQhF50gsuEqWVaL8k0K_qBrHWcgm6fg@mail.gmail.com> Hello, i have dovecot version 1.2.17 and i need to translate all the errors that my users receive when a mail fails to send. Were and how should i change it? Thanks a lot! -- Yago Alonso From h.reindl at thelounge.net Thu Nov 15 17:21:49 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Thu, 15 Nov 2012 16:21:49 +0100 Subject: [Dovecot] Change errors to spanish In-Reply-To: <CAOPFTw85ZMh171dmMZnXQhF50gsuEqWVaL8k0K_qBrHWcgm6fg@mail.gmail.com> References: <CAOPFTw85ZMh171dmMZnXQhF50gsuEqWVaL8k0K_qBrHWcgm6fg@mail.gmail.com> Message-ID: <50A5088D.4020308@thelounge.net> Am 15.11.2012 16:19, schrieb Yago Alonso - Ityd: > Hello, i have dovecot version 1.2.17 and i need to translate all the errors > that my users receive when a mail fails to send. Were and how should i > change it? bounces are generated by the MTA and NOT dovecot! look at /etc/postfix/bounce.cf.default and "bounce_template_file" in the postfix documentation -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 261 bytes Desc: OpenPGP digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121115/9a69f3e8/attachment-0002.bin> From dave at boostpro.com Wed Nov 14 16:52:36 2012 From: dave at boostpro.com (Dave Abrahams) Date: Wed, 14 Nov 2012 09:52:36 -0500 Subject: [Dovecot] [BUMP] Unanswered: how to force FTS indexing? References: <m2pq43k7n3.fsf@cone.luannocracy.com> <508C9C8A.8000309@hardwarefreak.com> <m2vcdpfkz7.fsf@cone.luannocracy.com> Message-ID: <m2zk2knsnf.fsf_-_@cone.luannocracy.com> Does anyone have an answer to this question? Should I simply issue an IMAP search command, or is there a better way? on Thu Nov 01 2012, Dave Abrahams <dave-AT-boostpro.com> wrote: >> This index is not updated in real time. This is why Timo and others >> recommend cron'ing a script to index folders regularly that are >> searched regularly. > > And how does one index the folders for search? Is that "doveadm > index" or "doveadm fts rescan" (which I see at > http://wiki2.dovecot.org/Plugins/FTS but NOT in the manpage), or...? > >> This keeps the indexes up to date and keeps searches fast. If you >> don't do this or search often, your indexes become stale. Then each >> time you do an FTS search the first thing that happens is an FTS >> re-indexing of the mail folder. Only then does it display the search >> results. >> >>> BTW, I'm using the clucene search backend. >> >> I've not used Lucene, but I believe the default behavior is similar to >> the Dovecot 1.2.x FTS indexer. > > Not sure what conclusion to draw from that, thanks. -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From dave at boostpro.com Thu Nov 15 22:35:44 2012 From: dave at boostpro.com (Dave Abrahams) Date: Thu, 15 Nov 2012 15:35:44 -0500 Subject: [Dovecot] [BUMP] Unanswered: how to force FTS indexing? References: <m2pq43k7n3.fsf@cone.luannocracy.com> <508C9C8A.8000309@hardwarefreak.com> <m2vcdpfkz7.fsf@cone.luannocracy.com> <m2zk2knsnf.fsf_-_@cone.luannocracy.com> Message-ID: <m2pq3eioyn.fsf@pluto.luannocracy.com> After all this, some experimentation shows that doveadm index /does/ after all, update FTS indices. I wish this were better documented. on Wed Nov 14 2012, Dave Abrahams <dave-AT-boostpro.com> wrote: > Does anyone have an answer to this question? Should I simply issue an > IMAP search command, or is there a better way? > > on Thu Nov 01 2012, Dave Abrahams <dave-AT-boostpro.com> wrote: > >>> This index is not updated in real time. This is why Timo and others >>> recommend cron'ing a script to index folders regularly that are >>> searched regularly. >> >> And how does one index the folders for search? Is that "doveadm >> index" or "doveadm fts rescan" (which I see at >> http://wiki2.dovecot.org/Plugins/FTS but NOT in the manpage), or...? >> >>> This keeps the indexes up to date and keeps searches fast. If you >>> don't do this or search often, your indexes become stale. Then each >>> time you do an FTS search the first thing that happens is an FTS >>> re-indexing of the mail folder. Only then does it display the search >>> results. >>> >>>> BTW, I'm using the clucene search backend. >>> >>> I've not used Lucene, but I believe the default behavior is similar to >>> the Dovecot 1.2.x FTS indexer. >> >> Not sure what conclusion to draw from that, thanks. -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From zaphod at tdl.com Fri Nov 16 05:27:46 2012 From: zaphod at tdl.com (Chuck Cochems) Date: Thu, 15 Nov 2012 20:27:46 -0700 Subject: [Dovecot] whoson plugin for 2.0 Message-ID: <50A5B2B2.40409@tdl.com> I have found a plugin at ftp://ftp.ufanet.ru/pub/boco/dovecot/whoson-plugin/ I was able to make it function on a dovecot 1.2.8 server, by changing __attr_unused__ to ATTR_UNUSED and strlcpy to i_strocpy (since glibc doesn't HAVE strlcpy, on purpose). However, it doesn't work with 2.1 this is, of course, because getenv() no longer functions lie it used to in plugins. so i need a replacement for getenv("IP") and getenv("USER") to make this work. i know, pop before SMTP is stupid, but the isp i'm doing this for hs customers that have used pop before smtp for ages. so I MUST make a whoson plugin. as i said, the remote ip and the email address are required to interface with whoson. (this is superior to DRAC, which just opens the IP) From dmiller at amfes.com Fri Nov 16 05:43:34 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Thu, 15 Nov 2012 19:43:34 -0800 Subject: [Dovecot] [BUMP] Unanswered: how to force FTS indexing? In-Reply-To: <m2zk2knsnf.fsf_-_@cone.luannocracy.com> References: <m2pq43k7n3.fsf@cone.luannocracy.com> <508C9C8A.8000309@hardwarefreak.com> <m2vcdpfkz7.fsf@cone.luannocracy.com> <m2zk2knsnf.fsf_-_@cone.luannocracy.com> Message-ID: <assp.166787f57b.50A5B666.9090507@amfes.com> On 11/14/2012 6:52 AM, Dave Abrahams wrote: > Does anyone have an answer to this question? Should I simply issue an > IMAP search command, or is there a better way? > Put this in a cron script: doveadm search -A text zyxabcxyz > /dev/null That will perform a search through every mailbox on the system, indexing as it goes. The search query is unlikely to return much in the way of results, so log files won't fill up much. -- Daniel From kae at midnighthax.com Fri Nov 16 11:33:29 2012 From: kae at midnighthax.com (Keith Edmunds) Date: Fri, 16 Nov 2012 09:33:29 +0000 Subject: [Dovecot] Folder layout after Cyrus to Dovecot migration Message-ID: <20121116093329.045f4585@kae.tiger-computing.wbp> # dovecot --version 1.2.15 We're trying to migrate a server from Cyrus to Dovecot, and we're mostly there. On Cyrus, the folder layout in the MUA is: INBOX subfolder subfolder ... Sent Drafts Queue Trash Users cannot create sibling folders to the Inbox, only subfolders (and sub-subfolders, etc). We've replicated that with: -------------------------------------------------------------------------------- mail_location = maildir:/shared/imapmail/users/%u:INBOX=/shared/imapmail/users/%u:LAYOUT=fs namespace private { separator = / prefix = "INBOX/" inbox = yes } -------------------------------------------------------------------------------- ...however, the Sent/Drafts/Queue/Trash folders are now subfolders of Inbox. Cyrus seems to default to the above layout (at least, I can't find anywhere that defines it). There are no special settings in the MUA to achieve the abovev. Is there a way of replicating the above within Dovecot? We can probably go to V2 if we have to, but 1.2.15 would be preferable. Thanks, Keith From rs at sys4.de Fri Nov 16 11:59:32 2012 From: rs at sys4.de (Robert Schetterer) Date: Fri, 16 Nov 2012 10:59:32 +0100 Subject: [Dovecot] Folder layout after Cyrus to Dovecot migration In-Reply-To: <20121116093329.045f4585@kae.tiger-computing.wbp> References: <20121116093329.045f4585@kae.tiger-computing.wbp> Message-ID: <50A60E84.6050307@sys4.de> Am 16.11.2012 10:33, schrieb Keith Edmunds: > # dovecot --version > 1.2.15 > > We're trying to migrate a server from Cyrus to Dovecot, and we're mostly > there. > > On Cyrus, the folder layout in the MUA is: > > INBOX > subfolder > subfolder > ... > Sent > Drafts > Queue > Trash > > Users cannot create sibling folders to the Inbox, only subfolders (and > sub-subfolders, etc). We've replicated that with: > > -------------------------------------------------------------------------------- > mail_location = > maildir:/shared/imapmail/users/%u:INBOX=/shared/imapmail/users/%u:LAYOUT=fs > > namespace private { > separator = / > prefix = "INBOX/" > inbox = yes > } > -------------------------------------------------------------------------------- > > ...however, the Sent/Drafts/Queue/Trash folders are now subfolders of > Inbox. Cyrus seems to default to the above layout (at least, I can't find > anywhere that defines it). There are no special settings in the MUA to > achieve the abovev. Is there a way of replicating the above within > Dovecot? We can probably go to V2 if we have to, but 1.2.15 would be > preferable. > > Thanks, > Keith > read http://wiki2.dovecot.org/Migration http://wiki2.dovecot.org/Namespaces Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From amateo at um.es Fri Nov 16 12:11:19 2012 From: amateo at um.es (Angel L. Mateo) Date: Fri, 16 Nov 2012 11:11:19 +0100 Subject: [Dovecot] shared mailboxes and indexes Message-ID: <50A61147.5040201@um.es> Hello, We are deploying shared mailboxes in our mail system. We are running 2.1.9 and mail backend is maildir. As described at http://wiki.dovecot.org/SharedMailboxes/Shared when shared namespace is configured as namespace shared { separator = / prefix = shared/%%u/ location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u subscriptions = no list = children } each user accessing this folder has its own index, stored in ~/Maildir/shared/%%u/<shared mailbox>, hasn't it? Our mail is store in NFS disks so we are very concerned about indexes optimizations (we had performance problems until we got all of our indexes and nfs tunned). So, is there any way so those indexes could be shared for all users (and they always would be updated). Regarding this... if we'd use dbox instead of maildir, indexes are a really important part of the mailbox and they can't be re-constructed when they are outdated. So, how do shared mailboxes work with dbox backend? Do I have to configure indexes in any particular way? -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n y las Comunicaciones Aplicadas (ATICA) http://www.um.es/atica Tfo: 868889150 Fax: 868888337 From kae at midnighthax.com Fri Nov 16 12:36:49 2012 From: kae at midnighthax.com (Keith Edmunds) Date: Fri, 16 Nov 2012 10:36:49 +0000 Subject: [Dovecot] Folder layout after Cyrus to Dovecot migration In-Reply-To: <50A60E84.6050307@sys4.de> References: <20121116093329.045f4585@kae.tiger-computing.wbp> <50A60E84.6050307@sys4.de> Message-ID: <20121116103649.1e54e72e@kae.tiger-computing.wbp> > read > > http://wiki2.dovecot.org/Migration > http://wiki2.dovecot.org/Namespaces Thank you: I have (already had) read both. Are you suggesting that hidden namespaces will provide the functionality we are looking for? Or have I missed the point? Thanks, Keith From rs at sys4.de Fri Nov 16 13:52:37 2012 From: rs at sys4.de (Robert Schetterer) Date: Fri, 16 Nov 2012 12:52:37 +0100 Subject: [Dovecot] Folder layout after Cyrus to Dovecot migration In-Reply-To: <20121116103649.1e54e72e@kae.tiger-computing.wbp> References: <20121116093329.045f4585@kae.tiger-computing.wbp> <50A60E84.6050307@sys4.de> <20121116103649.1e54e72e@kae.tiger-computing.wbp> Message-ID: <50A62905.6040402@sys4.de> Am 16.11.2012 11:36, schrieb Keith Edmunds: >> read >> >> http://wiki2.dovecot.org/Migration >> http://wiki2.dovecot.org/Namespaces > > Thank you: I have (already had) read both. > > Are you suggesting that hidden namespaces will provide the functionality > we are looking for? Or have I missed the point? > > Thanks, > Keith > i you like your users have the same namespace as before configure dovecot like it if not use ,a new namespace layout, its your choice hidden namespaces may help making migration transparent for old clients Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From nicolas.kowalski at gmail.com Fri Nov 16 16:12:59 2012 From: nicolas.kowalski at gmail.com (Nicolas KOWALSKI) Date: Fri, 16 Nov 2012 15:12:59 +0100 Subject: [Dovecot] Initial status notification not received Message-ID: <20121116141259.GA9371@petole.demisel.net> Hello, We have SLES-11 SP2 Xen VMs running dovecot as IMAP proxies. At VMs startup, dovecot almost always shows these errors: Nov 16 14:29:19 server dovecot: master: Dovecot v2.1.10 starting up (core dumps disabled) Nov 16 14:29:55 server dovecot: master: Error: service(anvil): Initial status notification not received in 30 seconds, killing the process Nov 16 14:29:55 server dovecot: master: Error: service(log): Initial status notification not received in 30 seconds, killing the process Nov 16 14:29:55 server dovecot: master: Error: service(ssl-params): Initial status notification not received in 30 seconds, killing the process Nov 16 14:29:55 server dovecot: master: Error: service(log): child 3591 killed with signal 9 As the last line tells, dovecot stops logging information. We have to restart the dovecot processes to get back normal behaviour. I also tried to set idle_kill values to services definitions, without success. Is there a way to prevent these errors? Here is the dovecot -n output: # 2.1.10: /etc/dovecot/dovecot.conf # OS: Linux 3.0.42-0.7-xen x86_64 SUSE Linux Enterprise Server 11 (x86_64) default_client_limit = 4096 default_idle_kill = 5 mins default_process_limit = 16384 listen = 10.254.251.18 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap sieve service anvil { client_limit = 65536 idle_kill = 0 } service auth { client_limit = 32768 } service imap-login { inet_listener imap { port = 0 } } service imap { process_limit = 0 } service log { idle_kill = 0 } service managesieve { process_limit = 0 } service ssl-params { idle_kill = 0 } ssl_ca = </etc/dovecot/ssl/ca.pem ssl_cert = </etc/dovecot/ssl/server-crt.pem ssl_key = </etc/dovecot/ssl/server-key.pem userdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } protocol sieve { passdb { args = /etc/dovecot/dovecot-ldap-sieve.conf.ext driver = ldap } } Thanks, -- Nicolas From weber at zackbummfertig.de Fri Nov 16 17:24:48 2012 From: weber at zackbummfertig.de (weber at zackbummfertig.de) Date: Fri, 16 Nov 2012 16:24:48 +0100 Subject: [Dovecot] =?utf-8?q?Is_there_any_Documentation_or_Howto/Guide_for?= =?utf-8?q?_Dovecot_Replication_or_do_i_have_to_wait_for_dovecot_2=2E2=2Ex?= =?utf-8?q?=3F?= Message-ID: <72bd3d101cab445e8b4216300b43b798@zackbummfertig.de> dear timo, can you help me? best regards marko, from hamburg From user+dovecot at localhost.localdomain.org Fri Nov 16 20:53:27 2012 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Fri, 16 Nov 2012 19:53:27 +0100 Subject: [Dovecot] whoson plugin for 2.0 In-Reply-To: <50A5B2B2.40409@tdl.com> References: <50A5B2B2.40409@tdl.com> Message-ID: <50A68BA7.4080500@localhost.localdomain.org> On 11/16/2012 04:27 AM Chuck Cochems wrote: > ? > this is, of course, because getenv() no longer functions lie it used to > in plugins. > > so i need a replacement for getenv("IP") and getenv("USER") to make this > work. AFAIR: getenv was replaced by mail_user_plugin_getenv ,--[ lib-storage/mail-user.h ]-- | /* If name exists in plugin_envs, return its value. */ | const char *mail_user_plugin_getenv(struct mail_user *user, const char *name); `-- Regards, Pascal -- The trapper recommends today: cafefeed.1232119 at localdomain.org From daniel.parthey at informatik.tu-chemnitz.de Fri Nov 16 22:31:22 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Fri, 16 Nov 2012 21:31:22 +0100 Subject: [Dovecot] Is there any Documentation or Howto/Guide for Dovecot Replication or do i have to wait for dovecot 2.2.x? In-Reply-To: <72bd3d101cab445e8b4216300b43b798@zackbummfertig.de> References: <72bd3d101cab445e8b4216300b43b798@zackbummfertig.de> Message-ID: <20121116203122.GA9979@daniel.localdomain> Marko Weber wrote: > Is there any Documentation or Howto/Guide for Dovecot Replication? You might start with dovecot mirroring according to the documentation http://wiki2.dovecot.org/Tools/Dsync http://wiki2.dovecot.org/Design/Dsync and ask if something is unclear. Regards Daniel -- https://plus.google.com/103021802792276734820 From hawat.thufir at gmail.com Fri Nov 16 22:47:52 2012 From: hawat.thufir at gmail.com (Thufir) Date: Fri, 16 Nov 2012 12:47:52 -0800 Subject: [Dovecot] dovecot: lda(root): Fatal: Invalid user settings. Refer to server log for more information. Message-ID: <50A6A678.2020601@gmail.com> I ran dovecot -a and the blizzard of data seemed ok to my limited knowledge. Is there another log I should look into to trace this error down? Dovecot and system info: thufir at dur:~$ thufir at dur:~$ dovecot --version 2.0.19 thufir at dur:~$ thufir at dur:~$ cat /etc/lsb-release DISTRIB_ID=Ubuntu DISTRIB_RELEASE=12.04 DISTRIB_CODENAME=precise DISTRIB_DESCRIPTION="Ubuntu 12.04.1 LTS" thufir at dur:~$ testing postfix & dovecot (http://packages.ubuntu.com/precise/dovecot-postfix): root at dur:/etc/postfix# root at dur:/etc/postfix# telnet localhost 25 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 dur.bounceme.net ESMTP Postfix (Ubuntu) helo me 250 dur.bounceme.net mail from:foo at bar.com 250 2.1.0 Ok rcpt to:root at dur.bounceme.net 250 2.1.5 Ok data 354 End data with <CR><LF>.<CR><LF> subject:ping 3 blah blah . 250 2.0.0 Ok: queued as 35EC92A0D72 quit 221 2.0.0 Bye Connection closed by foreign host. root at dur:/etc/postfix# root at dur:/etc/postfix# tail /var/log/mail.log Nov 16 12:30:07 dur postfix/smtpd[4113]: connect from localhost[127.0.0.1] Nov 16 12:30:40 dur postfix/smtpd[4113]: 35EC92A0D72: client=localhost[127.0.0.1] Nov 16 12:30:52 dur postfix/cleanup[4133]: 35EC92A0D72: message-id=<20121116203040.35EC92A0D72 at dur.bounceme.net> Nov 16 12:30:52 dur postfix/qmgr[1681]: 35EC92A0D72: from=<foo at bar.com>, size=321, nrcpt=1 (queue active) Nov 16 12:30:52 dur dovecot: lda(root): Error: chdir(/root/) failed: Permission denied (euid=65534(nobody) egid=65534(nogroup) missing +x perm: /root, dir owned by 0:0 mode=0700) Nov 16 12:30:52 dur dovecot: lda(root): Error: chdir(/root) failed: Permission denied Nov 16 12:30:52 dur dovecot: lda(root): Error: user root: Initialization failed: Initializing mail storage from mail_location setting failed: stat(/root/Maildir) failed: Permission denied (euid=65534(nobody) egid=65534(nogroup) missing +x perm: /root, dir owned by 0:0 mode=0700) Nov 16 12:30:52 dur dovecot: lda(root): Fatal: Invalid user settings. Refer to server log for more information. Nov 16 12:30:52 dur postfix/local[4134]: 35EC92A0D72: to=<root at dur.bounceme.net>, relay=local, delay=25, delays=25/0.02/0/0.12, dsn=4.3.0, status=deferred (temporary failure) Nov 16 12:30:56 dur postfix/smtpd[4113]: disconnect from localhost[127.0.0.1] root at dur:/etc/postfix# thanks, Thufir From dave at boostpro.com Fri Nov 16 22:58:00 2012 From: dave at boostpro.com (Dave Abrahams) Date: Fri, 16 Nov 2012 15:58:00 -0500 Subject: [Dovecot] [BUMP] Unanswered: how to force FTS indexing? References: <m2pq43k7n3.fsf@cone.luannocracy.com> <508C9C8A.8000309@hardwarefreak.com> <m2vcdpfkz7.fsf@cone.luannocracy.com> <m2zk2knsnf.fsf_-_@cone.luannocracy.com> <assp.166787f57b.50A5B666.9090507@amfes.com> Message-ID: <m2zk2hnu3r.fsf@cube.luannocracy.com> on Thu Nov 15 2012, "Daniel L. Miller" <dmiller-AT-amfes.com> wrote: > On 11/14/2012 6:52 AM, Dave Abrahams wrote: >> Does anyone have an answer to this question? Should I simply issue an >> IMAP search command, or is there a better way? >> > > Put this in a cron script: > > doveadm search -A text zyxabcxyz > /dev/null > > That will perform a search through every mailbox on the system, > indexing as it goes. The search query is unlikely to return much in > the way of results, so log files won't fill up much. That actually doesn't work for me. "doveadm index ..." does, though. -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From rob0 at gmx.co.uk Sat Nov 17 00:09:54 2012 From: rob0 at gmx.co.uk (/dev/rob0) Date: Fri, 16 Nov 2012 16:09:54 -0600 Subject: [Dovecot] dovecot: lda(root): Fatal: Invalid user settings. Refer to server log for more information. In-Reply-To: <50A6A678.2020601@gmail.com> References: <50A6A678.2020601@gmail.com> Message-ID: <20121116220954.GX3672@harrier.slackbuilds.org> On Fri, Nov 16, 2012 at 12:47:52PM -0800, Thufir wrote: > I ran dovecot -a and the blizzard of data seemed ok to my limited > knowledge. Is there another log I should look into to trace this > error down? It's actually a Postfix problem. Postfix is invoking your Dovecot LDA with wrong permissions. > Dovecot and system info: > > thufir at dur:~$ > thufir at dur:~$ dovecot --version > 2.0.19 > thufir at dur:~$ > thufir at dur:~$ cat /etc/lsb-release > DISTRIB_ID=Ubuntu > DISTRIB_RELEASE=12.04 > DISTRIB_CODENAME=precise > DISTRIB_DESCRIPTION="Ubuntu 12.04.1 LTS" > thufir at dur:~$ > > testing postfix & dovecot > (http://packages.ubuntu.com/precise/dovecot-postfix): > > root at dur:/etc/postfix# > root at dur:/etc/postfix# telnet localhost 25 > Trying 127.0.0.1... > Connected to localhost. > Escape character is '^]'. > 220 dur.bounceme.net ESMTP Postfix (Ubuntu) > helo me > 250 dur.bounceme.net > mail from:foo at bar.com Angle brackets are required on envelope addresses (and I bet you don't own bar.com): MAIL FROM:<foo at example.com> > 250 2.1.0 Ok > rcpt to:root at dur.bounceme.net RCPT TO:<root at dur.bounceme.net> > 250 2.1.5 Ok > data > 354 End data with <CR><LF>.<CR><LF> > subject:ping 3 > blah blah > . A header must have a space after the colon. Header and body are separated by a blank line. See RFC 5322. > 250 2.0.0 Ok: queued as 35EC92A0D72 > quit > 221 2.0.0 Bye > Connection closed by foreign host. > root at dur:/etc/postfix# > root at dur:/etc/postfix# tail /var/log/mail.log > Nov 16 12:30:07 dur postfix/smtpd[4113]: connect from localhost[127.0.0.1] > Nov 16 12:30:40 dur postfix/smtpd[4113]: 35EC92A0D72: > client=localhost[127.0.0.1] > Nov 16 12:30:52 dur postfix/cleanup[4133]: 35EC92A0D72: > message-id=<20121116203040.35EC92A0D72 at dur.bounceme.net> > Nov 16 12:30:52 dur postfix/qmgr[1681]: 35EC92A0D72: > from=<foo at bar.com>, size=321, nrcpt=1 (queue active) > Nov 16 12:30:52 dur dovecot: lda(root): Error: chdir(/root/) failed: > Permission denied (euid=65534(nobody) egid=65534(nogroup) missing +x > perm: /root, dir owned by 0:0 mode=0700) The fix to this is simply not to deliver mail to root. You should have aliased root to a mortal user. Postfix will not invoke a mailbox_command as root. In broader terms, you should only use root for actual system administration, and not for user tasks such as reading and sending mail. See and edit /etc/aliases, then run "newaliases". Example: root: thufir http://www.postfix.org/postconf.5.html#default_privs http://www.postfix.org/postconf.5.html#mailbox_command http://www.postfix.org/local.8.html http://www.postfix.org/aliases.5.html After you have done this, requeue the message: # postsuper -r 35EC92A0D72 (or just delete it, s/-r/-d/, and try another test.) http://www.postfix.org/postsuper.1.html > Nov 16 12:30:52 dur dovecot: lda(root): Error: chdir(/root) failed: > Permission denied > Nov 16 12:30:52 dur dovecot: lda(root): Error: user root: > Initialization failed: Initializing mail storage from mail_location > setting failed: stat(/root/Maildir) failed: Permission denied > (euid=65534(nobody) egid=65534(nogroup) missing +x perm: /root, dir > owned by 0:0 mode=0700) > Nov 16 12:30:52 dur dovecot: lda(root): Fatal: Invalid user settings. > Refer to server log for more information. > Nov 16 12:30:52 dur postfix/local[4134]: 35EC92A0D72: > to=<root at dur.bounceme.net>, relay=local, delay=25, > delays=25/0.02/0/0.12, dsn=4.3.0, status=deferred (temporary failure) > Nov 16 12:30:56 dur postfix/smtpd[4113]: disconnect from > localhost[127.0.0.1] > root at dur:/etc/postfix# -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if "/dev/rob0" is in the Subject: From ben at morrow.me.uk Sat Nov 17 00:15:24 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Fri, 16 Nov 2012 22:15:24 +0000 Subject: [Dovecot] dovecot: lda(root): Fatal: Invalid user settings. Refer to server log for more information. In-Reply-To: <50A6A678.2020601@gmail.com> References: <50A6A678.2020601@gmail.com> Message-ID: <20121116221524.GE94077@anubis.morrow.me.uk> At 12PM -0800 on 16/11/12 you (Thufir) wrote: > I ran dovecot -a and the blizzard of data seemed ok to my limited > knowledge. Is there another log I should look into to trace this error > down? <snip> > > Nov 16 12:30:52 dur dovecot: lda(root): Error: chdir(/root/) failed: > Permission denied (euid=65534(nobody) egid=65534(nogroup) missing +x > perm: /root, dir owned by 0:0 mode=0700) > Nov 16 12:30:52 dur dovecot: lda(root): Error: chdir(/root) failed: > Permission denied > Nov 16 12:30:52 dur dovecot: lda(root): Error: user root: Initialization > failed: Initializing mail storage from mail_location setting failed: > stat(/root/Maildir) failed: Permission denied (euid=65534(nobody) > egid=65534(nogroup) missing +x perm: /root, dir owned by 0:0 mode=0700) > Nov 16 12:30:52 dur dovecot: lda(root): Fatal: Invalid user settings. > Refer to server log for more information. You should not be attempting to deliver mail to root directly. Instead you should forward root's mail to a real user with /etc/aliases; postfix's local(8) will not allow you to deliver mail as root. Ben From zaphod at tdl.com Sat Nov 17 00:21:30 2012 From: zaphod at tdl.com (Chuck Cochems) Date: Fri, 16 Nov 2012 15:21:30 -0700 Subject: [Dovecot] whoson plugin for 2.0 In-Reply-To: <50A68BA7.4080500@localhost.localdomain.org> References: <50A5B2B2.40409@tdl.com> <50A68BA7.4080500@localhost.localdomain.org> Message-ID: <50A6BC6A.6070504@tdl.com> On 11/16/2012 11:53 AM, Pascal Volk wrote: > On 11/16/2012 04:27 AM Chuck Cochems wrote: >> ? >> this is, of course, because getenv() no longer functions lie it used to >> in plugins. >> >> so i need a replacement for getenv("IP") and getenv("USER") to make this >> work. > > AFAIR: getenv was replaced by mail_user_plugin_getenv > > ,--[ lib-storage/mail-user.h ]-- > | /* If name exists in plugin_envs, return its value. */ > | const char *mail_user_plugin_getenv(struct mail_user *user, const char *name); > `-- > > Ye, but it requires the user struct to be passed as a parameter, which this plugin doesn't even use. Also, it seems the ip address is stored in a different format than used by the old getenv("IP") (which was a string) I need to return both the IP and the email address as a string to drop it into the old code. I attempted to use the drac plugin as a base (the new 2.0 compatible one) but i found the code hard to follow, and also DRAC seems to just use the IP, while whoson also uses the email address. From rob0 at gmx.co.uk Sat Nov 17 00:29:16 2012 From: rob0 at gmx.co.uk (/dev/rob0) Date: Fri, 16 Nov 2012 16:29:16 -0600 Subject: [Dovecot] dovecot: lda(root): Fatal: Invalid user settings. Refer to server log for more information. In-Reply-To: <20121116221524.GE94077@anubis.morrow.me.uk> References: <50A6A678.2020601@gmail.com> <20121116221524.GE94077@anubis.morrow.me.uk> Message-ID: <20121116222916.GY3672@harrier.slackbuilds.org> On Fri, Nov 16, 2012 at 10:15:24PM +0000, Ben Morrow wrote: > postfix's local(8) will not allow you to deliver mail as root. Strictly speaking it will deliver to/as root, but not if invoking commands, which is what the OP was doing. -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if "/dev/rob0" is in the Subject: From user+dovecot at localhost.localdomain.org Sat Nov 17 01:43:06 2012 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Sat, 17 Nov 2012 00:43:06 +0100 Subject: [Dovecot] whoson plugin for 2.0 In-Reply-To: <50A6BC6A.6070504@tdl.com> References: <50A5B2B2.40409@tdl.com> <50A68BA7.4080500@localhost.localdomain.org> <50A6BC6A.6070504@tdl.com> Message-ID: <50A6CF8A.40202@localhost.localdomain.org> On 11/16/2012 11:21 PM Chuck Cochems wrote: > ? > I need to return both the IP and the email address as a string to drop > it into the old code. > ? You could check the code of the `doveadm who` command <http://wiki2.dovecot.org/Tools/Doveadm/Who>. It shows both, the user name and the IP address. Regards, Pascal -- The trapper recommends today: c01dcafe.1232200 at localdomain.org From hawat.thufir at gmail.com Sat Nov 17 03:32:16 2012 From: hawat.thufir at gmail.com (Thufir) Date: Fri, 16 Nov 2012 17:32:16 -0800 Subject: [Dovecot] dovecot: lda(root): Fatal: Invalid user settings. Refer to In-Reply-To: <50A6A678.2020601@gmail.com> References: <50A6A678.2020601@gmail.com> Message-ID: <50A6E920.4040000@gmail.com> On Fri, 16 Nov 2012 16:09:54 -0600, /dev/rob0 wrote: > The fix to this is simply not to deliver mail to root. You should have > aliased root to a mortal user. Postfix will not invoke a mailbox_command > as root. > > In broader terms, you should only use root for actual system > administration, and not for user tasks such as reading and sending mail. > > See and edit /etc/aliases, then run "newaliases". Example: > > root: thufir > > http://www.postfix.org/postconf.5.html#default_privs > http://www.postfix.org/postconf.5.html#mailbox_command > http://www.postfix.org/local.8.html > http://www.postfix.org/aliases.5.html > > After you have done this, requeue the message: > > # postsuper -r 35EC92A0D72 > > (or just delete it, s/-r/-d/, and try another test.) > > http://www.postfix.org/postsuper.1.html Ah, thank you. Not dovecot at all, makes sense. I was sending to root because of a problem with keychain preventing usage of the "mail" command for users: http://ubuntuforums.org/showthread.php?t=2065461 Anyhow, that's fixed so that I can now use the "mail" command as a mortal, as you put it. I think I'm on my way, and that this is a postfix and not dovecot problem. The mail doesn't arrive, but the log shows as delivered (I think) and then removed for some reason: thufir at dur:~$ thufir at dur:~$ thufir at dur:~$ telnet localhost 25 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 dur.bounceme.net ESMTP Postfix (Ubuntu) HELO me 250 dur.bounceme.net mail from:<thufir at example.com> 250 2.1.0 Ok rcpt to:<thufir at localhost> 250 2.1.5 Ok data 354 End data with <CR><LF>.<CR><LF> subject: never arrives postfix problem? . 250 2.0.0 Ok: queued as 3C8392A0007 quit 221 2.0.0 Bye Connection closed by foreign host. thufir at dur:~$ thufir at dur:~$ mail No mail for thufir thufir at dur:~$ thufir at dur:~$ thufir at dur:~$ tail /var/log/mail.log Nov 16 17:19:04 dur postfix/smtpd[2975]: connect from localhost[127.0.0.1] Nov 16 17:19:32 dur postfix/smtpd[2975]: disconnect from localhost [127.0.0.1] Nov 16 17:19:36 dur postfix/smtpd[2975]: connect from localhost[127.0.0.1] Nov 16 17:20:06 dur postfix/smtpd[2975]: 3C8392A0007: client=localhost [127.0.0.1] Nov 16 17:20:48 dur postfix/cleanup[2985]: 3C8392A0007: message- id=<20121117012006.3C8392A0007 at dur.bounceme.net> Nov 16 17:20:48 dur postfix/qmgr[1521]: 3C8392A0007: from=<thufir at example.com>, size=336, nrcpt=1 (queue active) Nov 16 17:20:48 dur dovecot: lda(thufir): msgid=<20121117012006.3C8392A0007 at dur.bounceme.net>: saved mail to INBOX Nov 16 17:20:48 dur postfix/local[2988]: 3C8392A0007: to=<thufir at localhost>, relay=local, delay=55, delays=55/0.02/0/0.17, dsn=2.0.0, status=sent (delivered to command: /usr/lib/dovecot/deliver - c /etc/dovecot/conf.d/01-mail-stack-delivery.conf -m "${EXTENSION}") Nov 16 17:20:48 dur postfix/qmgr[1521]: 3C8392A0007: removed Nov 16 17:20:54 dur postfix/smtpd[2975]: disconnect from localhost [127.0.0.1] thufir at dur:~$ thanks, Thufir From rob0 at gmx.co.uk Sat Nov 17 03:58:55 2012 From: rob0 at gmx.co.uk (/dev/rob0) Date: Fri, 16 Nov 2012 19:58:55 -0600 Subject: [Dovecot] dovecot: lda(root): Fatal: Invalid user settings. Refer to In-Reply-To: <50A6E920.4040000@gmail.com> References: <50A6A678.2020601@gmail.com> <50A6E920.4040000@gmail.com> Message-ID: <20121117015855.GA3672@harrier.slackbuilds.org> On Fri, Nov 16, 2012 at 05:32:16PM -0800, Thufir wrote: > On Fri, 16 Nov 2012 16:09:54 -0600, /dev/rob0 wrote: > >The fix to this is simply not to deliver mail to root. You > >should have aliased root to a mortal user. Postfix will not > >invoke a mailbox_command as root. > > Ah, thank you. Not dovecot at all, makes sense. I was sending > to root because of a problem with keychain preventing usage of > the "mail" command for users: > > http://ubuntuforums.org/showthread.php?t=2065461 > > Anyhow, that's fixed so that I can now use the "mail" command as a > mortal, as you put it. I think I'm on my way, and that this is a > postfix and not dovecot problem. The mail doesn't arrive, but the > log shows as delivered (I think) and then removed for some reason: It was delivered and removed from the queue. > thufir at dur:~$ telnet localhost 25 > Trying 127.0.0.1... > Connected to localhost. > Escape character is '^]'. > 220 dur.bounceme.net ESMTP Postfix (Ubuntu) > HELO me > 250 dur.bounceme.net > mail from:<thufir at example.com> > 250 2.1.0 Ok > rcpt to:<thufir at localhost> > 250 2.1.5 Ok > data > 354 End data with <CR><LF>.<CR><LF> > subject: never arrives > > postfix problem? > . > 250 2.0.0 Ok: queued as 3C8392A0007 > quit > 221 2.0.0 Bye > Connection closed by foreign host. > thufir at dur:~$ > thufir at dur:~$ mail > No mail for thufir Your mail(1) MUA is not configured (or unable) to look in the place where the mail was, in fact, delivered. > thufir at dur:~$ tail /var/log/mail.log > Nov 16 17:19:04 dur postfix/smtpd[2975]: connect from localhost[127.0.0.1] > Nov 16 17:19:32 dur postfix/smtpd[2975]: disconnect from localhost > [127.0.0.1] > Nov 16 17:19:36 dur postfix/smtpd[2975]: connect from localhost[127.0.0.1] > Nov 16 17:20:06 dur postfix/smtpd[2975]: 3C8392A0007: client=localhost > [127.0.0.1] > Nov 16 17:20:48 dur postfix/cleanup[2985]: 3C8392A0007: message- > id=<20121117012006.3C8392A0007 at dur.bounceme.net> > Nov 16 17:20:48 dur postfix/qmgr[1521]: 3C8392A0007: > from=<thufir at example.com>, size=336, nrcpt=1 (queue active) > Nov 16 17:20:48 dur dovecot: lda(thufir): > msgid=<20121117012006.3C8392A0007 at dur.bounceme.net>: saved mail to INBOX Dovecot says it delivered it ... > Nov 16 17:20:48 dur postfix/local[2988]: 3C8392A0007: > to=<thufir at localhost>, relay=local, delay=55, delays=55/0.02/0/0.17, > dsn=2.0.0, status=sent (delivered to command: /usr/lib/dovecot/deliver - > c /etc/dovecot/conf.d/01-mail-stack-delivery.conf -m "${EXTENSION}") > Nov 16 17:20:48 dur postfix/qmgr[1521]: 3C8392A0007: removed ... and duly reported this success to Postfix, which deleted it from the queue as a result. > Nov 16 17:20:54 dur postfix/smtpd[2975]: disconnect from localhost > [127.0.0.1] Judging from your previous post where deliver tried to write to /root/Maildir/, I suppose your mail will be found in ~thufir/Maildir/new/ . Now Postfix is fine, Dovecot seems to be fine also. Your remaining issue is with "mail". If it's old BSD mailx, that is not very configurable. Consider other choices, such as mutt, alpine, or Heirloom mailx. -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if "/dev/rob0" is in the Subject: From hawat.thufir at gmail.com Sat Nov 17 05:06:47 2012 From: hawat.thufir at gmail.com (Thufir) Date: Fri, 16 Nov 2012 19:06:47 -0800 Subject: [Dovecot] dovecot: lda(root): Fatal: Invalid user settings. Refer to In-Reply-To: <50A6E920.4040000@gmail.com> References: <50A6A678.2020601@gmail.com> <50A6E920.4040000@gmail.com> Message-ID: <50A6FF47.2030803@gmail.com> On Fri, 16 Nov 2012 19:58:55 -0600, /dev/rob0 wrote: > Judging from your previous post where deliver tried to write to > /root/Maildir/, I suppose your mail will be found in > ~thufir/Maildir/new/ > . > > Now Postfix is fine, Dovecot seems to be fine also. Your remaining issue > is with "mail". If it's old BSD mailx, that is not very configurable. > Consider other choices, such as mutt, alpine, or Heirloom mailx. Thanks, it's right there: thufir at dur:~$ thufir at dur:~$ ll Maildir/new/ total 20 drwx------ 2 thufir thufir 4096 Nov 16 18:56 ./ drwx------ 5 thufir thufir 4096 Nov 16 18:56 ../ -rw------- 1 thufir thufir 410 Nov 16 11:57 1353095866.M305477P3932.dur,S=410,W=422 -rw------- 1 thufir thufir 424 Nov 16 17:20 1353115248.M841336P2990.dur,S=424,W=436 -rw------- 1 thufir thufir 445 Nov 16 18:56 1353121003.M187706P3838.dur,S=445,W=457 thufir at dur:~$ thufir at dur:~$ nl Maildir/new/1353121003.M187706P3838.dur\,S\=445\,W\=457 1 Return-Path: <thufir at example.net> 2 X-Original-To: thufir at localhost 3 Delivered-To: thufir at localhost 4 Received: from me (localhost [127.0.0.1]) 5 by dur.bounceme.net (Postfix) with SMTP id 43D6F2A07C1 6 for <thufir at localhost>; Fri, 16 Nov 2012 18:55:55 -0800 (PST) 7 subject: to evolution mail 8 Message-Id: <20121117025613.43D6F2A07C1 at dur.bounceme.net> 9 Date: Fri, 16 Nov 2012 18:55:55 -0800 (PST) 10 From: thufir at example.net 11 we'll see if this goes through. thufir at dur:~$ and it even looks like Evolution's supported :) thanks again for the help with what turned not to be dovecot at all. -Thufir From dmiller at amfes.com Sat Nov 17 08:35:51 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Fri, 16 Nov 2012 22:35:51 -0800 Subject: [Dovecot] [BUMP] Unanswered: how to force FTS indexing? In-Reply-To: <m2zk2hnu3r.fsf@cube.luannocracy.com> References: <m2pq43k7n3.fsf@cone.luannocracy.com> <508C9C8A.8000309@hardwarefreak.com> <m2vcdpfkz7.fsf@cone.luannocracy.com> <m2zk2knsnf.fsf_-_@cone.luannocracy.com> <50A5B666.9090507@amfes.com> <m2zk2hnu3r.fsf@cube.luannocracy.com> Message-ID: <assp.166829000f.50A73047.7080706@amfes.com> On 11/16/2012 12:58 PM, Dave Abrahams wrote: > on Thu Nov 15 2012, "Daniel L. Miller" <dmiller-AT-amfes.com> wrote: > >> On 11/14/2012 6:52 AM, Dave Abrahams wrote: >>> Does anyone have an answer to this question? Should I simply issue an >>> IMAP search command, or is there a better way? >>> >> Put this in a cron script: >> >> doveadm search -A text zyxabcxyz > /dev/null >> >> That will perform a search through every mailbox on the system, >> indexing as it goes. The search query is unlikely to return much in >> the way of results, so log files won't fill up much. > That actually doesn't work for me. "doveadm index ..." does, though. > Use whatever works for you. The problem (for me) with "doveadm index" is it only works with the specified mailboxes. It can be done for all users - but only designated mailboxes. So a "doveadm index -A INBOX" will scan all inboxes - but none of the other folders. The search command I showed performs a recursive search that hits everything. -- Daniel From e-frog at gmx.de Sat Nov 17 09:27:36 2012 From: e-frog at gmx.de (e-frog) Date: Sat, 17 Nov 2012 08:27:36 +0100 Subject: [Dovecot] [BUMP] Unanswered: how to force FTS indexing? In-Reply-To: <assp.166829000f.50A73047.7080706@amfes.com> References: <m2pq43k7n3.fsf@cone.luannocracy.com> <508C9C8A.8000309@hardwarefreak.com> <m2vcdpfkz7.fsf@cone.luannocracy.com> <m2zk2knsnf.fsf_-_@cone.luannocracy.com> <50A5B666.9090507@amfes.com> <m2zk2hnu3r.fsf@cube.luannocracy.com> <assp.166829000f.50A73047.7080706@amfes.com> Message-ID: <50A73C68.1030307@gmx.de> On 17.11.2012 07:35, wrote Daniel L. Miller: > On 11/16/2012 12:58 PM, Dave Abrahams wrote: >> on Thu Nov 15 2012, "Daniel L. Miller" <dmiller-AT-amfes.com> wrote: >> >>> On 11/14/2012 6:52 AM, Dave Abrahams wrote: >>>> Does anyone have an answer to this question? Should I simply issue an >>>> IMAP search command, or is there a better way? >>>> >>> Put this in a cron script: >>> >>> doveadm search -A text zyxabcxyz > /dev/null >>> >>> That will perform a search through every mailbox on the system, >>> indexing as it goes. The search query is unlikely to return much in >>> the way of results, so log files won't fill up much. >> That actually doesn't work for me. "doveadm index ..." does, though. >> > > Use whatever works for you. The problem (for me) with "doveadm index" > is it only works with the specified mailboxes. It can be done for all > users - but only designated mailboxes. So a "doveadm index -A INBOX" > will scan all inboxes - but none of the other folders. The following works for me: doveadm index -A "*" > The search > command I showed performs a recursive search that hits everything. > From tim at titan21.co.uk Sat Nov 17 18:23:40 2012 From: tim at titan21.co.uk (Tim Smith) Date: Sat, 17 Nov 2012 16:23:40 +0000 Subject: [Dovecot] Different Mechanism for POP3 Message-ID: <50A7BA0C.7010207@titan21.co.uk> Just wondered if there was a way of making the PLAIN an authentication method for POP3S transactions only without making this an option for IMAP? I am attempting to connect to a POP3S server through the GMail interface available through "Accounts and Import". The issue is that there does not seem to be an option to specify the type of mechanism within their interface so I think I have to offer PLAIN along with SSL. Has anyone else had any experience of using the GMail import settings? -- Tim Smith Tel: 01423 564 078 Mob: 07984 398 299 Email: info at titan21.co.uk Web: www.titan21.co.uk From h.reindl at thelounge.net Sat Nov 17 21:55:49 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Sat, 17 Nov 2012 20:55:49 +0100 Subject: [Dovecot] Different Mechanism for POP3 In-Reply-To: <50A7BA0C.7010207@titan21.co.uk> References: <50A7BA0C.7010207@titan21.co.uk> Message-ID: <50A7EBC5.80303@thelounge.net> Am 17.11.2012 17:23, schrieb Tim Smith: > Just wondered if there was a way of making the PLAIN an authentication method for POP3S transactions only without > making this an option for IMAP? I am attempting to connect to a POP3S server through the GMail interface available > through "Accounts and Import". The issue is that there does not seem to be an option to specify the type of > mechanism within their interface so I think I have to offer PLAIN along with SSL. Has anyone else had any > experience of using the GMail import settings? why not simply allow PLAIN at all? nearly all modern clients are using CRAM-MD5 as default if offered as also SSL/TLS if offered - let your users decide which mech they are using, really, some of them my use whatever sync-tools like imapsync or whatever which should not bother you at all -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 261 bytes Desc: OpenPGP digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121117/198cf0b1/attachment-0002.bin> From raan at graand-visions.com Sun Nov 18 00:31:26 2012 From: raan at graand-visions.com (Raan Young) Date: Sat, 17 Nov 2012 14:31:26 -0800 Subject: [Dovecot] couple questions about dovecot Message-ID: <000001cdc513$4831dbd0$d8959370$@graand-visions.com> I am attempting to migrate an ancient IMAP server to Dovecot 2.0.9 running on CentOS 6.3, while trying to minimize the impact on users. Most are using Outlook. I have everything working, but have run into a couple of problems, neither horrible, but both weird. It started when I noticed Outlook shows the .subscriptions file in the folder listing. I figured out a way to prevent that (see below), but then decided to attempt the same tactic to move the .imap index structure out of the folder tree and ran into an interesting side-effect. The .subscriptions issue would seem to be a bug, since the documentation I found implies Dovecot should be hiding it from list requests - as it does for the .imap index structure. I made a workaround by using the below mail_location setting. This puts the .subscriptions file above the imap folder structure and hence outside the list scope. mail_location = mbox:~/imap:INBOX=~/mbox:CONTROL=~:INDEX=~/.imap You'll note I have also moved the .imap index. This works, but the full path to the index files has extra layers of .imap. For example, if a folder tree of imap/A/B/C/D exists, where D is the actual mbox format message file, then the index files are stored in .imap/A/B/C/.imap/D. Don't know if this is a bug or I'm misunderstanding something. Can you provide any insight or better solutions for either issue? Some clients are also using iPhones and/or roundcubemail for web access. Those do not have the .subscriptions issue. Raan From andre.bischof at rheinsinn.de Sun Nov 18 15:32:52 2012 From: andre.bischof at rheinsinn.de (Andre Bischof) Date: Sun, 18 Nov 2012 14:32:52 +0100 Subject: [Dovecot] users mail folders have to be subscribed Message-ID: <CADLvNSZJJgET1PGdPjZEnt4zrc0UPX15=FZQ2SihK+aUQz8ZZQ@mail.gmail.com> Hi, I did a migration from cyrus 2.2 to dovecot (fresh installation, details below) via cyrus2dovecot from FU Berlin. That worked, but I first was missing mails in subfolders ander Inbox. No I detected that they are in the users Maildir in folders in his directory. They are listed when using telnet: * LIST (\HasChildren) "." "INBOX.ebay" * LIST (\HasNoChildren) "." "INBOX.ebay.xj" But they are not shown in thunderbird, I have to subscribe to them one by one. I probably did something wrong and maybe messed up with namespace and seperator settings - it would be great if one could lead me out of that. The wiki was a great help installing and configuring everything, but now I'm stuck. I use dovecot 2.1.7 under Ubuntu 12.10: # dovecot -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.5.0-18-generic x86_64 Ubuntu 12.10 auth_verbose = yes mail_debug = yes mail_location = maildir:~/Maildir managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation s ubaddress comparator-i;ascii-numeric relational regex imap4flags copy include variab les body enotify environment mailbox date ihave namespace inbox { inbox = yes list = yes location = prefix = separator = . type = private } passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } postmaster_address = postmaster at localhost protocols = imap pop3 sieve service auth { unix_listener /var/spool/postfix/private/dovecot-auth { group = postfix mode = 0660 user = postfix } } ssl_cert = </etc/ssl/certs/dovecot.pem ssl_cipher_list = ALL:!LOW:!SSLv2:ALL:!aNULL:!ADH:!eNULL:!EXP:RC4+RSA:+HIGH:+MEDIUM ssl_key = </etc/ssl/private/dovecot.pem userdb { driver = passwd } protocol imap { imap_client_workarounds = delay-newmail mail_max_userip_connections = 10 } protocol pop3 { mail_max_userip_connections = 10 pop3_client_workarounds = outlook-no-nuls oe-ns-eoh } } ssl_cert = </etc/ssl/certs/dovecot.pem ssl_cipher_list = ALL:!LOW:!SSLv2:ALL:!aNULL:!ADH:!eNULL:!EXP:RC4+RSA:+HIGH:+MEDIUM ssl_key = </etc/ssl/private/dovecot.pem userdb { driver = passwd } protocol imap { imap_client_workarounds = delay-newmail mail_max_userip_connections = 10 } protocol pop3 { mail_max_userip_connections = 10 pop3_client_workarounds = outlook-no-nuls oe-ns-eoh } protocol lda { deliver_log_format = msgid=%m: %$ mail_plugins = sieve sieve postmaster_address = postmaster quota_full_tempfail = yes rejection_reason = Your message to <%t> was automatically rejected:%n%r } Any help is greatly appreciated! Regards Andre From CMarcus at Media-Brokers.com Sun Nov 18 16:18:23 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Sun, 18 Nov 2012 09:18:23 -0500 Subject: [Dovecot] Different Mechanism for POP3 In-Reply-To: <50A7EBC5.80303@thelounge.net> References: <50A7BA0C.7010207@titan21.co.uk> <50A7EBC5.80303@thelounge.net> Message-ID: <50A8EE2F.8010407@Media-Brokers.com> On 2012-11-17 2:55 PM, Reindl Harald <h.reindl at thelounge.net> wrote: > Am 17.11.2012 17:23, schrieb Tim Smith: >> Just wondered if there was a way of making the PLAIN an authentication method for POP3S transactions only without making this an option for IMAP? I am attempting to connect to a POP3S server through the GMail interface available through "Accounts and Import". The issue is that there does not seem to be an option to specify the type of mechanism within their interface so I think I have to offer PLAIN along with SSL. Has anyone else had any experience of using the GMail import settings? > why not simply allow PLAIN at all? +1... as long as you only allow encrypted sessions, there is no security danger allowing PLAIN... -- Best regards, Charles From stroetgen at gei.de Sun Nov 18 16:54:00 2012 From: stroetgen at gei.de (=?ISO-8859-1?Q?Robert_Str=F6tgen?=) Date: Sun, 18 Nov 2012 15:54:00 +0100 Subject: [Dovecot] panic fts_solr for bad attachment Message-ID: <50A8F688.2040802@gei.de> Hi! I use dovecot 2.1.7 on Ubuntu 12.10 with fts_solr und decode2text.sh for indexing attachments. This works great in general. Just for one user there is a problem with an unknown bad attachment. I run "doveadm index -A '*'". After a while I receive: doveadm(xyz): Error: fts_solr: Invalid XML input at line 1: mismatched tag doveadm(xyz): Panic: file solr-connection.c: line 545 (solr_connection_post_more): assertion failed: (maxfd >= 0) doveadm(xyz): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x3c14a) [0x7f7ce2c1714a] -> /usr/lib/dovecot/libdovecot.so.0(default_fatal_handler+0x2a) [0x7f7ce2c1720a] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f7ce2bee81a] -> /usr/lib/dovecot/modules/lib21_fts_solr_plugin.so(solr_connection_post_more+0x249) [0x7f7ce11913a9] -> /usr/lib/dovecot/modules/lib21_fts_solr_plugin.so(+0x4597) [0x7f7ce118e597] -> /usr/lib/dovecot/modules/lib20_fts_plugin.so(+0x6f57) [0x7f7ce159df57] -> /usr/lib/dovecot/modules/lib20_fts_plugin.so(fts_build_mail+0xf5) [0x7f7ce159e085] -> /usr/lib/dovecot/modules/lib20_fts_plugin.so(+0xba70) [0x7f7ce15a2a70] -> doveadm(+0x15309) [0x7f7ce35cc309] -> doveadm(+0x11f36) [0x7f7ce35c8f36] -> doveadm(+0x12bf1) [0x7f7ce35c9bf1] -> doveadm(doveadm_mail_try_run+0x161) [0x7f7ce35c9ed1] -> doveadm(main+0x3d1) [0x7f7ce35c8ae1] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed) [0x7f7ce283d76d] -> doveadm(+0x11d15) [0x7f7ce35c8d15] In catalina out I find: Nov 18, 2012 2:59:09 PM org.apache.solr.common.SolrException log SEVERE: org.apache.solr.common.SolrException: Invalid UTF-8 start byte 0xfc (at char #25214836, byte #26687495) at org.apache.solr.handler.XMLLoader.load(XMLLoader.java:81) at org.apache.solr.handler.ContentStreamHandlerBase.handleRequestBody(ContentStreamHandlerBase.java:58) at org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:129) at org.apache.solr.core.SolrCore.execute(SolrCore.java:1376) at org.apache.solr.servlet.SolrDispatchFilter.execute(SolrDispatchFilter.java:365) at org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:260) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.apache.catalina.valves.RequestFilterValve.process(RequestFilterValve.java:316) at org.apache.catalina.valves.RemoteAddrValve.invoke(RemoteAddrValve.java:81) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:859) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:602) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489) at java.lang.Thread.run(Thread.java:722) Caused by: com.ctc.wstx.exc.WstxIOException: Invalid UTF-8 start byte 0xfc (at char #25214836, byte #26687495) at com.ctc.wstx.sr.StreamScanner.constructFromIOE(StreamScanner.java:625) at com.ctc.wstx.sr.StreamScanner.loadMore(StreamScanner.java:994) at com.ctc.wstx.sr.StreamScanner.getNext(StreamScanner.java:754) at com.ctc.wstx.sr.BasicStreamReader.nextFromTree(BasicStreamReader.java:2691) at com.ctc.wstx.sr.BasicStreamReader.next(BasicStreamReader.java:1065) at org.apache.solr.handler.XMLLoader.readDoc(XMLLoader.java:309) at org.apache.solr.handler.XMLLoader.processUpdate(XMLLoader.java:156) at org.apache.solr.handler.XMLLoader.load(XMLLoader.java:79) ... 19 more Caused by: java.io.CharConversionException: Invalid UTF-8 start byte 0xfc (at char #25214836, byte #26687495) at com.ctc.wstx.io.UTF8Reader.reportInvalidInitial(UTF8Reader.java:303) at com.ctc.wstx.io.UTF8Reader.read(UTF8Reader.java:189) at com.ctc.wstx.io.ReaderSource.readInto(ReaderSource.java:87) at com.ctc.wstx.io.BranchingReaderSource.readInto(BranchingReaderSource.java:57) at com.ctc.wstx.sr.StreamScanner.loadMore(StreamScanner.java:988) ... 25 more doveadm index stops after this error. How can I make doveadm just to skip the error and to continue indexing? Thanks Robert -- Robert Str?tgen Abteilungsleiter Informationsmanagement und Publikationen Georg-Eckert-Institut f?r internationale Schulbuchforschung Celler Str. 3 38114 Braunschweig Tel. +49 (0)531 59099-47 & +49 (0)531 123103-205 Fax +49 (0)531 59099-99 http://www.gei.de/ From dave at boostpro.com Sun Nov 18 16:57:28 2012 From: dave at boostpro.com (Dave Abrahams) Date: Sun, 18 Nov 2012 09:57:28 -0500 Subject: [Dovecot] [BUMP] Unanswered: how to force FTS indexing? References: <m2pq43k7n3.fsf@cone.luannocracy.com> <508C9C8A.8000309@hardwarefreak.com> <m2vcdpfkz7.fsf@cone.luannocracy.com> <m2zk2knsnf.fsf_-_@cone.luannocracy.com> <50A5B666.9090507@amfes.com> <m2zk2hnu3r.fsf@cube.luannocracy.com> <assp.166829000f.50A73047.7080706@amfes.com> Message-ID: <m2k3tjgdrb.fsf@boostpro.com> on Sat Nov 17 2012, "Daniel L. Miller" <dmiller-AT-amfes.com> wrote: > On 11/16/2012 12:58 PM, Dave Abrahams wrote: >> on Thu Nov 15 2012, "Daniel L. Miller" <dmiller-AT-amfes.com> wrote: >> >>> On 11/14/2012 6:52 AM, Dave Abrahams wrote: >>>> Does anyone have an answer to this question? Should I simply issue an >>>> IMAP search command, or is there a better way? >>>> >>> Put this in a cron script: >>> >>> doveadm search -A text zyxabcxyz > /dev/null >>> >>> That will perform a search through every mailbox on the system, >>> indexing as it goes. The search query is unlikely to return much in >>> the way of results, so log files won't fill up much. >> That actually doesn't work for me. "doveadm index ..." does, though. >> > > Use whatever works for you. The problem (for me) with "doveadm index" > is it only works with the specified mailboxes. It can be done for all > users - but only designated mailboxes. So a "doveadm index -A INBOX" > will scan all inboxes - but none of the other folders. The search > command I showed performs a recursive search that hits everything. I take it back; I'm not sure if "doveadm search" causes re-indexing. However, I *know* issuing a search command from a Python IMAP library doesn't do so. -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From zaphod at tdl.com Sun Nov 18 18:04:57 2012 From: zaphod at tdl.com (Chuck Cochems) Date: Sun, 18 Nov 2012 09:04:57 -0700 Subject: [Dovecot] whoson plugin for 2.0 In-Reply-To: <50A6CF8A.40202@localhost.localdomain.org> References: <50A5B2B2.40409@tdl.com> <50A68BA7.4080500@localhost.localdomain.org> <50A6BC6A.6070504@tdl.com> <50A6CF8A.40202@localhost.localdomain.org> Message-ID: <50A90729.7000608@tdl.com> On 11/16/2012 4:43 PM, Pascal Volk wrote: > On 11/16/2012 11:21 PM Chuck Cochems wrote: >> ? >> I need to return both the IP and the email address as a string to drop >> it into the old code. >> ? > > You could check the code of the `doveadm who` command > <http://wiki2.dovecot.org/Tools/Doveadm/Who>. It shows both, the user > name and the IP address. That's not much better... I just want the bare minimum of code to do this. The 1.x code was so simple, and i just want a 2.0 equivalent. is that so wrong? :) WHy the heck did they remove those incredibly useful environment variables anyway? From survietamine.droid at gmail.com Sun Nov 18 21:12:38 2012 From: survietamine.droid at gmail.com (Surviet Amine) Date: Sun, 18 Nov 2012 20:12:38 +0100 Subject: [Dovecot] advices for a new installation Message-ID: <CAORAmk2r51CUziuDDAiWRJNeHueyb_SW159mxxi4DixHJ7Zi0g@mail.gmail.com> hello everyone, first of all, please forgive my bad english skill, I live in France. On our "old" Dovecot 1.x architecture, we have NFS shares between the front servers (MTA, IMAP...) and mail storage server. I've read some wiki2 pages that present the new director and imap proxy. But I'm still don't see things clearly, so I post here to have your advices to set-up a new mail architecture. The hardware we have : - 24x hard drives in a SAS bay - this bay is directly attached via SAS to a server that I'll call : mail storage server - 2 others servers run ProxMox Virtual Environment The PVE will help us to get many virtual servers : - MX : "mail in" servers - IMAP/POP : our hosted clients services These clients may come from webmail (RoundCube) and others clients (Outlook, Thunderbird, mobile clients...) - RoundCube webmail - MySQL server (hosts in databases accounts and settings for Postfix, Dovecot and RoundCube) - maybe antivirus and antispam servers I've read several threads about NFS and IMAP issues. So I decided to not keeping it. In this scenario, I've tried for the mail receiving part : - front-end (postfix lmtp-client) to mail storage server (lmtp server) that seems to runs fine, now i'll must try to add antispam and antivirus scans Now, for the IMAP part, could you, please tell me, if it is better to : - have several IMAP frontend servers that proxy to the mail storage server or - still keeps NFS between the mail storage server and the frontends Dovecot ? On our Dovecot 1.x webmail use imapproxy. I've read that others proxies exist. We have used for a limited time Perdition. What is the differences between imapproxy, Perdition, nginx imap proxy and Dovecot proxy ? Thanks for sharing your experience of "large mail service" that are solid enought to be scaled. From daniel.parthey at informatik.tu-chemnitz.de Sun Nov 18 21:38:22 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sun, 18 Nov 2012 20:38:22 +0100 Subject: [Dovecot] users mail folders have to be subscribed In-Reply-To: <CADLvNSZJJgET1PGdPjZEnt4zrc0UPX15=FZQ2SihK+aUQz8ZZQ@mail.gmail.com> References: <CADLvNSZJJgET1PGdPjZEnt4zrc0UPX15=FZQ2SihK+aUQz8ZZQ@mail.gmail.com> Message-ID: <20121118193822.GA7565@daniel.localdomain> Andre Bischof wrote: > I did a migration from cyrus 2.2 to dovecot (fresh installation, details > below) via cyrus2dovecot from FU Berlin. That worked, but I first was > missing mails in subfolders ander Inbox. No I detected that they are in the > users Maildir in folders in his directory. They are listed when using > telnet: > > * LIST (\HasChildren) "." "INBOX.ebay" > * LIST (\HasNoChildren) "." "INBOX.ebay.xj" > > But they are not shown in thunderbird, I have to subscribe to them one by > one. I probably did something wrong and maybe messed up with namespace and > seperator settings - it would be great if one could lead me out of that. > The wiki was a great help installing and configuring everything, but now > I'm stuck. Unsubscribed mailboxes are not shown in thunderbird, while subscriptions being stored server side, not in your local thunderbird. You can use this command to subscribe one or more mailboxes: doveadm mailbox subscribe [-A|-u user] [-S socket_path] mailbox ... This should subscribe all mailboxes of a specific user (-A for all users): doveadm mailbox subscribe -u user at example.com "*" You can set this configuration option to auto-subscribe new folders: lda_mailbox_autosubscribe = yes Regards Daniel -- https://plus.google.com/103021802792276734820 From andre.bischof at rheinsinn.de Mon Nov 19 00:29:25 2012 From: andre.bischof at rheinsinn.de (Andre Bischof) Date: Sun, 18 Nov 2012 23:29:25 +0100 Subject: [Dovecot] users mail folders have to be subscribed In-Reply-To: <20121118193822.GA7565@daniel.localdomain> References: <CADLvNSZJJgET1PGdPjZEnt4zrc0UPX15=FZQ2SihK+aUQz8ZZQ@mail.gmail.com> <20121118193822.GA7565@daniel.localdomain> Message-ID: <CADLvNSZQCRDenkENPHc9wkv6BHaoA+rfsVoy_53r2SSpoCc_PA@mail.gmail.com> 2012/11/18 Daniel Parthey <daniel.parthey at informatik.tu-chemnitz.de> > Andre Bischof wrote: > > I did a migration from cyrus 2.2 to dovecot (fresh installation, details > > below) via cyrus2dovecot from FU Berlin. That worked, but I first was > > missing mails in subfolders ander Inbox. No I detected that they are in > the > > users Maildir in folders in his directory. They are listed when using > > telnet: > > > > * LIST (\HasChildren) "." "INBOX.ebay" > > * LIST (\HasNoChildren) "." "INBOX.ebay.xj" > > > > But they are not shown in thunderbird, I have to subscribe to them one by > > one. I probably did something wrong and maybe messed up with namespace > and > > seperator settings - it would be great if one could lead me out of that. > > The wiki was a great help installing and configuring everything, but now > > I'm stuck. > > Unsubscribed mailboxes are not shown in thunderbird, while subscriptions > being stored server side, not in your local thunderbird. > > Hi Daniel, thank you, I guess that will be helpful - but before trying it, I would like to get one thing clear, which could be the reason for my misunderstandings: IMHO I don't need any subscriptions, I would like to appear the imported cyrus folders and subfolders as subfolders in dovecot. The directory structure seperated by '.' in the folders names in my Maildir is exactly how I would like to have it in Thunderbird. Do I need subscriptions for that (I always thought subscriptions are to subscribe to other users folders, shared by them) or should I have that any other way? > You can use this command to subscribe one or more mailboxes: > doveadm mailbox subscribe [-A|-u user] [-S socket_path] mailbox ... > > This should subscribe all mailboxes of a specific user (-A for all users): > doveadm mailbox subscribe -u user at example.com "*" > > You can set this configuration option to auto-subscribe new folders: > lda_mailbox_autosubscribe = yes > > I will set this, thanks. Regards Andre From daniel.parthey at informatik.tu-chemnitz.de Mon Nov 19 00:59:40 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sun, 18 Nov 2012 23:59:40 +0100 Subject: [Dovecot] users mail folders have to be subscribed In-Reply-To: <CADLvNSZQCRDenkENPHc9wkv6BHaoA+rfsVoy_53r2SSpoCc_PA@mail.gmail.com> References: <CADLvNSZJJgET1PGdPjZEnt4zrc0UPX15=FZQ2SihK+aUQz8ZZQ@mail.gmail.com> <20121118193822.GA7565@daniel.localdomain> <CADLvNSZQCRDenkENPHc9wkv6BHaoA+rfsVoy_53r2SSpoCc_PA@mail.gmail.com> Message-ID: <20121118225940.GA7581@daniel.localdomain> Andre Bischof wrote: > 2012/11/18 Daniel Parthey <daniel.parthey at informatik.tu-chemnitz.de> > > Unsubscribed mailboxes are not shown in thunderbird, while subscriptions > > being stored server side, not in your local thunderbird. > > IMHO I don't need any subscriptions, I would like to appear the imported > cyrus folders and subfolders as subfolders in dovecot. The directory > structure seperated by '.' in the folders names in my Maildir is exactly > how I would like to have it in Thunderbird. No, strictly speaking you don't need subscriptions, but Thunderbird is configured to display only subscribed folders by default. You can configure thunderbird to not use subscriptions: Edit > Settings > Edit configuration mail.server.default.using_subscription false Under Account Settings > Server Settings > Extended you have the possibility to only display subscribed folders. So you might want to remove the checkmark in order to display even unsubscribed folders. Regards Daniel -- https://plus.google.com/103021802792276734820 From sven at svenhartge.de Mon Nov 19 01:03:18 2012 From: sven at svenhartge.de (Sven Hartge) Date: Mon, 19 Nov 2012 00:03:18 +0100 Subject: [Dovecot] users mail folders have to be subscribed References: <CADLvNSZJJgET1PGdPjZEnt4zrc0UPX15=FZQ2SihK+aUQz8ZZQ@mail.gmail.com> <20121118193822.GA7565@daniel.localdomain> <CADLvNSZQCRDenkENPHc9wkv6BHaoA+rfsVoy_53r2SSpoCc_PA@mail.gmail.com> Message-ID: <899ee7qld4v8@mids.svenhartge.de> Andre Bischof <andre.bischof at rheinsinn.de> wrote: > 2012/11/18 Daniel Parthey <daniel.parthey at informatik.tu-chemnitz.de> >> Unsubscribed mailboxes are not shown in thunderbird, while subscriptions >> being stored server side, not in your local thunderbird. > thank you, I guess that will be helpful - but before trying it, I > would like to get one thing clear, which could be the reason for my > misunderstandings: > IMHO I don't need any subscriptions, I would like to appear the > imported cyrus folders and subfolders as subfolders in dovecot. The > directory structure seperated by '.' in the folders names in my > Maildir is exactly how I would like to have it in Thunderbird. > Do I need subscriptions for that (I always thought subscriptions are > to subscribe to other users folders, shared by them) or should I have > that any other way? "supscription" in IMAP-speak is the server telling the client: show this folder to the user. There is no differentiation between your folders an other users folders. Your problem is that during your conversion from cyrus to dovecot your subscriptions got lost. Maybe because the folder structure changed and no longer matches the server-stored subscription or because the server-stored subscription was not converted at all. Gr??e, S? -- Sigmentation fault. Core dumped. From nicolas.kowalski at gmail.com Mon Nov 19 12:09:48 2012 From: nicolas.kowalski at gmail.com (Nicolas KOWALSKI) Date: Mon, 19 Nov 2012 11:09:48 +0100 Subject: [Dovecot] Initial status notification not received In-Reply-To: <20121116141259.GA9371@petole.demisel.net> References: <20121116141259.GA9371@petole.demisel.net> Message-ID: <20121119100948.GA19772@petole.demisel.net> Hello, Has anybody some suggestions about the problem below? I see in the archives (http://thread.gmane.org/gmane.mail.imap.dovecot/67077) that someone also has (had?) this problem; a cronjob workaround was used, but no dovecot solution was given. Thanks, Nicolas On Fri, Nov 16, 2012 at 03:12:59PM +0100, Nicolas KOWALSKI wrote: > Hello, > > We have SLES-11 SP2 Xen VMs running dovecot as IMAP proxies. At VMs > startup, dovecot almost always shows these errors: > > Nov 16 14:29:19 server dovecot: master: Dovecot v2.1.10 starting up (core dumps disabled) > Nov 16 14:29:55 server dovecot: master: Error: service(anvil): Initial status notification not received in 30 seconds, killing the process > Nov 16 14:29:55 server dovecot: master: Error: service(log): Initial status notification not received in 30 seconds, killing the process > Nov 16 14:29:55 server dovecot: master: Error: service(ssl-params): Initial status notification not received in 30 seconds, killing the process > Nov 16 14:29:55 server dovecot: master: Error: service(log): child 3591 killed with signal 9 > > As the last line tells, dovecot stops logging information. We have to > restart the dovecot processes to get back normal behaviour. I also tried > to set idle_kill values to services definitions, without success. > > Is there a way to prevent these errors? > > > Here is the dovecot -n output: > > # 2.1.10: /etc/dovecot/dovecot.conf > # OS: Linux 3.0.42-0.7-xen x86_64 SUSE Linux Enterprise Server 11 > (x86_64) > default_client_limit = 4096 > default_idle_kill = 5 mins > default_process_limit = 16384 > listen = 10.254.251.18 > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = > } > passdb { > args = /etc/dovecot/dovecot-ldap.conf.ext > driver = ldap > } > plugin { > sieve = ~/.dovecot.sieve > sieve_dir = ~/sieve > } > protocols = imap sieve > service anvil { > client_limit = 65536 > idle_kill = 0 > } > service auth { > client_limit = 32768 > } > service imap-login { > inet_listener imap { > port = 0 > } > } > service imap { > process_limit = 0 > } > service log { > idle_kill = 0 > } > service managesieve { > process_limit = 0 > } > service ssl-params { > idle_kill = 0 > } > ssl_ca = </etc/dovecot/ssl/ca.pem > ssl_cert = </etc/dovecot/ssl/server-crt.pem > ssl_key = </etc/dovecot/ssl/server-key.pem > userdb { > args = /etc/dovecot/dovecot-ldap.conf.ext > driver = ldap > } > protocol sieve { > passdb { > args = /etc/dovecot/dovecot-ldap-sieve.conf.ext > driver = ldap > } > } > > > Thanks, > -- > Nicolas -- Nicolas From andre.bischof at rheinsinn.de Mon Nov 19 12:27:47 2012 From: andre.bischof at rheinsinn.de (Andre Bischof) Date: Mon, 19 Nov 2012 11:27:47 +0100 Subject: [Dovecot] users mail folders have to be subscribed In-Reply-To: <899ee7qld4v8@mids.svenhartge.de> References: <CADLvNSZJJgET1PGdPjZEnt4zrc0UPX15=FZQ2SihK+aUQz8ZZQ@mail.gmail.com> <20121118193822.GA7565@daniel.localdomain> <CADLvNSZQCRDenkENPHc9wkv6BHaoA+rfsVoy_53r2SSpoCc_PA@mail.gmail.com> <899ee7qld4v8@mids.svenhartge.de> Message-ID: <CADLvNSayLhZ39zjvmBqpkYOteFTbdWAMrTGNnD=LrSLRE59-pQ@mail.gmail.com> Sven, Daniel, 2012/11/19 Sven Hartge <sven at svenhartge.de> > Andre Bischof <andre.bischof at rheinsinn.de> wrote: > > 2012/11/18 Daniel Parthey <daniel.parthey at informatik.tu-chemnitz.de> > ... > > "supscription" in IMAP-speak is the server telling the client: show this > folder to the user. > > There is no differentiation between your folders an other users folders. > > Your problem is that during your conversion from cyrus to dovecot your > subscriptions got lost. Maybe because the folder structure changed and > no longer matches the server-stored subscription or because the > server-stored subscription was not converted at all. > > Ah, now I understand. Thanks to Daniel I now know how I could tune Thunderbird accordingly, but I prefer to have it solved server-side, thus not tweaking every client I use from different computers. Sven, I believe subscription have been lost while converting from cyrus to dovecot, and I understand that I should use the commands shown by Daniel to subscribe this folders one time server side, and my problems should be solved no matter which clients I use (I put lda_mailbox_autosubscribe = yes already): doveadm mailbox subscribe -u user at example.com "*" One more question: Should the user for "-u" be the system user the mailboxes belong to or has the user to be written in form of an email adress (user at localhost / user at n.dyndns.org)? Regards From Benoit.Branciard at univ-paris1.fr Mon Nov 19 14:06:50 2012 From: Benoit.Branciard at univ-paris1.fr (Benoit Branciard) Date: Mon, 19 Nov 2012 13:06:50 +0100 Subject: [Dovecot] upgrade 1.0.15 -> 2.1.7: MBOX index compatibility and performance Message-ID: <50AA20DA.1060406@univ-paris1.fr> Hi, we just upgraded our mailserver from Dovecot 1.0.15 to Dovecot 2.1.7. We use MBOX format (due to legacy compatibility), system users, PAM+GSSAPI auth, filesystem quotas, and indexes located on a separate filesystem: mail_location = mbox:~/mail:INBOX=~/mail/INBOX:INDEX=/var/cache/dovecot/indexes/%16Hu/%u The 2.1.7 configuration files have been rewritten based on default templates instead of converting it from 1.0.15. The server has ~8000 mailboxes and about ~2000 simultaneous IMAP/POP active connexions. The problem is: - indexes seem to be rebuilt: first IMAP/POP connexion for each user thows lots of error messages in the log, and the global index size decreases. Example error log: Nov 19 08:56:38 myhost dovecot: imap(myuser): Error: Cached message size larger than expected (27884 > 27855) Nov 19 08:56:38 myhost dovecot: imap(myuser): Error: Corrupted index cache file /var/cache/dovecot/indexes/4/myuser/.imap/INBOX/dovecot.index.cache: Broken physical size for mail UID 4414 Nov 19 08:56:38 myhost dovecot: imap(myuser): Error: Cached message size larger than expected (27884 > 27855) Nov 19 08:56:38 myhost dovecot: imap(myuser): Error: Corrupted index cache file /var/cache/dovecot/indexes/4/myuser/.imap/INBOX/dovecot.index.cache: Broken physical size for mail UID 4414 Nov 19 08:56:38 myhost dovecot: imap(myuser): Error: Cached message size larger than expected (27884 > 27855) Nov 19 08:56:38 myhost dovecot: imap(myuser): Error: Corrupted index cache file /var/cache/dovecot/indexes/4/myuser/.imap/INBOX/dovecot.index.cache: Broken physical size for mail UID 4414 Nov 19 08:56:38 myhost dovecot: imap(myuser): Error: Cached message size larger than expected (27884 > 27855) Nov 19 08:56:38 myhost dovecot: imap(myuser): Error: Corrupted index cache file /var/cache/dovecot/indexes/4/myuser/.imap/INBOX/dovecot.index.cache: Broken physical size for mail UID 4414 Nov 19 08:56:38 myhost dovecot: imap(myuser): Error: copy: i_stream_read() failed: Input/output error Nov 19 08:56:38 myhost dovecot: imap(myuser): Error: Cached message size larger than expected (27884 > 27855) Nov 19 08:56:38 myhost dovecot: imap(myuser): Error: Corrupted index cache file /var/cache/dovecot/indexes/4/myuser/.imap/INBOX/dovecot.index.cache: Broken physical size for mail UID 4414 - load average is extremely high (more than 10x the usual one), resulting from an significant increase of disk I/O, and for now (4h after the "monday rush") this doesn't seem to decrease. Questions: - are 1.05 indexes supposed to be backward compatible with Dovecot 2.1.7 ? - are there some technical reasons which could explain the increase of disk I/O, apart from index rebuild ? -- Benoit BRANCIARD Service InfraStructures (SIS) - Direction du Syst?me d'Information (DSI) Universit? Paris 1 Panth?on-Sorbonne Centre Pierre Mend?s France B 406 - 90, rue de Tolbiac - 75634 Paris cedex 13 - France T?l : +33 1 44 07 89 68 - Fax : +33 1 44 07 89 66 Accueil t?l. : +33 1 44 07 89 65 Assistance : assistance-dsi at univ-paris1.fr Web : http://dsi.univ-paris1.fr -- Ce message a ete verifie par MailScanner pour des virus ou des polluriels et rien de suspect n'a ete trouve. From rgelfand2 at gmail.com Mon Nov 19 15:48:50 2012 From: rgelfand2 at gmail.com (Roman Gelfand) Date: Mon, 19 Nov 2012 08:48:50 -0500 Subject: [Dovecot] Data Store Synchronization Message-ID: <CAJbW+rnDSG3ee=-+g=x2Kx2VM=-6q6VB_Tn7gM0Yqw6RFdPvew@mail.gmail.com> Is there a way to synchronize dovecote mail store with another mail store, like zarafa, via imap or pop3? Thanks in advance From km at mathcs.emory.edu Mon Nov 19 16:02:27 2012 From: km at mathcs.emory.edu (Ken Mandelberg) Date: Mon, 19 Nov 2012 09:02:27 -0500 Subject: [Dovecot] fs_flush_file_handle_cache_dir: rmdir(/var/mail) AGAIN Message-ID: <50AA3BF3.6060802@mathcs.emory.edu> We are running Dovecot 2.0.12. It runs on only one server and /var/mail is local where all the INBOX's are stored. Users other IMAP folders are NFS mounted on the server. We see frequent Error: nfs_flush_file_handle_cache_dir: rmdir(/var/mail) failed: Device busy I know this error message has been around a long time. Should we still be seeing it on 2.0.12 with a local /var/mail. Perhaps the message is misleading and really complaining about folders other than INBOX that are NFS mounted. Our config has dovecot.conf:mail_nfs_index = no dovecot.conf:mail_nfs_storage = yes is that correct given the above? Also, does the flush error messages have any real consequences? My understanding is that the rmdir is meant to fail, just to force a flush. From rs at sys4.de Mon Nov 19 16:05:20 2012 From: rs at sys4.de (Robert Schetterer) Date: Mon, 19 Nov 2012 15:05:20 +0100 Subject: [Dovecot] Data Store Synchronization In-Reply-To: <CAJbW+rnDSG3ee=-+g=x2Kx2VM=-6q6VB_Tn7gM0Yqw6RFdPvew@mail.gmail.com> References: <CAJbW+rnDSG3ee=-+g=x2Kx2VM=-6q6VB_Tn7gM0Yqw6RFdPvew@mail.gmail.com> Message-ID: <50AA3CA0.5060507@sys4.de> Am 19.11.2012 14:48, schrieb Roman Gelfand: > Is there a way to synchronize dovecote mail store with another mail > store, like zarafa, via imap or pop3? > > Thanks in advance > depends "what" sync you goal search www for i.e imapsync getmail or more filesystem related rsync dsync Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From trusktr at gmail.com Mon Nov 19 16:17:33 2012 From: trusktr at gmail.com (/#!/JoePea) Date: Mon, 19 Nov 2012 06:17:33 -0800 Subject: [Dovecot] Dovecot sieve with postfix. Message-ID: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> Hi all, I can't get dovecot working with postfix. If I leave virtual_transport set to "virtual", I can send and receive messages just fine in roundcube. If I set virtual_transport to "dovecot", I can only send messages in roundcube, but incoming messages never arrive. Seems I can't get dovecot-lda to work. I need dovecot-lda in order for sieve filters to work. Any idea what I'm doing wrong? Here's `doveconf -n`: http://pastie.org/5401133 `postconf -n`: http://pastie.org/5401157 and `postconf -M`: http://pastie.org/5401177 Note: All I have to do is change virtual_transport = dovecot to virtual_transport = virtual and all will be fine, except for that I won't have sieve filtering which is what I really want. */#!/*JoePea From pipefab at mweb.co.za Mon Nov 19 17:49:43 2012 From: pipefab at mweb.co.za (Hendrik) Date: Mon, 19 Nov 2012 17:49:43 +0200 Subject: [Dovecot] Unsuscribe Message-ID: <006801cdc66d$7e971d60$7bc55820$@mweb.co.za> Please unsubscribe me From user+dovecot at localhost.localdomain.org Mon Nov 19 17:51:22 2012 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Mon, 19 Nov 2012 16:51:22 +0100 Subject: [Dovecot] Unsuscribe In-Reply-To: <006801cdc66d$7e971d60$7bc55820$@mweb.co.za> References: <006801cdc66d$7e971d60$7bc55820$@mweb.co.za> Message-ID: <50AA557A.2060001@localhost.localdomain.org> On 11/19/2012 04:49 PM Hendrik wrote: > Please unsubscribe me The header of your message contains: List-Unsubscribe: <http://dovecot.org/cgi-bin/mailman/options/dovecot>, <mailto:dovecot-request at dovecot.org?subject=unsubscribe> Regards, Pascal -- The trapper recommends today: defaced.1232416 at localdomain.org From h.reindl at thelounge.net Mon Nov 19 17:51:45 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Mon, 19 Nov 2012 16:51:45 +0100 Subject: [Dovecot] Unsuscribe In-Reply-To: <006801cdc66d$7e971d60$7bc55820$@mweb.co.za> References: <006801cdc66d$7e971d60$7bc55820$@mweb.co.za> Message-ID: <50AA5591.7060200@thelounge.net> Am 19.11.2012 16:49, schrieb Hendrik: > Please unsubscribe me whay do people not read nor understand welcome messages of mailing-lists? unsubscribe yourself because we can NOT and we want not too List-Unsubscribe: <http://dovecot.org/cgi-bin/mailman/options/dovecot>, <mailto:dovecot-request at dovecot.org?subject=unsubscribe> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 261 bytes Desc: OpenPGP digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121119/28da65a6/attachment-0002.bin> From ben at morrow.me.uk Mon Nov 19 18:47:54 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Mon, 19 Nov 2012 16:47:54 +0000 Subject: [Dovecot] Dovecot sieve with postfix. In-Reply-To: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> References: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> Message-ID: <20121119164753.GK94077@anubis.morrow.me.uk> At 6AM -0800 on 19/11/12 you (/#!/JoePea) wrote: > > I can't get dovecot working with postfix. If I leave virtual_transport set > to "virtual", I can send and receive messages just fine in roundcube. If I > set virtual_transport to "dovecot", I can only send messages in roundcube, > but incoming messages never arrive. Seems I can't get dovecot-lda to work. > I need dovecot-lda in order for sieve filters to work. > > Any idea what I'm doing wrong? > > Here's `doveconf -n`: > http://pastie.org/5401133 > > `postconf -n`: > http://pastie.org/5401157 > > and `postconf -M`: > http://pastie.org/5401177 The only obvious thing I can see wrong there is that you have mail_plugins = " sieve" in dovecot.conf, which should be mail_plugins = sieve but I don't know that that would prevent delivery. Is Postfix deferring the message, or does it think it's been delivered? What do you see in your logs when a message is delivered (since you've redirected Dovecot away from syslog, you'd need to look at both Postfix's and Dovecot's logs)? What happens if you feed a message to dovecot-lda manually, as 'mailman'? Check the exitcode of lda and the logs, as well as seeing if the message was delivered. Since you've set up a dedicated transport for Dovecot, it would probably be worth using LMTP instead of the LDA. It should be more efficient, and since you're only using a single virtual user you can tell dovecot to run the LMTP server as 'mailman' instead of root. Ben From root at doctor.nl2k.ab.ca Sun Nov 18 02:23:43 2012 From: root at doctor.nl2k.ab.ca (Dave Shariff Yadallee - System Administrator a.k.a. The Root of the Problem) Date: Sat, 17 Nov 2012 17:23:43 -0700 Subject: [Dovecot] ACL and SSL Message-ID: <20121118002343.GA18703@doctor.nl2k.ab.ca> Finally got Dovecot to work on ports 100 and 143. I would like to a) Learn about ACL esp on port 110 as there are still yodellaks that try to brake in on port 110. b) Setting up separate SSL cert for imaps and pop3s. -- For effective Internet Etiquette and communications read http://catb.org/jargon/html/T/top-post.html, http://idallen.com/topposting.html & http://www.caliburn.nl/topposting.html -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From dfischer at fi4it.de Mon Nov 19 19:04:37 2012 From: dfischer at fi4it.de (Fi4IT - Daniel Fischer) Date: Mon, 19 Nov 2012 18:04:37 +0100 Subject: [Dovecot] Dovecot sieve with postfix. In-Reply-To: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> References: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> Message-ID: <50AA66A5.4050702@fi4it.de> Hello Joe, i use this: main.cf virtual_transport = dovecot master.cf dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient} /etc/dovecot/conf.d/15-lda.conf protocol lda { log_path = /var/log/sieve.log mail_plugins = acl sieve } and that works fine with my tested clients (tb,outlook,roundcube) daniel Am 19.11.2012 15:17, schrieb /#!/JoePea: > Hi all, > > I can't get dovecot working with postfix. If I leave virtual_transport set > to "virtual", I can send and receive messages just fine in roundcube. If I > set virtual_transport to "dovecot", I can only send messages in roundcube, > but incoming messages never arrive. Seems I can't get dovecot-lda to work. > I need dovecot-lda in order for sieve filters to work. > > Any idea what I'm doing wrong? > > Here's `doveconf -n`: > http://pastie.org/5401133 > > `postconf -n`: > http://pastie.org/5401157 > > and `postconf -M`: > http://pastie.org/5401177 > > Note: All I have to do is change virtual_transport = dovecot to > virtual_transport > = virtual and all will be fine, except for that I won't have sieve > filtering which is what I really want. > > */#!/*JoePea > -- Fischer Daniel FI4IT - that's it Messerschmittstrasse 17 89231 Neu Ulm Email: dfischer at fi4it.de Web: www.fi4it.de Telefon: 073180019370 Fax: 073180019375 Mobil: 01729230731 From ben at morrow.me.uk Mon Nov 19 19:22:47 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Mon, 19 Nov 2012 17:22:47 +0000 Subject: [Dovecot] ACL and SSL In-Reply-To: <20121118002343.GA18703@doctor.nl2k.ab.ca> References: <20121118002343.GA18703@doctor.nl2k.ab.ca> Message-ID: <20121119172246.GL94077@anubis.morrow.me.uk> At 5PM -0700 on 17/11/12 you (Dave Shariff Yadallee - System Administrator a.k.a. The Root of the Problem) wrote: > Finally got Dovecot to work on ports 100 and 143. Port 100 is unassigned. Are you using it for POP3? > I would like to > > a) Learn about ACL esp on port 110 as there are still yodellaks that try > to brake in on port 110. If Dovecot is not listening on port 110 there is nothing it can do about people trying to connect to that port. Perhaps you want to simply block it in your firewall? > b) Setting up separate SSL cert for imaps and pop3s. See the section called 'Different certificates per IP and protocol' in http://wiki2.dovecot.org/SSL/DovecotConfiguration . Ben From rs at sys4.de Mon Nov 19 19:47:11 2012 From: rs at sys4.de (Robert Schetterer) Date: Mon, 19 Nov 2012 18:47:11 +0100 Subject: [Dovecot] ACL and SSL In-Reply-To: <20121118002343.GA18703@doctor.nl2k.ab.ca> References: <20121118002343.GA18703@doctor.nl2k.ab.ca> Message-ID: <50AA709F.8010706@sys4.de> Am 18.11.2012 01:23, schrieb Dave Shariff Yadallee - System Administrator a.k.a. The Root of the Problem: > ) Learn about ACL esp on port 110 as there are still yodellaks that try > to brake in on port 110. what acl you like to set over pop3 ? usually acl at dovecot means folder permissions in imap http://wiki2.dovecot.org/ACL if you mean what to do against brute force use i.e fail2ban http://wiki2.dovecot.org/HowTo/Fail2Ban Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From doctor at doctor.nl2k.ab.ca Mon Nov 19 19:55:56 2012 From: doctor at doctor.nl2k.ab.ca (The Doctor) Date: Mon, 19 Nov 2012 10:55:56 -0700 Subject: [Dovecot] ACL and SSL In-Reply-To: <20121118002343.GA18703@doctor.nl2k.ab.ca> References: <20121118002343.GA18703@doctor.nl2k.ab.ca> Message-ID: <20121119175556.GA21193@doctor.nl2k.ab.ca> On Sat, Nov 17, 2012 at 05:23:43PM -0700, Dave Shariff Yadallee - System Administrator a.k.a. The Root of the Problem wrote: > Finally got Dovecot to work on ports 100 and 143. > > I would like to > > a) Learn about ACL esp on port 110 as there are still yodellaks that try > to brake in on port 110. > > b) Setting up separate SSL cert for imaps and pop3s. Found this one out easily, however new issue: Nov 19 09:21:23 doctor dovecot: pop3-login: Login: user=<MOEuser>, method=PLAIN, rip=208.118.93.81, lip=local mail server, TLS Nov 19 09:21:23 doctor dovecot: POP3(MOEuser):Debug: Effective uid=2618, gid=2991, home=/usr/home/MOEuser Nov 19 09:21:23 doctor dovecot: POP3(MOEuser):Debug: fs: root=/usr/home/MOEuser/mail, index=, control=, inbox=/var/mail/MOEuser, alt= Nov 19 09:21:23 doctor dovecot: POP3(MOEuser):Debug: Namespace : /usr/home/MOEuser/mail doesn't exist yet, using default permissions Nov 19 09:21:23 doctor dovecot: POP3(MOEuser):Debug: Namespace : Using permissions from /usr/home/MOEuser/mail: mode=0700 gid=-1 Nov 19 09:21:23 doctor dovecot: POP3(MOEuser):Error: user MOEuser: Initialization failed: Initializing mail storage from mail_location setting failed: mkdir(/usr/home/MOEuser/mail) failed: Permission denied (euid=2618(MOEuser) egid=2991(sc) missing +w perm: /usr/home/MOEuser, dir owned by 0:2991 mode=0755) Nov 19 09:21:23 doctor dovecot: POP3(MOEuser):Error: Invalid user settings. Refer to server log for more information. Nov 19 09:21:27 doctor dovecot: pop3-login: Login: user=<MOEuser>, method=PLAIN, rip=208.118.93.81, lip=local mail server, TLS Nov 19 09:21:27 doctor dovecot: POP3(MOEuser):Debug: Effective uid=2618, gid=2991, home=/usr/home/MOEuser Nov 19 09:21:27 doctor dovecot: POP3(MOEuser):Debug: fs: root=/usr/home/MOEuser/mail, index=, control=, inbox=/var/mail/MOEuser, alt= Nov 19 09:21:27 doctor dovecot: POP3(MOEuser):Debug: Namespace : /usr/home/MOEuser/mail doesn't exist yet, using default permissions Nov 19 09:21:27 doctor dovecot: POP3(MOEuser):Debug: Namespace : Using permissions from /usr/home/MOEuser/mail: mode=0700 gid=-1 Nov 19 09:21:27 doctor dovecot: POP3(MOEuser):Error: user MOEuser: Initialization failed: Initializing mail storage from mail_location setting failed: mkdir(/usr/home/MOEuser/mail) failed: Permission denied (euid=2618(MOEuser) egid=2991(sc) missing +w perm: /usr/home/MOEuser, dir owned by 0:2991 mode=0755) Nov 19 09:21:27 doctor dovecot: POP3(MOEuser):Error: Invalid user settings. Refer to server log for more information. Nov 19 09:21:35 doctor dovecot: imap-login: Login: user=<MOEuser>, method=PLAIN, rip=208.118.93.81, lip=local mail server Nov 19 09:21:35 doctor dovecot: IMAP(MOEuser):Debug: Effective uid=2618, gid=2991, home=/usr/home/MOEuser Nov 19 09:21:35 doctor dovecot: IMAP(MOEuser):Debug: fs: root=/usr/home/MOEuser/mail, index=, control=, inbox=/var/mail/MOEuser, alt= Nov 19 09:21:35 doctor dovecot: IMAP(MOEuser):Debug: Namespace : /usr/home/MOEuser/mail doesn't exist yet, using default permissions Nov 19 09:21:35 doctor dovecot: IMAP(MOEuser):Debug: Namespace : Using permissions from /usr/home/MOEuser/mail: mode=0700 gid=-1 Nov 19 09:21:35 doctor dovecot: IMAP(MOEuser):Error: user MOEuser: Initialization failed: Initializing mail storage from mail_location setting failed: mkdir(/usr/home/MOEuser/mail) failed: Permission denied (euid=2618(MOEuser) egid=2991(sc) missing +w perm: /usr/home/MOEuser, dir owned by 0:2991 mode=0755) Nov 19 09:21:35 doctor dovecot: IMAP(MOEuser):Error: Invalid user settings. Refer to server log for more information. Nov 19 09:21:48 doctor dovecot: imap-login: Login: user=<MOEuser>, method=PLAIN, rip=208.118.93.81, lip=local mail server Nov 19 09:21:48 doctor dovecot: IMAP(MOEuser):Debug: Effective uid=2618, gid=2991, home=/usr/home/MOEuser Nov 19 09:21:48 doctor dovecot: IMAP(MOEuser):Debug: fs: root=/usr/home/MOEuser/mail, index=, control=, inbox=/var/mail/MOEuser, alt= Nov 19 09:21:48 doctor dovecot: IMAP(MOEuser):Debug: Namespace : /usr/home/MOEuser/mail doesn't exist yet, using default permissions Nov 19 09:21:48 doctor dovecot: IMAP(MOEuser):Debug: Namespace : Using permissions from /usr/home/MOEuser/mail: mode=0700 gid=-1 Nov 19 09:21:48 doctor dovecot: IMAP(MOEuser):Error: user MOEuser: Initialization failed: Initializing mail storage from mail_location setting failed: mkdir(/usr/home/MOEuser/mail) failed: Permission denied (euid=2618(MOEuser) egid=2991(sc) missing +w perm: /usr/home/MOEuser, dir owned by 0:2991 mode=0755) Nov 19 09:21:48 doctor dovecot: IMAP(MOEuser):Error: Invalid user settings. Refer to server log for more information. The MOEuser atnds for Microsoft Outlook Express user. The credentials were correct i.e. user/pw but Dovecot kept reject the user. I heard similar complants from M$ Mail, OE, and Outlook users doveconf -n # 2.1.10: /usr/dovecot2/etc/dovecot/dovecot.conf # OS: BSD/OS 4.3 i386 base_dir = /var/run/dovecot/ disable_plaintext_auth = no first_valid_uid = 100 listen = [::] login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c mail_debug = yes mail_location = mbox:~/mail:INBOX=/var/mail/%u mail_log_prefix = %Us(%u): mdbox_rotate_size = 2 k passdb { args = /etc/master.passwd driver = passwd-file } plugin { home = /usr/dovecot2 } protocols = imap pop3 service auth { executable = /usr/dovecot2/libexec/dovecot/auth user = root } service imap-login { chroot = login client_limit = 256 executable = /usr/dovecot2/libexec/dovecot/imap-login inet_listener imap { address = local mail server port = 143 } inet_listener imaps { address = local mail server port = 993 ssl = yes } process_limit = 128 process_min_avail = 3 service_count = 1 user = dovecot } service imap { executable = /usr/dovecot2/libexec/dovecot/imap process_limit = 512 } service pop3-login { chroot = login client_limit = 256 executable = /usr/dovecot2/libexec/dovecot/pop3-login inet_listener pop3s { address = local mail server port = 995 ssl = yes } process_limit = 128 process_min_avail = 3 service_count = 1 user = dovecot } service pop3 { executable = /usr/dovecot2/libexec/dovecot/pop3 process_limit = 512 } ssl_cert = </usr/dovecot2/etc/dovecot/ssl/pop3.nk.ca.crt ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:aNULL ssl_key = </usr/dovecot2/etc/dovecot/ssl/pop3.nk.ca.key userdb { driver = passwd } userdb { args = /etc/passwd driver = passwd-file } verbose_ssl = yes local local mail server { protocol imap { imap_client_workarounds = delay-newmail tb-extra-mailbox-sep imap_idle_notify_interval = 2 mins imap_logout_format = bytes=%i/%o imap_max_line_length = 64 k mail_max_userip_connections = 10 mail_plugin_dir = /usr/dovecot2/lib/dovecot/imap ssl_cert = </usr/dovecot2/etc/dovecot/ssl/pop3.nk.ca.crt ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:aNULL ssl_key = </usr/dovecot2/etc/dovecot/ssl/pop3.nk.ca.key verbose_ssl = yes } } local local mail server { protocol pop3 { mail_max_userip_connections = 3 mail_plugins = pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_enable_last = yes pop3_lock_session = yes pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s pop3_no_flag_updates = yes pop3_reuse_xuidl = yes pop3_save_uidl = no pop3_uidl_format = %08Xu%08Xv ssl_cert = </usr/dovecot2/etc/dovecot/ssl/pop3.nk.ca.crt ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:aNULL ssl_key = </usr/dovecot2/etc/dovecot/ssl/pop3.nk.ca.key verbose_ssl = yes } } Thunderbird works. Why are M$ mail clients messing up? > > -- > For effective Internet Etiquette and communications read > http://catb.org/jargon/html/T/top-post.html, http://idallen.com/topposting.html > & http://www.caliburn.nl/topposting.html > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. -- Member - Liberal International This is doctor at nl2k.ab.ca Ici doctor at nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Merry Christmas 2012 and Happy New Year 2013 From rs at sys4.de Mon Nov 19 20:13:21 2012 From: rs at sys4.de (Robert Schetterer) Date: Mon, 19 Nov 2012 19:13:21 +0100 Subject: [Dovecot] ACL and SSL In-Reply-To: <20121119175556.GA21193@doctor.nl2k.ab.ca> References: <20121118002343.GA18703@doctor.nl2k.ab.ca> <20121119175556.GA21193@doctor.nl2k.ab.ca> Message-ID: <50AA76C1.30407@sys4.de> Am 19.11.2012 18:55, schrieb The Doctor: > /mail) failed: Permission denied (euid=2618(MOEuser) egid=2991(sc) missing +w perm: /usr/home/MOEuser, dir owned by 0:2991 mode=0755 seems you got a permisson problem Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From dmiller at amfes.com Mon Nov 19 21:27:44 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Mon, 19 Nov 2012 11:27:44 -0800 Subject: [Dovecot] [BUMP] Unanswered: how to force FTS indexing? In-Reply-To: <m2k3tjgdrb.fsf@boostpro.com> References: <m2pq43k7n3.fsf@cone.luannocracy.com> <508C9C8A.8000309@hardwarefreak.com> <m2vcdpfkz7.fsf@cone.luannocracy.com> <m2zk2knsnf.fsf_-_@cone.luannocracy.com> <50A5B666.9090507@amfes.com> <m2zk2hnu3r.fsf@cube.luannocracy.com> <50A73047.7080706@amfes.com> <m2k3tjgdrb.fsf@boostpro.com> Message-ID: <assp.06705d8db5.50AA8830.9000903@amfes.com> On 11/18/2012 6:57 AM, Dave Abrahams wrote: > on Sat Nov 17 2012, "Daniel L. Miller" <dmiller-AT-amfes.com> wrote: > >> On 11/16/2012 12:58 PM, Dave Abrahams wrote: >>> on Thu Nov 15 2012, "Daniel L. Miller" <dmiller-AT-amfes.com> wrote: >>> >>>> On 11/14/2012 6:52 AM, Dave Abrahams wrote: >>>>> Does anyone have an answer to this question? Should I simply issue an >>>>> IMAP search command, or is there a better way? >>>>> >>>> Put this in a cron script: >>>> >>>> doveadm search -A text zyxabcxyz > /dev/null >>>> >>>> That will perform a search through every mailbox on the system, >>>> indexing as it goes. The search query is unlikely to return much in >>>> the way of results, so log files won't fill up much. >>> That actually doesn't work for me. "doveadm index ..." does, though. >>> >> Use whatever works for you. The problem (for me) with "doveadm index" >> is it only works with the specified mailboxes. It can be done for all >> users - but only designated mailboxes. So a "doveadm index -A INBOX" >> will scan all inboxes - but none of the other folders. The search >> command I showed performs a recursive search that hits everything. > I take it back; I'm not sure if "doveadm search" causes re-indexing. > However, I *know* issuing a search command from a Python IMAP library > doesn't do so. > That indicates something else is broken - unless my Dovecot understanding is totally off (which is always possible, even likely). To my knowledge, until the relatively recent support for the "doveadm index" command, the primary and indeed only way to index was to perform a search. When Dovecot receives a search request, whether passed by IMAP or through the doveadm backdoor, if the mailbox isn't current then any new mails are supposed to be added to the index in the course of the search. If that doesn't happen - then I think something is broken in your setup. -- Daniel From daniel.parthey at informatik.tu-chemnitz.de Tue Nov 20 00:32:05 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Mon, 19 Nov 2012 23:32:05 +0100 Subject: [Dovecot] users mail folders have to be subscribed In-Reply-To: <CADLvNSayLhZ39zjvmBqpkYOteFTbdWAMrTGNnD=LrSLRE59-pQ@mail.gmail.com> References: <CADLvNSZJJgET1PGdPjZEnt4zrc0UPX15=FZQ2SihK+aUQz8ZZQ@mail.gmail.com> <20121118193822.GA7565@daniel.localdomain> <CADLvNSZQCRDenkENPHc9wkv6BHaoA+rfsVoy_53r2SSpoCc_PA@mail.gmail.com> <899ee7qld4v8@mids.svenhartge.de> <CADLvNSayLhZ39zjvmBqpkYOteFTbdWAMrTGNnD=LrSLRE59-pQ@mail.gmail.com> Message-ID: <20121119223205.GA7800@daniel.localdomain> Andre Bischof wrote: > doveadm mailbox subscribe -u user at example.com "*" > > Should the user for "-u" be the system user the > mailboxes belong to or has the user to be written in form of an email > adress (user at localhost / user at n.dyndns.org)? It should be the same userdb username as used for imap login. Regards Daniel -- https://plus.google.com/103021802792276734820 From zaphod at tdl.com Tue Nov 20 02:13:11 2012 From: zaphod at tdl.com (Chuck Cochems) Date: Mon, 19 Nov 2012 17:13:11 -0700 Subject: [Dovecot] whoson plugin for 2.0 In-Reply-To: <50A6CF8A.40202@localhost.localdomain.org> References: <50A5B2B2.40409@tdl.com> <50A68BA7.4080500@localhost.localdomain.org> <50A6BC6A.6070504@tdl.com> <50A6CF8A.40202@localhost.localdomain.org> Message-ID: <50AACB17.2070008@tdl.com> On 11/16/2012 4:43 PM, Pascal Volk wrote: > On 11/16/2012 11:21 PM Chuck Cochems wrote: >> ? >> I need to return both the IP and the email address as a string to drop >> it into the old code. >> ? > > You could check the code of the `doveadm who` command > <http://wiki2.dovecot.org/Tools/Doveadm/Who>. It shows both, the user > name and the IP address. > > > Regards, > Pascal > Problem solved. i finally found a working verion. i told the author to switch from strlcpy (which is not part of glibc) to i_strocpy (which dovecot provides). hopefulyl he will listen. if not, that's how to fix it. http://ftp.ufanet.ru/pub/boco/dovecot/whoson-plugin-2/ someone update the 2.0 wiki link. :) From tss at iki.fi Tue Nov 20 02:55:16 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 20 Nov 2012 02:55:16 +0200 Subject: [Dovecot] FYI: News about Mark Crispin References: <E7C54D4EA2D977429FC82EF4@[192.168.0.2]> Message-ID: <EF9FB64E-28F2-4F6B-B6E8-1DE394E0C1E1@iki.fi> Begin forwarded message: > From: Barry Leiba <barryleiba at computer.org> > Date: 20. marraskuuta 2012 2.44.51 UTC+2.00 > To: imap5 at ietf.org, imapext at ietf.org, imap-protocol at u.washington.edu, imap-use at u.washington.edu > Subject: [imapext] News about Mark Crispin > Reply-To: imap5 at ietf.org > > Everyone here knows Mark Crispin -- or at least knows who he is: Mark is the author of the original IMAP specification, and has taken it through its different versions to the present IMAP4rev1. He's written reference implementations of both server and client, and has been a vocal participant on all the mailing lists I'm posting this to. > > I'm sad to have to report that Mark is now terminally ill, and is in hospice care. > > For now, at least, I'm told that Mark is at least somewhat aware. If anyone has brief well-wishing messages they'd like to send him, please post them to the <imap5 at ietf.org> mailing list, and I'll forward them to Mark's long-term companion, Annie. I will also post updates to that list as I get them. > > [The Reply-To for this message is set to <imap5 at ietf.org>, so that replies will go there. You will have to subscribe to that mailing list in order to post to it. You can do that here: > http://www.ietf.org/mailman/listinfo/imap5 ] > > Barry Leiba > > _______________________________________________ > imapext mailing list > imapext at ietf.org > https://www.ietf.org/mailman/listinfo/imapext > From noel.butler at ausics.net Tue Nov 20 04:26:47 2012 From: noel.butler at ausics.net (Noel Butler) Date: Tue, 20 Nov 2012 12:26:47 +1000 Subject: [Dovecot] FYI: News about Mark Crispin In-Reply-To: <EF9FB64E-28F2-4F6B-B6E8-1DE394E0C1E1@iki.fi> References: <E7C54D4EA2D977429FC82EF4@[192.168.0.2]> <EF9FB64E-28F2-4F6B-B6E8-1DE394E0C1E1@iki.fi> Message-ID: <1353378407.12776.28.camel@tardis> That's so sad, Marks a nice guy, and too fricken young for this to happen On Tue, 2012-11-20 at 02:55 +0200, Timo Sirainen wrote: > Begin forwarded message: > > > From: Barry Leiba <barryleiba at computer.org> > > Date: 20. marraskuuta 2012 2.44.51 UTC+2.00 > > To: imap5 at ietf.org, imapext at ietf.org, imap-protocol at u.washington.edu, imap-use at u.washington.edu > > Subject: [imapext] News about Mark Crispin > > Reply-To: imap5 at ietf.org > > > > Everyone here knows Mark Crispin -- or at least knows who he is: Mark is the author of the original IMAP specification, and has taken it through its different versions to the present IMAP4rev1. He's written reference implementations of both server and client, and has been a vocal participant on all the mailing lists I'm posting this to. > > > > I'm sad to have to report that Mark is now terminally ill, and is in hospice care. > > > > For now, at least, I'm told that Mark is at least somewhat aware. If anyone has brief well-wishing messages they'd like to send him, please post them to the <imap5 at ietf.org> mailing list, and I'll forward them to Mark's long-term companion, Annie. I will also post updates to that list as I get them. > > > > [The Reply-To for this message is set to <imap5 at ietf.org>, so that replies will go there. You will have to subscribe to that mailing list in order to post to it. You can do that here: > > http://www.ietf.org/mailman/listinfo/imap5 ] > > > > Barry Leiba > > > > _______________________________________________ > > imapext mailing list > > imapext at ietf.org > > https://www.ietf.org/mailman/listinfo/imapext > > > -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20121120/ebf5e0c1/attachment-0002.bin> From doctor at doctor.nl2k.ab.ca Tue Nov 20 04:27:58 2012 From: doctor at doctor.nl2k.ab.ca (The Doctor) Date: Mon, 19 Nov 2012 19:27:58 -0700 Subject: [Dovecot] ACL and SSL In-Reply-To: <50AA76C1.30407@sys4.de> References: <20121118002343.GA18703@doctor.nl2k.ab.ca> <20121119175556.GA21193@doctor.nl2k.ab.ca> <50AA76C1.30407@sys4.de> Message-ID: <20121120022758.GA8370@doctor.nl2k.ab.ca> On Mon, Nov 19, 2012 at 07:13:21PM +0100, Robert Schetterer wrote: > Am 19.11.2012 18:55, schrieb The Doctor: > > /mail) failed: Permission denied (euid=2618(MOEuser) egid=2991(sc) missing +w perm: /usr/home/MOEuser, dir owned by 0:2991 mode=0755 > > seems you got a permisson problem > Found it ! Looks like the user account was missing the mail directory. fail2ban will implement. Now Outlook 2010 reporting repeated mail. Is this a similar issue with OL2003? > > Best Regards > MfG Robert Schetterer > > -- > [*] sys4 AG > > http://sys4.de, +49 (89) 30 90 46 64 > Franziskanerstra?e 15, 81669 M?nchen > > Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 > Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer > Aufsichtsratsvorsitzender: Joerg Heidrich -- Member - Liberal International This is doctor at nl2k.ab.ca Ici doctor at nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Merry Christmas 2012 and Happy New Year 2013 From andre.bischof at rheinsinn.de Tue Nov 20 09:07:10 2012 From: andre.bischof at rheinsinn.de (Andre Bischof) Date: Tue, 20 Nov 2012 08:07:10 +0100 Subject: [Dovecot] users mail folders have to be subscribed Message-ID: <CADLvNSY+rDbOFEdDpkmK6x=o47XDXxNWX6oM9w6pE2WLoLYZNg@mail.gmail.com> Daniel, Am 19.11.2012 23:32 schrieb "Daniel Parthey" < daniel.parthey at informatik.tu-chemnitz.de>: > > Andre Bischof wrote: > > doveadm mailbox subscribe -u user at example.com "*" > > > > Should the user for "-u" be the system user the > > mailboxes belong to or has the user to be written in form of an email > > adress (user at localhost / user at n.dyndns.org)? > > It should be the same userdb username as used for imap login. Thank you. One thing that still doesn't work is subscribing to all mailboxes via "*", I guess because the folder names start with "." but dovecot mailbbox subscribe wants it without a starting "." Any clues how that can be solved? Regards Andre From rs at sys4.de Tue Nov 20 10:53:05 2012 From: rs at sys4.de (Robert Schetterer) Date: Tue, 20 Nov 2012 09:53:05 +0100 Subject: [Dovecot] ACL and SSL In-Reply-To: <20121120022758.GA8370@doctor.nl2k.ab.ca> References: <20121118002343.GA18703@doctor.nl2k.ab.ca> <20121119175556.GA21193@doctor.nl2k.ab.ca> <50AA76C1.30407@sys4.de> <20121120022758.GA8370@doctor.nl2k.ab.ca> Message-ID: <50AB44F1.4070009@sys4.de> Am 20.11.2012 03:27, schrieb The Doctor: > Now Outlook 2010 reporting repeated mail. Is this a similar issue with > OL2003? it doesnt look like general a client issue at all, check your logs for more warnings and errors, outlook(s) may not best clients, but they arent guilty for all Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From skdovecot at smail.inf.fh-brs.de Tue Nov 20 15:53:19 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Tue, 20 Nov 2012 14:53:19 +0100 (CET) Subject: [Dovecot] users mail folders have to be subscribed In-Reply-To: <CADLvNSY+rDbOFEdDpkmK6x=o47XDXxNWX6oM9w6pE2WLoLYZNg@mail.gmail.com> References: <CADLvNSY+rDbOFEdDpkmK6x=o47XDXxNWX6oM9w6pE2WLoLYZNg@mail.gmail.com> Message-ID: <alpine.DEB.2.02.1211201440390.5511@pc-2m63nn> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 20 Nov 2012, Andre Bischof wrote: > Date: Tue, 20 Nov 2012 08:07:10 +0100 > From: Andre Bischof <andre.bischof at rheinsinn.de> > To: dovecot at dovecot.org > Subject: Re: [Dovecot] users mail folders have to be subscribed > > Daniel, > > Am 19.11.2012 23:32 schrieb "Daniel Parthey" < > daniel.parthey at informatik.tu-chemnitz.de>: >> >> Andre Bischof wrote: >>> doveadm mailbox subscribe -u user at example.com "*" >>> >>> Should the user for "-u" be the system user the >>> mailboxes belong to or has the user to be written in form of an email >>> adress (user at localhost / user at n.dyndns.org)? >> >> It should be the same userdb username as used for imap login. > > Thank you. One thing that still doesn't work is subscribing to all > mailboxes via "*", I guess because the folder names start with "." but > dovecot mailbbox subscribe wants it without a starting "." Any clues how > that can be solved? In v2.1.10 doveadm mailbox subscribe -u user at example.com "*" does indeed add the string "*" to the subscription list, hence, one cannot add "all folders" with this wildcard. However, you can use the Unix flexible modular command line system :-) e.g.: doveadm mailbox subscribe -u user at example.com \ $( doveadm mailbox list -u user at example.com ) Make sure to use the same "-u ..." switch. I'm not sure about shared mailboxes by other users. In my test, mailbox list displays them, but subscribe does not add them, but silently ignores them. Other way would be to add subscribed folders into "/home/of/user/Maildir/subscriptions", as you seem to use Maildir. One folder per line. Kind regards, - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUKuLT2oxLS8a3A9mAQKPnwf+NO+Q57UyYqedZ2M3hAf1i+LFgEKJV4JO r6hDQ6kn6qABJc03udiaNrS+1bpLKyhZ+geMBua+qs4UGrMdE/fi0lyI4yvVtCBC mR41EuBvL9Jf5tFtKYG65tAhj6gjSOMAuXL6xwsawXSkrTV/33NFRG5FQ0bZRQvV pcG50V5lvOSXhpM4GqhQwEIurwGef9w8iG2rNxkTaSLWa/5ZaBCg9vFgCE0xs0hg N6aURUsqiebN+AIzzjJDOFwE4cDrH1TUbbGNW3cutjkolf3Jf6cGU96yUGKf4NvA bWv+3i4BUnUQ547DNNV5NNlw2Mz9569dRUyD6WHaiEVCW0Tp6U3iZw== =4zMT -----END PGP SIGNATURE----- From listas.correo at yahoo.es Tue Nov 20 17:54:29 2012 From: listas.correo at yahoo.es (mailing lists) Date: Tue, 20 Nov 2012 15:54:29 +0000 (GMT) Subject: [Dovecot] doveadm fails with passdb authentication binds (dovecot 2.0.16) Message-ID: <1353426869.63536.YahooMailNeo@web171501.mail.ir2.yahoo.com> Hello, I'm testing passdb auth binds with dovecot 2.0.16, but for some reason dovedm fails to work with the configuration showed below. The network trace shows the successful bind for the administrative user (uid=mailapp), but nothing for the mail user (uid=user001). what am i missing here? # doveadm mailbox list -u user001 doveadm(user001): Error: user user001: Auth PASS lookup failed doveadm(user001): Fatal: passdb lookup failed 10-auth.conf: ==================== disable_plaintext_auth = no auth_cache_size = 0 auth_cache_ttl = 0 auth_cache_negative_ttl = 0 auth_mechanisms = plain !include auth-ldap.conf.ext auth-ldap.conf.ext: ===================================== passdb { ? driver = ldap ? args = /etc/dovecot/passdb-dovecot-ldap.conf.ext } userdb { ? driver = ldap ? args = /etc/dovecot/userdb-dovecot-ldap.conf.ext } passdb-dovecot-ldap.conf.ext: ===================================== uris = ldap://ldap.example.com dn = uid=mailapp,ou=People,dc=example,dc=com dnpass = xxxxxxxxxx sasl_bind = no tls = no auth_bind = yes ldap_version = 3 base = dc=example,dc=com deref = never scope = subtree pass_attrs = uid=user pass_filter = (uid=%n) userdb-dovecot-ldap.conf.ext: ==================================== uris = ldap://ldap.example.com dn = uid=mailapp,ou=People,dc=example,dc=com dnpass = xxxxxxxxxx sasl_bind = no tls = no auth_bind = yes ldap_version = 3 base = dc=example,dc=com deref = never scope = subtree user_attrs = mailbox=mail=maildir:/var/maildir/%$,homeFilter=home,mailQuota=quota_rule=*:bytes=%$ user_filter = (&(objectClass=posixAccount)(uid=%n)) pass_attrs = uid=user,userPassword=password,\ ??? mailbox=userdb_mail=maildir:/var/maildir/%$,homeFilter=userdb_home,mailQuota=userdb_quota_rule=*:bytes=%$ pass_filter = (&(objectClass=posixAccount)(uid=%n)) iterate_attrs = uid=user iterate_filter = (objectClass=posixMailAccount) From mathieu at 400iso.net Tue Nov 20 21:10:38 2012 From: mathieu at 400iso.net (Mathieu R.) Date: Tue, 20 Nov 2012 20:10:38 +0100 Subject: [Dovecot] Need help for configure sieve Message-ID: <5f92c95abae1b9ffe8d39bc5edd267c2@400iso.net> Hello, i just did set up a mail server with postfix+dovecot+mysql+roundcube everything work fine. Now i'm trying to configure dovecot to get sieve working, and i probably missing something, cause i can not get it to fall in work... Thanks in advance, if you can help me a bit... here is my dovecot (2.1.10) conf : 20:07 root at curzio /home/mathieu # dovecot -n # 2.1.10: /etc/dovecot/dovecot.conf # OS: Linux 3.2.30-xenU-7157-x86_64 x86_64 Arch Linux mail_home = /srv/vmail/%d/%u mail_location = maildir:~ managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 sieve service auth { unix_listener auth-client { group = postfix mode = 0660 user = postfix } user = root } ssl_cert = </etc/ssl/private/server.crt ssl_key = </etc/ssl/private/server.key userdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } protocol lda { mail_plugins = " sieve" } here is my postfix conf : 20:07 root at curzio /home/mathieu # postconf -n alias_database = $alias_maps alias_maps = hash:/etc/postfix/aliases broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/lib/postfix data_directory = /var/lib/postfix debug_peer_level = 2 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5 html_directory = no inet_protocols = ipv4 local_recipient_maps = $virtual_mailbox_maps local_transport = virtual mail_owner = postfix mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man newaliases_path = /usr/bin/newaliases queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix relay_domains = * sample_directory = /etc/postfix/sample sendmail_path = /usr/sbin/sendmail setgid_group = postdrop smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $mydomain smtpd_sasl_path = /var/run/dovecot/auth-client smtpd_sasl_security_options = noanonymous smtpd_sasl_tls_security_options = $smtpd_sasl_security_options smtpd_sasl_type = dovecot smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/ssl/private/server.crt smtpd_tls_key_file = /etc/ssl/private/server.key smtpd_tls_loglevel = 1 transport_maps = hash:/etc/postfix/transport unknown_local_recipient_reject_code = 550 virtual_alias_maps = proxy:mysql:/etc/postfix/virtual_alias_maps.cf virtual_gid_maps = static:5000 virtual_mailbox_base = /srv/vmail virtual_mailbox_domains = proxy:mysql:/etc/postfix/virtual_domains_maps.cf virtual_mailbox_limit = 512000000 virtual_mailbox_maps = proxy:mysql:/etc/postfix/virtual_mailbox_maps.cf virtual_minimum_uid = 5000 virtual_transport = virtual virtual_uid_maps = static:5000 i use the roundcube plugin managesieve, wich seems to work correctly. -- Mathieu R. From user+dovecot at localhost.localdomain.org Tue Nov 20 21:51:26 2012 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Tue, 20 Nov 2012 20:51:26 +0100 Subject: [Dovecot] Need help for configure sieve In-Reply-To: <5f92c95abae1b9ffe8d39bc5edd267c2@400iso.net> References: <5f92c95abae1b9ffe8d39bc5edd267c2@400iso.net> Message-ID: <50ABDF3E.2040605@localhost.localdomain.org> On 11/20/2012 08:10 PM Mathieu R. wrote: > ? > Now i'm trying to configure dovecot to get sieve working, and i > probably missing something, cause i can not get it to fall in work... > > Thanks in advance, if you can help me a bit... > > here is my dovecot (2.1.10) conf : > > > 20:07 root at curzio /home/mathieu # dovecot -n > # 2.1.10: /etc/dovecot/dovecot.conf > # OS: Linux 3.2.30-xenU-7157-x86_64 x86_64 Arch Linux > ? > protocol lda { > mail_plugins = " sieve" > } > > > here is my postfix conf : > 20:07 root at curzio /home/mathieu # postconf -n > ? > transport_maps = hash:/etc/postfix/transport > ? > ? > virtual_transport = virtual > ? > > > i use the roundcube plugin managesieve, wich seems to work correctly. What is the content of your /etc/postfix/transport? "virtual_transport = virtual" let Postfix deliver your mails to the mail store. You have to use Dovecot's LMTP <http://master.wiki2.dovecot.org/HowTo/PostfixDovecotLMTP> or Dovecot's LDA <http://master.wiki2.dovecot.org/LDA/Postfix> in order to apply Sieve rules on mail delivery. Regards, Pascal -- The trapper recommends today: cafebabe.1232520 at localdomain.org From mathieu at 400iso.net Tue Nov 20 22:01:18 2012 From: mathieu at 400iso.net (Mathieu R.) Date: Tue, 20 Nov 2012 21:01:18 +0100 Subject: [Dovecot] Need help for configure sieve In-Reply-To: <50ABDF3E.2040605@localhost.localdomain.org> References: <5f92c95abae1b9ffe8d39bc5edd267c2@400iso.net> <50ABDF3E.2040605@localhost.localdomain.org> Message-ID: <591e65f27a23bef233371ba237841cb3@400iso.net> Le 20/11/2012 20:51, Pascal Volk a ?crit?: > On 11/20/2012 08:10 PM Mathieu R. wrote: >> ? >> Now i'm trying to configure dovecot to get sieve working, and i >> probably missing something, cause i can not get it to fall in >> work... >> >> Thanks in advance, if you can help me a bit... >> >> here is my dovecot (2.1.10) conf : >> >> >> 20:07 root at curzio /home/mathieu # dovecot -n >> # 2.1.10: /etc/dovecot/dovecot.conf >> # OS: Linux 3.2.30-xenU-7157-x86_64 x86_64 Arch Linux >> ? >> protocol lda { >> mail_plugins = " sieve" >> } >> >> >> here is my postfix conf : >> 20:07 root at curzio /home/mathieu # postconf -n >> ? >> transport_maps = hash:/etc/postfix/transport >> ? >> ? >> virtual_transport = virtual >> ? >> >> >> i use the roundcube plugin managesieve, wich seems to work >> correctly. > > What is the content of your /etc/postfix/transport? it's empty, come with archlinux default conf. > > "virtual_transport = virtual" let Postfix deliver your mails to the > mail > store. > > You have to use Dovecot's LMTP > <http://master.wiki2.dovecot.org/HowTo/PostfixDovecotLMTP> or > Dovecot's > LDA <http://master.wiki2.dovecot.org/LDA/Postfix> in order to apply > Sieve rules on mail delivery. i added dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/local/libexec/dovecot/dovecot-lda -f ${sender} -d ${recipient} in master.cf in order to use LDA, is that enough ? > > > Regards, > Pascal -- Mathieu R. From user+dovecot at localhost.localdomain.org Tue Nov 20 22:10:03 2012 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Tue, 20 Nov 2012 21:10:03 +0100 Subject: [Dovecot] Need help for configure sieve In-Reply-To: <591e65f27a23bef233371ba237841cb3@400iso.net> References: <5f92c95abae1b9ffe8d39bc5edd267c2@400iso.net> <50ABDF3E.2040605@localhost.localdomain.org> <591e65f27a23bef233371ba237841cb3@400iso.net> Message-ID: <50ABE39B.5070103@localhost.localdomain.org> On 11/20/2012 09:01 PM Mathieu R. wrote: > i added > > dovecot unix - n n - - pipe > flags=DRhu user=vmail:vmail > argv=/usr/local/libexec/dovecot/dovecot-lda -f ${sender} -d ${recipient} > > in master.cf in order to use LDA, is that enough ? > don't forget: postconf -e virtual_transport=dovecot: postfix reload Regards, Pascal -- The trapper recommends today: 5e1f1e55.1232521 at localdomain.org From beber at meleeweb.net Tue Nov 20 22:56:03 2012 From: beber at meleeweb.net (Bertrand Jacquin) Date: Tue, 20 Nov 2012 21:56:03 +0100 Subject: [Dovecot] v2.1.10: Director director_servers order issue Message-ID: <20121120205603.GA1789@lemonhead.scabb> Hi, I'm setting up an IMAP/POP cluster using dovecot director for some NFS reasons and I'm getting some troubles with director_servers directive. Configuration is shared on both nodes : director_servers = 10.0.50.50 10.0.50.51 director_mail_servers = 192.168.0.150 192.168.0.151 director_user_expire = 15 min service director { unix_listener login/director { mode = 0666 } fifo_listener login/proxy-notify { mode = 0600 user = $default_login_user } unix_listener director-userdb { mode = 0600 } inet_listener { port = 9090 } } service ipc { unix_listener ipc { user = $default_login_user } } Here 10.0.50.50 is node1, 10.0.50.51 is node2 # ring status on node1 director ip port type last failed 10.0.50.50 9090 self never 10.0.50.51 9090 never # ring status on node2 director ip port type last failed 10.0.50.50 9090 self never 10.0.50.51 9090 never self is the same on both nodes, and that generate some cases that can be observed on logs : # logs on node1 dovecot: director: Error: Remote director thinks it's someone else (connected to 10.0.50.51:9090, remote says it's 10.0.50.50:9090) And this is true, TCP packet contain bad DATA : # tcpdump -i eth0 -nn src host 10.0.50.51 and port 9090 -s 0 -w - -l | strings | egrep '^ME' ME 10.0.50.50 9090 # logs on node2 dovecot: director: Error: connect(10.0.50.51:9090) failed: Invalid argument Invalid argument is present as bind() is not done with the appropriate IP : # strace -p 6063 -fF -s 1024 -e trace=bind,connect bind(28, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("10.0.50.50")}, 16) = 0 connect(28, {sa_family=AF_INET, sin_port=htons(9090), sin_addr=inet_addr("10.0.50.51")}, 16) = -1 EINVAL (Invalid argument) Also, during this time, CPU is ~100% used. bind() is done with node1 IP address. I also tested using a DNS : director_servers = director-all director-all is two A entries, first containing 10.0.50.50, second 10.0.50.51 and the result here is exactly the same. Using two configurations : # director_servers on node1 director_servers = 10.0.50.50 10.0.50.51 # director_servers on node2 director_servers = 10.0.50.51 10.0.50.50 Give the same result as showed before : # ring status on node1 director ip port type last failed 10.0.50.50 9090 self never 10.0.50.51 9090 never # ring status on node2 director ip port type last failed 10.0.50.50 9090 self never 10.0.50.51 9090 never It seems that first sorted entry in director_servers is considered as "self". I'm using dovecot 2.1.10-0~auto+55 debian package from rename-it repository. Thanks for your help. -- Beber -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121120/3cad8bb1/attachment-0002.bin> From mathieu at 400iso.net Wed Nov 21 00:08:52 2012 From: mathieu at 400iso.net (Mathieu R.) Date: Tue, 20 Nov 2012 23:08:52 +0100 Subject: [Dovecot] Need help for configure sieve In-Reply-To: <50ABE39B.5070103@localhost.localdomain.org> References: <5f92c95abae1b9ffe8d39bc5edd267c2@400iso.net> <50ABDF3E.2040605@localhost.localdomain.org> <591e65f27a23bef233371ba237841cb3@400iso.net> <50ABE39B.5070103@localhost.localdomain.org> Message-ID: <babad5ee75be26067052f340f26bedd4@400iso.net> Le 20/11/2012 21:10, Pascal Volk a ?crit?: > On 11/20/2012 09:01 PM Mathieu R. wrote: >> i added >> >> dovecot unix - n n - - pipe >> flags=DRhu user=vmail:vmail >> argv=/usr/local/libexec/dovecot/dovecot-lda -f ${sender} -d >> ${recipient} >> >> in master.cf in order to use LDA, is that enough ? >> > > don't forget: > > postconf -e virtual_transport=dovecot: > postfix reload just did what you tell me, broke my config (gave me : virtual_transport = dovecot: and then got that error : 2012-11-20T22:03:23.108392+00:00 localhost pipe[28359] fatal: pipe_command: execvp /usr/local/libexec/dovecot/dovecot-lda: No such file or directory switched back to previous config... > > > Regards, > Pascal -- Mathieu R. From user+dovecot at localhost.localdomain.org Wed Nov 21 00:11:16 2012 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Tue, 20 Nov 2012 23:11:16 +0100 Subject: [Dovecot] Need help for configure sieve In-Reply-To: <babad5ee75be26067052f340f26bedd4@400iso.net> References: <5f92c95abae1b9ffe8d39bc5edd267c2@400iso.net> <50ABDF3E.2040605@localhost.localdomain.org> <591e65f27a23bef233371ba237841cb3@400iso.net> <50ABE39B.5070103@localhost.localdomain.org> <babad5ee75be26067052f340f26bedd4@400iso.net> Message-ID: <50AC0004.2080301@localhost.localdomain.org> On 11/20/2012 11:08 PM Mathieu R. wrote: > Le 20/11/2012 21:10, Pascal Volk a ?crit : >> On 11/20/2012 09:01 PM Mathieu R. wrote: >>> i added >>> >>> dovecot unix - n n - - pipe >>> flags=DRhu user=vmail:vmail >>> argv=/usr/local/libexec/dovecot/dovecot-lda -f ${sender} -d >>> ${recipient} >>> >>> in master.cf in order to use LDA, is that enough ? >>> >> >> don't forget: >> >> postconf -e virtual_transport=dovecot: >> postfix reload > > just did what you tell me, broke my config (gave me : virtual_transport > = dovecot: and then got that error : > > 2012-11-20T22:03:23.108392+00:00 localhost pipe[28359] fatal: > pipe_command: execvp /usr/local/libexec/dovecot/dovecot-lda: No such > file or directory > > switched back to previous config... Are you sure your dovecot-lda binary is located in /usr/local/libexec/dovecot/? You have to use an existing path - not just copy and paste something. Regards, Pascal -- The trapper recommends today: face1e55.1232523 at localdomain.org From mathieu at 400iso.net Wed Nov 21 00:53:36 2012 From: mathieu at 400iso.net (Mathieu R.) Date: Tue, 20 Nov 2012 23:53:36 +0100 Subject: [Dovecot] Need help for configure sieve In-Reply-To: <50AC0004.2080301@localhost.localdomain.org> References: <5f92c95abae1b9ffe8d39bc5edd267c2@400iso.net> <50ABDF3E.2040605@localhost.localdomain.org> <591e65f27a23bef233371ba237841cb3@400iso.net> <50ABE39B.5070103@localhost.localdomain.org> <babad5ee75be26067052f340f26bedd4@400iso.net> <50AC0004.2080301@localhost.localdomain.org> Message-ID: <cd1638cdebaa43febc318a8f46d07893@400iso.net> Le 20/11/2012 23:11, Pascal Volk a ?crit?: > On 11/20/2012 11:08 PM Mathieu R. wrote: >> Le 20/11/2012 21:10, Pascal Volk a ?crit : >>> On 11/20/2012 09:01 PM Mathieu R. wrote: >>>> i added >>>> >>>> dovecot unix - n n - - pipe >>>> flags=DRhu user=vmail:vmail >>>> argv=/usr/local/libexec/dovecot/dovecot-lda -f ${sender} -d >>>> ${recipient} >>>> >>>> in master.cf in order to use LDA, is that enough ? >>>> >>> >>> don't forget: >>> >>> postconf -e virtual_transport=dovecot: >>> postfix reload >> >> just did what you tell me, broke my config (gave me : >> virtual_transport >> = dovecot: and then got that error : >> >> 2012-11-20T22:03:23.108392+00:00 localhost pipe[28359] fatal: >> pipe_command: execvp /usr/local/libexec/dovecot/dovecot-lda: No such >> file or directory >> >> switched back to previous config... > > > Are you sure your dovecot-lda binary is located in > /usr/local/libexec/dovecot/? > You have to use an existing path - not just copy and paste something. of course you're right, i was stupid. corrected the path (to /usr/lib/dovecot/dovecot-lda), executed postconf -e virtual_transport=dovecot: postfix reload and got this error now : 2012-11-20T22:50:03.121109+00:00 localhost postfix/pipe[28785]: 7D9F825269: to=<mathieu at 400iso.net>, relay=dovecot, de lay=8620, delays=8619/0.06/0/0.07, dsn=4.3.0, status=deferred (temporary failure. Command output: lda: Error: user mat hieu at 400iso.net: Error reading configuration: Invalid settings: postmaster_address setting not given lda: Fatal: Inter nal error occurred. Refer to server log for more information. ) thank a lot for your help > > > Regards, > Pascal -- Mathieu R. From user+dovecot at localhost.localdomain.org Wed Nov 21 00:57:52 2012 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Tue, 20 Nov 2012 23:57:52 +0100 Subject: [Dovecot] Need help for configure sieve In-Reply-To: <cd1638cdebaa43febc318a8f46d07893@400iso.net> References: <5f92c95abae1b9ffe8d39bc5edd267c2@400iso.net> <50ABDF3E.2040605@localhost.localdomain.org> <591e65f27a23bef233371ba237841cb3@400iso.net> <50ABE39B.5070103@localhost.localdomain.org> <babad5ee75be26067052f340f26bedd4@400iso.net> <50AC0004.2080301@localhost.localdomain.org> <cd1638cdebaa43febc318a8f46d07893@400iso.net> Message-ID: <50AC0AF0.30900@localhost.localdomain.org> On 11/20/2012 11:53 PM Mathieu R. wrote: > > and got this error now : > ? lda: Error: user mathieu at 400iso.net: Error reading configuration: Invalid settings: > postmaster_address setting not given ? You have to configure a valid postmaster_address in conf.d/15-lda.conf Regards, Pascal -- The trapper recommends today: face1e55.1232523 at localdomain.org From mathieu at 400iso.net Wed Nov 21 01:00:37 2012 From: mathieu at 400iso.net (Mathieu R.) Date: Wed, 21 Nov 2012 00:00:37 +0100 Subject: [Dovecot] Need help for configure sieve In-Reply-To: <50AC0AF0.30900@localhost.localdomain.org> References: <5f92c95abae1b9ffe8d39bc5edd267c2@400iso.net> <50ABDF3E.2040605@localhost.localdomain.org> <591e65f27a23bef233371ba237841cb3@400iso.net> <50ABE39B.5070103@localhost.localdomain.org> <babad5ee75be26067052f340f26bedd4@400iso.net> <50AC0004.2080301@localhost.localdomain.org> <cd1638cdebaa43febc318a8f46d07893@400iso.net> <50AC0AF0.30900@localhost.localdomain.org> Message-ID: <8133e84c1059fa344dee37994bdf0c47@400iso.net> Le 20/11/2012 23:57, Pascal Volk a ?crit?: > On 11/20/2012 11:53 PM Mathieu R. wrote: >> >> and got this error now : >> ? lda: Error: user mathieu at 400iso.net: Error reading configuration: >> Invalid settings: >> postmaster_address setting not given ? > > You have to configure a valid postmaster_address in > conf.d/15-lda.conf > > > Regards, > Pascal just made it falling in work... thanks a lot, again -- Mathieu R. From dave at boostpro.com Wed Nov 21 04:30:39 2012 From: dave at boostpro.com (Dave Abrahams) Date: Tue, 20 Nov 2012 21:30:39 -0500 Subject: [Dovecot] [BUMP] Unanswered: how to force FTS indexing? References: <m2pq43k7n3.fsf@cone.luannocracy.com> <508C9C8A.8000309@hardwarefreak.com> <m2vcdpfkz7.fsf@cone.luannocracy.com> <m2zk2knsnf.fsf_-_@cone.luannocracy.com> <50A5B666.9090507@amfes.com> <m2zk2hnu3r.fsf@cube.luannocracy.com> <50A73047.7080706@amfes.com> <m2k3tjgdrb.fsf@boostpro.com> <assp.06705d8db5.50AA8830.9000903@amfes.com> Message-ID: <m2wqxfelgw.fsf@boostpro.com> on Mon Nov 19 2012, "Daniel L. Miller" <dmiller-AT-amfes.com> wrote: > On 11/18/2012 6:57 AM, Dave Abrahams wrote: >> I take it back; I'm not sure if "doveadm search" causes re-indexing. >> However, I *know* issuing a search command from a Python IMAP library >> doesn't do so. >> > > That indicates something else is broken - unless my Dovecot > understanding is totally off (which is always possible, even likely). > To my knowledge, until the relatively recent support for the "doveadm > index" command, the primary and indeed only way to index was to > perform a search. When Dovecot receives a search request, whether > passed by IMAP or through the doveadm backdoor, if the mailbox isn't > current then any new mails are supposed to be added to the index in > the course of the search. If that doesn't happen - then I think > something is broken in your setup. Well, perhaps I didn't satisfy the "mailbox isn't current" criterion. All I had done was to delete the FTS indices when I tried this. -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From timor at o2.pl Wed Nov 21 12:15:31 2012 From: timor at o2.pl (Tomek) Date: Wed, 21 Nov 2012 11:15:31 +0100 Subject: [Dovecot] Proxy to join two accounts Message-ID: <50ACA9C3.9000004@o2.pl> Hello, I have server with IMAP on dovecot for user mails and second server on archiveopteryx as mail archive. I'm wondering if it's possible to make some sort of proxy to these two servers in way where: - dovecot server will be main IMAP service with INBOX, etc - I want archiveopteryx account to be something like shared folder with read only access (no delete, no move, etc) in path ex. /archive/user.name - this proxy mappings should allow adding few archive accounts to one user (in case of people replacement) + it will be cool if this mappings could be defined in database so I could write tools to manage archive access for bosses. Is such case possible to achieve with dovecot (any howto or example would be very helpful)? If not - do you know any proxy tools that could allow such configuration? Thanks for any help. Regards, Tomek. From CMarcus at Media-Brokers.com Wed Nov 21 14:02:55 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 21 Nov 2012 07:02:55 -0500 Subject: [Dovecot] v2.1 memory usage In-Reply-To: <50A14EA1.3050307@wildgooses.com> References: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> <1352151633.13571.116.camel@hurina> <1352157757.13571.121.camel@hurina> <50992C33.8030505@wildgooses.com> <5A7F7F7A-9CEB-4A20-B03C-99EE81351114@iki.fi> <50A04CAE.5040608@amfes.com> <50A04EFA.1080202@thelounge.net> <assp.1663a3b60b.f55349df7c455907404f9b76b8a6809e@amfes.com> <50A14EA1.3050307@wildgooses.com> Message-ID: <50ACC2EF.6060203@Media-Brokers.com> On 2012-11-12 2:31 PM, Ed W <lists at wildgooses.com> wrote: > Openssl is a *massive* project and I'm unsure that gnutls is much > smaller... We should assume that both are quite scary from a > "security" point of view. Licensing is the main thing which divides > them, gnutls is stated as GPL compatible (however, the nominal > incompatibility of openssl seems difficult to understand?) > > OpenVPN integrated with PolarSSL and got Dutch government official > approval for the combined package. I think elsewhere it's stated that > openssl would not have been approved because something like the > codebase was too large to inspect and sign off > http://polarssl.org/news?item=0132 > > I haven't worked with PolarSSL, so no idea, but it's massively smaller > codebase is likely attractive if you are the kind of person who > actually *does* security audits on the software you run in secure > situations. > > Openssl is just a complete swiss army knife of tools! Very interesting... I'd certainly be interested in switching to it, as long as the most common tools are supported Is it considered a drop in replacement for OpenSSL? -- Best regards, Charles From ramon.frontera at uib.es Wed Nov 21 15:05:17 2012 From: ramon.frontera at uib.es (Ramon Frontera) Date: Wed, 21 Nov 2012 14:05:17 +0100 Subject: [Dovecot] Dovecot director doveadm with switch "-A" error Message-ID: <453DDEEC-1372-40D2-ADD5-00F56904C52A@uib.es> Hi, we have a problem with our director proxy configuration. When we run on proxy server the doveadm command with -A switch, fails with the error: # doveadm -D quota get -A doveadm(user1): Debug: auth input: user=user1 proxy starttls=any-cert doveadm(user1): Error: Proxy is missing destination host doveadm: Error: Failed to iterate through some users If we execute the command with a single user, director assigns host and goes well, Example: # doveadm -D quota get -u user1 doveadm(user1): Debug: auth input: user=user1 proxy starttls=any-cert host=xx.xx.xx.xx proxy_refresh=450 Quota name Type Value Limit % User quota STORAGE 159401 2621440 6 User quota MESSAGE 341 - 0 We have tried different configurations and all goes wrong with this "-A" switch, Timo please, could you tell us if we have a missconfiguration or its a possible director bug ?? We really want execute the expire plugin on ours directors and them redirect to the backends servers of every user. thanks in advance. Our doveconf -n: # dovecot -n # 2.1.10: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-279.14.1.el6.x86_64 x86_64 CentOS release 6.3 (Final) auth_cache_size = 3 k auth_cache_ttl = 15 mins auth_debug = yes auth_verbose = yes base_dir = /var/run/dovecot/ default_client_limit = 30000 default_process_limit = 5000 dict { expire = mysql:/etc/dovecot/dovecot-dict-expire.conf.ext } director_doveadm_port = 990 director_mail_servers = mailserver1 mailserver2 director_servers = proxy1 doveadm_proxy_port = 24245 lmtp_proxy = yes mail_debug = yes mail_plugins = expire quota managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace inbox { location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-ldap-users.conf.ext driver = ldap } plugin { expire = Trash expire2 = Trash/* expire_dict = proxy::expire } postmaster_address = postmaster<at>company protocols = imap pop3 lmtp sieve service auth { client_limit = 27048 unix_listener /var/spool/postfix/private/auth { mode = 0666 } unix_listener auth-userdb { group = dovecot mode = 0660 } } service director { fifo_listener login/proxy-notify { mode = 0600 user = $default_login_user } inet_listener { port = 9090 } unix_listener director-userdb { mode = 0660 } unix_listener login/director { mode = 0666 } } service doveadm { executable = doveadm-server director inet_listener doveadm-server { port = 24245 } } service imap-login { executable = imap-login director inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } } service ipc { unix_listener ipc { user = dovecot } } service lmtp { client_limit = 1 inet_listener lmtp { port = 30025 } } service managesieve-login { executable = managesieve-login director } service pop3-login { executable = pop3-login director inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } } ssl = required ssl_cert = </etc/pki/tls/certs/imap.crt ssl_key = </etc/pki/tls/private/imap.uib.es_privatekey.pem syslog_facility = local1 userdb { driver = prefetch } userdb { args = /etc/dovecot/dovecot-ldap-users.conf.ext driver = ldap } verbose_proctitle = yes protocol lmtp { auth_socket_path = director-userdb mail_plugins = expire quota sieve quota passdb { args = /etc/dovecot/dovecot-ldap-pass.conf.lmtp driver = ldap } } protocol doveadm { auth_socket_path = director-userdb } protocol imap { mail_max_userip_connections = 20 mail_plugins = expire quota } protocol pop3 { pop3_client_workarounds = outlook-no-nuls oe-ns-eoh } local ip/24/24 { doveadm_password = supersecretpassword } -- ------------------------------------------ Ramon Frontera Gallardo Universitat de les Illes Balears From tibby at tibby.hu Wed Nov 21 16:23:41 2012 From: tibby at tibby.hu (tibby at tibby.hu) Date: Wed, 21 Nov 2012 15:23:41 +0100 Subject: [Dovecot] Autocreate No namespace for Problem Message-ID: <2a18f5a901122a66ca063fa0e2122c4f@tibby.hu> Hi! I see this in the log: autocreate: No namespace found for Trash autocreate: No namespace found for Spam autocreate: No namespace found for Sent autocreate: No namespace found for Trash autocreate: No namespace found for Spam autocreate: No namespace found for Sent Why do I get this error ? Do I need to create a separate namespace for every folder? The config file looks like this: namespace private { separator = . prefix = INBOX. inbox = yes subscriptions = yes list = yes } ... plugin { autocreate = Trash autocreate2 = Spam autocreate3 = Sent autosubscribe = Trash autosubscribe2 = Spam autosubscribe3 = Sent } Thanks! From rs at sys4.de Wed Nov 21 16:41:14 2012 From: rs at sys4.de (Robert Schetterer) Date: Wed, 21 Nov 2012 15:41:14 +0100 Subject: [Dovecot] Autocreate No namespace for Problem In-Reply-To: <2a18f5a901122a66ca063fa0e2122c4f@tibby.hu> References: <2a18f5a901122a66ca063fa0e2122c4f@tibby.hu> Message-ID: <50ACE80A.8050207@sys4.de> Am 21.11.2012 15:23, schrieb tibby at tibby.hu: > Hi! > > I see this in the log: > autocreate: No namespace found for Trash > autocreate: No namespace found for Spam > autocreate: No namespace found for Sent > autocreate: No namespace found for Trash > autocreate: No namespace found for Spam > autocreate: No namespace found for Sent > > Why do I get this error ? > Do I need to create a separate namespace for every folder? > > The config file looks like this: > namespace private { > separator = . > prefix = INBOX. > inbox = yes > subscriptions = yes > list = yes > } > ... > plugin { > autocreate = Trash > autocreate2 = Spam > autocreate3 = Sent > autosubscribe = Trash > autosubscribe2 = Spam > autosubscribe3 = Sent > } > > Thanks! > just a guess try autocreate = INBOX.Trash cause you did prefix = INBOX. Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From egbert at vandenbussche.nl Wed Nov 21 16:58:31 2012 From: egbert at vandenbussche.nl (Egbert) Date: Wed, 21 Nov 2012 15:58:31 +0100 Subject: [Dovecot] XMLRPC anyone? Message-ID: <50ACEC17.5090504@vandenbussche.nl> Hi, Is there any code around that lets Dovecot (2.x) aauthenticate via a XMLRPC server (which connects to a LDAP server) instead of going directly to a LDAP server? It could give much more flexibility. TIA Egbert Jan, NL From andreas.kasenides at cs.ucy.ac.cy Wed Nov 21 19:34:55 2012 From: andreas.kasenides at cs.ucy.ac.cy (Andreas Kasenides) Date: Wed, 21 Nov 2012 19:34:55 +0200 Subject: [Dovecot] Filesystem quotas Message-ID: <50AD10BF.8040500@cs.ucy.ac.cy> I could not determine if when using filesystem quotas (http://wiki2.dovecot.org/Quota/FS) Dovecot will use the reported quota and limits without the need of configuring them via "quota_rules". Is this possible somehow? Such a feature would determine the quota limits automatically from the filesystem quotas thereby allowing to make use of them in quota warnings. Dovecot already knows the quota settings and limits. Here is evidence from the logs > Nov 21 19:24:22 iolaos dovecot: imap(user): Debug: box=/Mail/ank > mount=/newmail match=yes > Nov 21 19:24:22 iolaos dovecot: imap(user): Debug: quota-fs: > host=xxxx.xxxx.ucy.xx.cy, path=/mail, uid=211, bytes > Nov 21 19:24:22 iolaos dovecot: imap(user): Debug: quota-fs: uid=211, > value=2779115520, limit=8388608000 I am using (testing) version 2.2alpha1. Thankx. -- Andreas Kasenides Senior IT Officer University of Cyprus, Dept. of Computer Science Tel: 22892714, Fax: 22892701 From pzucchi at gmail.com Thu Nov 22 10:46:34 2012 From: pzucchi at gmail.com (Piero Zucchi) Date: Thu, 22 Nov 2012 09:46:34 +0100 Subject: [Dovecot] imap_acl and osx 10.7 Message-ID: <CA+rZbg4cAbJRefQF-AkvQtHvXNxJrgbpe=wfXnj_Uob6q1KtVQ@mail.gmail.com> Hello everybody, I'm trying to setup public folder with ACLs on a Lion Server 10.7.5 unfortunately it seems that the imap_acl plugin is not loaded properly do you have any advice? cheers Piero This is what i get from the log with imap_acl plugin enabled in protocol imap?{ } Log file: imap: Debug: Loading modules from directory: /usr/lib/dovecot Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: dlopen(/usr/lib/dovecot/lib02_imap_acl_plugin.so) failed: dlopen(/usr/lib/dovecot/lib02_imap_acl_plugin.so, 10): Symbol not found: _acl_user_module Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: Referenced from: /usr/lib/dovecot/lib02_imap_acl_plugin.so Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: Expected in: flat namespace Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: in /usr/lib/dovecot/lib02_imap_acl_plugin.so Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Fatal: Couldn't load required plugins Nov 22 09:08:14 xserve04 dovecot[43220]: master: Error: service(imap): command startup failed, throttling dovecot config # 2.0.16apple1: /etc/dovecot/dovecot.conf # OS: Darwin 11.4.2 x86_64 acfs auth_debug = yes auth_debug_passwords = yes auth_gssapi_hostname = $ALL auth_mechanisms = cram-md5 x-plain-submit apop gssapi plain login auth_socket_path = /var/run/dovecot/auth-userdb auth_username_format = %n default_internal_user = _dovecot default_login_user = _dovenull disable_plaintext_auth = no first_valid_gid = 6 first_valid_uid = 6 hostname = mail.customer.com mail_access_groups = mail mail_debug = yes mail_location = maildir:/Volumes/XsanVolume/Mail/%u mail_log_prefix = "%s(pid %p user %u): " mail_plugins = quota zlib fts fts_sk acl managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mdbox_rotate_size = 200 M namespace { inbox = yes location = prefix = separator = / type = private } namespace { hidden = yes list = children location = maildir:/Volumes/XsanVolume/Mail/Condivise/Interno:CONTROL=/Volumes/XsanVolume/Mail/Condivise/Indexes/%u/shared_Interno:INDEX=/Volumes/XsanVolume/Mail/Condivise/Indexes/%u/shared_Interno prefix = Interno/ separator = / subscriptions = no type = public } passdb { args = /etc/dovecot/submit.passdb driver = passwd-file pass = yes submit = yes } passdb { driver = od } plugin { acl = vfile fts = sk quota = maildir:User quota quota_warning = storage=100%% quota-exceeded %u quota_warning2 = storage=80%% quota-warning %u sieve = /Library/Server/Mail/Data/rules/%u/dovecot.sieve sieve_dir = /Library/Server/Mail/Data/rules/%u } postmaster_address = postmaster at xserve04.customer.com protocols = imap pop3 lmtp sieve quota_full_tempfail = yes service auth { extra_groups = _keytabusers idle_kill = 15 mins } service dns_client { unix_listener dns-client { mode = 0600 } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } service_count = 0 } service imap-postlogin { executable = script-login -d /etc/dovecot/acl_groups.sh unix_listener imap-postlogin { group = mail mode = 0600 user = _dovecot } user = _dovecot } service imap { client_limit = 5 executable = imap imap-postlogin process_limit = 200 service_count = 0 } service lmtp { unix_listener lmtp { mode = 0600 } } service managesieve-login { inet_listener sieve { port = 4190 } inet_listener sieve_deprecated { port = 2000 } } service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } } service pop3 { client_limit = 5 process_limit = 200 service_count = 0 } service quota-exceeded { executable = script /usr/libexec/dovecot/quota-exceeded.sh unix_listener quota-exceeded { group = mail mode = 0660 user = _dovecot } user = _dovecot } service quota-warning { executable = script /usr/libexec/dovecot/quota-warning.sh unix_listener quota-warning { group = mail mode = 0660 user = _dovecot } user = _dovecot } ssl_ca = </etc/certificates/xserve04.customer.com.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.chain.pem ssl_cert = </etc/certificates/xserve04.customer.com.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.cert.pem ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL:!ADH:!eNULL ssl_key = </etc/certificates/xserve04.customer.com.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.key.pem ssl_key_path = /etc/certificates/xserve04.customer.com.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.key.pem syslog_facility = local6 userdb { args = partition=/etc/dovecot/partition_map.conf enforce_quotas=yes driver = od } verbose_proctitle = yes protocol lmtp { mail_plugins = quota zlib fts fts_sk sieve } protocol lda { mail_plugins = quota zlib fts fts_sk sieve } protocol imap { imap_id_log = * imap_id_send = "name" * "version" * mail_max_userip_connections = 20 mail_plugins = quota zlib fts fts_sk imap_quota imap_zlib imap_fts imap_acl urlauth } protocol pop3 { mail_max_userip_connections = 6 } -- Piero Zucchi Apple Certified Trainer Apple Certified Specialist Professional 10.8 Apple Certified Technical Coordinator 10.7 Apple Certified System Administrator 10.6 Apple Certified Technical Coordinator 10.6 Apple Certified Specialist - Mac Os X Directory Services 10.6 Apple Certified Specialist - Mobility and Security 10.6 Apple Certified System Administrator 10.5 Apple Certified Technical Coordinator 10.5 Apple Certified Support Professional 10.5 Apple Certified Pro - Final Cut Pro 7, Level 1 From andre.bischof at rheinsinn.de Thu Nov 22 10:53:45 2012 From: andre.bischof at rheinsinn.de (Andre Bischof) Date: Thu, 22 Nov 2012 09:53:45 +0100 Subject: [Dovecot] users mail folders have to be subscribed In-Reply-To: <alpine.DEB.2.02.1211201440390.5511@pc-2m63nn> References: <CADLvNSY+rDbOFEdDpkmK6x=o47XDXxNWX6oM9w6pE2WLoLYZNg@mail.gmail.com> <alpine.DEB.2.02.1211201440390.5511@pc-2m63nn> Message-ID: <CADLvNSapszKO3XbMa7ovF8xqdAD6Pz5-tny1t2ZuwwqWtgHB6w@mail.gmail.com> Steffen, 2012/11/20 Steffen Kaiser <skdovecot at smail.inf.fh-brs.de> > ... >> >> Thank you. One thing that still doesn't work is subscribing to all >> mailboxes via "*", I guess because the folder names start with "." but >> dovecot mailbbox subscribe wants it without a starting "." Any clues how >> that can be solved? >> > > > In v2.1.10 > > > doveadm mailbox subscribe -u user at example.com "*" > > does indeed add the string "*" to the subscription list, hence, one cannot > add "all folders" with this wildcard. > > However, you can use the Unix flexible modular command line system :-) > e.g.: > > doveadm mailbox subscribe -u user at example.com \ > $( doveadm mailbox list -u user at example.com ) > > ... That's smart! I solved it a similar way yesterday evening using a loop (found it via google), but your way is even shorter. Regards Andre From rs at sys4.de Thu Nov 22 11:00:08 2012 From: rs at sys4.de (Robert Schetterer) Date: Thu, 22 Nov 2012 10:00:08 +0100 Subject: [Dovecot] imap_acl and osx 10.7 In-Reply-To: <CA+rZbg4cAbJRefQF-AkvQtHvXNxJrgbpe=wfXnj_Uob6q1KtVQ@mail.gmail.com> References: <CA+rZbg4cAbJRefQF-AkvQtHvXNxJrgbpe=wfXnj_Uob6q1KtVQ@mail.gmail.com> Message-ID: <50ADE998.5020803@sys4.de> Am 22.11.2012 09:46, schrieb Piero Zucchi: > Hello everybody, > > I'm trying to setup public folder with ACLs on a Lion Server 10.7.5 > > unfortunately it seems that the imap_acl plugin is not loaded properly > > do you have any advice? > > cheers > Piero i dont really remember but at some time there was a bug with acl plugin try 2.0.21 or 2.1.10 compare your config against http://wiki2.dovecot.org/ACL Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From pzucchi at gmail.com Thu Nov 22 11:22:54 2012 From: pzucchi at gmail.com (Piero Zucchi) Date: Thu, 22 Nov 2012 10:22:54 +0100 Subject: [Dovecot] imap_acl and osx 10.7 In-Reply-To: <50ADE998.5020803@sys4.de> References: <CA+rZbg4cAbJRefQF-AkvQtHvXNxJrgbpe=wfXnj_Uob6q1KtVQ@mail.gmail.com> <50ADE998.5020803@sys4.de> Message-ID: <CA+rZbg7rxf78qpDeHB6QAybZMM8gKrUh+Y5nRP5FjE19nL1QrA@mail.gmail.com> Thank you for your quick reply, Robert. The configuration looks ok, so I will search for version related bugs although it would be very hard upgrading to a newer version, because apple patches apply up to 2.0.16. cheers P. 2012/11/22 Robert Schetterer <rs at sys4.de>: > Am 22.11.2012 09:46, schrieb Piero Zucchi: >> Hello everybody, >> >> I'm trying to setup public folder with ACLs on a Lion Server 10.7.5 >> >> unfortunately it seems that the imap_acl plugin is not loaded properly >> >> do you have any advice? >> >> cheers >> Piero > > i dont really remember but at some time there was a bug with acl plugin > > try 2.0.21 or > 2.1.10 > > compare your config against > > http://wiki2.dovecot.org/ACL > > Best Regards > MfG Robert Schetterer > -- Piero Zucchi Apple Certified Trainer Apple Certified Technical Coordinator 10.8 Apple Certified Technical Coordinator 10.7 Apple Certified System Administrator 10.6 Apple Certified Technical Coordinator 10.6 Apple Certified Specialist - Mac Os X Directory Services 10.6 Apple Certified Specialist - Mobility and Security 10.6 Apple Certified System Administrator 10.5 Apple Certified Technical Coordinator 10.5 Apple Certified Support Professional 10.5 Apple Certified Pro - Final Cut Pro 7, Level 1 From stan at hardwarefreak.com Thu Nov 22 13:26:58 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Thu, 22 Nov 2012 05:26:58 -0600 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <20121110202529.GA30152@anubis.morrow.me.uk> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> <509EA1C4.3050103@hardwarefreak.com> <20121110202529.GA30152@anubis.morrow.me.uk> Message-ID: <50AE0C02.3090207@hardwarefreak.com> On 11/10/2012 2:25 PM, Ben Morrow wrote: > The usual meaning of 'lock contention' is 'two processes legitimately > competing for the *same* lock'. Sure, this is the textbook definition, and software designers will discuss it as such in that context. However, when systems users use the term, in a production use context, they are using it in the context of problems resulting from it, performance or otherwise. I.e. if lock contention isn't causing problems, systems users will not be discussing it. With many things, including software, context is critical. > You appear to be advocating the LDA as the solution to all possible > problems with mail delivery, and implying anyone not using it is doing > something seriously wrong. I advocated no such thing, nor implied such a thing. I stated that if one is using Postfix/local(8) for mbox delivery and Dovecot for POP/IMAP that s/he should switch to LDA (or LMTP) to eliminate any potential mbox locking problems; that it doesn't make sense to use Postfix/local(8) with Dovecot as there is no upside. Again, the context is mbox. Did you see me state this in relation to maildir? > I was pointing out that that is not always > the case. You seem to spend a lot of time pointing out exceptions. > I believe the OP mentioned something about having run out of mboxes for > 20 years? To me that suggests an old-fashioned Unix setup, which in turn > suggests procmail as a likely possibility. I could, of course, be wrong. Examination of his log entry indicates he's not using procmail, but Postfix' local(8) delivery agent directly to the mailbox file: Nov 8 07:49:11 server1 postfix/local[27901]: 04B8E7081DA: to=<xyz at xyz.com>, orig_to=<abc at abc.com>, relay=local, delay=19, delays=0.07/0/0/19, dsn=4.2.0, status=deferred (cannot update mailbox /var/spool/mail/abc for user abc. unable to lock for exclusive access: Resource temporarily unavailable) "unable to lock for exclusive access: Resource temporarily unavailable" is a Postfix local(8) error message. If procmail was configured, you'd likely see this instead: ...status=sent (delivered to command: /usr/bin/procmail...) Then procmail would do the actual delivery to the mailbox (mbox) file, and if a locking problem occurred, it would be logged by procmail, and possibly a bounce sent to the sender. I'm not sure what, if any, error would be returned to local(8) as I've never used procmail. > If I have offended you, I apologise. That was certainly not my > intention. I was not offended, just a bit annoyed. When you attempted to correct my intentional misuse of "light year" it reminded me of something similar. Almost daily I've wanted to stomp on Europeans for sticking the indefinite article "an" in front of words beginning with consonants, when they should be using "a" instead, butchering the English language in the process: "I need help with an Debian Linux install on an Dell server." "I'm installing an Dovecot cluster and need help configuring an Dovecot Director." Supremely irritating, but I've never stomped on them, bit my tongue every time, as it's a waste of time. Maybe you could follow suit. -- Stan From stan at hardwarefreak.com Thu Nov 22 14:09:12 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Thu, 22 Nov 2012 06:09:12 -0600 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <50A0DA65.9080503@1stwebdesigns.com> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> <50A0DA65.9080503@1stwebdesigns.com> Message-ID: <50AE15E8.7050400@hardwarefreak.com> On 11/12/2012 5:15 AM, 1st WebDesigns wrote: > Thanks for your replies. I switched to Dovecot LDA this morning, but > the issue still persists, albeit logged slightly differently by Dovecot > now instead of Postfix: > > "save failed to INBOX: Timeout while waiting for lock" > > The reason is because some pop3 clients Full stop. This is the first time you've mentioned POP that I recall. FYI, Dovecot is primarily an IMAP server. Unless an OP states up front that he's using primarily POP, everyone assumes IMAP and counsels accordingly. You should have stated POP in your first post. Actually, you should have included many more details prior to now. Please post your complete 'dovecot -n' output. > are holding their connection for > 5 or 6 minutes (don't ask me why - and the iPhone seems to be the major > culprit). I'm no smartphone POP expert, but old rural tower, poor tower connection, etc, all cause low data rates, which could cause this. However, you state this problem cropped up out of nowhere after a distro upgrade to CentOS 5. Can you confirm that the problem didn't exist before the upgrade? Your definitive answer to this question dictates the troubleshooting course of action. > In dovecot.conf I changed: > > mbox_lock_timeout = 300 > > to > > mbox_lock_timeout = 600 > > Which seems to have helped. I am unclear if this value only applied to > Dovecot LDA or if it would have worked previously before switching to > Dovecot LDA? This simply changes how long Dovecot will wait to acquire a lock. Increasing this value simply increases delays, masks the underlying problem without really helping much. The only real architectural solution to such a POP/mbox locking problem due to slow/long client downloads is, as you mentioned, moving to a lockless mailbox format, such as maildir or sdbox. Worth noting, we are both/all at fault in the slow progress of this issue, you for not stating POP up front, and me/us for not asking. Your 'dovecot -n' output may allow us to help get mbox working a little better, but the long term solution is very likely moving to maildir/sdbox. -- Stan From skdovecot at smail.inf.fh-brs.de Thu Nov 22 14:18:09 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 22 Nov 2012 13:18:09 +0100 (CET) Subject: [Dovecot] imap_acl and osx 10.7 In-Reply-To: <CA+rZbg4cAbJRefQF-AkvQtHvXNxJrgbpe=wfXnj_Uob6q1KtVQ@mail.gmail.com> References: <CA+rZbg4cAbJRefQF-AkvQtHvXNxJrgbpe=wfXnj_Uob6q1KtVQ@mail.gmail.com> Message-ID: <alpine.DEB.1.10.1211221315190.20004@pc-2m63a.inf.fh-bonn-rhein-sieg.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 22 Nov 2012, Piero Zucchi wrote: > imap: Debug: Loading modules from directory: /usr/lib/dovecot > Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: > dlopen(/usr/lib/dovecot/lib02_imap_acl_plugin.so) failed: > dlopen(/usr/lib/dovecot/lib02_imap_acl_plugin.so, 10): Symbol not > found: _acl_user_module are you sure, that the module is from the very same Dovecot version? I had Symbol not found errors, because I changed the ./configure options and something was not installed properly. After starting from scratch and copying the config over, it worked. Regards, - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBUK4YAmoxLS8a3A9mAQL6bQf/Z1/m/d0fgzPC/g6oA3bSQj4v344BcC7y SeCEHf4YRZITRP87gtGyJSyrK8DamupXSiM3eyutddl3aNUmsfhDoV0f2DVBkSeI soAQeMTSOal4214sUzJVK51kC448f1mdVLGhsCGI+FtUKSlq0K6XX4W+RTFQcEri Q1cq+Z+2fP42DfQlhXxvW3N4vJmqPDkARyCylu6IUs0S9xuc9mE1BF/aRQCGk6cv 68pD+Bt/PzfBNnm+TuA+xyZab90JrbZTh5pYnvf9i17xcEvi2VqRMAX6hfhg3FkV Wp7M5as+kY7op23cnCvULzdMMbKoZnPl3LEY+/YetU7gB0nyqlAW9g== =yB4V -----END PGP SIGNATURE----- From pzucchi at gmail.com Thu Nov 22 15:30:22 2012 From: pzucchi at gmail.com (Piero Zucchi) Date: Thu, 22 Nov 2012 14:30:22 +0100 Subject: [Dovecot] imap_acl and osx 10.7 In-Reply-To: <alpine.DEB.1.10.1211221315190.20004@pc-2m63a.inf.fh-bonn-rhein-sieg.de> References: <CA+rZbg4cAbJRefQF-AkvQtHvXNxJrgbpe=wfXnj_Uob6q1KtVQ@mail.gmail.com> <alpine.DEB.1.10.1211221315190.20004@pc-2m63a.inf.fh-bonn-rhein-sieg.de> Message-ID: <CA+rZbg4x4_xrpVDo=q3nA3WznJ+vxQH+1xhA9KMRf34DO9nM3Q@mail.gmail.com> Hallo Steffen, yes, I'm quite sure since it's a default mac os x server installation, so I haven neither installed nor compiled anything. P. 2012/11/22 Steffen Kaiser <skdovecot at smail.inf.fh-brs.de>: > are you sure, that the module is from the very same Dovecot version? > I had Symbol not found errors, because I changed the ./configure options and > something was not installed properly. After starting from scratch and > copying the config over, it worked. > > Regards, > > - -- Steffen Kaiser -- Piero Zucchi Apple Certified Trainer Apple Certified Specialist Professional 10.8 Apple Certified Technical Coordinator 10.7 Apple Certified System Administrator 10.6 Apple Certified Technical Coordinator 10.6 Apple Certified Specialist - Mac Os X Directory Services 10.6 Apple Certified Specialist - Mobility and Security 10.6 Apple Certified System Administrator 10.5 Apple Certified Technical Coordinator 10.5 Apple Certified Support Professional 10.5 Apple Certified Pro - Final Cut Pro 7, Level 1 From puccia+ml-dovecot at gmail.com Thu Nov 22 15:50:32 2012 From: puccia+ml-dovecot at gmail.com (Emanuele Pucciarelli) Date: Thu, 22 Nov 2012 14:50:32 +0100 Subject: [Dovecot] imap_acl and osx 10.7 In-Reply-To: <CA+rZbg4cAbJRefQF-AkvQtHvXNxJrgbpe=wfXnj_Uob6q1KtVQ@mail.gmail.com> References: <CA+rZbg4cAbJRefQF-AkvQtHvXNxJrgbpe=wfXnj_Uob6q1KtVQ@mail.gmail.com> Message-ID: <CA+oQUaQK7-EmTYAFT5okRT8PZyUmvK=e+rOOydFpwpNU2pS46Q@mail.gmail.com> Ciao Piero! :) Apparently, you might be running into this: http://dovecot.org/list/dovecot/2012-October/068723.html OS X's dynamic linker is not among the forgiving ones (as far as I know from experience with other software). It looks like Apple shipped Dovecot without running any tests with the extra plugins (which I do not believe they do). Unfortunately, even assuming this nails it, I wouldn't know off the top of my head how to fix it without recompiling from sources; install_name_tool(1) will only change the names of listed shared libraries, but not add new ones. Perhaps someone else has further advice on this matter. Emanuele On 22 November 2012 09:46, Piero Zucchi <pzucchi at gmail.com> wrote: > Hello everybody, > > I'm trying to setup public folder with ACLs on a Lion Server 10.7.5 > > unfortunately it seems that the imap_acl plugin is not loaded properly > > do you have any advice? > > cheers > Piero > > > > This is what i get from the log with imap_acl plugin enabled in > protocol imap { } > > Log file: > > imap: Debug: Loading modules from directory: /usr/lib/dovecot > Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: > dlopen(/usr/lib/dovecot/lib02_imap_acl_plugin.so) failed: > dlopen(/usr/lib/dovecot/lib02_imap_acl_plugin.so, 10): Symbol not > found: _acl_user_module > Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: Referenced > from: /usr/lib/dovecot/lib02_imap_acl_plugin.so > Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: Expected in: > flat namespace > Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: in > /usr/lib/dovecot/lib02_imap_acl_plugin.so > Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Fatal: Couldn't load > required plugins > Nov 22 09:08:14 xserve04 dovecot[43220]: master: Error: service(imap): > command startup failed, throttling > > > dovecot config > > # 2.0.16apple1: /etc/dovecot/dovecot.conf > # OS: Darwin 11.4.2 x86_64 acfs > auth_debug = yes > auth_debug_passwords = yes > auth_gssapi_hostname = $ALL > auth_mechanisms = cram-md5 x-plain-submit apop gssapi plain login > auth_socket_path = /var/run/dovecot/auth-userdb > auth_username_format = %n > default_internal_user = _dovecot > default_login_user = _dovenull > disable_plaintext_auth = no > first_valid_gid = 6 > first_valid_uid = 6 > hostname = mail.customer.com > mail_access_groups = mail > mail_debug = yes > mail_location = maildir:/Volumes/XsanVolume/Mail/%u > mail_log_prefix = "%s(pid %p user %u): " > mail_plugins = quota zlib fts fts_sk acl > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope > encoded-character vacation subaddress comparator-i;ascii-numeric > relational regex imap4flags copy include variables body enotify > environment mailbox date ihave > mdbox_rotate_size = 200 M > namespace { > inbox = yes > location = > prefix = > separator = / > type = private > } > namespace { > hidden = yes > list = children > location = maildir:/Volumes/XsanVolume/Mail/Condivise/Interno:CONTROL=/Volumes/XsanVolume/Mail/Condivise/Indexes/%u/shared_Interno:INDEX=/Volumes/XsanVolume/Mail/Condivise/Indexes/%u/shared_Interno > prefix = Interno/ > separator = / > subscriptions = no > type = public > } > passdb { > args = /etc/dovecot/submit.passdb > driver = passwd-file > pass = yes > submit = yes > } > passdb { > driver = od > } > plugin { > acl = vfile > fts = sk > quota = maildir:User quota > quota_warning = storage=100%% quota-exceeded %u > quota_warning2 = storage=80%% quota-warning %u > sieve = /Library/Server/Mail/Data/rules/%u/dovecot.sieve > sieve_dir = /Library/Server/Mail/Data/rules/%u > } > postmaster_address = postmaster at xserve04.customer.com > protocols = imap pop3 lmtp sieve > quota_full_tempfail = yes > service auth { > extra_groups = _keytabusers > idle_kill = 15 mins > } > service dns_client { > unix_listener dns-client { > mode = 0600 > } > } > service imap-login { > inet_listener imap { > port = 143 > } > inet_listener imaps { > port = 993 > ssl = yes > } > service_count = 0 > } > service imap-postlogin { > executable = script-login -d /etc/dovecot/acl_groups.sh > unix_listener imap-postlogin { > group = mail > mode = 0600 > user = _dovecot > } > user = _dovecot > } > service imap { > client_limit = 5 > executable = imap imap-postlogin > process_limit = 200 > service_count = 0 > } > service lmtp { > unix_listener lmtp { > mode = 0600 > } > } > service managesieve-login { > inet_listener sieve { > port = 4190 > } > inet_listener sieve_deprecated { > port = 2000 > } > } > service pop3-login { > inet_listener pop3 { > port = 110 > } > inet_listener pop3s { > port = 995 > ssl = yes > } > } > service pop3 { > client_limit = 5 > process_limit = 200 > service_count = 0 > } > service quota-exceeded { > executable = script /usr/libexec/dovecot/quota-exceeded.sh > unix_listener quota-exceeded { > group = mail > mode = 0660 > user = _dovecot > } > user = _dovecot > } > service quota-warning { > executable = script /usr/libexec/dovecot/quota-warning.sh > unix_listener quota-warning { > group = mail > mode = 0660 > user = _dovecot > } > user = _dovecot > } > ssl_ca = </etc/certificates/xserve04.customer.com.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.chain.pem > ssl_cert = </etc/certificates/xserve04.customer.com.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.cert.pem > ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL:!ADH:!eNULL > ssl_key = </etc/certificates/xserve04.customer.com.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.key.pem > ssl_key_path = /etc/certificates/xserve04.customer.com.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.key.pem > syslog_facility = local6 > userdb { > args = partition=/etc/dovecot/partition_map.conf enforce_quotas=yes > driver = od > } > verbose_proctitle = yes > protocol lmtp { > mail_plugins = quota zlib fts fts_sk sieve > } > protocol lda { > mail_plugins = quota zlib fts fts_sk sieve > } > protocol imap { > imap_id_log = * > imap_id_send = "name" * "version" * > mail_max_userip_connections = 20 > mail_plugins = quota zlib fts fts_sk imap_quota imap_zlib imap_fts > imap_acl urlauth > } > protocol pop3 { > mail_max_userip_connections = 6 > } > > > > > -- > Piero Zucchi > > Apple Certified Trainer > > Apple Certified Specialist Professional 10.8 > > Apple Certified Technical Coordinator 10.7 > > Apple Certified System Administrator 10.6 > Apple Certified Technical Coordinator 10.6 > Apple Certified Specialist - Mac Os X Directory Services 10.6 > Apple Certified Specialist - Mobility and Security 10.6 > > Apple Certified System Administrator 10.5 > Apple Certified Technical Coordinator 10.5 > Apple Certified Support Professional 10.5 > > Apple Certified Pro - Final Cut Pro 7, Level 1 From rplatel at tucows.com Thu Nov 22 17:06:15 2012 From: rplatel at tucows.com (Richard Platel) Date: Thu, 22 Nov 2012 10:06:15 -0500 Subject: [Dovecot] Plugin help, number of messages in mailbox Message-ID: <E1F02117-7120-4920-9807-4295BD5732A5@tucows.com> Hi, We use Dovecot for IMAP and POP (but not LDA), we want to do something when a user has an INBOX that becomes empty, or becomes not empty (set a flag in memcached, but that's not really important). I'm writing a plugin (for Dovecot 2.1.7). On mailbox_open() I can use mailbox_get_status() to get a count of messages in the mailbox, and then decrement this in expunge() or increment it in mailbox save_finish() (for IMAP APPEND or COPY commands). However in expunge() and mailbox_save_finish, even after calling the super function, mailbox_get_status doesn't update the number of messages in the mailbox. This is a problem if (for example) there are concurrent POP sessions. Two POP sessions could get all the messages in INBOX, one could logout, calling expunge a few times, eventually causing my plugin to note that the inbox is empty, then our LDA could deliver a message, mark the INBOX not empty, then the other POP session could log out, call expunge and cause my plugin to mark the INBOX empty, when it's not. So in summation: how can a plugin be notified of changes to a mailbox, and then accurately get the real number of messages in that mailbox? From pzucchi at gmail.com Thu Nov 22 17:07:14 2012 From: pzucchi at gmail.com (Piero Zucchi) Date: Thu, 22 Nov 2012 16:07:14 +0100 Subject: [Dovecot] imap_acl and osx 10.7 In-Reply-To: <CA+oQUaQK7-EmTYAFT5okRT8PZyUmvK=e+rOOydFpwpNU2pS46Q@mail.gmail.com> References: <CA+rZbg4cAbJRefQF-AkvQtHvXNxJrgbpe=wfXnj_Uob6q1KtVQ@mail.gmail.com> <CA+oQUaQK7-EmTYAFT5okRT8PZyUmvK=e+rOOydFpwpNU2pS46Q@mail.gmail.com> Message-ID: <CA+rZbg5U1EEzUt1j_UYa7DkfeeX_F6D6qtWE1EiBeRF=p-HphA@mail.gmail.com> ciao Emanuele! :) Thanks so much for your answer :). I will file a bug on radar (apple) and see if they fix it or piss me off: "we do not support acl on email". P. 2012/11/22 Emanuele Pucciarelli <puccia+ml-dovecot at gmail.com>: > Ciao Piero! :) > > Apparently, you might be running into this: > > http://dovecot.org/list/dovecot/2012-October/068723.html > > OS X's dynamic linker is not among the forgiving ones (as far as I > know from experience with other software). It looks like Apple shipped > Dovecot without running any tests with the extra plugins (which I do > not believe they do). > > Unfortunately, even assuming this nails it, I wouldn't know off the > top of my head how to fix it without recompiling from sources; > install_name_tool(1) will only change the names of listed shared > libraries, but not add new ones. Perhaps someone else has further > advice on this matter. > > Emanuele > > > On 22 November 2012 09:46, Piero Zucchi <pzucchi at gmail.com> wrote: >> Hello everybody, >> >> I'm trying to setup public folder with ACLs on a Lion Server 10.7.5 >> >> unfortunately it seems that the imap_acl plugin is not loaded properly >> >> do you have any advice? >> >> cheers >> Piero >> >> >> >> This is what i get from the log with imap_acl plugin enabled in >> protocol imap { } >> >> Log file: >> >> imap: Debug: Loading modules from directory: /usr/lib/dovecot >> Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: >> dlopen(/usr/lib/dovecot/lib02_imap_acl_plugin.so) failed: >> dlopen(/usr/lib/dovecot/lib02_imap_acl_plugin.so, 10): Symbol not >> found: _acl_user_module >> Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: Referenced >> from: /usr/lib/dovecot/lib02_imap_acl_plugin.so >> Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: Expected in: >> flat namespace >> Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: in >> /usr/lib/dovecot/lib02_imap_acl_plugin.so >> Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Fatal: Couldn't load >> required plugins >> Nov 22 09:08:14 xserve04 dovecot[43220]: master: Error: service(imap): >> command startup failed, throttling >> >> >> dovecot config >> >> # 2.0.16apple1: /etc/dovecot/dovecot.conf >> # OS: Darwin 11.4.2 x86_64 acfs >> auth_debug = yes >> auth_debug_passwords = yes >> auth_gssapi_hostname = $ALL >> auth_mechanisms = cram-md5 x-plain-submit apop gssapi plain login >> auth_socket_path = /var/run/dovecot/auth-userdb >> auth_username_format = %n >> default_internal_user = _dovecot >> default_login_user = _dovenull >> disable_plaintext_auth = no >> first_valid_gid = 6 >> first_valid_uid = 6 >> hostname = mail.customer.com >> mail_access_groups = mail >> mail_debug = yes >> mail_location = maildir:/Volumes/XsanVolume/Mail/%u >> mail_log_prefix = "%s(pid %p user %u): " >> mail_plugins = quota zlib fts fts_sk acl >> managesieve_notify_capability = mailto >> managesieve_sieve_capability = fileinto reject envelope >> encoded-character vacation subaddress comparator-i;ascii-numeric >> relational regex imap4flags copy include variables body enotify >> environment mailbox date ihave >> mdbox_rotate_size = 200 M >> namespace { >> inbox = yes >> location = >> prefix = >> separator = / >> type = private >> } >> namespace { >> hidden = yes >> list = children >> location = maildir:/Volumes/XsanVolume/Mail/Condivise/Interno:CONTROL=/Volumes/XsanVolume/Mail/Condivise/Indexes/%u/shared_Interno:INDEX=/Volumes/XsanVolume/Mail/Condivise/Indexes/%u/shared_Interno >> prefix = Interno/ >> separator = / >> subscriptions = no >> type = public >> } >> passdb { >> args = /etc/dovecot/submit.passdb >> driver = passwd-file >> pass = yes >> submit = yes >> } >> passdb { >> driver = od >> } >> plugin { >> acl = vfile >> fts = sk >> quota = maildir:User quota >> quota_warning = storage=100%% quota-exceeded %u >> quota_warning2 = storage=80%% quota-warning %u >> sieve = /Library/Server/Mail/Data/rules/%u/dovecot.sieve >> sieve_dir = /Library/Server/Mail/Data/rules/%u >> } >> postmaster_address = postmaster at xserve04.customer.com >> protocols = imap pop3 lmtp sieve >> quota_full_tempfail = yes >> service auth { >> extra_groups = _keytabusers >> idle_kill = 15 mins >> } >> service dns_client { >> unix_listener dns-client { >> mode = 0600 >> } >> } >> service imap-login { >> inet_listener imap { >> port = 143 >> } >> inet_listener imaps { >> port = 993 >> ssl = yes >> } >> service_count = 0 >> } >> service imap-postlogin { >> executable = script-login -d /etc/dovecot/acl_groups.sh >> unix_listener imap-postlogin { >> group = mail >> mode = 0600 >> user = _dovecot >> } >> user = _dovecot >> } >> service imap { >> client_limit = 5 >> executable = imap imap-postlogin >> process_limit = 200 >> service_count = 0 >> } >> service lmtp { >> unix_listener lmtp { >> mode = 0600 >> } >> } >> service managesieve-login { >> inet_listener sieve { >> port = 4190 >> } >> inet_listener sieve_deprecated { >> port = 2000 >> } >> } >> service pop3-login { >> inet_listener pop3 { >> port = 110 >> } >> inet_listener pop3s { >> port = 995 >> ssl = yes >> } >> } >> service pop3 { >> client_limit = 5 >> process_limit = 200 >> service_count = 0 >> } >> service quota-exceeded { >> executable = script /usr/libexec/dovecot/quota-exceeded.sh >> unix_listener quota-exceeded { >> group = mail >> mode = 0660 >> user = _dovecot >> } >> user = _dovecot >> } >> service quota-warning { >> executable = script /usr/libexec/dovecot/quota-warning.sh >> unix_listener quota-warning { >> group = mail >> mode = 0660 >> user = _dovecot >> } >> user = _dovecot >> } >> ssl_ca = </etc/certificates/xserve04.customer.com.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.chain.pem >> ssl_cert = </etc/certificates/xserve04.customer.com.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.cert.pem >> ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL:!ADH:!eNULL >> ssl_key = </etc/certificates/xserve04.customer.com.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.key.pem >> ssl_key_path = /etc/certificates/xserve04.customer.com.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.key.pem >> syslog_facility = local6 >> userdb { >> args = partition=/etc/dovecot/partition_map.conf enforce_quotas=yes >> driver = od >> } >> verbose_proctitle = yes >> protocol lmtp { >> mail_plugins = quota zlib fts fts_sk sieve >> } >> protocol lda { >> mail_plugins = quota zlib fts fts_sk sieve >> } >> protocol imap { >> imap_id_log = * >> imap_id_send = "name" * "version" * >> mail_max_userip_connections = 20 >> mail_plugins = quota zlib fts fts_sk imap_quota imap_zlib imap_fts >> imap_acl urlauth >> } >> protocol pop3 { >> mail_max_userip_connections = 6 >> } >> >> >> >> >> -- >> Piero Zucchi >> >> Apple Certified Trainer >> >> Apple Certified Specialist Professional 10.8 >> >> Apple Certified Technical Coordinator 10.7 >> >> Apple Certified System Administrator 10.6 >> Apple Certified Technical Coordinator 10.6 >> Apple Certified Specialist - Mac Os X Directory Services 10.6 >> Apple Certified Specialist - Mobility and Security 10.6 >> >> Apple Certified System Administrator 10.5 >> Apple Certified Technical Coordinator 10.5 >> Apple Certified Support Professional 10.5 >> >> Apple Certified Pro - Final Cut Pro 7, Level 1 -- Piero Zucchi Apple Certified Trainer Apple Certified Specialist Professional 10.8 Apple Certified Technical Coordinator 10.7 Apple Certified System Administrator 10.6 Apple Certified Technical Coordinator 10.6 Apple Certified Specialist - Mac Os X Directory Services 10.6 Apple Certified Specialist - Mobility and Security 10.6 Apple Certified System Administrator 10.5 Apple Certified Technical Coordinator 10.5 Apple Certified Support Professional 10.5 Apple Certified Pro - Final Cut Pro 7, Level 1 From design at 1stwebdesigns.com Thu Nov 22 23:26:24 2012 From: design at 1stwebdesigns.com (1st WebDesigns) Date: Thu, 22 Nov 2012 21:26:24 +0000 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <50AE15E8.7050400@hardwarefreak.com> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> <50A0DA65.9080503@1stwebdesigns.com> <50AE15E8.7050400@hardwarefreak.com> Message-ID: <50AE9880.7040405@1stwebdesigns.com> Output of dovecot -n is as follows: # 1.0.7: /etc/dovecot.conf login_dir: /var/run/dovecot/login login_executable(default): /usr/libexec/dovecot/imap-login login_executable(imap): /usr/libexec/dovecot/imap-login login_executable(pop3): /usr/libexec/dovecot/pop3-login mail_privileged_group: mail mail_location: mbox:~/mail:INBOX=/var/mail/%u mbox_lock_timeout: 600 mail_executable(default): /usr/libexec/dovecot/imap mail_executable(imap): /usr/libexec/dovecot/imap mail_executable(pop3): /usr/libexec/dovecot/pop3 mail_plugin_dir(default): /usr/lib64/dovecot/imap mail_plugin_dir(imap): /usr/lib64/dovecot/imap mail_plugin_dir(pop3): /usr/lib64/dovecot/pop3 auth default: passdb: driver: pam userdb: driver: passwd We upgraded from RedHat 4 to RedHat 5. The problem didn't exist with RH4 and an even older version of Dovecot. When emails are stuck in the queue, doing this: lsof /var/spool/mail/<user> shows the spool file in use by a pop3 login and the Dovecot deliver process. Since changing mbox_lock_timeout from 300 to 600 the pop3 process eventually finishes before 600 seconds and the deliver process is able to complete. I admit this is masking the problem rather than solving it. As discussed before our version of Dovecot is dated now, however it's the version provided by RedHat and the version supported by our support company (who aren't doing a great job, hence me posting here). Thanks, On 22/11/2012 12:09, Stan Hoeppner wrote: > On 11/12/2012 5:15 AM, 1st WebDesigns wrote: > >> Thanks for your replies. I switched to Dovecot LDA this morning, but >> the issue still persists, albeit logged slightly differently by Dovecot >> now instead of Postfix: >> >> "save failed to INBOX: Timeout while waiting for lock" >> >> The reason is because some pop3 clients > > Full stop. This is the first time you've mentioned POP that I recall. > FYI, Dovecot is primarily an IMAP server. Unless an OP states up front > that he's using primarily POP, everyone assumes IMAP and counsels > accordingly. You should have stated POP in your first post. Actually, > you should have included many more details prior to now. Please post > your complete 'dovecot -n' output. > >> are holding their connection for >> 5 or 6 minutes (don't ask me why - and the iPhone seems to be the major >> culprit). > > I'm no smartphone POP expert, but old rural tower, poor tower > connection, etc, all cause low data rates, which could cause this. > However, you state this problem cropped up out of nowhere after a distro > upgrade to CentOS 5. Can you confirm that the problem didn't exist > before the upgrade? Your definitive answer to this question dictates > the troubleshooting course of action. > >> In dovecot.conf I changed: >> >> mbox_lock_timeout = 300 >> >> to >> >> mbox_lock_timeout = 600 >> >> Which seems to have helped. I am unclear if this value only applied to >> Dovecot LDA or if it would have worked previously before switching to >> Dovecot LDA? > > This simply changes how long Dovecot will wait to acquire a lock. > Increasing this value simply increases delays, masks the underlying > problem without really helping much. > > The only real architectural solution to such a POP/mbox locking problem > due to slow/long client downloads is, as you mentioned, moving to a > lockless mailbox format, such as maildir or sdbox. > > Worth noting, we are both/all at fault in the slow progress of this > issue, you for not stating POP up front, and me/us for not asking. > > Your 'dovecot -n' output may allow us to help get mbox working a little > better, but the long term solution is very likely moving to maildir/sdbox. > From stan at hardwarefreak.com Fri Nov 23 08:07:32 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Fri, 23 Nov 2012 00:07:32 -0600 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <50AE9880.7040405@1stwebdesigns.com> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> <50A0DA65.9080503@1stwebdesigns.com> <50AE15E8.7050400@hardwarefreak.com> <50AE9880.7040405@1stwebdesigns.com> Message-ID: <50AF12A4.7060201@hardwarefreak.com> On 11/22/2012 3:26 PM, 1st WebDesigns wrote: > Output of dovecot -n is as follows: > > # 1.0.7: /etc/dovecot.conf > login_dir: /var/run/dovecot/login > login_executable(default): /usr/libexec/dovecot/imap-login > login_executable(imap): /usr/libexec/dovecot/imap-login > login_executable(pop3): /usr/libexec/dovecot/pop3-login > mail_privileged_group: mail > mail_location: mbox:~/mail:INBOX=/var/mail/%u > mbox_lock_timeout: 600 > mail_executable(default): /usr/libexec/dovecot/imap > mail_executable(imap): /usr/libexec/dovecot/imap > mail_executable(pop3): /usr/libexec/dovecot/pop3 > mail_plugin_dir(default): /usr/lib64/dovecot/imap > mail_plugin_dir(imap): /usr/lib64/dovecot/imap > mail_plugin_dir(pop3): /usr/lib64/dovecot/pop3 > auth default: > passdb: > driver: pam > userdb: > driver: passwd Are your mailboxes on NFS storage? You haven't stated on what storage your mailboxes reside. NFS complicates locking. If you use an NFS server, did anything on it change recently, such as an upgrade to RHEL5? I found a thread stating RHEL5 has a bad FCNTL implementation that could be related to your write lock delay problem. Try using dotlock only for read and write and see if that helps. It has additional filesystem IO overhead, but nothing like the many minutes of delay you have now. mbox_read_locks = dotlock mbox_write_locks = dotlock > We upgraded from RedHat 4 to RedHat 5. The problem didn't exist with > RH4 and an even older version of Dovecot. That may be, but you're surely not planning on downgrading back to RHEL4. > When emails are stuck in the queue, doing this: Dovecot doesn't use queues. It writes directly to the mailbox files. > lsof /var/spool/mail/<user> These are mailbox files, your user inbox mbox files, not spool files. Spool implies temporary storage. Don't let "spool" fool you. On many/most systems /var/spool/mail is a link to /var/mail. > shows the spool file in use by a pop3 login and the Dovecot deliver > process. Since changing mbox_lock_timeout from 300 to 600 the pop3 > process eventually finishes before 600 seconds and the deliver process > is able to complete. I admit this is masking the problem rather than > solving it. Does the larger timeout value completely eliminate the errors? If so this may be the best outcome you can get with Dovecot 1.0.7, mbox storage, on RHEL5, unless a different locking method fixes it. > As discussed before our version of Dovecot is dated now, however it's > the version provided by RedHat and the version supported by our support > company (who aren't doing a great job, hence me posting here). It's the version provided by RHEL5. RHEL6.3 has Dovecot 2.0.9. There are 3rd party 1.2.x RPMs available for RHEL5.x as well as 2.x.x RPMs for RHEL5.x. What "support company"? If you're using RHEL, Red Hat provides the support. That's the whole reason for "paying for" a Linux distro. What is preventing you from upgrading to RHEL 6.3, the current release? Which BTW is behind nearly all other distros WRT package versions. For instance Debian stable has Dovecot 2.1.7 available in the backports repo. -- Stan > > On 22/11/2012 12:09, Stan Hoeppner wrote: >> On 11/12/2012 5:15 AM, 1st WebDesigns wrote: >> >>> Thanks for your replies. I switched to Dovecot LDA this morning, but >>> the issue still persists, albeit logged slightly differently by Dovecot >>> now instead of Postfix: >>> >>> "save failed to INBOX: Timeout while waiting for lock" >>> >>> The reason is because some pop3 clients >> >> Full stop. This is the first time you've mentioned POP that I recall. >> FYI, Dovecot is primarily an IMAP server. Unless an OP states up front >> that he's using primarily POP, everyone assumes IMAP and counsels >> accordingly. You should have stated POP in your first post. Actually, >> you should have included many more details prior to now. Please post >> your complete 'dovecot -n' output. >> >>> are holding their connection for >>> 5 or 6 minutes (don't ask me why - and the iPhone seems to be the major >>> culprit). >> >> I'm no smartphone POP expert, but old rural tower, poor tower >> connection, etc, all cause low data rates, which could cause this. >> However, you state this problem cropped up out of nowhere after a distro >> upgrade to CentOS 5. Can you confirm that the problem didn't exist >> before the upgrade? Your definitive answer to this question dictates >> the troubleshooting course of action. >> >>> In dovecot.conf I changed: >>> >>> mbox_lock_timeout = 300 >>> >>> to >>> >>> mbox_lock_timeout = 600 >>> >>> Which seems to have helped. I am unclear if this value only applied to >>> Dovecot LDA or if it would have worked previously before switching to >>> Dovecot LDA? >> >> This simply changes how long Dovecot will wait to acquire a lock. >> Increasing this value simply increases delays, masks the underlying >> problem without really helping much. >> >> The only real architectural solution to such a POP/mbox locking problem >> due to slow/long client downloads is, as you mentioned, moving to a >> lockless mailbox format, such as maildir or sdbox. >> >> Worth noting, we are both/all at fault in the slow progress of this >> issue, you for not stating POP up front, and me/us for not asking. >> >> Your 'dovecot -n' output may allow us to help get mbox working a little >> better, but the long term solution is very likely moving to >> maildir/sdbox. >> > From tss at iki.fi Fri Nov 23 08:18:32 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 08:18:32 +0200 Subject: [Dovecot] Initial status notification not received In-Reply-To: <20121116141259.GA9371@petole.demisel.net> References: <20121116141259.GA9371@petole.demisel.net> Message-ID: <7D584D20-225A-4790-A293-5AB95EF7CD76@iki.fi> On 16.11.2012, at 16.12, Nicolas KOWALSKI wrote: > We have SLES-11 SP2 Xen VMs running dovecot as IMAP proxies. At VMs > startup, dovecot almost always shows these errors: > > Nov 16 14:29:19 server dovecot: master: Dovecot v2.1.10 starting up (core dumps disabled) > Nov 16 14:29:55 server dovecot: master: Error: service(anvil): Initial status notification not received in 30 seconds, killing the process > Nov 16 14:29:55 server dovecot: master: Error: service(log): Initial status notification not received in 30 seconds, killing the process > Nov 16 14:29:55 server dovecot: master: Error: service(ssl-params): Initial status notification not received in 30 seconds, killing the process > Nov 16 14:29:55 server dovecot: master: Error: service(log): child 3591 killed with signal 9 > > As the last line tells, dovecot stops logging information. We have to > restart the dovecot processes to get back normal behaviour. I also tried > to set idle_kill values to services definitions, without success. You mean this happens when the VM starts up, but if you manually restart it later they don't happen? > Is there a way to prevent these errors? I wonder if it's because of SLES or something else. From tss at iki.fi Fri Nov 23 08:20:00 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 08:20:00 +0200 Subject: [Dovecot] Is there any Documentation or Howto/Guide for Dovecot Replication or do i have to wait for dovecot 2.2.x? In-Reply-To: <72bd3d101cab445e8b4216300b43b798@zackbummfertig.de> References: <72bd3d101cab445e8b4216300b43b798@zackbummfertig.de> Message-ID: <AE4A00E5-5683-4766-A400-9B1057AF77A9@iki.fi> On 16.11.2012, at 17.24, weber at zackbummfertig.de wrote: > dear timo, > can you help me? There are some mails about it somewhere in the mailing list. I'll write some documentation before v2.2.0 is out. From tss at iki.fi Fri Nov 23 08:29:10 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 08:29:10 +0200 Subject: [Dovecot] maildir and end-of-line encoding In-Reply-To: <1352343439.5059.202.camel@fermat.scientia.net> References: <1351648223.24721.4.camel@fermat.scientia.net> <A52B651B-B5D8-4B16-9A79-4231CAAD4ECD@iki.fi> <1352343439.5059.202.camel@fermat.scientia.net> Message-ID: <FE7D8BAA-A713-4CFE-B012-C7EB820E0C48@iki.fi> On 8.11.2012, at 4.57, Christoph Anton Mitterer wrote: > On Wed, 2012-11-07 at 17:33 +0200, Timo Sirainen wrote: >> Dovecot automatically adds CRs where necessary. Even within the same file there can be mixed LF/CRLF lines. > Can you detail this a bit, or point me to the specific code areas? > > 1) Is only CR added? Or also LF? If CR is alone, it's not treated as newline. So only CRs may be added before LF. > 2) What happens e.g. when LFCR is found? Is that then "doubled" to > CRLFCR or even CRLFCRLF? CRLFCR > 3) When does it "add" these chars? Only when using dovecot-lda? Or also > when some other MDA places files into e.g. a maildir? When saving a mail, based on mail_save_crlf setting the CRs are either added or removed when writing the mail to disk. When reading a mail and sending to IMAP/POP3 client the CRs are always added. (doveadm fetch text doesn't add/remove CRs I think.) > I did some reading on the RFC 5322 which says: > > - new mails must not have single CR or LF, both may only occur as CRL > > - but from the previous RFCs, it allows existing messages to have CR and > LF alone, in which case they are not newlines as CRLF, but rather the CR > and LF characters in the their meaning as control characters. > > > 4) So from that point of view... automatic conversion may actually > "corrupt" things in a strict sense. > (One should hope of course, that only few people use(d) CR or LF alone > to get their control character meaning... but rather that these are just > cases of accidents.) SMTP and IMAP protocols are the only normal ways to get messages into a system. Both of them require CRLF newlines. So there's really no way for Dovecot to ever see valid LF-only newlines. One exception is Content-Type: binary, but that's not really supported by Dovecot (or any commonly used SMTP servers either I think). > 5) I agree with you that mails should be stored with CRLF, as this is > their native format.... and I found nothing on the maildir[++] standards > that would forbid that (neither that would encourage it). > But for mbox there are "definitions" that _always_ LF is used (AFAIU, > even on non-UNIX platforms. mbox isn't really standardized. Anyway, storing mails with CRLF allows some optimizations, but if the mails aren't stored compressed it wastes a bit of disk space. > 6) I went through my mails and basically I found everything: > CR, LF, CRLF and even LFCR. > Now I have no real idea how to deal with that? > Keep all as is? Make all LFs CRLFs and/or all CFs to CRLFs? What about > the LFCRs? Handle them as group and perhaps swap them to CRLF. Or doing > the same as with single LFs and CRs. Why do you need to do something about them? Dovecot should handle all of them fine. From tss at iki.fi Fri Nov 23 08:33:20 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 08:33:20 +0200 Subject: [Dovecot] IMAP session state inconsistent In-Reply-To: <509BC56F.6030606@airstreamcomm.net> References: <509BC56F.6030606@airstreamcomm.net> Message-ID: <FC27D231-C54E-438D-968A-5932D2FF221D@iki.fi> On 8.11.2012, at 16.45, list at airstreamcomm.net wrote: > Running Dovecot 1.2.12 (we are in the process of upgrading to 2.1.x) > > Didn't find much in old threads, but we are seeing the following in the logs this morning: > > dovecot: imap-login: Login: user=<wajabrun>, method=PLAIN, rip=x.x.x.x, lip=y.y.y.y > dovecot: IMAP(wajabrun): Disconnected: IMAP session state is inconsistent, please relogin. bytes=443/1146 > dovecot: imap-login: Login: user=<wajabrun>, method=PLAIN, rip=x.x.x.x, lip=y.y.y.y > dovecot: IMAP(wajabrun): Disconnected: IMAP session state is inconsistent, please relogin. bytes=561/1637 > dovecot: imap-login: Login: user=<wajabrun>, method=PLAIN, rip=x.x.x.x, lip=y.y.y.y > dovecot: IMAP(wajabrun): file_dotlock_open() failed with file /mail/w/a/wajabrun/Maildir/.INBOX.02 ORDERS.Gaiam/dovecot.index.log: No such file or directory > dovecot: IMAP(wajabrun): file_dotlock_open() failed with file /mail/w/a/wajabrun/Maildir/.INBOX.02 ORDERS.Gaiam/dovecot.index.log: No such file or directory > > Not sure what to make of this sequence? Probably user deleted the mailbox while other sessions still had it opened. There are some more checks to avoid those in newer versions. From tss at iki.fi Fri Nov 23 08:33:49 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 08:33:49 +0200 Subject: [Dovecot] Hardlink with Maildir a brief help In-Reply-To: <509BC6F7.1050107@mail.cgilfe.it> References: <509BC6F7.1050107@mail.cgilfe.it> Message-ID: <8FD6F712-98D9-47CE-AD41-ACC469092525@iki.fi> On 8.11.2012, at 16.51, Davide wrote: > Hi to all, my question is: > > Is possible implementing SIS (with hardlink) with maildir instead of *dbox format? No. Way too difficult and non-standard. From tss at iki.fi Fri Nov 23 08:36:37 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 08:36:37 +0200 Subject: [Dovecot] memory allocation issues In-Reply-To: <20121109004915.GJ70186@corp.sonic.net> References: <20121109004915.GJ70186@corp.sonic.net> Message-ID: <840D1B6B-956A-442C-8550-62EBAD352B73@iki.fi> On 9.11.2012, at 2.49, Kelsey Cummings wrote: > One of our dovecot backend servers ran into a problem with it's auth > process a few days ago. This doesn't appear to be the error logged when > dovecot hits its internal limit so I'm not sure what is going on here. > > auth: Error: malloc: 58012: Cannot allocate memory > auth: Error: Unable to allocate memory for mutexes from the region > auth: Error: PANIC: Cannot allocate memory > auth: passwd(test,1.1.1.1,<8HTlNHzNIQBAjhKC>): unknown user It would have been nicer if libc would have just crashed the process instead of silently converting it into "unknown user" error.. That's probably actually a bug since the getpwuid_r() that Dovecot uses would have been able to return an error message. > pop3: Error: Authenticated user not found from userdb, auth lookup +id=2509111297 (client-pid=4781 client-id=1) > pop3-login: Internal login failure (pid=4781 id=1) (internal failure, 1 +succesful auths): user=<test>... > > There was at least 10+GB free RAM on the server and no indication of a > system level issue at the same time. The server is running 2.1.9. > There were about 3,200 active sessions, with something like 12 new > sessions/sec. The other identical servers are/were handling virtually > identical load with the same service uptime and haven't had any issues > so far. (Crash happened 7 days ago.) Memory leak maybe? service auth { vsz_limit } anyway was reached (default 256 MB). From tss at iki.fi Fri Nov 23 08:39:32 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 08:39:32 +0200 Subject: [Dovecot] Is there a hook for a plugin to do some transient operation on the mail body ... In-Reply-To: <1352439449.79235.YahooMailNeo@web165005.mail.bf1.yahoo.com> References: <1352439449.79235.YahooMailNeo@web165005.mail.bf1.yahoo.com> Message-ID: <1E94A3D1-6B4B-4217-983B-8576099B3F91@iki.fi> On 9.11.2012, at 7.37, Jay wrote: > ... when the MUA has issued a FETCH? > > I am a Dovecot newbie ... so please bear with me if this is obvious. Basically what I am trying to do is process the mail body (in my own specific way) before Dovecot serves it up to the MUA. I want to do it as a transient operation in memory. So think of the scenario as ... > - the MUA issues a FETCH > - Dovecot intercepts the FETCH > - Dovecot internally gets the mail from the storage into a buffer in memory > ----> This is where I'd like to apply a function to the mail body and modify the mail body in the buffer (not in the storage) > - Dovecot serves up the (modified) mail to the MUA > > Looking for a hook that allows me to do it using a plugin. Looks like the zlib plugin does something similar ... applies a decompression function ... but I am not 100% sure. http://dovecot.org/patches/2.1/mail-filter.tar.gz allows you to run it through a script. But note that IMAP protocol requires that messages never change, and Dovecot relies on that internally as well. Practically it's ok enough to change the message content, as long as you don't change the message/MIME structure sizes. From tss at iki.fi Fri Nov 23 08:52:59 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 08:52:59 +0200 Subject: [Dovecot] imap-login hanging when firewall blocks ssl handshaking In-Reply-To: <B7D3B051-AEFD-42CD-87DC-60764AF401D4@usc.edu> References: <B7D3B051-AEFD-42CD-87DC-60764AF401D4@usc.edu> Message-ID: <8EDD59BD-AC4B-442F-B148-285BC368B49B@iki.fi> On 10.11.2012, at 12.44, Erik A Johnson wrote: > imap-login processes are hanging (using 100% of CPU) when connected from a client that is partially blocked by a firewall. It appears that imap-login is stuck in a loop trying to complete an ssl handshake. imap-login is working fine for other clients not blocked by the firewall (including localhost). > > This is dovecot 2.1.10 under Mac OS X 10.8.2 (compiled from sources); the firewall is Little Snitch 3.0.1 blocking port 993, which appears to let the connection initiate but then squashes and disconnects the socket during ssl handshaking. > > gdb backtrace and Activity Monitor's "Sample Process" show that imap-login is stuck calling ioloop-kqueue's io_loop_handler_run -> io_loop_call_io -> ssl_step repeatedly; dtruss shows that it is repeatedly making system calls to kevent and read, the latter returning -1 with errno 57=ENOTCONN="Socket is not connected". (I also tried ./configure --with-ioloop=poll and --with-iopoll=select instead of the default best = kqueue but the results were the same; --with-iopoll=epoll didn't work because epoll is not available on this machine.) The client, initiated by the command "openssl s_client -connect SERVER:993", first responds "CONNECTED(00000003)" but then immediately the error "60278:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:/SourceCache/OpenSSL098/OpenSSL098-44/src/ssl/s23_lib.c:182:". The infinite loop is in src/lib/ioloop.c in the function "io_loop_run" where the statement "while (ioloop->running) io_loop_handler_run(ioloop)" is executed. I wonder if this fixes it? http://hg.dovecot.org/dovecot-2.1/rev/e95479f439aa From tss at iki.fi Fri Nov 23 08:54:07 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 08:54:07 +0200 Subject: [Dovecot] User iteration with static userdb In-Reply-To: <97e9e4ee533292752c95ef18bdfb3367@r-n.cz> References: <97e9e4ee533292752c95ef18bdfb3367@r-n.cz> Message-ID: <E984064E-8E3E-44A2-AB3F-2F3F03995737@iki.fi> On 10.11.2012, at 22.34, Radek Novotn? wrote: > can someone explain me, please, why user iteration (iterate_query) > doesn't work with static userdb? There isn't reason why > it shouldn't work. In my opinion. However static userdb doesn't mean that user list > not exist. Where would you like the static userdb to get the list of users then? From nicolas.kowalski at gmail.com Fri Nov 23 09:01:04 2012 From: nicolas.kowalski at gmail.com (Nicolas KOWALSKI) Date: Fri, 23 Nov 2012 08:01:04 +0100 Subject: [Dovecot] Initial status notification not received In-Reply-To: <7D584D20-225A-4790-A293-5AB95EF7CD76@iki.fi> References: <20121116141259.GA9371@petole.demisel.net> <7D584D20-225A-4790-A293-5AB95EF7CD76@iki.fi> Message-ID: <20121123070104.GA13525@petole.demisel.net> On Fri, Nov 23, 2012 at 08:18:32AM +0200, Timo Sirainen wrote: > On 16.11.2012, at 16.12, Nicolas KOWALSKI wrote: > > > We have SLES-11 SP2 Xen VMs running dovecot as IMAP proxies. At VMs > > startup, dovecot almost always shows these errors: > > > > Nov 16 14:29:19 server dovecot: master: Dovecot v2.1.10 starting up (core dumps disabled) > > Nov 16 14:29:55 server dovecot: master: Error: service(anvil): Initial status notification not received in 30 seconds, killing the process > > Nov 16 14:29:55 server dovecot: master: Error: service(log): Initial status notification not received in 30 seconds, killing the process > > Nov 16 14:29:55 server dovecot: master: Error: service(ssl-params): Initial status notification not received in 30 seconds, killing the process > > Nov 16 14:29:55 server dovecot: master: Error: service(log): child 3591 killed with signal 9 > > > > As the last line tells, dovecot stops logging information. We have to > > restart the dovecot processes to get back normal behaviour. I also tried > > to set idle_kill values to services definitions, without success. > > You mean this happens when the VM starts up, but if you manually restart it later they don't happen? Yes. > > Is there a way to prevent these errors? > > I wonder if it's because of SLES or something else. We narrowed the problem to another process, started before dovecot, which takes a lot of CPU and disk resources; since we delayed its launch, dovecot starts up happily. However, I am still confused about why dovecot kills itself. Maybe the master process could restart its runaway processes, or the initial status notification delay could be customized? -- Nicolas From tss at iki.fi Fri Nov 23 09:01:30 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 09:01:30 +0200 Subject: [Dovecot] Quotas 2.1clarification In-Reply-To: <CAMD-=VKpQB1Kk7RuGREOqA5jRhzpt__nTNJQYq-_Ca4zKaXqig@mail.gmail.com> References: <CAMD-=VKpQB1Kk7RuGREOqA5jRhzpt__nTNJQYq-_Ca4zKaXqig@mail.gmail.com> Message-ID: <72936630-5A87-4F7A-930E-527A98D9500F@iki.fi> On 15.11.2012, at 6.55, Nick Edwards wrote: > Timo, > > I have much suspicion that our quota system is not working correctly > since we migrate to 2.1 > Currently using 2.1.10 > Previously we had for issue of warnings > > quota_warning = storage=90%% /scripts/dqwarn-90.sh > quota_warning2 = storage=75%% /scripts/dqwarn-75.sh > > worked great, these lines also migrated to new conf upon conversion. > > > But quota conf example shows > > plugin { > #quota_warning = storage=95%% quota-warning 95 %u > #quota_warning2 = storage=80%% quota-warning 80 %u > } > > # Example quota-warning service. The unix listener's permissions should be > # set in a way that mail processes can connect to it. Below example assumes > # that mail processes run as vmail user. If you use mode=0666, all system users > # can generate quota warnings to anyone. > #service quota-warning { > # executable = script /usr/local/bin/quota-warning.sh > # user = dovecot > # unix_listener quota-warning { > # user = vmail > # } > #} > > > So this seems to indicate /scripts/dqwarn-75.sh should be a service > name, which then calls the service quota-warning with that script in > it etc etc etc surely this old 4 line method has not been replaced > into a 20 line mess? Yes, it has been replaced with a more complex setup. The new way is more efficient, safer and "cleaner", even though it's more complex to setup. > Is this old way still functioning as I suspect it is not, and we need > to write up two separate new quota warning services given our warnings > are worded differently, or should the old methods still be working as > they did in 1.2 and we have an error elsewhere? If you want to run two separate scripts you need two separate services. But it would be easier to have just one script (= one service) and give the 75 or 90 as parameter to it. From tss at iki.fi Fri Nov 23 09:07:26 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 09:07:26 +0200 Subject: [Dovecot] shared mailboxes and indexes In-Reply-To: <50A61147.5040201@um.es> References: <50A61147.5040201@um.es> Message-ID: <14BDCFB7-B11E-4D4A-95AD-5BB92085DB91@iki.fi> On 16.11.2012, at 12.11, Angel L. Mateo wrote: > We are deploying shared mailboxes in our mail system. We are running 2.1.9 and mail backend is maildir. > > As described at http://wiki.dovecot.org/SharedMailboxes/Shared when shared namespace is configured as > > namespace shared { > separator = / > prefix = shared/%%u/ > location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u > subscriptions = no > list = children > } > > each user accessing this folder has its own index, stored in ~/Maildir/shared/%%u/<shared mailbox>, hasn't it? Right. > Our mail is store in NFS disks so we are very concerned about indexes optimizations (we had performance problems until we got all of our indexes and nfs tunned). So, is there any way so those indexes could be shared for all users (and they always would be updated). If you don't need per-user flags you can just remove the per-user INDEX. If you want per-user flags and want to share indexes, you need the new INDEXPVT option that exists in v2.2 or as a patch to v2.1: http://dovecot.org/patches/2.1/private-index.diff > Regarding this... if we'd use dbox instead of maildir, indexes are a really important part of the mailbox and they can't be re-constructed when they are outdated. So, how do shared mailboxes work with dbox backend? Do I have to configure indexes in any particular way? INDEXPVT is a requirement with dbox if you want per-user flags. BTW. Do you have multiple Dovecot backend servers? Director works only when you're not using shared mailboxes.. From tss at iki.fi Fri Nov 23 09:11:20 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 09:11:20 +0200 Subject: [Dovecot] whoson plugin for 2.0 In-Reply-To: <50A90729.7000608@tdl.com> References: <50A5B2B2.40409@tdl.com> <50A68BA7.4080500@localhost.localdomain.org> <50A6BC6A.6070504@tdl.com> <50A6CF8A.40202@localhost.localdomain.org> <50A90729.7000608@tdl.com> Message-ID: <BDDD87FF-B556-4002-8E11-83C48B873B10@iki.fi> On 18.11.2012, at 18.04, Chuck Cochems wrote: > On 11/16/2012 4:43 PM, Pascal Volk wrote: >> On 11/16/2012 11:21 PM Chuck Cochems wrote: >>> ? >>> I need to return both the IP and the email address as a string to drop >>> it into the old code. >>> ? >> >> You could check the code of the `doveadm who` command >> <http://wiki2.dovecot.org/Tools/Doveadm/Who>. It shows both, the user >> name and the IP address. > > That's not much better... > > I just want the bare minimum of code to do this. The 1.x code was so simple, and i just want a 2.0 equivalent. is that so wrong? :) WHy the heck did they remove those incredibly useful environment variables anyway? Because a single process can now handle multiple connections with different IPs/usernames. From tss at iki.fi Fri Nov 23 09:15:50 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 09:15:50 +0200 Subject: [Dovecot] doveadm fails with passdb authentication binds (dovecot 2.0.16) In-Reply-To: <1353426869.63536.YahooMailNeo@web171501.mail.ir2.yahoo.com> References: <1353426869.63536.YahooMailNeo@web171501.mail.ir2.yahoo.com> Message-ID: <592ACC86-265E-476F-81B2-E797C0414165@iki.fi> On 20.11.2012, at 17.54, mailing lists wrote: > Hello, > > I'm testing passdb auth binds with dovecot 2.0.16, but for some reason dovedm fails to work with the configuration showed below. The network trace shows the successful bind for the administrative user (uid=mailapp), but nothing for the mail user (uid=user001). > > what am i missing here? > > > # doveadm mailbox list -u user001 > doveadm(user001): Error: user user001: Auth PASS lookup failed > doveadm(user001): Fatal: passdb lookup failed Are you running this on a Dovecot proxy? It looks like doveadm wants to do a passdb lookup to find out which server should handle this user. Passdb lookups don't work with LDAP binding. But if everything else works then I think you simply shouldn't have enabled doveadm proxying. So, set doveadm_proxy_port back to 0? From tss at iki.fi Fri Nov 23 09:20:36 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 09:20:36 +0200 Subject: [Dovecot] v2.1.10: Director director_servers order issue In-Reply-To: <20121120205603.GA1789@lemonhead.scabb> References: <20121120205603.GA1789@lemonhead.scabb> Message-ID: <97ED851C-0E9D-41CF-B898-ABCFC7B9BF55@iki.fi> On 20.11.2012, at 22.56, Bertrand Jacquin wrote: > # ring status on node1 > director ip port type last failed > 10.0.50.50 9090 self never > 10.0.50.51 9090 never > > # ring status on node2 > director ip port type last failed > 10.0.50.50 9090 self never > 10.0.50.51 9090 never > > self is the same on both nodes, and that generate some cases that can > be observed on logs : .. > It seems that first sorted entry in director_servers is considered as > "self". No, Dovecot tries to find the self by bind()ing to all the listed IPs, and assuming that the first one that succeeds is self. Apparently in your system bind() succeeds for non-self IPs as well. Any idea why? I think I recently found out about some nicer way to check if an IP belongs to the local system, but I seem to have forgotten what it was. From tss at iki.fi Fri Nov 23 09:24:08 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 09:24:08 +0200 Subject: [Dovecot] Proxy to join two accounts In-Reply-To: <50ACA9C3.9000004@o2.pl> References: <50ACA9C3.9000004@o2.pl> Message-ID: <832A79D9-D2C7-4A69-8FE0-469724C1D64B@iki.fi> On 21.11.2012, at 12.15, Tomek wrote: > I have server with IMAP on dovecot for user mails and second server on archiveopteryx as mail archive. > > I'm wondering if it's possible to make some sort of proxy to these two servers in way where: > - dovecot server will be main IMAP service with INBOX, etc > - I want archiveopteryx account to be something like shared folder with read only access (no delete, no move, etc) in path ex. /archive/user.name > - this proxy mappings should allow adding few archive accounts to one user (in case of people replacement) > + it will be cool if this mappings could be defined in database so I could write tools to manage archive access for bosses. > > Is such case possible to achieve with dovecot (any howto or example would be very helpful)? If not - do you know any proxy tools that could allow such configuration? You should be able to implement something like that by creating a new namespace with location=imapc: http://wiki2.dovecot.org/HowTo/ImapcProxy and http://wiki2.dovecot.org/Migration/Dsync have some information about the imapc settings. ACLs are a bit more difficult though, since currently there aren't any "default ACLs". From beber at meleeweb.net Fri Nov 23 09:23:35 2012 From: beber at meleeweb.net (Bertrand Jacquin) Date: Fri, 23 Nov 2012 08:23:35 +0100 Subject: [Dovecot] v2.1.10: Director director_servers order issue In-Reply-To: <97ED851C-0E9D-41CF-B898-ABCFC7B9BF55@iki.fi> References: <20121120205603.GA1789@lemonhead.scabb> <97ED851C-0E9D-41CF-B898-ABCFC7B9BF55@iki.fi> Message-ID: <20121123072335.GA15577@lady-voodoo.exosec.local> D'ar gwener 23 a viz Du 2012 e 08 eur 20, ? Timo Sirainen ? he deus skrivet : > On 20.11.2012, at 22.56, Bertrand Jacquin wrote: > > > # ring status on node1 > > director ip port type last failed > > 10.0.50.50 9090 self never > > 10.0.50.51 9090 never > > > > # ring status on node2 > > director ip port type last failed > > 10.0.50.50 9090 self never > > 10.0.50.51 9090 never > > > > self is the same on both nodes, and that generate some cases that can > > be observed on logs : > .. > > It seems that first sorted entry in director_servers is considered as > > "self". > > No, Dovecot tries to find the self by bind()ing to all the listed IPs, and assuming that the first one that succeeds is self. Apparently in your system bind() succeeds for non-self IPs as well. Any idea why? Yes ! I have the following sysctl : net.ipv4.ip_nonlocal_bind = 1 > I think I recently found out about some nicer way to check if an IP belongs to the local system, but I seem to have forgotten what it was. -- Beber -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121123/ce359269/attachment-0002.bin> From beber at meleeweb.net Fri Nov 23 09:29:01 2012 From: beber at meleeweb.net (Bertrand Jacquin) Date: Fri, 23 Nov 2012 08:29:01 +0100 Subject: [Dovecot] v2.1.10: Director director_servers order issue In-Reply-To: <20121123072335.GA15577@lady-voodoo.exosec.local> References: <20121120205603.GA1789@lemonhead.scabb> <97ED851C-0E9D-41CF-B898-ABCFC7B9BF55@iki.fi> <20121123072335.GA15577@lady-voodoo.exosec.local> Message-ID: <20121123072901.GB15577@lady-voodoo.exosec.local> D'ar gwener 23 a viz Du 2012 e 08 eur 23, ? Bertrand Jacquin ? he deus skrivet : > D'ar gwener 23 a viz Du 2012 e 08 eur 20, ? Timo Sirainen ? he deus skrivet : > > On 20.11.2012, at 22.56, Bertrand Jacquin wrote: > > > > > # ring status on node1 > > > director ip port type last failed > > > 10.0.50.50 9090 self never > > > 10.0.50.51 9090 never > > > > > > # ring status on node2 > > > director ip port type last failed > > > 10.0.50.50 9090 self never > > > 10.0.50.51 9090 never > > > > > > self is the same on both nodes, and that generate some cases that can > > > be observed on logs : > > .. > > > It seems that first sorted entry in director_servers is considered as > > > "self". > > > > No, Dovecot tries to find the self by bind()ing to all the listed IPs, and assuming that the first one that succeeds is self. Apparently in your system bind() succeeds for non-self IPs as well. Any idea why? > > Yes ! I have the following sysctl : > > net.ipv4.ip_nonlocal_bind = 1 Anyway, with net.ipv4.ip_nonlocal_bind = 0 it's OK. -- Beber -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121123/35162392/attachment-0002.bin> From koshikov at gmail.com Fri Nov 23 09:46:35 2012 From: koshikov at gmail.com (Nikita Koshikov) Date: Fri, 23 Nov 2012 09:46:35 +0200 Subject: [Dovecot] Default fallback behaviour Message-ID: <CANYsE-wYxa1hf=Z4Kom5pTWoFji_aqMous9Gty_zBNhynnzkAA@mail.gmail.com> Hello list, Here is the problem: I have few: passdb { #1 } passdb { #2 } And relative userdb sections. If user not found in 1) section it fallbacks to next one - it's expected and right, IMHO. But when the user exists in both section and password verification fails on 1) database it successfully authenticated on next one. I think this behaviour should be configured. The main goal of 1) section for this server is to overwrite users in main (section2) database. Maybe I missed something and this option is already in dovecot code and I can't find it ? Or if not - will it be added in the future ? Dovecot version 2.1.10. From timor at o2.pl Fri Nov 23 10:35:09 2012 From: timor at o2.pl (Tomek) Date: Fri, 23 Nov 2012 09:35:09 +0100 Subject: [Dovecot] Proxy to join two accounts In-Reply-To: <832A79D9-D2C7-4A69-8FE0-469724C1D64B@iki.fi> References: <50ACA9C3.9000004@o2.pl> <832A79D9-D2C7-4A69-8FE0-469724C1D64B@iki.fi> Message-ID: <50AF353D.9080507@o2.pl> -------- Original Message -------- Subject: Re: [Dovecot] Proxy to join two accounts From: Timo Sirainen <tss at iki.fi> To: Tomek <timor at o2.pl> Date: 23.11.2012 08:24 > You should be able to implement something like that by creating a new > namespace with location=imapc: > > http://wiki2.dovecot.org/HowTo/ImapcProxy and > http://wiki2.dovecot.org/Migration/Dsync have some information about > the imapc settings. > > ACLs are a bit more difficult though, since currently there aren't > any "default ACLs". Thanks for tip. Will check that. Regards, Tomek. From mathieu at 400iso.net Fri Nov 23 13:13:12 2012 From: mathieu at 400iso.net (Mathieu R.) Date: Fri, 23 Nov 2012 12:13:12 +0100 Subject: [Dovecot] dovecot trying to update my sieve directory Message-ID: <b22a99aa6763ab35204244dfde87db53@400iso.net> Hello, i got an error in maillog, dovecot trying tu update my sieve directory : 2012-11-23T11:01:33.943047+00:00 localhost dovecot: imap(mathieu at 400iso.net): Error: stat(/srv/vmail/400iso.net/mathieu at 400iso.net/.dovecot.sieve/tmp) failed: Not a directory this cause no problem but i probably misconfigured something... here is my dovecot.conf : protocols = imap pop3 sieve mail_home = /srv/vmail/%d/%u mail_location = maildir:~ mail_plugins = $mail_plugins quota ssl_cert = </etc/ssl/private/server.crt ssl_key = </etc/ssl/private/server.key service auth { unix_listener auth-client { group = postfix mode = 0660 user = postfix } user = root } passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } userdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } protocol lda { mail_plugins = $mail_plugins sieve postmaster_address = postmaster at 400iso.net hostname = 400iso.net } managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve # sieve_global_dir = /srv/vmail/sieve/ quota = fs:vm quota quota_rule = *:storage=5G } protocol imap { mail_plugins = $mail_plugins imap_quota } -- Mathieu Rousseau http://400iso.net/ From alessio at skye.it Fri Nov 23 13:20:23 2012 From: alessio at skye.it (Alessio Cecchi) Date: Fri, 23 Nov 2012 12:20:23 +0100 Subject: [Dovecot] Default fallback behaviour In-Reply-To: <CANYsE-wYxa1hf=Z4Kom5pTWoFji_aqMous9Gty_zBNhynnzkAA@mail.gmail.com> References: <CANYsE-wYxa1hf=Z4Kom5pTWoFji_aqMous9Gty_zBNhynnzkAA@mail.gmail.com> Message-ID: <50AF5BF7.1050907@skye.it> Il 23/11/2012 08:46, Nikita Koshikov ha scritto: > Hello list, > > Here is the problem: > I have few: > passdb { > #1 > } > passdb { > #2 > } > And relative userdb sections. If user not found in 1) section it fallbacks > to next one - it's expected and right, IMHO. But when the user exists in > both section and password verification fails on 1) database it successfully > authenticated on next one. I think this behaviour should be configured. The > main goal of 1) section for this server is to overwrite users in main > (section2) database. > > Maybe I missed something and this option is already in dovecot code and I > can't find it ? Or if not - will it be added in the future ? > > Dovecot version 2.1.10. > You can enable this features by adding "deny=yes" in the passdb extra_fields of specific users. You can find more information here: http://wiki2.dovecot.org/AuthDatabase/PasswdFile ot you can use the "auth-deny.conf.ext" example configuration. Ciao -- Alessio Cecchi is: @ ILS -> http://www.linux.it/~alessice/ on LinkedIn -> http://www.linkedin.com/in/alessice Assistenza Sistemi GNU/Linux -> http://www.cecchi.biz/ @ PLUG -> ex-Presidente, adesso senatore a vita, http://www.prato.linux.it From alessio at skye.it Fri Nov 23 13:27:24 2012 From: alessio at skye.it (Alessio Cecchi) Date: Fri, 23 Nov 2012 12:27:24 +0100 Subject: [Dovecot] shared mailboxes and indexes In-Reply-To: <14BDCFB7-B11E-4D4A-95AD-5BB92085DB91@iki.fi> References: <50A61147.5040201@um.es> <14BDCFB7-B11E-4D4A-95AD-5BB92085DB91@iki.fi> Message-ID: <50AF5D9C.7050204@skye.it> Il 23/11/2012 08:07, Timo Sirainen ha scritto: > BTW. Do you have multiple Dovecot backend servers? Director works only > when you're not using shared mailboxes.. I'm not happy to hear that, so if today we are running one dovecot server with shared mailbox enabled and tomorrow we will switch to a more complex installation with Director we will be unable to still provide shared mailbox to our customers? -- Alessio Cecchi is: @ ILS -> http://www.linux.it/~alessice/ on LinkedIn -> http://www.linkedin.com/in/alessice Assistenza Sistemi GNU/Linux -> http://www.cecchi.biz/ @ PLUG -> ex-Presidente, adesso senatore a vita, http://www.prato.linux.it From tss at iki.fi Fri Nov 23 13:32:51 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 13:32:51 +0200 Subject: [Dovecot] shared mailboxes and indexes In-Reply-To: <50AF5D9C.7050204@skye.it> References: <50A61147.5040201@um.es> <14BDCFB7-B11E-4D4A-95AD-5BB92085DB91@iki.fi> <50AF5D9C.7050204@skye.it> Message-ID: <7DEEDB49-0441-4194-911D-6B5E4E5ADCD1@iki.fi> On 23.11.2012, at 13.27, Alessio Cecchi wrote: > Il 23/11/2012 08:07, Timo Sirainen ha scritto: >> BTW. Do you have multiple Dovecot backend servers? Director works only when you're not using shared mailboxes.. > > I'm not happy to hear that, so if today we are running one dovecot server with shared mailbox enabled and tomorrow we will switch to a more complex installation with Director we will be unable to still provide shared mailbox to our customers? You can't reliably do it if the mailboxes are accessed directly via NFS. The current idea to solve this is to use imapc backend with master users, so the actual mailbox access for each user is always done by only one server. I think someone already managed to configure such a setup. From design at 1stwebdesigns.com Fri Nov 23 13:36:06 2012 From: design at 1stwebdesigns.com (1st WebDesigns) Date: Fri, 23 Nov 2012 11:36:06 +0000 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <50AF12A4.7060201@hardwarefreak.com> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> <50A0DA65.9080503@1stwebdesigns.com> <50AE15E8.7050400@hardwarefreak.com> <50AE9880.7040405@1stwebdesigns.com> <50AF12A4.7060201@hardwarefreak.com> Message-ID: <50AF5FA6.5070500@1stwebdesigns.com> On 23/11/2012 06:07, Stan Hoeppner wrote: > On 11/22/2012 3:26 PM, 1st WebDesigns wrote: >> Output of dovecot -n is as follows: >> >> # 1.0.7: /etc/dovecot.conf >> login_dir: /var/run/dovecot/login >> login_executable(default): /usr/libexec/dovecot/imap-login >> login_executable(imap): /usr/libexec/dovecot/imap-login >> login_executable(pop3): /usr/libexec/dovecot/pop3-login >> mail_privileged_group: mail >> mail_location: mbox:~/mail:INBOX=/var/mail/%u >> mbox_lock_timeout: 600 >> mail_executable(default): /usr/libexec/dovecot/imap >> mail_executable(imap): /usr/libexec/dovecot/imap >> mail_executable(pop3): /usr/libexec/dovecot/pop3 >> mail_plugin_dir(default): /usr/lib64/dovecot/imap >> mail_plugin_dir(imap): /usr/lib64/dovecot/imap >> mail_plugin_dir(pop3): /usr/lib64/dovecot/pop3 >> auth default: >> passdb: >> driver: pam >> userdb: >> driver: passwd > > Are your mailboxes on NFS storage? You haven't stated on what storage > your mailboxes reside. NFS complicates locking. If you use an NFS > server, did anything on it change recently, such as an upgrade to RHEL5? No they are not on NFS storage, the mailboxes are stored on the local filesystem. > > I found a thread stating RHEL5 has a bad FCNTL implementation that could > be related to your write lock delay problem. Try using dotlock only for > read and write and see if that helps. It has additional filesystem IO > overhead, but nothing like the many minutes of delay you have now. > > mbox_read_locks = dotlock > mbox_write_locks = dotlock Thank you I will try this. I did read that when using Postfix and Dovecot, both systems should use a matching locking mechanism, which I had already tried. However, I hadn't tried just dotlock, only FCNTL and a combination of FCNTL and dotlock. > >> We upgraded from RedHat 4 to RedHat 5. The problem didn't exist with >> RH4 and an even older version of Dovecot. > > That may be, but you're surely not planning on downgrading back to RHEL4. No, not at all. > >> When emails are stuck in the queue, doing this: > > Dovecot doesn't use queues. It writes directly to the mailbox files. > >> lsof /var/spool/mail/<user> > > These are mailbox files, your user inbox mbox files, not spool files. > Spool implies temporary storage. Don't let "spool" fool you. On > many/most systems /var/spool/mail is a link to /var/mail. Yes that's correct. > >> shows the spool file in use by a pop3 login and the Dovecot deliver >> process. Since changing mbox_lock_timeout from 300 to 600 the pop3 >> process eventually finishes before 600 seconds and the deliver process >> is able to complete. I admit this is masking the problem rather than >> solving it. > > Does the larger timeout value completely eliminate the errors? If so > this may be the best outcome you can get with Dovecot 1.0.7, mbox > storage, on RHEL5, unless a different locking method fixes it. Yes it completely eliminates the errors. If a pop3 connection has the lock, the mail simply sits there and is eventually delivered in (less than) 600 seconds. Whereas before, it would get deferred. When re-delivery was attempted, it's possible that the box would be locked again, and the mail would get deferred again, leading to a delay of several hours on a busy day. > >> As discussed before our version of Dovecot is dated now, however it's >> the version provided by RedHat and the version supported by our support >> company (who aren't doing a great job, hence me posting here). > > It's the version provided by RHEL5. RHEL6.3 has Dovecot 2.0.9. There > are 3rd party 1.2.x RPMs available for RHEL5.x as well as 2.x.x RPMs for > RHEL5.x. > > What "support company"? If you're using RHEL, Red Hat provides the > support. That's the whole reason for "paying for" a Linux distro. What > is preventing you from upgrading to RHEL 6.3, the current release? > Which BTW is behind nearly all other distros WRT package versions. For > instance Debian stable has Dovecot 2.1.7 available in the backports repo. Our server is with Rackspace, and RHEL5 is the OS they offered us as an upgrade path from RHEL4. So they're getting the support from Red Hat and we're getting the support from Rackspace. > From tlx at leuxner.net Fri Nov 23 13:42:42 2012 From: tlx at leuxner.net (Thomas Leuxner) Date: Fri, 23 Nov 2012 12:42:42 +0100 Subject: [Dovecot] dovecot trying to update my sieve directory In-Reply-To: <b22a99aa6763ab35204244dfde87db53@400iso.net> References: <b22a99aa6763ab35204244dfde87db53@400iso.net> Message-ID: <3AD428AF-5913-428C-B328-009EA8F18ADB@leuxner.net> Am 23.11.2012 um 12:13 schrieb "Mathieu R." <mathieu at 400iso.net>: > 2012-11-23T11:01:33.943047+00:00 localhost dovecot: imap(mathieu at 400iso.net): Error: stat(/srv/vmail/400iso.net/mathieu at 400iso.net/.dovecot.sieve/tmp) failed: Not a directory > > mail_home = /srv/vmail/%d/%u > mail_location = maildir:~ This is caused by "blending" the maildir structure with non-maildir files rather than using separate roots, e.g. mail_location = maildir:~/Maildir http://wiki2.dovecot.org/VirtualUsers/Home http://wiki2.dovecot.org/MailLocation/Maildir Regards Thomas -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4364 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121123/ecb0fd93/attachment-0002.bin> From mathieu at 400iso.net Fri Nov 23 13:48:23 2012 From: mathieu at 400iso.net (Mathieu R.) Date: Fri, 23 Nov 2012 12:48:23 +0100 Subject: [Dovecot] dovecot trying to update my sieve directory In-Reply-To: <3AD428AF-5913-428C-B328-009EA8F18ADB@leuxner.net> References: <b22a99aa6763ab35204244dfde87db53@400iso.net> <3AD428AF-5913-428C-B328-009EA8F18ADB@leuxner.net> Message-ID: <b574523db4f6cffa3a039fe991bcaaee@400iso.net> Le 23/11/2012 12:42, Thomas Leuxner a ?crit?: > Am 23.11.2012 um 12:13 schrieb "Mathieu R." <mathieu at 400iso.net>: > >> 2012-11-23T11:01:33.943047+00:00 localhost dovecot: >> imap(mathieu at 400iso.net): Error: >> stat(/srv/vmail/400iso.net/mathieu at 400iso.net/.dovecot.sieve/tmp) >> failed: Not a directory >> > >> mail_home = /srv/vmail/%d/%u >> mail_location = maildir:~ > > > This is caused by "blending" the maildir structure with non-maildir > files rather than using separate roots, e.g. mail_location = > maildir:~/Maildir Thank you. can i safely : - close dovecot - move files to ~Maildir - change the config in docecot.conf - and then restart dovecot ? -- Mathieu Rousseau http://400iso.net/ From kae at midnighthax.com Fri Nov 23 13:54:05 2012 From: kae at midnighthax.com (Keith Edmunds) Date: Fri, 23 Nov 2012 11:54:05 +0000 Subject: [Dovecot] Folder layout after Cyrus to Dovecot migration In-Reply-To: <20121116093329.045f4585@kae.tiger-computing.wbp> References: <20121116093329.045f4585@kae.tiger-computing.wbp> Message-ID: <20121123115405.5224b630@kae.tiger-computing.wbp> Problem: We have some folders (eg, Trash) appearing both as sibling folders to INBOX and as subfolders to INBOX. We want them only to appear at the sibling level. In order to put some folders (Sent, Trash, some others) at a peer level to INBOX, and all other folders under INBOX, we've defined namespaces as follows: -------------------------------------------------------------------------------- mail_location = maildir:/shared/imapmail/users/%u:INBOX=/shared/imapmail/users/%u:LAYOUT=fs namespace private { separator = / prefix = "INBOX/" inbox = yes } namespace private { separator = / prefix = "Trash/" location = maildir:/shared/imapmail/users/%u/Trash:LAYOUT=fs inbox = no } -------------------------------------------------------------------------------- In the file system, the mail_location for each user has all the top-level mail folders plus the cur, tmp and new directories for INBOX, so, for example, there is a directory in mail_location called "Trash". Is there a way to configure Dovecot to show Trash at the top level (as the last namespace definition above does), yet not also show it as a subfolder of INBOX? Thanks, Keith -- We're looking for smart Linux people: http://www.tiger-computing.co.uk/jobs From tlx at leuxner.net Fri Nov 23 13:59:33 2012 From: tlx at leuxner.net (Thomas Leuxner) Date: Fri, 23 Nov 2012 12:59:33 +0100 Subject: [Dovecot] dovecot trying to update my sieve directory In-Reply-To: <b574523db4f6cffa3a039fe991bcaaee@400iso.net> References: <b22a99aa6763ab35204244dfde87db53@400iso.net> <3AD428AF-5913-428C-B328-009EA8F18ADB@leuxner.net> <b574523db4f6cffa3a039fe991bcaaee@400iso.net> Message-ID: <A77F784B-E60B-409B-BAC7-4A51BFA89759@leuxner.net> Am 23.11.2012 um 12:48 schrieb Mathieu R. <mathieu at 400iso.net>: > Thank you. can i safely : > > - close dovecot > - move files to ~Maildir > - change the config in docecot.conf > - and then restart dovecot ? Yes. You are able to move the Maildir structure (cur|new|tmp) like this. Not sure the location is also overridden in your SQL queries. If so, you also need to return the new "home" in the queries. Regards Thomas -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4364 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121123/af5d261d/attachment-0002.bin> From mathieu at 400iso.net Fri Nov 23 14:04:41 2012 From: mathieu at 400iso.net (Mathieu R.) Date: Fri, 23 Nov 2012 13:04:41 +0100 Subject: [Dovecot] dovecot trying to update my sieve directory In-Reply-To: <A77F784B-E60B-409B-BAC7-4A51BFA89759@leuxner.net> References: <b22a99aa6763ab35204244dfde87db53@400iso.net> <3AD428AF-5913-428C-B328-009EA8F18ADB@leuxner.net> <b574523db4f6cffa3a039fe991bcaaee@400iso.net> <A77F784B-E60B-409B-BAC7-4A51BFA89759@leuxner.net> Message-ID: <81793eea7ca3fb8c8822708fc33c3eda@400iso.net> Le 23/11/2012 12:59, Thomas Leuxner a ?crit?: > Am 23.11.2012 um 12:48 schrieb Mathieu R. <mathieu at 400iso.net>: > >> Thank you. can i safely : >> >> - close dovecot >> - move files to ~Maildir >> - change the config in docecot.conf >> - and then restart dovecot ? > > Yes. You are able to move the Maildir structure (cur|new|tmp) like > this. Not sure the location is also overridden in your SQL queries. > If > so, you also need to return the new "home" in the queries. > > Regards > Thomas As i'm very newbie at sql stuff, here is my current dovecot-sql.conf : driver = mysql connect = host=localhost dbname=postfix_db user=postfix_user password=mypass # The new name for MD5 is MD5-CRYPT so you might need to change this depending on version default_pass_scheme = MD5-CRYPT # Get the mailbox user_query = SELECT '/srv/vmail/%d/%u' as home, 'maildir:/srv/vmail/%d/%u' as mail, 5000 AS uid, 5000 AS gid, concat('dirsize:storage=', quota) AS quota FROM mailbox WHERE username = '%u' AND active = '1' # Get the password password_query = SELECT username as user, password, '/srv/vmail/%d/%u' as userdb_home, 'maildir:/srv/vmail/%d/%u' as userdb_mail, 5000 as userdb_uid, 5000 as userdb_gid FROM mailbox WHERE username = '%u' AND active = '1' # If using client certificates for authentication, comment the above and uncomment the following #password_query = SELECT null AS password, '%u' AS user i think i can change it for : driver = mysql connect = host=localhost dbname=postfix_db user=postfix_user password=mypass # The new name for MD5 is MD5-CRYPT so you might need to change this depending on version default_pass_scheme = MD5-CRYPT # Get the mailbox user_query = SELECT '/srv/vmail/%d/%u' as home, 'maildir:/srv/vmail/%d/%u/Maildir' as mail, 5000 AS uid, 5000 AS gid, concat('dirsize:storage=', quota) AS quota FROM mailbox WHERE username = '%u' AND active = '1' # Get the password password_query = SELECT username as user, password, '/srv/vmail/%d/%u' as userdb_home, 'maildir:/srv/vmail/%d/%u/Maildir' as userdb_mail, 5000 as userdb_uid, 5000 as userdb_gid FROM mailbox WHERE username = '%u' AND active = '1' # If using client certificates for authentication, comment the above and uncomment the following #password_query = SELECT null AS password, '%u' AS user maybe can somebody confirm before i mess up everything ? -- Mathieu Rousseau http://400iso.net/ From sven at svenhartge.de Fri Nov 23 17:53:01 2012 From: sven at svenhartge.de (Sven Hartge) Date: Fri, 23 Nov 2012 16:53:01 +0100 Subject: [Dovecot] shared mailboxes and indexes References: <50A61147.5040201@um.es> <14BDCFB7-B11E-4D4A-95AD-5BB92085DB91@iki.fi> <50AF5D9C.7050204@skye.it> <7DEEDB49-0441-4194-911D-6B5E4E5ADCD1@iki.fi> Message-ID: <099qpni2j8v8@mids.svenhartge.de> Timo Sirainen <tss at iki.fi> wrote: > On 23.11.2012, at 13.27, Alessio Cecchi wrote: >> Il 23/11/2012 08:07, Timo Sirainen ha scritto: >>> BTW. Do you have multiple Dovecot backend servers? Director works >>> only when you're not using shared mailboxes.. >> I'm not happy to hear that, so if today we are running one dovecot >> server with shared mailbox enabled and tomorrow we will switch to a >> more complex installation with Director we will be unable to still >> provide shared mailbox to our customers? > You can't reliably do it if the mailboxes are accessed directly via > NFS. The current idea to solve this is to use imapc backend with > master users, so the actual mailbox access for each user is always > done by only one server. I think someone already managed to configure > such a setup. This was me. It works (with one minor quirk, more on this later) in my current test setup like so: a) 1 to X user-servers with the users mailboxes on them b) 1 shared-server with the shared mailboxes on them On the user-servers I have namespace like this: namespace { list = yes location = imapc:~/imapc-shared prefix = IMAPShared/ separator = / subscriptions = no type = public } and a userdb like this: userdb { args = /etc/dovecot/dovecot-ldap.conf.ext default_fields = uid=virtmail gid=virtmail home=/srv/mail/%2MLn/%Ln/ imapc_password=%w quota_rule2=Trash:ignore driver = ldap } Note the "imapc_password=%w" in the default_fields. This is needed to pass the users login-password to the shared-server. The imapc proxy code is configured like this: imapc_host = m-st-sh-01.example.com imapc_master_user = %u imapc_user = shared This uses the original user as the master-user and a fixed user with the original users password to login into the shared-server. Note: You CANNOT have ACLs activated on the users-servers, because this will interfere with the permissions of ht IMAPShared namespace, rendering the mailboxes located in there unavailable for your users. The shared-storage then uses a static passdb for the user "shared": passdb { args = user=shared password=complicatedpasswordhere driver = static } and a static userdb for the virtual-user: userdb { args = uid=virtmail gid=virtmail home=/srv/mail/%Ln driver = static } and additional a passdb for the "master" users: passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap master = yes pass = yes } which are pulled from LDAP, just like on the user-servers. Now the mentioned quirk: Because all connections on the shared-server are made to the same user "shared" and are coming from very few IPs (the 1 to X user-servers), you need to set a very high mail_max_userip_connections value. I set mine to 1000 just to be sure. ---> But: I have NOT configured login_trusted_networks, so this may be my error in that case. And, a second quirk: You can only offer admin-provided shared folders, your users CANNOT share folders themselves, because there is quite some manual work involved in creating and setting them up on the central shared-server. For example: To provide a Mailbox with the Name "Test.3" in IMAPShared I need the following directory structure on m-st-sh-01.example.com: /srv/mail/shared/mdbox/mailboxes/Test.3/ In .../Test.3/ there is the dbox-Mails folder with the indexes and other meta information. The admin needs to create the dovecot-acl file to configure the access permissions: root at m-st-sh-01:/srv/mail/shared/mdbox/mailboxes/Test.3/dbox-Mails# cat dovecot-acl user=gbgr14 lrwstipek user=bbgr99 lrwstipek The users are then able to see those folders as IMAPShared/Test.3/, subscriptions are managed inside the users own subscription file on their respective "home" server, while flages and tags are shared. Gr??e, Sven. -- Sigmentation fault. Core dumped. From stan at hardwarefreak.com Fri Nov 23 22:59:31 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Fri, 23 Nov 2012 14:59:31 -0600 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <50AF5FA6.5070500@1stwebdesigns.com> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> <50A0DA65.9080503@1stwebdesigns.com> <50AE15E8.7050400@hardwarefreak.com> <50AE9880.7040405@1stwebdesigns.com> <50AF12A4.7060201@hardwarefreak.com> <50AF5FA6.5070500@1stwebdesigns.com> Message-ID: <50AFE3B3.2020408@hardwarefreak.com> On 11/23/2012 5:36 AM, 1st WebDesigns wrote: > No they are not on NFS storage, the mailboxes are stored on the local > filesystem. Ok, good. > Thank you I will try this. I did read that when using Postfix and > Dovecot, both systems should use a matching locking mechanism, which I > had already tried. However, I hadn't tried just dotlock, only FCNTL and > a combination of FCNTL and dotlock. Since you're now using Dovecot LDA the locking mech may not make much if any difference, but it's worth trying. > Yes it completely eliminates the errors. If a pop3 connection has the > lock, the mail simply sits there and is eventually delivered in (less > than) 600 seconds. Whereas before, it would get deferred. When > re-delivery was attempted, it's possible that the box would be locked > again, and the mail would get deferred again, leading to a delay of > several hours on a busy day. So this is a step in the right direction. But still far less than optimal. The read/write lock contention on mbox is unnecessarily eating up system resources (mainly memory), and causing unnecessary delivery delays to the mailbox. You should really start looking at migrating to maildir. It's not that difficult (though maybe more so with 1.0.7) if you don't have a ton of mailboxes, and especially with POP since the mailboxes typically wont be holding much mail to migrate. How many do you have? > Our server is with Rackspace, and RHEL5 is the OS they offered us as an > upgrade path from RHEL4. So they're getting the support from Red Hat > and we're getting the support from Rackspace. The plot thickens again. You're using a rented server. Sigh... This entire thread could have been greatly shortened, saving all of us much time, if you'd have given all these details up front. Is this a cloud server (shared host), or a dedicated server? FWIW, you don't have RHEL5, but CentOS 5. Hosting companies don't pay for RHEL licenses for 10s of thousands of hosts. I have a few salient recommendations for you: 1. Migrate to maildir. It is far more appropriate for a POP workload. 2. Switch to a hosting provider that offers much more recent software. 3. Or, get a colo server so you can use whatever software you wish. Finally, if this email service you're providing isn't all that critical to you or your organization, simply prod along as you have been, fighting these problems frequently along the way. -- Stan From doctor at doctor.nl2k.ab.ca Sat Nov 24 04:49:54 2012 From: doctor at doctor.nl2k.ab.ca (The Doctor) Date: Fri, 23 Nov 2012 19:49:54 -0700 Subject: [Dovecot] SSL certificates Message-ID: <20121124024954.GC1824@doctor.nl2k.ab.ca> Who is the best CA Certificate provider for Dovecot? -- Member - Liberal International This is doctor at nl2k.ab.ca Ici doctor at nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Merry Christmas 2012 and Happy New Year 2013 -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From sven at svenhartge.de Sat Nov 24 05:03:40 2012 From: sven at svenhartge.de (Sven Hartge) Date: Sat, 24 Nov 2012 04:03:40 +0100 Subject: [Dovecot] SSL certificates References: <20121124024954.GC1824@doctor.nl2k.ab.ca> Message-ID: <499s2bh2j8v8@mids.svenhartge.de> The Doctor <doctor at doctor.nl2k.ab.ca> wrote: > Who is the best CA Certificate provider for Dovecot? What do you mean by "best"? Gr??e, Sven. -- Sigmentation fault. Core dumped. From noel.butler at ausics.net Sat Nov 24 07:57:33 2012 From: noel.butler at ausics.net (Noel Butler) Date: Sat, 24 Nov 2012 15:57:33 +1000 Subject: [Dovecot] SSL certificates In-Reply-To: <20121124024954.GC1824@doctor.nl2k.ab.ca> References: <20121124024954.GC1824@doctor.nl2k.ab.ca> Message-ID: <1353736653.15992.22.camel@tardis> On Fri, 2012-11-23 at 19:49 -0700, The Doctor wrote: > Who is the best CA Certificate provider for Dovecot? > Anyone but verisign, dont get me started on them :) Now that Thawte are no longer owned by those criminals, I highly recommend them for certs for web sites. But if its just for mail/webmail and you dont need the large insurance protections, then look at the cheaper/free startcom certs, I use them on my private domains for mail certs and webmail - very pleasant and easy to deal with. -------------- next part -------------- A non-text attachment was scrubbed... Name: face-smile.png Type: image/png Size: 873 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121124/577b0679/attachment-0002.png> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20121124/577b0679/attachment-0002.bin> From johnsone at usc.edu Sat Nov 24 10:16:10 2012 From: johnsone at usc.edu (Erik A Johnson) Date: Sat, 24 Nov 2012 00:16:10 -0800 Subject: [Dovecot] imap-login hanging when firewall blocks ssl handshaking In-Reply-To: <8EDD59BD-AC4B-442F-B148-285BC368B49B@iki.fi> References: <B7D3B051-AEFD-42CD-87DC-60764AF401D4@usc.edu> <8EDD59BD-AC4B-442F-B148-285BC368B49B@iki.fi> Message-ID: <AED7EBF0-A31F-4171-88DC-F07463A9E0B1@usc.edu> Thanks, Timo. Nope, still an infinite loop. Anything I can try using gdb to trace? On Nov 22, 2012, at 10:52 PM, Timo Sirainen <tss at iki.fi> wrote: > On 10.11.2012, at 12.44, Erik A Johnson wrote: > >> imap-login processes are hanging (using 100% of CPU) when connected from a client that is partially blocked by a firewall. It appears that imap-login is stuck in a loop trying to complete an ssl handshake. imap-login is working fine for other clients not blocked by the firewall (including localhost). >> >> This is dovecot 2.1.10 under Mac OS X 10.8.2 (compiled from sources); the firewall is Little Snitch 3.0.1 blocking port 993, which appears to let the connection initiate but then squashes and disconnects the socket during ssl handshaking. >> >> gdb backtrace and Activity Monitor's "Sample Process" show that imap-login is stuck calling ioloop-kqueue's io_loop_handler_run -> io_loop_call_io -> ssl_step repeatedly; dtruss shows that it is repeatedly making system calls to kevent and read, the latter returning -1 with errno 57=ENOTCONN="Socket is not connected". (I also tried ./configure --with-ioloop=poll and --with-iopoll=select instead of the default best = kqueue but the results were the same; --with-iopoll=epoll didn't work because epoll is not available on this machine.) The client, initiated by the command "openssl s_client -connect SERVER:993", first responds "CONNECTED(00000003)" but then immediately the error "60278:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:/SourceCache/OpenSSL098/OpenSSL098-44/src/ssl/s23_lib.c:182:". The infinite loop is in src/lib/ioloop.c in the function "io_loop_run" where the statement "while (ioloop->running) io_loop_handler_run(ioloop)" is executed. > > I wonder if this fixes it? http://hg.dovecot.org/dovecot-2.1/rev/e95479f439aa > From stephan at rename-it.nl Sun Nov 25 11:30:39 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Sun, 25 Nov 2012 10:30:39 +0100 Subject: [Dovecot] sieve-extprograms strips Return-Path headers In-Reply-To: <20121113145732.GB40206@anubis.morrow.me.uk> References: <20121113145732.GB40206@anubis.morrow.me.uk> Message-ID: <50B1E53F.7030801@rename-it.nl> Hi Ben, On 11/13/2012 3:57 PM, Ben Morrow wrote: > The sieve-extprograms extension strips Return-Path headers before > passing mail off to the external program. The patch to remove this > behavious is trivial (and attached), but since it appears to be > deliberate I felt I should investigate further. > > I believe this is basically a cut-and-paste error. The code to strip > Return-Path has been there since the sieve-pipe plugin for Dovecot 1.x, > and I believe it was copied from the equivalent code in the 'redirect' > action for passing mail off to sendmail(8). In that case, stripping > Return-Path is correct, since the message is being resubmitted for > delivery (by SMTP or otherwise), and the last step of the new delivery > will (should) add a new Return-Path header with the new envelope > information. In the case of sieve-extprograms, though, the filtering is > happening post-delivery, so a stripped Return-Path will never be > replaced. Yeah, you are right. Applied: http://hg.rename-it.nl/pigeonhole-0.3-sieve-extprograms/rev/3bd6ed27ae26 Regards, Stephan. From dave at morsberger.com Mon Nov 26 08:41:46 2012 From: dave at morsberger.com (David Morsberger) Date: Mon, 26 Nov 2012 01:41:46 -0500 Subject: [Dovecot] Missing Messages on IOS device Message-ID: <BD8E6193-6542-4A53-B6A9-E41F3CDF70F5@morsberger.com> I just converted my old server running UW/Panda to a Mac Mini Server running Mountain Lion (ML) Server. I'm using the postfix / dovecot setup provided by Apple. My IMAP clients are not showing all my emails. The Mail App on my iPhone and iPad is behaving the worse. I can see the emails that are not showing up in the cur directory. The ML Mail App is stating there are 3854 emails in my INBOX. There are 3948 files in the 'cur' directory ('ls cur | wc -l' returns 3948). Other mailboxes and directories have the same behavior. I'm not sure what to expect here. My method of conversion was to bulk copy (drag and drop) all the messages from one the UW server to the Dovecot server using the Apple Desktop Mail App in Mountain Lion. Any idea why these messages are not showing up on my devices and how I can get them to show up? bash-3.2# /Applications/Server.app/Contents/ServerRoot/usr/sbin/dovecotd --version 2.0.19apple1 bash-3.2# /Applications/Server.app/Contents/ServerRoot/usr/sbin/dovecotd -n # 2.0.19apple1: /Library/Server/Mail/Config/dovecot/dovecot.conf # OS: Darwin 12.2.1 x86_64 hfs aps_topic = com.apple.mail.XServer.fc3bb7c3-c8ef-4fe2-aff3-95ecd927fb11 auth_mechanisms = cram-md5 x-plain-submit plain login apop digest-md5 auth_socket_path = /var/run/dovecot/auth-userdb auth_username_format = %n default_internal_user = _dovecot default_login_user = _dovenull disable_plaintext_auth = no first_valid_gid = 6 first_valid_uid = 6 mail_access_groups = mail mail_location = maildir:/Library/Server/Mail/Data/mail/%u mail_log_prefix = "%s(pid %p user %u): " mail_plugins = quota zlib fts fts_sk managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mdbox_rotate_size = 200 M passdb { args = /Library/Server/Mail/Config/dovecot/submit.passdb driver = passwd-file pass = yes submit = yes } passdb { driver = od } plugin { fts = sk quota = maildir:User quota quota_warning = storage=100%% quota-exceeded %u sieve = /Library/Server/Mail/Data/rules/%u/dovecot.sieve sieve_dir = /Library/Server/Mail/Data/rules/%u } postmaster_address = postmaster at mini.mmpcrofton.com protocols = imap pop3 lmtp sieve quota_full_tempfail = yes service auth { extra_groups = _keytabusers idle_kill = 15 mins unix_listener auth-userdb { user = _dovecot } } service dns_client { unix_listener dns-client { mode = 0600 } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } service_count = 0 } service imap { client_limit = 5 process_limit = 200 service_count = 0 } service lmtp { unix_listener lmtp { mode = 0600 } } service managesieve-login { inet_listener sieve { port = 4190 } } service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } } service pop3 { client_limit = 5 process_limit = 200 service_count = 0 } service quota-exceeded { executable = script /Applications/Server.app/Contents/ServerRoot/usr/libexec/dovecot/quota-exceeded.sh unix_listener quota-exceeded { group = mail mode = 0660 user = _dovecot } user = _dovecot } service quota-warning { executable = script /Applications/Server.app/Contents/ServerRoot/usr/libexec/dovecot/quota-warning.sh unix_listener quota-warning { group = mail mode = 0660 user = _dovecot } user = _dovecot } ssl_ca = </etc/certificates/*.chain.pem ssl_cert = </etc/certificates/*.cert.pem ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL:!ADH:!eNULL ssl_key = </etc/certificates/*.key.pem ssl_key_path = /etc/certificates/*.key.pem syslog_facility = local6 userdb { args = partition=/Library/Server/Mail/Config/dovecot/partition_map.conf enforce_quotas=no driver = od } verbose_proctitle = yes protocol lmtp { mail_plugins = quota zlib fts fts_sk sieve push_notify } protocol lda { mail_plugins = quota zlib fts fts_sk sieve push_notify } protocol imap { imap_id_log = * imap_id_send = "name" * "version" * mail_max_userip_connections = 20 mail_plugins = quota zlib fts fts_sk imap_quota imap_zlib imap_fts urlauth } protocol pop3 { mail_max_userip_connections = 6 } From koshikov at gmail.com Mon Nov 26 08:53:26 2012 From: koshikov at gmail.com (Nikita Koshikov) Date: Mon, 26 Nov 2012 08:53:26 +0200 Subject: [Dovecot] Default fallback behaviour In-Reply-To: <50AF5BF7.1050907@skye.it> References: <CANYsE-wYxa1hf=Z4Kom5pTWoFji_aqMous9Gty_zBNhynnzkAA@mail.gmail.com> <50AF5BF7.1050907@skye.it> Message-ID: <20121126085326.4e12dbfc@EBook.agromat.intranet> On Fri, 23 Nov 2012 12:20:23 +0100 Alessio Cecchi wrote: > Il 23/11/2012 08:46, Nikita Koshikov ha scritto: > > Hello list, > > > > Here is the problem: > > I have few: > > passdb { > > #1 > > } > > passdb { > > #2 > > } > > And relative userdb sections. If user not found in 1) section it fallbacks > > to next one - it's expected and right, IMHO. But when the user exists in > > both section and password verification fails on 1) database it successfully > > authenticated on next one. I think this behaviour should be configured. The > > main goal of 1) section for this server is to overwrite users in main > > (section2) database. > > > > Maybe I missed something and this option is already in dovecot code and I > > can't find it ? Or if not - will it be added in the future ? > > > > Dovecot version 2.1.10. > > > > You can enable this features by adding "deny=yes" in the passdb > extra_fields of specific users. > > You can find more information here: > http://wiki2.dovecot.org/AuthDatabase/PasswdFile ot you can use the > "auth-deny.conf.ext" example configuration. > > Ciao Maybe I was not so clear - but this is not what I'm searching for. deny=yes will deny user in corresponding database - I want - allow user to login, if and only if, users password matches and if it fail(in current passdb) - not trying next passdb for checking his password, even if user exists in the next database. From amateo at um.es Mon Nov 26 10:20:27 2012 From: amateo at um.es (Angel L. Mateo) Date: Mon, 26 Nov 2012 09:20:27 +0100 Subject: [Dovecot] shared mailboxes and indexes In-Reply-To: <14BDCFB7-B11E-4D4A-95AD-5BB92085DB91@iki.fi> References: <50A61147.5040201@um.es> <14BDCFB7-B11E-4D4A-95AD-5BB92085DB91@iki.fi> Message-ID: <50B3264B.4080508@um.es> El 23/11/12 08:07, Timo Sirainen escribi?: > On 16.11.2012, at 12.11, Angel L. Mateo wrote: > >> We are deploying shared mailboxes in our mail system. We are running 2.1.9 and mail backend is maildir. >> >> As described at http://wiki.dovecot.org/SharedMailboxes/Shared when shared namespace is configured as >> >> namespace shared { >> separator = / >> prefix = shared/%%u/ >> location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u >> subscriptions = no >> list = children >> } >> >> each user accessing this folder has its own index, stored in ~/Maildir/shared/%%u/<shared mailbox>, hasn't it? > > Right. > >> Our mail is store in NFS disks so we are very concerned about indexes optimizations (we had performance problems until we got all of our indexes and nfs tunned). So, is there any way so those indexes could be shared for all users (and they always would be updated). > > If you don't need per-user flags you can just remove the per-user INDEX. If you want per-user flags and want to share indexes, you need the new INDEXPVT option that exists in v2.2 or as a patch to v2.1: http://dovecot.org/patches/2.1/private-index.diff > >> Regarding this... if we'd use dbox instead of maildir, indexes are a really important part of the mailbox and they can't be re-constructed when they are outdated. So, how do shared mailboxes work with dbox backend? Do I have to configure indexes in any particular way? > > INDEXPVT is a requirement with dbox if you want per-user flags. > > BTW. Do you have multiple Dovecot backend servers? Director works only when you're not using shared mailboxes.. > Oh... sad to read this. I have multiple backend server behind a director one. -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n y las Comunicaciones Aplicadas (ATICA) http://www.um.es/atica Tfo: 868889150 Fax: 868888337 From listas.correo at yahoo.es Mon Nov 26 11:58:54 2012 From: listas.correo at yahoo.es (mailing lists) Date: Mon, 26 Nov 2012 09:58:54 +0000 (GMT) Subject: [Dovecot] doveadm fails with passdb authentication binds (dovecot 2.0.16) In-Reply-To: <50AF6C36.3000500@eservicios.indra.es> References: <1353426869.63536.YahooMailNeo@web171501.mail.ir2.yahoo.com> <592ACC86-265E-476F-81B2-E797C0414165@iki.fi> <50AF6C36.3000500@eservicios.indra.es> Message-ID: <1353923934.14376.YahooMailNeo@web171506.mail.ir2.yahoo.com> Hello, >> # doveadm mailbox list -u user001 >> doveadm(user001): Error: user user001: Auth PASS lookup failed >> doveadm(user001): Fatal: passdb lookup failed > Are you running this on a Dovecot proxy? It looks like doveadm wants to do a passdb lookup to find out which server should handle this user. Passdb lookups don't work with LDAP binding. But if everything else works then I think you simply shouldn't have enabled doveadm proxying. So, set doveadm_proxy_port back to 0? thank you Timo, setting doveadm_proxy_port to 0 did the trick. From trusktr at gmail.com Mon Nov 26 12:59:27 2012 From: trusktr at gmail.com (/#!/JoePea) Date: Mon, 26 Nov 2012 02:59:27 -0800 Subject: [Dovecot] Dovecot sieve with postfix. In-Reply-To: <20121119164753.GK94077@anubis.morrow.me.uk> References: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> <20121119164753.GK94077@anubis.morrow.me.uk> Message-ID: <CAKU1PAUj2gR5PGqWK8TZEOCQn3tYDgE69NrFWbB5bmL=y56qYw@mail.gmail.com> Hi, thanks for the reply. I'm new to all this. How can I tell if postfix is deferring messages, or if it thinks they've been delieverd? Where is the postfix log? How do I feed a message to dovecot-lda manually, as mailman? How do I use LMTP instead of LDA? */#!/*JoePea On Mon, Nov 19, 2012 at 8:47 AM, Ben Morrow <ben at morrow.me.uk> wrote: > At 6AM -0800 on 19/11/12 you (/#!/JoePea) wrote: > > > > I can't get dovecot working with postfix. If I leave virtual_transport > set > > to "virtual", I can send and receive messages just fine in roundcube. If > I > > set virtual_transport to "dovecot", I can only send messages in > roundcube, > > but incoming messages never arrive. Seems I can't get dovecot-lda to > work. > > I need dovecot-lda in order for sieve filters to work. > > > > Any idea what I'm doing wrong? > > > > Here's `doveconf -n`: > > http://pastie.org/5401133 > > > > `postconf -n`: > > http://pastie.org/5401157 > > > > and `postconf -M`: > > http://pastie.org/5401177 > > The only obvious thing I can see wrong there is that you have > > mail_plugins = " sieve" > > in dovecot.conf, which should be > > mail_plugins = sieve > > but I don't know that that would prevent delivery. > > Is Postfix deferring the message, or does it think it's been delivered? > What do you see in your logs when a message is delivered (since you've > redirected Dovecot away from syslog, you'd need to look at both > Postfix's and Dovecot's logs)? > > What happens if you feed a message to dovecot-lda manually, as > 'mailman'? Check the exitcode of lda and the logs, as well as seeing if > the message was delivered. > > Since you've set up a dedicated transport for Dovecot, it would probably > be worth using LMTP instead of the LDA. It should be more efficient, and > since you're only using a single virtual user you can tell dovecot to > run the LMTP server as 'mailman' instead of root. > > Ben > > From trusktr at gmail.com Mon Nov 26 13:00:31 2012 From: trusktr at gmail.com (/#!/JoePea) Date: Mon, 26 Nov 2012 03:00:31 -0800 Subject: [Dovecot] Dovecot sieve with postfix. In-Reply-To: <50AA66A5.4050702@fi4it.de> References: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> <50AA66A5.4050702@fi4it.de> Message-ID: <CAKU1PAXDX=YGSuD=-D_aUbJ59HrN96MUidhVHuhRk6H40xKa2A@mail.gmail.com> Hi, I tried changing dovecot-lda to deliver in master.cf and also added the acl plugin to the lda protocol like yours. It still won't work though. */#!/*JoePea On Mon, Nov 19, 2012 at 9:04 AM, Fi4IT - Daniel Fischer <dfischer at fi4it.de>wrote: > Hello Joe, > > i use this: > main.cf > virtual_transport = dovecot > > master.cf > dovecot unix - n n - - pipe > flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} > -d ${recipient} > > /etc/dovecot/conf.d/15-lda.**conf > protocol lda { > log_path = /var/log/sieve.log > mail_plugins = acl sieve > } > > and that works fine with my tested clients (tb,outlook,roundcube) > > daniel > > Am 19.11.2012 15:17, schrieb /#!/JoePea: > >> Hi all, >> >> I can't get dovecot working with postfix. If I leave virtual_transport set >> to "virtual", I can send and receive messages just fine in roundcube. If I >> set virtual_transport to "dovecot", I can only send messages in roundcube, >> but incoming messages never arrive. Seems I can't get dovecot-lda to work. >> I need dovecot-lda in order for sieve filters to work. >> >> Any idea what I'm doing wrong? >> >> Here's `doveconf -n`: >> http://pastie.org/5401133 >> >> `postconf -n`: >> http://pastie.org/5401157 >> >> and `postconf -M`: >> http://pastie.org/5401177 >> >> Note: All I have to do is change virtual_transport = dovecot to >> virtual_transport >> = virtual and all will be fine, except for that I won't have sieve >> filtering which is what I really want. >> >> */#!/*JoePea >> >> > > -- > > Fischer Daniel > FI4IT - that's it > Messerschmittstrasse 17 > 89231 Neu Ulm > > Email: dfischer at fi4it.de > Web: www.fi4it.de > Telefon: 073180019370 > Fax: 073180019375 > Mobil: 01729230731 > > From ben at morrow.me.uk Mon Nov 26 13:52:36 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Mon, 26 Nov 2012 11:52:36 +0000 Subject: [Dovecot] Dovecot sieve with postfix. In-Reply-To: <CAKU1PAUj2gR5PGqWK8TZEOCQn3tYDgE69NrFWbB5bmL=y56qYw@mail.gmail.com> References: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> <20121119164753.GK94077@anubis.morrow.me.uk> <CAKU1PAUj2gR5PGqWK8TZEOCQn3tYDgE69NrFWbB5bmL=y56qYw@mail.gmail.com> Message-ID: <20121126115235.GC76138@anubis.morrow.me.uk> At 2AM -0800 on 26/11/12 you (/#!/JoePea) wrote: > Hi, thanks for the reply. I'm new to all this. How can I tell if postfix is > deferring messages, or if it thinks they've been delieverd? Where is the > postfix log? You can tell if a message is still in the queue with 'mailq'. You can find out why by reading the log. If messages are being deferred they will eventually start bouncing, once Postfix decides they've spent too long in the queue. Postfix normally logs through the 'mail' facility of syslog. > How do I feed a message to dovecot-lda manually, as mailman? Something along the lines of sudo -u mailman /usr/lib/dovecot/dovecot-lda -f some at user -d some at user </some/mail/message as root should work, depending on your sudo setup. Otherwise you will need to use su, which can be more awkward. > How do I use LMTP instead of LDA? Read the wiki for the Dovecot end, and use virtual_transport = lmtp:unix:/path/to/lmtp/socket on the Postfix end. You will want to test the LMTP server is working manually (with nc -U or something) before trying to get Postfix to deliver to it. Ben From minfrin at sharp.fm Mon Nov 26 16:24:38 2012 From: minfrin at sharp.fm (Graham Leggett) Date: Mon, 26 Nov 2012 16:24:38 +0200 Subject: [Dovecot] IMAP proxy - can it detect parodying to itself? Message-ID: <E7B0E47F-FA5E-40F7-A4E7-7AB6565D73FC@sharp.fm> Hi all, I have some IMAP servers fronted with separate perdition processes, and it would be ideal if I could collapse this down to having dovecot do both the IMAP proxying and the IMAP serving at the same time on the same IP addresses. One of the fields in my LDAP entries contains the canonical name of the server that hosts their mailbox, and if I follow the manual at http://wiki2.dovecot.org/PasswordDatabase/ExtraFields#LDAP I could add the host field to enable proxying. My question is whether dovecot has the ability to notice whether dovecot is being asked to proxy to itself, in other words the value of "host" is the current dovecot server, and when this happens, ignore the proxy and just be a straight IMAP server, because the user has connected to the right box already. Is this possible? Regards, Graham -- -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4365 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121126/b718e8e0/attachment-0002.bin> From minfrin at sharp.fm Mon Nov 26 16:26:52 2012 From: minfrin at sharp.fm (Graham Leggett) Date: Mon, 26 Nov 2012 16:26:52 +0200 Subject: [Dovecot] IMAP proxy - can it detect parodying to itself? In-Reply-To: <E7B0E47F-FA5E-40F7-A4E7-7AB6565D73FC@sharp.fm> References: <E7B0E47F-FA5E-40F7-A4E7-7AB6565D73FC@sharp.fm> Message-ID: <064C6DB5-565C-4EE0-92D0-09921DE893FE@sharp.fm> On 26 Nov 2012, at 4:24 PM, Graham Leggett <minfrin at sharp.fm> wrote: > I have some IMAP servers fronted with separate perdition processes, and it would be ideal if I could collapse this down to having dovecot do both the IMAP proxying and the IMAP serving at the same time on the same IP addresses. A heartfelt thanks to Apple Autocorrect for changing "parodying", oops, I meant "parodying", aargh, I meant "p r o x y i n g", to parodying in the subject of this message. Regards, Graham -- -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4365 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121126/0bb4985e/attachment-0002.bin> From ben at morrow.me.uk Mon Nov 26 18:02:40 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Mon, 26 Nov 2012 16:02:40 +0000 Subject: [Dovecot] IMAP proxy - can it detect parodying to itself? In-Reply-To: <E7B0E47F-FA5E-40F7-A4E7-7AB6565D73FC@sharp.fm> References: <E7B0E47F-FA5E-40F7-A4E7-7AB6565D73FC@sharp.fm> Message-ID: <20121126160239.GD76138@anubis.morrow.me.uk> At 4PM +0200 on 26/11/12 you (Graham Leggett) wrote: > Hi all, > > I have some IMAP servers fronted with separate perdition processes, > and it would be ideal if I could collapse this down to having dovecot > do both the IMAP proxying and the IMAP serving at the same time on the > same IP addresses. > > One of the fields in my LDAP entries contains the canonical name of > the server that hosts their mailbox, and if I follow the manual at > http://wiki2.dovecot.org/PasswordDatabase/ExtraFields#LDAP I could add > the host field to enable proxying. You also need the 'proxy' or 'proxy_maybe' field, which is a boolean (the field just needs to be present). If you just configure 'host' you will get login referrals, which is not what you want. > My question is whether dovecot has the ability to notice whether > dovecot is being asked to proxy to itself, in other words the value of > "host" is the current dovecot server, and when this happens, ignore > the proxy and just be a straight IMAP server, because the user has > connected to the right box already. This is what happens if you use 'proxy_maybe' instead of 'proxy'. Ben From skdovecot at smail.inf.fh-brs.de Mon Nov 26 18:07:37 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Mon, 26 Nov 2012 17:07:37 +0100 (CET) Subject: [Dovecot] lmtp_rcpt_check_quota working somewhere? Message-ID: <alpine.DEB.2.02.1211261658550.3077@pc-2m63nn> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, I'm running Dovecot v2.1 and enabled the lmtp_rcpt_check_quota option in conf.d/20-lmtp.conf, because I just found it in the sample config. Is this option working somewhere? When I have the option enabled, I get _no_ response in the RCPT TO phase, if the user is under quota. If I go on and enter the DATA keyword eventually, I get "554 5.5.1 No valid recipients", so it looks like, the user is really ignored at all. For an user over quota, I get: 552 5.2.2 <user> Quota exceeded (mailbox for user is full) Without lmtp_rcpt_check_quota LMTP works fine. For the user over quota I get the error after DATA phase, the user under quota gets the message delivered. Regards, - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBULOTyWoxLS8a3A9mAQITfggAoC0ujUXE53ePUEsTUHXlL2S0/hQCdAgA ppZnUPv9Gjh2oZjjrOmPa+zYVnd+6xK9m58bV4b7FPC+uz1otaS205WMIeZCuy5l kTtCpNpxxNfsUDzMM8zrRf+AZODAwUzwx7yknGdpXtezIGYg7kTKIXxs3KShgI3i ML/kbj4j+YkpdR0wUnZCIVM7MBukAJ3rhSqvfcY0ekZo8+ownqVjCE1PLhFy6oGE OsN8qY272nuvY9dLjflUjOKsvPVnviIu0kgRAZEsqPPp27Jp4GMsSpqqdAhjgbzH D8n9AnxVc6KYhq8qVpsWBCNy3/CwERsadZcRnl/4zcZmq19VsLLZMQ== =Nyqj -----END PGP SIGNATURE----- From cfowler at scss.tcd.ie Mon Nov 26 19:31:00 2012 From: cfowler at scss.tcd.ie (cfowler) Date: Mon, 26 Nov 2012 17:31:00 +0000 Subject: [Dovecot] Vacation messages come from POSTMASTER, not user Message-ID: <1ae8ff5c569ca991558585c3071131c2@scss.tcd.ie> Problem : All vacation autoreplies come from the postmaster address. Expected behavior : vacation notice comes from the user who set the vacation. Platform : Dovecot 2.1.7 on Debian Squeeze ( See below for example reply, sieve script and dovecot -n output) Any help appreciated! ---------------------------------------------------------------------------------------- Sieve script used: if true { vacation :days 2 :subject "Out of Office" "I am currently out of the office"; stop; } ---------------------------------------------------------------------------------------- Return-Path: <> X-Original-To: teststff at mydomain.com Delivered-To: teststff at mydomain.com Received: from localhost (localhost [127.0.0.1]) by quicksilver.mydomain.com (Postfix) with ESMTP id 12591BE16 for <teststff at mydomain.com>; Mon, 26 Nov 2012 16:54:16 +0000 (GMT) X-Virus-Scanned: Debian amavisd-new at mydomain.com X-Spam-Flag: NO X-Spam-Score: -0.501 X-Spam-Level: X-Spam-Status: No, score=-0.501 required=5 tests=[BAYES_05=-0.5, NO_RELAYS=-0.001] autolearn=no Received: from quicksilver.mydomain.com ([127.0.0.1]) by localhost (quicksilver.mydomain.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DNM8HKzR4d0t for <teststff at mydomain.com>; Mon, 26 Nov 2012 16:54:06 +0000 (GMT) Received: by quicksilver.mydomain.com (Postfix, from userid 15099) id DA3DABE1B; Mon, 26 Nov 2012 16:54:06 +0000 (GMT) X-Sieve: Pigeonhole Sieve 0.3.0 Message-ID: <dovecot-sieve-1353948846-837692-0 at quicksilver.mydomain.com> Date: Mon, 26 Nov 2012 16:54:06 +0000 From: Postmaster <root at mydomain.com> To: <teststff at mydomain.com> Subject: Out of Office In-Reply-To: <ac0fe0e6de81129e7499aba9aa67697a at localhost> References: <ac0fe0e6de81129e7499aba9aa67697a at localhost> Auto-Submitted: auto-replied (vacation) Precedence: bulk MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit I am currently out of the office ---------------------------------------------------------------------------------------- # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.6 ext3 auth_debug = yes auth_debug_passwords = yes auth_verbose = yes listen = *, [::] log_timestamp = "%Y-%m-%d %H:%M:%S " mail_location = maildir:/var/maildirs/%n/Maildir mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave passdb { args = /etc/dovecot/dovecot-ldap.conf driver = ldap } plugin { home = /var/maildirs/%u mail_debug = yes sieve = /var/maildirs/%u/deliver.sieve sieve_dir = /var/maildirs/%n/sieve sieve_global_dir = /etc/sieve/ sieve_global_path = /etc/sieve/deliver.sieve sieve_vacation_dont_check_recipient = yes } protocols = imap pop3 sieve service auth { unix_listener /var/spool/postfix/private/dovecot-auth { group = postfix mode = 0660 user = postfix } unix_listener auth-master { mode = 0600 } user = root } service imap-login { client_limit = 256 process_min_avail = 16 service_count = 0 vsz_limit = 256 M } service managesieve-login { client_limit = 256 process_min_avail = 16 service_count = 0 vsz_limit = 256 M } service pop3-login { client_limit = 256 process_min_avail = 16 service_count = 0 vsz_limit = 256 M } ssl_cert = </var/certs/wildcard.mydomain.ie-including-chain.pem ssl_key = </var/certs/wildcard.mydomain.ie.key userdb { args = /etc/dovecot/dovecot-ldap.conf driver = ldap } protocol imap { imap_client_workarounds = delay-newmail mail_max_userip_connections = 20 } protocol pop3 { pop3_uidl_format = %08Xu%08Xv } protocol lda { auth_socket_path = /var/run/dovecot/auth-master mail_debug = yes mail_plugins = sieve postmaster_address = root at mydomain.ie } From rs at sys4.de Mon Nov 26 19:42:22 2012 From: rs at sys4.de (Robert Schetterer) Date: Mon, 26 Nov 2012 18:42:22 +0100 Subject: [Dovecot] Vacation messages come from POSTMASTER, not user In-Reply-To: <1ae8ff5c569ca991558585c3071131c2@scss.tcd.ie> References: <1ae8ff5c569ca991558585c3071131c2@scss.tcd.ie> Message-ID: <50B3A9FE.6030503@sys4.de> Am 26.11.2012 18:31, schrieb cfowler: > Problem : All vacation autoreplies come from the postmaster address. <> is not really the postmaster address, its special for the mailer daemon > Expected behavior : vacation notice comes from the user who set the > vacation. at my knowledge, does not work that way ,yet, guess what you want, might work with invoking external script via sieve wait for other responses , special stefan might give better answer about sieve > Platform : Dovecot 2.1.7 on Debian Squeeze ( See below for example > reply, sieve script and dovecot -n output) > > Any help appreciated! > > > ---------------------------------------------------------------------------------------- > > > Sieve script used: > > if true > { > vacation :days 2 :subject "Out of Office" "I am currently out of the > office"; > stop; > } > > ---------------------------------------------------------------------------------------- > > > Return-Path: <> > X-Original-To: teststff at mydomain.com > Delivered-To: teststff at mydomain.com > Received: from localhost (localhost [127.0.0.1]) > by quicksilver.mydomain.com (Postfix) with ESMTP id 12591BE16 > for <teststff at mydomain.com>; Mon, 26 Nov 2012 16:54:16 +0000 (GMT) Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From ben at morrow.me.uk Mon Nov 26 19:59:36 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Mon, 26 Nov 2012 17:59:36 +0000 Subject: [Dovecot] Vacation messages come from POSTMASTER, not user In-Reply-To: <1ae8ff5c569ca991558585c3071131c2@scss.tcd.ie> References: <1ae8ff5c569ca991558585c3071131c2@scss.tcd.ie> Message-ID: <20121126175935.GF76138@anubis.morrow.me.uk> At 5PM +0000 on 26/11/12 you (cfowler) wrote: > Problem : All vacation autoreplies come from the postmaster address. > Expected behavior : vacation notice comes from the user who set the > vacation. > Platform : Dovecot 2.1.7 on Debian Squeeze ( See below for example > reply, sieve script and dovecot -n output) <snip> > sieve_vacation_dont_check_recipient = yes Why have you set this? Normally vacation will refuse to respond to a message which doesn't have your address in one of the recipient header fields; in fact the standard says that it MUST NOT respond unless this is the case. This setting turns that check off, in which case Pigeonhole will send a vacation response (despite the standard) but sends it from Postmaster. I assume this is done for privacy reasons, since the person the vacation response is being sent to doesn't necessarily know the user who set the vacation exists, or what their address might be. If you send a message with the user's email address in To:, do you get a vacation response From: the correct address? Ben From cfowler at scss.tcd.ie Mon Nov 26 20:21:05 2012 From: cfowler at scss.tcd.ie (cfowler) Date: Mon, 26 Nov 2012 18:21:05 +0000 Subject: [Dovecot] Vacation messages come from POSTMASTER, not user In-Reply-To: <20121126175935.GF76138@anubis.morrow.me.uk> References: <1ae8ff5c569ca991558585c3071131c2@scss.tcd.ie> <20121126175935.GF76138@anubis.morrow.me.uk> Message-ID: <5fa7ee2d078f950032e1147105f2b61a@scss.tcd.ie> On 26-11-2012 17:59, Ben Morrow wrote: > At 5PM +0000 on 26/11/12 you (cfowler) wrote: >> Problem : All vacation autoreplies come from the postmaster address. >> Expected behavior : vacation notice comes from the user who set the >> vacation. >> Platform : Dovecot 2.1.7 on Debian Squeeze ( See below for example >> reply, sieve script and dovecot -n output) > <snip> > >> sieve_vacation_dont_check_recipient = yes > > Why have you set this? Normally vacation will refuse to respond to a > message which doesn't have your address in one of the recipient > header > fields; in fact the standard says that it MUST NOT respond unless > this > is the case. This setting turns that check off, in which case > Pigeonhole > will send a vacation response (despite the standard) but sends it > from > Postmaster. I assume this is done for privacy reasons, since the > person > the vacation response is being sent to doesn't necessarily know the > user > who set the vacation exists, or what their address might be. > This feature is the reason I've upgraded to 2.1.7 from 1.2.15 Our users have addresses like bmorrow at foo.com We also store aliases for them in LDAP like ben.morrow at foo.com. Postfix knows of these aliases and accepts mail for them. Most of our users prefer to hand out this alias as their email address Mails to bmorrow at foo.com were receiving vacation auto-replies as you'd expect in 1.2.15 Mails to ben.morrow at foo.com were not due to the infamous "discarding vacation response for message implicitly delivered to bmorrow at foo.com" message. I know the correct behavior is for the users to write a correct sieve script with an addresses: line, but that's not going to happen unfortunately. The users just want "Push button to make vacation go". > If you send a message with the user's email address in To:, do you > get a > vacation response From: the correct address? > No, mails to bmorrow at foo.com also get Postmaster replies. With 1.2.15 we were at least getting autoreplies from bmorrow at foo.com when a mail was sent to bmorrow at foo.com. > Ben From klimenko.n at theitidea.ru Mon Nov 26 20:58:30 2012 From: klimenko.n at theitidea.ru (=?UTF-8?B?0J3QuNC60L7Qu9Cw0Lkg0JrQu9C40LzQtdC90LrQvg==?=) Date: Mon, 26 Nov 2012 22:58:30 +0400 Subject: [Dovecot] sieve + dkim Message-ID: <50B3BBD6.5050302@theitidea.ru> message sent from the sieve-vacation does not contain dkim signature how to configure sieve to send messages via smtp transport with signing? From klimenko.n at theitidea.ru Mon Nov 26 21:26:29 2012 From: klimenko.n at theitidea.ru (=?UTF-8?B?0J3QuNC60L7Qu9Cw0Lkg0JrQu9C40LzQtdC90LrQvg==?=) Date: Mon, 26 Nov 2012 23:26:29 +0400 Subject: [Dovecot] Dovecot sieve with postfix. In-Reply-To: <50AA66A5.4050702@fi4it.de> References: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> <50AA66A5.4050702@fi4it.de> Message-ID: <50B3C265.5060409@theitidea.ru> may be this is the best way dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient} -a ${recipient} parameter-a $ {recipient} allow to keep the recipient's address in the headers "from:" 19.11.12 21:04, Fi4IT - Daniel Fischer ?????: > Hello Joe, > > i use this: > main.cf > virtual_transport = dovecot > > master.cf > dovecot unix - n n - - pipe > flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f > ${sender} -d ${recipient} > > /etc/dovecot/conf.d/15-lda.conf > protocol lda { > log_path = /var/log/sieve.log > mail_plugins = acl sieve > } > > and that works fine with my tested clients (tb,outlook,roundcube) > > daniel > > Am 19.11.2012 15:17, schrieb /#!/JoePea: >> Hi all, >> >> I can't get dovecot working with postfix. If I leave >> virtual_transport set >> to "virtual", I can send and receive messages just fine in roundcube. >> If I >> set virtual_transport to "dovecot", I can only send messages in >> roundcube, >> but incoming messages never arrive. Seems I can't get dovecot-lda to >> work. >> I need dovecot-lda in order for sieve filters to work. >> >> Any idea what I'm doing wrong? >> >> Here's `doveconf -n`: >> http://pastie.org/5401133 >> >> `postconf -n`: >> http://pastie.org/5401157 >> >> and `postconf -M`: >> http://pastie.org/5401177 >> >> Note: All I have to do is change virtual_transport = dovecot to >> virtual_transport >> = virtual and all will be fine, except for that I won't have sieve >> filtering which is what I really want. >> >> */#!/*JoePea >> From user+dovecot at localhost.localdomain.org Mon Nov 26 21:52:44 2012 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Mon, 26 Nov 2012 20:52:44 +0100 Subject: [Dovecot] sieve + dkim In-Reply-To: <50B3BBD6.5050302@theitidea.ru> References: <50B3BBD6.5050302@theitidea.ru> Message-ID: <50B3C88C.908@localhost.localdomain.org> On 11/26/2012 07:58 PM ??????? ???????? wrote: > message sent from the sieve-vacation does not contain dkim signature > > how to configure sieve to send messages via smtp transport with signing? Configure a submission host: http://hg.dovecot.org/dovecot-2.1/file/e95479f439aa/doc/example-config/conf.d/15-lda.conf#l20 Regards, Pascal -- The trapper recommends today: face1e55.1233120 at localdomain.org From design at 1stwebdesigns.com Mon Nov 26 21:58:43 2012 From: design at 1stwebdesigns.com (1st WebDesigns) Date: Mon, 26 Nov 2012 19:58:43 +0000 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <50AFE3B3.2020408@hardwarefreak.com> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> <50A0DA65.9080503@1stwebdesigns.com> <50AE15E8.7050400@hardwarefreak.com> <50AE9880.7040405@1stwebdesigns.com> <50AF12A4.7060201@hardwarefreak.com> <50AF5FA6.5070500@1stwebdesigns.com> <50AFE3B3.2020408@hardwarefreak.com> Message-ID: <50B3C9F3.6070709@1stwebdesigns.com> > So this is a step in the right direction. But still far less than > optimal. The read/write lock contention on mbox is unnecessarily eating > up system resources (mainly memory), and causing unnecessary delivery > delays to the mailbox. You should really start looking at migrating to > maildir. It's not that difficult (though maybe more so with 1.0.7) if > you don't have a ton of mailboxes, and especially with POP since the > mailboxes typically wont be holding much mail to migrate. How many do > you have? There's around four hundred mail boxes or so. Some used more intensively than others. > >> Our server is with Rackspace, and RHEL5 is the OS they offered us as an >> upgrade path from RHEL4. So they're getting the support from Red Hat >> and we're getting the support from Rackspace. > > The plot thickens again. You're using a rented server. Sigh... > > This entire thread could have been greatly shortened, saving all of us > much time, if you'd have given all these details up front. > > Is this a cloud server (shared host), or a dedicated server? It's a dedicated server > > FWIW, you don't have RHEL5, but CentOS 5. Hosting companies don't pay > for RHEL licenses for 10s of thousands of hosts. It's RHEL5: $cat /etc/issue Red Hat Enterprise Linux Server release 5.8 (Tikanga) The cost of the license is included in our contract. > > I have a few salient recommendations for you: > > 1. Migrate to maildir. It is far more appropriate for a POP workload. Yes, this will be our next course of action > 2. Switch to a hosting provider that offers much more recent software. We can upgrade the software if we wish, but will no longer get full support from Rackspace if we do this. > 3. Or, get a colo server so you can use whatever software you wish. We can install whatever software we wish at the moment, but see the point above. > > Finally, if this email service you're providing isn't all that critical > to you or your organization, simply prod along as you have been, > fighting these problems frequently along the way. > It's kind of working ok now but we will go with your recommendation of switching to maildir when we have time. Thanks for your help From kgc at corp.sonic.net Mon Nov 26 22:03:14 2012 From: kgc at corp.sonic.net (Kelsey Cummings) Date: Mon, 26 Nov 2012 12:03:14 -0800 Subject: [Dovecot] memory allocation issues In-Reply-To: <840D1B6B-956A-442C-8550-62EBAD352B73@iki.fi> References: <20121109004915.GJ70186@corp.sonic.net> <840D1B6B-956A-442C-8550-62EBAD352B73@iki.fi> Message-ID: <20121126200314.GH62311@corp.sonic.net> On Fri, Nov 23, 2012 at 08:36:37AM +0200, Timo Sirainen wrote: > On 9.11.2012, at 2.49, Kelsey Cummings wrote: > > One of our dovecot backend servers ran into a problem with it's auth > > process a few days ago. This doesn't appear to be the error logged when > > dovecot hits its internal limit so I'm not sure what is going on here. > > > > auth: Error: malloc: 58012: Cannot allocate memory > > auth: Error: Unable to allocate memory for mutexes from the region > > auth: Error: PANIC: Cannot allocate memory > > auth: passwd(test,1.1.1.1,<8HTlNHzNIQBAjhKC>): unknown user > > It would have been nicer if libc would have just crashed the process instead of silently converting it into "unknown user" error.. That's probably actually a bug since the getpwuid_r() that Dovecot uses would have been able to return an error message. We saw two boxes do this over the weekend. > > pop3: Error: Authenticated user not found from userdb, auth lookup +id=2509111297 (client-pid=4781 client-id=1) > > pop3-login: Internal login failure (pid=4781 id=1) (internal failure, 1 +succesful auths): user=<test>... > > > > There was at least 10+GB free RAM on the server and no indication of a > > system level issue at the same time. The server is running 2.1.9. > > There were about 3,200 active sessions, with something like 12 new > > sessions/sec. The other identical servers are/were handling virtually > > identical load with the same service uptime and haven't had any issues > > so far. (Crash happened 7 days ago.) > > Memory leak maybe? service auth { vsz_limit } anyway was reached (default 256 MB). It is currently set to 768M, I'll go ahead and raise it up to 1G. Anything I can do to help see if it is a memory leak? # dovecot -n # 2.1.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-279.9.1.el6.x86_64 x86_64 Scientific Linux release 6.3 (Carbon) auth_master_user_separator = * auth_username_format = %Ln auth_verbose = yes auth_verbose_passwords = sha1 auth_worker_max_count = 64 login_log_format_elements = user=<%u> session=%{session} method=%m rip=%r lip=%l mpid=%e %c mail_fsync = always mail_log_prefix = "%s(%u): session=%{session} " mail_plugins = stats zlib maildir_very_dirty_syncs = yes mmap_disable = yes namespace { inbox = yes location = prefix = INBOX. separator = . type = private } passdb { args = /etc/dovecot/master-users driver = passwd-file master = yes } passdb { args = imap driver = pam } plugin { lazy_expunge = DELETED_MESSAGES. mail_log_events = delete expunge flag_change mail_log_fields = uid box msgid from flags size quota = fs:User quota stats_refresh = 30 secs stats_track_cmds = yes } protocols = imap pop3 service anvil { client_limit = 10000 } service auth { client_limit = 10000 vsz_limit = 768 M } service doveadm { inet_listener { port = 1842 } unix_listener doveadm-server { mode = 0666 } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } process_limit = 7000 process_min_avail = 32 vsz_limit = 256 M } service imap-postlogin { executable = script-login -d /etc/dovecot/bin/sonic-imap-postlogin user = $default_internal_user } service imap { executable = imap imap-postlogin process_limit = 4096 vsz_limit = 512 M } service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } process_limit = 2000 process_min_avail = 32 vsz_limit = 256 M } service pop3-postlogin { executable = script-login -d /etc/dovecot/bin/sonic-pop3-postlogin user = $default_internal_user } service pop3 { executable = pop3 pop3-postlogin process_limit = 4096 } service stats { fifo_listener stats-mail { mode = 0666 } } shutdown_clients = no ssl = required ssl_parameters_regenerate = 1 days syslog_facility = local0 userdb { driver = passwd } verbose_proctitle = yes protocol imap { imap_id_send = support-url support-email mail_max_userip_connections = 20 mail_plugins = stats zlib mwi_update mail_log notify imap_stats imap_zlib } protocol pop3 { mail_plugins = stats zlib lazy_expunge pop3_fast_size_lookups = yes pop3_uidl_format = %f } -- Kelsey Cummings - kgc at corp.sonic.net sonic.net, inc. System Architect 2260 Apollo Way 707.522.1000 Santa Rosa, CA 95407 From klimenko.n at theitidea.ru Mon Nov 26 22:13:24 2012 From: klimenko.n at theitidea.ru (=?UTF-8?B?0J3QuNC60L7Qu9Cw0Lkg0JrQu9C40LzQtdC90LrQvg==?=) Date: Tue, 27 Nov 2012 00:13:24 +0400 Subject: [Dovecot] sieve + dkim In-Reply-To: <50B3C88C.908@localhost.localdomain.org> References: <50B3BBD6.5050302@theitidea.ru> <50B3C88C.908@localhost.localdomain.org> Message-ID: <50B3CD64.2090409@theitidea.ru> thx for answer i use 1.x I found the solution in main.cf content_filter=smtp-amavis:[127.0.0.1]:10026 #filter with dkim and in master.cf public_ip_external_user:smtp inet n - - - - smtpd #some smtpd_recipient_restrictions rules #some smtpd_sender_restrictions rules -o content_filter=smtp-amavis:[127.0.0.1]:10024 #filter for external user 26.11.12 23:52, Pascal Volk ?????: > On 11/26/2012 07:58 PM ??????? ???????? wrote: >> message sent from the sieve-vacation does not contain dkim signature >> >> how to configure sieve to send messages via smtp transport with signing? > Configure a submission host: > http://hg.dovecot.org/dovecot-2.1/file/e95479f439aa/doc/example-config/conf.d/15-lda.conf#l20 > > > Regards, > Pascal From stephan at rename-it.nl Mon Nov 26 22:17:54 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Mon, 26 Nov 2012 21:17:54 +0100 Subject: [Dovecot] Vacation messages come from POSTMASTER, not user In-Reply-To: <1ae8ff5c569ca991558585c3071131c2@scss.tcd.ie> References: <1ae8ff5c569ca991558585c3071131c2@scss.tcd.ie> Message-ID: <50B3CE72.3040507@rename-it.nl> On 11/26/2012 6:31 PM, cfowler wrote: > Problem : All vacation autoreplies come from the postmaster address. > Expected behavior : vacation notice comes from the user who set the > vacation. > Platform : Dovecot 2.1.7 on Debian Squeeze ( See below for example > reply, sieve script and dovecot -n output) > > Any help appreciated! This should fix that: http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/b56711807edc Regards, Stephan. From stephan at rename-it.nl Mon Nov 26 22:28:05 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Mon, 26 Nov 2012 21:28:05 +0100 Subject: [Dovecot] Vacation messages come from POSTMASTER, not user In-Reply-To: <20121126175935.GF76138@anubis.morrow.me.uk> References: <1ae8ff5c569ca991558585c3071131c2@scss.tcd.ie> <20121126175935.GF76138@anubis.morrow.me.uk> Message-ID: <50B3D0D5.30302@rename-it.nl> On 11/26/2012 6:59 PM, Ben Morrow wrote: > At 5PM +0000 on 26/11/12 you (cfowler) wrote: > This setting turns that check off, in which case Pigeonhole > will send a vacation response (despite the standard) but sends it from > Postmaster. Actually, this shouldn't have happened. Originally, it would only use 'Postmaster' when the recipient address is unknown, but that situation would never occur. With the addition of the dont_check_recipient setting, this got changed unintentionally. > I assume this is done for privacy reasons, since the person > the vacation response is being sent to doesn't necessarily know the user > who set the vacation exists, or what their address might be. Interesting notion, but the real reason is of a more stupid nature as explained above. :) Do you think this is something people would want to configure? Since this particular feature deviates from the standard to begin with, nothing is specified about what should be done. I think the added anonymity would often be useless, because the content of the vacation message can contain all sorts of information on the recipient, including the mail address, e.g. in the signature. > If you send a message with the user's email address in To:, do you get a > vacation response From: the correct address? Since the recipient check is not performed, the recipient address used for the reply remained NULL and the reply code would revert to Postmaster at all times. This is fixed now. Regards, Stephan. From CMarcus at Media-Brokers.com Mon Nov 26 22:33:25 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Mon, 26 Nov 2012 15:33:25 -0500 Subject: [Dovecot] sieve + dkim In-Reply-To: <50B3CD64.2090409@theitidea.ru> References: <50B3BBD6.5050302@theitidea.ru> <50B3C88C.908@localhost.localdomain.org> <50B3CD64.2090409@theitidea.ru> Message-ID: <50B3D215.2060806@Media-Brokers.com> You do know that inline comments as you have below are not supported in postfix config files and WILL cause unexpected behavior depending on where they are and what they contain, right? On 2012-11-26 3:13 PM, ??????? ???????? <klimenko.n at theitidea.ru> wrote: > thx for answer > > i use 1.x > I found the solution > > in main.cf > content_filter=smtp-amavis:[127.0.0.1]:10026 #filter with dkim > > and in master.cf > public_ip_external_user:smtp inet n - - > - - smtpd > #some smtpd_recipient_restrictions rules > #some smtpd_sender_restrictions rules > -o content_filter=smtp-amavis:[127.0.0.1]:10024 #filter for > external user > > > 26.11.12 23:52, Pascal Volk ?????: >> On 11/26/2012 07:58 PM ??????? ???????? wrote: >>> message sent from the sieve-vacation does not contain dkim signature >>> >>> how to configure sieve to send messages via smtp transport with >>> signing? >> Configure a submission host: >> http://hg.dovecot.org/dovecot-2.1/file/e95479f439aa/doc/example-config/conf.d/15-lda.conf#l20 >> >> >> >> Regards, >> Pascal > > -- Best regards, Charles Marcus I.T. Director Media Brokers International, Inc. 678.514.6200 x224 | 678.514.6299 fax From klimenko.n at theitidea.ru Mon Nov 26 22:41:19 2012 From: klimenko.n at theitidea.ru (=?UTF-8?B?0J3QuNC60L7Qu9Cw0Lkg0JrQu9C40LzQtdC90LrQvg==?=) Date: Tue, 27 Nov 2012 00:41:19 +0400 Subject: [Dovecot] sieve + dkim In-Reply-To: <50B3D215.2060806@Media-Brokers.com> References: <50B3BBD6.5050302@theitidea.ru> <50B3C88C.908@localhost.localdomain.org> <50B3CD64.2090409@theitidea.ru> <50B3D215.2060806@Media-Brokers.com> Message-ID: <50B3D3EF.5060005@theitidea.ru> yes of course this is only remarks for easily understanding 27.11.12 0:33, Charles Marcus ?????: > You do know that inline comments as you have below are not supported > in postfix config files and WILL cause unexpected behavior depending > on where they are and what they contain, right? > > On 2012-11-26 3:13 PM, ??????? ???????? <klimenko.n at theitidea.ru> wrote: >> thx for answer >> >> i use 1.x >> I found the solution >> >> in main.cf >> content_filter=smtp-amavis:[127.0.0.1]:10026 #filter with dkim >> >> and in master.cf >> public_ip_external_user:smtp inet n - - >> - - smtpd >> #some smtpd_recipient_restrictions rules >> #some smtpd_sender_restrictions rules >> -o content_filter=smtp-amavis:[127.0.0.1]:10024 #filter for >> external user >> >> >> 26.11.12 23:52, Pascal Volk ?????: >>> On 11/26/2012 07:58 PM ??????? ???????? wrote: >>>> message sent from the sieve-vacation does not contain dkim signature >>>> >>>> how to configure sieve to send messages via smtp transport with >>>> signing? >>> Configure a submission host: >>> http://hg.dovecot.org/dovecot-2.1/file/e95479f439aa/doc/example-config/conf.d/15-lda.conf#l20 >>> >>> >>> >>> Regards, >>> Pascal >> >> From trusktr at gmail.com Mon Nov 26 22:59:12 2012 From: trusktr at gmail.com (/#!/JoePea) Date: Mon, 26 Nov 2012 12:59:12 -0800 Subject: [Dovecot] Dovecot sieve with postfix. In-Reply-To: <20121126115235.GC76138@anubis.morrow.me.uk> References: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> <20121119164753.GK94077@anubis.morrow.me.uk> <CAKU1PAUj2gR5PGqWK8TZEOCQn3tYDgE69NrFWbB5bmL=y56qYw@mail.gmail.com> <20121126115235.GC76138@anubis.morrow.me.uk> Message-ID: <CAKU1PAXy2P0u+qvi7_k9MygZ_QLd2=zJ9Xeck3B6WdOCYoEZMA@mail.gmail.com> Hi Ben, Indeed, the mailq command shows my test messages sitting there with "mail transport unavailable". > ??[11:48:22/hypership/root/~] > ??? mailq > -Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient------- > 2DCCB580C01 1901 Mon Nov 26 11:45:02 trusktr at gmail.com > (mail transport > unavailable) > trusktr at bettafootwear.com > > B1449580C03 1895 Mon Nov 26 11:48:41 trusktr at gmail.com > (mail transport > unavailable) > trusktr at bettafootwear.com > > -- 5 Kbytes in 2 Requests. > I checked in /etc/syslog-ng/syslog-ng.conf and it shows destination d_mail { file("/var/log/mail.log"); }; but there is no such mail.log file so I created one. I logged in as mailman by doing su -s /bin/bash mailman then ran /usr/lib/dovecot/dovecot-lda -f trusktr at gmail.com -d trusktr at bettafootwear.com </home/mailman/test_msg.txt where /home/mailman/test_msg.txt contains a plain text sentence. After doing that, mailq shows the new messages, but with the same "mail transport unavailable" message. However, in Roundcube I see a new blank message with no subject for each attempt of the dovecot-lda command. Also, the after running the dovecot-lda command a few times, I noticed it was saying that the log files weren't writable (permission denied), so I fixed that... However, that doesn't seem to have fixed the problem as test emails from gmail still don't appear in Roundcube, but I see them with mailq with "mail transport unavailable". I'll skip setting up LMTP until I get it working with LDA so I know what I'm doing before getting into more complications. */#!/*JoePea On Mon, Nov 26, 2012 at 3:52 AM, Ben Morrow <ben at morrow.me.uk> wrote: > At 2AM -0800 on 26/11/12 you (/#!/JoePea) wrote: > > Hi, thanks for the reply. I'm new to all this. How can I tell if postfix > is > > deferring messages, or if it thinks they've been delieverd? Where is the > > postfix log? > > You can tell if a message is still in the queue with 'mailq'. You can > find out why by reading the log. If messages are being deferred they > will eventually start bouncing, once Postfix decides they've spent too > long in the queue. > > Postfix normally logs through the 'mail' facility of syslog. > > > How do I feed a message to dovecot-lda manually, as mailman? > > Something along the lines of > > sudo -u mailman /usr/lib/dovecot/dovecot-lda -f some at user > -d some at user </some/mail/message > > as root should work, depending on your sudo setup. Otherwise you will > need to use su, which can be more awkward. > > > How do I use LMTP instead of LDA? > > Read the wiki for the Dovecot end, and use > > virtual_transport = lmtp:unix:/path/to/lmtp/socket > > on the Postfix end. You will want to test the LMTP server is working > manually (with nc -U or something) before trying to get Postfix to > deliver to it. > > Ben > > From stan at hardwarefreak.com Mon Nov 26 23:15:42 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Mon, 26 Nov 2012 15:15:42 -0600 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <50B3C9F3.6070709@1stwebdesigns.com> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> <50A0DA65.9080503@1stwebdesigns.com> <50AE15E8.7050400@hardwarefreak.com> <50AE9880.7040405@1stwebdesigns.com> <50AF12A4.7060201@hardwarefreak.com> <50AF5FA6.5070500@1stwebdesigns.com> <50AFE3B3.2020408@hardwarefreak.com> <50B3C9F3.6070709@1stwebdesigns.com> Message-ID: <50B3DBFE.1090400@hardwarefreak.com> On 11/26/2012 1:58 PM, 1st WebDesigns wrote: > >> So this is a step in the right direction. But still far less than >> optimal. The read/write lock contention on mbox is unnecessarily eating >> up system resources (mainly memory), and causing unnecessary delivery >> delays to the mailbox. You should really start looking at migrating to >> maildir. It's not that difficult (though maybe more so with 1.0.7) if >> you don't have a ton of mailboxes, and especially with POP since the >> mailboxes typically wont be holding much mail to migrate. How many do >> you have? > > There's around four hundred mail boxes or so. Some used more > intensively than others. There are methods to convert one mailbox at a time, groups of mailboxes, or all mailboxes in one fell swoop in a batch mode. I'm uncertain WRT the status of the tools in 1.0.7, but given the age of that release you may avoid problems by upgrading to Dovecot 1.2.x or later before doing the conversion. If you attempt the conversion on 1.0.7 and hit snags, this mailing list may not be of much help as nobody has used 1.0.7 for years. You may want to post a new thread asking Timo about such a conversion with 1.0.7. He doesn't seem to be paying attention to this thread. >>> Our server is with Rackspace, and RHEL5 is the OS they offered us as an >>> upgrade path from RHEL4. So they're getting the support from Red Hat >>> and we're getting the support from Rackspace. >> >> The plot thickens again. You're using a rented server. Sigh... >> >> This entire thread could have been greatly shortened, saving all of us >> much time, if you'd have given all these details up front. >> >> Is this a cloud server (shared host), or a dedicated server? > > It's a dedicated server > >> >> FWIW, you don't have RHEL5, but CentOS 5. Hosting companies don't pay >> for RHEL licenses for 10s of thousands of hosts. > > It's RHEL5: > > $cat /etc/issue > Red Hat Enterprise Linux Server release 5.8 (Tikanga) > > The cost of the license is included in our contract. Now that's interesting. >> >> I have a few salient recommendations for you: >> >> 1. Migrate to maildir. It is far more appropriate for a POP workload. > > Yes, this will be our next course of action > >> 2. Switch to a hosting provider that offers much more recent software. > > We can upgrade the software if we wish, but will no longer get full > support from Rackspace if we do this. And you consider this a net loss? If you're that dependent on your provider's tit, find one that can suckle you on RHEL 6.3. Or buy your copy/license directly from Red Hat and get support directly from them. >> 3. Or, get a colo server so you can use whatever software you wish. > > We can install whatever software we wish at the moment, but see the > point above. See my point above. And WRT Dovecot and most other application software, you'll get better support from the community than your bulk hosting provider anyway. Their primary business is making $$ from providing you a host and a pipe. Customer support is a cost, especially application support, not a profit center, and thus is almost always a secondary concern at best. Red Hat's entire business model is customer support, same for SuSE. >> Finally, if this email service you're providing isn't all that critical >> to you or your organization, simply prod along as you have been, >> fighting these problems frequently along the way. > > It's kind of working ok now but we will go with your recommendation of > switching to maildir when we have time. Thanks for your help As I said, you can migrate users individually. You could easily do 10 users a day during coffee breaks etc and be done in a month plus. Do 40 a day and you're done in 10 days. The only time you'll burn is in the learning curve, not the actual mailbox migration which takes no time at all with POP accounts. Always test with a dummy mailbox first to iron out any issues. Then start migrating the problem users first, the smart phone users who tie up their mailboxes for many minutes during download. -- Stan From trusktr at gmail.com Mon Nov 26 23:15:56 2012 From: trusktr at gmail.com (/#!/JoePea) Date: Mon, 26 Nov 2012 13:15:56 -0800 Subject: [Dovecot] Dovecot sieve with postfix. In-Reply-To: <50B3C265.5060409@theitidea.ru> References: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> <50AA66A5.4050702@fi4it.de> <50B3C265.5060409@theitidea.ru> Message-ID: <CAKU1PAVGcAMwPPENVoN8t23zhd5xehKQ2tSB-=4SPVOwT3dNEA@mail.gmail.com> Hi, thanks for the reply, What's the difference between dovecot-lda and deliver? Are they the same? The manpages are identical. I tried both and I also tried adding the -a ${recipient} argument but there was no change. It still doesn't work. Any other ideas? */#!/*JoePea On Mon, Nov 26, 2012 at 11:26 AM, ??????? ???????? <klimenko.n at theitidea.ru>wrote: > may be this is the best way > > > dovecot unix - n n - - pipe > flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} > -d ${recipient} -a ${recipient} > > parameter-a $ {recipient} > allow to keep the recipient's address in the headers "from:" > > > 19.11.12 21:04, Fi4IT - Daniel Fischer ?????: > > Hello Joe, >> >> i use this: >> main.cf >> virtual_transport = dovecot >> >> master.cf >> dovecot unix - n n - - pipe >> flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} >> -d ${recipient} >> >> /etc/dovecot/conf.d/15-lda.**conf >> protocol lda { >> log_path = /var/log/sieve.log >> mail_plugins = acl sieve >> } >> >> and that works fine with my tested clients (tb,outlook,roundcube) >> >> daniel >> >> Am 19.11.2012 15:17, schrieb /#!/JoePea: >> >>> Hi all, >>> >>> I can't get dovecot working with postfix. If I leave virtual_transport >>> set >>> to "virtual", I can send and receive messages just fine in roundcube. If >>> I >>> set virtual_transport to "dovecot", I can only send messages in >>> roundcube, >>> but incoming messages never arrive. Seems I can't get dovecot-lda to >>> work. >>> I need dovecot-lda in order for sieve filters to work. >>> >>> Any idea what I'm doing wrong? >>> >>> Here's `doveconf -n`: >>> http://pastie.org/5401133 >>> >>> `postconf -n`: >>> http://pastie.org/5401157 >>> >>> and `postconf -M`: >>> http://pastie.org/5401177 >>> >>> Note: All I have to do is change virtual_transport = dovecot to >>> virtual_transport >>> = virtual and all will be fine, except for that I won't have sieve >>> filtering which is what I really want. >>> >>> */#!/*JoePea >>> >>> > From design at 1stwebdesigns.com Mon Nov 26 23:39:18 2012 From: design at 1stwebdesigns.com (1st WebDesigns) Date: Mon, 26 Nov 2012 21:39:18 +0000 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <50B3DBFE.1090400@hardwarefreak.com> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> <50A0DA65.9080503@1stwebdesigns.com> <50AE15E8.7050400@hardwarefreak.com> <50AE9880.7040405@1stwebdesigns.com> <50AF12A4.7060201@hardwarefreak.com> <50AF5FA6.5070500@1stwebdesigns.com> <50AFE3B3.2020408@hardwarefreak.com> <50B3C9F3.6070709@1stwebdesigns.com> <50B3DBFE.1090400@hardwarefreak.com> Message-ID: <50B3E186.2040501@1stwebdesigns.com> Thanks, all your comments are noted. > As I said, you can migrate users individually. You could easily do 10 > users a day during coffee breaks etc and be done in a month plus. Do 40 > a day and you're done in 10 days. The only time you'll burn is in the > learning curve, not the actual mailbox migration which takes no time at > all with POP accounts. That's interesting, as I (wrongly) assumed switching from mbox to maildir was an all or nothing process. You're saying we can run half the mailboxes in mbox format and the other half in maildir format? In which case we can get going with this sooner than I thought. > > Always test with a dummy mailbox first to iron out any issues. Then > start migrating the problem users first, the smart phone users who tie > up their mailboxes for many minutes during download. > Thank you - I would probably start with the CEO's mailbox first and then go from there >:-D From ben at morrow.me.uk Tue Nov 27 00:14:59 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Mon, 26 Nov 2012 22:14:59 +0000 Subject: [Dovecot] Vacation messages come from POSTMASTER, not user In-Reply-To: <5fa7ee2d078f950032e1147105f2b61a@scss.tcd.ie> References: <1ae8ff5c569ca991558585c3071131c2@scss.tcd.ie> <20121126175935.GF76138@anubis.morrow.me.uk> <5fa7ee2d078f950032e1147105f2b61a@scss.tcd.ie> Message-ID: <20121126221458.GG76138@anubis.morrow.me.uk> At 6PM +0000 on 26/11/12 you (cfowler) wrote: > On 26-11-2012 17:59, Ben Morrow wrote: > > At 5PM +0000 on 26/11/12 you (cfowler) wrote: > >> Problem : All vacation autoreplies come from the postmaster address. > >> Expected behavior : vacation notice comes from the user who set the > >> vacation. > >> Platform : Dovecot 2.1.7 on Debian Squeeze ( See below for example > >> reply, sieve script and dovecot -n output) > > <snip> > > > >> sieve_vacation_dont_check_recipient = yes > > > > Why have you set this? Normally vacation will refuse to respond to a > > message which doesn't have your address in one of the recipient > > header fields; in fact the standard says that it MUST NOT respond > > unless this is the case. (Stephan has explained that I am wrong here: that's what comes from reading the code rather than running it...) > This feature is the reason I've upgraded to 2.1.7 from 1.2.15 > > Our users have addresses like bmorrow at foo.com > We also store aliases for them in LDAP like ben.morrow at foo.com. Postfix > knows of these aliases and accepts mail for them. Most of our users > prefer to hand out this alias as their email address > > Mails to bmorrow at foo.com were receiving vacation auto-replies as you'd > expect in 1.2.15 > Mails to ben.morrow at foo.com were not due to the infamous "discarding > vacation response for message implicitly delivered to bmorrow at foo.com" > message. > > I know the correct behavior is for the users to write a correct sieve > script with an addresses: line, but that's not going to happen > unfortunately. The users just want "Push button to make vacation go". I see... this is a little tricky, yes, and I think you're right this is the only straightforward solution at the moment. You do want to be a little careful about enabling this, though: the restriction is there in the standard to prevent automated replies from being sent for messages to mailing lists and group aliases and such, where the sender does not (and should not) know the list of final delivery addresses, and certainly doesn't want vacation replies from all of them. Since most mailing lists now set the List-* headers (which prevent vacation replies anyway), they should be OK, so this is probably only a problem if you use internal aliases which expand to lists of users. Ideally pigeonhole would take advantage of this paragraph in the standard An email address is considered to belong to the recipient if it is one of: 1. an email address known by the implementation to be associated with the recipient, and allow you to specify a dict in which to lookup a default :addresses list for each recipient. That way you could turn this parameter back off, but instead give Dovecot the information it needs to determine that a message To: <ben.morrow at foo.com> was in fact directly addressed to this user. I wonder how difficult that would be... > > If you send a message with the user's email address in To:, do you > > get a > > vacation response From: the correct address? > > > > No, mails to bmorrow at foo.com also get Postmaster replies. > With 1.2.15 we were at least getting autoreplies from bmorrow at foo.com > when a mail was sent to bmorrow at foo.com. Stephan said xthread that this has now been fixed. Ben From stan at hardwarefreak.com Tue Nov 27 02:27:58 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Mon, 26 Nov 2012 18:27:58 -0600 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <50B3E186.2040501@1stwebdesigns.com> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> <50A0DA65.9080503@1stwebdesigns.com> <50AE15E8.7050400@hardwarefreak.com> <50AE9880.7040405@1stwebdesigns.com> <50AF12A4.7060201@hardwarefreak.com> <50AF5FA6.5070500@1stwebdesigns.com> <50AFE3B3.2020408@hardwarefreak.com> <50B3C9F3.6070709@1stwebdesigns.com> <50B3DBFE.1090400@hardwarefreak.com> <50B3E186.2040501@1stwebdesigns.com> Message-ID: <50B4090E.1090809@hardwarefreak.com> On 11/26/2012 3:39 PM, 1st WebDesigns wrote: > Thanks, all your comments are noted. > >> As I said, you can migrate users individually. You could easily do 10 >> users a day during coffee breaks etc and be done in a month plus. Do 40 >> a day and you're done in 10 days. The only time you'll burn is in the >> learning curve, not the actual mailbox migration which takes no time at >> all with POP accounts. > > That's interesting, as I (wrongly) assumed switching from mbox to > maildir was an all or nothing process. You're saying we can run half > the mailboxes in mbox format and the other half in maildir format? > > In which case we can get going with this sooner than I thought. Yes, this can be done. But if you're using UNIX system user accounts IIRC you'll have to convert to virtual users before you can migrate one user at a time. Virtual user setup is required to change mail_location on a per user basis. With system users mail_location is defined once for all users. Converting to virtual users first makes the process more painful. I've not done such a POP mbox<>maildir migration myself, so hopefully someone who has will chime in. If not start a new thread called "need POP mbox<>maildir migration help" or similar. And again, I wouldn't try any of this with 1.0.7. Upgrade to at least 1.2.x first. >> Always test with a dummy mailbox first to iron out any issues. Then >> start migrating the problem users first, the smart phone users who tie >> up their mailboxes for many minutes during download. >> > > Thank you - I would probably start with the CEO's mailbox first and then > go from there >:-D Start a new thread as I suggested. State your version, current user account type (system or virtual), and post your dovecot -n at the end of the email. You'll get many more helpful suggestions and insight from people who've actually done this migration. -- Stan From tss at iki.fi Tue Nov 27 02:42:20 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 02:42:20 +0200 Subject: [Dovecot] lmtp_rcpt_check_quota working somewhere? In-Reply-To: <alpine.DEB.2.02.1211261658550.3077@pc-2m63nn> References: <alpine.DEB.2.02.1211261658550.3077@pc-2m63nn> Message-ID: <19E4CB4D-7961-49A2-84CD-D0370A0B364A@iki.fi> On 26.11.2012, at 18.07, Steffen Kaiser wrote: > I'm running Dovecot v2.1 and enabled the > > lmtp_rcpt_check_quota > > option in conf.d/20-lmtp.conf, because I just found it in the sample config. > > Is this option working somewhere? > > When I have the option enabled, I get _no_ response in the RCPT TO phase, if the user is under quota. If I go on and enter the DATA keyword eventually, I get "554 5.5.1 No valid recipients", so it looks like, the user is really ignored at all. Fixed: http://hg.dovecot.org/dovecot-2.1/rev/bebe54e1d640 From tss at iki.fi Tue Nov 27 03:00:29 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 03:00:29 +0200 Subject: [Dovecot] shared mailboxes and indexes In-Reply-To: <099qpni2j8v8@mids.svenhartge.de> References: <50A61147.5040201@um.es> <14BDCFB7-B11E-4D4A-95AD-5BB92085DB91@iki.fi> <50AF5D9C.7050204@skye.it> <7DEEDB49-0441-4194-911D-6B5E4E5ADCD1@iki.fi> <099qpni2j8v8@mids.svenhartge.de> Message-ID: <4FC65E25-4154-4F8E-A1DB-D4BD7A900A98@iki.fi> On 23.11.2012, at 17.53, Sven Hartge wrote: >>>> BTW. Do you have multiple Dovecot backend servers? Director works >>>> only when you're not using shared mailboxes.. > >> You can't reliably do it if the mailboxes are accessed directly via >> NFS. The current idea to solve this is to use imapc backend with >> master users, so the actual mailbox access for each user is always >> done by only one server. I think someone already managed to configure >> such a setup. > > This was me. > > It works (with one minor quirk, more on this later) in my current test > setup like so: > > a) 1 to X user-servers with the users mailboxes on them > b) 1 shared-server with the shared mailboxes on them For implementing shared mailboxes between all user servers, I think what would need to be developed is: > imapc_host = m-st-sh-01.example.com > imapc_master_user = %u > imapc_user = shared Somehow being able to set "imapc_user = %%u" where %%u expands to the shared namespace's username. Or maybe setting the imapc_user automatically to that when accessing it via type=shared namespace. > Note: You CANNOT have ACLs activated on the users-servers, because this > will interfere with the permissions of ht IMAPShared namespace, > rendering the mailboxes located in there unavailable for your users. And some way to disable ACLs for shared namespaces that use imapc. Not sure what would be a nice way of doing this. The attached patch contains these two changes. The first one I could commit immediately. The second one probably would need to be configurable somehow (maybe a generic disable_acls=yes setting for namespace?) -------------- next part -------------- A non-text attachment was scrubbed... Name: diff Type: application/octet-stream Size: 1148 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121127/1d852c4f/attachment-0002.obj> -------------- next part -------------- > Now the mentioned quirk: Because all connections on the shared-server > are made to the same user "shared" and are coming from very few IPs > (the 1 to X user-servers), you need to set a very high > mail_max_userip_connections value. > > I set mine to 1000 just to be sure. > > ---> But: I have NOT configured login_trusted_networks, so this may be > my error in that case. I don't think that setting helps. From tss at iki.fi Tue Nov 27 03:01:23 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 03:01:23 +0200 Subject: [Dovecot] shared mailboxes and indexes In-Reply-To: <4FC65E25-4154-4F8E-A1DB-D4BD7A900A98@iki.fi> References: <50A61147.5040201@um.es> <14BDCFB7-B11E-4D4A-95AD-5BB92085DB91@iki.fi> <50AF5D9C.7050204@skye.it> <7DEEDB49-0441-4194-911D-6B5E4E5ADCD1@iki.fi> <099qpni2j8v8@mids.svenhartge.de> <4FC65E25-4154-4F8E-A1DB-D4BD7A900A98@iki.fi> Message-ID: <EACB2A56-A9B7-4F4E-8BAB-97ADC617678D@iki.fi> On 27.11.2012, at 3.00, Timo Sirainen wrote: >> Now the mentioned quirk: Because all connections on the shared-server >> are made to the same user "shared" and are coming from very few IPs >> (the 1 to X user-servers), you need to set a very high >> mail_max_userip_connections value. >> >> I set mine to 1000 just to be sure. >> >> ---> But: I have NOT configured login_trusted_networks, so this may be >> my error in that case. > > I don't think that setting helps. But something like this should help: remote 10.0.0.0/8 { mail_max_userip_connections = 0 } From tss at iki.fi Tue Nov 27 03:04:07 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 03:04:07 +0200 Subject: [Dovecot] Default fallback behaviour In-Reply-To: <CANYsE-wYxa1hf=Z4Kom5pTWoFji_aqMous9Gty_zBNhynnzkAA@mail.gmail.com> References: <CANYsE-wYxa1hf=Z4Kom5pTWoFji_aqMous9Gty_zBNhynnzkAA@mail.gmail.com> Message-ID: <B4D76870-723B-414E-8DCB-9F4595F5A42F@iki.fi> On 23.11.2012, at 9.46, Nikita Koshikov wrote: > Hello list, > > Here is the problem: > I have few: > passdb { > #1 > } > passdb { > #2 > } > And relative userdb sections. If user not found in 1) section it fallbacks > to next one - it's expected and right, IMHO. But when the user exists in > both section and password verification fails on 1) database it successfully > authenticated on next one. I think this behaviour should be configured. The > main goal of 1) section for this server is to overwrite users in main > (section2) database. It's not always possible to know why #1 failed. For example PAM doesn't always tell if the password was wrong or if the user didn't exist. > Maybe I missed something and this option is already in dovecot code and I > can't find it ? Or if not - will it be added in the future ? I'm not very interested in adding it, especially because it can't be done reliably. From tss at iki.fi Tue Nov 27 03:09:06 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 03:09:06 +0200 Subject: [Dovecot] Folder layout after Cyrus to Dovecot migration In-Reply-To: <20121123115405.5224b630@kae.tiger-computing.wbp> References: <20121116093329.045f4585@kae.tiger-computing.wbp> <20121123115405.5224b630@kae.tiger-computing.wbp> Message-ID: <B5E1E1EB-3B7B-4334-99CE-79E2B5DE5CD2@iki.fi> On 23.11.2012, at 13.54, Keith Edmunds wrote: > Problem: We have some folders (eg, Trash) appearing both as sibling folders > to INBOX and as subfolders to INBOX. We want them only to appear at the > sibling level. You're breaking all the assumptions that IMAP clients can make about mailbox names and namespaces. Bad idea, don't do it. From tss at iki.fi Tue Nov 27 03:17:00 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 03:17:00 +0200 Subject: [Dovecot] Plugin help, number of messages in mailbox In-Reply-To: <E1F02117-7120-4920-9807-4295BD5732A5@tucows.com> References: <E1F02117-7120-4920-9807-4295BD5732A5@tucows.com> Message-ID: <E0CA4C97-9FFB-4497-ADA4-EE35B4818222@iki.fi> On 22.11.2012, at 17.06, Richard Platel wrote: > We use Dovecot for IMAP and POP (but not LDA), we want to do something when a user has an INBOX that becomes empty, or becomes not empty (set a flag in memcached, but that's not really important). > > I'm writing a plugin (for Dovecot 2.1.7). On mailbox_open() I can use mailbox_get_status() to get a count of messages in the mailbox, and then decrement this in expunge() or increment it in mailbox save_finish() (for IMAP APPEND or COPY commands). So all mailbox access goes through Dovecot. Nothing else changes the underlying storage directly? > However in expunge() and mailbox_save_finish, even after calling the super function, mailbox_get_status doesn't update the number of messages in the mailbox. You'll get the updated count only after mailbox_sync_deinit(). > This is a problem if (for example) there are concurrent POP sessions. Two POP sessions could get all the messages in INBOX, one could logout, calling expunge a few times, eventually causing my plugin to note that the inbox is empty, then our LDA could deliver a message, mark the INBOX not empty, then the other POP session could log out, call expunge and cause my plugin to mark the INBOX empty, when it's not. > > > So in summation: how can a plugin be notified of changes to a mailbox, and then accurately get the real number of messages in that mailbox? I think if you hook into sync_deinit() and use a local lock file while you send the notification it would probably be race-free. From tss at iki.fi Tue Nov 27 03:18:03 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 03:18:03 +0200 Subject: [Dovecot] Filesystem quotas In-Reply-To: <50AD10BF.8040500@cs.ucy.ac.cy> References: <50AD10BF.8040500@cs.ucy.ac.cy> Message-ID: <47CD6D34-3EAB-47FB-9B2D-7A29B2BD15C5@iki.fi> On 21.11.2012, at 19.34, Andreas Kasenides wrote: > I could not determine if when using filesystem quotas (http://wiki2.dovecot.org/Quota/FS) > Dovecot will use the reported quota and limits without the need of configuring them > via "quota_rules". Is this possible somehow? Such a feature would determine the quota limits > automatically from the filesystem quotas thereby allowing to make use of them in quota warnings. > Dovecot already knows the quota settings and limits. Here is evidence from the logs > >> Nov 21 19:24:22 iolaos dovecot: imap(user): Debug: box=/Mail/ank mount=/newmail match=yes >> Nov 21 19:24:22 iolaos dovecot: imap(user): Debug: quota-fs: host=xxxx.xxxx.ucy.xx.cy, path=/mail, uid=211, bytes >> Nov 21 19:24:22 iolaos dovecot: imap(user): Debug: quota-fs: uid=211, value=2779115520, limit=8388608000 > I am using (testing) version 2.2alpha1. With fs quota Dovecot itself doesn't enforce any limits, and the limits are read from the filesystem. So quota_rules are ignored. From sven at svenhartge.de Tue Nov 27 03:24:57 2012 From: sven at svenhartge.de (Sven Hartge) Date: Tue, 27 Nov 2012 02:24:57 +0100 Subject: [Dovecot] shared mailboxes and indexes References: <50A61147.5040201@um.es> <14BDCFB7-B11E-4D4A-95AD-5BB92085DB91@iki.fi> <50AF5D9C.7050204@skye.it> <7DEEDB49-0441-4194-911D-6B5E4E5ADCD1@iki.fi> <099qpni2j8v8@mids.svenhartge.de> <4FC65E25-4154-4F8E-A1DB-D4BD7A900A98@iki.fi> Message-ID: <b9a3pg22j8v8@mids.svenhartge.de> Timo Sirainen <tss at iki.fi> wrote: > On 23.11.2012, at 17.53, Sven Hartge wrote: >>>>> BTW. Do you have multiple Dovecot backend servers? Director works >>>>> only when you're not using shared mailboxes.. >> >>> You can't reliably do it if the mailboxes are accessed directly via >>> NFS. The current idea to solve this is to use imapc backend with >>> master users, so the actual mailbox access for each user is always >>> done by only one server. I think someone already managed to >>> configure such a setup. >> >> This was me. >> >> It works (with one minor quirk, more on this later) in my current >> test setup like so: >> >> a) 1 to X user-servers with the users mailboxes on them >> b) 1 shared-server with the shared mailboxes on them > For implementing shared mailboxes between all user servers, I think > what would need to be developed is: >> imapc_host = m-st-sh-01.example.com >> imapc_master_user = %u >> imapc_user = shared > Somehow being able to set "imapc_user = %%u" where %%u expands to the > shared namespace's username. Or maybe setting the imapc_user > automatically to that when accessing it via type=shared namespace. Wouldn't you still need the target users host because this will be dynamic depending on the target user? Gr??e, Sven. -- Sigmentation fault. Core dumped. From tss at iki.fi Tue Nov 27 03:50:38 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 03:50:38 +0200 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <50A8F688.2040802@gei.de> References: <50A8F688.2040802@gei.de> Message-ID: <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> On 18.11.2012, at 16.54, Robert Str?tgen wrote: > Nov 18, 2012 2:59:09 PM org.apache.solr.common.SolrException log > SEVERE: org.apache.solr.common.SolrException: Invalid UTF-8 start byte > 0xfc (at char #25214836, byte #26687495) Annoying. I guess these fix it: http://hg.dovecot.org/dovecot-2.1/rev/172295f5a78b http://hg.dovecot.org/dovecot-2.1/rev/01550514f189 http://hg.dovecot.org/dovecot-2.1/rev/339e654f371e From tss at iki.fi Tue Nov 27 03:53:53 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 03:53:53 +0200 Subject: [Dovecot] fs_flush_file_handle_cache_dir: rmdir(/var/mail) AGAIN In-Reply-To: <50AA3BF3.6060802@mathcs.emory.edu> References: <50AA3BF3.6060802@mathcs.emory.edu> Message-ID: <5D64E8C8-813C-4FD0-8FCE-409DE51EECDC@iki.fi> On 19.11.2012, at 16.02, Ken Mandelberg wrote: > We are running Dovecot 2.0.12. It runs on only one server and /var/mail is local where all the INBOX's are stored. Users other IMAP folders are NFS mounted on the server. > > We see frequent > > Error: nfs_flush_file_handle_cache_dir: rmdir(/var/mail) failed: Device busy > > I know this error message has been around a long time. Should we still be seeing it on 2.0.12 with a local /var/mail. Perhaps the message is misleading and really complaining about folders other than INBOX that are NFS mounted. > > Our config has > > dovecot.conf:mail_nfs_index = no > dovecot.conf:mail_nfs_storage = yes With just one Dovecot server you don't need mail_nfs_storage=yes setting. Just set it to "no" and the error disappears. > Also, does the flush error messages have any real consequences? My understanding is that the rmdir is meant to fail, just to force a flush. Yeah, nothing breaks, just extra logging. From tss at iki.fi Tue Nov 27 03:55:33 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 03:55:33 +0200 Subject: [Dovecot] shared mailboxes and indexes In-Reply-To: <b9a3pg22j8v8@mids.svenhartge.de> References: <50A61147.5040201@um.es> <14BDCFB7-B11E-4D4A-95AD-5BB92085DB91@iki.fi> <50AF5D9C.7050204@skye.it> <7DEEDB49-0441-4194-911D-6B5E4E5ADCD1@iki.fi> <099qpni2j8v8@mids.svenhartge.de> <4FC65E25-4154-4F8E-A1DB-D4BD7A900A98@iki.fi> <b9a3pg22j8v8@mids.svenhartge.de> Message-ID: <2B57036A-34C8-45C2-9479-839BA095450D@iki.fi> On 27.11.2012, at 3.24, Sven Hartge wrote: >> For implementing shared mailboxes between all user servers, I think >> what would need to be developed is: > >>> imapc_host = m-st-sh-01.example.com >>> imapc_master_user = %u >>> imapc_user = shared > >> Somehow being able to set "imapc_user = %%u" where %%u expands to the >> shared namespace's username. Or maybe setting the imapc_user >> automatically to that when accessing it via type=shared namespace. > > Wouldn't you still need the target users host because this will be > dynamic depending on the target user? imapc_host = director Also the database of which users have mailboxes shared to others would need to be something that all the servers can access. Either via NFS or with SQL backend. From tss at iki.fi Tue Nov 27 06:29:24 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 06:29:24 +0200 Subject: [Dovecot] Dovecot director doveadm with switch "-A" error In-Reply-To: <453DDEEC-1372-40D2-ADD5-00F56904C52A@uib.es> References: <453DDEEC-1372-40D2-ADD5-00F56904C52A@uib.es> Message-ID: <B528BA8C-9575-4C3C-B154-F243252B4B6F@iki.fi> On 21.11.2012, at 15.05, Ramon Frontera wrote: > we have a problem with our director proxy configuration. > When we run on proxy server the doveadm command with -A switch, fails with the error: > > # doveadm -D quota get -A > doveadm(user1): Debug: auth input: user=user1 proxy starttls=any-cert > doveadm(user1): Error: Proxy is missing destination host > doveadm: Error: Failed to iterate through some users Well, I fixed various bugs in doveadm code related to this: http://hg.dovecot.org/dovecot-2.1/rev/6f19c535110e http://hg.dovecot.org/dovecot-2.1/rev/275a57b8dc70 http://hg.dovecot.org/dovecot-2.1/rev/0dc3f56e6468 http://hg.dovecot.org/dovecot-2.1/rev/fdc509644d05 But I don't think they fix your specific issue. It looks as if doveadm is connecting to auth process directly instead of director.. Do: strace -s 1000 -o log doveadm quota get -A and send me the log? Note that the log contains the doveadm_password in the base64 strings. From dmiller at amfes.com Tue Nov 27 06:51:04 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Mon, 26 Nov 2012 20:51:04 -0800 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> Message-ID: <assp.1678966eea.50B446B8.6070701@amfes.com> On 11/26/2012 5:50 PM, Timo Sirainen wrote: > On 18.11.2012, at 16.54, Robert Str?tgen wrote: > >> Nov 18, 2012 2:59:09 PM org.apache.solr.common.SolrException log >> SEVERE: org.apache.solr.common.SolrException: Invalid UTF-8 start byte >> 0xfc (at char #25214836, byte #26687495) > Annoying. I guess these fix it: > > http://hg.dovecot.org/dovecot-2.1/rev/172295f5a78b > http://hg.dovecot.org/dovecot-2.1/rev/01550514f189 > http://hg.dovecot.org/dovecot-2.1/rev/339e654f371e > These patches have improved fts for me - but I still have errors like: Nov 26 20:49:29 bubba dovecot: indexer-worker(dmiller at amfes.com): Panic: file solr-connection.c: line 547 (solr_connection_post_more): assertion failed: (maxfd >= 0) Nov 26 20:49:29 bubba dovecot: indexer-worker(dmiller at amfes.com): Error: Raw backtrace: /usr/local/lib/dovecot/libdovecot.so.0(+0x45cea) [0x7f0c66c33cea] -> /usr/local/lib/dovecot/libdovecot.so.0(+0x45d2e) [0x7f0c66c33d2e] -> /usr/local/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f0c66c07d10] -> /usr/local/lib/dovecot/lib21_fts_solr_plugin.so(+0x6de5) [0x7f0c653a6de5] -> /usr/local/lib/dovecot/lib21_fts_solr_plugin.so(+0x3867) [0x7f0c653a3867] -> /usr/local/lib/dovecot/lib20_fts_plugin.so(fts_build_mail+0x53b) [0x7f0c655b2b2b] -> /usr/local/lib/dovecot/lib20_fts_plugin.so(+0xc530) [0x7f0c655b7530] -> dovecot/indexer-worker [dmiller at amfes.com Archives/2010 - 7000/7266]() [0x402326] -> dovecot/indexer-worker [dmiller at amfes.com Archives/2010 - 7000/7266]() [0x4026cc] -> /usr/local/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x36) [0x7f0c66c40b76] -> /usr/local/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xa7) [0x7f0c66c419c7] -> /usr/local/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7f0c66c406b8] -> /usr/local/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f0c66c2c203] -> dovecot/indexer-worker [dmiller at amfes.com Archives/2010 - 7000/7266](main+0x10a) [0x401dfa] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed) [0x7f0c6685276d] -> dovecot/indexer-worker [dmiller at amfes.com Archives/2010 - 7000/7266]() [0x401e9d] The solr log shows: Nov 26, 2012 8:49:29 PM org.apache.solr.common.SolrException log SEVERE: org.apache.solr.common.SolrException: Illegal character ((CTRL-CHAR, code 8)) at [row,col {unknown-source}]: [1011144,197790] -- Daniel From dmiller at amfes.com Tue Nov 27 06:54:56 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Mon, 26 Nov 2012 20:54:56 -0800 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> Message-ID: <assp.16787275b5.50B447A0.3000502@amfes.com> On 11/26/2012 5:50 PM, Timo Sirainen wrote: > On 18.11.2012, at 16.54, Robert Str?tgen wrote: > >> Nov 18, 2012 2:59:09 PM org.apache.solr.common.SolrException log >> SEVERE: org.apache.solr.common.SolrException: Invalid UTF-8 start byte >> 0xfc (at char #25214836, byte #26687495) > Annoying. I guess these fix it: > > http://hg.dovecot.org/dovecot-2.1/rev/172295f5a78b > http://hg.dovecot.org/dovecot-2.1/rev/01550514f189 > http://hg.dovecot.org/dovecot-2.1/rev/339e654f371e > The "waitFlush" option for solr's commit method has been deprecated - and removed completely in the current version. Suggest a change to fts-backend-solr.c: in fts_backend_solr_update_deinit() str = t_strdup_printf("<commit " "waitSearcher=\"%s\"/>", ctx->documents_added ? "true" : "false"); -- Daniel From tss at iki.fi Tue Nov 27 07:50:51 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 07:50:51 +0200 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <assp.1678966eea.50B446B8.6070701@amfes.com> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> <assp.1678966eea.50B446B8.6070701@amfes.com> Message-ID: <4ED5439E-C949-4F63-A01C-15869DA43FBA@iki.fi> On 27.11.2012, at 6.51, Daniel L. Miller wrote: > On 11/26/2012 5:50 PM, Timo Sirainen wrote: >> On 18.11.2012, at 16.54, Robert Str?tgen wrote: >> >>> Nov 18, 2012 2:59:09 PM org.apache.solr.common.SolrException log >>> SEVERE: org.apache.solr.common.SolrException: Invalid UTF-8 start byte >>> 0xfc (at char #25214836, byte #26687495) >> Annoying. I guess these fix it: >> >> http://hg.dovecot.org/dovecot-2.1/rev/172295f5a78b >> http://hg.dovecot.org/dovecot-2.1/rev/01550514f189 >> http://hg.dovecot.org/dovecot-2.1/rev/339e654f371e Ugh. Should have known this was already being done. Reversed the whole thing. > These patches have improved fts for me - but I still have errors like: .. > Nov 26, 2012 8:49:29 PM org.apache.solr.common.SolrException log > SEVERE: org.apache.solr.common.SolrException: Illegal character ((CTRL-CHAR, code 8)) > at [row,col {unknown-source}]: [1011144,197790] Something's wrong. The Solr code was already supposed to catch all of these. From tss at iki.fi Tue Nov 27 08:08:05 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 08:08:05 +0200 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <4ED5439E-C949-4F63-A01C-15869DA43FBA@iki.fi> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> <assp.1678966eea.50B446B8.6070701@amfes.com> <4ED5439E-C949-4F63-A01C-15869DA43FBA@iki.fi> Message-ID: <FD146DEE-48AF-4D3C-B6FB-9C850205A8AC@iki.fi> On 27.11.2012, at 7.50, Timo Sirainen wrote: >> Nov 26, 2012 8:49:29 PM org.apache.solr.common.SolrException log >> SEVERE: org.apache.solr.common.SolrException: Illegal character ((CTRL-CHAR, code 8)) >> at [row,col {unknown-source}]: [1011144,197790] > > Something's wrong. The Solr code was already supposed to catch all of these. http://dovecot.org/tmp/allchars.gz If you send this mail to yourself and index it, does it fail? (Works for me.) From klimenko.n at theitidea.ru Tue Nov 27 08:19:56 2012 From: klimenko.n at theitidea.ru (=?UTF-8?B?0J3QuNC60L7Qu9Cw0Lkg0JrQu9C40LzQtdC90LrQvg==?=) Date: Tue, 27 Nov 2012 10:19:56 +0400 Subject: [Dovecot] Dovecot sieve with postfix. In-Reply-To: <CAKU1PAVGcAMwPPENVoN8t23zhd5xehKQ2tSB-=4SPVOwT3dNEA@mail.gmail.com> References: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> <50AA66A5.4050702@fi4it.de> <50B3C265.5060409@theitidea.ru> <CAKU1PAVGcAMwPPENVoN8t23zhd5xehKQ2tSB-=4SPVOwT3dNEA@mail.gmail.com> Message-ID: <50B45B8C.9010501@theitidea.ru> 1. clear the log 2. Send message 3. show mail.log mail.err you should add following in main.cf dovecot_destination_recipient_limit = 1 27.11.12 1:15, /#!/JoePea ?????: > Hi, thanks for the reply, > What's the difference between dovecot-lda and deliver? Are they the > same? The manpages are identical. I tried both and I also tried adding > the -a ${recipient} argument but there was no change. It still doesn't > work. Any other ideas? > > */#/!//*JoePea > > > On Mon, Nov 26, 2012 at 11:26 AM, ??????? ???????? > <klimenko.n at theitidea.ru <mailto:klimenko.n at theitidea.ru>> wrote: > > may be this is the best way > > > dovecot unix - n n - - pipe > flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f > ${sender} -d ${recipient} -a ${recipient} > > parameter-a $ {recipient} > allow to keep the recipient's address in the headers "from:" > > > 19.11.12 21:04, Fi4IT - Daniel Fischer ?????: > > Hello Joe, > > i use this: > main.cf <http://main.cf> > virtual_transport = dovecot > > master.cf <http://master.cf> > dovecot unix - n n - - pipe > flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f > ${sender} -d ${recipient} > > /etc/dovecot/conf.d/15-lda.conf > protocol lda { > log_path = /var/log/sieve.log > mail_plugins = acl sieve > } > > and that works fine with my tested clients (tb,outlook,roundcube) > > daniel > > Am 19.11.2012 15:17, schrieb /#!/JoePea: > > Hi all, > > I can't get dovecot working with postfix. If I leave > virtual_transport set > to "virtual", I can send and receive messages just fine in > roundcube. If I > set virtual_transport to "dovecot", I can only send > messages in roundcube, > but incoming messages never arrive. Seems I can't get > dovecot-lda to work. > I need dovecot-lda in order for sieve filters to work. > > Any idea what I'm doing wrong? > > Here's `doveconf -n`: > http://pastie.org/5401133 > > `postconf -n`: > http://pastie.org/5401157 > > and `postconf -M`: > http://pastie.org/5401177 > > Note: All I have to do is change virtual_transport = > dovecot to > virtual_transport > = virtual and all will be fine, except for that I won't > have sieve > filtering which is what I really want. > > */#!/*JoePea > > From tss at iki.fi Tue Nov 27 08:39:49 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 08:39:49 +0200 Subject: [Dovecot] memory allocation issues In-Reply-To: <20121126200314.GH62311@corp.sonic.net> References: <20121109004915.GJ70186@corp.sonic.net> <840D1B6B-956A-442C-8550-62EBAD352B73@iki.fi> <20121126200314.GH62311@corp.sonic.net> Message-ID: <6489C384-2930-4AFE-B60D-1A446DADFB95@iki.fi> On 26.11.2012, at 22.03, Kelsey Cummings wrote: >>> auth: Error: malloc: 58012: Cannot allocate memory >>> auth: Error: Unable to allocate memory for mutexes from the region >>> auth: Error: PANIC: Cannot allocate memory >>> auth: passwd(test,1.1.1.1,<8HTlNHzNIQBAjhKC>): unknown user .. >> Memory leak maybe? service auth { vsz_limit } anyway was reached (default 256 MB). > > It is currently set to 768M, I'll go ahead and raise it up to 1G. > Anything I can do to help see if it is a memory leak? Is it really the auth master process that fails? > passdb { > args = imap > driver = pam > } .. > userdb { > driver = passwd > } Both of these lookups should be done by auth-worker processes. So why is it the auth process that complains? Anyway .. if the problem really is auth-worker and this is only a logging problem (I would have expected auth-worker: prefix in log lines), then the solution is simple. Just restart the auth-worker processes every 1000 lookups: service auth-worker { service_count = 1000 } From tss at iki.fi Tue Nov 27 08:45:14 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 08:45:14 +0200 Subject: [Dovecot] memory allocation issues In-Reply-To: <6489C384-2930-4AFE-B60D-1A446DADFB95@iki.fi> References: <20121109004915.GJ70186@corp.sonic.net> <840D1B6B-956A-442C-8550-62EBAD352B73@iki.fi> <20121126200314.GH62311@corp.sonic.net> <6489C384-2930-4AFE-B60D-1A446DADFB95@iki.fi> Message-ID: <DC6AD7F4-163F-4A9E-ADA3-70900E8E1C11@iki.fi> On 27.11.2012, at 8.39, Timo Sirainen wrote: >> userdb { >> driver = passwd >> } > > Both of these lookups should be done by auth-worker processes. So why is it the auth process that complains? Because of a bug in v2.0.16+ :( http://hg.dovecot.org/dovecot-2.1/rev/8e5d9d88e250 As a workaround you can use for existing versions: userdb { driver = passwd args = blocking=yes } From dmalolepszy at optusnet.com.au Tue Nov 27 08:48:23 2012 From: dmalolepszy at optusnet.com.au (Dominic Malolepszy) Date: Tue, 27 Nov 2012 17:48:23 +1100 Subject: [Dovecot] Dovecot IMAP/POP3 auto creating maildir Message-ID: <50B46237.1070204@optusnet.com.au> Hi I have observed that after deleting a mailbox and removing the user from the userdb, immediately accessing the mail account via POP3/IMAP causes Dovecot to auto create an empty mailbox, because the userdb/passdb details are still cached for 10minutes. Is there any option to tell Dovecot POP3/IMAP not to auto create the mailbox if it does not exist? Alternatively and less desirably is there a mechanism for telling Dovecot to expire a userdb/passdb cached entry? Running Dovecot 2.1.9 Dominic From tss at iki.fi Tue Nov 27 09:07:47 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 09:07:47 +0200 Subject: [Dovecot] Dovecot IMAP/POP3 auto creating maildir In-Reply-To: <50B46237.1070204@optusnet.com.au> References: <50B46237.1070204@optusnet.com.au> Message-ID: <50942EFA-4921-4E3D-9161-0D1E92531E44@iki.fi> On 27.11.2012, at 8.48, Dominic Malolepszy wrote: > I have observed that after deleting a mailbox and removing the user from the userdb, immediately accessing the mail account via POP3/IMAP causes Dovecot to auto create an empty mailbox, because the userdb/passdb details are still cached for 10minutes. Is there any option to tell Dovecot POP3/IMAP not to auto create the mailbox if it does not exist? Change the parent directory permissions so that the mkdir() fails. > Alternatively and less desirably is there a mechanism for telling Dovecot to expire a userdb/passdb cached entry? v2.1.9+ has: doveadm auth cache flush user at domain From tss at iki.fi Tue Nov 27 09:11:07 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 09:11:07 +0200 Subject: [Dovecot] Feature request: add information to error message: client doesn't have lookup permissions for this user: userdb reply doesn't contain uid (change userdb socket permissions) In-Reply-To: <alpine.DEB.2.02.1211021622060.8405@pc-2m63nn> References: <alpine.DEB.2.02.1211021622060.8405@pc-2m63nn> Message-ID: <0BA25BE4-76C4-41BA-85CC-57FE896AB555@iki.fi> On 2.11.2012, at 17.55, Steffen Kaiser wrote: > Please add the information to this error, which socket has the problem and which uid access is and what is expected. > > For instance, when the quota dict request fails, because of permission problems, you get a very detailed info about the current problem. And, further more, hints to solve it. > > BTW: I'm trying to configure shared mailboxes for a virtual user system, when one user with ACLs on other mailboxes requests a LIST, I get this error. In my case, I solved the problem by chmod u+x auth-userdb . http://hg.dovecot.org/dovecot-2.1/rev/c811aab61355 ? From tss at iki.fi Tue Nov 27 09:18:53 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 09:18:53 +0200 Subject: [Dovecot] imap-login hanging when firewall blocks ssl handshaking In-Reply-To: <AED7EBF0-A31F-4171-88DC-F07463A9E0B1@usc.edu> References: <B7D3B051-AEFD-42CD-87DC-60764AF401D4@usc.edu> <8EDD59BD-AC4B-442F-B148-285BC368B49B@iki.fi> <AED7EBF0-A31F-4171-88DC-F07463A9E0B1@usc.edu> Message-ID: <1354000733.2844.25.camel@innu> Could you try with the attached patch, and with only the problematic client running? What does it log (the beginning of the session until it starts repeating the same lines)? On Sat, 2012-11-24 at 00:16 -0800, Erik A Johnson wrote: > Thanks, Timo. Nope, still an infinite loop. Anything I can try using gdb to trace? > > > On Nov 22, 2012, at 10:52 PM, Timo Sirainen <tss at iki.fi> wrote: > > > On 10.11.2012, at 12.44, Erik A Johnson wrote: > > > >> imap-login processes are hanging (using 100% of CPU) when connected from a client that is partially blocked by a firewall. It appears that imap-login is stuck in a loop trying to complete an ssl handshake. imap-login is working fine for other clients not blocked by the firewall (including localhost). > >> > >> This is dovecot 2.1.10 under Mac OS X 10.8.2 (compiled from sources); the firewall is Little Snitch 3.0.1 blocking port 993, which appears to let the connection initiate but then squashes and disconnects the socket during ssl handshaking. > >> > >> gdb backtrace and Activity Monitor's "Sample Process" show that imap-login is stuck calling ioloop-kqueue's io_loop_handler_run -> io_loop_call_io -> ssl_step repeatedly; dtruss shows that it is repeatedly making system calls to kevent and read, the latter returning -1 with errno 57=ENOTCONN="Socket is not connected". (I also tried ./configure --with-ioloop=poll and --with-iopoll=select instead of the default best = kqueue but the results were the same; --with-iopoll=epoll didn't work because epoll is not available on this machine.) The client, initiated by the command "openssl s_client -connect SERVER:993", first responds "CONNECTED(00000003)" but then immediately the error "60278:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:/SourceCache/OpenSSL098/OpenSSL098-44/src/ssl/s23_lib.c:182:". The infinite loop is in src/lib/ioloop.c in the function "io_loop_run" where the statement "while (ioloop->running) io_loop_handler_run(ioloop)" is executed. > > > > I wonder if this fixes it? http://hg.dovecot.org/dovecot-2.1/rev/e95479f439aa > > > -------------- next part -------------- A non-text attachment was scrubbed... Name: diff Type: text/x-patch Size: 1876 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121127/5e11a288/attachment-0002.bin> From koshikov at gmail.com Tue Nov 27 09:37:51 2012 From: koshikov at gmail.com (Nikita Koshikov) Date: Tue, 27 Nov 2012 09:37:51 +0200 Subject: [Dovecot] Default fallback behaviour In-Reply-To: <B4D76870-723B-414E-8DCB-9F4595F5A42F@iki.fi> References: <CANYsE-wYxa1hf=Z4Kom5pTWoFji_aqMous9Gty_zBNhynnzkAA@mail.gmail.com> <B4D76870-723B-414E-8DCB-9F4595F5A42F@iki.fi> Message-ID: <CANYsE-yb59rWePexi-U0foG0xMB13FWGru5awwnBk_7hVz5gDQ@mail.gmail.com> On Tue, Nov 27, 2012 at 3:04 AM, Timo Sirainen <tss at iki.fi> wrote: > On 23.11.2012, at 9.46, Nikita Koshikov wrote: > > > Hello list, > > > > Here is the problem: > > I have few: > > passdb { > > #1 > > } > > passdb { > > #2 > > } > > And relative userdb sections. If user not found in 1) section it > fallbacks > > to next one - it's expected and right, IMHO. But when the user exists in > > both section and password verification fails on 1) database it > successfully > > authenticated on next one. I think this behaviour should be configured. > The > > main goal of 1) section for this server is to overwrite users in main > > (section2) database. > > It's not always possible to know why #1 failed. For example PAM doesn't > always tell if the password was wrong or if the user didn't exist. > > > Maybe I missed something and this option is already in dovecot code and I > > can't find it ? Or if not - will it be added in the future ? > > > I'm not very interested in adding it, especially because it can't be done > reliably. > > Thank's for the anwer. It's a pity to hear, because it's security feature I need to provide. The problem - that main passdb - is ldap and there are about - 5-7 people who can edit it and simply to login as different users. Yes, activity is logged - but mailbox can be read\stolen. The main goal for passwd-file database is to revrite ldap very critical mailboxes to local file. It can be edited only but 1 person - it is nativly to trust 1, but not to 7. From tss at iki.fi Tue Nov 27 09:42:50 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 09:42:50 +0200 Subject: [Dovecot] Default fallback behaviour In-Reply-To: <CANYsE-yb59rWePexi-U0foG0xMB13FWGru5awwnBk_7hVz5gDQ@mail.gmail.com> References: <CANYsE-wYxa1hf=Z4Kom5pTWoFji_aqMous9Gty_zBNhynnzkAA@mail.gmail.com> <B4D76870-723B-414E-8DCB-9F4595F5A42F@iki.fi> <CANYsE-yb59rWePexi-U0foG0xMB13FWGru5awwnBk_7hVz5gDQ@mail.gmail.com> Message-ID: <5E10AA5C-DF78-4F87-B9E2-EA69E4A94C3C@iki.fi> On 27.11.2012, at 9.37, Nikita Koshikov wrote: >>> Here is the problem: >>> I have few: >>> passdb { >>> #1 >>> } >>> passdb { >>> #2 >>> } >>> And relative userdb sections. If user not found in 1) section it >> fallbacks >>> to next one - it's expected and right, IMHO. But when the user exists in >>> both section and password verification fails on 1) database it >> successfully >>> authenticated on next one. I think this behaviour should be configured. >> The >>> main goal of 1) section for this server is to overwrite users in main >>> (section2) database. >> > Thank's for the anwer. It's a pity to hear, because it's security feature I > need to provide. The problem - that main passdb - is ldap and there are > about - 5-7 people who can edit it and simply to login as different users. > Yes, activity is logged - but mailbox can be read\stolen. The main goal for > passwd-file database is to revrite ldap very critical mailboxes to local > file. It can be edited only but 1 person - it is nativly to trust 1, but > not to 7. Try if a modified version of Alessio's suggestion works: passdb { driver = passwd-file args = /etc/passwd.important } passdb { driver = passwd-file args = /etc/passwd.important deny = yes } passdb { driver = ldap } From tss at iki.fi Tue Nov 27 10:42:03 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 10:42:03 +0200 Subject: [Dovecot] Rebuilding indexes fails on inconsistent mdbox In-Reply-To: <20121109161845.503766441fbb2a1df97d7220@mjh.name> References: <20121024132811.7cf18fdf7343b4dd961b2858@mjh.name> <394FADB5-4E6C-4179-BF30-244390964FA4@iki.fi> <20121109161845.503766441fbb2a1df97d7220@mjh.name> Message-ID: <EB83079A-E6DB-44B0-B436-359AC455EAD8@iki.fi> On 9.11.2012, at 17.18, Milan Holz?pfel wrote: >>> Oct 24 10:45:19 two dovecot: imap(listen at mjh.name): Panic: file mdbox-storage-rebuild.c: line 773 (rebuild_update_refcounts): assertion failed: (map_uid < msgs[i]->map_uid) Finally looked into this and fixed: http://hg.dovecot.org/dovecot-2.1/rev/8770940057b9 From tss at iki.fi Tue Nov 27 10:53:35 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 10:53:35 +0200 Subject: [Dovecot] v2.1.11 soon Message-ID: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> Just to let you know: I'm planning on releasing v2.1.11 today/tomorrow. If you wish to get something fixed for it, ask quickly. :) From skdovecot at smail.inf.fh-brs.de Tue Nov 27 12:01:50 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Tue, 27 Nov 2012 11:01:50 +0100 (CET) Subject: [Dovecot] Feature request: add information to error message: client doesn't have lookup permissions for this user: userdb reply doesn't contain uid (change userdb socket permissions) In-Reply-To: <0BA25BE4-76C4-41BA-85CC-57FE896AB555@iki.fi> References: <alpine.DEB.2.02.1211021622060.8405@pc-2m63nn> <0BA25BE4-76C4-41BA-85CC-57FE896AB555@iki.fi> Message-ID: <alpine.DEB.1.10.1211271100160.6954@pc-2m63a.inf.fh-bonn-rhein-sieg.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 27 Nov 2012, Timo Sirainen wrote: > On 2.11.2012, at 17.55, Steffen Kaiser wrote: > >> Please add the information to this error, which socket has the problem >> and which uid access is and what is expected. >> >> For instance, when the quota dict request fails, because of permission >> problems, you get a very detailed info about the current problem. And, >> further more, hints to solve it. > > http://hg.dovecot.org/dovecot-2.1/rev/c811aab61355 ? Many thanks ! - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBULSPj2oxLS8a3A9mAQJTYggAq8OJPR4wZMUalZeuMAjLQAeb7pWTEK5k w5HeamqZH6rjVq5wk7ln2dFsPQm4+RZPtohenMh8sYChvg2YJLulTp0/I0lra2k2 9CU8kO9YgnUL5yZnnixMOJuZG7mze8DlcmH8lmsf7hg2P8YD2WE0S1F9ro3UquCW Y7b8oVU1j2k8n05QD1tu8TwFuxPWRdlCHg3C1J1KLhl0xH7nAdHk3WItE73a5vZ7 9gEDfInnM0UAhBzRb0QxV/6i4s03hv7k8f15MxN5dqIrqKfhVrmWXDmpG5SGr0dz 83CioJo/KZGnJufTqGnrA3iMvovhoPdkw9QToVHcbbaDhaZohK/G7A== =TPv5 -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Tue Nov 27 12:13:37 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Tue, 27 Nov 2012 11:13:37 +0100 (CET) Subject: [Dovecot] lmtp_rcpt_check_quota working somewhere? In-Reply-To: <19E4CB4D-7961-49A2-84CD-D0370A0B364A@iki.fi> References: <alpine.DEB.2.02.1211261658550.3077@pc-2m63nn> <19E4CB4D-7961-49A2-84CD-D0370A0B364A@iki.fi> Message-ID: <alpine.DEB.1.10.1211271111050.6954@pc-2m63a.inf.fh-bonn-rhein-sieg.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 27 Nov 2012, Timo Sirainen wrote: > On 26.11.2012, at 18.07, Steffen Kaiser wrote: > >> I'm running Dovecot v2.1 and enabled the >> >> lmtp_rcpt_check_quota >> >> option in conf.d/20-lmtp.conf, because I just found it in the sample config. >> >> When I have the option enabled, I get _no_ response in the RCPT TO phase, if the user is under quota. If I go on and enter the DATA keyword eventually, I get "554 5.5.1 No valid recipients", so it looks like, the user is really ignored at all. > > Fixed: http://hg.dovecot.org/dovecot-2.1/rev/bebe54e1d640 That seems to fix the problem. Works with single and multiple recipients. Thanks, - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBULSSUWoxLS8a3A9mAQLCJgf/apcvh+4WAYQEPciD4UNAAKmRO04naVxZ 6y/Ik/jGfbtmwEHG+k6n9anIIuVwivfs0G7qugN5Drw3rQC//FEMlfpmtIFf7wBg vS5nvb5m58i6QFTxBzZWbJ11CE5YIN4wG23OzegvvA7xDp6tQmZDNDJUhjQMfnfW Cs4wOnFj5ZTkX9M+GURXiLJfQCBvqOCktuuocoSo3iJaiDwyhcrKSnqTmeJ474UC 5ZRT6AOjvnaHzYYHXyIFu2Th3fNR0qiurQFub//INCwKNqiDCAa+xFSMIkYaDidS cFQjAMo/dFS+meEi1h8/S0HwDbO1KjZ6f+05oFB4B3EaA13ubHUPbA== =Avwv -----END PGP SIGNATURE----- From noel.butler at ausics.net Tue Nov 27 14:19:27 2012 From: noel.butler at ausics.net (Noel Butler) Date: Tue, 27 Nov 2012 22:19:27 +1000 Subject: [Dovecot] v2.1.11 soon In-Reply-To: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> References: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> Message-ID: <1354018767.25506.25.camel@tardis> On Tue, 2012-11-27 at 10:53 +0200, Timo Sirainen wrote: > Just to let you know: I'm planning on releasing v2.1.11 today/tomorrow. If you wish to get something fixed for it, ask quickly. :) > hah, but u won t do it... -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20121127/7e2120c3/attachment-0002.bin> From pw at wk-serv.de Tue Nov 27 14:22:57 2012 From: pw at wk-serv.de (Patrick Westenberg) Date: Tue, 27 Nov 2012 13:22:57 +0100 Subject: [Dovecot] v2.1.11 soon In-Reply-To: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> References: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> Message-ID: <50B4B0A1.4060906@wk-serv.de> Timo Sirainen schrieb: > Just to let you know: I'm planning on releasing v2.1.11 today/tomorrow. If you wish to get something fixed for it, ask quickly. :) Backend-Failover would be nice ;-) From ramon.frontera at uib.es Tue Nov 27 14:27:25 2012 From: ramon.frontera at uib.es (Ramon Frontera) Date: Tue, 27 Nov 2012 13:27:25 +0100 Subject: [Dovecot] Dovecot director doveadm with switch "-A" error In-Reply-To: <B528BA8C-9575-4C3C-B154-F243252B4B6F@iki.fi> References: <453DDEEC-1372-40D2-ADD5-00F56904C52A@uib.es> <B528BA8C-9575-4C3C-B154-F243252B4B6F@iki.fi> Message-ID: <8874EC16-C9A2-4689-91E6-71453FF6ED65@uib.es> Hi, I send you attached the command's output. -------------- next part -------------- A non-text attachment was scrubbed... Name: dovelog.zip Type: application/zip Size: 16759 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121127/d0784542/attachment-0002.zip> -------------- next part -------------- Thanks! -- ------------------------------------------ Ramon Frontera Gallardo Centre de Tecnologies de la Informaci? Universitat de les Illes Balears Ctra. Valldemossa km 7,5 07122 Palma de Mallorca El 27/11/2012, a las 05:29, Timo Sirainen escribi?: > On 21.11.2012, at 15.05, Ramon Frontera wrote: > >> we have a problem with our director proxy configuration. >> When we run on proxy server the doveadm command with -A switch, fails with the error: >> >> # doveadm -D quota get -A >> doveadm(user1): Debug: auth input: user=user1 proxy starttls=any-cert >> doveadm(user1): Error: Proxy is missing destination host >> doveadm: Error: Failed to iterate through some users > > Well, I fixed various bugs in doveadm code related to this: > > http://hg.dovecot.org/dovecot-2.1/rev/6f19c535110e > http://hg.dovecot.org/dovecot-2.1/rev/275a57b8dc70 > http://hg.dovecot.org/dovecot-2.1/rev/0dc3f56e6468 > http://hg.dovecot.org/dovecot-2.1/rev/fdc509644d05 > > But I don't think they fix your specific issue. It looks as if doveadm is connecting to auth process directly instead of director.. Do: > > strace -s 1000 -o log doveadm quota get -A > > and send me the log? Note that the log contains the doveadm_password in the base64 strings. > > From raabe at froglogic.com Tue Nov 27 14:53:37 2012 From: raabe at froglogic.com (Frerich Raabe) Date: Tue, 27 Nov 2012 13:53:37 +0100 Subject: [Dovecot] Cannot STORE \Seen flag on some mails Message-ID: <50B4B7D1.5080204@froglogic.com> Hi, I'm running Dovecot 1.2.17 on FreeBSD (exact output of 'dovecot -n' is atttached to this mail). The machine is serving a public mailinglist archive which is read-only; all mail arriving for the archive is marked as \Seen using Sieve script. This setup works well most of the time, but I noticed that for *some* mails, the \Seen flag doesn't seem to be stored. Right now I have 31255 mails in one of my folders and I can't seem to mark five of them as \Seen - the others work just fine. I first suspected a client issue so I did a little IMAP session by hand: * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready. . LOGIN "xxxxxx" "yyyyyy" . OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT IDLE CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS ACL RIGHTS=texk] Logged in . SELECT "Lists/Archive/squish" * FLAGS (\Answered \Flagged \Deleted \Seen \Draft $NotJunk) * OK [PERMANENTFLAGS ()] Read-only mailbox. * 31250 EXISTS * 0 RECENT * OK [UNSEEN 27126] First unseen. * OK [UIDVALIDITY 1350573750] UIDs valid * OK [UIDNEXT 31265] Predicted next UID * OK [HIGHESTMODSEQ 9512] Highest . OK [READ-ONLY] Select completed. . SEARCH UNSEEN * SEARCH 27126 27127 28484 29835 29838 . OK Search completed (0.000 secs). . STORE 27126 FLAGS \SEEN . OK Store completed. . SEARCH UNSEEN * SEARCH 27126 27127 28484 29835 29838 . OK Search completed (0.000 secs). . LOGOUT * BYE Logging out . OK Logout completed. Note how the first 'SEARCH UNSEEN' command shows that '27126' is unseen, the subsequent 'STORE' command succeeds - but then 'SEARCH UNSEEN' still shows 27126 as unseen! I have all four logging levels being piped to /var/log/maillog (I verified this by running dovecot --log-error) but the file does not show any problems. I checked the file permissions of the Maildir directories, and it all looks dandy to me. Does anybody have some suggestions how to debug this further, or what the reason for this may be? -- Frerich Raabe - raabe at froglogic.com www.froglogic.com - Multi-Platform GUI Testing -------------- next part -------------- # 1.2.17: /usr/local/etc/dovecot.conf # OS: FreeBSD 9.0-RELEASE i386 protocols: imap imaps managesieve listen(default): * listen(imap): * listen(managesieve): *:2000 *:4190 disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable(default): /usr/local/libexec/dovecot/imap-login login_executable(imap): /usr/local/libexec/dovecot/imap-login login_executable(managesieve): /usr/local/libexec/dovecot/managesieve-login verbose_proctitle: yes first_valid_uid: 1000 first_valid_gid: 1000 mail_privileged_group: mail mail_location: maildir:~/Maildir mail_executable(default): /usr/local/libexec/dovecot/imap mail_executable(imap): /usr/local/libexec/dovecot/imap mail_executable(managesieve): /usr/local/libexec/dovecot/managesieve mail_process_size: 512 mail_plugins(default): acl imap_acl fts fts_squat mail_plugins(imap): acl imap_acl fts fts_squat mail_plugins(managesieve): mail_plugin_dir(default): /usr/local/lib/dovecot/imap mail_plugin_dir(imap): /usr/local/lib/dovecot/imap mail_plugin_dir(managesieve): /usr/local/lib/dovecot/managesieve imap_client_workarounds(default): delay-newmail netscape-eoh tb-extra-mailbox-sep imap_client_workarounds(imap): delay-newmail netscape-eoh tb-extra-mailbox-sep imap_client_workarounds(managesieve): namespace: type: private separator: / inbox: yes list: yes subscriptions: yes namespace: type: public separator: / prefix: Lists/ location: maildir:/home/vmail/lists/Maildir:CONTROL=~/Maildir/lists:INDEX=~/Maildir/lists list: yes namespace: type: public separator: / prefix: Lists/Archive/ location: maildir:/home/vmail/lists/archive/Maildir list: yes lda: postmaster_address: postmaster at imap2.froglogic.com mail_plugins: sieve acl sendmail_path: /usr/sbin/sendmail auth default: mechanisms: plain login username_format: %Lu passdb: driver: pam args: session=yes dovecot passdb: driver: ldap args: /usr/local/etc/dovecot-ldap.conf userdb: driver: passwd-file args: username_format=%n /usr/local/etc/dovecot-pseudo-users.passwd userdb: driver: ldap args: /usr/local/etc/dovecot-ldap.conf plugin: acl: vfile sieve_before: /usr/local/etc/keep-broadcast-mail.sieve fts: squat fts_squat: partial=4 full=4 From raabe at froglogic.com Tue Nov 27 15:06:19 2012 From: raabe at froglogic.com (Frerich Raabe) Date: Tue, 27 Nov 2012 14:06:19 +0100 Subject: [Dovecot] Cannot STORE \Seen flag on some mails In-Reply-To: <50B4B7D1.5080204@froglogic.com> References: <50B4B7D1.5080204@froglogic.com> Message-ID: <50B4BACB.3020207@froglogic.com> Am 11/27/2012 1:53 PM, schrieb Frerich Raabe: > I first suspected a client issue so I did a little IMAP session by hand: [..] > Note how the first 'SEARCH UNSEEN' command shows that '27126' is unseen, > the subsequent 'STORE' command succeeds - but then 'SEARCH UNSEEN' still > shows 27126 as unseen! Sorry, I only now realized that my IMAP session wasn't very useful since the dovecot-acl file didn't allow my user to modify the \Seen flag (it only allowed it for the user which runs the Sieve script filing the mail into the archive [and marking it as seen]) in the first place. If I relax the ACL, I can mark the mail as seen myself. I guess that means the question is - why didn't the sieve_before manage to set the flag in all cases. -- Frerich Raabe - raabe at froglogic.com www.froglogic.com - Multi-Platform GUI Testing From koshikov at gmail.com Tue Nov 27 15:26:22 2012 From: koshikov at gmail.com (Nikita Koshikov) Date: Tue, 27 Nov 2012 15:26:22 +0200 Subject: [Dovecot] Default fallback behaviour In-Reply-To: <5E10AA5C-DF78-4F87-B9E2-EA69E4A94C3C@iki.fi> References: <CANYsE-wYxa1hf=Z4Kom5pTWoFji_aqMous9Gty_zBNhynnzkAA@mail.gmail.com> <B4D76870-723B-414E-8DCB-9F4595F5A42F@iki.fi> <CANYsE-yb59rWePexi-U0foG0xMB13FWGru5awwnBk_7hVz5gDQ@mail.gmail.com> <5E10AA5C-DF78-4F87-B9E2-EA69E4A94C3C@iki.fi> Message-ID: <CANYsE-yco7OxvQco_nk1wBsCnDb7gJMTpZoo0dnSC6D40OHWbQ@mail.gmail.com> Yes, thanks a lot - this config is working as expected. From petsy12 at lavabit.com Tue Nov 27 15:32:33 2012 From: petsy12 at lavabit.com (petsy12 at lavabit.com) Date: Tue, 27 Nov 2012 08:32:33 -0500 (EST) Subject: [Dovecot] IMAP over SSL Message-ID: <22331.77.247.181.164.1354023153.squirrel@lavabit.com> Hello. I've never tried Dovecot. Here is my attempt to enable IMAP over SSL on port 993. (BTW, I don't want to use port 143 at all.) # dovecot -n log_timestamp: %Y-%m-%d %H:%M:%S protocols: imaps listen: *:143,[::]:143 ssl_listen: *:993,[::]:993 ssl: required ssl_cert_file: /etc/dovecot/keycert.pem ssl_key_file: /etc/dovecot/keycert.pem ssl_cipher_list: TLSv1+HIGH:!SSLv2:!aNULL:!eNULL:!NULL:@STRENGTH login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/imap-login mail_privileged_group: mail mail_location: maildir:~/Maildir mbox_write_locks: fcntl dotlock auth default: passdb: driver: pam userdb: driver: passwd 1. Here is a snippet from dovecot.conf. Is it correct? Should I change something? (Note that I don't want to enable IMAP on port 143.) protocols = imaps protocol imap { listen = *:143,[::]:143 ssl_listen = *:993,[::]:993 } disable_plaintext_auth = yes ssl_listen = *:993,[::]:933 ssl = required ssl_cert_file = /etc/dovecot/keycert.pem ssl_key_file = /etc/dovecot/keycert.pem ssl_cipher_list = TLSv1+HIGH:!SSLv2:!aNULL:!eNULL:!NULL:@STRENGTH 2. I don't understand the syntax connected with auth. What auth options are enabled by default? dovecot.conf: No sections (e.g. namespace {}) or plugin settings are added by default, they're listed only as examples. Does it mean that passdb pam will use defaults (e.g. session=yes, setrcred=yes)? passdb pam { # [session=yes] [setcred=yes] [failure_show_msg=yes] [max_requests=<n>] # [cache_key=<key>] [<service name>] # # session=yes makes Dovecot open and immediately close PAM session. Some # PAM plugins need this to work, such as pam_mkhomedir. # # setcred=yes makes Dovecot establish PAM credentials if some PAM plugins # need that. They aren't ever deleted though, so this isn't enabled by # default. # # max_requests specifies how many PAM lookups to do in one process before # recreating the process. The default is 100, because many PAM plugins # leak memory. # # cache_key can be used to enable authentication caching for PAM # (auth_cache_size also needs to be set). It isn't enabled by default # because PAM modules can do all kinds of checks besides checking password, # such as checking IP address. Dovecot can't know about these checks # without some help. cache_key is simply a list of variables (see # /usr/share/doc/dovecot-common/wiki/Variables.txt) which must match # for the cached data to be used. # Here are some examples: # %u - Username must match. Probably sufficient for most uses. # %u%r - Username and remote IP address must match. # %u%s - Username and service (ie. IMAP, POP3) must match. # # The service name can contain variables, for example %Ls expands to # pop3 or imap. # # Some examples: # args = session=yes %Ls # args = cache_key=%u dovecot #args = dovecot } 3. Here is the output of `openssl s_client -tls1 -connect mail.example.com:993`. Is it OK? [snip] New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA Server public key is 2048 bit Secure Renegotiation IS supported Compression: zlib compression Expansion: zlib compression [snip] Verify return code: 18 (self signed certificate) --- * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE AUTH=PLAIN] Dovecot ready. Also, where can I read about these options? Any comments are appreciated. From CMarcus at Media-Brokers.com Tue Nov 27 17:23:45 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Tue, 27 Nov 2012 10:23:45 -0500 Subject: [Dovecot] IMAP over SSL In-Reply-To: <22331.77.247.181.164.1354023153.squirrel@lavabit.com> References: <22331.77.247.181.164.1354023153.squirrel@lavabit.com> Message-ID: <50B4DB01.7090705@Media-Brokers.com> On 2012-11-27 8:32 AM, petsy12 at lavabit.com <petsy12 at lavabit.com> wrote: > I've never tried Dovecot. Here is my attempt to enable IMAP over SSL > on port 993. (BTW, I don't want to use port 143 at all.) > > # dovecot -n > > log_timestamp: %Y-%m-%d %H:%M:%S > protocols: imaps Please don't trim the doveconf -n output... It shows the version of dovecot (so no one has to ask)... -- Best regards, Charles From dmiller at amfes.com Tue Nov 27 17:28:37 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Tue, 27 Nov 2012 07:28:37 -0800 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <FD146DEE-48AF-4D3C-B6FB-9C850205A8AC@iki.fi> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> <assp.1678966eea.50B446B8.6070701@amfes.com> <4ED5439E-C949-4F63-A01C-15869DA43FBA@iki.fi> <FD146DEE-48AF-4D3C-B6FB-9C850205A8AC@iki.fi> Message-ID: <assp.0678bad85b.50B4DC25.1000700@amfes.com> On 11/26/2012 10:08 PM, Timo Sirainen wrote: > On 27.11.2012, at 7.50, Timo Sirainen wrote: > >>> Nov 26, 2012 8:49:29 PM org.apache.solr.common.SolrException log >>> SEVERE: org.apache.solr.common.SolrException: Illegal character ((CTRL-CHAR, code 8)) >>> at [row,col {unknown-source}]: [1011144,197790] >> Something's wrong. The Solr code was already supposed to catch all of these. > http://dovecot.org/tmp/allchars.gz > > If you send this mail to yourself and index it, does it fail? (Works for me.) > I think it works - I tried sending it as an attachment (unzipped) and then with a command of "sendmail -t dmiller at amfes.com < allchars" - I don't know how else to do it. Following that by a "doveadm search -u dmiller at amfes.com mailbox INBOX text test" indexed a couple new messages, including I assume these, without errors. Some of my other mailboxes continue to break. I know you've got a filter that strips out control characters prior to sending to solr - so I'm left to assume: 1. solr is breaking on its own 2. I have a hardware problem that is corrupting memory (possible, but this server is using ECC, so I don't think so). 3. Somehow in the communication with solr, control characters are being introduced. Perhaps it's a maximum length or buffer issue? 4. Could it be attachment related? 5. Could it be zlib related - as in compressed mail, or a mix of compressed & uncompressed mail, being processed? -- Daniel From dmiller at amfes.com Tue Nov 27 17:38:10 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Tue, 27 Nov 2012 07:38:10 -0800 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <50B4DC25.1000700@amfes.com> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> <50B446B8.6070701@amfes.com> <4ED5439E-C949-4F63-A01C-15869DA43FBA@iki.fi> <FD146DEE-48AF-4D3C-B6FB-9C850205A8AC@iki.fi> <50B4DC25.1000700@amfes.com> Message-ID: <assp.067872074e.50B4DE62.4070403@amfes.com> On 11/27/2012 7:28 AM, Daniel L. Miller wrote: > On 11/26/2012 10:08 PM, Timo Sirainen wrote: >> On 27.11.2012, at 7.50, Timo Sirainen wrote: >> >>>> Nov 26, 2012 8:49:29 PM org.apache.solr.common.SolrException log >>>> SEVERE: org.apache.solr.common.SolrException: Illegal character >>>> ((CTRL-CHAR, code 8)) >>>> at [row,col {unknown-source}]: [1011144,197790] >>> Something's wrong. The Solr code was already supposed to catch all >>> of these. >> I was taking a brief scan of the code - and as usual I'm probably wrong - but I believe the protection comes from the xml_encode functions. Could it be that there are some solr writes that don't go through that function - because it is assumed that the data in question doesn't need that processing? Like mailbox names, field names, or uids - that SHOULDN'T have any garbage but maybe something is creeping in? -- Daniel From tss at iki.fi Tue Nov 27 23:07:53 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 23:07:53 +0200 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <assp.067872074e.50B4DE62.4070403@amfes.com> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> <50B446B8.6070701@amfes.com> <4ED5439E-C949-4F63-A01C-15869DA43FBA@iki.fi> <FD146DEE-48AF-4D3C-B6FB-9C850205A8AC@iki.fi> <50B4DC25.1000700@amfes.com> <assp.067872074e.50B4DE62.4070403@amfes.com> Message-ID: <45DDC47A-3170-4370-8202-03DBCF91581A@iki.fi> On 27.11.2012, at 17.38, Daniel L. Miller wrote: > On 11/27/2012 7:28 AM, Daniel L. Miller wrote: >> On 11/26/2012 10:08 PM, Timo Sirainen wrote: >>> On 27.11.2012, at 7.50, Timo Sirainen wrote: >>> >>>>> Nov 26, 2012 8:49:29 PM org.apache.solr.common.SolrException log >>>>> SEVERE: org.apache.solr.common.SolrException: Illegal character ((CTRL-CHAR, code 8)) >>>>> at [row,col {unknown-source}]: [1011144,197790] >>>> Something's wrong. The Solr code was already supposed to catch all of these. >>> > > I was taking a brief scan of the code - and as usual I'm probably wrong - but I believe the protection comes from the xml_encode functions. Could it be that there are some solr writes that don't go through that function - because it is assumed that the data in question doesn't need that processing? Like mailbox names, field names, or uids - that SHOULDN'T have any garbage but maybe something is creeping in? I did go through the code looking for that a few times already but didn't notice anything. I went through it once more, and finally found the problem. :) http://hg.dovecot.org/dovecot-2.1/rev/6a97faf3e500 From daniel.parthey at informatik.tu-chemnitz.de Tue Nov 27 23:47:49 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Tue, 27 Nov 2012 22:47:49 +0100 Subject: [Dovecot] v2.1.11 soon In-Reply-To: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> References: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> Message-ID: <20121127214749.GA11546@daniel.localdomain> Timo Sirainen wrote: > Just to let you know: I'm planning on releasing v2.1.11 today/tomorrow. If you wish to get something fixed for it, ask quickly. :) Can you fix these strange stats plugin errors please? These are the only errors regularly occurring in our 2.1.10 logs: Nov 27 08:06:54 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 429 < 622 Nov 27 08:07:06 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 436 < 622 Nov 27 08:07:36 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 443 < 622 Nov 27 08:07:51 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 455 < 622 Nov 27 08:08:21 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 474 < 622 Nov 27 08:08:51 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 477 < 622 Nov 27 08:09:21 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 477 < 622 Nov 27 08:14:21 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 477 < 622 Nov 27 08:19:21 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 477 < 622 Nov 27 16:18:44 10.129.3.213 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mrcount 11 < 13 Nov 27 16:24:20 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 1 < 2 These messages occur after imap/pop3 logouts. Only dovecot.conf attached (director does not produce these errors). Thanks a lot, Daniel -- https://plus.google.com/103021802792276734820 -------------- next part -------------- # 2.1.10: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-44-server x86_64 Ubuntu 10.04.4 LTS auth_cache_negative_ttl = 0 auth_cache_size = 10 M auth_cache_ttl = 1 mins auth_verbose = yes auth_verbose_passwords = sha1 deliver_log_format = mailbox: deliver: session=<%{session}> msgid=%m from=%f: %$ dict { quota = mysql:/etc/dovecot/conf.d/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no doveadm_password = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx imapc_features = rfc822.size imapc_host = local-mailbox imapc_port = 18143 instance_name = dovecot-mailbox lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes login_greeting = Mailbox login_log_format = mailbox: login: %$: %s login_trusted_networks = 10.129.3.0/24 mail_debug = yes mail_fsync = always mail_gid = vmail mail_home = /mail/dovecot/%d/%n mail_location = mdbox:~/mail mail_log_prefix = "mailbox: mail: %s(%u): <%{session}>: " mail_plugins = quota stats mail_privileged_group = vmail mail_uid = vmail managesieve_implementation_string = Sieve managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mdbox_rotate_interval = 1 weeks mdbox_rotate_size = 50 M mmap_disable = yes namespace { inbox = yes location = mailbox Archives { special_use = \Archive } mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / type = private } passdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } plugin { quota = dict:User quota::proxy::quota quota_rule = *:storage=10G quota_rule2 = Trash:storage=+100M quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_dir = ~/sieve stats_refresh = 30 secs stats_track_cmds = yes } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { group = dovecot user = dovecot } } service dict { unix_listener dict { group = vmail mode = 0660 } } service doveadm { inet_listener doveadm-server { port = 19000 } } service imap-login { inet_listener imap { port = 19143 } } service imap-postlogin { executable = script-login /usr/local/bin/dovecot-postlogin user = $default_internal_user } service imap { executable = imap imap-postlogin } service lmtp { inet_listener lmtp-without-quota { address = * port = 19025 } inet_listener lmtp { address = * port = 19024 } } service managesieve-login { inet_listener sieve { port = 19200 } } service pop3-login { inet_listener pop3 { port = 19110 } } service pop3-postlogin { executable = script-login /usr/local/bin/dovecot-postlogin user = $default_internal_user } service pop3 { executable = pop3 pop3-postlogin } service quota-warning { executable = script /usr/local/bin/quota-warning extra_groups = dovecot unix_listener quota-warning { user = vmail } user = vmail } service stats { fifo_listener stats-mail { mode = 0600 user = vmail } } ssl = no syslog_facility = local1 userdb { driver = prefetch } userdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } verbose_proctitle = yes protocol imap { imap_client_workarounds = delay-newmail tb-extra-mailbox-sep mail_plugins = quota stats imap_quota imap_stats } protocol lmtp { mail_plugins = quota stats sieve } From ben at morrow.me.uk Wed Nov 28 02:32:07 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Wed, 28 Nov 2012 00:32:07 +0000 Subject: [Dovecot] Dovecot sieve with postfix. In-Reply-To: <CAKU1PAXy2P0u+qvi7_k9MygZ_QLd2=zJ9Xeck3B6WdOCYoEZMA@mail.gmail.com> References: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> <20121119164753.GK94077@anubis.morrow.me.uk> <CAKU1PAUj2gR5PGqWK8TZEOCQn3tYDgE69NrFWbB5bmL=y56qYw@mail.gmail.com> <20121126115235.GC76138@anubis.morrow.me.uk> <CAKU1PAXy2P0u+qvi7_k9MygZ_QLd2=zJ9Xeck3B6WdOCYoEZMA@mail.gmail.com> Message-ID: <20121128003206.GH76138@anubis.morrow.me.uk> At 12PM -0800 on 26/11/12 /#!/JoePea wrote: > Hi Ben, > Indeed, the mailq command shows my test messages sitting there with "mail > transport unavailable". > > > ??[11:48:22/hypership/root/~] > > ??? mailq > > -Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient------- > > 2DCCB580C01 1901 Mon Nov 26 11:45:02 trusktr at gmail.com > > (mail transport > > unavailable) > > trusktr at bettafootwear.com > > > > B1449580C03 1895 Mon Nov 26 11:48:41 trusktr at gmail.com > > (mail transport > > unavailable) > > trusktr at bettafootwear.com > > > > -- 5 Kbytes in 2 Requests. > > I checked in /etc/syslog-ng/syslog-ng.conf and it shows destination d_mail > { file("/var/log/mail.log"); }; but there is no such mail.log file so I > created one. I don't know how syslog-ng works, but you need to be able to see the Postfix logs to have any chance of debugging this. Read your system documentation and get that working before trying anything else. > I logged in as mailman by doing su -s /bin/bash mailman then ran > > /usr/lib/dovecot/dovecot-lda -f trusktr at gmail.com -d > trusktr at bettafootwear.com </home/mailman/test_msg.txt > > where /home/mailman/test_msg.txt contains a plain text sentence. A single sentence is not a valid mail. Dovecot mostly doesn't care, but you will see odd client behaviour if you deliver invalid mails... > After doing that, mailq shows the new messages, but with the same "mail > transport unavailable" message. (I assume here that you only see the same list as before you attempted the new delivery? Delivering to LDA by hand shouldn't go anywhere near the Postfix queue.) > However, in Roundcube I see a new blank message with no subject for each > attempt of the dovecot-lda command. ...such as this. It looks like the 'mail' is being successfully delivered; if you try with a proper mail, something like From: root at localhost To: root at localhost Subject: testing dovecot-lda 1 2 3 it should show up properly in your client. At this point I think this is a Postfix problem, not a Dovecot problem. You can apparently successfully deliver mail using dovecot-lda, so something in your Postfix config is not invoking it properly. Ben From tss at iki.fi Wed Nov 28 03:15:05 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 28 Nov 2012 03:15:05 +0200 Subject: [Dovecot] Dovecot director doveadm with switch "-A" error In-Reply-To: <8874EC16-C9A2-4689-91E6-71453FF6ED65@uib.es> References: <453DDEEC-1372-40D2-ADD5-00F56904C52A@uib.es> <B528BA8C-9575-4C3C-B154-F243252B4B6F@iki.fi> <8874EC16-C9A2-4689-91E6-71453FF6ED65@uib.es> Message-ID: <1354065305.2844.30.camel@innu> On Tue, 2012-11-27 at 13:27 +0100, Ramon Frontera wrote: > > >> # doveadm -D quota get -A > >> doveadm(user1): Debug: auth input: user=user1 proxy > starttls=any-cert > >> doveadm(user1): Error: Proxy is missing destination host > >> doveadm: Error: Failed to iterate through some users .. > connect(8, {sa_family=AF_FILE, path="/var/run/dovecot//auth-userdb"}, > 110) = 0 It's connecting to auth-userdb, while it should be connecting to director-userdb. This should have been done by this setting: protocol doveadm { auth_socket_path = director-userdb } Make sure doveconf -n shows that. And if nothing seems to work, this at least should: doveadm -o auth_socket_path=director-userdb quota get -A From tss at iki.fi Wed Nov 28 03:26:52 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 28 Nov 2012 03:26:52 +0200 Subject: [Dovecot] Cannot STORE \Seen flag on some mails In-Reply-To: <50B4BACB.3020207@froglogic.com> References: <50B4B7D1.5080204@froglogic.com> <50B4BACB.3020207@froglogic.com> Message-ID: <CE2A5500-6A3B-49D1-A1DD-B86CF0C4BD89@iki.fi> On 27.11.2012, at 15.06, Frerich Raabe wrote: > Am 11/27/2012 1:53 PM, schrieb Frerich Raabe: >> I first suspected a client issue so I did a little IMAP session by hand: > > [..] > >> Note how the first 'SEARCH UNSEEN' command shows that '27126' is unseen, >> the subsequent 'STORE' command succeeds - but then 'SEARCH UNSEEN' still >> shows 27126 as unseen! > > Sorry, I only now realized that my IMAP session wasn't very useful since the dovecot-acl file didn't allow my user to modify the \Seen flag (it only allowed it for the user which runs the Sieve script filing the mail into the archive [and marking it as seen]) in the first place. > > If I relax the ACL, I can mark the mail as seen myself. I guess that means the question is - why didn't the sieve_before manage to set the flag in all cases. Difficult to say, but I don't think it's worth debugging with v1.2. Might be fixed already in v2.1.. From tss at iki.fi Wed Nov 28 04:31:13 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 28 Nov 2012 04:31:13 +0200 Subject: [Dovecot] v2.1.11 soon In-Reply-To: <20121127214749.GA11546@daniel.localdomain> References: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> <20121127214749.GA11546@daniel.localdomain> Message-ID: <CBBB237A-B634-43E8-B785-134A95203201@iki.fi> On 27.11.2012, at 23.47, Daniel Parthey wrote: > Timo Sirainen wrote: >> Just to let you know: I'm planning on releasing v2.1.11 today/tomorrow. If you wish to get something fixed for it, ask quickly. :) > > Can you fix these strange stats plugin errors please? > These are the only errors regularly occurring in our 2.1.10 logs: > > Nov 27 08:06:54 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 429 < 622 > Nov 27 08:07:06 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 436 < 622 It's strange that I can't figure out how to reproduce this no matter what I do. Could you with latest hg, especially: http://hg.dovecot.org/dovecot-2.1/rev/c81f1ca3cda6 and also the attached patch, which simplifies the stats plugin? -------------- next part -------------- A non-text attachment was scrubbed... Name: diff Type: application/octet-stream Size: 2959 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121128/d081bdcd/attachment-0002.obj> -------------- next part -------------- From tss at iki.fi Wed Nov 28 04:36:44 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 28 Nov 2012 04:36:44 +0200 Subject: [Dovecot] v2.1.11 soon In-Reply-To: <CBBB237A-B634-43E8-B785-134A95203201@iki.fi> References: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> <20121127214749.GA11546@daniel.localdomain> <CBBB237A-B634-43E8-B785-134A95203201@iki.fi> Message-ID: <C081AC31-C264-46E2-BF93-2FD2873523E3@iki.fi> On 28.11.2012, at 4.31, Timo Sirainen wrote: > On 27.11.2012, at 23.47, Daniel Parthey wrote: > >> Timo Sirainen wrote: >>> Just to let you know: I'm planning on releasing v2.1.11 today/tomorrow. If you wish to get something fixed for it, ask quickly. :) >> >> Can you fix these strange stats plugin errors please? >> These are the only errors regularly occurring in our 2.1.10 logs: >> >> Nov 27 08:06:54 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 429 < 622 >> Nov 27 08:07:06 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 436 < 622 Also, can you reproduce this really easily? For example with pop3: telnet localhost 110 user foo pass bar list retr 1 quit Does that log about this? If not, what about if you run imaptest (http://imapwiki.org/ImapTest) against some test user? From dmiller at amfes.com Wed Nov 28 04:43:40 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Tue, 27 Nov 2012 18:43:40 -0800 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <45DDC47A-3170-4370-8202-03DBCF91581A@iki.fi> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> <50B446B8.6070701@amfes.com> <4ED5439E-C949-4F63-A01C-15869DA43FBA@iki.fi> <FD146DEE-48AF-4D3C-B6FB-9C850205A8AC@iki.fi> <50B4DC25.1000700@amfes.com> <50B4DE62.4070403@amfes.com> <45DDC47A-3170-4370-8202-03DBCF91581A@iki.fi> Message-ID: <assp.1679c30da7.50B57A5C.1000300@amfes.com> On 11/27/2012 1:07 PM, Timo Sirainen wrote: > On 27.11.2012, at 17.38, Daniel L. Miller wrote: > >> On 11/27/2012 7:28 AM, Daniel L. Miller wrote: >>> On 11/26/2012 10:08 PM, Timo Sirainen wrote: >>>> On 27.11.2012, at 7.50, Timo Sirainen wrote: >>>> >>>>>> Nov 26, 2012 8:49:29 PM org.apache.solr.common.SolrException log >>>>>> SEVERE: org.apache.solr.common.SolrException: Illegal character ((CTRL-CHAR, code 8)) >>>>>> at [row,col {unknown-source}]: [1011144,197790] >>>>> Something's wrong. The Solr code was already supposed to catch all of these. >> I was taking a brief scan of the code - and as usual I'm probably wrong - but I believe the protection comes from the xml_encode functions. Could it be that there are some solr writes that don't go through that function - because it is assumed that the data in question doesn't need that processing? Like mailbox names, field names, or uids - that SHOULDN'T have any garbage but maybe something is creeping in? > I did go through the code looking for that a few times already but didn't notice anything. I went through it once more, and finally found the problem. :) http://hg.dovecot.org/dovecot-2.1/rev/6a97faf3e500 > :( Mine still breaks. Both UTF-8 and Control-Char errors. -- Daniel From tss at iki.fi Wed Nov 28 04:45:21 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 28 Nov 2012 04:45:21 +0200 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <assp.1679c30da7.50B57A5C.1000300@amfes.com> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> <50B446B8.6070701@amfes.com> <4ED5439E-C949-4F63-A01C-15869DA43FBA@iki.fi> <FD146DEE-48AF-4D3C-B6FB-9C850205A8AC@iki.fi> <50B4DC25.1000700@amfes.com> <50B4DE62.4070403@amfes.com> <45DDC47A-3170-4370-8202-03DBCF91581A@iki.fi> <assp.1679c30da7.50B57A5C.1000300@amfes.com> Message-ID: <B141B96E-0384-4A73-873C-DA3B5B0BAD03@iki.fi> On 28.11.2012, at 4.43, Daniel L. Miller wrote: >> I did go through the code looking for that a few times already but didn't notice anything. I went through it once more, and finally found the problem. :) http://hg.dovecot.org/dovecot-2.1/rev/6a97faf3e500 >> > :( Mine still breaks. Both UTF-8 and Control-Char errors. Can you grab the network traffic between Dovecot and Solr and find the problematic stream? From dave at morsberger.com Wed Nov 28 05:21:07 2012 From: dave at morsberger.com (David Morsberger) Date: Tue, 27 Nov 2012 22:21:07 -0500 Subject: [Dovecot] Missing Messages on IOS device Message-ID: <CA3255CA-B8B2-4BBB-A1D3-395C1FADBA92@morsberger.com> Resending because I didn't get any responses from my first post: I just converted my old server running UW/Panda to a Mac Mini Server running Mountain Lion (ML) Server. I'm using the postfix / dovecot setup provided by Apple. My IMAP clients are not showing all my emails. The Mail App on my iPhone and iPad is behaving the worse. I can see the emails that are not showing up in the cur directory. The ML Mail App is stating there are 3854 emails in my INBOX. There are 3948 files in the 'cur' directory ('ls cur | wc -l' returns 3948). Other mailboxes and directories have the same behavior. I'm not sure what to expect here. My method of conversion was to bulk copy (drag and drop) all the messages from one the UW server to the Dovecot server using the Apple Desktop Mail App in Mountain Lion. Any idea why these messages are not showing up on my devices and how I can get them to show up? bash-3.2# /Applications/Server.app/Contents/ServerRoot/usr/sbin/dovecotd --version 2.0.19apple1 bash-3.2# /Applications/Server.app/Contents/ServerRoot/usr/sbin/dovecotd -n # 2.0.19apple1: /Library/Server/Mail/Config/dovecot/dovecot.conf # OS: Darwin 12.2.1 x86_64 hfs aps_topic = com.apple.mail.XServer.fc3bb7c3-c8ef-4fe2-aff3-95ecd927fb11 auth_mechanisms = cram-md5 x-plain-submit plain login apop digest-md5 auth_socket_path = /var/run/dovecot/auth-userdb auth_username_format = %n default_internal_user = _dovecot default_login_user = _dovenull disable_plaintext_auth = no first_valid_gid = 6 first_valid_uid = 6 mail_access_groups = mail mail_location = maildir:/Library/Server/Mail/Data/mail/%u mail_log_prefix = "%s(pid %p user %u): " mail_plugins = quota zlib fts fts_sk managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mdbox_rotate_size = 200 M passdb { args = /Library/Server/Mail/Config/dovecot/submit.passdb driver = passwd-file pass = yes submit = yes } passdb { driver = od } plugin { fts = sk quota = maildir:User quota quota_warning = storage=100%% quota-exceeded %u sieve = /Library/Server/Mail/Data/rules/%u/dovecot.sieve sieve_dir = /Library/Server/Mail/Data/rules/%u } postmaster_address = postmaster at mini.mmpcrofton.com protocols = imap pop3 lmtp sieve quota_full_tempfail = yes service auth { extra_groups = _keytabusers idle_kill = 15 mins unix_listener auth-userdb { user = _dovecot } } service dns_client { unix_listener dns-client { mode = 0600 } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } service_count = 0 } service imap { client_limit = 5 process_limit = 200 service_count = 0 } service lmtp { unix_listener lmtp { mode = 0600 } } service managesieve-login { inet_listener sieve { port = 4190 } } service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } } service pop3 { client_limit = 5 process_limit = 200 service_count = 0 } service quota-exceeded { executable = script /Applications/Server.app/Contents/ServerRoot/usr/libexec/dovecot/quota-exceeded.sh unix_listener quota-exceeded { group = mail mode = 0660 user = _dovecot } user = _dovecot } service quota-warning { executable = script /Applications/Server.app/Contents/ServerRoot/usr/libexec/dovecot/quota-warning.sh unix_listener quota-warning { group = mail mode = 0660 user = _dovecot } user = _dovecot } ssl_ca = </etc/certificates/*.chain.pem ssl_cert = </etc/certificates/*.cert.pem ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL:!ADH:!eNULL ssl_key = </etc/certificates/*.key.pem ssl_key_path = /etc/certificates/*.key.pem syslog_facility = local6 userdb { args = partition=/Library/Server/Mail/Config/dovecot/partition_map.conf enforce_quotas=no driver = od } verbose_proctitle = yes protocol lmtp { mail_plugins = quota zlib fts fts_sk sieve push_notify } protocol lda { mail_plugins = quota zlib fts fts_sk sieve push_notify } protocol imap { imap_id_log = * imap_id_send = "name" * "version" * mail_max_userip_connections = 20 mail_plugins = quota zlib fts fts_sk imap_quota imap_zlib imap_fts urlauth } protocol pop3 { mail_max_userip_connections = 6 } From stan at hardwarefreak.com Wed Nov 28 07:49:55 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Tue, 27 Nov 2012 23:49:55 -0600 Subject: [Dovecot] Missing Messages on IOS device In-Reply-To: <CA3255CA-B8B2-4BBB-A1D3-395C1FADBA92@morsberger.com> References: <CA3255CA-B8B2-4BBB-A1D3-395C1FADBA92@morsberger.com> Message-ID: <50B5A603.5060509@hardwarefreak.com> On 11/27/2012 9:21 PM, David Morsberger wrote: > Resending because I didn't get any responses from my first post: > > I just converted my old server running UW/Panda to a Mac Mini Server running Mountain Lion (ML) Server. I'm using the postfix / dovecot setup provided by Apple. > > My IMAP clients are not showing all my emails. The Mail App on my iPhone and iPad is behaving the worse. I can see the emails that are not showing up in the cur directory. > > The ML Mail App is stating there are 3854 emails in my INBOX. There are 3948 files in the 'cur' directory ('ls cur | wc -l' returns 3948). Other mailboxes and directories have the same behavior. I'm not sure what to expect here. > > My method of conversion was to bulk copy (drag and drop) all the messages from one the UW server to the Dovecot server using the Apple Desktop Mail App in Mountain Lion. > > Any idea why these messages are not showing up on my devices and how I can get them to show up? Not really. Problem reports are typically accompanied by errors in log files. You've provided none. You've provided only subjective observation which is rarely useful in troubleshooting. If you provide some Dovecot logging related to the problem we may be able to help. Short of that we can only make wild ass guesses. Are your clients subscribing all IMAP folders? Are your clients checking all folders for new mail? -- Stan From tss at iki.fi Wed Nov 28 08:56:26 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 28 Nov 2012 08:56:26 +0200 Subject: [Dovecot] Missing Messages on IOS device In-Reply-To: <CA3255CA-B8B2-4BBB-A1D3-395C1FADBA92@morsberger.com> References: <CA3255CA-B8B2-4BBB-A1D3-395C1FADBA92@morsberger.com> Message-ID: <EA205FFA-14CE-4C5A-B7FC-7DAFC27754EE@iki.fi> On 28.11.2012, at 5.21, David Morsberger wrote: > My IMAP clients are not showing all my emails. The Mail App on my iPhone and iPad is behaving the worse. I can see the emails that are not showing up in the cur directory. Delete the account on iPhone and recreate it. Does that help? From dmiller at amfes.com Wed Nov 28 10:50:29 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Wed, 28 Nov 2012 00:50:29 -0800 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <B141B96E-0384-4A73-873C-DA3B5B0BAD03@iki.fi> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> <50B446B8.6070701@amfes.com> <4ED5439E-C949-4F63-A01C-15869DA43FBA@iki.fi> <FD146DEE-48AF-4D3C-B6FB-9C850205A8AC@iki.fi> <50B4DC25.1000700@amfes.com> <50B4DE62.4070403@amfes.com> <45DDC47A-3170-4370-8202-03DBCF91581A@iki.fi> <50B57A5C.1000300@amfes.com> <B141B96E-0384-4A73-873C-DA3B5B0BAD03@iki.fi> Message-ID: <assp.167950d733.50B5D055.6010605@amfes.com> On 11/27/2012 6:45 PM, Timo Sirainen wrote: > On 28.11.2012, at 4.43, Daniel L. Miller wrote: > >>> I did go through the code looking for that a few times already but didn't notice anything. I went through it once more, and finally found the problem. :) http://hg.dovecot.org/dovecot-2.1/rev/6a97faf3e500 >>> >> :( Mine still breaks. Both UTF-8 and Control-Char errors. > Can you grab the network traffic between Dovecot and Solr and find the problematic stream? > Tell me how and I'll be happy to! -- Daniel From raabe at froglogic.com Wed Nov 28 10:52:48 2012 From: raabe at froglogic.com (Frerich Raabe) Date: Wed, 28 Nov 2012 09:52:48 +0100 Subject: [Dovecot] Cannot STORE \Seen flag on some mails In-Reply-To: <CE2A5500-6A3B-49D1-A1DD-B86CF0C4BD89@iki.fi> References: <50B4B7D1.5080204@froglogic.com> <50B4BACB.3020207@froglogic.com> <CE2A5500-6A3B-49D1-A1DD-B86CF0C4BD89@iki.fi> Message-ID: <50B5D0E0.2090906@froglogic.com> Am 11/28/2012 2:26 AM, schrieb Timo Sirainen: > On 27.11.2012, at 15.06, Frerich Raabe wrote: >> If I relax the ACL, I can mark the mail as seen myself. I guess >> that means the question is - why didn't the sieve_before manage to >> set the flag in all cases. > > Difficult to say, but I don't think it's worth debugging with v1.2. > Might be fixed already in v2.1.. Hm, maybe indeed a reason to stop tip-toeing around upgrading to v2.1... the christmas season is coming, maybe this upgrade would be a good proejct for the vacation. ;-) Thanks for your comment! -- Frerich Raabe - raabe at froglogic.com www.froglogic.com - Multi-Platform GUI Testing From tss at iki.fi Wed Nov 28 10:55:46 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 28 Nov 2012 10:55:46 +0200 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <assp.167950d733.50B5D055.6010605@amfes.com> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> <50B446B8.6070701@amfes.com> <4ED5439E-C949-4F63-A01C-15869DA43FBA@iki.fi> <FD146DEE-48AF-4D3C-B6FB-9C850205A8AC@iki.fi> <50B4DC25.1000700@amfes.com> <50B4DE62.4070403@amfes.com> <45DDC47A-3170-4370-8202-03DBCF91581A@iki.fi> <50B57A5C.1000300@amfes.com> <B141B96E-0384-4A73-873C-DA3B5B0BAD03@iki.fi> <assp.167950d733.50B5D055.6010605@amfes.com> Message-ID: <2745DFD2-9D73-4E17-95A5-F7B858C54DB4@iki.fi> On 28.11.2012, at 10.50, Daniel L. Miller wrote: > On 11/27/2012 6:45 PM, Timo Sirainen wrote: >> On 28.11.2012, at 4.43, Daniel L. Miller wrote: >> >>>> I did go through the code looking for that a few times already but didn't notice anything. I went through it once more, and finally found the problem. :) http://hg.dovecot.org/dovecot-2.1/rev/6a97faf3e500 >>>> >>> :( Mine still breaks. Both UTF-8 and Control-Char errors. >> Can you grab the network traffic between Dovecot and Solr and find the problematic stream? >> > Tell me how and I'll be happy to! Maybe the easiest would be to use tcpflow. It outputs different TCP streams to different files. From them you can then grep for the error and look closer into it. I guess something like wireshark would work too, but I've never been able to use its GUI in a useful way. From Jost.Krieger+dovecot at rub.de Wed Nov 28 10:57:30 2012 From: Jost.Krieger+dovecot at rub.de (Jost Krieger) Date: 28 Nov 2012 09:57:30 +0100 Subject: [Dovecot] Any chance to access read-only mdboxes? Message-ID: <20121128085702.GA28525@ruhr-uni-bochum.de> We would like to provide a self-service restore function to our users using their IMAP client of choice.. Our idea was to use a snapshot (under ZFS, btrfs, whatever) and have it available to the user in a namespace. Unfortunately, but understandably, dovecot doesn't like the mdbox structure to be read-only. Is there any chance to change that? In the meantime, we could use a read-write snapshot, but we wouldn't like the users to really do changes to that snapshot. Our next attempt is to use ACLs, but it's a bit hard to gt the ACLs to the correct place in the snapshots, at least for thousands of users. Our currents solution (in test) is a quick and dirty patch to introduce inheritance to the ACLs by walking up the directory tree, so we need only one ACL. A cleaner solution would be very much appreciated. Yours Jost Krieger -- | Helft Spam ausrotten! HTML in Mail ist unh?flich. | | Postmaster, JAPH, manchmal Wahrsager am RZ der RUB | | Wahre Worte sind nicht gef?llig, gef?llige Worte sind nicht wahr.| | Lao Tse, Tao Te King 81 | From tss at iki.fi Wed Nov 28 11:01:23 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 28 Nov 2012 11:01:23 +0200 Subject: [Dovecot] Any chance to access read-only mdboxes? In-Reply-To: <20121128085702.GA28525@ruhr-uni-bochum.de> References: <20121128085702.GA28525@ruhr-uni-bochum.de> Message-ID: <62077D8D-92EC-4F1A-AD22-E4B7377D2B85@iki.fi> On 28.11.2012, at 10.57, Jost Krieger wrote: > We would like to provide a self-service restore function to our users > using their IMAP client of choice.. > > Our idea was to use a snapshot (under ZFS, btrfs, whatever) and have it > available to the user in a namespace. > > Unfortunately, but understandably, dovecot doesn't like the mdbox > structure to be read-only. Is there any chance to change that? I think it would be possible. I already added some code for that, but apparently it wasn't enough and I stopped because it's a pretty low priority issue.. Anyway, I think the code changes would be pretty easy to do. So start finding the problematic parts and fixing them and sending me patches. :) > Our next attempt is to use ACLs, but it's a bit hard to gt the ACLs to > the correct place in the snapshots, at least for thousands of users. > > Our currents solution (in test) is a quick and dirty patch to introduce > inheritance to the ACLs by walking up the directory tree, so we need > only one ACL. For a long time I've wanted a "default acl" file that applies to the whole namespace. Never got around to implementing that either. Anyway, ACLs don't help when the reading code itself decides to write to indexes (which it does). From rs at sys4.de Wed Nov 28 11:21:55 2012 From: rs at sys4.de (Robert Schetterer) Date: Wed, 28 Nov 2012 10:21:55 +0100 Subject: [Dovecot] Any chance to access read-only mdboxes? In-Reply-To: <20121128085702.GA28525@ruhr-uni-bochum.de> References: <20121128085702.GA28525@ruhr-uni-bochum.de> Message-ID: <50B5D7B3.1000905@sys4.de> Am 28.11.2012 09:57, schrieb Jost Krieger: > We would like to provide a self-service restore function to our users > using their IMAP client of choice.. > > Our idea was to use a snapshot (under ZFS, btrfs, whatever) and have it > available to the user in a namespace. > > Unfortunately, but understandably, dovecot doesn't like the mdbox > structure to be read-only. Is there any chance to change that? > > In the meantime, we could use a read-write snapshot, but we wouldn't > like the users to really do changes to that snapshot. > > Our next attempt is to use ACLs, but it's a bit hard to gt the ACLs to > the correct place in the snapshots, at least for thousands of users. > > Our currents solution (in test) is a quick and dirty patch to introduce > inheritance to the ACLs by walking up the directory tree, so we need > only one ACL. > > A cleaner solution would be very much appreciated. > > Yours > Jost Krieger > a workaround perhaps is, postfix bcc archive mailboxes with a sieve rule which also sort mails spam/in/out/day/month/year in subfolders and then set subfolders acl read only for their related users ( scriptable at user creation time, and/or external sieve plugin),archive mailboxes may show up in their shared namespace then, also forbid pop3 download on the archive mailbox subfolders, if archive shouldnt exist for ever ,use dove expunge on the archive mailboxes/subfolders for x days/weeks/months/years ,whatever you prefer Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From Jost.Krieger at ruhr-uni-bochum.de Wed Nov 28 11:09:55 2012 From: Jost.Krieger at ruhr-uni-bochum.de (Jost Krieger) Date: 28 Nov 2012 10:09:55 +0100 Subject: [Dovecot] Any chance to access read-only mdboxes? In-Reply-To: <62077D8D-92EC-4F1A-AD22-E4B7377D2B85@iki.fi> References: <20121128085702.GA28525@ruhr-uni-bochum.de> <62077D8D-92EC-4F1A-AD22-E4B7377D2B85@iki.fi> Message-ID: <20121128090954.GB28525@ruhr-uni-bochum.de> On Wed 28 Nov 2012 11:01:23 AM GMT, Timo Sirainen wrote: > > On 28.11.2012, at 10.57, Jost Krieger wrote: > > I think it would be possible. I already added some code for that, but apparently it wasn't enough and I stopped because it's a pretty low priority issue.. Anyway, I think the code changes would be pretty easy to do. So start finding the problematic parts and fixing them and sending me patches. :) Will try, but don't hold your breath :-) > > Our currents solution (in test) is a quick and dirty patch to introduce > > inheritance to the ACLs by walking up the directory tree, so we need > > only one ACL. > > For a long time I've wanted a "default acl" file that applies to the whole namespace. Never got around to implementing that either. We'll at least post the patch. > Anyway, ACLs don't help when the reading code itself decides to write to indexes (which it does). That's not so important for us, we don't want to protect the snapshot from dovecot, but from user stupidity^Wintervention, like: "But I need that mails, that I moved over yesterday from the snapshot and that are gone now, again." Yours Jost Krieger -- | Jost.Krieger+sig at ruhr-uni-bochum.de Please help stamp out spam! | | Postmaster, JAPH, resident answer machine at RUB Comp. Center | | Sincere words are not sweet, sweet words are not sincere. | | Lao Tse, Tao Te King 81 | From Jost.Krieger+dovecot at rub.de Wed Nov 28 11:31:06 2012 From: Jost.Krieger+dovecot at rub.de (Jost Krieger) Date: 28 Nov 2012 10:31:06 +0100 Subject: [Dovecot] Any chance to access read-only mdboxes? In-Reply-To: <62077D8D-92EC-4F1A-AD22-E4B7377D2B85@iki.fi> References: <20121128085702.GA28525@ruhr-uni-bochum.de> <62077D8D-92EC-4F1A-AD22-E4B7377D2B85@iki.fi> Message-ID: <20121128093106.GG28525@ruhr-uni-bochum.de> On Wed 28 Nov 2012 11:01:23 AM GMT, Timo Sirainen wrote: > > On 28.11.2012, at 10.57, Jost Krieger wrote: > > I think it would be possible. I already added some code for that, but apparently it wasn't enough and I stopped because it's a pretty low priority issue.. Anyway, I think the code changes would be pretty easy to do. So start finding the problematic parts and fixing them and sending me patches. :) Will try, but don't hold your breath :-) > > Our currents solution (in test) is a quick and dirty patch to introduce > > inheritance to the ACLs by walking up the directory tree, so we need > > only one ACL. > > For a long time I've wanted a "default acl" file that applies to the whole namespace. Never got around to implementing that either. We'll at least post the patch. > Anyway, ACLs don't help when the reading code itself decides to write to indexes (which it does). That's not so important for us, we don't want to protect the snapshot from dovecot, but from user stupidity^Wintervention, like: "But I need that mails, that I moved over yesterday from the snapshot and that are gone now, again." Yours Jost Krieger -- | Jost.Krieger+sig at ruhr-uni-bochum.de Please help stamp out spam! | | Postmaster, JAPH, resident answer machine at RUB Comp. Center | | Sincere words are not sweet, sweet words are not sincere. | | Lao Tse, Tao Te King 81 | From skdovecot at smail.inf.fh-brs.de Wed Nov 28 11:38:16 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Wed, 28 Nov 2012 10:38:16 +0100 (CET) Subject: [Dovecot] backtrace from postgres dict Message-ID: <alpine.DEB.2.02.1211281007050.3077@pc-2m63nn> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, since I enabled ACLs I get following backtrace. It looks like that it happens if the ACLs had been changed only. Also, it looks like that it always happens 1 minute after last "dict: Info: pgsql(localhost): Connected to database dovecot", no matter if the user is logged in (and idle) or logged off. Postgres logs: "could not receive data from client: Connection reset by peer" and "unexpected EOF on client connection". Is there some TCP keep alive issue? Postgres is using the "system default" for TCP keep alive. I'm currently testing ACLs via telnet, so the activity with the ACL dict is pretty low, hence, an idle timeout would make much sense. # ../../sbin/dovecot --version 2.1.10 (a4f02f6c0d32) dict connect string: connect = host=localhost dbname=db user=user 2012-11-28 10:03:39 dict: Info: pgsql(localhost): Connected to database dovecot 2012-11-28 10:03:39 dict: Info: pgsql(localhost): Connected to database dovecot 2012-11-28 10:03:39 dict: Info: pgsql(localhost): Connected to database dovecot 2012-11-28 10:03:58 IMAP(user) [22922]: Info: Disconnected: Logged out in=23 out=763 2012-11-28 10:04:41 dict: Panic: file driver-pgsql.c: line 84 (driver_pgsql_set_state): assertion failed: (state == SQL_DB_STATE_BUSY || db->cur_result == NULL) 2012-11-28 10:04:41 dict: Error: Raw backtrace: /usr/local/dovecot-2.1.10/lib/dovecot/libdovecot.so.0(+0x4857a) [0x7f91f511157a] -> /usr/local/dovecot-2.1.10/lib/dovecot/libdovecot.so.0(+0x485c6) [0x7f91f51115c6] -> /usr/local/dovecot-2.1.10/lib/dovecot/libdovecot.so.0(i_error+0) [0x7f91f50e4eaf] -> dovecot2.1/dict() [0x40aa36] -> dovecot2.1/dict() [0x40aa91] -> dovecot2.1/dict() [0x40bed3] -> dovecot2.1/dict() [0x409504] - -> dovecot2.1/dict(sql_db_cache_deinit+0x20) [0x408a60] -> dovecot2.1/dict(main+0x169) [0x405a59] -> /lib/libc.so.6(__libc_start_main+0xfd) [0x7f91f4b5cc8d] -> dovecot2.1/dict() [0x404bb9] 2012-11-28 10:04:41 dict: Fatal: master: service(dict): child 22923 killed with signal 6 (core not dumped) - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBULXbiGoxLS8a3A9mAQI9Ywf/YItPO4fFT70HcuwCkDXgx0Sn7CEyXu2j +1VzOu3R/TMs1rcxYJIvWiei6Nk3wXywzQl84POadJn61Yf2NuT80nMxwBsBbgio e+0oRE9JNVSjtvX5l7kehEdUDQjqRRKyrhWG9KDlpjWidGsYh7pQg0rDtp3UwG57 HuSBMiBAZ9t9sC2DXjn9wT9vweH3gMIhc/K5U0BLF5JG/K8UAKc5QBUgezjIYzvn KP90TJ4RoZ2vnPzmWfeIsjffRBvvC6UUgWmU02e2H9xJxzF32Nix0s8YWi7G91sH Ei057HW5NsKNDtp6B5fYk+xCpC6ucQiwFSr/ZG+uZCAdtTd2qmf60g== =tQYK -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Wed Nov 28 11:42:35 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Wed, 28 Nov 2012 10:42:35 +0100 (CET) Subject: [Dovecot] doveadm acl recalc (was Re: v2.1.11 soon) In-Reply-To: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> References: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> Message-ID: <alpine.DEB.2.02.1211281040420.3077@pc-2m63nn> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 27 Nov 2012, Timo Sirainen wrote: > Just to let you know: I'm planning on releasing v2.1.11 today/tomorrow. > If you wish to get something fixed for it, ask quickly. :) doveadm acl recalc -u user to update ACL backend information with user's dovecot-acl files. Kind regards, - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBULXcjGoxLS8a3A9mAQIuDwgAo4LYKrQkZ/JXrHJ+e5vWW9+vTg9lqKZD IJybqc5dE9RUPUCiSa2wZ/HP+Wz/V9GcE399Wq+gOMKpB5WTKs3LYkXTKAWDBM4F 6MLArX/XXQ7xaHdsBAVc1Z13D18uErzCt43pLXxy/EoH8hilaPaghD2XJVXb1k32 zZ8FhkiPcMffoQaMM3fsaMm6cUGVHvbnbwkwR2z3Vc640QuuaW85qik3LMvNWUEx fK9GrUphZ3DxGi6dbWQLKBS8vakwtaCPI0O8LKNFNmlq5Waq6iB7IsuyoDF8Jot6 xhcSFDedKD1RD6hmjH0FChKU2tA8RomacrpUNkEZWRKGAble7zr9nA== =zPuV -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Wed Nov 28 12:43:23 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Wed, 28 Nov 2012 11:43:23 +0100 (CET) Subject: [Dovecot] dict sql iterate failed: Not connected to database (was Re: backtrace from postgres dict) In-Reply-To: <alpine.DEB.2.02.1211281007050.3077@pc-2m63nn> References: <alpine.DEB.2.02.1211281007050.3077@pc-2m63nn> Message-ID: <alpine.DEB.2.02.1211281125550.3077@pc-2m63nn> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 28 Nov 2012, Steffen Kaiser wrote: hmm, it seems to be more than just an idle timeout. > since I enabled ACLs I get following backtrace. It looks like that it happens > if the ACLs had been changed only. Also, it looks like that it always happens > 1 minute after last "dict: Info: pgsql(localhost): Connected to database > dovecot", no matter if the user is logged in (and idle) or logged off. > Postgres logs: "could not receive data from client: Connection reset by peer" > and "unexpected EOF on client connection". > > Is there some TCP keep alive issue? > Postgres is using the "system default" for TCP keep alive. > I'm currently testing ACLs via telnet, so the activity with the ACL dict is > pretty low, hence, an idle timeout would make much sense. When I use this script: ( echo 1 login user pass sleep 1 echo 2 getacl Junk sleep 1 for a in $(seq 1 ${1-4}); do echo 3-$a deleteAcl Junk user2 sleep 30 echo 3-$a SetAcl Junk user2 kxilrsc sleep 30 done echo + logout ) | nc -q1 localhost 143 I get (attached are more lines of the log): 2012-11-28 11:08:07 dict: Info: pgsql(localhost): Connected to database dovecot scanning for dovecot-acl 2012-11-28 11:09:07 dict: Info: pgsql(localhost): Connected to database dovecot scanning for dovecot-acl 2012-11-28 11:09:37 dict: Info: pgsql(localhost): Connected to database dovecot scanning for dovecot-acl 2012-11-28 11:10:07 dict: Error: dict sql iterate failed: Not connected to database 2012-11-28 11:10:07 IMAP(user) [23358]: Error: acl: dict iteration failed, can't update dict scanning for dovecot-acl After that the connection is broken and I get the backtrace eventually. > # ../../sbin/dovecot --version > 2.1.10 (a4f02f6c0d32) > > dict connect string: > connect = host=localhost dbname=db user=user - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBULXqy2oxLS8a3A9mAQL4+Af+PQIzpT0/kbot90jYRYmRBA96frDlDubc lsl9iktKGYyxLOQXRLLcUpOgzWqUvxoLtsCMlkcOG8tjyQLr2OsAufnVUL7LUH8y iGIi8lZjfHRUQWWLgC6KG0eNOMT5PEGLB5dBcqMZxsgENjoe0SEYf3SN2bT7UxR7 N6/cbU+qnQ/IVpCCcFTtY1Nv7pHcpBwt7IQqaLTdFJ2OQBtUCFsZlkH2SArBZktC 82rHKvHkN4rsYiOhKQFyG3p7mmdmq3snUpP9fvUE+2nxsIQw2BIht8gGPMsuVoTb DC1JjE6JGuj4z3HrEs2tYRHgnTUuUn2j28bXIp2gNDLUQzbL5DLfLQ== =XUQP -----END PGP SIGNATURE----- -------------- next part -------------- A non-text attachment was scrubbed... Name: acl-pg-error.log.gz Type: application/octet-stream Size: 1139 bytes Desc: URL: <http://dovecot.org/pipermail/dovecot/attachments/20121128/ee569960/attachment-0002.obj> From benedetto.vassallo at unipa.it Wed Nov 28 13:17:36 2012 From: benedetto.vassallo at unipa.it (Benedetto Vassallo) Date: Wed, 28 Nov 2012 12:17:36 +0100 Subject: [Dovecot] v2.1.11 soon In-Reply-To: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> References: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> Message-ID: <20121128121736.12111dhmxva4dqds@webmail.unipa.it> Def. Quota Timo Sirainen <tss at iki.fi>: > Just to let you know: I'm planning on releasing v2.1.11 > today/tomorrow. If you wish to get something fixed for it, ask > quickly. :) > > Please it is possible to have maildir hardlinks working like in v2.0.13? Thank you. -- Benedetto Vassallo Sistema Informativo di Ateneo Settore Gestione Reti Hardware e Software U.O.B. Sviluppo e manutenzione dei sistemi Universit? degli studi di Palermo Phone: +3909123860056 Fax: +390916529124 ------------------------------------------------------------------------- This message was sent using the University of Palermo web mail interface. From cfowler at scss.tcd.ie Wed Nov 28 13:24:43 2012 From: cfowler at scss.tcd.ie (Colin Fowler) Date: Wed, 28 Nov 2012 11:24:43 +0000 Subject: [Dovecot] Vacation messages come from POSTMASTER, not user In-Reply-To: <50B3CE72.3040507@rename-it.nl> References: <1ae8ff5c569ca991558585c3071131c2@scss.tcd.ie> <50B3CE72.3040507@rename-it.nl> Message-ID: <50B5F47B.6040107@scss.tcd.ie> On 26/11/12 20:17, Stephan Bosch wrote: > On 11/26/2012 6:31 PM, cfowler wrote: >> Problem : All vacation autoreplies come from the postmaster address. >> Expected behavior : vacation notice comes from the user who set the >> vacation. >> Platform : Dovecot 2.1.7 on Debian Squeeze ( See below for example >> reply, sieve script and dovecot -n output) >> >> Any help appreciated! > > This should fix that: > > http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/b56711807edc > > Regards, > > Stephan. > Sorry for the late reply. I've been off work sick :( Excellent Work Stephan! Thank you so much. do you know if this patch will make it into 2.1.11? regards, Colin From cfowler at scss.tcd.ie Wed Nov 28 13:27:13 2012 From: cfowler at scss.tcd.ie (Colin Fowler) Date: Wed, 28 Nov 2012 11:27:13 +0000 Subject: [Dovecot] v2.1.11 soon In-Reply-To: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> References: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> Message-ID: <50B5F511.5070009@scss.tcd.ie> On 27/11/12 08:53, Timo Sirainen wrote: > Just to let you know: I'm planning on releasing v2.1.11 today/tomorrow. If you wish to get something fixed for it, ask quickly. :) > Will this patch be in 2.1.11? http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/b56711807edc Stephan Bosch wrote this to fix an unintended issue whereby vacation notices were coming from postmaster. regards, Colin From stephan at rename-it.nl Wed Nov 28 13:29:57 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Wed, 28 Nov 2012 12:29:57 +0100 Subject: [Dovecot] v2.1.11 soon In-Reply-To: <50B5F511.5070009@scss.tcd.ie> References: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> <50B5F511.5070009@scss.tcd.ie> Message-ID: <50B5F5B5.6060709@rename-it.nl> Op 11/28/2012 12:27 PM, Colin Fowler schreef: > On 27/11/12 08:53, Timo Sirainen wrote: >> Just to let you know: I'm planning on releasing v2.1.11 >> today/tomorrow. If you wish to get something fixed for it, ask >> quickly. :) >> > Will this patch be in 2.1.11? > > http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/b56711807edc > > Stephan Bosch wrote this to fix an unintended issue whereby vacation > notices were coming from postmaster. Pigeonhole is not part of Dovecot, so that is released separately. Regards, Stephan. From tss at iki.fi Wed Nov 28 13:33:02 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 28 Nov 2012 13:33:02 +0200 Subject: [Dovecot] v2.1.11 soon In-Reply-To: <20121128121736.12111dhmxva4dqds@webmail.unipa.it> References: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> <20121128121736.12111dhmxva4dqds@webmail.unipa.it> Message-ID: <4D484A24-7BD9-4175-939C-696DB663F696@iki.fi> On 28.11.2012, at 13.17, Benedetto Vassallo wrote: > Def. Quota Timo Sirainen <tss at iki.fi>: > >> Just to let you know: I'm planning on releasing v2.1.11 today/tomorrow. If you wish to get something fixed for it, ask quickly. :) > > Please it is possible to have maildir hardlinks working like in v2.0.13? Not in the same way. That would break other peoples' installations. From btj at havleik.no Wed Nov 28 14:12:15 2012 From: btj at havleik.no (=?UTF-8?B?QmrDuHJu?= T Johansen) Date: Wed, 28 Nov 2012 13:12:15 +0100 Subject: [Dovecot] Shutting down my Dovecot server? Message-ID: <20121128131215.1d7c4d66@havleik.no> I am planning to shut down my own Dovecot server and start using the other Dovecot server I am administering together with a friend.. And I was thinking that I don't want to copy the emails I have on my server so I want to start from scratch on the other server.. But I would like to be able to look at the old emails if I need to, so was wondering if there is a way to do this without using an imap server? Can I convert my mails stored in the maildir format to mbox or is there a better way to solve my problem? Regards, BTJ -- ----------------------------------------------------------------------------------------------- Bj?rn T Johansen btj at havleik.no ----------------------------------------------------------------------------------------------- Someone wrote: "I understand that if you play a Windows CD backwards you hear strange Satanic messages" To which someone replied: "It's even worse than that; play it forwards and it installs Windows" ----------------------------------------------------------------------------------------------- -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From benedetto.vassallo at unipa.it Wed Nov 28 14:22:14 2012 From: benedetto.vassallo at unipa.it (Benedetto Vassallo) Date: Wed, 28 Nov 2012 13:22:14 +0100 Subject: [Dovecot] v2.1.11 soon In-Reply-To: <4D484A24-7BD9-4175-939C-696DB663F696@iki.fi> References: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> <20121128121736.12111dhmxva4dqds@webmail.unipa.it> <4D484A24-7BD9-4175-939C-696DB663F696@iki.fi> Message-ID: <20121128132214.17661rqf1u7a9q0m@webmail.unipa.it> Def. Quota Timo Sirainen <tss at iki.fi>: > On 28.11.2012, at 13.17, Benedetto Vassallo wrote: > >> Def. Quota Timo Sirainen <tss at iki.fi>: >> >>> Just to let you know: I'm planning on releasing v2.1.11 >>> today/tomorrow. If you wish to get something fixed for it, ask >>> quickly. :) >> >> Please it is possible to have maildir hardlinks working like in v2.0.13? > > Not in the same way. That would break other peoples' installations. > > I see. So, please what kind of permission I have to set in the MailDir directory? I tryed to set 700, 770, 777 but it doesn't work. My environment is the following: All users mapped in ldap having the same group. The /home/user permissions are 755 and the /home/user directory is owned by user:group The /home/user/MailDir directory have 755 permissions and is owned by user:group Here is the output of my dovecot -n (v2.0.13) where all works fine for me: # 2.0.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-279.1.1.el6.x86_64 x86_64 CentOS release 6.3 (Final) auth_cache_negative_ttl = 0 auth_cache_size = 10 M auth_cache_ttl = 5 mins auth_socket_path = /var/run/dovecot/auth-master auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_ auth_verbose = yes base_dir = /var/run/dovecot/ default_client_limit = 6500 default_process_limit = 3000 default_vsz_limit = 512 M deliver_log_format = msgid=%m: %$ %f %s %p disable_plaintext_auth = no first_valid_gid = 12 first_valid_uid = 8 lda_original_recipient_header = X-Original-To listen = 147.163.1.137 log_path = /var/log/dovecot.log login_greeting = University of Palermo mail server ready. mail_cache_min_mail_count = 100 mail_gid = mail mail_location = maildir:~/MailDir:LAYOUT=fs mail_plugins = quota mail_privileged_group = mail mail_uid = mail maildir_very_dirty_syncs = yes mbox_write_locks = fcntl passdb { args = /etc/dovecot/conf.d/dovecot-ldap.conf.ext driver = ldap } plugin { expire = Trash 30 Spam 7 fts = squat fts_squat = partial=4 full=10 mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid from subject size quota = maildir:User quota quota_rule2 = Trash:storage=+200M trash = /etc/dovecot/conf.d/trash.conf.ext } postmaster_address = postmaster at unipa.it rejection_subject = Automatically Rejected Mail: %s sendmail_path = /usr/lib/sendmail service auth-worker { user = $default_internal_user } service auth { client_limit = 42288 executable = /usr/libexec/dovecot/auth unix_listener auth-client { mode = 0660 } unix_listener auth-master { group = root mode = 0600 user = root } user = $default_internal_user } service imap-login { chroot = login executable = /usr/libexec/dovecot/imap-login inet_listener imap { port = 143 } process_limit = 1200 process_min_avail = 8 service_count = 0 user = dovenull vsz_limit = 128 M } service imap { executable = /usr/libexec/dovecot/imap process_limit = 1200 vsz_limit = 256 M } service lmtp { inet_listener lmtp { address = 127.0.0.1 port = 24 } unix_listener lmtp { mode = 0666 } } service pop3-login { chroot = login executable = /usr/libexec/dovecot/pop3-login inet_listener pop3 { port = 110 } process_limit = 600 process_min_avail = 4 service_count = 0 user = dovenull vsz_limit = 256 M } service pop3 { executable = /usr/libexec/dovecot/pop3 process_limit = 800 vsz_limit = 256 M } ssl = no userdb { args = /etc/dovecot/conf.d/dovecot-ldap.conf.ext driver = ldap } protocol lda { mail_plugin_dir = /usr/lib64/dovecot mail_plugins = quota } protocol imap { imap_client_workarounds = delay-newmail tb-extra-mailbox-sep imap_idle_notify_interval = 2 mins imap_logout_format = bytes=%i/%o imap_max_line_length = 64 k mail_max_userip_connections = 20 mail_plugin_dir = /usr/lib64/dovecot mail_plugins = quota imap_quota } protocol lmtp { mail_plugins = acl quota } protocol pop3 { mail_max_userip_connections = 1 mail_plugin_dir = /usr/lib64/dovecot pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_enable_last = no pop3_lock_session = yes pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s pop3_no_flag_updates = no pop3_reuse_xuidl = yes pop3_save_uidl = yes pop3_uidl_format = %08Xu%08Xv } The same config in v2.1.10 works fine but it don't use maildir hardlinks. I want to update my dovecot installation to set up sieve in my production server, but I am blocked becouse maildir hardlinks does'nt work. Any help would be really appreciated. Thank you. -- Benedetto Vassallo Sistema Informativo di Ateneo Settore Gestione Reti Hardware e Software U.O.B. Sviluppo e manutenzione dei sistemi Universit? degli studi di Palermo Phone: +3909123860056 Fax: +390916529124 ------------------------------------------------------------------------- This message was sent using the University of Palermo web mail interface. From h.reindl at thelounge.net Wed Nov 28 14:22:22 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Wed, 28 Nov 2012 13:22:22 +0100 Subject: [Dovecot] Shutting down my Dovecot server? In-Reply-To: <20121128131215.1d7c4d66@havleik.no> References: <20121128131215.1d7c4d66@havleik.no> Message-ID: <50B601FE.9010201@thelounge.net> Am 28.11.2012 13:12, schrieb Bj?rn T Johansen: > I am planning to shut down my own Dovecot server and start using the other Dovecot server I am administering together with a friend.. > > And I was thinking that I don't want to copy the emails I have on my server so I want to start from scratch on the other server.. > But I would like to be able to look at the old emails if I need to, so was wondering if there is a way to do this without using an imap server? > Can I convert my mails stored in the maildir format to mbox or is there a better way to solve my problem? why not simply drag&drop them to thunderbird or whatever MUA you are using? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 261 bytes Desc: OpenPGP digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121128/7adf7ed6/attachment-0002.bin> From btj at havleik.no Wed Nov 28 14:31:07 2012 From: btj at havleik.no (=?UTF-8?B?QmrDuHJu?= T Johansen) Date: Wed, 28 Nov 2012 13:31:07 +0100 Subject: [Dovecot] Shutting down my Dovecot server? In-Reply-To: <50B601FE.9010201@thelounge.net> References: <20121128131215.1d7c4d66@havleik.no> <50B601FE.9010201@thelounge.net> Message-ID: <20121128133107.5aabc2df@havleik.no> On Wed, 28 Nov 2012 13:22:22 +0100 Reindl Harald <h.reindl at thelounge.net> wrote: > > > Am 28.11.2012 13:12, schrieb Bj?rn T Johansen: > > I am planning to shut down my own Dovecot server and start using the other Dovecot server I am administering together with a friend.. > > > > And I was thinking that I don't want to copy the emails I have on my server so I want to start from scratch on the other server.. > > But I would like to be able to look at the old emails if I need to, so was wondering if there is a way to do this without using an imap server? > > Can I convert my mails stored in the maildir format to mbox or is there a better way to solve my problem? > > why not simply drag&drop them to thunderbird or whatever MUA > you are using? > Well, I am using Claws Mail but you are thinking about make my emails available in offline modus? Guess that might be one way to go but I was just trying to figure out my options as I have never done this before... :) BTJ -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From skdovecot at smail.inf.fh-brs.de Wed Nov 28 15:20:58 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Wed, 28 Nov 2012 14:20:58 +0100 (CET) Subject: [Dovecot] Shutting down my Dovecot server? In-Reply-To: <20121128133107.5aabc2df@havleik.no> References: <20121128131215.1d7c4d66@havleik.no> <50B601FE.9010201@thelounge.net> <20121128133107.5aabc2df@havleik.no> Message-ID: <alpine.DEB.2.02.1211281419320.3077@pc-2m63nn> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 28 Nov 2012, Bj?rn T Johansen wrote: >> Am 28.11.2012 13:12, schrieb Bj?rn T Johansen: >>> I am planning to shut down my own Dovecot server and start using the other Dovecot server I am administering together with a friend.. >>> >>> And I was thinking that I don't want to copy the emails I have on my server so I want to start from scratch on the other server.. >>> But I would like to be able to look at the old emails if I need to, so was wondering if there is a way to do this without using an imap server? >>> Can I convert my mails stored in the maildir format to mbox or is there a better way to solve my problem? >> >> why not simply drag&drop them to thunderbird or whatever MUA >> you are using? >> > > Well, I am using Claws Mail but you are thinking about make my emails available in offline modus? Guess that might be one way to go but I was just trying to figure out my options > as I have never done this before... :) With Thunderbird you can drop a mbox file into the "Local Folders" directory in the profile. Next start this mbox is displayed as mail folder. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBULYPumoxLS8a3A9mAQIP1AgAjNIFKP21/770mqG55CJnjG/IEFKIaywj Waa94H/eu+6eZQ14Yw4pTVWEdIJxhv+56Yu0qdQo7MXer1haASirGf6z9eZPGg3C WI84qp5ma++y5E35t9LimpdE0i8ox6zu/A+fcxusFat9UHp02BWqunykmim6uHKa yVSjb+mzwOr8IQyCAM5zRi8EXWwKZzG2uo2GbrrYGEWUsbphurapgvv3oato+lmU Msd1D/iOAjkiTKq+5UWHk+21EKa1gX9Ng9rQpftLLDEveBd/EsQJLMRtLNP0Agem +6UbkQDrfcL1md531wOpNjpMhxKLQfBsNe7r9SOLUHxDp2QtsFgGkw== =GRBQ -----END PGP SIGNATURE----- From rs at sys4.de Wed Nov 28 15:53:48 2012 From: rs at sys4.de (Robert Schetterer) Date: Wed, 28 Nov 2012 14:53:48 +0100 Subject: [Dovecot] Shutting down my Dovecot server? In-Reply-To: <20121128131215.1d7c4d66@havleik.no> References: <20121128131215.1d7c4d66@havleik.no> Message-ID: <50B6176C.9010807@sys4.de> Am 28.11.2012 13:12, schrieb Bj?rn T Johansen: > I am planning to shut down my own Dovecot server and start using the other Dovecot server I am administering together with a friend.. > > And I was thinking that I don't want to copy the emails I have on my server so I want to start from scratch on the other server.. > But I would like to be able to look at the old emails if I need to, so was wondering if there is a way to do this without using an imap server? > Can I convert my mails stored in the maildir format to mbox or is there a better way to solve my problem? > > > Regards, > > BTJ > thunderbird since vers 12 has maildir format as option there are also some import and export plugins look i.e here http://jaisejames.wordpress.com/tag/maildir-for-thunderbird/ ( sorry if pop ups ,couldnt get better site quick ) Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From marco.sacchetto at pradac.it Wed Nov 28 16:18:58 2012 From: marco.sacchetto at pradac.it (Marco Sacchetto) Date: Wed, 28 Nov 2012 15:18:58 +0100 Subject: [Dovecot] problems with quota and clients Message-ID: <50B61D52.7070407@pradac.it> Hi, I had configured dovecot in a pretty standard way and had it working nicely enough with maildir quotas (no tests done apart for reaching the quota and looking at mails coming back). Still I wanted to have the quota and the actual quota usage displayed in postfixadmin (3.5) but I think I messed with something. Now I can connect to the mailbox, send mail, receive mail, see the quota usage in postfixadmin but: * thunderbird: can create a subfolder if i do so by hand from the client. But if I try sending a mail i get a [TRYCREATE] mailbox error as it seems that thunderbird can't create the Sent box anymore by its own; * thunderbird: when i delete mail, it goes in the trash folder. I try then to delete it from there. In thunderbird indeed I see no mail anymore but the quota level remain the same. Then I try to browser the mail directory and... yep, all the messages are still there! How come? This is the output of dovecot -n and the relevant sql configuration : # 2.0.19: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-33-generic i686 Ubuntu 12.04.1 LTS ext4 auth_mechanisms = plain login auth_realms = yyyyyyyyy.it aaaaaaa.com xxxxx.it auth_verbose_passwords = plain debug_log_path = syslog dict { quotadict = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext sqlquota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext } first_valid_uid = 150 info_log_path = /var/log/syslog last_valid_uid = 150 listen = * mail_debug = yes mail_gid = mail mail_location = maildir:/var/vmail/%d/%u mail_plugins = " quota" mail_uid = vmail passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid size quota = dict:User quota::proxy::sqlquota quota_rule = *:storage=50M quota_rule2 = Trash:storage=+10M } postmaster_address = xxxxxxxx at yyyyyyyyy.it protocols = " imap pop3" service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } unix_listener auth-userdb { group = mail mode = 0600 user = vmail } } service dict { unix_listener dict { group = mail mode = 0660 user = vmail } } ssl_cert = </etc/ssl/certs/dovecot.pem ssl_key = </etc/ssl/private/dovecot.pem userdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } protocol lda { mail_plugins = quota } protocol imap { mail_plugins = quota imap_quota } protocol pop3 { mail_plugins = quota } >>grep -v '^ *\(#.*\)\?$' dovecot-dict-sql.conf.ext connect = host=127.0.0.1 dbname=mail user=mail password=xxxxxxx map { pattern = priv/quota/storage table = quota2 username_field = username value_field = bytes } map { pattern = priv/quota/messages table = quota2 username_field = username value_field = messages } >>grep -v '^ *\(#.*\)\?$' dovecot-sql.conf.ext driver = mysql connect = host=localhost dbname=mail user=mail password=xxxxxxx default_pass_scheme = MD5-CRYPT password_query = \ SELECT username as user, password, '/var/vmail/%d/%u' as userdb_home, \ 'maildir:/var/vmail/%d/%u' as userdb_mail, 150 as userdb_uid, 8 as userdb_gid \ FROM mailbox WHERE username = '%u' AND active = '1' user_query = \ SELECT '/var/vmail/%d/%u' as home, 'maildir:/var/vmail/%d/%u' as mail, \ 150 AS uid, 8 AS gid, CONCAT('*:storage=',ROUND(mailbox.quota / 1024)) AS quota_rule \ FROM mailbox WHERE username = '%u' AND active = '1' iterate_query = SELECT username AS user FROM mailbox -- -- Questo messaggio ? di carattere riservato ed ? indirizzato esclusivamente al destinatario specificato. L'accesso, la divulgazione, la copia o la diffusione sono vietate a chiunque altro ai sensi delle normative vigenti, e possono costituire una violazione penale. Nel caso abbiate ricevuto questo messaggio per errore siete tenuti a cancellarlo immediatamente confermando al mittente, a mezzo e-mail, l'avvenuta cancellazione. (Legge Italiana 196/2003). From ramon.frontera at uib.es Wed Nov 28 16:50:18 2012 From: ramon.frontera at uib.es (Ramon Frontera) Date: Wed, 28 Nov 2012 15:50:18 +0100 Subject: [Dovecot] Dovecot director doveadm with switch "-A" error In-Reply-To: <1354065305.2844.30.camel@innu> References: <453DDEEC-1372-40D2-ADD5-00F56904C52A@uib.es> <B528BA8C-9575-4C3C-B154-F243252B4B6F@iki.fi> <8874EC16-C9A2-4689-91E6-71453FF6ED65@uib.es> <1354065305.2844.30.camel@innu> Message-ID: <E7FBFA98-4819-4D82-A82E-86455EEAD055@uib.es> Hi, Dovecot -n show the correct configuration like you explain. The command doveadm -o auth_socket_path=director-userdb quota get -A works fine on the proxy and now assigns host. Now, the problem is that when we execute doveadm -A or doveadm -u *something* the command fails in the mailserver with this error: dovecot: doveadm: Fatal: master: service(doveadm): child 13482 killed with signal 11 (core dumps disabled) This errors occurs when the search finds more than one user. When we execute doveadm -u user it works fine I send attached the strace of the mailserver -------------- next part -------------- A non-text attachment was scrubbed... Name: doveadm.log.zip Type: application/zip Size: 21683 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121128/05a435c7/attachment-0002.zip> -------------- next part -------------- Thanks in advance! -- ------------------------------------------ Ramon Frontera Gallardo Centre de Tecnologies de la Informaci? Universitat de les Illes Balears Ctra. Valldemossa km 7,5 07122 Palma de Mallorca El 28/11/2012, a las 02:15, Timo Sirainen escribi?: > On Tue, 2012-11-27 at 13:27 +0100, Ramon Frontera wrote: >> >>>> # doveadm -D quota get -A >>>> doveadm(user1): Debug: auth input: user=user1 proxy >> starttls=any-cert >>>> doveadm(user1): Error: Proxy is missing destination host >>>> doveadm: Error: Failed to iterate through some users > .. > >> connect(8, {sa_family=AF_FILE, path="/var/run/dovecot//auth-userdb"}, >> 110) = 0 > > > It's connecting to auth-userdb, while it should be connecting to > director-userdb. This should have been done by this setting: > > protocol doveadm { > auth_socket_path = director-userdb > } > > Make sure doveconf -n shows that. And if nothing seems to work, this at > least should: > > doveadm -o auth_socket_path=director-userdb quota get -A > > From sven at svenhartge.de Wed Nov 28 17:10:49 2012 From: sven at svenhartge.de (Sven Hartge) Date: Wed, 28 Nov 2012 16:10:49 +0100 Subject: [Dovecot] shared mailboxes and indexes References: <50A61147.5040201@um.es> <14BDCFB7-B11E-4D4A-95AD-5BB92085DB91@iki.fi> <50AF5D9C.7050204@skye.it> <7DEEDB49-0441-4194-911D-6B5E4E5ADCD1@iki.fi> <099qpni2j8v8@mids.svenhartge.de> <4FC65E25-4154-4F8E-A1DB-D4BD7A900A98@iki.fi> <b9a3pg22j8v8@mids.svenhartge.de> <2B57036A-34C8-45C2-9479-839BA095450D@iki.fi> Message-ID: <e9a7uej2j8v8@mids.svenhartge.de> Timo Sirainen <tss at iki.fi> wrote: > On 27.11.2012, at 3.24, Sven Hartge wrote: >>> For implementing shared mailboxes between all user servers, I think >>> what would need to be developed is: >> >>>> imapc_host = m-st-sh-01.example.com >>>> imapc_master_user = %u >>>> imapc_user = shared >> >>> Somehow being able to set "imapc_user = %%u" where %%u expands to the >>> shared namespace's username. Or maybe setting the imapc_user >>> automatically to that when accessing it via type=shared namespace. >> >> Wouldn't you still need the target users host because this will be >> dynamic depending on the target user? > imapc_host = director Is this "director" intended to be a 'magic' string or the hostname of the director? Gr??e, Sven. -- Sigmentation fault. Core dumped. From dmiller at amfes.com Wed Nov 28 18:49:07 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Wed, 28 Nov 2012 08:49:07 -0800 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <2745DFD2-9D73-4E17-95A5-F7B858C54DB4@iki.fi> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> <50B446B8.6070701@amfes.com> <4ED5439E-C949-4F63-A01C-15869DA43FBA@iki.fi> <FD146DEE-48AF-4D3C-B6FB-9C850205A8AC@iki.fi> <50B4DC25.1000700@amfes.com> <50B4DE62.4070403@amfes.com> <45DDC47A-3170-4370-8202-03DBCF91581A@iki.fi> <50B57A5C.1000300@amfes.com> <B141B96E-0384-4A73-873C-DA3B5B0BAD03@iki.fi> <50B5D055.6010605@amfes.com> <2745DFD2-9D73-4E17-95A5-F7B858C54DB4@iki.fi> Message-ID: <assp.0679ec27b1.50B64083.1060605@amfes.com> On 11/28/2012 12:55 AM, Timo Sirainen wrote: > On 28.11.2012, at 10.50, Daniel L. Miller wrote: > >> On 11/27/2012 6:45 PM, Timo Sirainen wrote: >>> On 28.11.2012, at 4.43, Daniel L. Miller wrote: >>> >>>>> I did go through the code looking for that a few times already but didn't notice anything. I went through it once more, and finally found the problem. :) http://hg.dovecot.org/dovecot-2.1/rev/6a97faf3e500 >>>>> >>>> :( Mine still breaks. Both UTF-8 and Control-Char errors. >>> Can you grab the network traffic between Dovecot and Solr and find the problematic stream? >>> >> Tell me how and I'll be happy to! > Maybe the easiest would be to use tcpflow. It outputs different TCP streams to different files. From them you can then grep for the error and look closer into it. I guess something like wireshark would work too, but I've never been able to use its GUI in a useful way. > Would I just do "tcpflow -i lo port 8983"? Or something else? -- Daniel From metro_domain_admin at fastmail.fm Wed Nov 28 18:54:04 2012 From: metro_domain_admin at fastmail.fm (Metro Domain Admin) Date: Wed, 28 Nov 2012 11:54:04 -0500 Subject: [Dovecot] corrupt mdbox, force-resync segfaults Message-ID: <1354121644.30622.140661159272889.146CA37B@webmail.messagingengine.com> I could use some help with a corrupt mdbox. doveadm force-resync is crashing (see below), but I really need just to get this account functioning. What's my next step, as far as deleting index files? These were the earliest errors I could find: Nov 28 09:40:21 macy dovecot[6615]: imap(cory at metro-email.com): Error: Corrupted index cache file /opt/mail/metro-email.com/cory/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index.cache: field index too large (66 >= 30)Nov 28 09:40:21 macy dovecot[6615]: imap(cory at metro-email.com): Error: mdbox map /opt/mail/metro-email.com/cory/mdbox/storage/dovecot.map.index corrupted: Unexpectedly lost INBOX uid=1233 map_uid=1708 As for the segfaults, I am getting this regardless of which mailbox I specify: # /opt/dovecot/bin/doveadm -Dv force-resync -u cory INBOX doveadm(root): Debug: Loading modules from directory: /opt/dovecot/lib/dovecot doveadm(root): Debug: Module loaded: /opt/dovecot/lib/dovecot/lib15_notify_plugin.so doveadm(root): Debug: Module loaded: /opt/dovecot/lib/dovecot/lib20_fts_plugin.so doveadm(root): Debug: Module loaded: /opt/dovecot/lib/dovecot/lib20_mail_log_plugin.so doveadm(root): Debug: Module loaded: /opt/dovecot/lib/dovecot/lib21_fts_squat_plugin.so doveadm(root): Debug: Loading modules from directory: /opt/dovecot-2.1.10/lib/dovecot/doveadm doveadm(root): Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: dlopen(/opt/dovecot-2.1.10/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so, 10): Symbol not found: _acl_user_module Referenced from: /opt/dovecot-2.1.10/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so Expected in: flat namespace in /opt/dovecot-2.1.10/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: dlopen(/opt/dovecot-2.1.10/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so, 10): Symbol not found: _expire_set_deinit Referenced from: /opt/dovecot-2.1.10/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so Expected in: flat namespace in /opt/dovecot-2.1.10/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_quota_plugin, because dlopen() failed: dlopen(/opt/dovecot-2.1.10/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so, 10): Symbol not fo und: _quota_user_module Referenced from: /opt/dovecot-2.1.10/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so Expected in: flat namespace in /opt/dovecot-2.1.10/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_zlib_plugin, because dlopen() failed: dlopen(/opt/dovecot-2.1.10/lib/dovecot/doveadm/lib10_doveadm_zlib_plugin.so, 10): Symbol not found: _i_stream_create_deflate Referenced from: /opt/dovecot-2.1.10/lib/dovecot/doveadm/lib10_doveadm_zlib_plugin.so Expected in: flat namespace in /opt/dovecot-2.1.10/lib/dovecot/doveadm/lib10_doveadm_zlib_plugin.so (this is usually intentional, so just ignore this message) doveadm(root): Debug: Module loaded: /opt/dovecot-2.1.10/lib/dovecot/doveadm/lib20_doveadm_fts_plugin.so doveadm(cory): Debug: auth input: cory at domain.com uid=302 gid=6 home=/opt/mail/domain.com/cory doveadm(cory): Debug: changed username to cory at domain.com doveadm(cory): Debug: Effective uid=302, gid=6, home=/opt/mail/domain.com/cory doveadm(cory): Debug: Namespace inbox: type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=mdbox:/opt/mail/domain.com/cory/mdbox doveadm(cory): Debug: fs: root=/opt/mail/domain.com/cory/mdbox, index=, control=, inbox=, alt= doveadm(cory): Debug: Namespace : Using permissions from /opt/mail/domain.com/cory/mdbox: mode=0700 gid=-1 doveadm(cory): Warning: mdbox /opt/mail/domain.com/cory/mdbox/storage: rebuilding indexes doveadm(cory): Error: mdbox /opt/mail/domain.com/cory/mdbox/storage: Duplicate GUID c3bbb2234d93af505873010097ac0257 in m.1:428519 and m.1:441340 doveadm(cory): Error: mdbox /opt/mail/domain.com/cory/mdbox/storage: Duplicate GUID c3bbb2234d93af505873010097ac0257 in m.1:428519 and m.1:453628 [...] doveadm(cory): Error: mdbox /opt/mail/domain.com/cory/mdbox/storage: Duplicate GUID d45f7f111894af506273010097ac0257 in m.83:8565306 and m.83:8594879 Segmentation fault: 11 macy:postfix root# /opt/dovecot/bin/doveconf -n # 2.1.10: /opt/dovecot-2.1.10/etc/dovecot/dovecot.conf doveconf: Warning: service anvil { client_limit=1000 } is lower than required under max. load (1503) # OS: Darwin 11.4.2 x86_64 auth_cache_negative_ttl = 0 auth_cache_size = 1 M auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain login auth_username_format = %n at domain.com auth_verbose = yes auth_verbose_passwords = plain default_internal_user = _dovecot default_login_user = _dovenull default_process_limit = 500 disable_plaintext_auth = no first_valid_uid = 300 instance_name = dovecot-2.1.10 listen = 192.168.20.123 mail_debug = yes mail_location = mdbox:%h/mdbox mail_plugin_dir = /opt/dovecot/lib/dovecot mail_plugins = fts fts_squat mail_log notify mail_privileged_group = mail maildir_very_dirty_syncs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mdbox_rotate_size = 10 M namespace inbox { inbox = yes location = prefix = separator = / } passdb { args = scheme=CRYPT username_format=%u /opt/dovecot/etc/dovecot/users driver = passwd-file } plugin { fts = squat mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid size from subject } protocols = imap lmtp service aggregator { fifo_listener replication-notify-fifo { mode = 00 } } service auth { unix_listener /opt/local/var/spool/postfix/private/auth { group = _postfix mode = 0660 user = _postfix } unix_listener auth-userdb { group = mail mode = 0660 user = admin } } service director { fifo_listener login/proxy-notify { mode = 00 } } service imap { executable = imap postlogin } service lmtp { unix_listener /opt/local/var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } } service postlogin { executable = script-login rawlog -t } service stats { fifo_listener stats-mail { mode = 00 } } ssl_cert = </apposite/etc/ssl/mail_domain_com/mail_domain_com.crt ssl_key = </apposite/etc/ssl/mail_domain_com/mail_domain_com.key userdb { args = username_format=%u /opt/dovecot/etc/dovecot/users driver = passwd-file } verbose_proctitle = yes protocol imap { mail_max_userip_connections = 16 } From dmiller at amfes.com Wed Nov 28 18:57:04 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Wed, 28 Nov 2012 08:57:04 -0800 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <50B64083.1060605@amfes.com> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> <50B446B8.6070701@amfes.com> <4ED5439E-C949-4F63-A01C-15869DA43FBA@iki.fi> <FD146DEE-48AF-4D3C-B6FB-9C850205A8AC@iki.fi> <50B4DC25.1000700@amfes.com> <50B4DE62.4070403@amfes.com> <45DDC47A-3170-4370-8202-03DBCF91581A@iki.fi> <50B57A5C.1000300@amfes.com> <B141B96E-0384-4A73-873C-DA3B5B0BAD03@iki.fi> <50B5D055.6010605@amfes.com> <2745DFD2-9D73-4E17-95A5-F7B858C54DB4@iki.fi> <50B64083.1060605@amfes.com> Message-ID: <assp.06796557cc.50B64260.4030704@amfes.com> On 11/28/2012 8:49 AM, Daniel L. Miller wrote: > On 11/28/2012 12:55 AM, Timo Sirainen wrote: >> On 28.11.2012, at 10.50, Daniel L. Miller wrote: >> >>> On 11/27/2012 6:45 PM, Timo Sirainen wrote: >>>> On 28.11.2012, at 4.43, Daniel L. Miller wrote: >>>> >>>>>> I did go through the code looking for that a few times already >>>>>> but didn't notice anything. I went through it once more, and >>>>>> finally found the problem. :) >>>>>> http://hg.dovecot.org/dovecot-2.1/rev/6a97faf3e500 >>>>>> >>>>> :( Mine still breaks. Both UTF-8 and Control-Char errors. >>>> Can you grab the network traffic between Dovecot and Solr and find >>>> the problematic stream? >>>> >>> Tell me how and I'll be happy to! >> Maybe the easiest would be to use tcpflow. It outputs different TCP >> streams to different files. From them you can then grep for the error >> and look closer into it. I guess something like wireshark would work >> too, but I've never been able to use its GUI in a useful way. >> > Would I just do "tcpflow -i lo port 8983"? Or something else? > Stream capture sent to you. -- Daniel From slitt at troubleshooters.com Wed Nov 28 19:10:40 2012 From: slitt at troubleshooters.com (Steve Litt) Date: Wed, 28 Nov 2012 12:10:40 -0500 Subject: [Dovecot] Shutting down my Dovecot server? In-Reply-To: <20121128131215.1d7c4d66@havleik.no> References: <20121128131215.1d7c4d66@havleik.no> Message-ID: <20121128121040.3dd3da7a@mydesk> On Wed, 28 Nov 2012 13:12:15 +0100, Bj?rn T Johansen said: > I am planning to shut down my own Dovecot server and start using the > other Dovecot server I am administering together with a friend.. > > And I was thinking that I don't want to copy the emails I have on my > server so I want to start from scratch on the other server.. But I > would like to be able to look at the old emails if I need to, so was > wondering if there is a way to do this without using an imap server? > Can I convert my mails stored in the maildir format to mbox or is > there a better way to solve my problem? I'm not sure why you want to convert to mbox, especially when there are multiple mbox versions. I'm also not sure why you don't want to copy emails. How else would they appear on the new server. I suppose you could use rsync to copy the data itself. You use Claws-Mail. If I were in your shoes, I'd bring up the empty Dovecot server and make a new Claws-Mail account for that empty server. Then in Claws-Mail I'd use the copy feature to copy whole folder trees to the new server. Once that's done, I'd reconfigure your original Dovecot so it can serve only on its local machine, and bang, you have your new server, with old emails you can look at. This is similar to the procedure I used to move my Kmail folders (over 100K messages) to Dovecot. http://www.troubleshooters.com/lpm/201202/201202.htm HTH, SteveT Steve Litt * http://www.troubleshooters.com/ * http://twitter.com/stevelitt Troubleshooting Training * Human Performance From btj at havleik.no Wed Nov 28 22:52:37 2012 From: btj at havleik.no (=?UTF-8?Q?Bj=C3=B8rn_T_Johansen?=) Date: Wed, 28 Nov 2012 21:52:37 +0100 Subject: [Dovecot] =?utf-8?q?Shutting_down_my_Dovecot_server=3F?= In-Reply-To: <20121128121040.3dd3da7a@mydesk> References: <20121128131215.1d7c4d66@havleik.no> <20121128121040.3dd3da7a@mydesk> Message-ID: <a837b28f89bbee3195bd1e679bc73711@havleik.no> On 28.11.2012 18:10, Steve Litt wrote: > On Wed, 28 Nov 2012 13:12:15 +0100, Bj?rn T Johansen said: >> I am planning to shut down my own Dovecot server and start using the >> other Dovecot server I am administering together with a friend.. >> >> And I was thinking that I don't want to copy the emails I have on my >> server so I want to start from scratch on the other server.. But I >> would like to be able to look at the old emails if I need to, so was >> wondering if there is a way to do this without using an imap server? >> Can I convert my mails stored in the maildir format to mbox or is >> there a better way to solve my problem? > > I'm not sure why you want to convert to mbox, especially when there > are > multiple mbox versions. > > I'm also not sure why you don't want to copy emails. How else would > they appear on the new server. I suppose you could use rsync to copy > the data itself. > > You use Claws-Mail. If I were in your shoes, I'd bring up the empty > Dovecot server and make a new Claws-Mail account for that empty > server. > Then in Claws-Mail I'd use the copy feature to copy whole folder > trees > to the new server. Once that's done, I'd reconfigure your original > Dovecot so it can serve only on its local machine, and bang, you have > your new server, with old emails you can look at. > > This is similar to the procedure I used to move my Kmail folders > (over > 100K messages) to Dovecot. > > http://www.troubleshooters.com/lpm/201202/201202.htm > > HTH, > > SteveT Well, I could do that... But you see, there is not much of the emails I have at the moment that I really need, I might need one now and then... So that is why I don't want to copy almost 10GB of email to the new server... But I guess that might be the most practical solution perhaps... Doesn't seem to be a better solution.... BTJ -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From h.reindl at thelounge.net Wed Nov 28 22:57:19 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Wed, 28 Nov 2012 21:57:19 +0100 Subject: [Dovecot] Shutting down my Dovecot server? In-Reply-To: <a837b28f89bbee3195bd1e679bc73711@havleik.no> References: <20121128131215.1d7c4d66@havleik.no> <20121128121040.3dd3da7a@mydesk> <a837b28f89bbee3195bd1e679bc73711@havleik.no> Message-ID: <50B67AAF.6080806@thelounge.net> Am 28.11.2012 21:52, schrieb Bj?rn T Johansen: > Well, I could do that... But you see, there is not much of the emails I have at the moment that I really need, I > might need one now and then... > So that is why I don't want to copy almost 10GB of email to the new server... again: if you do NOT want them on the new server drag them to your local MUA - what the hell do you imagine as third option * not on the server * not on the local MUA so where do you believe they are? well, you could delete them but you said you want them archied............ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 261 bytes Desc: OpenPGP digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121128/976a0920/attachment-0002.bin> From btj at havleik.no Thu Nov 29 00:04:32 2012 From: btj at havleik.no (=?UTF-8?B?QmrDuHJu?= T Johansen) Date: Wed, 28 Nov 2012 23:04:32 +0100 Subject: [Dovecot] Shutting down my Dovecot server? In-Reply-To: <50B67AAF.6080806@thelounge.net> References: <20121128131215.1d7c4d66@havleik.no> <20121128121040.3dd3da7a@mydesk> <a837b28f89bbee3195bd1e679bc73711@havleik.no> <50B67AAF.6080806@thelounge.net> Message-ID: <20121128230432.37c89c4d@havleik.no> On Wed, 28 Nov 2012 21:57:19 +0100 Reindl Harald <h.reindl at thelounge.net> wrote: > > > Am 28.11.2012 21:52, schrieb Bj?rn T Johansen: > > Well, I could do that... But you see, there is not much of the emails I have at the moment that I really need, I > > might need one now and then... > > So that is why I don't want to copy almost 10GB of email to the new server... > > again: > if you do NOT want them on the new server drag them to > your local MUA - what the hell do you imagine as > third option > > * not on the server > * not on the local MUA > > so where do you believe they are? > > well, you could delete them but you said you want > them archied............ > Yes, the other solution I was looking for has to be a away to open the mail in my local MUA, just wondering if there were more than one way to do that... But thx for your suggestions... BTJ -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From tss at iki.fi Thu Nov 29 00:45:50 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 29 Nov 2012 00:45:50 +0200 Subject: [Dovecot] Dovecot director doveadm with switch "-A" error In-Reply-To: <E7FBFA98-4819-4D82-A82E-86455EEAD055@uib.es> References: <453DDEEC-1372-40D2-ADD5-00F56904C52A@uib.es> <B528BA8C-9575-4C3C-B154-F243252B4B6F@iki.fi> <8874EC16-C9A2-4689-91E6-71453FF6ED65@uib.es> <1354065305.2844.30.camel@innu> <E7FBFA98-4819-4D82-A82E-86455EEAD055@uib.es> Message-ID: <1E3289A4-6787-4743-B3F2-D098C6748271@iki.fi> On 28.11.2012, at 16.50, Ramon Frontera wrote: > Dovecot -n show the correct configuration like you explain. > The command doveadm -o auth_socket_path=director-userdb quota get -A works fine on the proxy and now assigns host. Then doveadm isn't seeing the same configuration as what you're looking at. For example did you restart dovecot since the change? Does this return the correct path? : doveconf -m doveadm -f service=doveadm auth_socket_path > Now, the problem is that when we execute doveadm -A or doveadm -u *something* the command fails in the mailserver with this error: > > dovecot: doveadm: Fatal: master: service(doveadm): child 13482 killed with signal 11 (core dumps disabled) I fixed several bugs related to this in hg. I think you hit one of them. > This errors occurs when the search finds more than one user. > When we execute doveadm -u user it works fine > > > I send attached the strace of the mailserver<doveadm.log.zip> strace isn't very useful in debugging crashes. gdb backtraces are: http://dovecot.org/bugreport.html From slitt at troubleshooters.com Thu Nov 29 02:34:57 2012 From: slitt at troubleshooters.com (Steve Litt) Date: Wed, 28 Nov 2012 19:34:57 -0500 Subject: [Dovecot] Shutting down my Dovecot server? In-Reply-To: <a837b28f89bbee3195bd1e679bc73711@havleik.no> References: <20121128131215.1d7c4d66@havleik.no> <20121128121040.3dd3da7a@mydesk> <a837b28f89bbee3195bd1e679bc73711@havleik.no> Message-ID: <20121128193457.019b3e19@mydesk> On Wed, 28 Nov 2012 21:52:37 +0100, Bj?rn T Johansen said: > On 28.11.2012 18:10, Steve Litt wrote: > > On Wed, 28 Nov 2012 13:12:15 +0100, Bj?rn T Johansen said: > >> I am planning to shut down my own Dovecot server and start using > >> the other Dovecot server I am administering together with a > >> friend.. > >> > >> And I was thinking that I don't want to copy the emails I have on > >> my server so I want to start from scratch on the other server.. > >> But I would like to be able to look at the old emails if I need > >> to, so was wondering if there is a way to do this without using an > >> imap server? Can I convert my mails stored in the maildir format > >> to mbox or is there a better way to solve my problem? > > > > I'm not sure why you want to convert to mbox, especially when there > > are > > multiple mbox versions. > > > > I'm also not sure why you don't want to copy emails. How else would > > they appear on the new server. I suppose you could use rsync to copy > > the data itself. > > > > You use Claws-Mail. If I were in your shoes, I'd bring up the empty > > Dovecot server and make a new Claws-Mail account for that empty > > server. > > Then in Claws-Mail I'd use the copy feature to copy whole folder > > trees > > to the new server. Once that's done, I'd reconfigure your original > > Dovecot so it can serve only on its local machine, and bang, you > > have your new server, with old emails you can look at. > > > > This is similar to the procedure I used to move my Kmail folders > > (over > > 100K messages) to Dovecot. > > > > http://www.troubleshooters.com/lpm/201202/201202.htm > > > > HTH, > > > > SteveT > > Well, I could do that... But you see, there is not much of the emails > I have at the moment that I really need, I might need one now and > then... So that is why I don't want to copy almost 10GB of email to > the new server... > > But I guess that might be the most practical solution perhaps... > Doesn't seem to be a better solution.... > > > BTJ Hi Bj?rn, Here's the thought process that led me to the suggestion. All email clients suck. Right now Claws-Mail sucks the least, but that could change in a heartbeat. In my experience, a Dovecot server is a much more reliable place to *keep* email than is any client, because you can access it from *any* IMAP aware email client. A localhost-only Dovecot isn't any harder to set up than an email client, but in my experience it's a much better steward of your email. Imagine if, two years ago, you had kept such emails in Kmail, and then upgraded your Linux and been forced into Kmail2. It would have been a disaster. The other thing is, I'm not really sure what your goal is. It sounds like you want your emails on yours and your friends IMAP server, and then a copy locally. Or perhaps you wanted your old email only locally. Either of those speaks to a local Dovecot server. Thanks SteveT Steve Litt * http://www.troubleshooters.com/ * http://twitter.com/stevelitt Troubleshooting Training * Human Performance From daniel.parthey at informatik.tu-chemnitz.de Thu Nov 29 02:40:28 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Thu, 29 Nov 2012 01:40:28 +0100 Subject: [Dovecot] stats error: stats shrank In-Reply-To: <C081AC31-C264-46E2-BF93-2FD2873523E3@iki.fi> References: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> <20121127214749.GA11546@daniel.localdomain> <CBBB237A-B634-43E8-B785-134A95203201@iki.fi> <C081AC31-C264-46E2-BF93-2FD2873523E3@iki.fi> Message-ID: <20121129004028.GA16494@daniel.localdomain> Timo Sirainen wrote: > On 28.11.2012, at 4.31, Timo Sirainen wrote: > > On 27.11.2012, at 23.47, Daniel Parthey wrote: > >> Timo Sirainen wrote: > >>> Just to let you know: I'm planning on releasing v2.1.11 today/tomorrow. If you wish to get something fixed for it, ask quickly. :) > >> > >> Can you fix these strange stats plugin errors please? > >> These are the only errors regularly occurring in our 2.1.10 logs: > >> > >> Nov 27 08:06:54 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 429 < 622 > >> Nov 27 08:07:06 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 436 < 622 > > Also, can you reproduce this really easily? For example with pop3: Unfortunately not, it occurs sporadically. > telnet localhost 110 > user foo > pass bar > list > retr 1 > quit > > Does that log about this? No it doesn't. Seems to need some more investigation, It logs about 10 to 100 Errors over one day with 10000 lmtp deliveries. Perhaps you could just add some debugging into the logging for upcoming releases, so we can identify the source of the problem? The message "mlpath 429 < 622" actually doesn't tell me anything, neither which user is affected, nor which session. Regards Daniel -- https://plus.google.com/103021802792276734820 From johnsone at usc.edu Thu Nov 29 07:45:51 2012 From: johnsone at usc.edu (Erik A Johnson) Date: Wed, 28 Nov 2012 21:45:51 -0800 Subject: [Dovecot] imap-login hanging when firewall blocks ssl handshaking In-Reply-To: <AED7EBF0-A31F-4171-88DC-F07463A9E0B1@usc.edu> References: <B7D3B051-AEFD-42CD-87DC-60764AF401D4@usc.edu> <8EDD59BD-AC4B-442F-B148-285BC368B49B@iki.fi> <AED7EBF0-A31F-4171-88DC-F07463A9E0B1@usc.edu> Message-ID: <0EBE238A-77D0-4736-86DB-1248BB67F591@usc.edu> Here's the log: Nov 28 21:28:11 macbookpro-e17d.home dovecot[54139]: master: Dovecot v2.1.10 starting up (core dumps disabled) Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: ssl_step() Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: ssl_handshake: SSL_accept()=-1 Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: SSL_get_error() = 2 Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: - want_read Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: ssl_set_io(0) [last 5 lines are repeated until process is killed] On Nov 26, 2012, as 11:38PM PST, Timo Sirainen <tss at iki.fi> wrote: > > Could you try with the attached patch, and with only the problematic > client running? What does it log (the beginning of the session until it > starts repeating the same lines)? > > On 10.11.2012, at 12.44, Erik A Johnson wrote: >> imap-login processes are hanging (using 100% of CPU) when connected from a client that is partially blocked by a firewall. It appears that imap-login is stuck in a loop trying to complete an ssl handshake. imap-login is working fine for other clients not blocked by the firewall (including localhost). >> >> This is dovecot 2.1.10 under Mac OS X 10.8.2 (compiled from sources); the firewall is Little Snitch 3.0.1 blocking port 993, which appears to let the connection initiate but then squashes and disconnects the socket during ssl handshaking. >> >> gdb backtrace and Activity Monitor's "Sample Process" show that imap-login is stuck calling ioloop-kqueue's io_loop_handler_run -> io_loop_call_io -> ssl_step repeatedly; dtruss shows that it is repeatedly making system calls to kevent and read, the latter returning -1 with errno 57=ENOTCONN="Socket is not connected". (I also tried ./configure --with-ioloop=poll and --with-iopoll=select instead of the default best = kqueue but the results were the same; --with-iopoll=epoll didn't work because epoll is not available on this machine.) The client, initiated by the command "openssl s_client -connect SERVER:993", first responds "CONNECTED(00000003)" but then immediately the error "60278:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:/SourceCache/OpenSSL098/OpenSSL098-44/src/ssl/s23_lib.c:182:". The infinite loop is in src/lib/ioloop.c in the function "io_loop_run" where the statement "while (ioloop->running) io_loop_handler_run(ioloop)" is executed. From tss at iki.fi Thu Nov 29 08:18:07 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 29 Nov 2012 08:18:07 +0200 Subject: [Dovecot] imap-login hanging when firewall blocks ssl handshaking In-Reply-To: <0EBE238A-77D0-4736-86DB-1248BB67F591@usc.edu> References: <B7D3B051-AEFD-42CD-87DC-60764AF401D4@usc.edu> <8EDD59BD-AC4B-442F-B148-285BC368B49B@iki.fi> <AED7EBF0-A31F-4171-88DC-F07463A9E0B1@usc.edu> <0EBE238A-77D0-4736-86DB-1248BB67F591@usc.edu> Message-ID: <0F84131D-D17A-4AEC-BFBC-623C859B1ACD@iki.fi> This is either OSX bug or OpenSSL bug.. Apparently what happens is: 1. Client sends SYN packet to Dovecot 2. Dovecot accept()s the connection (sends SYN-ACK) and goes into OpenSSL code 3. Client doesn't send ACK to Dovecot. Does it send RST or nothing or something else? I don't know. 4. OSX notices anyway that something is wrong with the socket, and kqueue says that the socket is ready for reading 5. OpenSSL read()s, which fails with ENOTCONN. But OpenSSL thinks this is a non-fatal error and simply asks to be notified again when something can be read 6. goto 4 So, whose bug is it? OpenSSL's ENOTCONN handling probably makes sense for client connections where connect() hasn't finished yet. But then again, this is accept()ed connection where it typically should fail like that. Except I guess it might be correct behavior if read() is done after SYN-ACK but before receiving ACK. While OSX is receiving ACK from the client, it shouldn't say that the fd is readable. It probably doesn't. But after it receives <something> it realizes that the socket is disconnected. So read() probably shouldn't be returning ENOTCONN anymore at this point, but instead ECONNRESET or ETIMEDOUT. See if the attached patch helps. -------------- next part -------------- A non-text attachment was scrubbed... Name: diff Type: application/octet-stream Size: 754 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121129/9a40215c/attachment-0002.obj> -------------- next part -------------- On 29.11.2012, at 7.45, Erik A Johnson wrote: > Here's the log: > > Nov 28 21:28:11 macbookpro-e17d.home dovecot[54139]: master: Dovecot v2.1.10 starting up (core dumps disabled) > Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: ssl_step() > Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: ssl_handshake: SSL_accept()=-1 > Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: SSL_get_error() = 2 > Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: - want_read > Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: ssl_set_io(0) > [last 5 lines are repeated until process is killed] > > On Nov 26, 2012, as 11:38PM PST, Timo Sirainen <tss at iki.fi> wrote: >> >> Could you try with the attached patch, and with only the problematic >> client running? What does it log (the beginning of the session until it >> starts repeating the same lines)? >> >> On 10.11.2012, at 12.44, Erik A Johnson wrote: >>> imap-login processes are hanging (using 100% of CPU) when connected from a client that is partially blocked by a firewall. It appears that imap-login is stuck in a loop trying to complete an ssl handshake. imap-login is working fine for other clients not blocked by the firewall (including localhost). >>> >>> This is dovecot 2.1.10 under Mac OS X 10.8.2 (compiled from sources); the firewall is Little Snitch 3.0.1 blocking port 993, which appears to let the connection initiate but then squashes and disconnects the socket during ssl handshaking. >>> >>> gdb backtrace and Activity Monitor's "Sample Process" show that imap-login is stuck calling ioloop-kqueue's io_loop_handler_run -> io_loop_call_io -> ssl_step repeatedly; dtruss shows that it is repeatedly making system calls to kevent and read, the latter returning -1 with errno 57=ENOTCONN="Socket is not connected". (I also tried ./configure --with-ioloop=poll and --with-iopoll=select instead of the default best = kqueue but the results were the same; --with-iopoll=epoll didn't work because epoll is not available on this machine.) The client, initiated by the command "openssl s_client -connect SERVER:993", first responds "CONNECTED(00000003)" but then immediately the error "60278:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:/SourceCache/OpenSSL098/OpenSSL098-44/src/ssl/s23_lib.c:182:". The infinite loop is in src/lib/ioloop.c in the function "io_loop_run" where the statement "while (ioloop->running) io_loop_handler_run(ioloop)" is executed. > > From sobotka.karel at gmail.com Thu Nov 29 03:58:00 2012 From: sobotka.karel at gmail.com (sobotka karel) Date: Thu, 29 Nov 2012 02:58:00 +0100 Subject: [Dovecot] Umask of Homedir Message-ID: <CAMQF1N0WoVy2AUsmNKPOuDNeukawzrBBk5nimKceBsxc==MA0w@mail.gmail.com> Hi, I know it's a while since you've had this issue, but still do you remember by any chance how you solved this? I'm having the same problems, when all the directories are created with 700 and I need a group permissions to be at least 750. Thanks! regards, From tss at iki.fi Thu Nov 29 08:44:34 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 29 Nov 2012 08:44:34 +0200 Subject: [Dovecot] v2.1.11 released Message-ID: <1354171474.13277.5.camel@hurina> http://dovecot.org/releases/2.1/dovecot-2.1.11.tar.gz http://dovecot.org/releases/2.1/dovecot-2.1.11.tar.gz.sig * lmtp/lda: dovecot.index.cache file is no longer fully mapped to memory, allowing mail deliveries to work even if the file is huge. * auth: userdb passwd lookups are now done by auth worker processes instead of auth master process (as it was documented, but accidentally didn't work that way). + lmtp: lmtp_rcpt_check_quota=yes setting checks quota on RCPT TO. - lmtp: After successful proxying RCPT TO, the next one to a nonexistent user gave tempfail error instead of "user not found". - lmtp proxy: Fixed hanging if remote server was down. - imap: Fixed crash when SEARCH contained multiple KEYWORD parameters. - doveadm: Various fixes to handling doveadm-server connections. - -i <instance name> parameter for Dovecot tools didn't work correctly. - director was somewhat broken in v2.1.10. This version also includes various reliability enhancements. - auth: passdb imap was broken in v2.1.10. From tss at iki.fi Thu Nov 29 08:48:40 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 29 Nov 2012 08:48:40 +0200 Subject: [Dovecot] corrupt mdbox, force-resync segfaults In-Reply-To: <1354121644.30622.140661159272889.146CA37B@webmail.messagingengine.com> References: <1354121644.30622.140661159272889.146CA37B@webmail.messagingengine.com> Message-ID: <6D8CCCFE-8599-4EC3-B90B-5D06F25D75DD@iki.fi> On 28.11.2012, at 18.54, Metro Domain Admin wrote: > I could use some help with a corrupt mdbox. doveadm force-resync is > crashing (see below), but I really need just to get this account > functioning. What's my next step, as far as deleting index files? gdb backtrace would be helpful in fixing the crash. http://dovecot.org/bugreport.html Probably you can do simply: gdb --args /opt/dovecot/bin/doveadm -Dv force-resync -u cory INBOX run bt full or if that doesn't work (or simply gives "??" lines or other unusable garbage), try: ulimit -c unlimited /opt/dovecot/bin/doveadm -Dv force-resync -u cory INBOX gdb /opt/dovecot/bin/doveadm core bt full Also the just released v2.1.11 fixes some potential crashes. From btj at havleik.no Thu Nov 29 09:02:19 2012 From: btj at havleik.no (=?UTF-8?B?QmrDuHJu?= T Johansen) Date: Thu, 29 Nov 2012 08:02:19 +0100 Subject: [Dovecot] Shutting down my Dovecot server? In-Reply-To: <20121128193457.019b3e19@mydesk> References: <20121128131215.1d7c4d66@havleik.no> <20121128121040.3dd3da7a@mydesk> <a837b28f89bbee3195bd1e679bc73711@havleik.no> <20121128193457.019b3e19@mydesk> Message-ID: <20121129080219.2edfd707@havleik.no> On Wed, 28 Nov 2012 19:34:57 -0500 Steve Litt <slitt at troubleshooters.com> wrote: > On Wed, 28 Nov 2012 21:52:37 +0100, Bj?rn T Johansen said: > > On 28.11.2012 18:10, Steve Litt wrote: > > > On Wed, 28 Nov 2012 13:12:15 +0100, Bj?rn T Johansen said: > > >> I am planning to shut down my own Dovecot server and start using > > >> the other Dovecot server I am administering together with a > > >> friend.. > > >> > > >> And I was thinking that I don't want to copy the emails I have on > > >> my server so I want to start from scratch on the other server.. > > >> But I would like to be able to look at the old emails if I need > > >> to, so was wondering if there is a way to do this without using an > > >> imap server? Can I convert my mails stored in the maildir format > > >> to mbox or is there a better way to solve my problem? > > > > > > I'm not sure why you want to convert to mbox, especially when there > > > are > > > multiple mbox versions. > > > > > > I'm also not sure why you don't want to copy emails. How else would > > > they appear on the new server. I suppose you could use rsync to copy > > > the data itself. > > > > > > You use Claws-Mail. If I were in your shoes, I'd bring up the empty > > > Dovecot server and make a new Claws-Mail account for that empty > > > server. > > > Then in Claws-Mail I'd use the copy feature to copy whole folder > > > trees > > > to the new server. Once that's done, I'd reconfigure your original > > > Dovecot so it can serve only on its local machine, and bang, you > > > have your new server, with old emails you can look at. > > > > > > This is similar to the procedure I used to move my Kmail folders > > > (over > > > 100K messages) to Dovecot. > > > > > > http://www.troubleshooters.com/lpm/201202/201202.htm > > > > > > HTH, > > > > > > SteveT > > > > Well, I could do that... But you see, there is not much of the emails > > I have at the moment that I really need, I might need one now and > > then... So that is why I don't want to copy almost 10GB of email to > > the new server... > > > > But I guess that might be the most practical solution perhaps... > > Doesn't seem to be a better solution.... > > > > > > BTJ > > > > Hi Bj?rn, > > Here's the thought process that led me to the suggestion. All email > clients suck. Right now Claws-Mail sucks the least, but that could > change in a heartbeat. In my experience, a Dovecot server is a much > more reliable place to *keep* email than is any client, because you can > access it from *any* IMAP aware email client. A localhost-only Dovecot > isn't any harder to set up than an email client, but in my experience > it's a much better steward of your email. > > Imagine if, two years ago, you had kept such emails in Kmail, and then > upgraded your Linux and been forced into Kmail2. It would have been a > disaster. > > The other thing is, I'm not really sure what your goal is. It sounds > like you want your emails on yours and your friends IMAP server, and > then a copy locally. Or perhaps you wanted your old email only locally. > Either of those speaks to a local Dovecot server. > > Thanks > > SteveT > > Steve Litt * http://www.troubleshooters.com/ > * http://twitter.com/stevelitt > Troubleshooting Training * Human Performance > > I only want my old mails locally but I think I have to consider a local Dovecot installation; the more I think about it the more that seems to be the best solution... :) BTJ -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From nanashi at otenet.gr Thu Nov 29 11:00:52 2012 From: nanashi at otenet.gr (nanashi) Date: Thu, 29 Nov 2012 11:00:52 +0200 Subject: [Dovecot] Missing quotes in dovecot-config causes pigeonhole to failed. Message-ID: <50B72444.5000707@otenet.gr> I had to manually quote in dovecot-config LIBDOVECOT_LOGIN='-ldovecot-login -lssl -lcrypto ' by default was LIBDOVECOT_LOGIN=-ldovecot-login -lssl -lcrypto That cause pigeonhole to failed. Regards nanashi From tss at iki.fi Thu Nov 29 12:45:38 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 29 Nov 2012 12:45:38 +0200 Subject: [Dovecot] Missing quotes in dovecot-config causes pigeonhole to failed. In-Reply-To: <50B72444.5000707@otenet.gr> References: <50B72444.5000707@otenet.gr> Message-ID: <149B855F-C5F7-46A6-BF04-CB102ECA3E47@iki.fi> On 29.11.2012, at 11.00, nanashi wrote: > I had to manually quote in dovecot-config > LIBDOVECOT_LOGIN='-ldovecot-login -lssl -lcrypto ' > by default was > LIBDOVECOT_LOGIN=-ldovecot-login -lssl -lcrypto > > That cause pigeonhole to failed. Oh, annoying :( I guess I'll release 2.1.12 with this one change.. or maybe wait a few more hours to see if people find anything else. http://hg.dovecot.org/dovecot-2.1/rev/f77e87298a66 From matt at orphans.co.uk Thu Nov 29 13:02:28 2012 From: matt at orphans.co.uk (Matt Jones) Date: Thu, 29 Nov 2012 11:02:28 +0000 Subject: [Dovecot] Problem with mail_location and INDEX location Message-ID: <50B740C4.9090003@orphans.co.uk> HI, I'm pulling my hair out a little trying to get dovecot to save it's index locally rather than in the NFS mount. No matter what I do it seems to save the indices in the Maildir on the NFS. I'm using dovecot 2.0.18 on CentOS 6.3. The relevant config I'm using: mmap_disable = no dotlock_use_excl = no # only needed with NFSv2, NFSv3+ supports O_EXCL and it's faster mail_fsync = always mail_nfs_storage = yes mail_nfs_index = no lock_method = dotlock # Mail location and mailbox format. mail_location = maildir:/%Lh/Maildir/:INDEX=/var/indexes/%Ld/%Lu/ Dovecot runs under the user:group vmail:vmail, and the user has write access to those directories. [root at tay var]# ls -al total 96 drwxr-xr-x. 24 root root 4096 Nov 29 09:36 . dr-xr-xr-x. 23 root root 4096 Nov 28 15:26 .. drwxr-x--- 5 amavis amavis 4096 Nov 29 09:21 amavis drwxr-xr-x. 10 root root 4096 Nov 28 15:14 cache drwxr-xr-x. 2 clamav clamav 4096 Nov 29 03:49 clamav drwxr-xr-x. 3 root root 4096 Nov 28 14:21 db drwxr-xr-x. 3 root root 4096 Nov 28 13:35 empty drwxr-xr-x. 2 root root 4096 Sep 23 2011 games drwx------ 2 vmail vmail 4096 Nov 29 10:42 indexes drwxr-xr-x. 25 root root 4096 Nov 28 15:15 lib drwxr-xr-x. 2 root root 4096 Sep 23 2011 local drwxrwxr-x. 5 root lock 4096 Nov 29 03:49 lock drwxr-xr-x. 5 root root 4096 Nov 29 04:10 log lrwxrwxrwx. 1 root root 10 Nov 28 13:34 mail -> spool/mail drwxr-xr-x. 2 root root 4096 Sep 23 2011 nis drwxr-xr-x. 2 root root 4096 Sep 23 2011 opt drwxr-xr-x. 2 root root 4096 Sep 23 2011 preserve drwxr-xr-x. 20 root root 4096 Nov 29 09:51 run drwxr-xr-x. 9 root root 4096 Nov 28 15:14 spool drwxrwxrwt. 3 root root 4096 Nov 29 09:22 tmp drwxr-x--- 2 amavis amavis 4096 Jun 8 15:39 virusmails drwx------. 5 vmail vmail 4096 Nov 29 09:35 vmail drwx------. 3 root bin 4096 Nov 29 09:22 webmin drwxr-xr-x. 12 root root 4096 Nov 28 15:17 www drwxr-xr-x. 2 root root 4096 Sep 23 2011 yp After restarting dovecot, and logging in via imap, I see the following under the Maildir: [root at tay Maildir]# ls -al /var/vmail/vmail1/orphans.co.uk/m/a/t/matt-2011.07.06.09.41.05/Maildir total 56 drwx------ 9 vmail vmail 4096 Nov 29 10:57 . drwx------ 3 vmail vmail 4096 Nov 29 10:17 .. drwx------ 2 vmail vmail 4096 Nov 29 10:41 cur -rw------- 1 vmail vmail 248 Nov 29 10:41 dovecot.index.log -rw------- 1 vmail vmail 120 Nov 29 10:41 dovecot.mailbox.log -rw------- 1 vmail vmail 51 Nov 29 10:41 dovecot-uidlist -rw------- 1 vmail vmail 8 Nov 29 10:41 dovecot-uidvalidity -r--r--r-- 1 vmail vmail 0 Nov 29 10:41 dovecot-uidvalidity.50b73be3 drwx------ 5 vmail vmail 4096 Nov 29 10:41 .Drafts drwx------ 5 vmail vmail 4096 Nov 29 10:41 .Junk drwx------ 2 vmail vmail 4096 Nov 29 10:41 new drwx------ 5 vmail vmail 4096 Nov 29 10:41 .Sent -rw------- 1 vmail vmail 29 Nov 29 10:41 subscriptions drwx------ 2 vmail vmail 4096 Nov 29 10:41 tmp drwx------ 5 vmail vmail 4096 Nov 29 10:41 .Trash [root at tay Maildir]# ls -al /var/indexes/ total 8 drwx------ 2 vmail vmail 4096 Nov 29 10:42 . drwxr-xr-x. 24 root root 4096 Nov 29 09:36 .. Any ideas? Matt From benedetto.vassallo at unipa.it Thu Nov 29 14:01:56 2012 From: benedetto.vassallo at unipa.it (Benedetto Vassallo) Date: Thu, 29 Nov 2012 13:01:56 +0100 Subject: [Dovecot] Maildir hardlinks with sieve Message-ID: <20121129130156.86002utrv14t9eic@webmail.unipa.it> Hi all, First of all, excuse me for my previous posts (Maildir hardlinks). Today I realized the following issue. Maildir hardlinks works OK on dovecot 2.1.10 without sieve. If set sieve plugin in dovecot-lmtp hardlinks stop working. Is there a way to have both sieve and hardlinks working? Thank you -- Benedetto Vassallo Sistema Informativo di Ateneo Settore Gestione Reti Hardware e Software U.O.B. Sviluppo e manutenzione dei sistemi Universit? degli studi di Palermo Phone: +3909123860056 Fax: +390916529124 ------------------------------------------------------------------------- This message was sent using the University of Palermo web mail interface. From CMarcus at Media-Brokers.com Thu Nov 29 14:16:32 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Thu, 29 Nov 2012 07:16:32 -0500 Subject: [Dovecot] Problem with mail_location and INDEX location In-Reply-To: <50B740C4.9090003@orphans.co.uk> References: <50B740C4.9090003@orphans.co.uk> Message-ID: <50B75220.6050308@Media-Brokers.com> On 2012-11-29 6:02 AM, Matt Jones <matt at orphans.co.uk> wrote: > The relevant config I'm using: > > > mmap_disable = no Please only/always post full output of doveconf -n, not copy/pastes from the config file... this is the only way to be sure that you are using the config you *think* you are using... -- Best regards, Charles From dave at morsberger.com Thu Nov 29 14:45:02 2012 From: dave at morsberger.com (David Morsberger) Date: Thu, 29 Nov 2012 07:45:02 -0500 Subject: [Dovecot] Missing Messages on IOS device In-Reply-To: <50B5A603.5060509@hardwarefreak.com> References: <CA3255CA-B8B2-4BBB-A1D3-395C1FADBA92@morsberger.com> <50B5A603.5060509@hardwarefreak.com> Message-ID: <2E5CBC77-023F-48A5-B1A8-709334B3C21E@morsberger.com> I checked again and I did not see any log entries on the server or client. Not sure how to debug iPhone/iPad. I'm sure this isn't a bug in dovecot per se because the behavior is different on the different client types. I was just wondering if someone else has seen similar behavior before and worked through it. Thanks, David On Nov 28, 2012, at 12:49 AM, Stan Hoeppner <stan at hardwarefreak.com> wrote: > On 11/27/2012 9:21 PM, David Morsberger wrote: >> Resending because I didn't get any responses from my first post: >> >> I just converted my old server running UW/Panda to a Mac Mini Server running Mountain Lion (ML) Server. I'm using the postfix / dovecot setup provided by Apple. >> >> My IMAP clients are not showing all my emails. The Mail App on my iPhone and iPad is behaving the worse. I can see the emails that are not showing up in the cur directory. >> >> The ML Mail App is stating there are 3854 emails in my INBOX. There are 3948 files in the 'cur' directory ('ls cur | wc -l' returns 3948). Other mailboxes and directories have the same behavior. I'm not sure what to expect here. >> >> My method of conversion was to bulk copy (drag and drop) all the messages from one the UW server to the Dovecot server using the Apple Desktop Mail App in Mountain Lion. >> >> Any idea why these messages are not showing up on my devices and how I can get them to show up? > > Not really. Problem reports are typically accompanied by errors in log > files. You've provided none. You've provided only subjective > observation which is rarely useful in troubleshooting. If you provide > some Dovecot logging related to the problem we may be able to help. > Short of that we can only make wild ass guesses. > > Are your clients subscribing all IMAP folders? Are your clients > checking all folders for new mail? > > -- > Stan > From ramon.frontera at uib.es Thu Nov 29 16:22:49 2012 From: ramon.frontera at uib.es (Ramon Frontera) Date: Thu, 29 Nov 2012 15:22:49 +0100 Subject: [Dovecot] Dovecot director doveadm with switch "-A" error In-Reply-To: <1E3289A4-6787-4743-B3F2-D098C6748271@iki.fi> References: <453DDEEC-1372-40D2-ADD5-00F56904C52A@uib.es> <B528BA8C-9575-4C3C-B154-F243252B4B6F@iki.fi> <8874EC16-C9A2-4689-91E6-71453FF6ED65@uib.es> <1354065305.2844.30.camel@innu> <E7FBFA98-4819-4D82-A82E-86455EEAD055@uib.es> <1E3289A4-6787-4743-B3F2-D098C6748271@iki.fi> Message-ID: <0202B7EE-0411-46BA-ACF2-6C378C7443B4@uib.es> Hi, we have installed dovecot version 2.1.11 Now we have found 3 problems with doveadm on proxy server: 1 problem: In our configuration we have: protocol doveadm { auth_socket_path = director-userdb } I have executed this: # doveconf -m doveadm -f service=doveadm auth_socket_path auth_socket_path = director-userdb Now when We execute doveadm quota get -A we have this error: doveadm(user1): Error: /var/run/dovecot//auth-userdb: Proxy is missing destination host (maybe set auth_socket_path=director-userdb) doveadm: Error: Failed to iterate through some users with "-o auth_socket_path=director-userdb " it works for the early users. 2 problem when we execute doveadm -o auth_socket_path=director-userdb quota get -A it works for the early users and then return this error on proxy: doveadm(userabc): Fatal: table formatter doesn't support multi-line values 3 problem I have tested other doveadm command on proxy wich also fails: # doveadm -o auth_socket_path=director-userdb search -u user mailbox Trash savedbefore 1d on proxy we have this error: " doveadm(user): Error: xx.xx.xx.xx:24245: Internal failure for user" on mailserver we have this error: "doveadm: Fatal: master: service(doveadm): child 22171 killed with signal 11 (core dumps disabled)" I put the gdm bt output hope it help you. (mailserver) Core was generated by `dovecot/doveadm-server'. Program terminated with signal 11, Segmentation fault. #0 auth_master_user_list_next (ctx=0x0) at auth-master.c:680 680 auth-master.c: No such file or directory. in auth-master.c Missing separate debuginfos, use: debuginfo-install dovecot-2.1.11-1_136.el6.x86_64 (gdb) bt full #0 auth_master_user_list_next (ctx=0x0) at auth-master.c:680 No locals. #1 0x00007f2dfe414f23 in mail_storage_service_all_next (ctx=0xf92900, username_r=0x7fff4306cab8) at mail-storage-service.c:1215 __FUNCTION__ = "mail_storage_service_all_next" #2 0x00007f2dfd0b0ed2 in doveadm_expire_mail_init (ctx=0xf89020) at doveadm-expire.c:420 ectx = 0xf89198 dict = 0xf93110 query = <value optimized out> expire_dict = <value optimized out> username = 0x0 value = <value optimized out> username_dup = <value optimized out> #3 0x000000000040aa1a in doveadm_mail_single_user () No symbol table info available. #4 0x00000000004121b9 in client_connection_input () No symbol table info available. #5 0x00007f2dfe14f2c6 in io_loop_call_io (io=0xf8e7a0) at ioloop.c:379 ioloop = 0xf84690 t_id = 2 #6 0x00007f2dfe1502ef in io_loop_handler_run (ioloop=<value optimized out>) at ioloop-epoll.c:213 ---Type <return> to continue, or q <return> to quit--- ctx = 0xf874c0 events = <value optimized out> event = 0xf87530 list = 0xf8e7f0 io = <value optimized out> tv = {tv_sec = 2147483, tv_usec = 0} msecs = <value optimized out> ret = 1 i = <value optimized out> call = <value optimized out> #7 0x00007f2dfe14f268 in io_loop_run (ioloop=0xf84690) at ioloop.c:398 No locals. #8 0x00007f2dfe13ac73 in master_service_run (service=0xf84540, callback=<value optimized out>) at master-service.c:544 No locals. #9 0x00000000004128f1 in main () No symbol table info available. Thanks in advance!!!! -- ------------------------------------------ Ramon Frontera Gallardo Universitat de les Illes Balears El 28/11/2012, a las 23:45, Timo Sirainen escribi?: > On 28.11.2012, at 16.50, Ramon Frontera wrote: > >> Dovecot -n show the correct configuration like you explain. >> The command doveadm -o auth_socket_path=director-userdb quota get -A works fine on the proxy and now assigns host. > > Then doveadm isn't seeing the same configuration as what you're looking at. For example did you restart dovecot since the change? Does this return the correct path? : > > doveconf -m doveadm -f service=doveadm auth_socket_path > >> Now, the problem is that when we execute doveadm -A or doveadm -u *something* the command fails in the mailserver with this error: >> >> dovecot: doveadm: Fatal: master: service(doveadm): child 13482 killed with signal 11 (core dumps disabled) > > I fixed several bugs related to this in hg. I think you hit one of them. > >> This errors occurs when the search finds more than one user. >> When we execute doveadm -u user it works fine >> >> >> I send attached the strace of the mailserver<doveadm.log.zip> > > strace isn't very useful in debugging crashes. gdb backtraces are: http://dovecot.org/bugreport.html > From lists at kokelnet.de Thu Nov 29 16:57:00 2012 From: lists at kokelnet.de (Tobias Hachmer) Date: Thu, 29 Nov 2012 15:57 +0100 Subject: [Dovecot] cmd-vacation.c:4:17: fatal error: lib.h: No such file or directory && ./configure: line 11410: -lssl: command not found Message-ID: <2005376.op1lL5WuKO@tobias-pc> Hello Timo, Building 2.1.11 was ok, but rebuilding pigeonhole 0.3.3 for dovecot 2.1.11 show up the following errors: checking for dovecot-config in "/usr/lib/dovecot"... /usr/lib/dovecot/dovecot- config ./configure: line 11410: -lssl: command not found checking whether OS supports plugin dependencies... yes configure: creating ./config.status config.status: creating Makefile config.status: creating doc/Makefile config.status: creating doc/man/Makefile config.status: creating doc/example-config/Makefile config.status: creating doc/example-config/conf.d/Makefile config.status: creating doc/rfc/Makefile config.status: creating src/Makefile config.status: creating src/lib-sieve/Makefile config.status: creating src/lib-sieve/plugins/Makefile config.status: creating src/lib-sieve/plugins/vacation/Makefile config.status: creating src/lib-sieve/plugins/subaddress/Makefile config.status: creating src/lib-sieve/plugins/comparator-i-ascii- numeric/Makefile config.status: creating src/lib-sieve/plugins/relational/Makefile config.status: creating src/lib-sieve/plugins/regex/Makefile config.status: creating src/lib-sieve/plugins/imap4flags/Makefile config.status: creating src/lib-sieve/plugins/copy/Makefile config.status: creating src/lib-sieve/plugins/include/Makefile config.status: creating src/lib-sieve/plugins/body/Makefile config.status: creating src/lib-sieve/plugins/variables/Makefile config.status: creating src/lib-sieve/plugins/enotify/Makefile config.status: creating src/lib-sieve/plugins/enotify/mailto/Makefile config.status: creating src/lib-sieve/plugins/notify/Makefile config.status: creating src/lib-sieve/plugins/environment/Makefile config.status: creating src/lib-sieve/plugins/mailbox/Makefile config.status: creating src/lib-sieve/plugins/date/Makefile config.status: creating src/lib-sieve/plugins/spamvirustest/Makefile config.status: creating src/lib-sieve/plugins/ihave/Makefile config.status: creating src/lib-sieve/plugins/editheader/Makefile config.status: creating src/lib-sieve/plugins/vnd.dovecot/Makefile config.status: creating src/lib-sieve/plugins/vnd.dovecot/debug/Makefile config.status: creating src/lib-sieve/plugins/vnd.dovecot/duplicate/Makefile config.status: creating src/lib-sieve-tool/Makefile config.status: creating src/lib-sievestorage/Makefile config.status: creating src/lib-managesieve/Makefile config.status: creating src/plugins/Makefile config.status: creating src/plugins/lda-sieve/Makefile config.status: creating src/sieve-tools/Makefile config.status: creating src/managesieve/Makefile config.status: creating src/managesieve-login/Makefile config.status: creating src/testsuite/Makefile config.status: creating stamp.h config.status: creating dummy-config.h config.status: creating pigeonhole-config.h config.status: executing depfiles commands config.status: executing libtool commands dh_testdir # Add here commands to compile the package. /usr/bin/make make[1]: Entering directory `/home/tobias/pighole_test/dovecot-2.1- pigeonhole-0.3.3' /usr/bin/make all-recursive make[2]: Entering directory `/home/tobias/pighole_test/dovecot-2.1- pigeonhole-0.3.3' Making all in src make[3]: Entering directory `/home/tobias/pighole_test/dovecot-2.1- pigeonhole-0.3.3/src' Making all in lib-sieve make[4]: Entering directory `/home/tobias/pighole_test/dovecot-2.1- pigeonhole-0.3.3/src/lib-sieve' Making all in plugins make[5]: Entering directory `/home/tobias/pighole_test/dovecot-2.1- pigeonhole-0.3.3/src/lib-sieve/plugins' Making all in vacation make[6]: Entering directory `/home/tobias/pighole_test/dovecot-2.1- pigeonhole-0.3.3/src/lib-sieve/plugins/vacation' /bin/bash ../../../../libtool --tag=CC --mode=compile x86_64-linux-gnu-gcc - DHAVE_CONFIG_H -I. -I../../../.. -I./../../ -D_FORTIFY_SOURCE=2 -std=gnu99 -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security - Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar- subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict- aliasing=2 -MT cmd-vacation.lo -MD -MP -MF .deps/cmd-vacation.Tpo -c -o cmd- vacation.lo cmd-vacation.c libtool: compile: x86_64-linux-gnu-gcc -DHAVE_CONFIG_H -I. -I../../../.. - I./../../ -D_FORTIFY_SOURCE=2 -std=gnu99 -g -O2 -fstack-protector --param=ssp- buffer-size=4 -Wformat -Wformat-security -Wall -W -Wmissing-prototypes - Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad- function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -MT cmd-vacation.lo - MD -MP -MF .deps/cmd-vacation.Tpo -c cmd-vacation.c -fPIC -DPIC -o .libs/cmd- vacation.o cmd-vacation.c:4:17: fatal error: lib.h: No such file or directory compilation terminated. make[6]: *** [cmd-vacation.lo] Error 1 make[6]: Leaving directory `/home/tobias/pighole_test/dovecot-2.1- pigeonhole-0.3.3/src/lib-sieve/plugins/vacation' make[5]: *** [all-recursive] Error 1 make[5]: Leaving directory `/home/tobias/pighole_test/dovecot-2.1- pigeonhole-0.3.3/src/lib-sieve/plugins' make[4]: *** [all-recursive] Error 1 make[4]: Leaving directory `/home/tobias/pighole_test/dovecot-2.1- pigeonhole-0.3.3/src/lib-sieve' make[3]: *** [all-recursive] Error 1 make[3]: Leaving directory `/home/tobias/pighole_test/dovecot-2.1- pigeonhole-0.3.3/src' make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory `/home/tobias/pighole_test/dovecot-2.1- pigeonhole-0.3.3' make[1]: *** [all] Error 2 make[1]: Leaving directory `/home/tobias/pighole_test/dovecot-2.1- pigeonhole-0.3.3' make: *** [build-stamp] Error 2 my configure options: ./configure --with-dovecot=/usr/lib/dovecot --prefix=/usr --sysconfdir=/etc -- libexecdir=/usr/lib --localstatedir=/var --mandir=/usr/share/man -- infodir=/usr/share/info --with-moduledir=/usr/lib/dovecot/modules Regards, Tobias Hachmer From gilles.chauvin at univ-rouen.fr Thu Nov 29 17:09:35 2012 From: gilles.chauvin at univ-rouen.fr (Gilles Chauvin) Date: Thu, 29 Nov 2012 16:09:35 +0100 Subject: [Dovecot] cmd-vacation.c:4:17: fatal error: lib.h: No such file or directory && ./configure: line 11410: -lssl: command not found In-Reply-To: <2005376.op1lL5WuKO@tobias-pc> References: <2005376.op1lL5WuKO@tobias-pc> Message-ID: <50B77AAF.1080906@univ-rouen.fr> On 29/11/2012 15:57, Tobias Hachmer wrote:> Hello Timo, > > Building 2.1.11 was ok, but rebuilding pigeonhole 0.3.3 for dovecot 2.1.11 > show up the following errors: > > [...] > Hi, Just have a look at: http://www.dovecot.org/list/dovecot/2012-November/069722.html ;). Regards, Gilles.-- ========================================================= Gilles CHAUVIN P?le Syst?me Direction des Syst?mes d'information et de l'Informatique Universit? de Rouen B?timent 16 - IRESE-B Place ?mile Blondel 76821 MONT-SAINT-AIGNAN CEDEX ? http://goo.gl/cYgtX T?l: +33 (0)2 35 14 82 92 Fax: +33 (0)2 35 14 64 64 Mail fonc: systeme at univ-rouen.fr Mail pers: gilles.chauvin at univ-rouen.fr ========================================================= From lists at kokelnet.de Thu Nov 29 17:14:05 2012 From: lists at kokelnet.de (Tobias Hachmer) Date: Thu, 29 Nov 2012 16:14:05 +0100 Subject: [Dovecot] cmd-vacation.c:4:17: fatal error: lib.h: No such file or directory && ./configure: line 11410: -lssl: command not found In-Reply-To: <50B77AAF.1080906@univ-rouen.fr> References: <2005376.op1lL5WuKO@tobias-pc> <50B77AAF.1080906@univ-rouen.fr> Message-ID: <16123573.A1ZQnkdqxL@tobias-pc> On Thursday 29 November 2012 16:09:35 Gilles Chauvin wrote: > Just have a look at: > http://www.dovecot.org/list/dovecot/2012-November/069722.html ;). Yeah, I saw your post. But Timo asked for another possible errors. I don't know if this error belongs to your error: cmd-vacation.c:4:17: fatal error: lib.h: No such file or directory That's why I posted this. Greetz, Tobias Hachmer From gilles.chauvin at univ-rouen.fr Thu Nov 29 17:18:14 2012 From: gilles.chauvin at univ-rouen.fr (Gilles Chauvin) Date: Thu, 29 Nov 2012 16:18:14 +0100 Subject: [Dovecot] cmd-vacation.c:4:17: fatal error: lib.h: No such file or directory && ./configure: line 11410: -lssl: command not found In-Reply-To: <16123573.A1ZQnkdqxL@tobias-pc> References: <2005376.op1lL5WuKO@tobias-pc> <50B77AAF.1080906@univ-rouen.fr> <16123573.A1ZQnkdqxL@tobias-pc> Message-ID: <50B77CB6.5090009@univ-rouen.fr> On 29/11/2012 16:14, Tobias Hachmer wrote: > On Thursday 29 November 2012 16:09:35 Gilles Chauvin wrote: >> Just have a look at: >> http://www.dovecot.org/list/dovecot/2012-November/069722.html ;). > > Yeah, I saw your post. But Timo asked for another possible errors. I don't > know if this error belongs to your error: > > cmd-vacation.c:4:17: fatal error: lib.h: No such file or directory > > That's why I posted this. > > Greetz, > Tobias Hachmer > Tobias, The post I linked above wasn't my post but I had the exact same problem this morning while trying to compile pigeonhole against dovecot 2.1.11. Manually adding the quotes in the dovecot-config file fixed the issue for me. Regards, Gilles. From lists at kokelnet.de Thu Nov 29 17:38:44 2012 From: lists at kokelnet.de (Tobias Hachmer) Date: Thu, 29 Nov 2012 16:38:44 +0100 Subject: [Dovecot] cmd-vacation.c:4:17: fatal error: lib.h: No such file or directory && ./configure: line 11410: -lssl: command not found In-Reply-To: <50B77CB6.5090009@univ-rouen.fr> References: <2005376.op1lL5WuKO@tobias-pc> <16123573.A1ZQnkdqxL@tobias-pc> <50B77CB6.5090009@univ-rouen.fr> Message-ID: <2382092.SW9rUM1cA3@tobias-pc> On Thursday 29 November 2012 16:18:14 Gilles Chauvin wrote: > The post I linked above wasn't my post but I had the exact same problem > this morning while trying to compile pigeonhole against dovecot 2.1.11. > Manually adding the quotes in the dovecot-config file fixed the issue > for me. Oh, sorry, I will test, thanks! Regards, Tobias Hachmer From johnsone at usc.edu Thu Nov 29 17:42:44 2012 From: johnsone at usc.edu (Erik A Johnson) Date: Thu, 29 Nov 2012 07:42:44 -0800 Subject: [Dovecot] imap-login hanging when firewall blocks ssl handshaking In-Reply-To: <AED7EBF0-A31F-4171-88DC-F07463A9E0B1@usc.edu> References: <B7D3B051-AEFD-42CD-87DC-60764AF401D4@usc.edu> <8EDD59BD-AC4B-442F-B148-285BC368B49B@iki.fi> <AED7EBF0-A31F-4171-88DC-F07463A9E0B1@usc.edu> Message-ID: <43B7D59A-BEE2-4954-862D-6B8DF521EB38@usc.edu> No, the test to bug out doesn't work because net_geterror(proxy->fd_ssl) returns 0 in the statement if (!proxy->client_proxy && net_geterror(proxy->fd_ssl) == ENOTCONN) { However, errno is indeed ENOTCONN. Changing the test to if (!proxy->client_proxy && errno == ENOTCONN) { does do the job (i.e., stopping the process with the "syscall failed" error message), though I'm sure I don't understand the ins and outs well enough to know if that is an appropriate test. The full log line is: Nov 29 07:39:14 SERVER dovecot[24362]: imap-login: Disconnected (disconnected before greeting, waited 0 secs): user=<>, rip=CLIENTIP, lip=SERVERIP, TLS handshaking: SSL_accept() syscall failed: Socket is not connected, session=<d5DNFaTP8QAKAAFi> Thoughts? On Nov 28, 2012, at 10:18PM PST, Timo Sirainen <tss at iki.fi> wrote: > This is either OSX bug or OpenSSL bug.. Apparently what happens is: > > 1. Client sends SYN packet to Dovecot > 2. Dovecot accept()s the connection (sends SYN-ACK) and goes into OpenSSL code > 3. Client doesn't send ACK to Dovecot. Does it send RST or nothing or something else? I don't know. > 4. OSX notices anyway that something is wrong with the socket, and kqueue says that the socket is ready for reading > 5. OpenSSL read()s, which fails with ENOTCONN. But OpenSSL thinks this is a non-fatal error and simply asks to be notified again when something can be read > 6. goto 4 > > So, whose bug is it? OpenSSL's ENOTCONN handling probably makes sense for client connections where connect() hasn't finished yet. But then again, this is accept()ed connection where it typically should fail like that. Except I guess it might be correct behavior if read() is done after SYN-ACK but before receiving ACK. > > While OSX is receiving ACK from the client, it shouldn't say that the fd is readable. It probably doesn't. But after it receives <something> it realizes that the socket is disconnected. So read() probably shouldn't be returning ENOTCONN anymore at this point, but instead ECONNRESET or ETIMEDOUT. > > See if the attached patch helps. > > > On 29.11.2012, at 7.45, Erik A Johnson wrote: >> Here's the log: >> >> Nov 28 21:28:11 macbookpro-e17d.home dovecot[54139]: master: Dovecot v2.1.10 starting up (core dumps disabled) >> Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: ssl_step() >> Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: ssl_handshake: SSL_accept()=-1 >> Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: SSL_get_error() = 2 >> Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: - want_read >> Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: ssl_set_io(0) >> [last 5 lines are repeated until process is killed] >> >> On Nov 26, 2012, as 11:38PM PST, Timo Sirainen <tss at iki.fi> wrote: >>> >>> Could you try with the attached patch, and with only the problematic >>> client running? What does it log (the beginning of the session until it >>> starts repeating the same lines)? >>> >>> On 10.11.2012, at 12.44, Erik A Johnson wrote: >>>> imap-login processes are hanging (using 100% of CPU) when connected from a client that is partially blocked by a firewall. It appears that imap-login is stuck in a loop trying to complete an ssl handshake. imap-login is working fine for other clients not blocked by the firewall (including localhost). >>>> >>>> This is dovecot 2.1.10 under Mac OS X 10.8.2 (compiled from sources); the firewall is Little Snitch 3.0.1 blocking port 993, which appears to let the connection initiate but then squashes and disconnects the socket during ssl handshaking. >>>> >>>> gdb backtrace and Activity Monitor's "Sample Process" show that imap-login is stuck calling ioloop-kqueue's io_loop_handler_run -> io_loop_call_io -> ssl_step repeatedly; dtruss shows that it is repeatedly making system calls to kevent and read, the latter returning -1 with errno 57=ENOTCONN="Socket is not connected". (I also tried ./configure --with-ioloop=poll and --with-iopoll=select instead of the default best = kqueue but the results were the same; --with-iopoll=epoll didn't work because epoll is not available on this machine.) The client, initiated by the command "openssl s_client -connect SERVER:993", first responds "CONNECTED(00000003)" but then immediately the error "60278:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:/SourceCache/OpenSSL098/OpenSSL098-44/src/ssl/s23_lib.c:182:". The infinite loop is in src/lib/ioloop.c in the function "io_loop_run" where the statement "while (ioloop->running) io_loop_handler_run(ioloop)" is executed. > > From tss at iki.fi Thu Nov 29 22:43:42 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 29 Nov 2012 22:43:42 +0200 Subject: [Dovecot] imap-login hanging when firewall blocks ssl handshaking In-Reply-To: <43B7D59A-BEE2-4954-862D-6B8DF521EB38@usc.edu> References: <B7D3B051-AEFD-42CD-87DC-60764AF401D4@usc.edu> <8EDD59BD-AC4B-442F-B148-285BC368B49B@iki.fi> <AED7EBF0-A31F-4171-88DC-F07463A9E0B1@usc.edu> <43B7D59A-BEE2-4954-862D-6B8DF521EB38@usc.edu> Message-ID: <D3941117-A149-47BB-9E4E-E82631FC04F0@iki.fi> On 29.11.2012, at 17.42, Erik A Johnson wrote: > No, the test to bug out doesn't work because net_geterror(proxy->fd_ssl) returns 0 in the statement > > if (!proxy->client_proxy && > net_geterror(proxy->fd_ssl) == ENOTCONN) { > > However, errno is indeed ENOTCONN. Changing the test to > > if (!proxy->client_proxy && > errno == ENOTCONN) { This change isn't very reliable, since the previous call might not have been read().. I wonder if something like would work: if (!proxy->client && read(proxy->fd_ssl, &err, 0) < 0 && errno == ENOTCONN) { From ben at morrow.me.uk Fri Nov 30 00:12:18 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Thu, 29 Nov 2012 22:12:18 +0000 Subject: [Dovecot] imap-login hanging when firewall blocks ssl handshaking In-Reply-To: <D3941117-A149-47BB-9E4E-E82631FC04F0@iki.fi> References: <B7D3B051-AEFD-42CD-87DC-60764AF401D4@usc.edu> <8EDD59BD-AC4B-442F-B148-285BC368B49B@iki.fi> <AED7EBF0-A31F-4171-88DC-F07463A9E0B1@usc.edu> <43B7D59A-BEE2-4954-862D-6B8DF521EB38@usc.edu> <D3941117-A149-47BB-9E4E-E82631FC04F0@iki.fi> Message-ID: <20121129221217.GL76138@anubis.morrow.me.uk> At 10PM +0200 on 29/11/12 Timo Sirainen wrote: > On 29.11.2012, at 17.42, Erik A Johnson wrote: > > > No, the test to bug out doesn't work because net_geterror(proxy->fd_ssl) returns 0 in the statement > > > > if (!proxy->client_proxy && > > net_geterror(proxy->fd_ssl) == ENOTCONN) { > > > > However, errno is indeed ENOTCONN. Changing the test to > > > > if (!proxy->client_proxy && > > errno == ENOTCONN) { > > This change isn't very reliable, since the previous call might not > have been read().. I wonder if something like would work: > > if (!proxy->client && read(proxy->fd_ssl, &err, 0) < 0 && errno == ENOTCONN) { How about calling getpeername on fd_ssl? That should reliably tell you if the socket is connected or not. http://cr.yp.to/docs/connect.html suggests that read is not always a reliable test for that. Ben From tss at iki.fi Fri Nov 30 00:39:51 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 30 Nov 2012 00:39:51 +0200 Subject: [Dovecot] imap-login hanging when firewall blocks ssl handshaking In-Reply-To: <20121129221217.GL76138@anubis.morrow.me.uk> References: <B7D3B051-AEFD-42CD-87DC-60764AF401D4@usc.edu> <8EDD59BD-AC4B-442F-B148-285BC368B49B@iki.fi> <AED7EBF0-A31F-4171-88DC-F07463A9E0B1@usc.edu> <43B7D59A-BEE2-4954-862D-6B8DF521EB38@usc.edu> <D3941117-A149-47BB-9E4E-E82631FC04F0@iki.fi> <20121129221217.GL76138@anubis.morrow.me.uk> Message-ID: <E5427A32-1E02-48E6-9B8B-FA7A70960688@iki.fi> On 30.11.2012, at 0.12, Ben Morrow wrote: >> This change isn't very reliable, since the previous call might not >> have been read().. I wonder if something like would work: >> >> if (!proxy->client && read(proxy->fd_ssl, &err, 0) < 0 && errno == ENOTCONN) { > > How about calling getpeername on fd_ssl? That should reliably tell you > if the socket is connected or not. http://cr.yp.to/docs/connect.html > suggests that read is not always a reliable test for that. Yes, that sounds like it would work better: if (!proxy->client && net_getpeername(proxy->fd_ssl, NULL, NULL) < 0 && errno == ENOTCONN) { From tss at iki.fi Fri Nov 30 03:17:29 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 30 Nov 2012 03:17:29 +0200 Subject: [Dovecot] Dovecot director doveadm with switch "-A" error In-Reply-To: <0202B7EE-0411-46BA-ACF2-6C378C7443B4@uib.es> References: <453DDEEC-1372-40D2-ADD5-00F56904C52A@uib.es> <B528BA8C-9575-4C3C-B154-F243252B4B6F@iki.fi> <8874EC16-C9A2-4689-91E6-71453FF6ED65@uib.es> <1354065305.2844.30.camel@innu> <E7FBFA98-4819-4D82-A82E-86455EEAD055@uib.es> <1E3289A4-6787-4743-B3F2-D098C6748271@iki.fi> <0202B7EE-0411-46BA-ACF2-6C378C7443B4@uib.es> Message-ID: <1F75A354-F909-4BAB-8843-1821332BFC12@iki.fi> On 29.11.2012, at 16.22, Ramon Frontera wrote: > Now we have found 3 problems with doveadm on proxy server: > > 1 problem: > In our configuration we have: > protocol doveadm { > auth_socket_path = director-userdb > } > > I have executed this: > # doveconf -m doveadm -f service=doveadm auth_socket_path > auth_socket_path = director-userdb > > Now when We execute doveadm quota get -A > we have this error: > doveadm(user1): Error: /var/run/dovecot//auth-userdb: Proxy is missing destination host (maybe set auth_socket_path=director-userdb) > doveadm: Error: Failed to iterate through some users > > with "-o auth_socket_path=director-userdb " it works for the early users. That's strange. I don't really have any ideas left how to debug it easily. > 2 problem > when we execute doveadm -o auth_socket_path=director-userdb quota get -A it works for the early users and then return this error on proxy: > > doveadm(userabc): Fatal: table formatter doesn't support multi-line values Oh. Hmm. I see the problem.. I'll fix it later. For now you could change the formatter with doveadm -f tab or -f flow > 3 problem > I have tested other doveadm command on proxy wich also fails: > > # doveadm -o auth_socket_path=director-userdb search -u user mailbox Trash savedbefore 1d > > on proxy we have this error: " doveadm(user): Error: xx.xx.xx.xx:24245: Internal failure for user" > on mailserver we have this error: "doveadm: Fatal: master: service(doveadm): child 22171 killed with signal 11 (core dumps disabled)" > > I put the gdm bt output hope it help you. (mailserver) > > #0 auth_master_user_list_next (ctx=0x0) at auth-master.c:680 > No locals. > #1 0x00007f2dfe414f23 in mail_storage_service_all_next (ctx=0xf92900, > username_r=0x7fff4306cab8) at mail-storage-service.c:1215 > __FUNCTION__ = "mail_storage_service_all_next" > #2 0x00007f2dfd0b0ed2 in doveadm_expire_mail_init (ctx=0xf89020) > at doveadm-expire.c:420 This should fix it: http://hg.dovecot.org/dovecot-2.1/rev/75dc4cb4bfe0 From dmiller at amfes.com Fri Nov 30 07:32:05 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Thu, 29 Nov 2012 21:32:05 -0800 Subject: [Dovecot] Tcpflow capture In-Reply-To: <41FE2822-B20E-4219-9710-3B0815D96767@iki.fi> References: <50B64243.3090708@amfes.com> <D135A531-7D64-4ACF-9B70-6E257B0739CE@iki.fi> <50B6E458.2060707@amfes.com> <0155E88D-B115-4D63-A134-A69FF13E26E0@iki.fi> <50B6F6FA.4050208@amfes.com> <2F5AA701-1C65-4406-A000-4FBC4502E45B@iki.fi> <50B7880A.6080205@amfes.com> <41FE2822-B20E-4219-9710-3B0815D96767@iki.fi> Message-ID: <assp.0681f97e83.50B844D5.4050705@amfes.com> On 11/29/2012 12:49 PM, Timo Sirainen wrote: > On 29.11.2012, at 18.06, Daniel L. Miller wrote: > >> On 11/28/2012 10:37 PM, Timo Sirainen wrote: >>> On 29.11.2012, at 7.47, Daniel L. Miller wrote: >>> >>>>> doveadm fetch text -u amiller at amfes.com mailbox-guid a47e4e264aa1c94cc35100003bc41c5f uid 12891 >>>>> >>>> The result of that, when adding a "> test", generates a 11 byte file. >>>> >>>> Hexedit shows me that as: >>>> 74 65 78 74 3A 0A 1F 8B 08 0C 0A >>>> >>>> Otherwise a simple 'less' give me: >>>> text: >>>> ^_<8B>^H^L >>>> >>>> Does this tell you anything? >>> First of all it tells me that you either have some very corrupted messages in your mailbox, or you have some compressed messages but without zlib plugin enabled. >> 10-mail.conf - mail_plugins = fts fts_solr acl >> 15-lda.conf - mail_plugins = $mail_plugins sieve >> 20-imap.conf - mail_plugins = $mail_plugins zlib imap_acl >> 20-lmtp.conf - mail_plugins = $mail_plugins sieve > OK, so all of the compressed mails will be indexed as garbage. > >> My intent was to be able to read zlib mails, but not write new ones. I may change this to just have zlib in 10-mail and start writing compressed. Unless this is/will cause corruption. > Enabling zlib plugin doesn't enable compression on writing. plugin { zlib_save=yes } is required for that. > I (hopefully) fixed my config - put 'zlib' into 10-mail.conf and removed it from the others. Re-indexing is now good on some mailboxes that were broken before - but I still have a fault on others. -- Daniel From dmiller at amfes.com Fri Nov 30 07:57:02 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Thu, 29 Nov 2012 21:57:02 -0800 Subject: [Dovecot] Tcpflow capture In-Reply-To: <50B844D5.4050705@amfes.com> References: <50B64243.3090708@amfes.com> <D135A531-7D64-4ACF-9B70-6E257B0739CE@iki.fi> <50B6E458.2060707@amfes.com> <0155E88D-B115-4D63-A134-A69FF13E26E0@iki.fi> <50B6F6FA.4050208@amfes.com> <2F5AA701-1C65-4406-A000-4FBC4502E45B@iki.fi> <50B7880A.6080205@amfes.com> <41FE2822-B20E-4219-9710-3B0815D96767@iki.fi> <50B844D5.4050705@amfes.com> Message-ID: <assp.16818e0f90.50B84AAE.8080905@amfes.com> On 11/29/2012 9:32 PM, Daniel L. Miller wrote: > > I (hopefully) fixed my config - put 'zlib' into 10-mail.conf and > removed it from the others. Re-indexing is now good on some mailboxes > that were broken before - but I still have a fault on others. > Using the tcpflow dump, I found a couple bad messages that I didn't care about storing - so I deleted them. Then, after no change - I remembered to do a "compact" in my MUA. That cleared up one mailbox - then dovecot complained about various errors & corruption on another mailbox. So I'll start a new thread for that as it looks like the solr interface is now good! -- Daniel From dmiller at amfes.com Fri Nov 30 08:03:36 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Thu, 29 Nov 2012 22:03:36 -0800 Subject: [Dovecot] mdbox corruption Message-ID: <assp.06814fa592.50B84C38.2020500@amfes.com> Trying to clean up the last of the corruption caused by my own stupidity. I now have two mailboxes for one user that give errors such as: doveadm(fax at amfes.com): Error: zlib.read(/var/mail/amfes.com/fax/mdbox/storage/m.9): gz trailer has wrong CRC value at 20065618 doveadm(fax at amfes.com): Error: read(/var/mail/amfes.com/fax/mdbox/storage/m.9) failed: Invalid argument (uid=238) doveadm(fax at amfes.com): Error: zlib.read(/var/mail/amfes.com/fax/mdbox/storage/m.9): corrupted data at 20145217 [...] doveadm(fax at amfes.com): Error: read(/var/mail/amfes.com/fax/mdbox/storage/m.20) failed: Invalid argument (uid=5155) doveadm(fax at amfes.com): Error: zlib.read(/var/mail/amfes.com/fax/mdbox/storage/m.20): corrupted data at 24779604 doveadm(fax at amfes.com): Error: Cached message size smaller than expected (1259 < 1260) doveadm(fax at amfes.com): Error: Corrupted index cache file /var/mail/amfes.com/fax/mdbox/mailboxes/INBOX/2010/dbox-Mails/dovecot.index.cache: Broken physical size for mail UID 5158 'doveadm force-resync' does not appear to fix these. There appear to be only the two mdbox files affected and I see about 40 errors. I would prefer to salvage as much as possible of these. What options do I have? Do a dsync to another location and take whatever I get? -- Daniel From tss at iki.fi Fri Nov 30 08:09:03 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 30 Nov 2012 08:09:03 +0200 Subject: [Dovecot] Tcpflow capture In-Reply-To: <assp.16818e0f90.50B84AAE.8080905@amfes.com> References: <50B64243.3090708@amfes.com> <D135A531-7D64-4ACF-9B70-6E257B0739CE@iki.fi> <50B6E458.2060707@amfes.com> <0155E88D-B115-4D63-A134-A69FF13E26E0@iki.fi> <50B6F6FA.4050208@amfes.com> <2F5AA701-1C65-4406-A000-4FBC4502E45B@iki.fi> <50B7880A.6080205@amfes.com> <41FE2822-B20E-4219-9710-3B0815D96767@iki.fi> <50B844D5.4050705@amfes.com> <assp.16818e0f90.50B84AAE.8080905@amfes.com> Message-ID: <25C2B424-F8D5-4C8E-86C0-3131F95FBF91@iki.fi> On 30.11.2012, at 7.57, Daniel L. Miller wrote: > On 11/29/2012 9:32 PM, Daniel L. Miller wrote: >> >> I (hopefully) fixed my config - put 'zlib' into 10-mail.conf and removed it from the others. Re-indexing is now good on some mailboxes that were broken before - but I still have a fault on others. >> > Using the tcpflow dump, I found a couple bad messages that I didn't care about storing - so I deleted them. Then, after no change - I remembered to do a "compact" in my MUA. That cleared up one mailbox - then dovecot complained about various errors & corruption on another mailbox. So I'll start a new thread for that as it looks like the solr interface is now good! Well, there is still bug somewhere if Dovecot can cause Solr to fail.. I just can't figure out how that could happen. From tss at iki.fi Fri Nov 30 08:10:47 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 30 Nov 2012 08:10:47 +0200 Subject: [Dovecot] mdbox corruption In-Reply-To: <assp.06814fa592.50B84C38.2020500@amfes.com> References: <assp.06814fa592.50B84C38.2020500@amfes.com> Message-ID: <DFF9836F-AE6A-4639-A126-322A66A8DC4C@iki.fi> On 30.11.2012, at 8.03, Daniel L. Miller wrote: > Trying to clean up the last of the corruption caused by my own stupidity. I now have two mailboxes for one user that give errors such as: > > doveadm(fax at amfes.com): Error: zlib.read(/var/mail/amfes.com/fax/mdbox/storage/m.9): gz trailer has wrong CRC value at 20065618 > doveadm(fax at amfes.com): Error: read(/var/mail/amfes.com/fax/mdbox/storage/m.9) failed: Invalid argument (uid=238) > doveadm(fax at amfes.com): Error: zlib.read(/var/mail/amfes.com/fax/mdbox/storage/m.9): corrupted data at 20145217 > [...] > doveadm(fax at amfes.com): Error: read(/var/mail/amfes.com/fax/mdbox/storage/m.20) failed: Invalid argument (uid=5155) > doveadm(fax at amfes.com): Error: zlib.read(/var/mail/amfes.com/fax/mdbox/storage/m.20): corrupted data at 24779604 > doveadm(fax at amfes.com): Error: Cached message size smaller than expected (1259 < 1260) > doveadm(fax at amfes.com): Error: Corrupted index cache file /var/mail/amfes.com/fax/mdbox/mailboxes/INBOX/2010/dbox-Mails/dovecot.index.cache: Broken physical size for mail UID 5158 > > 'doveadm force-resync' does not appear to fix these. There appear to be only the two mdbox files affected and I see about 40 errors. I would prefer to salvage as much as possible of these. What options do I have? Do a dsync to another location and take whatever I get? There are no tools to fix broken compressed mails. I guess if dsync doesn't stop in the middle that would work. If it does stop, you'd need to figure out which messages those are (with doveadm dump) and delete them. From dmiller at amfes.com Fri Nov 30 08:18:13 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Thu, 29 Nov 2012 22:18:13 -0800 Subject: [Dovecot] Tcpflow capture In-Reply-To: <25C2B424-F8D5-4C8E-86C0-3131F95FBF91@iki.fi> References: <50B64243.3090708@amfes.com> <D135A531-7D64-4ACF-9B70-6E257B0739CE@iki.fi> <50B6E458.2060707@amfes.com> <0155E88D-B115-4D63-A134-A69FF13E26E0@iki.fi> <50B6F6FA.4050208@amfes.com> <2F5AA701-1C65-4406-A000-4FBC4502E45B@iki.fi> <50B7880A.6080205@amfes.com> <41FE2822-B20E-4219-9710-3B0815D96767@iki.fi> <50B844D5.4050705@amfes.com> <50B84AAE.8080905@amfes.com> <25C2B424-F8D5-4C8E-86C0-3131F95FBF91@iki.fi> Message-ID: <assp.168101c61b.50B84FA5.9070907@amfes.com> On 11/29/2012 10:09 PM, Timo Sirainen wrote: > On 30.11.2012, at 7.57, Daniel L. Miller wrote: > >> On 11/29/2012 9:32 PM, Daniel L. Miller wrote: >>> I (hopefully) fixed my config - put 'zlib' into 10-mail.conf and removed it from the others. Re-indexing is now good on some mailboxes that were broken before - but I still have a fault on others. >>> >> Using the tcpflow dump, I found a couple bad messages that I didn't care about storing - so I deleted them. Then, after no change - I remembered to do a "compact" in my MUA. That cleared up one mailbox - then dovecot complained about various errors & corruption on another mailbox. So I'll start a new thread for that as it looks like the solr interface is now good! > Well, there is still bug somewhere if Dovecot can cause Solr to fail.. I just can't figure out how that could happen. > At this moment, after your last bugfix and my correct plugin config - Solr no longer crashes. Dovecot complains about the corruption - but it never hits solr. Now, I suppose I could break my config again to see if reading compressed mails without zlib enabled still outputs garbage to Solr... -- Daniel From hostmaster at taunusstein.net Fri Nov 30 08:35:08 2012 From: hostmaster at taunusstein.net (Christian Felsing) Date: Fri, 30 Nov 2012 07:35:08 +0100 Subject: [Dovecot] v2.1.11 released In-Reply-To: <1354171474.13277.5.camel@hurina> References: <1354171474.13277.5.camel@hurina> Message-ID: <50B8539C.5000507@taunusstein.net> Hi, seems v2.1.11 has broken Pigeonhole 0.3.3 Christian Am 29.11.2012 07:44, schrieb Timo Sirainen: > http://dovecot.org/releases/2.1/dovecot-2.1.11.tar.gz > http://dovecot.org/releases/2.1/dovecot-2.1.11.tar.gz.sig > > * lmtp/lda: dovecot.index.cache file is no longer fully mapped to > memory, allowing mail deliveries to work even if the file is huge. > * auth: userdb passwd lookups are now done by auth worker processes > instead of auth master process (as it was documented, but > accidentally didn't work that way). > > + lmtp: lmtp_rcpt_check_quota=yes setting checks quota on RCPT TO. > - lmtp: After successful proxying RCPT TO, the next one to a > nonexistent user gave tempfail error instead of "user not found". > - lmtp proxy: Fixed hanging if remote server was down. > - imap: Fixed crash when SEARCH contained multiple KEYWORD parameters. > - doveadm: Various fixes to handling doveadm-server connections. > - -i <instance name> parameter for Dovecot tools didn't work correctly. > - director was somewhat broken in v2.1.10. This version also includes > various reliability enhancements. > - auth: passdb imap was broken in v2.1.10. > > > From tss at iki.fi Fri Nov 30 09:01:10 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 30 Nov 2012 09:01:10 +0200 Subject: [Dovecot] v2.1.12 released Message-ID: <1354258870.2844.32.camel@innu> http://dovecot.org/releases/2.1/dovecot-2.1.12.tar.gz http://dovecot.org/releases/2.1/dovecot-2.1.12.tar.gz.sig The dovecot-config file installed by v2.1.11 was missing quotes, which broke building Pigeonhole. This release fixes that. From stsiol at yahoo.co.uk Fri Nov 30 10:13:07 2012 From: stsiol at yahoo.co.uk (Spyros Tsiolis) Date: Fri, 30 Nov 2012 08:13:07 +0000 (GMT) Subject: [Dovecot] v2.1.12 released In-Reply-To: <1354258870.2844.32.camel@innu> References: <1354258870.2844.32.camel@innu> Message-ID: <1354263187.38918.YahooMailNeo@web132203.mail.ird.yahoo.com> >________________________________ > From: Timo Sirainen <tss at iki.fi> >To: dovecot-news at dovecot.org; dovecot at dovecot.org >Sent: Friday, 30 November 2012, 9:01 >Subject: [Dovecot] v2.1.12 released > >http://dovecot.org/releases/2.1/dovecot-2.1.12.tar.gz >http://dovecot.org/releases/2.1/dovecot-2.1.12.tar.gz.sig > >The dovecot-config file installed by v2.1.11 was missing quotes, which >broke building Pigeonhole. This release fixes that. > Wow ! Boy you're fast ! s. ---- "I merely function as a channel that filters music through the chaos of noise" - Vangelis From lists at kokelnet.de Fri Nov 30 10:30:28 2012 From: lists at kokelnet.de (Tobias Hachmer) Date: Fri, 30 Nov 2012 09:30:28 +0100 Subject: [Dovecot] 2.1.12 - Pigeonhole 0.3.3 build failed: /usr/bin/ld: cannot find -lssl -lcrypto Message-ID: <2172377.X0VnGmhlpd@tobias-pc> Hello list, Although timos bugfix release this morning I can't build pigeonhole 0.3.3 for dovecot 2.1.12 successfully. I don't know if it is a new bug or if I do something wrong but with dovecot 2.1.10 all worked fine, with the same configure options. configure options (out of debian/rules for building debian package): ./configure --with-dovecot=/usr/lib/dovecot \ --host=$(DEB_HOST_GNU_TYPE) \ --build=$(DEB_BUILD_GNU_TYPE) \ --prefix=/usr \ --sysconfdir=/etc \ --libexecdir=\$${prefix}/lib \ --localstatedir=/var \ --mandir=\$${prefix}/share/man \ --infodir=\$${prefix}/share/info \ --with-moduledir=\$${prefix}/lib/dovecot/modules buildlogextraction with error, the full log is available here: https://launchpadlibrarian.net/124478979/buildlog_ubuntu-precise- amd64.dovecot-2.1-pigeonhole_0.3.3-7~kokelnet~precise_FAILEDTOBUILD.txt.gz Thanks in advance for any help, Tobias Hachmer Making all in lib-sieve-tool make[4]: Entering directory `/build/buildd/dovecot-2.1- pigeonhole-0.3.3/src/lib-sieve-tool' /bin/bash ../../libtool --tag=CC --mode=compile x86_64-linux-gnu-gcc - DHAVE_CONFIG_H -I. -I../.. -I../../src/lib-sieve -I/usr/include/dovecot - D_FORTIFY_SOURCE=2 -std=gnu99 -g -O2 -fstack-protector --param=ssp-buffer- size=4 -Wformat -Wformat-security -Wall -W -Wmissing-prototypes -Wmissing- declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -MT sieve-tool.lo -MD -MP -MF .deps/sieve-tool.Tpo -c -o sieve-tool.lo sieve-tool.c libtool: compile: x86_64-linux-gnu-gcc -DHAVE_CONFIG_H -I. -I../.. - I../../src/lib-sieve -I/usr/include/dovecot -D_FORTIFY_SOURCE=2 -std=gnu99 -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security - Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar- subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict- aliasing=2 -MT sieve-tool.lo -MD -MP -MF .deps/sieve-tool.Tpo -c sieve-tool.c -fPIC -DPIC -o .libs/sieve-tool.o libtool: compile: x86_64-linux-gnu-gcc -DHAVE_CONFIG_H -I. -I../.. - I../../src/lib-sieve -I/usr/include/dovecot -D_FORTIFY_SOURCE=2 -std=gnu99 -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security - Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar- subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict- aliasing=2 -MT sieve-tool.lo -MD -MP -MF .deps/sieve-tool.Tpo -c sieve-tool.c -o sieve-tool.o >/dev/null 2>&1 mv -f .deps/sieve-tool.Tpo .deps/sieve-tool.Plo /bin/bash ../../libtool --tag=CC --mode=compile x86_64-linux-gnu-gcc - DHAVE_CONFIG_H -I. -I../.. -I../../src/lib-sieve -I/usr/include/dovecot - D_FORTIFY_SOURCE=2 -std=gnu99 -g -O2 -fstack-protector --param=ssp-buffer- size=4 -Wformat -Wformat-security -Wall -W -Wmissing-prototypes -Wmissing- declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -MT mail-raw.lo -MD -MP -MF .deps/mail-raw.Tpo -c -o mail-raw.lo mail-raw.c libtool: compile: x86_64-linux-gnu-gcc -DHAVE_CONFIG_H -I. -I../.. - I../../src/lib-sieve -I/usr/include/dovecot -D_FORTIFY_SOURCE=2 -std=gnu99 -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security - Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar- subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict- aliasing=2 -MT mail-raw.lo -MD -MP -MF .deps/mail-raw.Tpo -c mail-raw.c -fPIC -DPIC -o .libs/mail-raw.o libtool: compile: x86_64-linux-gnu-gcc -DHAVE_CONFIG_H -I. -I../.. - I../../src/lib-sieve -I/usr/include/dovecot -D_FORTIFY_SOURCE=2 -std=gnu99 -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security - Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar- subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict- aliasing=2 -MT mail-raw.lo -MD -MP -MF .deps/mail-raw.Tpo -c mail-raw.c -o mail-raw.o >/dev/null 2>&1 mv -f .deps/mail-raw.Tpo .deps/mail-raw.Plo /bin/bash ../../libtool --tag=CC --mode=link x86_64-linux-gnu-gcc - std=gnu99 -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat- security -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime - Wstrict-aliasing=2 -Wl,-Bsymbolic-functions -Wl,-z,relro -o libsieve-tool.la sieve-tool.lo mail-raw.lo -lrt libtool: link: ar cru .libs/libsieve-tool.a .libs/sieve-tool.o .libs/mail- raw.o libtool: link: ranlib .libs/libsieve-tool.a libtool: link: ( cd ".libs" && rm -f "libsieve-tool.la" && ln -s "../libsieve- tool.la" "libsieve-tool.la" ) make[4]: Leaving directory `/build/buildd/dovecot-2.1- pigeonhole-0.3.3/src/lib-sieve-tool' Making all in sieve-tools make[4]: Entering directory `/build/buildd/dovecot-2.1- pigeonhole-0.3.3/src/sieve-tools' x86_64-linux-gnu-gcc -DHAVE_CONFIG_H -I. -I../.. -I../../src/lib-sieve - I../../src/lib-sieve-tool -I./debug -I/usr/include/dovecot - D_FORTIFY_SOURCE=2 -std=gnu99 -g -O2 -fstack-protector --param=ssp-buffer- size=4 -Wformat -Wformat-security -Wall -W -Wmissing-prototypes -Wmissing- declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -MT sievec.o -MD -MP -MF .deps/sievec.Tpo -c -o sievec.o sievec.c mv -f .deps/sievec.Tpo .deps/sievec.Po /bin/bash ../../libtool --tag=CC --mode=link x86_64-linux-gnu-gcc - std=gnu99 -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat- security -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime - Wstrict-aliasing=2 -export-dynamic -Wl,-Bsymbolic-functions -Wl,-z,relro -o sievec sievec.o ../../src/lib-sieve/libdovecot-sieve.la ../../src/lib-sieve- tool/libsieve-tool.la -ldovecot-storage -lssl -lcrypto -ldovecot-lda - L/usr/lib/dovecot -ldovecot -lrt libtool: link: x86_64-linux-gnu-gcc -std=gnu99 -g -O2 -fstack-protector -- param=ssp-buffer-size=4 -Wformat -Wformat-security -Wall -W -Wmissing- prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -Wl,-Bsymbolic- functions -Wl,-z -Wl,relro -o .libs/sievec sievec.o -Wl,--export-dynamic ../../src/lib-sieve/.libs/libdovecot-sieve.so ../../src/lib-sieve- tool/.libs/libsieve-tool.a /usr/lib/dovecot/libdovecot-storage.so -lssl - lcrypto /usr/lib/dovecot/libdovecot-lda.so -L/usr/lib/dovecot /usr/lib/dovecot/libdovecot.so -lrt -Wl,-rpath -Wl,/usr/lib/dovecot /usr/bin/ld: cannot find -lssl /usr/bin/ld: cannot find -lcrypto collect2: ld returned 1 exit status make[4]: *** [sievec] Error 1 make[4]: Leaving directory `/build/buildd/dovecot-2.1- pigeonhole-0.3.3/src/sieve-tools' make[3]: *** [all-recursive] Error 1 make[3]: Leaving directory `/build/buildd/dovecot-2.1-pigeonhole-0.3.3/src' make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory `/build/buildd/dovecot-2.1-pigeonhole-0.3.3' make[1]: *** [all] Error 2 make[1]: Leaving directory `/build/buildd/dovecot-2.1-pigeonhole-0.3.3' make: *** [build-stamp] Error 2 From tss at iki.fi Fri Nov 30 10:44:48 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 30 Nov 2012 10:44:48 +0200 Subject: [Dovecot] 2.1.12 - Pigeonhole 0.3.3 build failed: /usr/bin/ld: cannot find -lssl -lcrypto In-Reply-To: <2172377.X0VnGmhlpd@tobias-pc> References: <2172377.X0VnGmhlpd@tobias-pc> Message-ID: <8BCFDF68-BE1D-4F9E-9E70-4FE6355F50BE@iki.fi> On 30.11.2012, at 10.30, Tobias Hachmer wrote: > Although timos bugfix release this morning I can't build pigeonhole 0.3.3 for > dovecot 2.1.12 successfully. I don't know if it is a new bug or if I do > something wrong but with dovecot 2.1.10 all worked fine, with the same configure > options. Yes, the build was changed since v2.1.10 because the old way didn't work with some systems. > configure options (out of debian/rules for building debian package): .. > /usr/bin/ld: cannot find -lssl > /usr/bin/ld: cannot find -lcrypto You built Dovecot from a Debian package too, but don't have OpenSSL installed?.. From lists at kokelnet.de Fri Nov 30 11:02:22 2012 From: lists at kokelnet.de (Tobias Hachmer) Date: Fri, 30 Nov 2012 10:02:22 +0100 Subject: [Dovecot] 2.1.12 - Pigeonhole 0.3.3 build failed: /usr/bin/ld: cannot find -lssl -lcrypto In-Reply-To: <8BCFDF68-BE1D-4F9E-9E70-4FE6355F50BE@iki.fi> References: <2172377.X0VnGmhlpd@tobias-pc> <8BCFDF68-BE1D-4F9E-9E70-4FE6355F50BE@iki.fi> Message-ID: <2236844.32HTZT9t1K@tobias-pc> On Friday 30 November 2012 10:44:48 Timo Sirainen wrote: > You built Dovecot from a Debian package too, but don't have OpenSSL > installed?.. Thanks Timo for hte hint. openssl was installed, but the openssl development files (libssl-dev) dependency for my dovecot-dev package was missing. Regards, Tobias Hachmer From ramon.frontera at uib.es Fri Nov 30 11:22:19 2012 From: ramon.frontera at uib.es (Ramon Frontera) Date: Fri, 30 Nov 2012 10:22:19 +0100 Subject: [Dovecot] Dovecot director doveadm with switch "-A" error In-Reply-To: <1F75A354-F909-4BAB-8843-1821332BFC12@iki.fi> References: <453DDEEC-1372-40D2-ADD5-00F56904C52A@uib.es> <B528BA8C-9575-4C3C-B154-F243252B4B6F@iki.fi> <8874EC16-C9A2-4689-91E6-71453FF6ED65@uib.es> <1354065305.2844.30.camel@innu> <E7FBFA98-4819-4D82-A82E-86455EEAD055@uib.es> <1E3289A4-6787-4743-B3F2-D098C6748271@iki.fi> <0202B7EE-0411-46BA-ACF2-6C378C7443B4@uib.es> <1F75A354-F909-4BAB-8843-1821332BFC12@iki.fi> Message-ID: <9D166B16-D94E-4AFB-B87D-A3AA5090B877@uib.es> Hi, Thanks Timo for your help! I have installed dovecot version 2.1.12 changing format has solved "doveadm -o auth_socket_path=director-userdb quota get -A" Now, "doveadm -o auth_socket_path=director-userdb search -u user mailbox Trash savedbefore 1d" works fine!!!! Best regards! -- ------------------------------------------ Ramon Frontera Gallardo Universitat de les Illes Balears El 30/11/2012, a las 02:17, Timo Sirainen escribi?: > On 29.11.2012, at 16.22, Ramon Frontera wrote: > >> Now we have found 3 problems with doveadm on proxy server: >> >> 1 problem: >> In our configuration we have: >> protocol doveadm { >> auth_socket_path = director-userdb >> } >> >> I have executed this: >> # doveconf -m doveadm -f service=doveadm auth_socket_path >> auth_socket_path = director-userdb >> >> Now when We execute doveadm quota get -A >> we have this error: >> doveadm(user1): Error: /var/run/dovecot//auth-userdb: Proxy is missing destination host (maybe set auth_socket_path=director-userdb) >> doveadm: Error: Failed to iterate through some users >> >> with "-o auth_socket_path=director-userdb " it works for the early users. > > That's strange. I don't really have any ideas left how to debug it easily. > >> 2 problem >> when we execute doveadm -o auth_socket_path=director-userdb quota get -A it works for the early users and then return this error on proxy: >> >> doveadm(userabc): Fatal: table formatter doesn't support multi-line values > > Oh. Hmm. I see the problem.. I'll fix it later. For now you could change the formatter with doveadm -f tab or -f flow > >> 3 problem >> I have tested other doveadm command on proxy wich also fails: >> >> # doveadm -o auth_socket_path=director-userdb search -u user mailbox Trash savedbefore 1d >> >> on proxy we have this error: " doveadm(user): Error: xx.xx.xx.xx:24245: Internal failure for user" >> on mailserver we have this error: "doveadm: Fatal: master: service(doveadm): child 22171 killed with signal 11 (core dumps disabled)" >> >> I put the gdm bt output hope it help you. (mailserver) >> >> #0 auth_master_user_list_next (ctx=0x0) at auth-master.c:680 >> No locals. >> #1 0x00007f2dfe414f23 in mail_storage_service_all_next (ctx=0xf92900, >> username_r=0x7fff4306cab8) at mail-storage-service.c:1215 >> __FUNCTION__ = "mail_storage_service_all_next" >> #2 0x00007f2dfd0b0ed2 in doveadm_expire_mail_init (ctx=0xf89020) >> at doveadm-expire.c:420 > > This should fix it: http://hg.dovecot.org/dovecot-2.1/rev/75dc4cb4bfe0 > From fesarlis at gmail.com Fri Nov 30 12:22:43 2012 From: fesarlis at gmail.com (Aristidis Fesarlis) Date: Fri, 30 Nov 2012 12:22:43 +0200 Subject: [Dovecot] Maildir conversion Message-ID: <50B888F3.7010005@gmail.com> Hi all, I am using Dovecot 1.2.7, and trying to do my first Mbox to Maildir conversion. So I created a small script: > #!/bin/bash > > ls > userlist.txt > > for i in `cat userlist.txt`; do > echo "---------------------"; > echo "Converting user $i..."; > echo "---------------------"; > > su - $i -s /bin/bash -c "/opt/scripts/mb2md.pl -s mail -R"; > su - $i -s /bin/bash -c "/opt/scripts/mb2md.pl -m -s > /var/mail/$i"; > su - $i -s /bin/bash -c "cp ~$i/mail/.subscriptions > ~$i/Maildir/subscriptions"; > done > > rm -f userlist.txt I would like some help with the following: 1. Trying it, I get multiple warnings for some mailboxes like this: > "WARNING: UID from X-UID: header too low. Ignoring it Is this a problem? Or I can ignore it? 2. I understand that I also have to instruct my MDA (procmail) to deliver mail to the new location. I found that I have to create an /etc/procmailrc with the following line: > DEFAULT=$HOME/Maildir/ My question is: Some users have their own .procmailrc file inside their home directory, to filter mail etc. Their file does not contain the above statement. Would the default procmailrc file be processed for them as well? Or their file takes precedence, causing the default file not to be processed at all? Thank you From sirtcp at gmail.com Fri Nov 30 18:20:10 2012 From: sirtcp at gmail.com (Muhammad Yousuf Khan) Date: Fri, 30 Nov 2012 21:20:10 +0500 Subject: [Dovecot] Newbie Basic ACL issue Message-ID: <CAGWVfMncYwZF3mA37un4uqinGSJR+h3zxzTv=yRxetZ3B3+Uzw@mail.gmail.com> i can not impliment a basic acl to a /public/.News folder. however with out ACL it works great but after implementing acl "Public" folder can be seen while subscribing but i can not create folder inside it nor i can view already created ".News" folder. when i restart dovecot it shows me some thing like this root at mailsrv:/public/.News# /etc/init.d/dovecot restart Restarting IMAP/POP3 mail server: dovecotILoading modules from directory: /usr/lib/dovecot/modules/imap IModule loaded: /usr/lib/dovecot/modules/imap/lib01_acl_plugin.so IModule loaded: /usr/lib/dovecot/modules/imap/lib02_imap_acl_plugin.so IEffective uid=65534, gid=65534, home=/tmp Iacl: No acl_shared_dict setting - shared mailbox listing is disabled root at mailsrv:/public/.News# dovecot -n # 1.2.15: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.6 log_timestamp: %Y-%m-%d %H:%M:%S ssl_cert_file: /etc/ssl/certs/postfix.pem ssl_key_file: /etc/ssl/private/postfix.key login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/imap-login mail_privileged_group: mail mail_location: maildir:~/Maildir:INBOX=~/Maildir/:INDEX=~/Maildir/index mail_debug: yes mbox_write_locks: fcntl dotlock mail_plugins: acl imap_acl namespace: type: private separator: / inbox: yes list: yes subscriptions: yes namespace: type: public separator: / prefix: Public/ location: maildir:/public:INDEX=/public/index list: yes subscriptions: yes lda: mail_plugins: acl auth default: mechanisms: plain login passdb: driver: pam userdb: driver: passwd socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: postfix plugin: acl: vfile as i read in few howto's that "dovecot-acl" file should be placed in the mail publish folder like in my case "/public/.News/dovecot-acl" here is the output of my file root at mailsrv:/public/.News# cat dovecot-acl owner lrwstipekxa anyone= lr now after this implimentation i can see the folder "Public" in subscription now when i try to create a new folder inside ".News" folder via outlook 2007 it says "cannot move the item. the server responded: 'NOPERM] Permission denied" i think i am messed up permission actually i have 2 users "tom" and "fmaster" both doing the same thing. weather i write this "anyone lrwstpekxa" or "user=tom lrwstpekxa" it does the same for both user what i want is just a simple thing. i want tom to be the owner of .News and fmaster has read only. so he can only read the news but can not delete even can not change the flag to read or unread. Note: both are system users (not virtual users) Nov 30 20:50:42 mailsrv dovecot: IMAP(fmaster): open(/public/.News/dovecot-uidlist) failed: Permission denied Nov 30 20:50:42 mailsrv dovecot: IMAP(fmaster): open(/public/.News/dovecot-uidlist) failed: Permission denied Nov 30 20:54:45 mailsrv dovecot: IMAP(fmaster): open(/public/index/.News/dovecot.index.log) failed: Permission denied (euid=1001(fmaster) egid=1001(fmaster) missing +w perm: /public/index/.News/dovecot.index.log) Nov 30 20:54:50 mailsrv dovecot: IMAP(fmaster): open(/public/index/.News/dovecot.index.log) failed: Permission denied (euid=1001(fmaster) egid=1001(fmaster) missing +w perm: /public/index/.News/dovecot.index.log) i thought its a system level permission issue so i pass this command "chmod 777 /public -R" but still i receive the same outlook error but no errors in /var/log/mail.err. please hell me what kind of user right should be on the .News folder. for example, tom or root which one should have the "rwx" rights on the folder. and what kind of changes should i made in deovecot-acl any help, tip would be highly appreciated. Thanks, From ssilva at sgvwater.com Fri Nov 30 20:42:12 2012 From: ssilva at sgvwater.com (Scott Silva) Date: Fri, 30 Nov 2012 10:42:12 -0800 Subject: [Dovecot] Maildir conversion In-Reply-To: <50B888F3.7010005@gmail.com> References: <50B888F3.7010005@gmail.com> Message-ID: <k9aum1$tep$1@ger.gmane.org> <snip> > > 2. I understand that I also have to instruct my MDA (procmail) to deliver mail > to the new location. I found that I have to create an /etc/procmailrc with the > following line: > >> DEFAULT=$HOME/Maildir/ > > My question is: Some users have their own .procmailrc file inside their home > directory, to filter mail etc. Their file does not contain the above > statement. Would the default procmailrc file be processed for them as well? Or > their file takes precedence, causing the default file not to be processed at all? > > Thank you > > On my systems it works that way. Only the /etc/procmailrc file has that statement. From fuf at phuph.org Thu Nov 1 04:42:59 2012 From: fuf at phuph.org (Faheem Patel) Date: Wed, 31 Oct 2012 22:42:59 -0400 Subject: [Dovecot] =?utf-8?q?Modifying_mailbox_GUIDs=3F?= Message-ID: <7c0d1aa0d7c1974f917c17290e719788@horizon.phuph.org> Greetings all, I can view a mailbox's GUID like so: doveadm mailbox status -u guid However, how may I *modify* a mailbox GUID? Can this be done using doveadm or some other tool? If not, how may I go about modifying the dovecot.mailbox.log (where I assume GUID data is stored)? My specific use case has to do with me wanting to modify an existing mailbox's GUID so that its messages are mirrored into a folder of the same name using "dsync mirror". (As we know, dsync utilizes GUIDs to determine mailbox uniqueness) Thanks! -- - Faheem From fuf at phuph.org Thu Nov 1 05:13:37 2012 From: fuf at phuph.org (Faheem Patel) Date: Wed, 31 Oct 2012 23:13:37 -0400 Subject: [Dovecot] =?utf-8?q?Modifying_mailbox_GUIDs=3F?= In-Reply-To: <7c0d1aa0d7c1974f917c17290e719788@horizon.phuph.org> References: <7c0d1aa0d7c1974f917c17290e719788@horizon.phuph.org> Message-ID: <778d2396116c03d4b1d12234846aa12f@horizon.phuph.org> I see that the GUID is actually in readable text on the first line in "dovecot-uidlist". Is it really as simple as modifying the string here? - Faheem On Wed, 31 Oct 2012 22:42:59 -0400, Faheem Patel wrote: > Greetings all, > > I can view a mailbox's GUID like so: doveadm mailbox status -u guid > > However, how may I *modify* a mailbox GUID? Can this be done using doveadm or some other tool? > > If not, how may I go about modifying the dovecot.mailbox.log (where I assume GUID data is stored)? > > My specific use case has to do with me wanting to modify an existing mailbox's GUID so that its messages are mirrored into a folder of the same name using "dsync mirror". (As we know, dsync utilizes GUIDs to determine mailbox uniqueness) > > Thanks! > > -- > - Faheem From dmiller at amfes.com Thu Nov 1 06:16:11 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Wed, 31 Oct 2012 21:16:11 -0700 Subject: [Dovecot] Pigeonhole 3.3 broken against Dovecot 2.1.10 In-Reply-To: <A1559EE9-2F7A-406A-9799-D60339BF9E6F@iki.fi> References: <508FEB83.5010209@amfes.com> <A1559EE9-2F7A-406A-9799-D60339BF9E6F@iki.fi> Message-ID: <assp.16521f86e8.295e4368e20c518ae72a7d8c726f8869@amfes.com> On 31.10.2012 04:26, Timo Sirainen wrote: > On 30.10.2012, at 17.00, Daniel L. Miller wrote: > >> I'm compiling as I normally do. The config line for Dovecot is: configure --with-ldap --with-ssl --with-bzlib --with-zlib --with-stemmer --with-lucene --with-ldap followed by make & make install Then a 'configure' for Pigeonhole, followed by make, yields: libtool: link: gcc -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -o .libs/sieve-dump sieve-dump.o -Wl,--export-dynamic ../../src/lib-sieve/.libs/libdovecot-sieve.so ../../src/lib-sieve-tool/.libs/libsieve-tool.a /usr/local/lib/dovecot/libdovecot-storage.so /usr/local/lib/dovecot/libdovecot-lda.so -L/usr/local/lib/dovecot /usr/local/lib/dovecot/libdovecot.so -lrt -Wl,-rpath -Wl,/usr/local/lib/dovecot libtool: link: gcc -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -o .libs/sievec sievec.o -Wl,--export-dynamic ../../src/lib-sieve/.libs/libdovecot-sieve.so ../../src/lib-sieve-tool/.libs/libsieve-tool.a /usr/local/lib/dovecot/libdovecot-storage.so /usr/local/lib/dovecot/libdovecot-lda.so -L/usr/local/lib/dovecot /usr/local/lib/dovecot/libdovecot.so -lrt -Wl,-rpath -Wl,/usr/local/lib/dovecot /usr/local/lib/dovecot/libdovecot-storage.so: undefined reference to `sk_new_null at OPENSSL_1.0.0' /usr/local/lib/dovecot/libdovecot-storage.so: undefined reference to `SSL_get_error at OPENSSL_1.0.0' > > I think this is a Dovecot bug, fixed by: http://hg.dovecot.org/dovecot-2.1/rev/7d931927e4ac [1] > > You could also do this by adding -lssl -lcrypto manually to the installed dovecot-config and running configure again for pigeonhole. I see "-lssl -lcrypto" already in the DOVECOT_SSL_LIBS section of /usr/local/lib/dovecot/dovecot-config. What should be changed? -- Daniel Links: ------ [1] http://hg.dovecot.org/dovecot-2.1/rev/7d931927e4ac From dmiller at amfes.com Thu Nov 1 06:23:45 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Wed, 31 Oct 2012 21:23:45 -0700 Subject: [Dovecot] Pigeonhole 3.3 broken against Dovecot 2.1.10 In-Reply-To: <295e4368e20c518ae72a7d8c726f8869@amfes.com> References: <508FEB83.5010209@amfes.com> <A1559EE9-2F7A-406A-9799-D60339BF9E6F@iki.fi> <295e4368e20c518ae72a7d8c726f8869@amfes.com> Message-ID: <assp.16520a4294.f9b09819410325694141b18341f3ac8a@amfes.com> On 31.10.2012 21:16, Daniel L. Miller wrote: > On 31.10.2012 04:26, Timo Sirainen wrote: > >> I think this is a Dovecot bug, fixed > > by: http://hg.dovecot.org/dovecot-2.1/rev/7d931927e4ac [1][1] > >> You > > could also do this by adding -lssl -lcrypto manually to the installed > dovecot-config and running configure again for pigeonhole. > > I see "-lssl > -lcrypto" already in the DOVECOT_SSL_LIBS section of > /usr/local/lib/dovecot/dovecot-config. What should be changed? Ok - I read the patch, and modified the LIBDOVECOT_STORAGE section accordingly. Same compile error for Pigeonhole after performing a 'make clean' and 'configure'. -- Daniel Links: ------ [1] http://hg.dovecot.org/dovecot-2.1/rev/7d931927e4ac From dmiller at amfes.com Thu Nov 1 06:25:14 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Wed, 31 Oct 2012 21:25:14 -0700 Subject: [Dovecot] Pigeonhole 3.3 broken against Dovecot 2.1.10 In-Reply-To: <f9b09819410325694141b18341f3ac8a@amfes.com> References: <508FEB83.5010209@amfes.com> <A1559EE9-2F7A-406A-9799-D60339BF9E6F@iki.fi> <295e4368e20c518ae72a7d8c726f8869@amfes.com> <f9b09819410325694141b18341f3ac8a@amfes.com> Message-ID: <assp.1652bc0f4c.bb603fbd89dcd3fc446eb6d8ac5f5e45@amfes.com> On 31.10.2012 21:23, Daniel L. Miller wrote: > On 31.10.2012 21:16, Daniel L. Miller wrote: > >> On 31.10.2012 > > 04:26, Timo Sirainen wrote: > >>> I think this is a Dovecot bug, fixed > could also do this by adding -lssl -lcrypto manually to the > > installed > dovecot-config and > >> -left:#1010ff 2px solid; margin-left:5px; width:100%">I see > pto" already in the DOVECOT_SSL_LIBS section of > > /usr/local/lib/dovecot/dovecot-config. What should be changed? > > Ok - I > read the patch, and modified the LIBDOVECOT_STORAGE section accordingly. > Same comp> > >> I take that back - it's not exactly the same compile error. Now it references libdovecot-login.so for the undefined SSL references. -- Daniel From dmiller at amfes.com Thu Nov 1 06:27:13 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Wed, 31 Oct 2012 21:27:13 -0700 Subject: [Dovecot] Pigeonhole 3.3 broken against Dovecot 2.1.10 In-Reply-To: <f9b09819410325694141b18341f3ac8a@amfes.com> References: <508FEB83.5010209@amfes.com> <A1559EE9-2F7A-406A-9799-D60339BF9E6F@iki.fi> <295e4368e20c518ae72a7d8c726f8869@amfes.com> <f9b09819410325694141b18341f3ac8a@amfes.com> Message-ID: <assp.16521dc96c.8ec1943dc195ccfba443017997b837dc@amfes.com> On 31.10.2012 21:23, Daniel L. Miller wrote: > On 31.10.2012 21:16, Daniel L. Miller wrote: > >> On 31.10.2012 > > 04:26, Timo Sirainen wrote: > >>> I think this is a Dovecot bug, fixed > could also do this by adding -lssl -lcrypto manually to the > > installed > dovecot-config and > >> -left:#1010ff 2px solid; margin-left:5px; width:100%">I see > pto" already in the DOVECOT_SSL_LIBS section of > > /usr/local/lib/dovecot/dovecot-config. What should be changed? > > Ok - I > read the patch, and modified the LIBDOVECOT_STORAGE section accordingly. > Same comp> > >> Thought I'd see if I could guess the next fix - added the parms to LIBDOVECOT_LOGIN as well. Seems to have fixed it. Sorry for the multiple posts - it's been a long day. -- Daniel From tlx at leuxner.net Thu Nov 1 12:27:34 2012 From: tlx at leuxner.net (Thomas Leuxner) Date: Thu, 1 Nov 2012 11:27:34 +0100 Subject: [Dovecot] 2.2.alpha1 (626a9df21e62): LMTP Core Dump Message-ID: <20121101102734.GA20126@nihlus.leuxner.net> Please find Backtrace for LMTP Core Dump below: [...] ==> /var/log/dovecot/dovecot.log <== Nov 1 11:16:14 spectre dovecot: lmtp(17245): Connect from local Nov 1 11:16:14 spectre dovecot: lmtp(17245): Fatal: master: service(lmtp): child 17245 killed with signal 11 (core dumped) ==> /var/log/mail.log <== Nov 1 11:16:14 spectre postfix/lmtp[17204]: 3Xsj4G11MrzNY: to=<tlx at leuxner.net>, relay=spectre.leuxner.net[private/dovecot-lmtp], delay=0.11, delays=0.06/0/0.01/0.04, dsn=4.4.2, status=deferred (lost connection with spectre.leuxner.net[private/dovecot-lmtp] while sending MAIL FROM) [...] $ gdb /usr/lib/dovecot/lmtp /tmp/core Program terminated with signal 11, Segmentation fault. #0 0x00007f6174db3d35 in mail_storage_service_lookup (ctx=0x1160640, input=0x7fff905265d0, user_r=<value optimized out>, error_r=<value optimized out>) at mail-storage-service.c:1013 1013 mail-storage-service.c: No such file or directory. in mail-storage-service.c (gdb) bt full #0 0x00007f6174db3d35 in mail_storage_service_lookup (ctx=0x1160640, input=0x7fff905265d0, user_r=<value optimized out>, error_r=<value optimized out>) at mail-storage-service.c:1013 flags = 675 user = <value optimized out> username = 0x11540b0 "tlx at leuxner.net" user_info = 0x1163718 user_set = <value optimized out> userdb_fields = 0x1173dd8 error = <value optimized out> reply = {uid = 0, gid = 0, home = 0x7f6175249712 "H\211\303d\213\004%\030", chroot = 0x7f6100000001 <Address 0x7f6100000001 out of bounds>, extra_fields = {arr = {buffer = 0x0, element_size = 18170192}, v = 0x0, v_modifiable = 0x0}, anonymous = 0} set_parser = 0x1167500 sets = 0x0 user_pool = 0x11705e0 temp_pool = 0x1173db0 ret = 1 #1 0x0000000000406c16 in cmd_rcpt (client=0x1161e70, args=0x116d623 "") at commands.c:545 rcpt = {address = 0x0, detail = 0x0, service_user = 0x0} input = {module = 0x40823a "lmtp", service = 0x40823a "lmtp", username = 0x11540b0 "tlx at leuxner.net", session_id = 0x0, local_ip = {family = 0, u = {ip6 = {__in6_u = { __u6_addr8 = '\000' <repeats 15 times>, __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = {s_addr = 0}}}, remote_ip = {family = 0, u = {ip6 = {__in6_u = { __u6_addr8 = '\000' <repeats 15 times>, __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = {s_addr = 0}}}, local_port = 0, remote_port = 0, userdb_fields = 0x0, flags_override_add = 0, flags_override_remove = 0, no_userdb_lookup = 0} address = 0x11540b0 "tlx at leuxner.net" username = 0x11540b0 "tlx at leuxner.net" detail = 0x4086a3 "" error = 0x0 ret = <value optimized out> #2 0x00000000004055fb in client_input_line (client=0x1161e70) at client.c:60 cmd = <value optimized out> args = 0x116d60f "TO:<tlx at leuxner.net>" #3 client_input_handle (client=0x1161e70) at client.c:113 _data_stack_cur_id = 3 output = 0x11610e8 line = <value optimized out> ret = <value optimized out> #4 0x00007f6174afd186 in io_loop_call_io (io=0x1161190) at ioloop.c:387 ioloop = 0x115c670 t_id = 2 #5 0x00007f6174afe1d7 in io_loop_handler_run (ioloop=<value optimized out>) at ioloop-epoll.c:215 ctx = 0x115f4a0 event = 0x115f510 list = 0x11611e0 io = 0x11540b0 tv = {tv_sec = 299, tv_usec = 999016} msecs = <value optimized out> ret = 1 i = 0 call = false #6 0x00007f6174afd128 in io_loop_run (ioloop=0x115c670) at ioloop.c:406 No locals. #7 0x00007f6174ae6473 in master_service_run (service=0x115c510, callback=0x1173e08) at master-service.c:546 No locals. #8 0x0000000000404a06 in main (argc=1, argv=0x115c370) at main.c:122 set_roots = {0x60a8e0, 0x408e20, 0x0} service_flags = <value optimized out> storage_service_flags = 675 c = <value optimized out> [ doveconf -n ] # 2.2.alpha1 (626a9df21e62): /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.6 auth_cache_size = 16 k auth_verbose = yes mail_location = mdbox:~/mdbox mail_plugins = acl quota stats namespace { list = yes location = mdbox:/var/vmail/public prefix = Public/ separator = / subscriptions = no type = public } namespace inbox { hidden = no inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / type = private } passdb { args = username_format=%u /var/vmail/auth.d/%d/passwd driver = passwd-file } plugin { acl = vfile:/var/vmail/conf.d/%d/acls:cache_secs=300 mail_log_events = expunge mailbox_delete quota = dict:user::file:%h/mdbox/dovecot-quota quota_rule = *:storage=1GB quota_rule2 = Trash:storage=+10%% sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_global_dir = /var/vmail/conf.d/%d/sieve stats_refresh = 30s stats_track_cmds = yes } protocols = " imap lmtp" quota_full_tempfail = yes service auth-worker { unix_listener auth-worker { user = doveauth } user = doveauth } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } user = doveauth } service imap-login { inet_listener imap { address = 1.2.3.4 port = 143 } inet_listener imaps { port = 0 } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } } service stats { fifo_listener stats-mail { mode = 0600 user = vmail } } ssl_ca = </etc/ssl/certs/SSL123_CA_Bundle.pem ssl_cert = </etc/ssl/certs/host_domain_tld.crt ssl_key = </etc/ssl/private/host_domain_tld.key syslog_facility = local1 userdb { args = username_format=%u /var/vmail/auth.d/%d/passwd driver = passwd-file } verbose_proctitle = yes protocol lmtp { mail_plugins = acl quota stats sieve } protocol imap { mail_max_userip_connections = 20 mail_plugins = acl quota stats imap_acl imap_quota mail_log notify imap_stats } -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121101/da4b9bfe/attachment-0004.bin> From dave at boostpro.com Thu Nov 1 15:08:43 2012 From: dave at boostpro.com (Dave Abrahams) Date: Thu, 01 Nov 2012 09:08:43 -0400 Subject: [Dovecot] Indexing problems Message-ID: <m2k3u5ii78.fsf@cone.luannocracy.com> It looks like something is going very wrong here. Any advice? --8<---------------cut here---------------start------------->8--- $ doveadm -vvvD index '*' doveadm(dave): Debug: Loading modules from directory: /usr/local/lib/dovecot doveadm(dave): Debug: Module loaded: /usr/local/lib/dovecot/lib20_fts_plugin.so doveadm(dave): Debug: Module loaded: /usr/local/lib/dovecot/lib20_zlib_plugin.so doveadm(dave): Debug: Module loaded: /usr/local/lib/dovecot/lib21_fts_lucene_plugin.so doveadm(dave): Debug: Loading modules from directory: /usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm doveadm(dave): Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: dlopen(/usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so, 10): Symbol not found: _acl_user_module Referenced from: /usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so Expected in: flat namespace in /usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so (this is usually intentional, so just ignore this message) doveadm(dave): Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: dlopen(/usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so, 10): Symbol not found: _expire_set_deinit Referenced from: /usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so Expected in: flat namespace in /usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so (this is usually intentional, so just ignore this message) doveadm(dave): Debug: Skipping module doveadm_quota_plugin, because dlopen() failed: dlopen(/usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so, 10): Symbol not found: _quota_user_module Referenced from: /usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so Expected in: flat namespace in /usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so (this is usually intentional, so just ignore this message) doveadm(dave): Debug: Module loaded: /usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm/lib10_doveadm_zlib_plugin.so doveadm(dave): Debug: Module loaded: /usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm/lib20_doveadm_fts_lucene_plugin.so doveadm(dave): Debug: Module loaded: /usr/local/Cellar/dovecot/2.1.9/lib/dovecot/doveadm/lib20_doveadm_fts_plugin.so doveadm(dave): Debug: Effective uid=501, gid=20, home=/Users/dave doveadm(dave): Debug: Namespace inbox: type=private, prefix=, sep=., inbox=yes, hidden=no, list=yes, subscriptions=yes location=mdbox:/Users/dave/Library/Data/LocalIMAP/mdbox doveadm(dave): Debug: fs: root=/Users/dave/Library/Data/LocalIMAP/mdbox, index=, control=, inbox=, alt= doveadm(dave): Debug: Namespace : Using permissions from /Users/dave/Library/Data/LocalIMAP/mdbox: mode=0700 gid=-1 doveadm(dave): Info: [Gmail].All: Cache is already up to date doveadm(dave): Info: [Gmail].All Mail: Caching mails seq=2..231746 8000/231745Assertion failed: (numDocsInStore*8 == directory->fileLength( (docStoreSegment + "." + IndexFileNames::FIELDS_INDEX_EXTENSION).c_str() )), function closeDocStore, file /tmp/clucene-gmYE/src/core/CLucene/index/DocumentsWriter.cpp, line 210. Abort trap: 6 cone:local dave$ --8<---------------cut here---------------end--------------->8--- -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From mancyborg at gmail.com Thu Nov 1 17:20:49 2012 From: mancyborg at gmail.com (mancyborg at gmail.com) Date: Thu, 1 Nov 2012 16:20:49 +0100 Subject: [Dovecot] dovecot dimensioning Message-ID: <20121101162049.77c57503@uplink> Hi All, first post here, nice to meet you :) I've been using dovecot + postfix + clamav + spamassassin for years but always with few users. Now i must build a server for 1500 users, they will use various email software (thunderbird, outlook, ..) the webmail (i'm not sure if squirrelmail or roundcube) and blackberry devices (with the BIS service). There will be around 1000 domains (virtual_domains) and postfix will read its users and domains from mysql. Let's say that they will send and receive around 5000 emails per hour (10K in total per hour). I was thinking to use karspersky server instead of clamav. I already have the hardware, it is a server with 4 physical cpu (Intel Xeon E5504 @ 2.00GHz) and 24 gb of ram, do you think it is enough ? Thanks for supporting, regards and have a nice day, Mike From mancyborg at gmail.com Thu Nov 1 21:32:36 2012 From: mancyborg at gmail.com (mancyborg at gmail.com) Date: Thu, 1 Nov 2012 20:32:36 +0100 Subject: [Dovecot] dovecot dimensioning In-Reply-To: <0C621B8F-997C-43D2-9923-B7FBB8552676@us.es> References: <20121101162049.77c57503@uplink> <0C621B8F-997C-43D2-9923-B7FBB8552676@us.es> Message-ID: <20121101203236.1803e9de@uplink> Hi Javier, yes i see. Storage for now is just a 3tb sata2 hdd, so i guess that write performance is around 100 MB/s What do you think about that ? Thanks and regards, Mike On Thu, 1 Nov 2012 19:55:35 +0100 Javier de Miguel Rodriguez <javierdemiguel-ext at us.es> wrote: > > IMHO, fast storage is the main requirement for dovecot. > > > > El 01/11/2012, a las 16:20, "mancyborg at gmail.com" <mancyborg at gmail.com> escribi?: > > > Hi All, first post here, nice to meet you :) > > > > I've been using dovecot + postfix + clamav + spamassassin for years but always with few users. > > > > Now i must build a server for 1500 users, > > they will use various email software (thunderbird, outlook, ..) > > the webmail (i'm not sure if squirrelmail or roundcube) > > and blackberry devices (with the BIS service). > > > > There will be around 1000 domains (virtual_domains) and postfix will read its users and domains from mysql. > > > > Let's say that they will send and receive around 5000 emails per hour (10K in total per hour). > > > > I was thinking to use karspersky server instead of clamav. > > > > I already have the hardware, it is a server with 4 physical cpu (Intel Xeon E5504 @ 2.00GHz) and 24 gb of ram, > > do you think it is enough ? > > > > > > Thanks for supporting, > > regards and have a nice day, > > Mike From dave at boostpro.com Thu Nov 1 16:38:04 2012 From: dave at boostpro.com (Dave Abrahams) Date: Thu, 01 Nov 2012 10:38:04 -0400 Subject: [Dovecot] No manpage for "doveadm fts" command Message-ID: <m2pq3xfkxf.fsf@cone.luannocracy.com> Just wanted to make sure this issue was registered separately from the overall confusion I'm exploring in another thread, even though I mention this there too. -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From dave at boostpro.com Thu Nov 1 16:37:00 2012 From: dave at boostpro.com (Dave Abrahams) Date: Thu, 01 Nov 2012 10:37:00 -0400 Subject: [Dovecot] When are search indexes updated? References: <m2pq43k7n3.fsf@cone.luannocracy.com> <508C9C8A.8000309@hardwarefreak.com> Message-ID: <m2vcdpfkz7.fsf@cone.luannocracy.com> on Sat Oct 27 2012, Stan Hoeppner <stan-AT-hardwarefreak.com> wrote: > On 10/27/2012 3:00 PM, David Abrahams wrote: >> >> I noticed that occasionally searching in my huge archive mailbox can be >> really slow, so I tried doveadm index on it and it seemed to do a lot of >> work, which seemed strange given, for example, that dovecot-lda says it >> keeps Dovecot index files up-to-date. Then I thought, "maybe these are >> different files than the search indices." If so, that's not entirely >> clear from the docs and Wiki. So, questions: > > Mailbox and search indexes are separate. If so, I hereby request that they be properly and explicitly distinguished from one another, every place "index" is mentioned on the wiki. > Look in your mailbox directory and you'll see them, such as on 1.2.x > with mbox: I'm on 2.x with mdbox, FWIW. > $ la /home/stan/mail/.imap/1-Dovecot > total 3.4M > drwx------ 2 stan stan 135 Oct 25 21:39 . > drwx------ 51 stan stan 4.0K Apr 13 2012 .. > -rw------- 1 stan stan 44K Oct 27 13:28 dovecot.index > -rw------- 1 stan stan 1.2M Oct 27 21:23 dovecot.index.cache > -rw------- 1 stan stan 18K Oct 27 21:23 dovecot.index.log > -rw------- 1 stan stan 1.1M May 20 06:32 dovecot.index.search > -rw------- 1 stan stan 1.1M May 20 06:32 dovecot.index.search.uids > > I've not full text searched this folder for quite some time, thus the > search indexes are not current, and the next FTS of this mail folder > will take much more time than if the FTS indexes were current. > >> * When are search indexes updated? > > When the index is stale. That's pretty vague :-) >> * Are they updated incrementally? >> * If not, why not? >> * If so, why would a mailbox's index drift out-of-date, as mine had? > > When a sufficient number of messages are added to an IMAP folder the FTS > index becomes stale. That's a little less vague, thanks :-) > This index is not updated in real time. This is why Timo and others > recommend cron'ing a script to index folders regularly that are > searched regularly. And how does one index the folders for search? Is that "doveadm index" or "doveadm fts rescan" (which I see at http://wiki2.dovecot.org/Plugins/FTS but NOT in the manpage), or...? > This keeps the indexes up to date and keeps searches fast. If you > don't do this or search often, your indexes become stale. Then each > time you do an FTS search the first thing that happens is an FTS > re-indexing of the mail folder. Only then does it display the search > results. > >> BTW, I'm using the clucene search backend. > > I've not used Lucene, but I believe the default behavior is similar to > the Dovecot 1.2.x FTS indexer. Not sure what conclusion to draw from that, thanks. -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From dave at boostpro.com Thu Nov 1 22:28:15 2012 From: dave at boostpro.com (Dave Abrahams) Date: Thu, 01 Nov 2012 16:28:15 -0400 Subject: [Dovecot] "starting" dovecot Message-ID: <m2zk31gja8.fsf@pluto.luannocracy.com> My system never issues the "dovecot start" command. I do, however, run /usr/local/libexec/dovecot/imap on port 9xxx. I talk to the server through port 9xxx and through the preauth tunnel. Is this arrangement OK? Are there some things that will only work if "dovecot" is invoked? Thanks, -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From gfinch at ldmltd.ca Fri Nov 2 01:12:43 2012 From: gfinch at ldmltd.ca (Gregory Finch) Date: Thu, 01 Nov 2012 16:12:43 -0700 Subject: [Dovecot] dovecot dimensioning In-Reply-To: <20121101203236.1803e9de@uplink> References: <20121101162049.77c57503@uplink> <0C621B8F-997C-43D2-9923-B7FBB8552676@us.es> <20121101203236.1803e9de@uplink> Message-ID: <509301EB.1070508@ldmltd.ca> I believe that Javier is talking IOPS, not throughput. You need a storage system that is able to provide a high random read + write IOPS. That single drive is going to cause you issues when things get busy. -Greg On 2012-11-01 12:32 PM, mancyborg at gmail.com wrote: > Hi Javier, yes i see. > Storage for now is just a 3tb sata2 hdd, so i guess that write performance is around 100 MB/s > > What do you think about that ? > > Thanks and regards, > Mike > > > On Thu, 1 Nov 2012 19:55:35 +0100 > Javier de Miguel Rodriguez <javierdemiguel-ext at us.es> wrote: > >> IMHO, fast storage is the main requirement for dovecot. >> >> >> >> El 01/11/2012, a las 16:20, "mancyborg at gmail.com" <mancyborg at gmail.com> escribi?: >> >>> Hi All, first post here, nice to meet you :) >>> >>> I've been using dovecot + postfix + clamav + spamassassin for years but always with few users. >>> >>> Now i must build a server for 1500 users, >>> they will use various email software (thunderbird, outlook, ..) >>> the webmail (i'm not sure if squirrelmail or roundcube) >>> and blackberry devices (with the BIS service). >>> >>> There will be around 1000 domains (virtual_domains) and postfix will read its users and domains from mysql. >>> >>> Let's say that they will send and receive around 5000 emails per hour (10K in total per hour). >>> >>> I was thinking to use karspersky server instead of clamav. >>> >>> I already have the hardware, it is a server with 4 physical cpu (Intel Xeon E5504 @ 2.00GHz) and 24 gb of ram, >>> do you think it is enough ? >>> >>> >>> Thanks for supporting, >>> regards and have a nice day, >>> Mike -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 260 bytes Desc: OpenPGP digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121101/b90ee575/attachment-0004.bin> From delrio at mie.utoronto.ca Fri Nov 2 15:39:56 2012 From: delrio at mie.utoronto.ca (Oscar del Rio) Date: Fri, 02 Nov 2012 09:39:56 -0400 Subject: [Dovecot] dovecot dimensioning In-Reply-To: <509301EB.1070508@ldmltd.ca> References: <20121101162049.77c57503@uplink> <0C621B8F-997C-43D2-9923-B7FBB8552676@us.es> <20121101203236.1803e9de@uplink> <509301EB.1070508@ldmltd.ca> Message-ID: <5093CD2C.8020502@mie.utoronto.ca> On 11/ 1/12 07:12 PM, Gregory Finch wrote: > I believe that Javier is talking IOPS, not throughput. You need a > storage system that is able to provide a high random read + write IOPS. > That single drive is going to cause you issues when things get busy. And a disaster when the single drive fails! From dave at boostpro.com Fri Nov 2 09:52:45 2012 From: dave at boostpro.com (Dave Abrahams) Date: Fri, 02 Nov 2012 03:52:45 -0400 Subject: [Dovecot] "starting" dovecot References: <m2zk31gja8.fsf@pluto.luannocracy.com> Message-ID: <m2390sfnle.fsf@cone.luannocracy.com> on Thu Nov 01 2012, Dave Abrahams <dave-AT-boostpro.com> wrote: > My system never issues the "dovecot start" command. I do, however, run > /usr/local/libexec/dovecot/imap on port 9xxx. I talk to the server > through port 9xxx and through the preauth tunnel. Is this arrangement > OK? Are there some things that will only work if "dovecot" is invoked? In particular, I'm curious because of messages like the one below that I got from "doveadm search": doveadm(dave): Error: net_connect_unix(/usr/local/var/run/dovecot/indexer) failed: No such file or directory Is the lack of this (or any other) socket attributable to not having started dovecot itself? -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From skdovecot at smail.inf.fh-brs.de Fri Nov 2 17:55:42 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 2 Nov 2012 16:55:42 +0100 (CET) Subject: [Dovecot] Feature request: add information to error message: client doesn't have lookup permissions for this user: userdb reply doesn't contain uid (change userdb socket permissions) Message-ID: <alpine.DEB.2.02.1211021622060.8405@pc-2m63nn> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Please add the information to this error, which socket has the problem and which uid access is and what is expected. For instance, when the quota dict request fails, because of permission problems, you get a very detailed info about the current problem. And, further more, hints to solve it. BTW: I'm trying to configure shared mailboxes for a virtual user system, when one user with ACLs on other mailboxes requests a LIST, I get this error. In my case, I solved the problem by chmod u+x auth-userdb . Kind regards, - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUJPs/2oxLS8a3A9mAQLQxwf/ZkhmER1q/+rlZCIdQ70x6TDwS1nwJI6J FHyr8UFgV0xXBeX8OW+UDl8N4OzXOiReygHnrcpYE4BCEQmeQC9YUU7mCcC6tpqG cg+uYMAPap3Zx8WkAqsmDnnqHe4xX7GUscoiVh1vxYdiRkHwikiKEfuve+SwTpyj wmAK5CMGLBifWPk6bmFP7YR+sJnG/E1vKxEUMEKEKjMfubsCCqc95NNCOiVTwCTG Y15eIhyJTBBjrGuLSeiHb40sPnOE/OgO9r00+OXrZOtuouYZlsMENsDXSFFLoC7v MpABu57w3GRC0p33bjSuX8ZGinEd8fFz9mbUCSvBmLLL7rOZVR6FDw== =Rf46 -----END PGP SIGNATURE----- From mancyborg at gmail.com Fri Nov 2 18:37:00 2012 From: mancyborg at gmail.com (mancyborg at gmail.com) Date: Fri, 2 Nov 2012 17:37:00 +0100 Subject: [Dovecot] dovecot dimensioning In-Reply-To: <5093CD2C.8020502@mie.utoronto.ca> References: <20121101162049.77c57503@uplink> <0C621B8F-997C-43D2-9923-B7FBB8552676@us.es> <20121101203236.1803e9de@uplink> <509301EB.1070508@ldmltd.ca> <5093CD2C.8020502@mie.utoronto.ca> Message-ID: <20121102173700.4a378b98@uplink> Hi thanks to all for your pointers, very interesting. I'll do my homework about local SAS disks and SANs. Thanks and regards :) Mike On Fri, 02 Nov 2012 09:39:56 -0400 Oscar del Rio <delrio at mie.utoronto.ca> wrote: > On 11/ 1/12 07:12 PM, Gregory Finch wrote: > > I believe that Javier is talking IOPS, not throughput. You need a > > storage system that is able to provide a high random read + write IOPS. > > That single drive is going to cause you issues when things get busy. > > And a disaster when the single drive fails! > From al-dovecot at none.at Sat Nov 3 01:51:56 2012 From: al-dovecot at none.at (Aleksandar Lazic) Date: Sat, 03 Nov 2012 00:51:56 +0100 Subject: [Dovecot] sessionid in logout line Message-ID: <1d2773bf5d07449f37b9af8c4cd8d699@none.at> Dear listmembers. I have the following login_log_format_elements = service=%s user=<%u> session=%{session} method=%m rip=%r lip=%l mpid=%e %c %k Maybe I have overseen the config option to add the %{session} also to the logout line. Here a example from my log: ### Nov 3 00:46:43 <HOST> dovecot: imap-login: Login: service=imap, user=<USER>, session=ETV8v4vNfwB/AAAB, method=CRAM-MD5, rip=127.0.0.1, lip=127.0.0.1, mpid=14874, TLS, TLSv1.1 with cipher AES256-SHA (256/256 bits) zlib compression Nov 3 00:46:43 external dovecot: imap(USER): Disconnected: Logged out in=15649 out=80199 ### Thanks for help and answers. Best regards Aleks From user+dovecot at localhost.localdomain.org Sat Nov 3 02:01:28 2012 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Sat, 03 Nov 2012 01:01:28 +0100 Subject: [Dovecot] sessionid in logout line In-Reply-To: <1d2773bf5d07449f37b9af8c4cd8d699@none.at> References: <1d2773bf5d07449f37b9af8c4cd8d699@none.at> Message-ID: <50945ED8.1060403@localhost.localdomain.org> On 11/03/2012 12:51 AM Aleksandar Lazic wrote: > Dear listmembers. > > I have the following > > login_log_format_elements = service=%s user=<%u> session=%{session} > method=%m rip=%r lip=%l mpid=%e %c %k > > Maybe I have overseen the config option to add the %{session} also to > the logout line. > ? I use: imap_logout_format = in=%i out=%o, session=<%{session}> Regards, Pascal -- The trapper recommends today: c01dcofe.1230800 at localdomain.org From al-dovecot at none.at Sat Nov 3 11:06:10 2012 From: al-dovecot at none.at (Aleksandar Lazic) Date: Sat, 03 Nov 2012 10:06:10 +0100 Subject: [Dovecot] sessionid in logout line In-Reply-To: <50945ED8.1060403@localhost.localdomain.org> References: <1d2773bf5d07449f37b9af8c4cd8d699@none.at> <50945ED8.1060403@localhost.localdomain.org> Message-ID: <3a40500f7994634c97bf7fd35c9d8c63@none.at> Dear Pascal, Am 03-11-2012 01:01, schrieb Pascal Volk: > On 11/03/2012 12:51 AM Aleksandar Lazic wrote: >> Dear listmembers. >> [snipp] >> Maybe I have overseen the config option to add the %{session} also >> to >> the logout line. >> ? > > I use: imap_logout_format = in=%i out=%o, session=<%{session}> AH thanks I have overlooked this with dovecot config|egrep -i log Best regards Aleks From ice3wtt at gmail.com Sat Nov 3 11:18:11 2012 From: ice3wtt at gmail.com (mican zhang) Date: Sat, 3 Nov 2012 17:18:11 +0800 Subject: [Dovecot] dovecot default service Message-ID: <CAMgUSrVMS-mZwt1oSA-7Kzs8bzR51AxwCK2vsjNFraJ-hr4FXw@mail.gmail.com> i install dovecot 2 and when i try ps auxw|grep "dovecot" i just get only 5processes, root 21861 0.0 0.0 14884 980 ? Ss 16:53 0:00 /usr/local/sbin /dovecot dovecot 21862 0.0 0.0 12740 968 ? S 16:53 0:00 dovecot/anvil root 21863 0.0 0.0 12872 1088 ? S 16:53 0:00 dovecot/log root 21865 0.0 0.0 15356 1468 ? S 16:53 0:00 dovecot/config root 21945 0.0 0.0 61148 800 pts/0 S+ 17:04 0:00 grep dovecot , my os is redhat 5.4 and i just install like ./configure make &make install i don't what's wrong?i also test on centos 6.2,and result is the same does anyone has the same issue?and what should i do to fix this? From dovecot at vosslamber.nl Sat Nov 3 11:22:26 2012 From: dovecot at vosslamber.nl (Luuk@dovecot) Date: Sat, 03 Nov 2012 10:22:26 +0100 Subject: [Dovecot] dovecot default service In-Reply-To: <CAMgUSrVMS-mZwt1oSA-7Kzs8bzR51AxwCK2vsjNFraJ-hr4FXw@mail.gmail.com> References: <CAMgUSrVMS-mZwt1oSA-7Kzs8bzR51AxwCK2vsjNFraJ-hr4FXw@mail.gmail.com> Message-ID: <5094E252.4020407@vosslamber.nl> On 03-11-2012 10:18, mican zhang wrote: > i install dovecot 2 and when i try ps auxw|grep "dovecot" > i just get only 5processes, > root 21861 0.0 0.0 14884 980 ? Ss 16:53 0:00 > /usr/local/sbin > /dovecot > dovecot 21862 0.0 0.0 12740 968 ? S 16:53 0:00 > dovecot/anvil > root 21863 0.0 0.0 12872 1088 ? S 16:53 0:00 dovecot/log > root 21865 0.0 0.0 15356 1468 ? S 16:53 0:00 > dovecot/config > root 21945 0.0 0.0 61148 800 pts/0 S+ 17:04 0:00 grep > dovecot > , > my os is redhat 5.4 and i just install like ./configure make &make install > i don't what's wrong?i also test on centos 6.2,and result is the same > does anyone has the same issue?and what should i do to fix this? > maybe you should do: ps auxw|grep "dovecot" | awk '{ print $0; print $0 }' than you would get 10 lines of output...... but seriously: - What processes do you miss? - Why do you thing 5 processes are nog enough? From ice3wtt at gmail.com Sat Nov 3 11:28:35 2012 From: ice3wtt at gmail.com (mican zhang) Date: Sat, 3 Nov 2012 17:28:35 +0800 Subject: [Dovecot] dovecot default service In-Reply-To: <5094E252.4020407@vosslamber.nl> References: <CAMgUSrVMS-mZwt1oSA-7Kzs8bzR51AxwCK2vsjNFraJ-hr4FXw@mail.gmail.com> <5094E252.4020407@vosslamber.nl> Message-ID: <CAMgUSrXWwWhabu4C5S63OCLxhv0MqvVybCrXoOU76OLECPmsWw@mail.gmail.com> thanks for you help ,and i still not resolve my issus. i what dovecot as postfix's stmp auth and imap server,so iguess its must have auth process and imap process,official documents also have more processes than 5 i try telnet localhost 110,and telnet localhost 143,i got : Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. Connection closed by foreign host. On Sat, Nov 3, 2012 at 5:22 PM, Luuk at dovecot <dovecot at vosslamber.nl> wrote: > On 03-11-2012 10:18, mican zhang wrote: > >> i install dovecot 2 and when i try ps auxw|grep "dovecot" >> i just get only 5processes, >> root 21861 0.0 0.0 14884 980 ? Ss 16:53 0:00 >> /usr/local/sbin >> /dovecot >> dovecot 21862 0.0 0.0 12740 968 ? S 16:53 0:00 >> dovecot/anvil >> root 21863 0.0 0.0 12872 1088 ? S 16:53 0:00 >> dovecot/log >> root 21865 0.0 0.0 15356 1468 ? S 16:53 0:00 >> dovecot/config >> root 21945 0.0 0.0 61148 800 pts/0 S+ 17:04 0:00 grep >> dovecot >> , >> my os is redhat 5.4 and i just install like ./configure make &make >> install >> i don't what's wrong?i also test on centos 6.2,and result is the same >> does anyone has the same issue?and what should i do to fix this? >> >> > > maybe you should do: > ps auxw|grep "dovecot" | awk '{ print $0; print $0 }' > > than you would get 10 lines of output...... > > but seriously: > - What processes do you miss? > - Why do you thing 5 processes are nog enough? > From dovecot at vosslamber.nl Sat Nov 3 11:41:20 2012 From: dovecot at vosslamber.nl (Luuk@dovecot) Date: Sat, 03 Nov 2012 10:41:20 +0100 Subject: [Dovecot] dovecot default service In-Reply-To: <CAMgUSrXWwWhabu4C5S63OCLxhv0MqvVybCrXoOU76OLECPmsWw@mail.gmail.com> References: <CAMgUSrVMS-mZwt1oSA-7Kzs8bzR51AxwCK2vsjNFraJ-hr4FXw@mail.gmail.com> <5094E252.4020407@vosslamber.nl> <CAMgUSrXWwWhabu4C5S63OCLxhv0MqvVybCrXoOU76OLECPmsWw@mail.gmail.com> Message-ID: <5094E6C0.9090200@vosslamber.nl> On 03-11-2012 10:28, mican zhang wrote: > thanks for you help ,and i still not resolve my issus. > i what dovecot as postfix's stmp auth and imap server,so iguess its must > have auth process and imap process,official documents also have more > processes than 5 > i try telnet localhost 110,and telnet localhost 143,i got : > Trying 127.0.0.1... > Connected to localhost. > Escape character is '^]'. > Connection closed by foreign host. > > Have a look at: http://wiki2.dovecot.org/#Dovecot_configuration It tells you how to configure dovecot.... ;) From davide.marchi at mail.cgilfe.it Sat Nov 3 11:45:58 2012 From: davide.marchi at mail.cgilfe.it (Davide) Date: Sat, 03 Nov 2012 10:45:58 +0100 Subject: [Dovecot] LMTP benefit vs LDA Message-ID: <5094E7D6.5000109@mail.cgilfe.it> Hi to all, my question is what is benefit implementing LMTP service replacing LDA i have dovecot 2.1.8 with vpoipmail+qmail and about 500 users now i'm using LDA and i'm interested on LMTP service. Thanks in advance -- */Davide Marchi /Teorema Ferrara Srl /(Tel: /**/+39 0532 783161)/**/ (Fax: +/**/39 0532 783368/**/)/**//**/ /**//**/Davide.Marchi at mail.cgilfe.it <mailto:davide.marchi at mail.cgilfe.it?subject=Info> /CONFIDENZIALITA? *** Questo messaggio, inclusi gli eventuali allegati, ? indirizzato solo ai destinatari e pu? contenere informazioni riservate e confidenziali. Se avete ricevuto il messaggio senza esserne un destinatario, siete pregati di non utilizzare, copiare o distribuire questo messaggio o i suoi allegati. Se avete ricevuto il messaggio per errore, siete pregati di cancellarlo dal vostro sistema, assieme a tutti gli allegati, e di informare immediatamente il mittente,sia ai sensi dell'art. 616 c.p., sia ai sensi del DL n. 196/03. *CONFIDENTIALITY*** This message and any attachments are intended only for the use of the addressee(s) and may contain information that is privileged and/or confidential. If the reader of the message is not the intended recipient(s) or an authorized representative of the intended recipient(s), please do not use, copy, distribute this email or its attachments or take action based on them. If you have received this communication in error, please notify us immediately by email and delete the message and any attachments from your system. *Teorema FerraraSrl - Via Spronello, 7 - 44121 Ferrara Italia - P. IVA 01244490387** P**S**tampa questo messaggio solo se veramente necessario, pensa alla natura! - Please consider whether it is necessary to print this e-mail* From janfrode at tanso.net Sat Nov 3 12:19:16 2012 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Sat, 3 Nov 2012 11:19:16 +0100 Subject: [Dovecot] LMTP benefit vs LDA In-Reply-To: <5094E7D6.5000109@mail.cgilfe.it> References: <5094E7D6.5000109@mail.cgilfe.it> Message-ID: <CAHwPatgTfwOYQt2=6RCRnDNwHqLQgO=sYtqLEVE3ALGjuxR7Jw@mail.gmail.com> On Sat, Nov 3, 2012 at 10:45 AM, Davide <davide.marchi at mail.cgilfe.it> wrote: > Hi to all, > my question is what is benefit implementing LMTP service replacing LDA i > have dovecot 2.1.8 with vpoipmail+qmail and about 500 users now i'm using > LDA and i'm interested on LMTP service. > Thanks in advance For us it has the benefit that we don't need to run any SMTP servers on the backend dovecot servers, and we can have our frontend postfix servers deliver incoming messages trough the dovecot director so that the users are sticky to their servers. For a single server running everything, I don't know if there's any point. -jf From daniel.parthey at informatik.tu-chemnitz.de Sat Nov 3 14:41:49 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 3 Nov 2012 13:41:49 +0100 Subject: [Dovecot] LMTP benefit vs LDA In-Reply-To: <5094E7D6.5000109@mail.cgilfe.it> References: <5094E7D6.5000109@mail.cgilfe.it> Message-ID: <20121103124149.GA12562@daniel.localdomain> Davide wrote: > my question is what is benefit implementing LMTP service replacing > LDA i have dovecot 2.1.8 with vpoipmail+qmail and about 500 users > now i'm using LDA and i'm interested on LMTP service. with LMTP... * you dont need to care about mail filesystem permissions * you can use dovecot lmtp proxy and/or director * you don't need to spawn a new process for each message Regards Daniel -- https://plus.google.com/103021802792276734820 From jtam.home at gmail.com Sun Nov 4 10:16:00 2012 From: jtam.home at gmail.com (Joseph Tam) Date: Sun, 4 Nov 2012 01:16:00 -0700 (PDT) Subject: [Dovecot] LMTP benefit vs LDA In-Reply-To: <mailman.3270.1351946511.3160.dovecot@dovecot.org> References: <mailman.3270.1351946511.3160.dovecot@dovecot.org> Message-ID: <Pine.GSO.4.64.1211040057360.27220@mnc.zngu.hop.pn> Daniel Parthey writes: > Davide wrote: >> my question is what is benefit implementing LMTP service replacing >> LDA i have dovecot 2.1.8 with vpoipmail+qmail and about 500 users >> now i'm using LDA and i'm interested on LMTP service. > > with LMTP... > * you dont need to care about mail filesystem permissions > * you can use dovecot lmtp proxy and/or director > * you don't need to spawn a new process for each message One of the (potential) benefit is that a LMTP, because it can handle multiple recipients, has the ability to optimize I/O (or storage?) by using hardlinking to a single copy of a message (deduping). I don't know if Dovecot takes advantage of this in any way though. Joseph Tam <jtam.home at gmail.com> From cr at sys4.de Sun Nov 4 22:34:30 2012 From: cr at sys4.de (=?iso-8859-1?Q?Christian_R=F6=DFner?=) Date: Sun, 4 Nov 2012 21:34:30 +0100 Subject: [Dovecot] Quota Message-ID: <C513B517-18AD-4CDB-8A4E-76A2AD48FCD7@sys4.de> Hi, is it possible to ask Dovecot for a users quota by talking to the Dovecot server over TCP? I know about doveadm quota -u <user>, but I would like to know, if I can query for that over a network connection (on the Postfix ML they suggested writing a policy service that checks quota. Postfix is not always on the same server as Dovecot is). Does the LMTP protocol give that information somehow? I am not so familiar with LMTP. Or some Unix-Socket to query that could also be configured as inet_listener? Thanks in advance -Christian R??ner -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From daniel.parthey at informatik.tu-chemnitz.de Sun Nov 4 23:57:11 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sun, 4 Nov 2012 22:57:11 +0100 Subject: [Dovecot] Quota In-Reply-To: <C513B517-18AD-4CDB-8A4E-76A2AD48FCD7@sys4.de> References: <C513B517-18AD-4CDB-8A4E-76A2AD48FCD7@sys4.de> Message-ID: <20121104215711.GA12735@daniel.localdomain> Christian R??ner wrote: > is it possible to ask Dovecot for a users quota by talking to the Dovecot > server over TCP? I know about doveadm quota -u <user>, but I would like to > know, if I can query for that over a network connection (on the Postfix ML > they suggested writing a policy service that checks quota. Postfix is not > always on the same server as Dovecot is). > > Does the LMTP protocol give that information somehow? > I am not so familiar with LMTP. Or some Unix-Socket to > query that could also be configured as inet_listener? LMTP only returns an error if you're already over quota. You can query the quota of a specific mailbox via IMAP using GETQUOTAROOT: http://tools.ietf.org/rfc/rfc2087.txt Several script languages provide helper functions for this: perl: IMAP::Admin->get_quotaroot php: imap_get_quota ruby: Net::IMAP::MailboxQuota Regards Daniel -- https://plus.google.com/103021802792276734820 From cr at sys4.de Mon Nov 5 00:31:39 2012 From: cr at sys4.de (=?utf-8?Q?Christian_R=C3=B6=C3=9Fner?=) Date: Sun, 4 Nov 2012 23:31:39 +0100 Subject: [Dovecot] Quota In-Reply-To: <20121104215711.GA12735@daniel.localdomain> References: <C513B517-18AD-4CDB-8A4E-76A2AD48FCD7@sys4.de> <20121104215711.GA12735@daniel.localdomain> Message-ID: <C5E7083E-C2B8-417B-B9A1-AA636B839164@sys4.de> Hi > perl: IMAP::Admin->get_quotaroot > php: imap_get_quota > ruby: Net::IMAP::MailboxQuota python-imaplib in my case ;) If connecting from the policy service, can I use Dovecot master password to get quota over IMAP? Thanks again Christian > > Regards > Daniel > -- > https://plus.google.com/103021802792276734820 From tss at iki.fi Mon Nov 5 00:37:58 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 5 Nov 2012 00:37:58 +0200 Subject: [Dovecot] Quota In-Reply-To: <C513B517-18AD-4CDB-8A4E-76A2AD48FCD7@sys4.de> References: <C513B517-18AD-4CDB-8A4E-76A2AD48FCD7@sys4.de> Message-ID: <386ECE99-CE25-46E1-84DD-878B7B1BBA60@iki.fi> On 4.11.2012, at 22.34, Christian R??ner wrote: > is it possible to ask Dovecot for a users quota by talking to the Dovecot server over TCP? I know about doveadm quota -u <user>, but I would like to know, if I can query for that over a network connection (on the Postfix ML they suggested writing a policy service that checks quota. Postfix is not always on the same server as Dovecot is). > > Does the LMTP protocol give that information somehow? I am not so familiar with LMTP. Or some Unix-Socket to query that could also be configured as inet_listener? You could connect to doveadm-server socket and basically ask the "doveadm quota" command via it. There's not much documentation about it though. But I'm sure I've mentioned details a couple of times in this mailing list.. I've also had some plans to make a somewhat easier socket for asking this. Maybe using doveadm-server process, or maybe a whole new quota-query binary that can talk multiple protocols.. It would be pretty easy to do, mainly I just haven't been sure what would be the cleanest way to implement this. From daniel.parthey at informatik.tu-chemnitz.de Mon Nov 5 01:03:13 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Mon, 5 Nov 2012 00:03:13 +0100 Subject: [Dovecot] Quota In-Reply-To: <C5E7083E-C2B8-417B-B9A1-AA636B839164@sys4.de> References: <C513B517-18AD-4CDB-8A4E-76A2AD48FCD7@sys4.de> <20121104215711.GA12735@daniel.localdomain> <C5E7083E-C2B8-417B-B9A1-AA636B839164@sys4.de> Message-ID: <20121104230313.GA15736@daniel.localdomain> Christian R??ner wrote: > > perl: IMAP::Admin->get_quotaroot > > php: imap_get_quota > > ruby: Net::IMAP::MailboxQuota > > python-imaplib in my case ;) > > If connecting from the policy service, can I use Dovecot master password to get quota over IMAP? Yes, I think a master user login should work as if the user has logged in. If you store quota in a database, the policy service could query the database. Regards Daniel -- https://plus.google.com/103021802792276734820 From calestyo at scientia.net Mon Nov 5 01:20:15 2012 From: calestyo at scientia.net (Christoph Anton Mitterer) Date: Mon, 05 Nov 2012 00:20:15 +0100 Subject: [Dovecot] maildir S= and W= In-Reply-To: <5091312F.1080603@skye.it> References: <1351645983.24721.0.camel@fermat.scientia.net> <5090D14B.9080805@skye.it> <1351683711.7825.0.camel@heisenberg.scientia.net> <509113CB.7020402@skye.it> <1351691732.8425.1.camel@heisenberg.scientia.net> <5091312F.1080603@skye.it> Message-ID: <1352071215.4979.9.camel@fermat.scientia.net> FYI: On Wed, 2012-10-31 at 15:09 +0100, Alessio Cecchi wrote: > Yes, W= is not set by maildrop I had some conversation with Sam (the maildrop upstream), who said he would accept a patch adding ,W= support to maildrop. He may even look at it himself, when he should ever find some time being very bored ;) Given that maildrop is one of the most important MDAs, perhaps someone of the dovecot developers may have also an interest in this :) Cheers, Chris. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5113 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121105/ee8d9bde/attachment-0004.bin> From dave at boostpro.com Mon Nov 5 04:51:28 2012 From: dave at boostpro.com (Dave Abrahams) Date: Sun, 04 Nov 2012 21:51:28 -0500 Subject: [Dovecot] [bump] Re: "starting" dovecot References: <m2zk31gja8.fsf@pluto.luannocracy.com> <m2390sfnle.fsf@cone.luannocracy.com> Message-ID: <m2390obw3z.fsf_-_@pluto.luannocracy.com> Timo? on Fri Nov 02 2012, Dave Abrahams <dave-AT-boostpro.com> wrote: > on Thu Nov 01 2012, Dave Abrahams <dave-AT-boostpro.com> wrote: > >> My system never issues the "dovecot start" command. I do, however, run >> /usr/local/libexec/dovecot/imap on port 9xxx. I talk to the server >> through port 9xxx and through the preauth tunnel. Is this arrangement >> OK? Are there some things that will only work if "dovecot" is invoked? > > In particular, I'm curious because of messages like the one below that I > got from "doveadm search": > > doveadm(dave): Error: > net_connect_unix(/usr/local/var/run/dovecot/indexer) failed: No such > file or directory > > Is the lack of this (or any other) socket attributable to not having > started dovecot itself? -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From daniel.parthey at informatik.tu-chemnitz.de Mon Nov 5 05:04:29 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Mon, 5 Nov 2012 04:04:29 +0100 Subject: [Dovecot] "starting" dovecot In-Reply-To: <m2zk31gja8.fsf@pluto.luannocracy.com> References: <m2zk31gja8.fsf@pluto.luannocracy.com> Message-ID: <20121105030429.GA19861@daniel.localdomain> Hi Dave, Dave Abrahams wrote: > My system never issues the "dovecot start" command. I do, however, run > /usr/local/libexec/dovecot/imap on port 9xxx. I talk to the server > through port 9xxx and through the preauth tunnel. Is this arrangement > OK? No, most probably not. You try to investigate why dovecot does not run: http://wiki2.dovecot.org/WhyDoesItNotWork Show your "doveconf -n" output and dovecot logfile content please. > Are there some things that will only work if "dovecot" is invoked? The dovecot main process spawns all the services and sockets, you should invoke service binaries directly only for debugging purposes. Regards Daniel -- https://plus.google.com/103021802792276734820 From cr at sys4.de Mon Nov 5 10:05:27 2012 From: cr at sys4.de (=?iso-8859-1?Q?Christian_R=F6=DFner?=) Date: Mon, 5 Nov 2012 09:05:27 +0100 Subject: [Dovecot] Quota In-Reply-To: <20121104230313.GA15736@daniel.localdomain> References: <C513B517-18AD-4CDB-8A4E-76A2AD48FCD7@sys4.de> <20121104215711.GA12735@daniel.localdomain> <C5E7083E-C2B8-417B-B9A1-AA636B839164@sys4.de> <20121104230313.GA15736@daniel.localdomain> Message-ID: <20741D9A-A20D-435B-8B77-1E85C79761FC@sys4.de> Hi, >> If connecting from the policy service, can I use Dovecot master password to get quota over IMAP? > > Yes, I think a master user login should work as if the user has logged in. > > If you store quota in a database, the policy service could query the database. thanks a lot for your information. I have written a policy service in python for Postfix that can check "over quota" in Dovecot. Using IMAPS and the master user to check quota. If someone is interested, I can send a copy off list. -Christian R??ner -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From dave at boostpro.com Mon Nov 5 12:15:35 2012 From: dave at boostpro.com (Dave Abrahams) Date: Mon, 05 Nov 2012 05:15:35 -0500 Subject: [Dovecot] "starting" dovecot In-Reply-To: <20121105030429.GA19861@daniel.localdomain> (Daniel Parthey's message of "Mon, 5 Nov 2012 04:04:29 +0100") References: <m2zk31gja8.fsf@pluto.luannocracy.com> <20121105030429.GA19861@daniel.localdomain> Message-ID: <m2ip9k9wzc.fsf@pluto.luannocracy.com> on Sun Nov 04 2012, Daniel Parthey <daniel.parthey-AT-informatik.tu-chemnitz.de> wrote: > Hi Dave, > > Dave Abrahams wrote: >> My system never issues the "dovecot start" command. I do, however, run >> /usr/local/libexec/dovecot/imap on port 9xxx. I talk to the server >> through port 9xxx and through the preauth tunnel. Is this arrangement >> OK? > > No, most probably not. You try to investigate why dovecot does not run: > http://wiki2.dovecot.org/WhyDoesItNotWork I know why it doesn't run: it doesn't run because I haven't done anything to make it run (e.g. no init script launches it). I've been running its "imap" executable from an init script (or launchd, the equivalent on my Mac), and most things seem to work just fine. > Show your "doveconf -n" output and dovecot logfile content please. It's on a different machine than the one I'm using. I could post it later if you still think it's a good idea. >> Are there some things that will only work if "dovecot" is invoked? > > The dovecot main process spawns all the services and sockets, > you should invoke service binaries directly only for debugging purposes. OK, I think this is the definitive answer I was looking for. Thanks very much! -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From mrubinsk at horde.org Mon Nov 5 18:13:33 2012 From: mrubinsk at horde.org (Michael J Rubinsky) Date: Mon, 05 Nov 2012 11:13:33 -0500 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE Message-ID: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> I've been seeing the following wonky behavior with Dovecot. Currently this is with Dovecot 2.0.19, but I was also seeing it in earlier versions as well, including versions from the 1.x series. Some background, this is from Horde's ActiveSync library, when it is trying to determine what UIDs have recently been expunged. I can guarantee that when this command was sent, there was only one or two emails that were removed since the provided MODSEQ value. C: 8 UID FETCH 1:* UID (VANISHED CHANGEDSINCE 587742) S: * VANISHED (EARLIER) 1:119944,119947:123482,123484:128043,128045:130388,130390:130456,130458:132127,132129:135832,135834:136201,136203:136301,136303:136316,136318:138502,138504:140099,140101:141908,141910:142607,142609:142744,142746:142865,142867:143160,143164:143173,143176:143179,143181:143187,143189:143190,143192:143195,143197:143270,143272:143273,143275:143280,143282:143302,143305:143307,143309:143318,143320:143333,143335:143337,143339:143341,143343:143375,143377:143400,143402:143551,143553:143637,143640:143706,143708:144069,144071:144178,144180:144307,144309:144316,144318:144329,144331:144931,144933:144983,144985:145000,145002:145069,145071:145072,145074:145132,145136:145178,145180:145191,145193 Also, to verify it wasn't something screwy with my server, Michael Slusarz provided me with this from his server: <quote> There's definitely something wonky going on in the code. There's a certain tipping point of modseqs where the values become incorrect. For a mailbox with HIGHESTMODSEQ of 54004, I see this: a uid fetch 1:* UID (VANISHED CHANGEDSINCE 53881) * VANISHED (EARLIER) 1:37308,37310:40788,40791:41032,41034:41083 a OK Fetch completed. b uid fetch 1:* UID (VANISHED CHANGEDSINCE 53882) * VANISHED (EARLIER) 41029:41030,41047:41083 b OK Fetch completed. </quote> Thanks for any guidance. -- mike The Horde Project (www.horde.org) mrubinsk at horde.org -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 6062 bytes Desc: S/MIME Cryptographic Signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121105/c62a8af1/attachment-0004.bin> From slusarz at curecanti.org Mon Nov 5 20:06:52 2012 From: slusarz at curecanti.org (Michael M Slusarz) Date: Mon, 05 Nov 2012 11:06:52 -0700 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> Message-ID: <20121105110652.Horde.ZrxCN4F5lbhQmAA8mg3zyOA@bigworm.curecanti.org> Quoting Michael J Rubinsky <mrubinsk at horde.org>: > Also, to verify it wasn't something screwy with my server, Michael > Slusarz provided me with this from his server: > > <quote> > There's definitely something wonky going on in the code. There's a > certain tipping point of modseqs where the values become incorrect. > For a mailbox with HIGHESTMODSEQ of 54004, I see this: > > a uid fetch 1:* UID (VANISHED CHANGEDSINCE 53881) > * VANISHED (EARLIER) 1:37308,37310:40788,40791:41032,41034:41083 > a OK Fetch completed. > b uid fetch 1:* UID (VANISHED CHANGEDSINCE 53882) > * VANISHED (EARLIER) 41029:41030,41047:41083 > b OK Fetch completed. > </quote> FYI, this is output from Dovecot 2.1.10. michael From tss at iki.fi Mon Nov 5 20:16:03 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 5 Nov 2012 20:16:03 +0200 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> Message-ID: <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> On 5.11.2012, at 18.13, Michael J Rubinsky wrote: > I've been seeing the following wonky behavior with Dovecot. Currently this is with Dovecot 2.0.19, but I was also seeing it in earlier versions as well, including versions from the 1.x series. Some background, this is from Horde's ActiveSync library, when it is trying to determine what UIDs have recently been expunged. I can guarantee that when this command was sent, there was only one or two emails that were removed since the provided MODSEQ value. .. > <quote> > There's definitely something wonky going on in the code. There's a certain tipping point of modseqs where the values become incorrect. I don't think they become incorrect, just that there are more of them than really necessary? Yes, there's a tipping point. It's when the modseq no longer exists in the dovecot.index.log* files, which get rotated once in a while. This shouldn't happen very often. > For a mailbox with HIGHESTMODSEQ of 54004, I see this: > > a uid fetch 1:* UID (VANISHED CHANGEDSINCE 53881) > * VANISHED (EARLIER) 1:37308,37310:40788,40791:41032,41034:41083 > a OK Fetch completed. > b uid fetch 1:* UID (VANISHED CHANGEDSINCE 53882) > * VANISHED (EARLIER) 41029:41030,41047:41083 > b OK Fetch completed. > </quote> So in b) case Dovecot read the dovecot.index.log and returned the expunges found from there. In a) case it didn't know what was expunged since the modseq, so it returned UIDs of all the expunged mails. From mrubinsk at horde.org Mon Nov 5 20:37:48 2012 From: mrubinsk at horde.org (Michael J Rubinsky) Date: Mon, 05 Nov 2012 13:37:48 -0500 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> Message-ID: <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> Quoting Timo Sirainen <tss at iki.fi>: > On 5.11.2012, at 18.13, Michael J Rubinsky wrote: > >> I've been seeing the following wonky behavior with Dovecot. >> Currently this is with Dovecot 2.0.19, but I was also seeing it in >> earlier versions as well, including versions from the 1.x series. >> Some background, this is from Horde's ActiveSync library, when it >> is trying to determine what UIDs have recently been expunged. I >> can guarantee that when this command was sent, there was only one >> or two emails that were removed since the provided MODSEQ value. > .. >> <quote> >> There's definitely something wonky going on in the code. There's a >> certain tipping point of modseqs where the values become incorrect. > > I don't think they become incorrect, just that there are more of > them than really necessary? Yes, there's a tipping point. It's when > the modseq no longer exists in the dovecot.index.log* files, which > get rotated once in a while. This shouldn't happen very often. FYI, I see this about once every two weeks, sometimes more frequently. Is there anything we can do to reduce the chance of this happening? -- mike The Horde Project (www.horde.org) mrubinsk at horde.org -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 6062 bytes Desc: S/MIME Cryptographic Signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121105/f2e3f96d/attachment-0004.bin> From tss at iki.fi Mon Nov 5 20:43:46 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 5 Nov 2012 20:43:46 +0200 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> Message-ID: <CEC36A2A-C750-4DCB-A99C-273E9C562F47@iki.fi> On 5.11.2012, at 20.37, Michael J Rubinsky wrote: >> On 5.11.2012, at 18.13, Michael J Rubinsky wrote: >> >>> I've been seeing the following wonky behavior with Dovecot. Currently this is with Dovecot 2.0.19, but I was also seeing it in earlier versions as well, including versions from the 1.x series. Some background, this is from Horde's ActiveSync library, when it is trying to determine what UIDs have recently been expunged. I can guarantee that when this command was sent, there was only one or two emails that were removed since the provided MODSEQ value. >> .. >>> <quote> >>> There's definitely something wonky going on in the code. There's a certain tipping point of modseqs where the values become incorrect. >> >> I don't think they become incorrect, just that there are more of them than really necessary? Yes, there's a tipping point. It's when the modseq no longer exists in the dovecot.index.log* files, which get rotated once in a while. This shouldn't happen very often. > > FYI, I see this about once every two weeks, sometimes more frequently. Is there anything we can do to reduce the chance of this happening? How do you see it? Does it break something? Why? You can change it only by increasing the dovecot.index.log sizes, which requires changing the code. From skdovecot at smail.inf.fh-brs.de Mon Nov 5 20:58:06 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Mon, 5 Nov 2012 19:58:06 +0100 (CET) Subject: [Dovecot] %{ldap:nonExistantAttribut} (was Re: v2.2.alpha1 released) In-Reply-To: <1351544456.13571.102.camel@hurina> References: <1351544456.13571.102.camel@hurina> Message-ID: <alpine.DEB.1.10.1211051947560.7480@pc-2m63a.inf.fh-bonn-rhein-sieg.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 29 Oct 2012, Timo Sirainen wrote: this syntax is now replaced by an empty string, if the attribute is missing, instead of generating a backtrace as in v2.1. http://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb?highlight=(%25{ldap) is the only reference I found so far and the TODO file. If the attribute does not exist, there should be a default value, you can specify, e.g.: %{ldap:attrName[,]:default value} . [,] the optional delimiter from the TODO. Or if the attribute is missing, the rule is ignored. Kind regards, - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUJgMPmoxLS8a3A9mAQJzRAf8CNz8vs4JkYisO52ajT8fzYsv8cHSHeqH G9Tqnz3IM2UjxRkSHWh3XJcf8pG2tmAns7ib1nH3WUuz99I3JG6exxiOX+PhdZnF BXWQRRSUXl5xsf1qqOIqNXTtqSwzEY/ucXrZi8ZdzYPArq2cN6YDsI/qacgyS+Md c1BWxdtC3DX1d+aBYreQ8oopyhahaLYS6p366bkh5Olemjb9ofkhJfi1EoUpXko3 pU+wXovIXH5xhvlis91FUJfF6gk1zGfBBcnhym/EJVkRyNMf+smeUL1AcGvLs0FJ scCq/QU9U9t4C91aooQzdiE+p4i9I2mpprPJsC2Bb4FdnlSQbspjDQ== =Xp2l -----END PGP SIGNATURE----- From mrubinsk at horde.org Mon Nov 5 20:59:51 2012 From: mrubinsk at horde.org (Michael J Rubinsky) Date: Mon, 05 Nov 2012 13:59:51 -0500 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <CEC36A2A-C750-4DCB-A99C-273E9C562F47@iki.fi> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <CEC36A2A-C750-4DCB-A99C-273E9C562F47@iki.fi> Message-ID: <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> Quoting Timo Sirainen <tss at iki.fi>: > On 5.11.2012, at 20.37, Michael J Rubinsky wrote: > >>> On 5.11.2012, at 18.13, Michael J Rubinsky wrote: >>> >>>> I've been seeing the following wonky behavior with Dovecot. >>>> Currently this is with Dovecot 2.0.19, but I was also seeing it >>>> in earlier versions as well, including versions from the 1.x >>>> series. Some background, this is from Horde's ActiveSync >>>> library, when it is trying to determine what UIDs have recently >>>> been expunged. I can guarantee that when this command was sent, >>>> there was only one or two emails that were removed since the >>>> provided MODSEQ value. >>> .. >>>> <quote> >>>> There's definitely something wonky going on in the code. There's >>>> a certain tipping point of modseqs where the values become >>>> incorrect. >>> >>> I don't think they become incorrect, just that there are more of >>> them than really necessary? Yes, there's a tipping point. It's >>> when the modseq no longer exists in the dovecot.index.log* files, >>> which get rotated once in a while. This shouldn't happen very often. >> >> FYI, I see this about once every two weeks, sometimes more >> frequently. Is there anything we can do to reduce the chance of >> this happening? > > How do you see it? Does it break something? Why? > > You can change it only by increasing the dovecot.index.log sizes, > which requires changing the code. It breaks ActiveSync synchronization of mailboxes. When this happens, the sync state of the mailbox needs to be reset, which causes the entire mailbox to be resynchronized to the mobile device. This can lead to a not-insignificant amount of wasted bandwidth and battery power for the device. There have been times when this has happened multiple times in a single day. Not resetting the state leads to multiple issues on the device due to sending it thousands of deletion commands for messages it knows nothing about. -- mike The Horde Project (www.horde.org) mrubinsk at horde.org -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 6062 bytes Desc: S/MIME Cryptographic Signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121105/21a6ea0a/attachment-0004.bin> From slusarz at curecanti.org Mon Nov 5 21:43:11 2012 From: slusarz at curecanti.org (Michael M Slusarz) Date: Mon, 05 Nov 2012 12:43:11 -0700 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <CEC36A2A-C750-4DCB-A99C-273E9C562F47@iki.fi> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> Message-ID: <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> Quoting Michael J Rubinsky <mrubinsk at horde.org>: >>>> I don't think they become incorrect, just that there are more of >>>> them than really necessary? Yes, there's a tipping point. It's >>>> when the modseq no longer exists in the dovecot.index.log* files, >>>> which get rotated once in a while. This shouldn't happen very >>>> often. >>> >>> FYI, I see this about once every two weeks, sometimes more >>> frequently. Is there anything we can do to reduce the chance of >>> this happening? >> >> How do you see it? Does it break something? Why? >> >> You can change it only by increasing the dovecot.index.log sizes, >> which requires changing the code. > > It breaks ActiveSync synchronization of mailboxes. When this > happens, the sync state of the mailbox needs to be reset, which > causes the entire mailbox to be resynchronized to the mobile device. > This can lead to a not-insignificant amount of wasted bandwidth and > battery power for the device. There have been times when this has > happened multiple times in a single day. > > Not resetting the state leads to multiple issues on the device due > to sending it thousands of deletion commands for messages it knows > nothing about. My argument is much simpler: it is blatantly breaking the RFC. From RFC 5162 [3.2]: The VANISHED UID FETCH modifier instructs the server to report those messages from the UID set parameter that have been expunged and whose associated mod-sequence is larger than the specified mod-sequence. **That is, the client requests to be informed of messages from the specified set that were expunged since the specified mod-sequence.** (emphasis added) If you are including UIDs in the FETCH return that have NOT been expunged since the given mod-sequence, that directly contradicts this language. The clear intent of VANISHED UID FETCH is to provide the list of messages that existed in the mailbox at mod-sequence and no longer exist in the mailbox as of the current HIGHESTMODSEQ. As Mike R. has demonstrated, it is plausible that an MUA can only provide the MODSEQ of its cache state and has no knowledge of the UIDs it has actually cached. So having to parse through a (potentially) giant list of UIDs can be a performance killer (imagine the wasted bandwidth of having to upload a million UIDs to a phone every time you sync). michael From tss at iki.fi Mon Nov 5 23:28:07 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 05 Nov 2012 23:28:07 +0200 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <CEC36A2A-C750-4DCB-A99C-273E9C562F47@iki.fi> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> Message-ID: <1352150887.13571.105.camel@hurina> On Mon, 2012-11-05 at 12:43 -0700, Michael M Slusarz wrote: > My argument is much simpler: it is blatantly breaking the RFC. From > RFC 5162 [3.2]: > > The VANISHED UID FETCH modifier instructs the server to report those > messages from the UID set parameter that have been expunged and whose > associated mod-sequence is larger than the specified mod-sequence. > **That is, the client requests to be informed of messages from the > specified set that were expunged since the specified > mod-sequence.** (emphasis added) > > If you are including UIDs in the FETCH return that have NOT been > expunged since the given mod-sequence, that directly contradicts this > language. The clear intent of VANISHED UID FETCH is to provide the > list of messages that existed in the mailbox at mod-sequence and no > longer exist in the mailbox as of the current HIGHESTMODSEQ. That would require infinitely storing the modseq of when each message was expunged. Not very nice. Also the RFC talks a lot about this situation. The SELECT command has two optional parameters to optimize it. From tss at iki.fi Mon Nov 5 23:40:33 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 05 Nov 2012 23:40:33 +0200 Subject: [Dovecot] v2.1 memory usage In-Reply-To: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> References: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> Message-ID: <1352151633.13571.116.camel@hurina> On Tue, 2012-09-11 at 21:43 +0300, Timo Sirainen wrote: > v2.1's imap/pop3 processes are linked with OpenSSL by default, because of imapc/pop3c storages. I wonder if you notice any actual (system-global) memory usage reduction when compiling without those and you have thousands of imap processes? > > ./configure --with-storages=mdbox sdbox maildir mbox cydir > > I guess I could try it myself also but maybe someone else wanting to reduce memory usage is quicker? :) > > Related to that, you can look at where imap processes' memory goes with: http://dovecot.org/tools/linux-maps-parse-imap.pl > I don't know how much memory those (writable!) file-backed memory areas actually use per-process. Maybe nothing, maybe something.. http://dovecot.org/tmp/proctest.sh can be used to easily test this. Looks like simply linking a binary with -lcrypto increases each process's memory usage by something like: * RHEL5: 50 kB * RHEL6/Debian/Ubuntu: 150-200 kB * Solaris: 100 kB * OpenBSD: 20 kB * OSX: 0 kB Looks like it's the linker that uses up all of this memory. I'm not sure why exactly though, I couldn't create a test library that had the same effect. I also tried imap binary that was statically built vs. linked with libdovecot*.so, and the difference was pretty small (.so used maybe 10-20k more). Anyway, looks like Dovecot can't link OpenSSL to imap/pop3 processes without wasting a ton of memory. In v2.2 I already moved imapc/pop3c backend code to plugins to avoid this. Looks like similar ugliness is needed for other features/backends also that may end up using SSL code. (We were wondering with Stephan what to do about his new HTTP library code that added support for SSL. It would be nice to keep it in the core libdovecot.so, but not if it links with SSL. So looks like we'll need some kind of a http-ssl plugin that is loaded only when needed.) From rgelfand2 at gmail.com Tue Nov 6 01:19:14 2012 From: rgelfand2 at gmail.com (Roman Gelfand) Date: Mon, 5 Nov 2012 18:19:14 -0500 Subject: [Dovecot] Security precautions for remote clients Message-ID: <CAJbW+rnc1sZYuAdCFk=c1DiHip7t60+M0G_GsnAiJDEY060OBA@mail.gmail.com> Where can I find something like remote client secure dovecot best practices or, perhaps, if there is not many, if you could list major configuration/setup points. Thanks in advance From tss at iki.fi Tue Nov 6 01:22:37 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 06 Nov 2012 01:22:37 +0200 Subject: [Dovecot] v2.1 memory usage In-Reply-To: <1352151633.13571.116.camel@hurina> References: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> <1352151633.13571.116.camel@hurina> Message-ID: <1352157757.13571.121.camel@hurina> On Mon, 2012-11-05 at 23:40 +0200, Timo Sirainen wrote: > Anyway, looks like Dovecot can't link OpenSSL to imap/pop3 processes > without wasting a ton of memory. In v2.2 I already moved imapc/pop3c > backend code to plugins to avoid this. Looks like similar ugliness is > needed for other features/backends also that may end up using SSL code. > (We were wondering with Stephan what to do about his new HTTP library > code that added support for SSL. It would be nice to keep it in the core > libdovecot.so, but not if it links with SSL. So looks like we'll need > some kind of a http-ssl plugin that is loaded only when needed.) Implemented it a bit easier way that also gets rid of imapc/pop3c plugins and simplifies other things: lib-ssl-iostream now loads OpenSSL dynamically: http://hg.dovecot.org/dovecot-2.2/rev/68d21f872fd7 This also provides a nice abstraction to OpenSSL, making it again possible to implement other backends like GnuTLS or NSS. (Except login process code doesn't use lib-ssl-iostream yet.) From mrubinsk at horde.org Tue Nov 6 03:49:53 2012 From: mrubinsk at horde.org (Michael J Rubinsky) Date: Mon, 05 Nov 2012 20:49:53 -0500 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <1352150887.13571.105.camel@hurina> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <CEC36A2A-C750-4DCB-A99C-273E9C562F47@iki.fi> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> Message-ID: <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> Quoting Timo Sirainen <tss at iki.fi>: > On Mon, 2012-11-05 at 12:43 -0700, Michael M Slusarz wrote: >> My argument is much simpler: it is blatantly breaking the RFC. From >> RFC 5162 [3.2]: >> >> The VANISHED UID FETCH modifier instructs the server to report those >> messages from the UID set parameter that have been expunged and whose >> associated mod-sequence is larger than the specified mod-sequence. >> **That is, the client requests to be informed of messages from the >> specified set that were expunged since the specified >> mod-sequence.** (emphasis added) >> >> If you are including UIDs in the FETCH return that have NOT been >> expunged since the given mod-sequence, that directly contradicts this >> language. The clear intent of VANISHED UID FETCH is to provide the >> list of messages that existed in the mailbox at mod-sequence and no >> longer exist in the mailbox as of the current HIGHESTMODSEQ. > > That would require infinitely storing the modseq of when each message > was expunged. Not very nice. Also the RFC talks a lot about this > situation. The SELECT command has two optional parameters to optimize > it. The RFC *does* indicate that a server implementation could, strictly speaking, be considered in compliance without remembering modsequences for all expunged messages, but it does explicitly discourage such implementations. From RFC 5162 [4.1]: Strictly speaking, a server implementation that doesn't remember mod- sequences associated with expunged messages can be considered compliant with this specification. Such implementations return all expunged messages specified in the UID set of the UID FETCH (VANISHED) command every time, without paying attention to the specified CHANGEDSINCE mod-sequence. Such implementations are discouraged, as they can end up returning VANISHED responses that are bigger than the result of a UID SEARCH command for the same UID set. Clients that use the message sequence match data can reduce the scope of this VANISHED response substantially in the typical case where expunges have not happened, or happen only toward the end of the mailbox. It also gives advice to avoid infinitely storing the modsequences such as "expiring" sequences associated with older expunged messages, but assigning a single modsequence value to all of the expired expunged messages. -- mike The Horde Project (www.horde.org) mrubinsk at horde.org -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 6062 bytes Desc: S/MIME Cryptographic Signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121105/78fdff80/attachment-0004.bin> From massimiliano at cianelli.eu Tue Nov 6 07:09:55 2012 From: massimiliano at cianelli.eu (Massimiliano Cianelli) Date: Tue, 06 Nov 2012 06:09:55 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. Message-ID: <xndp03a53uf87fh3ljptt6i7.1352177540982@email.android.com> Hi, My setup: Dovecot 2 latest, installed to replace courrier IMAP, and off course configured with the dot separator and all folder under INBOX.*. The problem: My phone was driving me mad during the test, due that it will only recognize Inbox. How found the solution: I've started sniffing IMAP traffic on my server and ended up with one difference: On courier it ask for namespace, on dovecot it won't. I gives a better look, and noticed that courier show namespace capability on prelogin banner, adding it too solved the problem. Reason: Android ICS stock client seems do not honor the capability gived after the login. Request: Maybe is possible to put namespace capability in prelogin banner for the next version? That will solve trouble with a setup like the mine and android stock email client. Thank you, Best regards Sent from Galaxy Nexus From ben at morrow.me.uk Tue Nov 6 08:08:31 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Tue, 6 Nov 2012 06:08:31 +0000 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: <xndp03a53uf87fh3ljptt6i7.1352177540982@email.android.com> References: <xndp03a53uf87fh3ljptt6i7.1352177540982@email.android.com> Message-ID: <20121106060831.GA37663@anubis.morrow.me.uk> At 6AM +0100 on 6/11/12 you (Massimiliano Cianelli) wrote: > Hi, > > My setup: > Dovecot 2 latest, installed to replace courrier IMAP, and off course > configured with the dot separator and all folder under INBOX.*. > > The problem: > My phone was driving me mad during the test, due that it will only > recognize Inbox. > > How found the solution: > I've started sniffing IMAP traffic on my server and ended up with one > difference: > On courier it ask for namespace, on dovecot it won't. > > I gives a better look, and noticed that courier show namespace > capability on prelogin banner, adding it too solved the problem. > > Reason: > Android ICS stock client seems do not honor the capability gived after > the login. See http://wiki2.dovecot.org/Upgrading/2.0?highlight=%28capability%29 ; you need to set imap_capability and/or get your client fixed. Ben From alessio at skye.it Tue Nov 6 09:24:26 2012 From: alessio at skye.it (Alessio Cecchi) Date: Tue, 06 Nov 2012 08:24:26 +0100 Subject: [Dovecot] Security precautions for remote clients In-Reply-To: <CAJbW+rnc1sZYuAdCFk=c1DiHip7t60+M0G_GsnAiJDEY060OBA@mail.gmail.com> References: <CAJbW+rnc1sZYuAdCFk=c1DiHip7t60+M0G_GsnAiJDEY060OBA@mail.gmail.com> Message-ID: <5098BB2A.2020206@skye.it> Il 06/11/2012 00:19, Roman Gelfand ha scritto: > Where can I find something like remote client secure dovecot best > practices or, perhaps, if there is not many, if you could list major > configuration/setup points. > > Thanks in advance > Dovecot configuration is secure by default. For more information see "High-security mode" in Wiki http://wiki2.dovecot.org/LoginProcess Ciao -- Alessio Cecchi is: @ ILS -> http://www.linux.it/~alessice/ on LinkedIn -> http://www.linkedin.com/in/alessice Assistenza Sistemi GNU/Linux -> http://www.cecchi.biz/ @ PLUG -> ex-Presidente, adesso senatore a vita, http://www.prato.linux.it From alessio at skye.it Tue Nov 6 09:32:58 2012 From: alessio at skye.it (Alessio Cecchi) Date: Tue, 06 Nov 2012 08:32:58 +0100 Subject: [Dovecot] LMTP benefit vs LDA In-Reply-To: <20121103124149.GA12562@daniel.localdomain> References: <5094E7D6.5000109@mail.cgilfe.it> <20121103124149.GA12562@daniel.localdomain> Message-ID: <5098BD2A.9010704@skye.it> Il 03/11/2012 13:41, Daniel Parthey ha scritto: > Davide wrote: >> my question is what is benefit implementing LMTP service replacing >> LDA i have dovecot 2.1.8 with vpoipmail+qmail and about 500 users >> now i'm using LDA and i'm interested on LMTP service. > with LMTP... [...] > * you don't need to spawn a new process for each message For me this options is the most valuable. I'm also running qmail+vpopmail and dovecot as LDA and with thousand of users spawn a new process for each message could be a problem. But you need to swith to postfix, or have you some idea on how to run qmail and LMTP together? -- Alessio Cecchi is: @ ILS -> http://www.linux.it/~alessice/ on LinkedIn -> http://www.linkedin.com/in/alessice Assistenza Sistemi GNU/Linux -> http://www.cecchi.biz/ @ PLUG -> ex-Presidente, adesso senatore a vita, http://www.prato.linux.it From cr at sys4.de Tue Nov 6 09:59:31 2012 From: cr at sys4.de (=?iso-8859-1?Q?Christian_R=F6=DFner?=) Date: Tue, 6 Nov 2012 08:59:31 +0100 Subject: [Dovecot] sieve Message-ID: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> Hi, is there a sieve option that can reject a mail directly without creating a new mail and sending that out? I know about reject "Reject message goes here"; but I am looking for a mechanism that can reject Mail. Postfix can use reject_unverified_recipient to connect to LMTP and ask if a mail would successfully be enqueued and will return the status gotten from the LMTP server if not. Chances are high that the mechanism would work, too, if Dovecot would know about the sieve rule, while getting a connection on LMTP. Does Dovecot know all rules at this point or is sieve handled after the mail has already been accepted? Kind regards -Christian R??ner -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From tom at whyscream.net Tue Nov 6 10:18:46 2012 From: tom at whyscream.net (Tom Hendrikx) Date: Tue, 06 Nov 2012 09:18:46 +0100 Subject: [Dovecot] sieve In-Reply-To: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> References: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> Message-ID: <5098C7E6.7090903@whyscream.net> On 11/6/12 8:59 AM, Christian R??ner wrote: > Hi, > > is there a sieve option that can reject a mail directly without > creating a new mail and sending that out? I know about > > reject "Reject message goes here"; > > but I am looking for a mechanism that can reject Mail. Postfix can > use reject_unverified_recipient to connect to LMTP and ask if a mail > would successfully be enqueued and will return the status gotten from > the LMTP server if not. Chances are high that the mechanism would > work, too, if Dovecot would know about the sieve rule, while getting > a connection on LMTP. Does Dovecot know all rules at this point or is > sieve handled after the mail has already been accepted? > I have no idea if your above idea would actually work, but having followed your questions on the postfix ml and your interests in using reject_unverified_recipient and its cache with lmtp, it would be very unwise to cache deliverability on the postfix side based on sieve results, since sieve is able to reject/bounce on any part of the message including message body contents and such. This could lead to very unpredictable rejects to unrelated messages, since the cache could obtain reject policies from sieve for a recipient based on a single rejected message containing the word '<insert spammy term here>'. -- Tom From cr at sys4.de Tue Nov 6 10:29:42 2012 From: cr at sys4.de (=?iso-8859-1?Q?Christian_R=F6=DFner?=) Date: Tue, 6 Nov 2012 09:29:42 +0100 Subject: [Dovecot] sieve In-Reply-To: <5098C7E6.7090903@whyscream.net> References: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> <5098C7E6.7090903@whyscream.net> Message-ID: <F3890D25-7C0A-47B4-A9BB-2988EC3FCE1C@sys4.de> Hi, >> but I am looking for a mechanism that can reject Mail. Postfix can >> use reject_unverified_recipient to connect to LMTP and ask if a mail >> would successfully be enqueued and will return the status gotten from >> the LMTP server if not. Chances are high that the mechanism would >> work, too, if Dovecot would know about the sieve rule, while getting >> a connection on LMTP. Does Dovecot know all rules at this point or is >> sieve handled after the mail has already been accepted? >> > > I have no idea if your above idea would actually work, but having > followed your questions on the postfix ml and your interests in using > reject_unverified_recipient and its cache with lmtp, it would be very > unwise to cache deliverability on the postfix side based on sieve > results, since sieve is able to reject/bounce on any part of the message > including message body contents and such. yes I know what you mean. The problem is that a user can decide to "reject" not based on "from" leading in rejects to other mails coming in to the same user. Probably a problem. The idea came up, as I work for a little ISP/ESP here. Sometimes I get calls, where I get asked if I could reject mails from "xyz". And with a robut good working mechanism, where people could reject on their on decisions would make things easier. So I thought about sieve as being a workable solution. Another solution would be to write some kind of milter/policy-service with a web-interface, where people can reject mails directly on the postfix side. But this is a lot of work. Kind regards -Christian R??ner -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From rs at sys4.de Tue Nov 6 10:47:15 2012 From: rs at sys4.de (Robert Schetterer) Date: Tue, 06 Nov 2012 09:47:15 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: <20121106060831.GA37663@anubis.morrow.me.uk> References: <xndp03a53uf87fh3ljptt6i7.1352177540982@email.android.com> <20121106060831.GA37663@anubis.morrow.me.uk> Message-ID: <5098CE93.8060101@sys4.de> Am 06.11.2012 07:08, schrieb Ben Morrow: > At 6AM +0100 on 6/11/12 you (Massimiliano Cianelli) wrote: >> Hi, >> >> My setup: >> Dovecot 2 latest, installed to replace courrier IMAP, and off course >> configured with the dot separator and all folder under INBOX.*. >> >> The problem: >> My phone was driving me mad during the test, due that it will only >> recognize Inbox. >> >> How found the solution: >> I've started sniffing IMAP traffic on my server and ended up with one >> difference: >> On courier it ask for namespace, on dovecot it won't. >> >> I gives a better look, and noticed that courier show namespace >> capability on prelogin banner, adding it too solved the problem. >> >> Reason: >> Android ICS stock client seems do not honor the capability gived after >> the login. > > See http://wiki2.dovecot.org/Upgrading/2.0?highlight=%28capability%29 ; > you need to set imap_capability and/or get your client fixed. > > Ben > Hi, first ,what is the exact meaning of "Android ICS stock client" do you mean default included email client in standard android in imap mode, when yes, which version of Android , i like to test my own however is there changelog/code etc at google for this behave? conf example # Override the IMAP CAPABILITY response. If the value begins with '+', # add the given capabilities on top of the defaults (e.g. +XFOO XBAR). #imap_capability = setting stuff here might be complex , or lead to trouble with other clients, if setting this might fix problems ,with clients it should be advised in the wiki/example-conf and/or Timo or the other way ,for massive used clients there should be a seperate workaround section in the conf But fixing behave clients should be prime option anyway Meanwhile use K9mail in Android as best free option in imap mode servers Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From skdovecot at smail.inf.fh-brs.de Tue Nov 6 11:09:20 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Tue, 6 Nov 2012 10:09:20 +0100 (CET) Subject: [Dovecot] sieve In-Reply-To: <F3890D25-7C0A-47B4-A9BB-2988EC3FCE1C@sys4.de> References: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> <5098C7E6.7090903@whyscream.net> <F3890D25-7C0A-47B4-A9BB-2988EC3FCE1C@sys4.de> Message-ID: <alpine.DEB.1.10.1211061001290.7480@pc-2m63a.inf.fh-bonn-rhein-sieg.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 6 Nov 2012, Christian R??ner wrote: >>> but I am looking for a mechanism that can reject Mail. Postfix can >>> use reject_unverified_recipient to connect to LMTP and ask if a mail >>> would successfully be enqueued and will return the status gotten from >>> the LMTP server if not. Chances are high that the mechanism would >>> work, too, if Dovecot would know about the sieve rule, while getting >>> a connection on LMTP. Does Dovecot know all rules at this point or is >>> sieve handled after the mail has already been accepted? That is actually the point. As far as I know, all MTAs have already accepted the message, before they try to deliver it. If delivering fails, they queue them for retry. >> I have no idea if your above idea would actually work, but having >> followed your questions on the postfix ml and your interests in using >> reject_unverified_recipient and its cache with lmtp, it would be very >> unwise to cache deliverability on the postfix side based on sieve >> results, since sieve is able to reject/bounce on any part of the message >> including message body contents and such. > > yes I know what you mean. The problem is that a user can decide to > "reject" not based on "from" leading in rejects to other mails coming in > to the same user. Probably a problem. Dunno about that discussion, did it included messages to multiple recipients, of which some reject and some accept the message? In SMTP you cannot individually fail a message after DATA phase. > The idea came up, as I work for a little ISP/ESP here. Sometimes I get calls, where I get asked if I could reject mails from "xyz". And with a robut good working mechanism, where people could reject on their on decisions would make things easier. So I thought about sieve as being a workable solution. > > Another solution would be to write some kind of milter/policy-service > with a web-interface, where people can reject mails directly on the > postfix side. But this is a lot of work. Look at CanIT / MIMEDefang. Kind regards, - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBUJjTwGoxLS8a3A9mAQKCuggAnAvnsShCbbEQGDgsR93aIg+Vc1w9HC7m NKWddvYIXRgTKC0qr6QM4tqkCIrtGVviylp+wFwyI+9ZvLx5t+3f8JFKHg0hO5MM Sbuu0ZmjCbm9STkNv2xvl72TBh5IWpByeKQt6fJQ5aT1f0Iqxo6i0+/Q0eoi5p82 HDgx27ASAtUqCHf+iPUg8G/FSndxxEcOvrSACn+hLfv71YU2iovgYTZazLt3u4pz hSWMQkpQyBwCxj75bz6y72sJxyMtd7XOMV5lGHumbSX6jg7WdI/cCScv14d2Uh5S D6yNya6+WB3AIGFg+NK9LuSz6IBq/eqIJivTGWvljOOIYsONnT8hbg== =/nYA -----END PGP SIGNATURE----- From rs at sys4.de Tue Nov 6 11:25:51 2012 From: rs at sys4.de (Robert Schetterer) Date: Tue, 06 Nov 2012 10:25:51 +0100 Subject: [Dovecot] sieve In-Reply-To: <alpine.DEB.1.10.1211061001290.7480@pc-2m63a.inf.fh-bonn-rhein-sieg.de> References: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> <5098C7E6.7090903@whyscream.net> <F3890D25-7C0A-47B4-A9BB-2988EC3FCE1C@sys4.de> <alpine.DEB.1.10.1211061001290.7480@pc-2m63a.inf.fh-bonn-rhein-sieg.de> Message-ID: <5098D79F.9080707@sys4.de> Am 06.11.2012 10:09, schrieb Steffen Kaiser: > Another solution would be to write some kind of milter/policy-service > with a web-interface, where people can reject mails directly on the > postfix side. But this is a lot of work. it existed in horde 3 ingo, no idea for horde 5 stable https://github.com/wrobel/horde-fw3/blob/master/ingo/scripts/ingo-postfix-policyd but if used you cant have ingo as sieve gui too at my knowledege i suggested cloning this as on own horde module like "blocker" etc long time ago but i cant code it my own anyway having such gui option for a reject policy server included in some webmail or postfixadmin , modoboa.org would be a really good idea Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From berni at birkenwald.de Tue Nov 6 11:38:14 2012 From: berni at birkenwald.de (Bernhard Schmidt) Date: Tue, 6 Nov 2012 09:38:14 +0000 (UTC) Subject: [Dovecot] LDAP congestion Message-ID: <k7alq6$klp$1@ger.gmane.org> Hello, I've been asked to have a look at a misbehaving mail server of some colleagues today where almost all logins where failing or excessively delayed, while the LDAP database itself was pretty fast. They run Dovecot 1.2.11 (yes, I know, stoneage) against an LDAP server run by a 3rd party, auth_bind=yes (required). The problem is that this third party LDAP server delays bindResponse 3 seconds when the password is wrong. A user wanted to login every 2-3 seconds this morning with the wrong password, which effectively killed the system because the LDAP connection was mostly stalled waiting for the auth timeout. >From a previous discussion with Timo I know that bindRequests cannot be parallelized in LDAP, so the problem does not come completely unexpected. Other than removing the failure delay in the LDAP server, is there anything one can do? If there is any change in newer Dovecot versions about that please tell me so I can encourage them to upgrade, but I haven't seen anything in the changelog. Any way to get several LDAP workers/connections for passdb in parallel? Thanks, Bernhard From radikn at seznam.cz Tue Nov 6 12:00:20 2012 From: radikn at seznam.cz (=?UTF-8?Q?Radek_Novotn=C3=BD?=) Date: Tue, 06 Nov 2012 11:00:20 +0100 Subject: [Dovecot] sieve In-Reply-To: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> References: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> Message-ID: <8fc7635340b15e568a9845c7fa7dbeae@r-n.cz> May be, that solution of yout problem is mailfromd http://puszcza.gnu.org.ua/software/mailfromd/ Dne 6.11.2012 08:59, Christian R??ner napsal: > Hi, > > is there a sieve option that can reject a mail directly without > creating a new mail and sending that out? I know about > > reject "Reject message goes here"; > > but I am looking for a mechanism that can reject Mail. Postfix can > use reject_unverified_recipient to connect to LMTP and ask if a mail > would successfully be enqueued and will return the status gotten from > the LMTP server if not. Chances are high that the mechanism would > work, too, if Dovecot would know about the sieve rule, while getting > a > connection on LMTP. Does Dovecot know all rules at this point or is > sieve handled after the mail has already been accepted? > > Kind regards > > -Christian R??ner > > -- > [*] sys4 AG > > http://sys4.de, +49 (89) 30 90 46 64 > Franziskanerstra?e 15, 81669 M?nchen > > Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 > Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer > Aufsichtsratsvorsitzender: Joerg Heidrich From amateo at um.es Tue Nov 6 13:08:05 2012 From: amateo at um.es (Angel L. Mateo) Date: Tue, 06 Nov 2012 12:08:05 +0100 Subject: [Dovecot] Auth USER lookup failed Message-ID: <5098EF95.8060005@um.es> Hello, I'm running dovecot 2.1.9 and I'm trying to configure shared folders. So, as described at http://wiki2.dovecot.org/SharedMailboxes/Shared I have configured a namespace like this: namespace { type = shared separator = / prefix = shared/%%u/ location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u subscriptions = no list = yes } In one user (user1) I have configured ACLs so another one (user2) has access to a folder. Now, I want to susbscribe user2 to this folder. The problem I have is that whenever I try to list folders for this user (running thunderbird client) I get a panic and an error in the dovecot server (I have attached the complete log). The error says: Nov 6 11:58:56 myotis30 dovecot: auth: Error: userdb(user1): client doesn't have lookup permissions for this user: userdb uid (113246) doesn't match peer uid (14585) (change userdb socket permissions) Nov 6 11:58:56 myotis30 dovecot: auth: Debug: master out: FAIL#0112 Nov 6 11:58:56 myotis30 dovecot: imap(user2): Error: user user1: Auth USER lookup failed Nov 6 11:58:56 myotis30 dovecot: imap(user2): Debug: auth input: Nov 6 11:58:56 myotis30 dovecot: imap(user2): Error: Couldn't create namespace 'shared/' for user user1: userdb didn't return a home directory, but plugin setting quota used it (%h): dict:User quota::file:%h/Maildir/dovecot.quota It seems that imap process running for user2 is trying to a user lookup that fails. So I have manually tried it root at myotis30:/etc/dovecot/conf.d# sudo -u user2 doveadm user user2 userdb: user2 home : <homeDirectory> uid : 14585 gid : 404 root at myotis30:/etc/dovecot/conf.d# sudo -u user2 doveadm user user1 doveadm(user2): Error: user user1: Auth USER lookup failed doveadm(user2): Error: userdb lookup failed for user1 I have checked the socket permissions, but they are 0666 (if I'm looking the right socket): root at myotis30:/etc/dovecot/conf.d# ls -l /var/run/dovecot/auth-userdb srwxrwxrwx 1 dovecot root 0 nov 6 11:43 /var/run/dovecot/auth-userdb In fact, I have tried to put all sockets with permissions 0666 and 0777, but the error persists. Any idea? -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n y las Comunicaciones Aplicadas (ATICA) http://www.um.es/atica Tfo: 868889150 Fax: 868888337 -------------- next part -------------- Nov 6 11:58:55 myotis30 dovecot: auth: Debug: master in: USER#0111#011user1#011service=imap Nov 6 11:58:55 myotis30 dovecot: auth: Debug: prefetch(user1): passdb didn't return userdb entries, trying the next userdb Nov 6 11:58:55 myotis30 dovecot: auth: Debug: userdb-cache(user1): hit: user1#011home=/home/alumnos/46/113246#011uid=113246#011gid=1001#011quota_rule=*:storage=10G Nov 6 11:58:55 myotis30 dovecot: auth: Error: userdb(user1): client doesn't have lookup permissions for this user: userdb uid (113246) doesn't match peer uid (14585) (change userdb socket permissions) Nov 6 11:58:55 myotis30 dovecot: auth: Debug: master out: FAIL#0111 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Error: user user1: Auth USER lookup failed Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: auth input: Nov 6 11:58:55 myotis30 dovecot: imap(user2): Error: Couldn't create namespace 'shared/' for user user1: userdb didn't return a home directory, but plugin setting quota used it (%h): dict:User quota::file:%h/Maildir/dovecot.quota Nov 6 11:58:55 myotis30 dovecot: auth: Debug: master in: USER#0112#011user1#011service=imap Nov 6 11:58:55 myotis30 dovecot: auth: Debug: prefetch(user1): passdb didn't return userdb entries, trying the next userdb Nov 6 11:58:55 myotis30 dovecot: auth: Debug: userdb-cache(user1): hit: user1#011home=/home/alumnos/46/113246#011uid=113246#011gid=1001#011quota_rule=*:storage=10G Nov 6 11:58:55 myotis30 dovecot: auth: Error: userdb(user1): client doesn't have lookup permissions for this user: userdb uid (113246) doesn't match peer uid (14585) (change userdb socket permissions) Nov 6 11:58:55 myotis30 dovecot: auth: Debug: master out: FAIL#0112 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Error: user user1: Auth USER lookup failed Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: auth input: Nov 6 11:58:55 myotis30 dovecot: imap(user2): Error: Couldn't create namespace 'shared/' for user user1: userdb didn't return a home directory, but plugin setting quota used it (%h): dict:User quota::file:%h/Maildir/dovecot.quota Nov 6 11:58:55 myotis30 dovecot: imap(user2): Warning: Subscriptions file /home/pas/85/014585/Maildir/subscriptions: Removing invalid entry: shared/user1/kk Nov 6 11:58:55 myotis30 dovecot: imap(user2): Panic: shared mailbox list: Can't return a temp prefix for 'shared/' Nov 6 11:58:55 myotis30 dovecot: imap(user2): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x3f9ca) [0x7f1a5770c9ca] -> /usr/lib/dovecot/libdovecot.so.0(+0x3fa0e) [0x7f1a5770ca0e] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f1a576e0d90] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x2991d) [0x7f1a5798291d] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_list_subscriptions_refresh+0x2c1) [0x7f1a579dd801] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_list_iter_init_multiple+0x71) [0x7f1a579d0dc1] -> dovecot/imap(+0xd598) [0x7f1a57e84598] -> dovecot/imap(cmd_list_full+0x4b8) [0x7f1a57e84bb8] -> dovecot/imap(command_exec+0x3d) [0x7f1a57e8949d] -> dovecot/imap(+0x114ee) [0x7f1a57e884ee] -> dovecot/imap(+0x115c5) [0x7f1a57e885c5] -> dovecot/imap(client_handle_input+0x125) [0x7f1a57e88815] -> dovecot/imap(client_input+0x65) [0x7f1a57e890f5] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x36) [0x7f1a57719946] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xa7) [0x7f1a5771a637] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7f1a57719358] -> /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f1a57704fe3] -> dovecot/imap(main+0x295) [0x7f1a57e807e5] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed) [0x7f1a5732f76d] -> dovecot/imap(+0x9969) [0x7f1a57e80969] Nov 6 11:58:55 myotis30 dovecot: imap(user2): Fatal: master: service(imap): child 6604 killed with signal 6 (core dumps disabled) Nov 6 11:58:55 myotis30 dovecot: auth: Debug: auth client connected (pid=6657) Nov 6 11:58:55 myotis30 dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=imap#011session=zbsBfdHN9ACbNkMF#011lip=155.54.211.169#011rip=155.54.67.5#011lport=143#011rport=56308 Nov 6 11:58:55 myotis30 dovecot: auth: Debug: client out: CONT#0111#011 Nov 6 11:58:55 myotis30 dovecot: auth: Debug: client in: CONT<hidden> Nov 6 11:58:55 myotis30 dovecot: auth: Debug: cache(user2,155.54.67.5,<zbsBfdHN9ACbNkMF>): hit: <hidden>#011userdb_home=/home/pas/85/014585#011userdb_uid=14585#011userdb_gid=404 Nov 6 11:58:55 myotis30 dovecot: auth: Debug: client out: OK#0111#011user=user2 Nov 6 11:58:55 myotis30 dovecot: auth: Debug: master in: REQUEST#0111406664705#0116657#0111#0117c7aa4c4342037d77879c13562726d53 Nov 6 11:58:55 myotis30 dovecot: auth: Debug: prefetch(user2,155.54.67.5,<zbsBfdHN9ACbNkMF>): success Nov 6 11:58:55 myotis30 dovecot: auth: Debug: master out: USER#0111406664705#011user2#011home=/home/pas/85/014585#011uid=14585#011gid=404 Nov 6 11:58:55 myotis30 dovecot: imap: Debug: Loading modules from directory: /usr/lib/dovecot/modules Nov 6 11:58:55 myotis30 dovecot: imap: Debug: Module loaded: /usr/lib/dovecot/modules/lib01_acl_plugin.so Nov 6 11:58:55 myotis30 dovecot: imap: Debug: Module loaded: /usr/lib/dovecot/modules/lib02_imap_acl_plugin.so Nov 6 11:58:55 myotis30 dovecot: imap: Debug: Module loaded: /usr/lib/dovecot/modules/lib02_lazy_expunge_plugin.so Nov 6 11:58:55 myotis30 dovecot: imap: Debug: Module loaded: /usr/lib/dovecot/modules/lib10_quota_plugin.so Nov 6 11:58:55 myotis30 dovecot: imap: Debug: Module loaded: /usr/lib/dovecot/modules/lib11_imap_quota_plugin.so Nov 6 11:58:55 myotis30 dovecot: imap: Debug: Module loaded: /usr/lib/dovecot/modules/lib20_zlib_plugin.so Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: Effective uid=14585, gid=404, home=/home/pas/85/014585 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl: No acl_shared_dict setting - shared mailbox listing is disabled Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: Quota root: name=User quota backend=dict args=:file:/home/pas/85/014585/Maildir/dovecot.quota Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: Quota rule: root=User quota mailbox=* bytes=10737418240 messages=0 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: Quota rule: root=User quota mailbox=Trash bytes=+1073741824 messages=0 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: dict quota: user=user2, uri=file:/home/pas/85/014585/Maildir/dovecot.quota, noenforcing=0 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: Namespace : type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:~/Maildir:INDEX=/var/indexes/user2 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: maildir++: root=/home/pas/85/014585/Maildir, index=/var/indexes/user2, control=, inbox=/home/pas/85/014585/Maildir, alt= Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl: initializing backend with data: vfile Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl: acl username = user2 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl: owner = 1 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl vfile: Global ACL directory: (none) Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: Namespace : type=shared, prefix=shared/%u/, sep=/, inbox=no, hidden=no, list=yes, subscriptions=no location=maildir:%h/Maildir:INDEX=~/Maildir/shared/%u Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: shared: root=/var/run/dovecot, index=, control=, inbox=, alt= Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl: initializing backend with data: vfile Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl: acl username = user2 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl: owner = 0 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl vfile: Global ACL directory: (none) Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: Namespace : type=private, prefix=BORRADOS/, sep=/, inbox=no, hidden=no, list=no, subscriptions=yes location=maildir:~/Maildir/expunged/ Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: maildir++: root=/home/pas/85/014585/Maildir/expunged, index=, control=, inbox=, alt= Nov 6 11:58:55 myotis30 dovecot: imap-login: Login: user=<user2>, method=PLAIN, rip=155.54.67.5, lip=155.54.211.169, mpid=6633, session=<zbsBfdHN9ACbNkMF> Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl: initializing backend with data: vfile Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl: acl username = user2 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl: owner = 1 Nov 6 11:58:55 myotis30 dovecot: imap(user2): Debug: acl vfile: Global ACL directory: (none) Nov 6 11:58:56 myotis30 dovecot: auth: Debug: master in: USER#0111#011user1#011service=imap Nov 6 11:58:56 myotis30 dovecot: auth: Debug: prefetch(user1): passdb didn't return userdb entries, trying the next userdb Nov 6 11:58:56 myotis30 dovecot: auth: Debug: userdb-cache(user1): hit: user1#011home=/home/alumnos/46/113246#011uid=113246#011gid=1001#011quota_rule=*:storage=10G Nov 6 11:58:56 myotis30 dovecot: auth: Error: userdb(user1): client doesn't have lookup permissions for this user: userdb uid (113246) doesn't match peer uid (14585) (change userdb socket permissions) Nov 6 11:58:56 myotis30 dovecot: auth: Debug: master out: FAIL#0111 Nov 6 11:58:56 myotis30 dovecot: imap(user2): Error: user user1: Auth USER lookup failed Nov 6 11:58:56 myotis30 dovecot: imap(user2): Debug: auth input: Nov 6 11:58:56 myotis30 dovecot: imap(user2): Error: Couldn't create namespace 'shared/' for user user1: userdb didn't return a home directory, but plugin setting quota used it (%h): dict:User quota::file:%h/Maildir/dovecot.quota Nov 6 11:58:56 myotis30 dovecot: auth: Debug: master in: USER#0112#011user1#011service=imap Nov 6 11:58:56 myotis30 dovecot: auth: Debug: prefetch(user1): passdb didn't return userdb entries, trying the next userdb Nov 6 11:58:56 myotis30 dovecot: auth: Debug: userdb-cache(user1): hit: user1#011home=/home/alumnos/46/113246#011uid=113246#011gid=1001#011quota_rule=*:storage=10G Nov 6 11:58:56 myotis30 dovecot: auth: Error: userdb(user1): client doesn't have lookup permissions for this user: userdb uid (113246) doesn't match peer uid (14585) (change userdb socket permissions) Nov 6 11:58:56 myotis30 dovecot: auth: Debug: master out: FAIL#0112 Nov 6 11:58:56 myotis30 dovecot: imap(user2): Error: user user1: Auth USER lookup failed Nov 6 11:58:56 myotis30 dovecot: imap(user2): Debug: auth input: Nov 6 11:58:56 myotis30 dovecot: imap(user2): Error: Couldn't create namespace 'shared/' for user user1: userdb didn't return a home directory, but plugin setting quota used it (%h): dict:User quota::file:%h/Maildir/dovecot.quota Nov 6 11:58:56 myotis30 dovecot: imap(user2): Warning: Subscriptions file /home/pas/85/014585/Maildir/subscriptions: Removing invalid entry: shared/user1/kk Nov 6 11:58:56 myotis30 dovecot: imap(user2): Panic: shared mailbox list: Can't return a temp prefix for 'shared/' Nov 6 11:58:56 myotis30 dovecot: imap(user2): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x3f9ca) [0x7effec3dd9ca] -> /usr/lib/dovecot/libdovecot.so.0(+0x3fa0e) [0x7effec3dda0e] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7effec3b1d90] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x2991d) [0x7effec65391d] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_list_subscriptions_refresh+0x2c1) [0x7effec6ae801] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_list_iter_init_multiple+0x71) [0x7effec6a1dc1] -> dovecot/imap(+0xd598) [0x7effecb55598] -> dovecot/imap(cmd_list_full+0x4b8) [0x7effecb55bb8] -> dovecot/imap(command_exec+0x3d) [0x7effecb5a49d] -> dovecot/imap(+0x114ee) [0x7effecb594ee] -> dovecot/imap(+0x115c5) [0x7effecb595c5] -> dovecot/imap(client_handle_input+0x125) [0x7effecb59815] -> dovecot/imap(client_input+0x65) [0x7effecb5a0f5] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x36) [0x7effec3ea946] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xa7) [0x7effec3eb637] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7effec3ea358] -> /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7effec3d5fe3] -> dovecot/imap(main+0x295) [0x7effecb517e5] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed) [0x7effec00076d] -> dovecot/imap(+0x9969) [0x7effecb51969] Nov 6 11:58:56 myotis30 dovecot: imap(user2): Fatal: master: service(imap): child 6633 killed with signal 6 (core dumps disabled) Nov 6 11:59:06 myotis30 dovecot: auth: Debug: auth client connected (pid=6659) Nov 6 11:59:06 myotis30 dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=155.54.211.187, lip=155.54.211.169, secured, session=<RNyhfdHNqwCbNtO7> Nov 6 11:59:06 myotis30 dovecot: auth: Debug: auth client connected (pid=6660) Nov 6 11:59:06 myotis30 dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=155.54.211.187, lip=155.54.211.169, secured, session=<3+ihfdHNbwCbNtO7> -------------- next part -------------- # 2.1.9: /etc/dovecot/dovecot.conf # OS: Linux 3.4.0-030400-generic x86_64 Ubuntu 12.04.1 LTS auth_anonymous_username = anonymous auth_cache_negative_ttl = 1 hours auth_cache_size = 20 M auth_cache_ttl = 1 days auth_debug = yes auth_debug_passwords = no auth_default_realm = auth_failure_delay = 2 secs auth_first_valid_uid = 500 auth_gssapi_hostname = auth_krb5_keytab = auth_last_valid_uid = 0 auth_master_user_separator = * auth_mechanisms = plain auth_proxy_self = auth_realms = auth_socket_path = auth-userdb auth_ssl_require_client_cert = no auth_ssl_username_from_cert = no auth_use_winbind = no auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ auth_username_format = %Lu auth_username_translation = auth_verbose = yes auth_verbose_passwords = no auth_winbind_helper_path = /usr/bin/ntlm_auth auth_worker_max_count = 30 base_dir = /var/run/dovecot config_cache_size = 1 M debug_log_path = default_client_limit = 1000 default_idle_kill = 1 mins default_internal_user = dovecot default_login_user = dovenull default_process_limit = 1000 default_vsz_limit = 256 M deliver_log_format = msgid=%m: %$ dict_db_config = director_doveadm_port = 0 director_mail_servers = director_servers = director_user_expire = 15 mins director_username_hash = %u disable_plaintext_auth = no dotlock_use_excl = yes doveadm_allowed_commands = doveadm_password = doveadm_proxy_port = 0 doveadm_socket_path = doveadm-server doveadm_worker_count = 0 dsync_alt_char = _ dsync_remote_cmd = ssh -l%{login} %{host} doveadm dsync-server -u%u -l%{lock_timeout} -n%{namespace} first_valid_gid = 1 first_valid_uid = 500 hostname = imap_capability = imap_client_workarounds = imap_id_log = imap_id_send = imap_idle_notify_interval = 2 mins imap_logout_format = in=%i out=%o imap_max_line_length = 64 k imapc_features = imapc_host = imapc_list_prefix = imapc_master_user = imapc_password = imapc_port = 143 imapc_rawlog_dir = imapc_ssl = no imapc_ssl_ca_dir = imapc_ssl_verify = yes imapc_user = %u import_environment = TZ info_log_path = instance_name = dovecot last_valid_gid = 0 last_valid_uid = 0 lda_mailbox_autocreate = no lda_mailbox_autosubscribe = no lda_original_recipient_header = libexec_dir = /usr/lib/dovecot listen = *, :: lmtp_address_translate = lmtp_proxy = no lmtp_save_to_detail_mailbox = no lock_method = fcntl log_path = syslog log_timestamp = %Y-%m-%d %H:%M:%S login_access_sockets = login_greeting = Dovecot ready. login_log_format = %$: %s login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c session=<%{session}> login_trusted_networks = 155.54.211.176/28 mail_access_groups = mail_attachment_dir = mail_attachment_fs = sis posix mail_attachment_hash = %{sha1} mail_attachment_min_size = 128 k mail_cache_fields = flags mail_cache_min_mail_count = 0 mail_chroot = mail_debug = yes mail_fsync = optimized mail_full_filesystem_access = no mail_gid = mail_home = mail_location = maildir:~/Maildir:INDEX=/var/indexes/%n mail_log_prefix = "%s(%u): " mail_max_keyword_length = 50 mail_max_lock_timeout = 0 mail_max_userip_connections = 10 mail_never_cache_fields = imap.envelope mail_nfs_index = no mail_nfs_storage = no mail_plugin_dir = /usr/lib/dovecot/modules mail_plugins = quota zlib lazy_expunge acl mail_prefetch_count = 0 mail_privileged_group = mail mail_save_crlf = no mail_shared_explicit_inbox = yes mail_temp_dir = /tmp mail_temp_scan_interval = 1 weeks mail_uid = mailbox_idle_check_interval = 30 secs mailbox_list_index = no maildir_broken_filename_sizes = no maildir_copy_with_hardlinks = yes maildir_stat_dirs = no maildir_very_dirty_syncs = yes managesieve_client_workarounds = managesieve_implementation_string = Dovecot Pigeonhole managesieve_logout_format = bytes=%i/%o managesieve_max_compile_errors = 5 managesieve_max_line_length = 65536 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave imapflags master_user_separator = mbox_dirty_syncs = yes mbox_dotlock_change_timeout = 2 mins mbox_lazy_writes = yes mbox_lock_timeout = 5 mins mbox_md5 = apop3d mbox_min_index_size = 0 mbox_read_locks = fcntl mbox_very_dirty_syncs = no mbox_write_locks = dotlock fcntl mdbox_preallocate_space = no mdbox_rotate_interval = 0 mdbox_rotate_size = 20 M mmap_disable = no namespace { hidden = no ignore_on_failure = no inbox = yes list = yes location = prefix = separator = / subscriptions = yes type = private } namespace { hidden = no ignore_on_failure = no inbox = no list = yes location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u prefix = shared/%%u/ separator = / subscriptions = no type = shared } namespace { hidden = no ignore_on_failure = no inbox = no list = no location = maildir:~/Maildir/expunged/ prefix = BORRADOS/ separator = / subscriptions = yes type = private } passdb { args = /etc/dovecot/master-users default_fields = deny = no driver = passwd-file master = yes override_fields = pass = yes } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext default_fields = deny = no driver = ldap master = no override_fields = pass = no } passdb { args = session=yes dovecot default_fields = deny = no driver = pam master = no override_fields = pass = no } plugin { acl = vfile lazy_expunge = BORRADOS/ quota = dict:User quota::file:%h/Maildir/dovecot.quota quota_rule = *:storage=10G quota_rule2 = Trash:storage=+1G sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = +imapflags sieve_max_redirects = 15 zlib_save = gz zlib_save_level = 6 } pop3_client_workarounds = pop3_enable_last = no pop3_fast_size_lookups = no pop3_lock_session = no pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s pop3_no_flag_updates = no pop3_reuse_xuidl = no pop3_save_uidl = no pop3_uidl_duplicates = allow pop3_uidl_format = %08Xu%08Xv pop3c_host = pop3c_master_user = pop3c_password = pop3c_port = 110 pop3c_rawlog_dir = pop3c_ssl = no pop3c_ssl_ca_dir = pop3c_ssl_verify = yes pop3c_user = %u postmaster_address = postmaster at um.es protocols = imap pop3 lmtp sieve quota_full_tempfail = no recipient_delimiter = + rejection_reason = Your message to <%t> was automatically rejected:%n%r rejection_subject = Rejected: %s replication_full_sync_interval = 12 hours replication_max_conns = 10 replicator_host = replicator replicator_port = 0 sendmail_path = /usr/sbin/sendmail service aggregator { chroot = . client_limit = 0 drop_priv_before_exec = no executable = aggregator extra_groups = fifo_listener replication-notify-fifo { group = mode = 0600 user = } group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener replication-notify { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service anvil { chroot = empty client_limit = 2003 drop_priv_before_exec = no executable = anvil extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 1 protocol = service_count = 0 type = anvil unix_listener anvil-auth-penalty { group = mode = 0600 user = } unix_listener anvil { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service auth-worker { chroot = client_limit = 1 drop_priv_before_exec = no executable = auth -w extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 1 type = unix_listener auth-worker { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service auth { chroot = client_limit = 3000 drop_priv_before_exec = no executable = auth extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener auth-client { group = mode = 0600 user = } unix_listener auth-login { group = mode = 0600 user = $default_internal_user } unix_listener auth-master { group = mode = 0600 user = } unix_listener auth-userdb { group = mode = 0666 user = $default_internal_user } unix_listener login/login { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service config { chroot = client_limit = 0 drop_priv_before_exec = no executable = config extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = config unix_listener config { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service dict { chroot = client_limit = 1 drop_priv_before_exec = no executable = dict extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dict { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service director { chroot = . client_limit = 0 drop_priv_before_exec = no executable = director extra_groups = fifo_listener login/proxy-notify { group = mode = 00 user = } group = idle_kill = 4294967295 secs inet_listener { address = port = 0 ssl = no } privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener director-admin { group = mode = 0600 user = } unix_listener director-userdb { group = mode = 0600 user = } unix_listener login/director { group = mode = 00 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service dns_client { chroot = client_limit = 1 drop_priv_before_exec = no executable = dns-client extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dns-client { group = mode = 0666 user = } unix_listener login/dns-client { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service doveadm { chroot = client_limit = 1 drop_priv_before_exec = no executable = doveadm-server extra_groups = group = idle_kill = 0 inet_listener { address = port = 24245 ssl = no } privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 1 type = unix_listener doveadm-server { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service imap-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = imap-login extra_groups = group = idle_kill = 0 inet_listener imap { address = port = 143 ssl = no } inet_listener imaps { address = port = 993 ssl = yes } privileged_group = process_limit = 0 process_min_avail = 0 protocol = imap service_count = 1 type = login user = $default_login_user vsz_limit = 18446744073709551615 B } service imap { chroot = client_limit = 1 drop_priv_before_exec = no executable = imap extra_groups = group = idle_kill = 0 privileged_group = process_limit = 5120 process_min_avail = 2 protocol = imap service_count = 1 type = unix_listener login/imap { group = mode = 0666 user = } user = vsz_limit = 512 M } service indexer-worker { chroot = client_limit = 1 drop_priv_before_exec = no executable = indexer-worker extra_groups = group = idle_kill = 0 privileged_group = process_limit = 10 process_min_avail = 0 protocol = service_count = 0 type = unix_listener indexer-worker { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service indexer { chroot = client_limit = 0 drop_priv_before_exec = no executable = indexer extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener indexer { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service ipc { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = ipc extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener ipc { group = mode = 0600 user = dovecot } unix_listener login/ipc-proxy { group = mode = 0600 user = $default_login_user } user = $default_internal_user vsz_limit = 18446744073709551615 B } service lmtp { chroot = client_limit = 1 drop_priv_before_exec = no executable = lmtp extra_groups = group = idle_kill = 0 inet_listener lmtp { address = port = 24 ssl = no } privileged_group = process_limit = 0 process_min_avail = 10 protocol = lmtp service_count = 0 type = unix_listener lmtp { group = mode = 0666 user = } user = vsz_limit = 512 M } service log { chroot = client_limit = 0 drop_priv_before_exec = no executable = log extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = log unix_listener log-errors { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service managesieve-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = managesieve-login extra_groups = group = idle_kill = 0 inet_listener sieve { address = port = 4190 ssl = no } privileged_group = process_limit = 0 process_min_avail = 0 protocol = sieve service_count = 1 type = login user = $default_login_user vsz_limit = 18446744073709551615 B } service managesieve { chroot = client_limit = 1 drop_priv_before_exec = no executable = managesieve extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = sieve service_count = 1 type = unix_listener login/sieve { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service pop3-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = pop3-login extra_groups = group = idle_kill = 0 inet_listener pop3 { address = port = 110 ssl = no } inet_listener pop3s { address = port = 995 ssl = yes } privileged_group = process_limit = 0 process_min_avail = 0 protocol = pop3 service_count = 1 type = login user = $default_login_user vsz_limit = 18446744073709551615 B } service pop3 { chroot = client_limit = 1 drop_priv_before_exec = no executable = pop3 extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1024 process_min_avail = 2 protocol = pop3 service_count = 1 type = unix_listener login/pop3 { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service replicator { chroot = client_limit = 0 drop_priv_before_exec = no executable = replicator extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener replicator { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service ssl-params { chroot = client_limit = 0 drop_priv_before_exec = no executable = ssl-params extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = startup unix_listener login/ssl-params { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service stats { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = stats extra_groups = fifo_listener stats-mail { group = mode = 0600 user = } group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener stats { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } shutdown_clients = yes ssl = no ssl_ca = ssl_cert = </etc/ssl/certs/dovecot.pem ssl_cert_username_field = commonName ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL ssl_client_cert = ssl_client_key = ssl_crypto_device = ssl_key = </etc/ssl/private/dovecot.pem ssl_key_password = ssl_parameters_regenerate = 1 weeks ssl_protocols = !SSLv2 ssl_require_crl = yes ssl_verify_client_cert = no stats_command_min_time = 1 mins stats_domain_min_time = 12 hours stats_ip_min_time = 12 hours stats_memory_limit = 16 M stats_session_min_time = 15 mins stats_user_min_time = 1 hours submission_host = syslog_facility = mail userdb { args = default_fields = driver = prefetch override_fields = } userdb { args = /etc/dovecot/dovecot-ldap.conf.ext default_fields = driver = ldap override_fields = } valid_chroot_dirs = verbose_proctitle = no verbose_ssl = no version_ignore = no protocol lda { mail_plugins = quota zlib lazy_expunge acl sieve } protocol imap { mail_plugins = quota zlib lazy_expunge acl imap_quota imap_acl } protocol lmtp { mail_plugins = quota zlib lazy_expunge acl sieve } protocol pop3 { pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, in=%i, out=%o } local 155.54.211.160/27/27 { doveadm_password = ]dWhu5kB } From andreas.thomsen at dadgmbh.de Tue Nov 6 13:51:47 2012 From: andreas.thomsen at dadgmbh.de (Andreas Thomsen) Date: Tue, 06 Nov 2012 12:51:47 +0100 Subject: [Dovecot] doveadm import doesn't work Message-ID: <5098F9D3.80708@dadgmbh.de> Hello, we are running dovecot 2.0.4 on openSuse 11.2. mailboxes are in mdbox-format on local filesystem. we had a powerfailure resulting in many corrupted files and i had to restore some mailboxes. as descibed in wiki, i tried : doveadm import -u <username> mdbox:/path/to/backup/<username>/mdbox INBOX all or doveadm import -u <username> mdbox:/path/to/backup/<username>/mdbox mdbox:/path/to/mailbox/<username>/mdbox all all i get is : usage: doveadm [-Dv] [-f <formatter>] <command> [<args>] altmove [-u <user>|-A] <search query> auth [-a <auth socket path>] [-x <auth info>] <user> [<password>] config [doveconf parameters] director add|flush|map|remove|status dump [-t <type>] <path> expunge [-u <user>|-A] <search query> fetch [-u <user>|-A] <fields> <search query> force-resync [-u <user>|-A] <mailbox> help <cmd> kick [-a <anvil socket path>] [-f] <user mask>[|]<ip/bits> log find|reopen|test mailbox create|delete|list|mutf7|rename|status|subscribe|unsubscribe penalty [-a <anvil socket path>] [<ip/bits>] purge [-u <user>|-A] pw [-l] [-p plaintext] [-r rounds] [-s scheme] [-u user] [-V] quota get|recalc reload search [-u <user>|-A] <search query> stop user [-a <userdb socket path>] [-x <auth info>] <user mask> [...] who [-a <anvil socket path>] [-1] [<user mask>] [<ip/bits>] any idea, whats the problem? kind regards Andreas Thomsen -- DAD Deutscher Adressdienst GmbH Alter Wall 65 20457 Hamburg Postfach 11 35 58 20435 Hamburg Deutschland Tel. 0049 (0)40 7511990 Fax 0049 (0)40 75119911 Amtsgericht Hamburg HRB 88115 Gesch?ftsf?hrerin: Daniela Kunst Steuernummer 48/714/02030 Ust-IdNr. DE813739877 From tss at iki.fi Tue Nov 6 14:17:21 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 6 Nov 2012 14:17:21 +0200 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <CEC36A2A-C750-4DCB-A99C-273E9C562F47@iki.fi> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> Message-ID: <D418AF48-DAC7-4CF7-BD25-DFEEBCCC89E5@iki.fi> On 6.11.2012, at 3.49, Michael J Rubinsky wrote: >> That would require infinitely storing the modseq of when each message >> was expunged. Not very nice. Also the RFC talks a lot about this >> situation. The SELECT command has two optional parameters to optimize >> it. > > The RFC *does* indicate that a server implementation could, strictly speaking, be considered in compliance without remembering modsequences for all expunged messages, but it does explicitly discourage such implementations. From RFC 5162 [4.1]: > > Strictly speaking, a server implementation that doesn't remember mod- > sequences associated with expunged messages can be considered > compliant with this specification. Such implementations return all > expunged messages specified in the UID set of the UID FETCH > (VANISHED) command every time, without paying attention to the > specified CHANGEDSINCE mod-sequence. Such implementations are > discouraged, as they can end up returning VANISHED responses that are > bigger than the result of a UID SEARCH command for the same UID set. This is talking about a server that doesn't permanently remember ANY modseqs for expunges. Dovecot remembers them, not not infinitely. > It also gives advice to avoid infinitely storing the modsequences such as "expiring" sequences associated with older expunged messages, but assigning a single modsequence value to all of the expired expunged messages. Dovecot behaves as the section 4.3 describes. Note especially: Note that indefinitely storing information about expunged messages can cause storage and related problems for an implementation. .. Hence, implementations are encouraged to adopt strategies to protect against such storage problems, such as limiting the size of the queue used to store mod-sequences for expunged messages and "expiring" older records when this limit is reached. When the selected implementation-specific queue limit is reached, the oldest record(s) are deleted from the queue (note that such records are located at the queue head). For all such "expired" records, the server needs to store a single mod-sequence, which is the highest mod-sequence for all "expired" expunged messages. This is exactly what Dovecot does. There is a single modseq associated with all the previously expunged messages. If you try to request expunges for that modseq, it returns all of the expunged messages, which is what you're seeing as a problem. It might be helpful in some situations to decrease the precision and remember for example: * UIDs 1-100 were deleted with modseq 10 (in reality multiple times between modseqs 1..10) * UIDs 101-130 were deleted with modseq 15 (in reality with modseqs 11..15) .. and so on But this assumes that the expunged UID ranges compress well. If UIDs are being deleted here and there it's still pretty wasteful to store them. And yes, the current way may be forgetting them a bit too early when a lot of other unrelated changes are happening. It would be possible to keep a separate expunge log which could remember the expunges longer. But that would be yet another different index file for Dovecot, which annoyingly complicates everything. And currently since it sounds like the only problem is activesync implementation using it, I'm not very interested in spending a lot of time on it. These defines in mail-transaction-log-private.h anyway can be changed to make it much less likely to see your problem: /* Rotate when log is older than ROTATE_TIME and larger than MIN_SIZE */ #define MAIL_TRANSACTION_LOG_ROTATE_MIN_SIZE (1024*32) /* If log is larger than MAX_SIZE, rotate regardless of the time */ #define MAIL_TRANSACTION_LOG_ROTATE_MAX_SIZE (1024*1024) #define MAIL_TRANSACTION_LOG_ROTATE_TIME (60*5) /* Delete .log.2 files older than this many seconds. Don't be too eager, older files are useful for QRESYNC and dsync. */ #define MAIL_TRANSACTION_LOG2_STALE_SECS (60*60*24*2) Maybe the defaults could be changed.. From tlx at leuxner.net Tue Nov 6 14:27:07 2012 From: tlx at leuxner.net (Thomas Leuxner) Date: Tue, 6 Nov 2012 13:27:07 +0100 Subject: [Dovecot] doveadm import doesn't work In-Reply-To: <5098F9D3.80708@dadgmbh.de> References: <5098F9D3.80708@dadgmbh.de> Message-ID: <20121106122707.GA9945@nihlus.leuxner.net> On Tue, Nov 06, 2012 at 12:51:47PM +0100, Andreas Thomsen wrote: > any idea, whats the problem? http://www.dovecot.org/list/dovecot-news/2010-October/000179.html Yes. It simply wasn't implemented in 2.0.4 which is ages old btw. Regards Thomas -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121106/3887567b/attachment-0004.bin> From andreas.thomsen at dadgmbh.de Tue Nov 6 14:38:25 2012 From: andreas.thomsen at dadgmbh.de (Andreas Thomsen) Date: Tue, 06 Nov 2012 13:38:25 +0100 Subject: [Dovecot] doveadm import doesn't work In-Reply-To: <20121106122707.GA9945@nihlus.leuxner.net> References: <5098F9D3.80708@dadgmbh.de> <20121106122707.GA9945@nihlus.leuxner.net> Message-ID: <509904C1.5020104@dadgmbh.de> Thank you, Thomas. I think, i will install a newer version.. Am 06.11.2012 13:27, schrieb Thomas Leuxner: > On Tue, Nov 06, 2012 at 12:51:47PM +0100, Andreas Thomsen wrote: >> any idea, whats the problem? > http://www.dovecot.org/list/dovecot-news/2010-October/000179.html > > Yes. It simply wasn't implemented in 2.0.4 which is ages old btw. > > Regards > Thomas -- DAD Deutscher Adressdienst GmbH Alter Wall 65 20457 Hamburg Postfach 11 35 58 20435 Hamburg Deutschland Tel. 0049 (0)40 7511990 Fax 0049 (0)40 75119911 Amtsgericht Hamburg HRB 88115 Gesch?ftsf?hrerin: Daniela Kunst Steuernummer 48/714/02030 Ust-IdNr. DE813739877 From ben at morrow.me.uk Tue Nov 6 14:43:06 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Tue, 6 Nov 2012 12:43:06 +0000 Subject: [Dovecot] sieve In-Reply-To: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> References: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> Message-ID: <20121106124305.GB37663@anubis.morrow.me.uk> At 8AM +0100 on 6/11/12 you (Christian R??ner) wrote: > > is there a sieve option that can reject a mail directly without > creating a new mail and sending that out? I know about > > reject "Reject message goes here"; > > but I am looking for a mechanism that can reject Mail. You want 'ereject', RFC 5429, but Pigeonhole currently only implements it as a synonym for reject. I'm not sure if this is within-spec or not: this paragraph The "ereject" action MUST NOT be available in environments that do not support protocol-level rejection, e.g., an MUA, and MUST be available in all other environments that support the "reject" action. makes me think that perhaps it's not; in any case, Dovecot's implementation won't do what you want. Ben From stan at hardwarefreak.com Tue Nov 6 15:04:56 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Tue, 06 Nov 2012 07:04:56 -0600 Subject: [Dovecot] sieve In-Reply-To: <F3890D25-7C0A-47B4-A9BB-2988EC3FCE1C@sys4.de> References: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> <5098C7E6.7090903@whyscream.net> <F3890D25-7C0A-47B4-A9BB-2988EC3FCE1C@sys4.de> Message-ID: <50990AF8.7010303@hardwarefreak.com> On 11/6/2012 2:29 AM, Christian R??ner wrote: > Another solution would be to write some kind of milter/policy-service with a web-interface, where people can reject mails directly on the postfix side. But this is a lot of work. Use a web interface that requires auth. But I'd not use a milter/policy service--too complicated and unnecessary. Just use a regular access(5) table in db format. Simply write your script to append new addresses or domains to the table with a REJECT action. Then add to main.cf an appropriate restriction such as check_sender_access. Changes are picked up automatically each time a new smtpd is fired so no postmap command is required to make the change active. -- Stan From rs at sys4.de Tue Nov 6 15:35:22 2012 From: rs at sys4.de (Robert Schetterer) Date: Tue, 06 Nov 2012 14:35:22 +0100 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <D418AF48-DAC7-4CF7-BD25-DFEEBCCC89E5@iki.fi> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <CEC36A2A-C750-4DCB-A99C-273E9C562F47@iki.fi> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> <D418AF48-DAC7-4CF7-BD25-DFEEBCCC89E5@iki.fi> Message-ID: <5099121A.5010208@sys4.de> Am 06.11.2012 13:17, schrieb Timo Sirainen: > the only problem is activesync implementation using it Hi, Michael, as i am going to implement horde 5 active sync server in near Future with dovecot , i followed this in high interest I know horde active sync server is different to z-push so sorry my question, i recent use z-push with dovecot and never noticed any problems with it, so how does z-push handle this "problem" comparing horde, any chance to workaround it in horde code ? Hacking dovecot might be complex, as it should fit in so many stuff and setups Anyway i agree many people using active sync in their smartphone these days and new outlook will also have a active sync mode, so there shouldnt stay any fixable problems ( where ever they may be ), but in my understanding the imap server ( dovecot ) acts more like a backhand here did you test against recent versions of cyrus etc, how is their behave in this case ? Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From mrubinsk at horde.org Tue Nov 6 16:23:10 2012 From: mrubinsk at horde.org (Michael J Rubinsky) Date: Tue, 06 Nov 2012 09:23:10 -0500 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <5099121A.5010208@sys4.de> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <CEC36A2A-C750-4DCB-A99C-273E9C562F47@iki.fi> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> <D418AF48-DAC7-4CF7-BD25-DFEEBCCC89E5@iki.fi> <5099121A.5010208@sys4.de> Message-ID: <20121106092310.Horde.5x2cUpcRtLVQmR1OBJCiTiA@h4.theupstairsroom.com> Quoting Robert Schetterer <rs at sys4.de>: > Am 06.11.2012 13:17, schrieb Timo Sirainen: >> the only problem is activesync implementation using it > > Hi, Michael, > as i am going to implement horde 5 active sync server in near Future > with dovecot , i followed this in high interest > > I know horde active sync server is different to z-push > so sorry my question, i recent use z-push with dovecot and never noticed > any problems with it, so how does z-push handle this "problem" comparing > horde, any chance to workaround it in horde code ? ZPush's default "imap backend" implementation uses PHP's imap implementation, which has _many_ problems. Horde's uses Horde_Imap_Client a PHP native implementation with tons of improvements over just about any other available IMAP client implementation in PHP. The problem I'm describing stems from our ActiveSync code trying to take advantage of IMAP extensions such as QRESYNC, where the server can track and report things like expunged messages, flag changes etc... since a known point without us having to cache and track every bit of information about the device's state. This is what ZPush does, it uses plaintext files on the server and writes out all the message ids and flag states that were sent to each device. Then during every sync, it retrieves the complete list of message ids and flag state from the IMAP server again and compares them against the data in the text file to determine the deltas. There is already a work around for this in place - if we detect a UID being returned from one of these VANISHED responses that is older than the oldest known UID we know was sent to the device then we reset the device's mailbox state, causing the mailbox to resync. We already track the UIDs of all email sent to the device in our state tables when using a server that does not support QRESYNC, I plan on extending/improving this and getting rid of the current use VANISHED data completely. For further information about our code vs ZPush you can read a basic overview on our wiki page http://wiki.horde.org/ActiveSync. I'm in the process of a more detailed feature comparison grid, but it's far from ready. Please move any further discussion specific to Horde's ActiveSync code to the dev at lists.horde.org mailing list. > Hacking dovecot might be complex, as it should fit in so many stuff and > setups I would never suggest people should hack server code to get other code to work :) > Anyway i agree many people using active sync in their smartphone these > days and new outlook will also have a active sync mode, so there > shouldnt stay any fixable problems ( where ever they may be ), but in my > understanding the imap server ( dovecot ) acts more like a backhand here > did you test against recent versions of cyrus etc, how is their behave > in this case? I have not personally tested against cyrus, but I know some of our other devs use cyrus with the ActiveSync code base. -- mike The Horde Project (www.horde.org) mrubinsk at horde.org -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 6062 bytes Desc: S/MIME Cryptographic Signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121106/f2affb1e/attachment-0004.bin> From mrubinsk at horde.org Tue Nov 6 16:24:07 2012 From: mrubinsk at horde.org (Michael J Rubinsky) Date: Tue, 06 Nov 2012 09:24:07 -0500 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <D418AF48-DAC7-4CF7-BD25-DFEEBCCC89E5@iki.fi> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <CEC36A2A-C750-4DCB-A99C-273E9C562F47@iki.fi> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> <D418AF48-DAC7-4CF7-BD25-DFEEBCCC89E5@iki.fi> Message-ID: <20121106092407.Horde.ORo9AZcRtLVQmR2HfZMiToA@h4.theupstairsroom.com> Quoting Timo Sirainen <tss at iki.fi>: > On 6.11.2012, at 3.49, Michael J Rubinsky wrote: > >>> That would require infinitely storing the modseq of when each message >>> was expunged. Not very nice. Also the RFC talks a lot about this >>> situation. The SELECT command has two optional parameters to optimize >>> it. >> >> The RFC *does* indicate that a server implementation could, >> strictly speaking, be considered in compliance without remembering >> modsequences for all expunged messages, but it does explicitly >> discourage such implementations. From RFC 5162 [4.1]: >> >> Strictly speaking, a server implementation that doesn't remember mod- >> sequences associated with expunged messages can be considered >> compliant with this specification. Such implementations return all >> expunged messages specified in the UID set of the UID FETCH >> (VANISHED) command every time, without paying attention to the >> specified CHANGEDSINCE mod-sequence. Such implementations are >> discouraged, as they can end up returning VANISHED responses that are >> bigger than the result of a UID SEARCH command for the same UID set. > > This is talking about a server that doesn't permanently remember ANY > modseqs for expunges. Dovecot remembers them, not not infinitely. > >> It also gives advice to avoid infinitely storing the modsequences >> such as "expiring" sequences associated with older expunged >> messages, but assigning a single modsequence value to all of the >> expired expunged messages. > > Dovecot behaves as the section 4.3 describes. Note especially: > > Note that indefinitely storing information about expunged messages > can cause storage and related problems for an implementation. > .. > Hence, implementations are encouraged to adopt strategies to protect > against such storage problems, such as limiting the size of the queue > used to store mod-sequences for expunged messages and "expiring" > older records when this limit is reached. When the selected > implementation-specific queue limit is reached, the oldest record(s) > are deleted from the queue (note that such records are located at the > queue head). For all such "expired" records, the server needs to > store a single mod-sequence, which is the highest mod-sequence for > all "expired" expunged messages. > > This is exactly what Dovecot does. There is a single modseq > associated with all the previously expunged messages. If you try to > request expunges for that modseq, it returns all of the expunged > messages, which is what you're seeing as a problem. > > It might be helpful in some situations to decrease the precision and > remember for example: > * UIDs 1-100 were deleted with modseq 10 (in reality multiple times > between modseqs 1..10) > * UIDs 101-130 were deleted with modseq 15 (in reality with modseqs 11..15) > .. and so on > > But this assumes that the expunged UID ranges compress well. If UIDs > are being deleted here and there it's still pretty wasteful to store > them. > > And yes, the current way may be forgetting them a bit too early when > a lot of other unrelated changes are happening. It would be possible > to keep a separate expunge log which could remember the expunges > longer. But that would be yet another different index file for > Dovecot, which annoyingly complicates everything. And currently > since it sounds like the only problem is activesync implementation > using it, I'm not very interested in spending a lot of time on it. > These defines in mail-transaction-log-private.h anyway can be > changed to make it much less likely to see your problem: > > /* Rotate when log is older than ROTATE_TIME and larger than MIN_SIZE */ > #define MAIL_TRANSACTION_LOG_ROTATE_MIN_SIZE (1024*32) > /* If log is larger than MAX_SIZE, rotate regardless of the time */ > #define MAIL_TRANSACTION_LOG_ROTATE_MAX_SIZE (1024*1024) > #define MAIL_TRANSACTION_LOG_ROTATE_TIME (60*5) > > /* Delete .log.2 files older than this many seconds. Don't be too eager, > older files are useful for QRESYNC and dsync. */ > #define MAIL_TRANSACTION_LOG2_STALE_SECS (60*60*24*2) > > Maybe the defaults could be changed.. Thanks for the information and clarification, Timo. -- mike The Horde Project (www.horde.org) mrubinsk at horde.org -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 6062 bytes Desc: S/MIME Cryptographic Signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121106/792f95ca/attachment-0004.bin> From tss at iki.fi Tue Nov 6 16:57:00 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 6 Nov 2012 16:57:00 +0200 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <D418AF48-DAC7-4CF7-BD25-DFEEBCCC89E5@iki.fi> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <CEC36A2A-C750-4DCB-A99C-273E9C562F47@iki.fi> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> <D418AF48-DAC7-4CF7-BD25-DFEEBCCC89E5@iki.fi> Message-ID: <C7D43F23-AF8A-47AF-9053-1600BEADFBB4@iki.fi> On 6.11.2012, at 14.17, Timo Sirainen wrote: > It would be possible to keep a separate expunge log which could remember the expunges longer. But that would be yet another different index file for Dovecot, which annoyingly complicates everything. And currently since it sounds like the only problem is activesync implementation using it, I'm not very interested in spending a lot of time on it. Here's an idea how it could maybe be done without too much complexity: Before deleting/replacing dovecot.index.log.2 file, scan all of the expunges from it and append them to dovecot.index.log.expunges file using the normal transaction log file format. Change the reader code to use it only when a special flag is enabled (because it has no other changes, it shouldn't normally be used). Use that flag when looking for old expunges. Once in a while recreate the file and drop some of the oldest expunges. The annoying thing with that is that the file format wastes disk space. An alternative would be to write to the file using yet another format optimized for it, and then have a separate "expunge scanner" API that scans the expunge file and the transaction logs. Anyway, not something I have time to implement myself anytime soon. From cr at sys4.de Tue Nov 6 17:04:33 2012 From: cr at sys4.de (=?iso-8859-1?Q?Christian_R=F6=DFner?=) Date: Tue, 6 Nov 2012 16:04:33 +0100 Subject: [Dovecot] sieve In-Reply-To: <50990AF8.7010303@hardwarefreak.com> References: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> <5098C7E6.7090903@whyscream.net> <F3890D25-7C0A-47B4-A9BB-2988EC3FCE1C@sys4.de> <50990AF8.7010303@hardwarefreak.com> Message-ID: <8828DC32-59FB-4EA7-8D73-6B7E740092E4@sys4.de> Hi, >> Another solution would be to write some kind of milter/policy-service with a web-interface, where people can reject mails directly on the postfix side. But this is a lot of work. > > Use a web interface that requires auth. But I'd not use a milter/policy > service--too complicated and unnecessary. Just use a regular access(5) > table in db format. Simply write your script to append new addresses or > domains to the table with a REJECT action. Then add to main.cf an > appropriate restriction such as check_sender_access. Changes are picked > up automatically each time a new smtpd is fired so no postmap command is > required to make the change active. thanks to all of you. I think I have enough feedback and now I can decide what to do. Kind regards -Christian R??ner -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From lists at wildgooses.com Tue Nov 6 17:26:43 2012 From: lists at wildgooses.com (Ed W) Date: Tue, 06 Nov 2012 15:26:43 +0000 Subject: [Dovecot] v2.1 memory usage In-Reply-To: <1352157757.13571.121.camel@hurina> References: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> <1352151633.13571.116.camel@hurina> <1352157757.13571.121.camel@hurina> Message-ID: <50992C33.8030505@wildgooses.com> On 05/11/2012 23:22, Timo Sirainen wrote: > On Mon, 2012-11-05 at 23:40 +0200, Timo Sirainen wrote: >> Anyway, looks like Dovecot can't link OpenSSL to imap/pop3 processes >> without wasting a ton of memory. In v2.2 I already moved imapc/pop3c >> backend code to plugins to avoid this. Looks like similar ugliness is >> needed for other features/backends also that may end up using SSL code. >> (We were wondering with Stephan what to do about his new HTTP library >> code that added support for SSL. It would be nice to keep it in the core >> libdovecot.so, but not if it links with SSL. So looks like we'll need >> some kind of a http-ssl plugin that is loaded only when needed.) > Implemented it a bit easier way that also gets rid of imapc/pop3c > plugins and simplifies other things: lib-ssl-iostream now loads OpenSSL > dynamically: http://hg.dovecot.org/dovecot-2.2/rev/68d21f872fd7 > > This also provides a nice abstraction to OpenSSL, making it again > possible to implement other backends like GnuTLS or NSS. (Except login > process code doesn't use lib-ssl-iostream yet.) Does libtomcrypt implement enough? Ed From stephan at rename-it.nl Tue Nov 6 17:26:31 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Tue, 06 Nov 2012 16:26:31 +0100 Subject: [Dovecot] sieve In-Reply-To: <20121106124305.GB37663@anubis.morrow.me.uk> References: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> <20121106124305.GB37663@anubis.morrow.me.uk> Message-ID: <50992C27.4030008@rename-it.nl> Op 11/6/2012 1:43 PM, Ben Morrow schreef: > You want 'ereject', RFC 5429, but Pigeonhole currently only implements > it as a synonym for reject. I'm not sure if this is within-spec or not: > this paragraph > > The "ereject" action MUST NOT be available in environments that do > not support protocol-level rejection, e.g., an MUA, and MUST be > available in all other environments that support the "reject" > action. > > makes me think that perhaps it's not; in any case, Dovecot's > implementation won't do what you want. That feature is under development, and such features aren't compiled unless people add `--with-unfinished-features' to their configure line. So, don't worry, Pigeonhole does not normally violate the specification in this regard. Regards, Stephan. From ben at morrow.me.uk Tue Nov 6 20:00:23 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Tue, 6 Nov 2012 18:00:23 +0000 Subject: [Dovecot] sieve In-Reply-To: <50992C27.4030008@rename-it.nl> References: <06BDD983-DE8C-4508-8BC5-CD778C67D3C2@sys4.de> <20121106124305.GB37663@anubis.morrow.me.uk> <50992C27.4030008@rename-it.nl> Message-ID: <20121106180022.GC37663@anubis.morrow.me.uk> At 4PM +0100 on 6/11/12 you (Stephan Bosch) wrote: > Op 11/6/2012 1:43 PM, Ben Morrow schreef: > > You want 'ereject', RFC 5429, but Pigeonhole currently only implements > > it as a synonym for reject. I'm not sure if this is within-spec or not: > > this paragraph > > > > The "ereject" action MUST NOT be available in environments that do > > not support protocol-level rejection, e.g., an MUA, and MUST be > > available in all other environments that support the "reject" > > action. > > > > makes me think that perhaps it's not; in any case, Dovecot's > > implementation won't do what you want. > > That feature is under development, and such features aren't compiled > unless people add `--with-unfinished-features' to their configure line. > So, don't worry, Pigeonhole does not normally violate the specification > in this regard. Oh, cool, I missed that on my quick look through the source. Ben From tss at iki.fi Tue Nov 6 22:30:46 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 6 Nov 2012 22:30:46 +0200 Subject: [Dovecot] v2.1 memory usage In-Reply-To: <50992C33.8030505@wildgooses.com> References: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> <1352151633.13571.116.camel@hurina> <1352157757.13571.121.camel@hurina> <50992C33.8030505@wildgooses.com> Message-ID: <5A7F7F7A-9CEB-4A20-B03C-99EE81351114@iki.fi> On 6.11.2012, at 17.26, Ed W wrote: > On 05/11/2012 23:22, Timo Sirainen wrote: >> On Mon, 2012-11-05 at 23:40 +0200, Timo Sirainen wrote: >>> Anyway, looks like Dovecot can't link OpenSSL to imap/pop3 processes >>> without wasting a ton of memory. In v2.2 I already moved imapc/pop3c >>> backend code to plugins to avoid this. Looks like similar ugliness is >>> needed for other features/backends also that may end up using SSL code. >>> (We were wondering with Stephan what to do about his new HTTP library >>> code that added support for SSL. It would be nice to keep it in the core >>> libdovecot.so, but not if it links with SSL. So looks like we'll need >>> some kind of a http-ssl plugin that is loaded only when needed.) >> Implemented it a bit easier way that also gets rid of imapc/pop3c >> plugins and simplifies other things: lib-ssl-iostream now loads OpenSSL >> dynamically: http://hg.dovecot.org/dovecot-2.2/rev/68d21f872fd7 >> >> This also provides a nice abstraction to OpenSSL, making it again >> possible to implement other backends like GnuTLS or NSS. (Except login >> process code doesn't use lib-ssl-iostream yet.) > > Does libtomcrypt implement enough? It doesn't do SSL, which is all Dovecot cares about. From daniel.parthey at informatik.tu-chemnitz.de Wed Nov 7 02:02:49 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Wed, 7 Nov 2012 01:02:49 +0100 Subject: [Dovecot] LMTP benefit vs LDA In-Reply-To: <5098BD2A.9010704@skye.it> References: <5094E7D6.5000109@mail.cgilfe.it> <20121103124149.GA12562@daniel.localdomain> <5098BD2A.9010704@skye.it> Message-ID: <20121107000249.GA10057@daniel.localdomain> Alessio Cecchi wrote: > Daniel Parthey wrote: > > Davide wrote: > >>my question is what is benefit implementing LMTP service replacing > >>LDA i have dovecot 2.1.8 with vpopmail+qmail and about 500 users > >>now i'm using LDA and i'm interested on LMTP service. > >with LMTP... > >* you don't need to spawn a new process for each message > > For me this options is the most valuable. I'm also running > qmail+vpopmail and dovecot as LDA and with thousand of users spawn a > new process for each message could be a problem. > > But you need to switch to postfix, or have you some idea on how to > run qmail and LMTP together? You will need an MTA with LMTP client support, e.g. postfix or exim: http://wiki2.dovecot.org/HowTo/PostfixDovecotLMTP Regards Daniel -- https://plus.google.com/103021802792276734820 From massimiliano at cianelli.eu Wed Nov 7 09:13:08 2012 From: massimiliano at cianelli.eu (Massimiliano Cianelli) Date: Wed, 07 Nov 2012 08:13:08 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. Message-ID: <8egwclxks8cpdyupbs5slf3n.1352226340948@email.android.com> Hello, My phone: Android ics 4.1.2 on galaxy nexus. And yes, stock mean the default client that come with the os in IMAP mode. I already know about that configuration parameter, but it will display two time namespace in postlogin capabilities, and so I like much more to adjust the source code to fix the issue. Yes there is k9 but I didn't like it too much, I prefer the stock client and is much important to keep compatibility with stock client then user-installed client. About the issue on Google code, there is thr issue on google code... but Google is a lot slow in fixing those things. http://code.google.com/p/android/issues/detail?id=1811 In a few hour I'll update the issue noticing where is hidden the problem. Regards Sent from Galaxy Nexus Robert Schetterer <rs at sys4.de> ha scritto: >Am 06.11.2012 07:08, schrieb Ben Morrow: >> At 6AM +0100 on 6/11/12 you (Massimiliano Cianelli) wrote: >>> Hi, >>> >>> My setup: >>> Dovecot 2 latest, installed to replace courrier IMAP, and off course >>> configured with the dot separator and all folder under INBOX.*. >>> >>> The problem: >>> My phone was driving me mad during the test, due that it will only >>> recognize Inbox. >>> >>> How found the solution: >>> I've started sniffing IMAP traffic on my server and ended up with one >>> difference: >>> On courier it ask for namespace, on dovecot it won't. >>> >>> I gives a better look, and noticed that courier show namespace >>> capability on prelogin banner, adding it too solved the problem. >>> >>> Reason: >>> Android ICS stock client seems do not honor the capability gived after >>> the login. >> >> See http://wiki2.dovecot.org/Upgrading/2.0?highlight=%28capability%29 ; >> you need to set imap_capability and/or get your client fixed. >> >> Ben >> > >Hi, first ,what is the exact meaning of > >"Android ICS stock client" > >do you mean default included email client in standard android in imap >mode, when yes, which version of Android , i like to test my own >however is there changelog/code etc at google for this behave? > >conf example > ># Override the IMAP CAPABILITY response. If the value begins with '+', > # add the given capabilities on top of the defaults (e.g. +XFOO XBAR). > #imap_capability = > >setting stuff here might be complex , or lead to trouble with other >clients, if setting this might fix problems ,with clients it should be >advised in the wiki/example-conf and/or Timo > >or the other way ,for massive used clients there should be >a seperate workaround section in the conf > >But fixing behave clients should be prime option anyway > >Meanwhile use K9mail in Android as best free option in imap mode servers > >Best Regards >MfG Robert Schetterer > >-- >[*] sys4 AG > >http://sys4.de, +49 (89) 30 90 46 64 >Franziskanerstra?e 15, 81669 M?nchen > >Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 >Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer >Aufsichtsratsvorsitzender: Joerg Heidrich From rs at sys4.de Wed Nov 7 10:16:54 2012 From: rs at sys4.de (Robert Schetterer) Date: Wed, 07 Nov 2012 09:16:54 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: <8egwclxks8cpdyupbs5slf3n.1352226340948@email.android.com> References: <8egwclxks8cpdyupbs5slf3n.1352226340948@email.android.com> Message-ID: <509A18F6.1060507@sys4.de> Am 07.11.2012 08:13, schrieb Massimiliano Cianelli: > Hello, > > My phone: > Android ics 4.1.2 on galaxy nexus. > And yes, stock mean the default client that come with the os in IMAP mode. > > I already know about that configuration parameter, but it will display two time namespace in postlogin capabilities, and so I like much more to adjust the source code to fix the issue. > > Yes there is k9 but I didn't like it too much, I prefer the stock client and is much important to keep compatibility with stock client then user-installed client. > > About the issue on Google code, there is thr issue on google code... but Google is a lot slow in fixing those things. > http://code.google.com/p/android/issues/detail?id=1811 > > In a few hour I'll update the issue noticing where is hidden the problem. > > Regards > Sent from Galaxy Nexus Hi , i shortly tested this with android sdk jelly bean 4.1.1 and "my setup" dovecot 2.1.10 with included orginal android mail app in imap mode, ,leaving IMAP prefix blank, everything works as expected, no double shown inbox, namespace problems etc so you might have to fit your namespace setup. Also you might follow allready given advice from here. Anyway , i understand you using "stock client" but you have to understand that the producers of mail clients optimize their stuff fitting best in their own server structure making money with it, therefor their motivation coding better imap code is not very high, same case is for outlook and microsoft however, i would say, fixing bugs is on the google site here, looks like there is patch at http://code.google.com/p/android/issues/detail?id=1811 and the issue seems long known i dont see any hard relation to dovecot in this case meanwhile using k9mail seems the best way to workaround there are lots of other bugs around android versions over the years i dont expect google to fix them > > Robert Schetterer <rs at sys4.de> ha scritto: > >> Am 06.11.2012 07:08, schrieb Ben Morrow: >>> At 6AM +0100 on 6/11/12 you (Massimiliano Cianelli) wrote: >>>> Hi, >>>> >>>> My setup: >>>> Dovecot 2 latest, installed to replace courrier IMAP, and off course >>>> configured with the dot separator and all folder under INBOX.*. >>>> >>>> The problem: >>>> My phone was driving me mad during the test, due that it will only >>>> recognize Inbox. >>>> >>>> How found the solution: >>>> I've started sniffing IMAP traffic on my server and ended up with one >>>> difference: >>>> On courier it ask for namespace, on dovecot it won't. >>>> >>>> I gives a better look, and noticed that courier show namespace >>>> capability on prelogin banner, adding it too solved the problem. >>>> >>>> Reason: >>>> Android ICS stock client seems do not honor the capability gived after >>>> the login. >>> >>> See http://wiki2.dovecot.org/Upgrading/2.0?highlight=%28capability%29 ; >>> you need to set imap_capability and/or get your client fixed. >>> >>> Ben >>> >> >> Hi, first ,what is the exact meaning of >> >> "Android ICS stock client" >> >> do you mean default included email client in standard android in imap >> mode, when yes, which version of Android , i like to test my own >> however is there changelog/code etc at google for this behave? >> >> conf example >> >> # Override the IMAP CAPABILITY response. If the value begins with '+', >> # add the given capabilities on top of the defaults (e.g. +XFOO XBAR). >> #imap_capability = >> >> setting stuff here might be complex , or lead to trouble with other >> clients, if setting this might fix problems ,with clients it should be >> advised in the wiki/example-conf and/or Timo >> >> or the other way ,for massive used clients there should be >> a seperate workaround section in the conf >> >> But fixing behave clients should be prime option anyway >> >> Meanwhile use K9mail in Android as best free option in imap mode servers >> >> Best Regards >> MfG Robert Schetterer >> >> -- >> [*] sys4 AG >> >> http://sys4.de, +49 (89) 30 90 46 64 >> Franziskanerstra?e 15, 81669 M?nchen >> >> Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 >> Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer >> Aufsichtsratsvorsitzender: Joerg Heidrich Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From laurent.foucher at iut-tlse3.fr Wed Nov 7 10:25:08 2012 From: laurent.foucher at iut-tlse3.fr (Laurent Foucher) Date: Wed, 07 Nov 2012 09:25:08 +0100 Subject: [Dovecot] acl and subfolder Message-ID: <20121107092508.Horde.KXj9QTZfwM9QmhrkNMYwS9A@webmail.iut-tlse3.fr> hello, I'm using dovecot 2.0.16 and i would like to use acl for subfolder. The file dovecot-acl is well written in both folder test and the subfolder test/Test : cat /home/user2/Maildir/.test.Test/dovecot-acl user=user1 ilrws cat /home/user2/Maildir/.test/dovecot-acl user=user1 ilprws When user1 want to list, the folder test is well shown, but not the subfolder test/Test. This is the logs : Debug: acl: acl username = user1 imap(laurent.foucher): Debug: acl: owner = 0 Shuka-a dovecot: imap(user1): Debug: acl vfile: Global ACL directory: (none) Shuka-a dovecot: imap(user1): Debug: acl vfile: reading file /home/user2/Maildir/.test/dovecot-acl [....] imap(user1): Debug: acl: Mailbox not in dovecot-acl-list: Partages/user2/test/Test I don't userstand why the file dovecot-acl is not read from the subfolder, while user1 and user2 have the same gid and write access to the directories. Thanks for your answers. dovecot -n auth_cache_size = 512 M default_client_limit = 8400 disable_plaintext_auth = no mail_access_groups = dovecot mail_debug = yes mail_location = maildir:~/Maildir mail_plugins = acl mail_privileged_group = dovecot managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave imapflags notify namespace { inbox = yes location = prefix = separator = / type = private } namespace { list = children location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u prefix = Partages/%%u/ separator = / subscriptions = no type = shared } passdb { args = cache_key=%u%s * driver = pam } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { acl = vfile acl_shared_dict = file:/var/lib/dovecot/shared-mailboxes.db mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid size sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = +notify +imapflags } postmaster_address = postmaster at iut-tlse3.fr protocols = " imap sieve" service auth { client_limit = 8500 unix_listener auth-userdb { group = Personnel_IUT mode = 0666 } } service imap-login { process_limit = 4096 process_min_avail = 16 service_count = 0 vsz_limit = 256 M } service imap { process_limit = 4096 vsz_limit = 3036 M } ssl_cert = </etc/ssl/certs/cert-5383-imaps.iut-tlse3.fr.pem ssl_key = </etc/ssl/private/imaps.iut-tlse3.fr.key userdb { driver = passwd } userdb { driver = prefetch } protocol lda { info_log_path = /var/log/dovecot/dovecot-lda.log log_path = /var/log/dovecot/dovecot-lda-errors.log mail_plugins = acl sieve } protocol imap { imap_id_log = * mail_plugins = acl imap_acl listescape } -- - Laurent Foucher < I U T 'A' Paul Sabatier > laurent.foucher at iut-tlse3.fr Enseignant/Charg? de mission Syst?mes & R?seau From yngve_l2 at hotmail.com Wed Nov 7 11:13:28 2012 From: yngve_l2 at hotmail.com (ycc_Swe) Date: Wed, 7 Nov 2012 01:13:28 -0800 (PST) Subject: [Dovecot] Dovecot ok for port 110, but not for SSL (beginner asking) Message-ID: <1352279608118-38611.post@n4.nabble.com> Hello, I just installed Dovecot. It works for plaintext autorization, port 110. It has connected with Telnet, Thunderbird and an on-line pop3 client. Telnet: +OK Dovecot ready. user nnnnn -ERR Unknown command. user nnnnn +OK pass xxxxxxxxxx +OK Logged in. stat +OK 1 1553 retr 1 +OK 1553 octets Return-path: <sssssss at hotmail.com> Envelope-to: nnnnnn at mydomain.com Delivery-date: Tue, 06 Nov 2012 12:02:28 +0100 Received: from bay0-xcvxcv-xvxcv.bay333.hotmail.com ([123.123.123.123]) by deb7.pc with esmtp (Exim 4.80) But when I try ssl (port 995) with an on-line pop3 client, it will not work: /var/log/mail.log Nov 7 02:46:55 deb7 dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=12.12.12.7, lip=123.123.123.123, TLS: Disconnected, session=<Iza75N3NlABBNykH> Nov 7 02:46:56 deb7 dovecot: pop3-login: Disconnected (no auth attempts in 1 secs): user=<>, rip=12.12.12.7, lip=123.123.123.123, TLS: Disconnected, session=<nWTF5N3NlQBBNykH> root at deb7:~# doveconf -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-3-686-pae i686 disable_plaintext_auth = no mail_gid = mail mail_location = mbox:~/mail:INBOX=/var/mail/%u namespace inbox { inbox = yes location = prefix = } passdb { args = username_format=%u /etc/dovecot/users driver = passwd-file } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = " imap pop3" ssl_cert = </etc/ssl/certs/dovecot.pem ssl_key = </etc/ssl/private/dovecot.pem userdb { args = username_format=%u /etc/dovecot/users driver = passwd-file } I know very little about mail and ssl. I have assumed that ssl will be set up "automatically" when Dovecot is installed. But maybe I have missed something here. Please give me pointers. The following two files contain ssl keys: ssl_cert = </etc/ssl/certs/dovecot.pem ssl_key = </etc/ssl/private/dovecot.pem I have tried changing the ssl parameter ("yes", "required") in 10-ssl.conf but with no change except that port 110 login becomes disabled. As you can see I am a beginner with Dovecot, I hope it is still OK to ask on this mailing list. Thanks. -- View this message in context: http://dovecot.2317879.n4.nabble.com/Dovecot-ok-for-port-110-but-not-for-SSL-beginner-asking-tp38611.html Sent from the Dovecot mailing list archive at Nabble.com. From rs at sys4.de Wed Nov 7 12:19:44 2012 From: rs at sys4.de (Robert Schetterer) Date: Wed, 07 Nov 2012 11:19:44 +0100 Subject: [Dovecot] Dovecot ok for port 110, but not for SSL (beginner asking) In-Reply-To: <1352279608118-38611.post@n4.nabble.com> References: <1352279608118-38611.post@n4.nabble.com> Message-ID: <509A35C0.8040209@sys4.de> Am 07.11.2012 10:13, schrieb ycc_Swe: > Hello, > > I just installed Dovecot. It works for plaintext autorization, port 110. It > has connected with Telnet, Thunderbird and an on-line pop3 client. > > Telnet: > +OK Dovecot ready. > user nnnnn > -ERR Unknown command. > user nnnnn > +OK > pass xxxxxxxxxx > +OK Logged in. > stat > +OK 1 1553 > retr 1 > +OK 1553 octets > Return-path: <sssssss at hotmail.com> > Envelope-to: nnnnnn at mydomain.com > Delivery-date: Tue, 06 Nov 2012 12:02:28 +0100 > Received: from bay0-xcvxcv-xvxcv.bay333.hotmail.com ([123.123.123.123]) > by deb7.pc with esmtp (Exim 4.80) > > But when I try ssl (port 995) with an on-line pop3 client, it will not work: > /var/log/mail.log > Nov 7 02:46:55 deb7 dovecot: pop3-login: Disconnected (no auth attempts in > 0 secs): user=<>, rip=12.12.12.7, lip=123.123.123.123, TLS: Disconnected, > session=<Iza75N3NlABBNykH> > Nov 7 02:46:56 deb7 dovecot: pop3-login: Disconnected (no auth attempts in > 1 secs): user=<>, rip=12.12.12.7, lip=123.123.123.123, TLS: Disconnected, > session=<nWTF5N3NlQBBNykH> > > root at deb7:~# doveconf -n > # 2.1.7: /etc/dovecot/dovecot.conf > # OS: Linux 3.2.0-3-686-pae i686 > disable_plaintext_auth = no > mail_gid = mail > mail_location = mbox:~/mail:INBOX=/var/mail/%u > namespace inbox { > inbox = yes > location = > prefix = > } > passdb { > args = username_format=%u /etc/dovecot/users > driver = passwd-file > } > plugin { > sieve = ~/.dovecot.sieve > sieve_dir = ~/sieve > } > protocols = " imap pop3" > ssl_cert = </etc/ssl/certs/dovecot.pem > ssl_key = </etc/ssl/private/dovecot.pem > userdb { > args = username_format=%u /etc/dovecot/users > driver = passwd-file > } > > I know very little about mail and ssl. I have assumed that ssl will be set > up "automatically" when Dovecot is installed. But maybe I have missed > something here. Please give me pointers. > The following two files contain ssl keys: > ssl_cert = </etc/ssl/certs/dovecot.pem > ssl_key = </etc/ssl/private/dovecot.pem > > I have tried changing the ssl parameter ("yes", "required") in 10-ssl.conf > but with no change except that port 110 login becomes disabled. > > As you can see I am a beginner with Dovecot, I hope it is still OK to ask on > this mailing list. Thanks. > > > > -- > View this message in context: http://dovecot.2317879.n4.nabble.com/Dovecot-ok-for-port-110-but-not-for-SSL-beginner-asking-tp38611.html > Sent from the Dovecot mailing list archive at Nabble.com. > have a look http://wiki2.dovecot.org/SSL/DovecotConfiguration Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From CMarcus at Media-Brokers.com Wed Nov 7 15:01:13 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 07 Nov 2012 08:01:13 -0500 Subject: [Dovecot] Solr 4.0 - lucene - FTS Message-ID: <509A5B99.1000900@Media-Brokers.com> Hi Timo, As one who is interested in implementing FTS sometime in the future, I'm curious about what is in store as far as improvements go... Specifically, any plans for implementing immediate/automatic index updates at delivery time? The lack of automatically updated indexes is one downside for its implementation... Also, does the release of Solr 4.0 mean anything for the lucene library used by dovecot? http://www.marketwatch.com/story/lucidworks-congratulates-apache-foundation-on-general-release-of-solr-40-2012-10-15 Thanks, -- Best regards, Charles From tss at iki.fi Wed Nov 7 17:14:18 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:14:18 +0200 Subject: [Dovecot] Solr 4.0 - lucene - FTS In-Reply-To: <509A5B99.1000900@Media-Brokers.com> References: <509A5B99.1000900@Media-Brokers.com> Message-ID: <385519A7-AE91-4C38-94C6-7CD8A957E178@iki.fi> On 7.11.2012, at 15.01, Charles Marcus wrote: > As one who is interested in implementing FTS sometime in the future, I'm curious about what is in store as far as improvements go... > > Specifically, any plans for implementing immediate/automatic index updates at delivery time? The lack of automatically updated indexes is one downside for its implementation... Nothing really prevents from adding that very easily .. I guess it would need a new setting, which is always the most annoying part of small changes. :) I think it would have to have a setting equivalent to doveadm index -n parameter, which allows indexing most users, except those who pretty much never read their emails. So with doveadm index -n 1000 you could set that if the mailbox's \Recent count is over 1000, don't index the mailbox. So .. hmm. I guess two settings would be cleaner: plugin { fts_autoindex = yes fts_autoindex_max_recent = 1000 } Or maybe there's a better name than "autoindex" for this feature. SEARCH always autoindexes anyway. > Also, does the release of Solr 4.0 mean anything for the lucene library used by dovecot? No, fts-lucene and fts-solr are separate backends. But I do have some small plans to add a few more features to fts-solr. From tss at iki.fi Wed Nov 7 17:21:59 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:21:59 +0200 Subject: [Dovecot] mbox2mdir... what about UIDs/etc? (was: how to best import Evolution/Thunderbird mail into dovecot?) In-Reply-To: <1351557745.3435.106.camel@fermat.scientia.net> References: <1350429674.3360.27.camel@fermat.scientia.net> <20121017145144.GA777@PC211.ikt.de> <loom.20121017T174523-947@post.gmane.org> <1351557745.3435.106.camel@fermat.scientia.net> Message-ID: <3ACD269C-EBFA-42D5-B984-97342E669D08@iki.fi> On 30.10.2012, at 2.42, Christoph Anton Mitterer wrote: > Which I'll base upon mb2md[1] respectively it's Dovecot-izsed > version[2]. > I diffed the two, and it seems the only differences are that the later > handles the following in addition: > 1) keywords (via X-IMAP, X-IMAPbase and X-Keywords) > 2) UIDs, UIDVALITIDYs and UIDLASTs (via the X-IMAP, X-IMAPbase and X-UID > mail headers of the mboxes > 3) ,S= and ,W= tags > > (Guess that's it right?) > > > Now I have some questions: > to 1) I never used keywords on mails myself so far,... so if any > X-Keywords headers exist, these were sent from remote. > So I guess I _really want_ to ignore them (and not let remote people set > my local keywords), right? Yes. > to 2) I haven't had time yet to read into the IMAP4 RFC (though I'll > need to do so soon),... but AFAIU the UIDs, UIDVALITIDYs and UIDLASTs > are used for the server/clients to identify which message they talk > about and avoid unnecessary reloading and to assure statuses are set on > the right message, etc. > > All mails that I migrate were only used locally by one client. > So I guess I can fully ignore any UID/UIDVALITIDY/UIDLAST preservation, > right? Yeah, they're not that important if you don't care about clients redownloading cached messages. > So in principle I can use plain mb2md (without the dovecot mods)... and > simply convert all my mboxes to maildir, put them in the dovecot mail > (having the mails in the ../new dirs) location and start dovecot, right? > > Now will dovecot itself assign fresh consecutive UIDs to all maildir > files? Or will I get into troubles? Dovecot will generate new UIDs. > to 3) If dovecot can make use of these,.. I'm happy with having them > set, but analogous to (2): > If I use plain mb2md (without the dovecot mods)... and simply convert > all my mboxes to maildir, put them in the dovecot mail (having the mails > in the ../new dirs) location and start dovecot.... > > Can I make dovecot to calculate these fields by itself when it loads? Dovecot doesn't add them to the filenames, but adds them to dovecot-uidlist and/or dovecot.index.cache. If you're using Maildir++ quota then this isn't good enough, but when using Dovecot LDA there's no reason to use Maildir++ quota anyway, so it doesn't matter. From tss at iki.fi Wed Nov 7 17:23:05 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:23:05 +0200 Subject: [Dovecot] dovecot-lda not correct folder In-Reply-To: <508F66A2.7010809@gmx.de> References: <508F66A2.7010809@gmx.de> Message-ID: <933B1D72-3DAC-4D5C-88B0-78849B7655D9@iki.fi> On 30.10.2012, at 7.33, tony.blue.mailinglist at gmx.de wrote: > ZUSATZORDNER="$DELIVERMAIL -e -d $LOGNAME -m .optionalfolder" > ... > > dovecot-lda puts the mails for the optionalfolder always in the .cur (INBOX). > > What?s the correct dovecot-lda parameter to put the mails in the optionalfolder? -m optionalfolder, without the dot. Also you may need to set lda_mailbox_autocreate=yes if it doesn't already exist. From tss at iki.fi Wed Nov 7 17:26:04 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:26:04 +0200 Subject: [Dovecot] mbox vs. maildir storage block waste In-Reply-To: <508FB360.5090704@Media-Brokers.com> References: <1351544049.3435.47.camel@fermat.scientia.net> <9D29C5F7-A6BC-4D74-AAA9-14675035D09C@iki.fi> <1351545330.3435.66.camel@fermat.scientia.net> <22F4E090-F572-40F4-8B69-D48E48856815@iki.fi> <508FB360.5090704@Media-Brokers.com> Message-ID: <C343D0F4-43E5-4A17-AE42-D1F7BDBB39F1@iki.fi> On 30.10.2012, at 13.00, Charles Marcus wrote: > On 2012-10-29 5:42 PM, Timo Sirainen <tss at iki.fi> wrote: >> On 29.10.2012, at 23.15, Christoph Anton Mitterer wrote: >> >>> btw: What are the actual advantages of sdbox over maildir? >> * Not moving files from new/ to cur/ directory >> * Not renaming files when changing message flags >> * Not readdir()ing directories (although maildir_very_dirty_syncs=yes helps a lot with this) >> >> Basically less disk I/O and making it possible to have mailboxes with a huge number of messages without everything slowing down horribly. > > I had been wanting to ask about this too... > > So... what are the disadvantages? Message flags are stored only in dovecot.index files, and files get somewhat more easily corrupted than the whole filesystem. Having a separate dovecot.index.backup file helps with this though. Also there's the disadvantages if you can't easily switch away from Maildir because you're using some non-Dovecot tools to access it. From tss at iki.fi Wed Nov 7 17:30:35 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:30:35 +0200 Subject: [Dovecot] mbox vs. maildir storage block waste In-Reply-To: <1351556165.3435.88.camel@fermat.scientia.net> References: <1351544049.3435.47.camel@fermat.scientia.net> <9D29C5F7-A6BC-4D74-AAA9-14675035D09C@iki.fi> <1351545330.3435.66.camel@fermat.scientia.net> <22F4E090-F572-40F4-8B69-D48E48856815@iki.fi> <1351547682.3435.76.camel@fermat.scientia.net> <A15D492A-72F5-44F9-9167-6E1AE8CC9647@iki.fi> <1351556165.3435.88.camel@fermat.scientia.net> Message-ID: <9C95F27A-0D85-4CD4-8172-9829BC026A14@iki.fi> On 30.10.2012, at 2.16, Christoph Anton Mitterer wrote: > Have you ever thought about adding a "real" DB backend? Nothing against > dbox... :) ... and I have no performance comparison of dbox with what > could be done with a DBMS... but the advantage of the later would be > that you get all fancy features from database systems for free... like > fast indexing, online replication, etc. p.. > > One might even reuse something like AOX for this. SQL indexes aren't very helpful for IMAP-like data. It would be fun to some day have SQL backend in Dovecot (there already is read-only INBOX-only SQL backend), but I don't expect it to have very good performance. From tss at iki.fi Wed Nov 7 17:32:25 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:32:25 +0200 Subject: [Dovecot] copymail deleted In-Reply-To: <09B9ED24-9319-48A7-85D4-0FF7D12F6296@sys4.de> References: <BF13BA6C-5A8D-446B-B654-663864AA8D9C@sys4.de> <2B52CF76-2638-45C8-BD75-1773EAB99D0E@iki.fi> <62B9745B-844F-4A83-8B87-F5DED1389180@sys4.de> <CF0DCCC7-C667-4F34-B888-83D6EB55C513@iki.fi> <09B9ED24-9319-48A7-85D4-0FF7D12F6296@sys4.de> Message-ID: <660E3B26-F98C-4790-BFC5-8F77390C043E@iki.fi> On 30.10.2012, at 16.44, Christian R??ner wrote: >> So if you create /attachments/6a/50/6a506530265ef7c9feb396410eaf6946036e9a79-b034401e794009503a0400002cb72ff6 that is 949170 bytes long, and do the same for the rest of the attachments, you should be able to read this mail without errors. >> >> You can easily create the files without wasting space with: >> dd if=/dev/zero of=foo bs=1 seek=949169 count=1 > > Thanks. I have calculated both other files and recreated zero padded files. Now I am going to watch the log file and see, if errors are gone. > > One last question: If the user now opens a mail, where the attachments are broken and he/she removes the mail, are the created hand-made files be removed automatically? Yes. From tss at iki.fi Wed Nov 7 17:33:43 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:33:43 +0200 Subject: [Dovecot] maildir and end-of-line encoding In-Reply-To: <1351648223.24721.4.camel@fermat.scientia.net> References: <1351648223.24721.4.camel@fermat.scientia.net> Message-ID: <A52B651B-B5D8-4B16-9A79-4231CAAD4ECD@iki.fi> On 31.10.2012, at 3.50, Christoph Anton Mitterer wrote: > I just wondered, the following: > > My MDA may get mails that use LF or CR/LF end of line encodings and > deliver them into maildirs. > > > I couldn't find any information about, whether one should or must > convert all into one format, cause AFAIK at least on the IMAP side, > CR/LF is always used? > > How does this work on the maildir/backend side of dovcot? Can it work > with both and simply automatically convert LF into CR/LF? Dovecot automatically adds CRs where necessary. Even within the same file there can be mixed LF/CRLF lines. From tss at iki.fi Wed Nov 7 17:38:26 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:38:26 +0200 Subject: [Dovecot] backtrace for non-existant %{ldap:attr} on login In-Reply-To: <alpine.DEB.2.02.1210311001310.3009@pc-2m63nn> References: <alpine.DEB.2.02.1210311001310.3009@pc-2m63nn> Message-ID: <F3C8E55F-6258-4B1B-B2B6-D51DB4E4E656@iki.fi> On 31.10.2012, at 11.08, Steffen Kaiser wrote: > If mailQuotaBytesTrash or mailQuotaBytes is not present, the LOGIN process does not work: .. > 2012-10-31 09:56:51 auth: Panic: pool_data_stack_realloc(): stack frame changed I'm not entirely sure why that happens when nonexistent attributes, but this fixes the crash: http://hg.dovecot.org/dovecot-2.1/rev/3a33e686fc38 Maybe there's another bug in there as well that tries to write some large garbage to the string instead?.. From tss at iki.fi Wed Nov 7 17:41:47 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:41:47 +0200 Subject: [Dovecot] Error: Internal quota calculation error In-Reply-To: <87d2zyxxjm.fsf@minnow.riseup.net> References: <87d2zyxxjm.fsf@minnow.riseup.net> Message-ID: <11465F19-4310-4B44-8955-F03FB65EFC5F@iki.fi> On 31.10.2012, at 21.15, Micah Anderson wrote: > I'm using 2.1.7 with seive and mysql quotas. We had an outage the other > day where the database server where quotas are stored was not available > for a short period of time. > > In dovecot land, the following types of errors occured in that scenario: > > Oct 26 22:19:01 grosbeak dovecot: lda(example at riseup.net): Error: Internal quota calculation error Hmm. I wonder if I should add more error message logging in here.. Although I think the main reason is that dict isn't connected to SQL database, and it should have logged about it already. > Oct 26 22:19:01 grosbeak dovecot: lda(example at riseup.net): Error: sieve: msgid=<20122132765181x.ABCCE457 at example.com>: failed to store into mailbox 'Trash': Internal error occurred. Refer to server log for more information. [2012-10-26 22:19:01] > Oct 26 22:19:01 grosbeak dovecot: lda(example at riseup.net): Error: sieve: script /maildir/e/example/.dovecot.sieve failed with unsuccessful implicit keep (user logfile /maildir/e/example/.dovecot.sieve.log may reveal additional details) > > I expect that there would be quota calculation errors as dovecot could > not reach the database server, but what worried me was the 'failed to > store into mailbox' message from sieve. The 'Trash' mailbox in this > particular seive script is the correct location for the message to be > filed into, but the worrisome message is the 'failed with unsuccessful > implicit keep'. Dovecot returns temporary failure and the mail should get redelivered. v2.1.9+ has also plugin { quota_ignore_save_errors=yes } setting, which is the default also with v2.2. From tss at iki.fi Wed Nov 7 17:42:29 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:42:29 +0200 Subject: [Dovecot] Modifying mailbox GUIDs? In-Reply-To: <778d2396116c03d4b1d12234846aa12f@horizon.phuph.org> References: <7c0d1aa0d7c1974f917c17290e719788@horizon.phuph.org> <778d2396116c03d4b1d12234846aa12f@horizon.phuph.org> Message-ID: <6B841CE1-CF08-49FD-9E6B-82DF385E20AE@iki.fi> I guess you could do that.. In v2.2 the dsync is smarter and can change the GUID automatically when needed. On 1.11.2012, at 5.13, Faheem Patel wrote: > > > I see that the GUID is actually in readable text on the first line > in "dovecot-uidlist". Is it really as simple as modifying the string > here? > > - Faheem > > On Wed, 31 Oct 2012 22:42:59 -0400, Faheem Patel > wrote: > >> Greetings all, >> >> I can view a mailbox's GUID like so: > doveadm mailbox status -u guid >> >> However, how may I *modify* a > mailbox GUID? Can this be done using doveadm or some other tool? >> >> > If not, how may I go about modifying the dovecot.mailbox.log (where I > assume GUID data is stored)? >> >> My specific use case has to do with > me wanting to modify an existing mailbox's GUID so that its messages are > mirrored into a folder of the same name using "dsync mirror". (As we > know, dsync utilizes GUIDs to determine mailbox uniqueness) >> >> > Thanks! >> >> -- >> - Faheem From tss at iki.fi Wed Nov 7 17:45:58 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:45:58 +0200 Subject: [Dovecot] 2.2.alpha1 (626a9df21e62): LMTP Core Dump In-Reply-To: <20121101102734.GA20126@nihlus.leuxner.net> References: <20121101102734.GA20126@nihlus.leuxner.net> Message-ID: <B896861D-63AD-4356-A7CF-BDBC91AB54F4@iki.fi> On 1.11.2012, at 12.27, Thomas Leuxner wrote: > Nov 1 11:16:14 spectre dovecot: lmtp(17245): Fatal: master: service(lmtp): child 17245 killed with signal 11 (core dumped) .. > #0 0x00007f6174db3d35 in mail_storage_service_lookup (ctx=0x1160640, input=0x7fff905265d0, user_r=<value optimized out>, error_r=<value optimized out>) at mail-storage-service.c:1013 > 1013 mail-storage-service.c: No such file or directory. > in mail-storage-service.c > (gdb) bt full Fixed a few days ago: http://hg.dovecot.org/dovecot-2.2/rev/1ad12af6efe4 From tss at iki.fi Wed Nov 7 17:46:34 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:46:34 +0200 Subject: [Dovecot] No manpage for "doveadm fts" command In-Reply-To: <m2pq3xfkxf.fsf@cone.luannocracy.com> References: <m2pq3xfkxf.fsf@cone.luannocracy.com> Message-ID: <F34F3350-E698-4D5E-A320-1373A2B92C9D@iki.fi> On 1.11.2012, at 16.38, Dave Abrahams wrote: > Just wanted to make sure this issue was registered separately from the > overall confusion I'm exploring in another thread, even though I mention > this there too. Yes, and dsync also needs to be moved into doveadm sync/backup. And some other things. Feel free to write :) From tss at iki.fi Wed Nov 7 17:47:35 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:47:35 +0200 Subject: [Dovecot] Indexing problems In-Reply-To: <m2k3u5ii78.fsf@cone.luannocracy.com> References: <m2k3u5ii78.fsf@cone.luannocracy.com> Message-ID: <8EFED980-1F94-45A2-811B-036EE2DAF48F@iki.fi> On 1.11.2012, at 15.08, Dave Abrahams wrote: > It looks like something is going very wrong here. Any advice? .. > doveadm(dave): Info: [Gmail].All Mail: Caching mails seq=2..231746 > 8000/231745Assertion failed: (numDocsInStore*8 == directory->fileLength( (docStoreSegment + "." + IndexFileNames::FIELDS_INDEX_EXTENSION).c_str() )), function closeDocStore, file /tmp/clucene-gmYE/src/core/CLucene/index/DocumentsWriter.cpp, line 210. > Abort trap: 6 > cone:local dave$ Looks like a bug in CLucene library. Probably nothing I can do about it.. Just delete the lucene-indexes directory and run doveadm fts rescan. From tss at iki.fi Wed Nov 7 17:50:19 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 17:50:19 +0200 Subject: [Dovecot] "starting" dovecot In-Reply-To: <m2390sfnle.fsf@cone.luannocracy.com> References: <m2zk31gja8.fsf@pluto.luannocracy.com> <m2390sfnle.fsf@cone.luannocracy.com> Message-ID: <2DA5EE7F-8C23-4233-AF51-138C81F3DB8D@iki.fi> On 2.11.2012, at 9.52, Dave Abrahams wrote: > > on Thu Nov 01 2012, Dave Abrahams <dave-AT-boostpro.com> wrote: > >> My system never issues the "dovecot start" command. I do, however, run >> /usr/local/libexec/dovecot/imap on port 9xxx. I talk to the server >> through port 9xxx and through the preauth tunnel. Is this arrangement >> OK? Are there some things that will only work if "dovecot" is invoked? > > In particular, I'm curious because of messages like the one below that I > got from "doveadm search": > > doveadm(dave): Error: net_connect_unix(/usr/local/var/run/dovecot/indexer) failed: No such file or directory > > Is the lack of this (or any other) socket attributable to not having > started dovecot itself? Yes, fts indexing is always done via the indexer process currently. You need dovecot master process running for that. I don't think there are other such things currently. You could patch fts code to not use indexer process, probably a one line change. Except when running that way if two processes try to update the Lucene at the same time you'll get some errors. From tss at iki.fi Wed Nov 7 18:01:25 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 18:01:25 +0200 Subject: [Dovecot] %{ldap:nonExistantAttribut} (was Re: v2.2.alpha1 released) In-Reply-To: <alpine.DEB.1.10.1211051947560.7480@pc-2m63a.inf.fh-bonn-rhein-sieg.de> References: <1351544456.13571.102.camel@hurina> <alpine.DEB.1.10.1211051947560.7480@pc-2m63a.inf.fh-bonn-rhein-sieg.de> Message-ID: <F64A14D2-3C1E-4FA3-90AA-22AD5D4330F8@iki.fi> On 5.11.2012, at 20.58, Steffen Kaiser wrote: > http://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb?highlight=(%25{ldap) > > is the only reference I found so far and the TODO file. > > If the attribute does not exist, there should be a default value, you can specify, e.g.: %{ldap:attrName[,]:default value} . [,] the optional delimiter from the TODO. Where do you see "," as optional delimiter? But yeah, %{ldap:attrName:default} would be simple to do. Attached patch to do it. Let me know if it works. -------------- next part -------------- A non-text attachment was scrubbed... Name: ldap.diff Type: application/octet-stream Size: 1713 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121107/ce3e05b4/attachment-0004.obj> -------------- next part -------------- > Or if the attribute is missing, the rule is ignored. Hmm. What if there are two attributes and one of them exists and the other one doesn't?.. From tss at iki.fi Wed Nov 7 18:03:27 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 18:03:27 +0200 Subject: [Dovecot] LDAP congestion In-Reply-To: <k7alq6$klp$1@ger.gmane.org> References: <k7alq6$klp$1@ger.gmane.org> Message-ID: <A1095E0E-01F9-4746-B7C8-94A3AC915827@iki.fi> On 6.11.2012, at 11.38, Bernhard Schmidt wrote: > I've been asked to have a look at a misbehaving mail server of some > colleagues today where almost all logins where failing or excessively > delayed, while the LDAP database itself was pretty fast. > > They run Dovecot 1.2.11 (yes, I know, stoneage) against an LDAP server > run by a 3rd party, auth_bind=yes (required). The problem is that this > third party LDAP server delays bindResponse 3 seconds when the password > is wrong. A user wanted to login every 2-3 seconds this morning with the > wrong password, which effectively killed the system because the LDAP > connection was mostly stalled waiting for the auth timeout. > > From a previous discussion with Timo I know that bindRequests cannot be > parallelized in LDAP, so the problem does not come completely > unexpected. Other than removing the failure delay in the LDAP server, is > there anything one can do? If there is any change in newer Dovecot > versions about that please tell me so I can encourage them to upgrade, > but I haven't seen anything in the changelog. > > Any way to get several LDAP workers/connections for passdb in parallel? Multiple LDAP connections is in TODO. The only alternative right is to use e.g. checkpassword backend that does the ldap lookup in a script. From tss at iki.fi Wed Nov 7 18:14:44 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 18:14:44 +0200 Subject: [Dovecot] Auth USER lookup failed In-Reply-To: <5098EF95.8060005@um.es> References: <5098EF95.8060005@um.es> Message-ID: <B59A6D06-4809-4F9B-AEA4-426877D426F4@iki.fi> On 6.11.2012, at 13.08, Angel L. Mateo wrote: > Nov 6 11:58:56 myotis30 dovecot: auth: Error: userdb(user1): client doesn't have lookup permissions for this user: userdb uid (113246) doesn't match peer uid (14585) (change userdb socket permissions) .. > I have checked the socket permissions, but they are 0666 (if I'm looking the right socket): > > root at myotis30:/etc/dovecot/conf.d# ls -l /var/run/dovecot/auth-userdb > srwxrwxrwx 1 dovecot root 0 nov 6 11:43 /var/run/dovecot/auth-userdb Nowadays the auth-userdb permissions are 0666, which add the extra check that you can only lookup yourself. Since you're not looking up yourself, you're getting the permission error about it. > In fact, I have tried to put all sockets with permissions 0666 and 0777, but the error persists. If the socket is 0777 this error shouldn't happen. Note that you need to change it from dovecot.conf, chmod doesn't matter after startup anymore. This will probably be helpful in future: http://hg.dovecot.org/dovecot-2.1/rev/c811aab61355 From tss at iki.fi Wed Nov 7 18:18:12 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 18:18:12 +0200 Subject: [Dovecot] acl and subfolder In-Reply-To: <20121107092508.Horde.KXj9QTZfwM9QmhrkNMYwS9A@webmail.iut-tlse3.fr> References: <20121107092508.Horde.KXj9QTZfwM9QmhrkNMYwS9A@webmail.iut-tlse3.fr> Message-ID: <41C6AD30-8F9B-4DFC-8488-618D25F05CA0@iki.fi> On 7.11.2012, at 10.25, Laurent Foucher wrote: > I'm using dovecot 2.0.16 and i would like to use acl for subfolder. The file dovecot-acl is well written in both folder test and the subfolder test/Test : > > cat /home/user2/Maildir/.test.Test/dovecot-acl > user=user1 ilrws > cat /home/user2/Maildir/.test/dovecot-acl > user=user1 ilprws > > When user1 want to list, the folder test is well shown, but not the subfolder test/Test. v2.1 has a nice and helpful "doveadm acl debug" command to tell what is wrong. > imap(user1): Debug: acl: Mailbox not in dovecot-acl-list: Partages/user2/test/Test I guess this is the reason. See if deleting dovecot-acl-list helps. From CMarcus at Media-Brokers.com Wed Nov 7 18:21:38 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 07 Nov 2012 11:21:38 -0500 Subject: [Dovecot] Solr 4.0 - lucene - FTS In-Reply-To: <385519A7-AE91-4C38-94C6-7CD8A957E178@iki.fi> References: <509A5B99.1000900@Media-Brokers.com> <385519A7-AE91-4C38-94C6-7CD8A957E178@iki.fi> Message-ID: <509A8A92.3060801@Media-Brokers.com> On 2012-11-07 10:14 AM, Timo Sirainen <tss at iki.fi> wrote: >> Specifically, any plans for implementing immediate/automatic index updates at delivery time? The lack of automatically updated indexes is one downside for its implementation... > Nothing really prevents from adding that very easily .. I guess it would need a new setting, which is always the most annoying part of small changes.:) I think it would have to have a setting equivalent to doveadm index -n parameter, which allows indexing most users, except those who pretty much never read their emails. So with doveadm index -n 1000 you could set that if the mailbox's \Recent count is over 1000, don't index the mailbox. So .. hmm. I guess two settings would be cleaner: > > plugin { > fts_autoindex = yes > fts_autoindex_max_recent = 1000 > } And this would work in conjunction with (and require) the dovecot LDA / LMTP? -- Best regards, Charles From tss at iki.fi Wed Nov 7 18:29:38 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Nov 2012 18:29:38 +0200 Subject: [Dovecot] Solr 4.0 - lucene - FTS In-Reply-To: <509A8A92.3060801@Media-Brokers.com> References: <509A5B99.1000900@Media-Brokers.com> <385519A7-AE91-4C38-94C6-7CD8A957E178@iki.fi> <509A8A92.3060801@Media-Brokers.com> Message-ID: <13E793E4-68A9-4B82-8D63-BC525C01A233@iki.fi> On 7.11.2012, at 18.21, Charles Marcus wrote: > On 2012-11-07 10:14 AM, Timo Sirainen <tss at iki.fi> wrote: >>> Specifically, any plans for implementing immediate/automatic index updates at delivery time? The lack of automatically updated indexes is one downside for its implementation... >> Nothing really prevents from adding that very easily .. I guess it would need a new setting, which is always the most annoying part of small changes.:) I think it would have to have a setting equivalent to doveadm index -n parameter, which allows indexing most users, except those who pretty much never read their emails. So with doveadm index -n 1000 you could set that if the mailbox's \Recent count is over 1000, don't index the mailbox. So .. hmm. I guess two settings would be cleaner: >> >> plugin { >> fts_autoindex = yes >> fts_autoindex_max_recent = 1000 >> } > > And this would work in conjunction with (and require) the dovecot LDA / LMTP? Yes. For non-Dovecot LDA/LMTP you can already run "doveadm index" after the delivery. Or you could do that already with dovecot-lda as well. From CMarcus at Media-Brokers.com Wed Nov 7 19:12:26 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 07 Nov 2012 12:12:26 -0500 Subject: [Dovecot] Solr 4.0 - lucene - FTS In-Reply-To: <13E793E4-68A9-4B82-8D63-BC525C01A233@iki.fi> References: <509A5B99.1000900@Media-Brokers.com> <385519A7-AE91-4C38-94C6-7CD8A957E178@iki.fi> <509A8A92.3060801@Media-Brokers.com> <13E793E4-68A9-4B82-8D63-BC525C01A233@iki.fi> Message-ID: <509A967A.1050705@Media-Brokers.com> On 2012-11-07 11:29 AM, Timo Sirainen <tss at iki.fi> wrote: > On 7.11.2012, at 18.21, Charles Marcus wrote: > >> On 2012-11-07 10:14 AM, Timo Sirainen<tss at iki.fi> wrote: >>>> Specifically, any plans for implementing immediate/automatic index updates at delivery time? The lack of automatically updated indexes is one downside for its implementation... >>> Nothing really prevents from adding that very easily .. I guess it would need a new setting, which is always the most annoying part of small changes.:) I think it would have to have a setting equivalent to doveadm index -n parameter, which allows indexing most users, except those who pretty much never read their emails. So with doveadm index -n 1000 you could set that if the mailbox's \Recent count is over 1000, don't index the mailbox. So .. hmm. I guess two settings would be cleaner: >>> >>> plugin { >>> fts_autoindex = yes >>> fts_autoindex_max_recent = 1000 >>> } >> And this would work in conjunction with (and require) the dovecot LDA / LMTP? > Yes. For non-Dovecot LDA/LMTP you can already run "doveadm index" after the delivery. Or you could do that already with dovecot-lda as well. Gotcha... just confirming that as long as you were using dovecot LDA/LMTP, index updates would be immediate and not impact system performance. Thanks... looking forward to its implementation someday. ;) -- Best regards, Charles From laurent.foucher at iut-tlse3.fr Wed Nov 7 20:15:14 2012 From: laurent.foucher at iut-tlse3.fr (Laurent Foucher) Date: Wed, 07 Nov 2012 19:15:14 +0100 Subject: [Dovecot] acl and subfolder In-Reply-To: <41C6AD30-8F9B-4DFC-8488-618D25F05CA0@iki.fi> References: <20121107092508.Horde.KXj9QTZfwM9QmhrkNMYwS9A@webmail.iut-tlse3.fr> <41C6AD30-8F9B-4DFC-8488-618D25F05CA0@iki.fi> Message-ID: <20121107191514.Horde.B2lVWjZfwM9QmqUygEaBcaA@webmail.iut-tlse3.fr> ----- Message de Timo Sirainen <tss at iki.fi> --------- Date: Wed, 7 Nov 2012 18:18:12 +0200 De: Timo Sirainen <tss at iki.fi> Objet: Re: [Dovecot] acl and subfolder ?: Laurent Foucher <laurent.foucher at iut-tlse3.fr> Cc: dovecot at dovecot.org > On 7.11.2012, at 10.25, Laurent Foucher wrote: > >> I'm using dovecot 2.0.16 and i would like to use acl for subfolder. >> The file dovecot-acl is well written in both folder test and the >> subfolder test/Test : >> >> cat /home/user2/Maildir/.test.Test/dovecot-acl >> user=user1 ilrws >> cat /home/user2/Maildir/.test/dovecot-acl >> user=user1 ilprws >> >> When user1 want to list, the folder test is well shown, but not the >> subfolder test/Test. > > v2.1 has a nice and helpful "doveadm acl debug" command to tell what > is wrong. > >> imap(user1): Debug: acl: Mailbox not in dovecot-acl-list: >> Partages/user2/test/Test > > I guess this is the reason. See if deleting dovecot-acl-list helps. I deleted dovecot-acl-list and unfortunately my problem persit. -- - Laurent Foucher -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-keys Size: 1703 bytes Desc: Cl? publique PGP URL: <http://dovecot.org/pipermail/dovecot/attachments/20121107/557ff2f4/attachment-0004.bin> From tlx at leuxner.net Wed Nov 7 20:30:59 2012 From: tlx at leuxner.net (Thomas Leuxner) Date: Wed, 7 Nov 2012 19:30:59 +0100 Subject: [Dovecot] 2.2.alpha1 (626a9df21e62): LMTP Core Dump In-Reply-To: <B896861D-63AD-4356-A7CF-BDBC91AB54F4@iki.fi> References: <20121101102734.GA20126@nihlus.leuxner.net> <B896861D-63AD-4356-A7CF-BDBC91AB54F4@iki.fi> Message-ID: <24432423-5D31-479F-950A-39663CB8D5FC@leuxner.net> > On 1.11.2012, at 12.27, Thomas Leuxner wrote: > >> Nov 1 11:16:14 spectre dovecot: lmtp(17245): Fatal: master: service(lmtp): child 17245 killed with signal 11 (core dumped) > .. >> #0 0x00007f6174db3d35 in mail_storage_service_lookup (ctx=0x1160640, input=0x7fff905265d0, user_r=<value optimized out>, error_r=<value optimized out>) at mail-storage-service.c:1013 >> 1013 mail-storage-service.c: No such file or directory. >> in mail-storage-service.c >> (gdb) bt full > > Fixed a few days ago: http://hg.dovecot.org/dovecot-2.2/rev/1ad12af6efe4 Thanks and confirmed. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4364 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121107/be2e2c64/attachment-0004.bin> From dave at boostpro.com Wed Nov 7 21:51:17 2012 From: dave at boostpro.com (Dave Abrahams) Date: Wed, 07 Nov 2012 14:51:17 -0500 Subject: [Dovecot] No manpage for "doveadm fts" command In-Reply-To: <F34F3350-E698-4D5E-A320-1373A2B92C9D@iki.fi> (Timo Sirainen's message of "Wed, 7 Nov 2012 17:46:34 +0200") References: <m2pq3xfkxf.fsf@cone.luannocracy.com> <F34F3350-E698-4D5E-A320-1373A2B92C9D@iki.fi> Message-ID: <m2ip9hxkcq.fsf@dhcp192-1-114-088.bbn.com> on Wed Nov 07 2012, Timo Sirainen <tss-AT-iki.fi> wrote: > On 1.11.2012, at 16.38, Dave Abrahams wrote: > >> Just wanted to make sure this issue was registered separately from the >> overall confusion I'm exploring in another thread, even though I mention >> this there too. > > Yes, and dsync also needs to be moved into doveadm sync/backup. And > some other things. Feel free to write :) I'm still trying to figure out what these things do, which is why I'm looking for a manpage. I'm not exactly in a position to write anything. -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From tony.blue.mailinglist at gmx.de Wed Nov 7 22:48:01 2012 From: tony.blue.mailinglist at gmx.de (tony.blue.mailinglist at gmx.de) Date: Wed, 07 Nov 2012 21:48:01 +0100 Subject: [Dovecot] dovecot-lda not correct folder In-Reply-To: <933B1D72-3DAC-4D5C-88B0-78849B7655D9@iki.fi> References: <508F66A2.7010809@gmx.de> <933B1D72-3DAC-4D5C-88B0-78849B7655D9@iki.fi> Message-ID: <509AC901.4010407@gmx.de> Am 07.11.2012 16:23, schrieb Timo Sirainen: > On 30.10.2012, at 7.33, tony.blue.mailinglist at gmx.de wrote: > > -m optionalfolder, without the dot. Also you may need to set > lda_mailbox_autocreate=yes if it doesn't already exist. Thanks Timo, that was the solution of my problem. From slusarz at curecanti.org Thu Nov 8 00:08:44 2012 From: slusarz at curecanti.org (Michael M Slusarz) Date: Wed, 07 Nov 2012 15:08:44 -0700 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <D418AF48-DAC7-4CF7-BD25-DFEEBCCC89E5@iki.fi> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <CEC36A2A-C750-4DCB-A99C-273E9C562F47@iki.fi> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> <D418AF48-DAC7-4CF7-BD25-DFEEBCCC89E5@iki.fi> Message-ID: <20121107150844.Horde.ZgCuUYF5lbhQmtvsBlqlJvA@bigworm.curecanti.org> Quoting Timo Sirainen <tss at iki.fi>: > On 6.11.2012, at 3.49, Michael J Rubinsky wrote: > > These defines in mail-transaction-log-private.h anyway can be > changed to make it much less likely to see your problem: > > /* Rotate when log is older than ROTATE_TIME and larger than MIN_SIZE */ > #define MAIL_TRANSACTION_LOG_ROTATE_MIN_SIZE (1024*32) > /* If log is larger than MAX_SIZE, rotate regardless of the time */ > #define MAIL_TRANSACTION_LOG_ROTATE_MAX_SIZE (1024*1024) > #define MAIL_TRANSACTION_LOG_ROTATE_TIME (60*5) > > /* Delete .log.2 files older than this many seconds. Don't be too eager, > older files are useful for QRESYNC and dsync. */ > #define MAIL_TRANSACTION_LOG2_STALE_SECS (60*60*24*2) > > Maybe the defaults could be changed.. I'm not sure changing the defaults is a good idea. But if someone does want to use a particular dovecot server as the backend for activesync clients, for example, it would probably make sense to allow these values to be tweaked via the config files. (I can see an organization having a "normal" IMAP server and a "activesync" IMAP server that differ in these details, and also in things like IDLE timeouts). michael From slusarz at curecanti.org Thu Nov 8 00:11:31 2012 From: slusarz at curecanti.org (Michael M Slusarz) Date: Wed, 07 Nov 2012 15:11:31 -0700 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <D418AF48-DAC7-4CF7-BD25-DFEEBCCC89E5@iki.fi> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <CEC36A2A-C750-4DCB-A99C-273E9C562F47@iki.fi> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> <D418AF48-DAC7-4CF7-BD25-DFEEBCCC89E5@iki.fi> Message-ID: <20121107151131.Horde.Tp2zboF5lbhQmtyTFrVVJuA@bigworm.curecanti.org> Quoting Timo Sirainen <tss at iki.fi>: > On 6.11.2012, at 3.49, Michael J Rubinsky wrote: > >>> That would require infinitely storing the modseq of when each message >>> was expunged. Not very nice. Also the RFC talks a lot about this >>> situation. The SELECT command has two optional parameters to optimize >>> it. >> >> The RFC *does* indicate that a server implementation could, >> strictly speaking, be considered in compliance without remembering >> modsequences for all expunged messages, but it does explicitly >> discourage such implementations. From RFC 5162 [4.1]: >> >> Strictly speaking, a server implementation that doesn't remember mod- >> sequences associated with expunged messages can be considered >> compliant with this specification. Such implementations return all >> expunged messages specified in the UID set of the UID FETCH >> (VANISHED) command every time, without paying attention to the >> specified CHANGEDSINCE mod-sequence. Such implementations are >> discouraged, as they can end up returning VANISHED responses that are >> bigger than the result of a UID SEARCH command for the same UID set. > > This is talking about a server that doesn't permanently remember ANY > modseqs for expunges. Dovecot remembers them, not not infinitely. > >> It also gives advice to avoid infinitely storing the modsequences >> such as "expiring" sequences associated with older expunged >> messages, but assigning a single modsequence value to all of the >> expired expunged messages. > > Dovecot behaves as the section 4.3 describes. Note especially: > > Note that indefinitely storing information about expunged messages > can cause storage and related problems for an implementation. > .. > Hence, implementations are encouraged to adopt strategies to protect > against such storage problems, such as limiting the size of the queue > used to store mod-sequences for expunged messages and "expiring" > older records when this limit is reached. When the selected > implementation-specific queue limit is reached, the oldest record(s) > are deleted from the queue (note that such records are located at the > queue head). For all such "expired" records, the server needs to > store a single mod-sequence, which is the highest mod-sequence for > all "expired" expunged messages. > > This is exactly what Dovecot does. There is a single modseq > associated with all the previously expunged messages. If you try to > request expunges for that modseq, it returns all of the expunged > messages, which is what you're seeing as a problem. I see your point, but the problem is that is not intuitive when reading the RFC. One part of the RFC defines the behavior of VANISHED (EARLIER) as only returning changes since the mod-sequence given. And you are correct that another part of the RFC says that, essentially, a server is allowed to break this required response. I'm thinking that this is more of an issue with the way the RFC is written. I'll move this over to the imap protocol list to get further input. michael From tss at iki.fi Thu Nov 8 00:23:37 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 8 Nov 2012 00:23:37 +0200 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <20121107150844.Horde.ZgCuUYF5lbhQmtvsBlqlJvA@bigworm.curecanti.org> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <CEC36A2A-C750-4DCB-A99C-273E9C562F47@iki.fi> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> <D418AF48-DAC7-4CF7-BD25-DFEEBCCC89E5@iki.fi> <20121107150844.Horde.ZgCuUYF5lbhQmtvsBlqlJvA@bigworm.curecanti.org> Message-ID: <21244A16-773D-42E2-A2C4-2366F51006D1@iki.fi> On 8.11.2012, at 0.08, Michael M Slusarz wrote: >> These defines in mail-transaction-log-private.h anyway can be changed to make it much less likely to see your problem: >> >> /* Rotate when log is older than ROTATE_TIME and larger than MIN_SIZE */ >> #define MAIL_TRANSACTION_LOG_ROTATE_MIN_SIZE (1024*32) >> /* If log is larger than MAX_SIZE, rotate regardless of the time */ >> #define MAIL_TRANSACTION_LOG_ROTATE_MAX_SIZE (1024*1024) >> #define MAIL_TRANSACTION_LOG_ROTATE_TIME (60*5) >> >> /* Delete .log.2 files older than this many seconds. Don't be too eager, >> older files are useful for QRESYNC and dsync. */ >> #define MAIL_TRANSACTION_LOG2_STALE_SECS (60*60*24*2) >> >> Maybe the defaults could be changed.. > > I'm not sure changing the defaults is a good idea. But if someone does want to use a particular dovecot server as the backend for activesync clients, for example, it would probably make sense to allow these values to be tweaked via the config files. (I can see an organization having a "normal" IMAP server and a "activesync" IMAP server that differ in these details, and also in things like IDLE timeouts). Well .. I hate adding more settings. :) There are way too many already. Ideally Dovecot would automatically do the right thing anyway. Just like it already caches only those things that are needed. It could also increase these values when QRESYNC is used, or even better to actually have the separate expunge log that I mentioned. From slusarz at curecanti.org Thu Nov 8 00:34:39 2012 From: slusarz at curecanti.org (Michael M Slusarz) Date: Wed, 07 Nov 2012 15:34:39 -0700 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <20121107151131.Horde.Tp2zboF5lbhQmtyTFrVVJuA@bigworm.curecanti.org> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <CEC36A2A-C750-4DCB-A99C-273E9C562F47@iki.fi> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> <D418AF48-DAC7-4CF7-BD25-DFEEBCCC89E5@iki.fi> <20121107151131.Horde.Tp2zboF5lbhQmtyTFrVVJuA@bigworm.curecanti.org> Message-ID: <20121107153439.Horde.5pF3bIF5lbhQmuH-kqfFJuA@bigworm.curecanti.org> Quoting Michael M Slusarz <slusarz at curecanti.org>: > I see your point, but the problem is that is not intuitive when > reading the RFC. One part of the RFC defines the behavior of > VANISHED (EARLIER) as only returning changes since the mod-sequence > given. And you are correct that another part of the RFC says that, > essentially, a server is allowed to break this required response. > > I'm thinking that this is more of an issue with the way the RFC is > written. I'll move this over to the imap protocol list to get > further input. Sigh. Never mind. For some reason, I completely ignored (missed?) this part of the RFC: Note: A server that receives a mod-sequence smaller than <minmodseq>, where <minmodseq> is the value of the smallest expunged mod-sequence it remembers minus one, MUST behave as if it was requested to report all expunged messages from the provided UID set parameter. So you are right, I was wrong, and the world is good. michael From tss at iki.fi Thu Nov 8 00:41:04 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 8 Nov 2012 00:41:04 +0200 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <20121107153439.Horde.5pF3bIF5lbhQmuH-kqfFJuA@bigworm.curecanti.org> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <CEC36A2A-C750-4DCB-A99C-273E9C562F47@iki.fi> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> <D418AF48-DAC7-4CF7-BD25-DFEEBCCC89E5@iki.fi> <20121107151131.Horde.Tp2zboF5lbhQmtyTFrVVJuA@bigworm.curecanti.org> <20121107153439.Horde.5pF3bIF5lbhQmuH-kqfFJuA@bigworm.curecanti.org> Message-ID: <2A0F5B1A-190E-469A-B52F-43969E49B9F3@iki.fi> On 8.11.2012, at 0.34, Michael M Slusarz wrote: > Quoting Michael M Slusarz <slusarz at curecanti.org>: > >> I see your point, but the problem is that is not intuitive when reading the RFC. One part of the RFC defines the behavior of VANISHED (EARLIER) as only returning changes since the mod-sequence given. And you are correct that another part of the RFC says that, essentially, a server is allowed to break this required response. >> >> I'm thinking that this is more of an issue with the way the RFC is written. I'll move this over to the imap protocol list to get further input. > > Sigh. Never mind. For some reason, I completely ignored (missed?) this part of the RFC: > > Note: A server that receives a mod-sequence smaller than <minmodseq>, > where <minmodseq> is the value of the smallest expunged mod-sequence > it remembers minus one, MUST behave as if it was requested to report > all expunged messages from the provided UID set parameter. > > So you are right, I was wrong, and the world is good. I wonder how much would it help if you a) Used the uidset/seqset parameters with SELECT command and optionally b) Dovecot implemented it slightly better than required by RFC: http://www.ietf.org/mail-archive/web/lemonade/current/msg04771.html From slusarz at curecanti.org Thu Nov 8 00:41:48 2012 From: slusarz at curecanti.org (Michael M Slusarz) Date: Wed, 07 Nov 2012 15:41:48 -0700 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <21244A16-773D-42E2-A2C4-2366F51006D1@iki.fi> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <CEC36A2A-C750-4DCB-A99C-273E9C562F47@iki.fi> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> <D418AF48-DAC7-4CF7-BD25-DFEEBCCC89E5@iki.fi> <20121107150844.Horde.ZgCuUYF5lbhQmtvsBlqlJvA@bigworm.curecanti.org> <21244A16-773D-42E2-A2C4-2366F51006D1@iki.fi> Message-ID: <20121107154148.Horde.poUtfYF5lbhQmuOsHYn1JuA@bigworm.curecanti.org> Quoting Timo Sirainen <tss at iki.fi>: > On 8.11.2012, at 0.08, Michael M Slusarz wrote: > >> I'm not sure changing the defaults is a good idea. But if someone >> does want to use a particular dovecot server as the backend for >> activesync clients, for example, it would probably make sense to >> allow these values to be tweaked via the config files. (I can see >> an organization having a "normal" IMAP server and a "activesync" >> IMAP server that differ in these details, and also in things like >> IDLE timeouts). > > Well .. I hate adding more settings. :) There are way too many > already. Ideally Dovecot would automatically do the right thing > anyway. Just like it already caches only those things that are > needed. It could also increase these values when QRESYNC is used, or > even better to actually have the separate expunge log that I > mentioned. Thinking about this more, this can really all be handled by proper MUA design. In short, it is never a good idea to send a '1:*' UID range to a VANISHED CHANGEDSINCE FETCH. It remains a reasonable MUA design decision to not send the actual cached UID list to the FETCH command: if this cached UID list is thousands of messages long, obtaining this list, (optionally) sequence set compressing, and sending via the command may take more time/resources than it saves. But a MUA should, at a minimum, keep track of the minimum UID it is aware of in order to limit the possible response. This is a trivial amount of extra overhead and would prevent a large number of spurious VANISHED UIDs to need to be traversed. michael From slusarz at curecanti.org Thu Nov 8 01:14:18 2012 From: slusarz at curecanti.org (Michael M Slusarz) Date: Wed, 07 Nov 2012 16:14:18 -0700 Subject: [Dovecot] Issues with VANISHED CHANGEDSINCE In-Reply-To: <2A0F5B1A-190E-469A-B52F-43969E49B9F3@iki.fi> References: <20121105111333.Horde.NrnxfpcRtLVQl_WtvC_yTpA@h4.theupstairsroom.com> <97249C60-AFEE-46B4-9731-E756CFBBD00F@iki.fi> <20121105133748.Horde.YebyGJcRtLVQmAd8vLpiT1A@h4.theupstairsroom.com> <CEC36A2A-C750-4DCB-A99C-273E9C562F47@iki.fi> <20121105135951.Horde.culyfpcRtLVQmAynU3myTyA@h4.theupstairsroom.com> <20121105124311.Horde.LPWDEoF5lbhQmBbP6CqTwrA@bigworm.curecanti.org> <1352150887.13571.105.camel@hurina> <20121105204953.Horde.S9LKT5cRtLVQmGzB0aHSTpA@h4.theupstairsroom.com> <D418AF48-DAC7-4CF7-BD25-DFEEBCCC89E5@iki.fi> <20121107151131.Horde.Tp2zboF5lbhQmtyTFrVVJuA@bigworm.curecanti.org> <20121107153439.Horde.5pF3bIF5lbhQmuH-kqfFJuA@bigworm.curecanti.org> <2A0F5B1A-190E-469A-B52F-43969E49B9F3@iki.fi> Message-ID: <20121107161418.Horde.W3tHNoF5lbhQmutKaM-FJxA@bigworm.curecanti.org> Quoting Timo Sirainen <tss at iki.fi>: > On 8.11.2012, at 0.34, Michael M Slusarz wrote: > >> Quoting Michael M Slusarz <slusarz at curecanti.org>: >> >>> I see your point, but the problem is that is not intuitive when >>> reading the RFC. One part of the RFC defines the behavior of >>> VANISHED (EARLIER) as only returning changes since the >>> mod-sequence given. And you are correct that another part of the >>> RFC says that, essentially, a server is allowed to break this >>> required response. >>> >>> I'm thinking that this is more of an issue with the way the RFC is >>> written. I'll move this over to the imap protocol list to get >>> further input. >> >> Sigh. Never mind. For some reason, I completely ignored (missed?) >> this part of the RFC: >> >> Note: A server that receives a mod-sequence smaller than <minmodseq>, >> where <minmodseq> is the value of the smallest expunged mod-sequence >> it remembers minus one, MUST behave as if it was requested to report >> all expunged messages from the provided UID set parameter. >> >> So you are right, I was wrong, and the world is good. > > I wonder how much would it help if you > > a) Used the uidset/seqset parameters with SELECT command We *do* use this information. However, this is not (necessarily) useful for the activesync query that was the genesis of this thread. A bit of background on our MUA design is necessary. For Horde/IMP, all IMAP server configuration is done through the IMP application. As part of this configuration, a cache backend can be configured. There are multiple potential users of this IMAP object. Within IMP itself, multiple sessions can be open at any one time. Additionally, several views of IMP, our dynamic view and our smartmobile view, have another cache of messages kept on the browser side. Finally, the ActiveSync library also uses the IMAP object configured by IMP. Anytime the IMAP object is accessed, we are syncing the mailbox with the IMP-configured cache. For QRESYNC, we use the SELECT/EXAMINE uidset parameter. The problem is that any particular view may not be sync'd to the same state as the IMP cache. For example, if someone is using the web application and their phone is syncing via ActiveSync, it is quite likely that the activesync cached mod-sequence value will NOT equal the IMP cached mod-sequence value. So this is when explicitly calling FETCH VANISHED CHANGEDSINCE is needed. The good news: once we get the CHANGEDSINCE FETCH information, we don't need to do a separate flags sync since this information has already been cached within the IMAP object (via either the CHANGEDSINCE call or, more likely, a previous FETCH call in another session). Further optimization: in the case where the original QRESYNC/CONDSTORE sync matches the mod-sequence of whatever object/view is accessing the IMAP object, which should be the most common occurrence, there is no need to perform any additional FETCH/SEARCH calls since we cache the results of the initial mailbox sync and return this data. Might be a long-winded explanation, but just wanted to show why FETCH VANISHED CHANGEDSINCE MUST be used by a client even if taking advantage of QRESYNC SELECT/EXAMINE syncing. In other words - I'd like to think that my imap implementation is not broken :) > b) Dovecot implemented it slightly better than required by RFC: > http://www.ietf.org/mail-archive/web/lemonade/current/msg04771.html I spent a week or so trying to cache message sequence number -> UID mapping. And determined it was more trouble than it was worth. The gains from more compact VANISHED responses in SELECT/EXAMINE are minimal compared to the expense to track them. And the only other reason for tracking - the possibility that EXPUNGEs return EXPUNGED responses instead of VANISHED if the UIDs of the actually expunged messages are needed - can be worked around by doing a UID SEARCH call after the EXPUNGE is over and comparing to the list of UIDs that were given to UID EXPUNGE (with the further optimization that I cache MSN->UID while in a mailbox, which should catch the "STORE (\Deleted)/EXPUNGE" common when using a Trash mailbox or immediate message deletion). Unless I am missing something else that MSNs are necessary? michael From massimiliano at cianelli.eu Thu Nov 8 01:24:38 2012 From: massimiliano at cianelli.eu (Massimiliano Cianelli) Date: Thu, 08 Nov 2012 00:24:38 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. Message-ID: <n2ks0xmebooc8ajg4t5bijon.1352328640116@email.android.com> Hi, Yes w/o prefix work as expected, try to add a prefix like courier does (eg. Inbox.) It will not work as expected. Due I'm upgrading an old installed server, I've to keep everything as much transparent I can... it includes IMAP folder and subscription. Looking at that I've encountered that issue, and analyzed for fix it (thank you open source), not everyone will want to use/use k9.. but you can be 100% sure the stock client is there. Due that Google act like BlackBerry, Microsoft,etc.. (hovewer they will not fix it soon, or really respect the rfc), it's much simple add Namespace on prelogin banner then wait or have to tell someone to install another client for that mailbox. I didn't know the history, but looking at change log seems that idle as been put back to prelogin client for some kind of compatibility with their service. Anyway, the most important reason that got me to subscribe the mailing list for write those emails, is share with the community that problem and provide a solution.. for someone in the future that have the same problem and will search on internet for a solution (like I've does.. before analyze it on my own). If the workaround will be added to the wiki or will be put in the source.. the important thing is that there is a solution simple and fast (two.. the source modify, and the configuration file) and someone can find it.. (Sarcastic) And if the mayans were right we can't wait for google to fix it :p Best Regards Sent from Galaxy Nexus Robert Schetterer <rs at sys4.de> ha scritto: >Am 07.11.2012 08:13, schrieb Massimiliano Cianelli: >> Hello, >> >> My phone: >> Android ics 4.1.2 on galaxy nexus. >> And yes, stock mean the default client that come with the os in IMAP mode. >> >> I already know about that configuration parameter, but it will display two time namespace in postlogin capabilities, and so I like much more to adjust the source code to fix the issue. >> >> Yes there is k9 but I didn't like it too much, I prefer the stock client and is much important to keep compatibility with stock client then user-installed client. >> >> About the issue on Google code, there is thr issue on google code... but Google is a lot slow in fixing those things. >> http://code.google.com/p/android/issues/detail?id=1811 >> >> In a few hour I'll update the issue noticing where is hidden the problem. >> >> Regards >> Sent from Galaxy Nexus > >Hi , i shortly tested this with android sdk jelly bean 4.1.1 and "my >setup" dovecot 2.1.10 with included orginal android mail app in imap mode, >,leaving IMAP prefix blank, everything works as expected, no double >shown inbox, namespace problems etc >so you might have to fit your namespace setup. >Also you might follow allready given advice from here. > >Anyway , i understand you using "stock client" >but you have to understand that the producers of mail clients >optimize their stuff fitting best in their own server structure >making money with it, therefor their motivation coding better imap code >is not very high, same case is for outlook and microsoft >however, i would say, fixing bugs is on the google site here, looks like >there is patch >at >http://code.google.com/p/android/issues/detail?id=1811 >and the issue seems long known > >i dont see any hard relation to dovecot in this case >meanwhile using k9mail seems the best way to workaround >there are lots of other bugs around android versions >over the years i dont expect google to fix them > > >> >> Robert Schetterer <rs at sys4.de> ha scritto: >> >>> Am 06.11.2012 07:08, schrieb Ben Morrow: >>>> At 6AM +0100 on 6/11/12 you (Massimiliano Cianelli) wrote: >>>>> Hi, >>>>> >>>>> My setup: >>>>> Dovecot 2 latest, installed to replace courrier IMAP, and off course >>>>> configured with the dot separator and all folder under INBOX.*. >>>>> >>>>> The problem: >>>>> My phone was driving me mad during the test, due that it will only >>>>> recognize Inbox. >>>>> >>>>> How found the solution: >>>>> I've started sniffing IMAP traffic on my server and ended up with one >>>>> difference: >>>>> On courier it ask for namespace, on dovecot it won't. >>>>> >>>>> I gives a better look, and noticed that courier show namespace >>>>> capability on prelogin banner, adding it too solved the problem. >>>>> >>>>> Reason: >>>>> Android ICS stock client seems do not honor the capability gived after >>>>> the login. >>>> >>>> See http://wiki2.dovecot.org/Upgrading/2.0?highlight=%28capability%29 ; >>>> you need to set imap_capability and/or get your client fixed. >>>> >>>> Ben >>>> >>> >>> Hi, first ,what is the exact meaning of >>> >>> "Android ICS stock client" >>> >>> do you mean default included email client in standard android in imap >>> mode, when yes, which version of Android , i like to test my own >>> however is there changelog/code etc at google for this behave? >>> >>> conf example >>> >>> # Override the IMAP CAPABILITY response. If the value begins with '+', >>> # add the given capabilities on top of the defaults (e.g. +XFOO XBAR). >>> #imap_capability = >>> >>> setting stuff here might be complex , or lead to trouble with other >>> clients, if setting this might fix problems ,with clients it should be >>> advised in the wiki/example-conf and/or Timo >>> >>> or the other way ,for massive used clients there should be >>> a seperate workaround section in the conf >>> >>> But fixing behave clients should be prime option anyway >>> >>> Meanwhile use K9mail in Android as best free option in imap mode servers >>> >>> Best Regards >>> MfG Robert Schetterer >>> >>> -- >>> [*] sys4 AG >>> >>> http://sys4.de, +49 (89) 30 90 46 64 >>> Franziskanerstra?e 15, 81669 M?nchen >>> >>> Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 >>> Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer >>> Aufsichtsratsvorsitzender: Joerg Heidrich > > > >Best Regards >MfG Robert Schetterer > >-- >[*] sys4 AG > >http://sys4.de, +49 (89) 30 90 46 64 >Franziskanerstra?e 15, 81669 M?nchen > >Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 >Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer >Aufsichtsratsvorsitzender: Joerg Heidrich From tss at iki.fi Thu Nov 8 01:42:17 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 8 Nov 2012 01:42:17 +0200 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: <n2ks0xmebooc8ajg4t5bijon.1352328640116@email.android.com> References: <n2ks0xmebooc8ajg4t5bijon.1352328640116@email.android.com> Message-ID: <DC1B4E39-DC89-47DB-842A-8D08DF082494@iki.fi> On 8.11.2012, at 1.24, Massimiliano Cianelli wrote: > Due that Google act like BlackBerry, Microsoft,etc.. (hovewer they will not fix it soon, or really respect the rfc), it's much simple add Namespace on prelogin banner then wait or have to tell someone to install another client for that mailbox. > > I didn't know the history, but looking at change log seems that idle as been put back to prelogin client for some kind of compatibility with their service. Luckily the big ones only needed IDLE to work. I'm hoping to avoid adding anything else. And Dovecot is currently the most widely used IMAP server, so I think there's a good chance of client developers actually fixing their clients. From massimiliano at cianelli.eu Thu Nov 8 01:48:57 2012 From: massimiliano at cianelli.eu (Massimiliano Cianelli) Date: Thu, 08 Nov 2012 00:48:57 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: <DC1B4E39-DC89-47DB-842A-8D08DF082494@iki.fi> References: <n2ks0xmebooc8ajg4t5bijon.1352328640116@email.android.com> <DC1B4E39-DC89-47DB-842A-8D08DF082494@iki.fi> Message-ID: <3b757e0a-bc1a-48af-a4b3-582a886e650b@email.android.com> I've noticed an error in my sentence about the change log, it was referred to blackberry.. not to Google Google need only 'namespace', I will try to update the issue (due that every IMAP server that will respect the rfc will not work as expected in that condition).. pointing the problem on post login capability... and we will see when Google will want to fix it. Regards Timo Sirainen <tss at iki.fi> ha scritto: >On 8.11.2012, at 1.24, Massimiliano Cianelli wrote: > >> Due that Google act like BlackBerry, Microsoft,etc.. (hovewer they >will not fix it soon, or really respect the rfc), it's much simple add >Namespace on prelogin banner then wait or have to tell someone to >install another client for that mailbox. >> >> I didn't know the history, but looking at change log seems that idle >as been put back to prelogin client for some kind of compatibility with >their service. > >Luckily the big ones only needed IDLE to work. I'm hoping to avoid >adding anything else. > >And Dovecot is currently the most widely used IMAP server, so I think >there's a good chance of client developers actually fixing their >clients. -- testing k9 From tss at iki.fi Thu Nov 8 01:55:33 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 8 Nov 2012 01:55:33 +0200 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: <3b757e0a-bc1a-48af-a4b3-582a886e650b@email.android.com> References: <n2ks0xmebooc8ajg4t5bijon.1352328640116@email.android.com> <DC1B4E39-DC89-47DB-842A-8D08DF082494@iki.fi> <3b757e0a-bc1a-48af-a4b3-582a886e650b@email.android.com> Message-ID: <88042DDA-00C2-4143-86C5-CD6B62D397AD@iki.fi> Even gmail itself isn't advertising all capabilities before login: * CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA ID XLIST CHILDREN X-GM-EXT-1 XYZZY SASL-IR AUTH=XOAUTH AUTH=XOAUTH2 vs. * CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA ID XLIST CHILDREN X-GM-EXT-1 UIDPLUS COMPRESS=DEFLATE UIDPLUS especially has been very widely used long before gmail. I guess they also don't want to advertise unnecessary capabilities before login and have determined that all the important clients supporting UIDPLUS support receiving after it post-login. On 8.11.2012, at 1.48, Massimiliano Cianelli wrote: > I've noticed an error in my sentence about the change log, it was referred to blackberry.. not to Google > > Google need only 'namespace', I will try to update the issue (due that every IMAP server that will respect the rfc will not work as expected in that condition).. pointing the problem on post login capability... and we will see when Google will want to fix it. > > Regards > > Timo Sirainen <tss at iki.fi> ha scritto: > >> On 8.11.2012, at 1.24, Massimiliano Cianelli wrote: >> >>> Due that Google act like BlackBerry, Microsoft,etc.. (hovewer they >> will not fix it soon, or really respect the rfc), it's much simple add >> Namespace on prelogin banner then wait or have to tell someone to >> install another client for that mailbox. >>> >>> I didn't know the history, but looking at change log seems that idle >> as been put back to prelogin client for some kind of compatibility with >> their service. >> >> Luckily the big ones only needed IDLE to work. I'm hoping to avoid >> adding anything else. >> >> And Dovecot is currently the most widely used IMAP server, so I think >> there's a good chance of client developers actually fixing their >> clients. > > -- testing k9 > From massimiliano at cianelli.eu Thu Nov 8 02:01:49 2012 From: massimiliano at cianelli.eu (Massimiliano Cianelli) Date: Thu, 08 Nov 2012 01:01:49 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: <88042DDA-00C2-4143-86C5-CD6B62D397AD@iki.fi> References: <n2ks0xmebooc8ajg4t5bijon.1352328640116@email.android.com> <DC1B4E39-DC89-47DB-842A-8D08DF082494@iki.fi> <3b757e0a-bc1a-48af-a4b3-582a886e650b@email.android.com> <88042DDA-00C2-4143-86C5-CD6B62D397AD@iki.fi> Message-ID: <a7e99d4d-2566-4b50-bdf0-838b0e77b729@email.android.com> Yes, but namespace is in prelogin... and anyway they will say that the team which will make the gmail app is different then the email app. IMHO there is only a commercial reason.. keep people use gmail and force company and private to use Google apps... in that way they will not have issue and have push delivery (also called IMAP idle that is not supported). Timo Sirainen <tss at iki.fi> ha scritto: >Even gmail itself isn't advertising all capabilities before login: > >* CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA ID XLIST CHILDREN >X-GM-EXT-1 XYZZY SASL-IR AUTH=XOAUTH AUTH=XOAUTH2 > >vs. > >* CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA ID XLIST CHILDREN >X-GM-EXT-1 UIDPLUS COMPRESS=DEFLATE > >UIDPLUS especially has been very widely used long before gmail. I guess >they also don't want to advertise unnecessary capabilities before login >and have determined that all the important clients supporting UIDPLUS >support receiving after it post-login. > >On 8.11.2012, at 1.48, Massimiliano Cianelli wrote: > >> I've noticed an error in my sentence about the change log, it was >referred to blackberry.. not to Google >> >> Google need only 'namespace', I will try to update the issue (due >that every IMAP server that will respect the rfc will not work as >expected in that condition).. pointing the problem on post login >capability... and we will see when Google will want to fix it. >> >> Regards >> >> Timo Sirainen <tss at iki.fi> ha scritto: >> >>> On 8.11.2012, at 1.24, Massimiliano Cianelli wrote: >>> >>>> Due that Google act like BlackBerry, Microsoft,etc.. (hovewer they >>> will not fix it soon, or really respect the rfc), it's much simple >add >>> Namespace on prelogin banner then wait or have to tell someone to >>> install another client for that mailbox. >>>> >>>> I didn't know the history, but looking at change log seems that >idle >>> as been put back to prelogin client for some kind of compatibility >with >>> their service. >>> >>> Luckily the big ones only needed IDLE to work. I'm hoping to avoid >>> adding anything else. >>> >>> And Dovecot is currently the most widely used IMAP server, so I >think >>> there's a good chance of client developers actually fixing their >>> clients. >> >> -- testing k9 >> -- Inviato dal mio cellulare Android con K-9 Mail. From tss at iki.fi Thu Nov 8 02:10:33 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 8 Nov 2012 02:10:33 +0200 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: <a7e99d4d-2566-4b50-bdf0-838b0e77b729@email.android.com> References: <n2ks0xmebooc8ajg4t5bijon.1352328640116@email.android.com> <DC1B4E39-DC89-47DB-842A-8D08DF082494@iki.fi> <3b757e0a-bc1a-48af-a4b3-582a886e650b@email.android.com> <88042DDA-00C2-4143-86C5-CD6B62D397AD@iki.fi> <a7e99d4d-2566-4b50-bdf0-838b0e77b729@email.android.com> Message-ID: <3A1F6CA1-423F-4DF7-905C-9B161463D024@iki.fi> Yes, different teams, but I think Google is still a lot more reasonable company to deal with things like this than Microsoft. Although surprisingly even Microsoft appears to support SPECIAL-USE in the next Outlook(?) client. On 8.11.2012, at 2.01, Massimiliano Cianelli wrote: > Yes, but namespace is in prelogin... and anyway they will say that the team which will make the gmail app is different then the email app. > > IMHO there is only a commercial reason.. keep people use gmail and force company and private to use Google apps... in that way they will not have issue and have push delivery (also called IMAP idle that is not supported). > > Timo Sirainen <tss at iki.fi> ha scritto: > >> Even gmail itself isn't advertising all capabilities before login: >> >> * CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA ID XLIST CHILDREN >> X-GM-EXT-1 XYZZY SASL-IR AUTH=XOAUTH AUTH=XOAUTH2 >> >> vs. >> >> * CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA ID XLIST CHILDREN >> X-GM-EXT-1 UIDPLUS COMPRESS=DEFLATE >> >> UIDPLUS especially has been very widely used long before gmail. I guess >> they also don't want to advertise unnecessary capabilities before login >> and have determined that all the important clients supporting UIDPLUS >> support receiving after it post-login. >> >> On 8.11.2012, at 1.48, Massimiliano Cianelli wrote: >> >>> I've noticed an error in my sentence about the change log, it was >> referred to blackberry.. not to Google >>> >>> Google need only 'namespace', I will try to update the issue (due >> that every IMAP server that will respect the rfc will not work as >> expected in that condition).. pointing the problem on post login >> capability... and we will see when Google will want to fix it. >>> >>> Regards >>> >>> Timo Sirainen <tss at iki.fi> ha scritto: >>> >>>> On 8.11.2012, at 1.24, Massimiliano Cianelli wrote: >>>> >>>>> Due that Google act like BlackBerry, Microsoft,etc.. (hovewer they >>>> will not fix it soon, or really respect the rfc), it's much simple >> add >>>> Namespace on prelogin banner then wait or have to tell someone to >>>> install another client for that mailbox. >>>>> >>>>> I didn't know the history, but looking at change log seems that >> idle >>>> as been put back to prelogin client for some kind of compatibility >> with >>>> their service. >>>> >>>> Luckily the big ones only needed IDLE to work. I'm hoping to avoid >>>> adding anything else. >>>> >>>> And Dovecot is currently the most widely used IMAP server, so I >> think >>>> there's a good chance of client developers actually fixing their >>>> clients. >>> >>> -- testing k9 >>> > > -- Inviato dal mio cellulare Android con K-9 Mail. From massimiliano at cianelli.eu Thu Nov 8 02:18:48 2012 From: massimiliano at cianelli.eu (Massimiliano Cianelli) Date: Thu, 08 Nov 2012 01:18:48 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: <3A1F6CA1-423F-4DF7-905C-9B161463D024@iki.fi> References: <n2ks0xmebooc8ajg4t5bijon.1352328640116@email.android.com> <DC1B4E39-DC89-47DB-842A-8D08DF082494@iki.fi> <3b757e0a-bc1a-48af-a4b3-582a886e650b@email.android.com> <88042DDA-00C2-4143-86C5-CD6B62D397AD@iki.fi> <a7e99d4d-2566-4b50-bdf0-838b0e77b729@email.android.com> <3A1F6CA1-423F-4DF7-905C-9B161463D024@iki.fi> Message-ID: <da6b3938-5081-43c1-ab67-bd60dea8e6a9@email.android.com> If you give a look to Google code there are a lot of important bugs keep open from years. I like a lot android... but they have to spent a little more on it. Only in that way it will be the best mobile os around. Now it have some goods and some bads things.. like every os around us.. the only big good thing... it is open. Timo Sirainen <tss at iki.fi> ha scritto: >Yes, different teams, but I think Google is still a lot more reasonable >company to deal with things like this than Microsoft. Although >surprisingly even Microsoft appears to support SPECIAL-USE in the next >Outlook(?) client. > >On 8.11.2012, at 2.01, Massimiliano Cianelli wrote: > >> Yes, but namespace is in prelogin... and anyway they will say that >the team which will make the gmail app is different then the email app. >> >> IMHO there is only a commercial reason.. keep people use gmail and >force company and private to use Google apps... in that way they will >not have issue and have push delivery (also called IMAP idle that is >not supported). >> >> Timo Sirainen <tss at iki.fi> ha scritto: >> >>> Even gmail itself isn't advertising all capabilities before login: >>> >>> * CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA ID XLIST >CHILDREN >>> X-GM-EXT-1 XYZZY SASL-IR AUTH=XOAUTH AUTH=XOAUTH2 >>> >>> vs. >>> >>> * CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA ID XLIST >CHILDREN >>> X-GM-EXT-1 UIDPLUS COMPRESS=DEFLATE >>> >>> UIDPLUS especially has been very widely used long before gmail. I >guess >>> they also don't want to advertise unnecessary capabilities before >login >>> and have determined that all the important clients supporting >UIDPLUS >>> support receiving after it post-login. >>> >>> On 8.11.2012, at 1.48, Massimiliano Cianelli wrote: >>> >>>> I've noticed an error in my sentence about the change log, it was >>> referred to blackberry.. not to Google >>>> >>>> Google need only 'namespace', I will try to update the issue (due >>> that every IMAP server that will respect the rfc will not work as >>> expected in that condition).. pointing the problem on post login >>> capability... and we will see when Google will want to fix it. >>>> >>>> Regards >>>> >>>> Timo Sirainen <tss at iki.fi> ha scritto: >>>> >>>>> On 8.11.2012, at 1.24, Massimiliano Cianelli wrote: >>>>> >>>>>> Due that Google act like BlackBerry, Microsoft,etc.. (hovewer >they >>>>> will not fix it soon, or really respect the rfc), it's much simple >>> add >>>>> Namespace on prelogin banner then wait or have to tell someone to >>>>> install another client for that mailbox. >>>>>> >>>>>> I didn't know the history, but looking at change log seems that >>> idle >>>>> as been put back to prelogin client for some kind of compatibility >>> with >>>>> their service. >>>>> >>>>> Luckily the big ones only needed IDLE to work. I'm hoping to avoid >>>>> adding anything else. >>>>> >>>>> And Dovecot is currently the most widely used IMAP server, so I >>> think >>>>> there's a good chance of client developers actually fixing their >>>>> clients. >>>> >>>> -- testing k9 >>>> >> >> -- Inviato dal mio cellulare Android con K-9 Mail. Sent from Galaxy Nexus From calestyo at scientia.net Thu Nov 8 04:57:19 2012 From: calestyo at scientia.net (Christoph Anton Mitterer) Date: Thu, 08 Nov 2012 03:57:19 +0100 Subject: [Dovecot] maildir and end-of-line encoding In-Reply-To: <A52B651B-B5D8-4B16-9A79-4231CAAD4ECD@iki.fi> References: <1351648223.24721.4.camel@fermat.scientia.net> <A52B651B-B5D8-4B16-9A79-4231CAAD4ECD@iki.fi> Message-ID: <1352343439.5059.202.camel@fermat.scientia.net> On Wed, 2012-11-07 at 17:33 +0200, Timo Sirainen wrote: > Dovecot automatically adds CRs where necessary. Even within the same file there can be mixed LF/CRLF lines. Can you detail this a bit, or point me to the specific code areas? 1) Is only CR added? Or also LF? 2) What happens e.g. when LFCR is found? Is that then "doubled" to CRLFCR or even CRLFCRLF? 3) When does it "add" these chars? Only when using dovecot-lda? Or also when some other MDA places files into e.g. a maildir? I did some reading on the RFC 5322 which says: - new mails must not have single CR or LF, both may only occur as CRL - but from the previous RFCs, it allows existing messages to have CR and LF alone, in which case they are not newlines as CRLF, but rather the CR and LF characters in the their meaning as control characters. 4) So from that point of view... automatic conversion may actually "corrupt" things in a strict sense. (One should hope of course, that only few people use(d) CR or LF alone to get their control character meaning... but rather that these are just cases of accidents.) 5) I agree with you that mails should be stored with CRLF, as this is their native format.... and I found nothing on the maildir[++] standards that would forbid that (neither that would encourage it). But for mbox there are "definitions" that _always_ LF is used (AFAIU, even on non-UNIX platforms. 6) I went through my mails and basically I found everything: CR, LF, CRLF and even LFCR. Now I have no real idea how to deal with that? Keep all as is? Make all LFs CRLFs and/or all CFs to CRLFs? What about the LFCRs? Handle them as group and perhaps swap them to CRLF. Or doing the same as with single LFs and CRs. Cheers, Chris. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5113 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121108/d8f4f38e/attachment-0004.bin> From p at sys4.de Thu Nov 8 07:25:50 2012 From: p at sys4.de (Patrick Ben Koetter) Date: Thu, 8 Nov 2012 06:25:50 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: <3A1F6CA1-423F-4DF7-905C-9B161463D024@iki.fi> References: <n2ks0xmebooc8ajg4t5bijon.1352328640116@email.android.com> <DC1B4E39-DC89-47DB-842A-8D08DF082494@iki.fi> <3b757e0a-bc1a-48af-a4b3-582a886e650b@email.android.com> <88042DDA-00C2-4143-86C5-CD6B62D397AD@iki.fi> <a7e99d4d-2566-4b50-bdf0-838b0e77b729@email.android.com> <3A1F6CA1-423F-4DF7-905C-9B161463D024@iki.fi> Message-ID: <20121108052550.GC11584@sys4.de> * Timo Sirainen <dovecot at dovecot.org>: > Yes, different teams, but I think Google is still a lot more reasonable company to deal with things like this than Microsoft. Although surprisingly even Microsoft appears to support SPECIAL-USE in the next Outlook(?) client. confirmed. p at rick -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From rs at sys4.de Thu Nov 8 09:31:38 2012 From: rs at sys4.de (Robert Schetterer) Date: Thu, 08 Nov 2012 08:31:38 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: <n2ks0xmebooc8ajg4t5bijon.1352328640116@email.android.com> References: <n2ks0xmebooc8ajg4t5bijon.1352328640116@email.android.com> Message-ID: <509B5FDA.2050002@sys4.de> Am 08.11.2012 00:24, schrieb Massimiliano Cianelli: > Hi, > > Yes w/o prefix work as expected, try to add a prefix like courier does (eg. Inbox.) It will not work as expected. I see you point, but as i have seen other mail clients have problems with prefix namespace in the past, i am using the most unproblematic setup, there will never be an universal best config for all imap software existing, dont try to find it > > Due I'm upgrading an old installed server, I've to keep everything as much transparent I can... it includes IMAP folder and subscription. look at dovecot migration sites for examples, but it may stay a problem ever ,that some imap clients with broken stuff do not behave proper after migration again this should be fixed on the client side > > Looking at that I've encountered that issue, and analyzed for fix it (thank you open source), not everyone will want to use/use k9.. but you can be 100% sure the stock client is there. thats right, but if its failing with some servers, it has to be fixed at the "source of evil" first *g, anyway i dont see the point dovecot related, but your info is usefull anyway > > Due that Google act like BlackBerry, Microsoft,etc.. (hovewer they will not fix it soon, or really respect the rfc), it's much simple add Namespace on prelogin banner then wait or have to tell someone to install another client for that mailbox. > > I didn't know the history, but looking at change log seems that idle as been put back to prelogin client for some kind of compatibility with their service. > > Anyway, the most important reason that got me to subscribe the mailing list for write those emails, is share with the community that problem and provide a solution.. for someone in the future that have the same problem and will search on internet for a solution (like I've does.. before analyze it on my own). > > If the workaround will be added to the wiki or will be put in the source.. the important thing is that there is a solution simple and fast (two.. the source modify, and the configuration file) and someone can find it.. > > (Sarcastic) And if the mayans were right we can't wait for google to fix it :p Dovecot has mass of config parameter, try find out what set best to workaround your problem, then post it to the wiki, it will be welcomed > > Best Regards > Sent from Galaxy Nexus > > Robert Schetterer <rs at sys4.de> ha scritto: > >> Am 07.11.2012 08:13, schrieb Massimiliano Cianelli: >>> Hello, >>> >>> My phone: >>> Android ics 4.1.2 on galaxy nexus. >>> And yes, stock mean the default client that come with the os in IMAP mode. >>> >>> I already know about that configuration parameter, but it will display two time namespace in postlogin capabilities, and so I like much more to adjust the source code to fix the issue. >>> >>> Yes there is k9 but I didn't like it too much, I prefer the stock client and is much important to keep compatibility with stock client then user-installed client. >>> >>> About the issue on Google code, there is thr issue on google code... but Google is a lot slow in fixing those things. >>> http://code.google.com/p/android/issues/detail?id=1811 >>> >>> In a few hour I'll update the issue noticing where is hidden the problem. >>> >>> Regards >>> Sent from Galaxy Nexus >> >> Hi , i shortly tested this with android sdk jelly bean 4.1.1 and "my >> setup" dovecot 2.1.10 with included orginal android mail app in imap mode, >> ,leaving IMAP prefix blank, everything works as expected, no double >> shown inbox, namespace problems etc >> so you might have to fit your namespace setup. >> Also you might follow allready given advice from here. >> >> Anyway , i understand you using "stock client" >> but you have to understand that the producers of mail clients >> optimize their stuff fitting best in their own server structure >> making money with it, therefor their motivation coding better imap code >> is not very high, same case is for outlook and microsoft >> however, i would say, fixing bugs is on the google site here, looks like >> there is patch >> at >> http://code.google.com/p/android/issues/detail?id=1811 >> and the issue seems long known >> >> i dont see any hard relation to dovecot in this case >> meanwhile using k9mail seems the best way to workaround >> there are lots of other bugs around android versions >> over the years i dont expect google to fix them >> >> >>> >>> Robert Schetterer <rs at sys4.de> ha scritto: >>> >>>> Am 06.11.2012 07:08, schrieb Ben Morrow: >>>>> At 6AM +0100 on 6/11/12 you (Massimiliano Cianelli) wrote: >>>>>> Hi, >>>>>> >>>>>> My setup: >>>>>> Dovecot 2 latest, installed to replace courrier IMAP, and off course >>>>>> configured with the dot separator and all folder under INBOX.*. >>>>>> >>>>>> The problem: >>>>>> My phone was driving me mad during the test, due that it will only >>>>>> recognize Inbox. >>>>>> >>>>>> How found the solution: >>>>>> I've started sniffing IMAP traffic on my server and ended up with one >>>>>> difference: >>>>>> On courier it ask for namespace, on dovecot it won't. >>>>>> >>>>>> I gives a better look, and noticed that courier show namespace >>>>>> capability on prelogin banner, adding it too solved the problem. >>>>>> >>>>>> Reason: >>>>>> Android ICS stock client seems do not honor the capability gived after >>>>>> the login. >>>>> >>>>> See http://wiki2.dovecot.org/Upgrading/2.0?highlight=%28capability%29 ; >>>>> you need to set imap_capability and/or get your client fixed. >>>>> >>>>> Ben >>>>> >>>> >>>> Hi, first ,what is the exact meaning of >>>> >>>> "Android ICS stock client" >>>> >>>> do you mean default included email client in standard android in imap >>>> mode, when yes, which version of Android , i like to test my own >>>> however is there changelog/code etc at google for this behave? >>>> >>>> conf example >>>> >>>> # Override the IMAP CAPABILITY response. If the value begins with '+', >>>> # add the given capabilities on top of the defaults (e.g. +XFOO XBAR). >>>> #imap_capability = >>>> >>>> setting stuff here might be complex , or lead to trouble with other >>>> clients, if setting this might fix problems ,with clients it should be >>>> advised in the wiki/example-conf and/or Timo >>>> >>>> or the other way ,for massive used clients there should be >>>> a seperate workaround section in the conf >>>> >>>> But fixing behave clients should be prime option anyway >>>> >>>> Meanwhile use K9mail in Android as best free option in imap mode servers >>>> >>>> Best Regards >>>> MfG Robert Schetterer >>>> >>>> -- >>>> [*] sys4 AG >>>> >>>> http://sys4.de, +49 (89) 30 90 46 64 >>>> Franziskanerstra?e 15, 81669 M?nchen >>>> >>>> Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 >>>> Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer >>>> Aufsichtsratsvorsitzender: Joerg Heidrich >> >> >> >> Best Regards >> MfG Robert Schetterer >> >> -- >> [*] sys4 AG >> >> http://sys4.de, +49 (89) 30 90 46 64 >> Franziskanerstra?e 15, 81669 M?nchen >> >> Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 >> Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer >> Aufsichtsratsvorsitzender: Joerg Heidrich Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From rs at sys4.de Thu Nov 8 09:40:22 2012 From: rs at sys4.de (Robert Schetterer) Date: Thu, 08 Nov 2012 08:40:22 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: <da6b3938-5081-43c1-ab67-bd60dea8e6a9@email.android.com> References: <n2ks0xmebooc8ajg4t5bijon.1352328640116@email.android.com> <DC1B4E39-DC89-47DB-842A-8D08DF082494@iki.fi> <3b757e0a-bc1a-48af-a4b3-582a886e650b@email.android.com> <88042DDA-00C2-4143-86C5-CD6B62D397AD@iki.fi> <a7e99d4d-2566-4b50-bdf0-838b0e77b729@email.android.com> <3A1F6CA1-423F-4DF7-905C-9B161463D024@iki.fi> <da6b3938-5081-43c1-ab67-bd60dea8e6a9@email.android.com> Message-ID: <509B61E6.3090604@sys4.de> Am 08.11.2012 01:18, schrieb Massimiliano Cianelli: > Yes, different teams, but I think Google is still a lot more reasonable >>company to deal with things like this than Microsoft. Although >>surprisingly even Microsoft appears to support SPECIAL-USE in the next >>Outlook(?) client. yeah it works, but they had bugged it for my last tests, mail in sent folder ( which is corect in use by SPECIAL-USE ) always stay unread, seems they have had design problems using now a standard outgoing folder, however there is a bug report about that and they anounced to fix it, but it isnt in my last tests after the last upgrade, if they dont fix it you cant use the sent folder via imap in a handy way , and you have to disable the feature in total ( this point was changed also ), and need to set this function via filter wizard like long time ago outlook versions needed it Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From pshirkey at boosthardware.com Thu Nov 8 09:48:46 2012 From: pshirkey at boosthardware.com (Patrick Shirkey) Date: Thu, 8 Nov 2012 18:48:46 +1100 (EST) Subject: [Dovecot] pop3 exim4 dovecot Message-ID: <63736.188.25.63.54.1352360926.squirrel@boosthardware.com> Hi, I have an exim4 and dovecot system. The system has multiple accounts. Exim4 is receiving emails in the /var/mail/user files and dovecot is configured to use /home/user/mail (mbox) folder. I have one account that dovecot is not processing replies/bounces/etc... The data is being written in the /var/mail/user file by exim4 but as far as dovecot is aware there is nothing in the pop3 inbox. Can anyone suggest how I can enable dovecot to know that the data is in the /var/mail/user file and deliver it to the pop3 inbox for this account? -- Patrick Shirkey Boost Hardware Ltd From yngve_l2 at hotmail.com Thu Nov 8 09:54:21 2012 From: yngve_l2 at hotmail.com (ycc_Swe) Date: Wed, 7 Nov 2012 23:54:21 -0800 (PST) Subject: [Dovecot] Dovecot ok for port 110, but not for SSL (beginner asking) In-Reply-To: <509A35C0.8040209@sys4.de> References: <1352279608118-38611.post@n4.nabble.com> <509A35C0.8040209@sys4.de> Message-ID: <1352361261767-38656.post@n4.nabble.com> Thank you for your reply. I read the page you link to. As I understand I should set the ssl-parameter in 10-ssl.conf to "yes" or "required". I should also have permissions like this: root at deb7:/etc/dovecot/conf.d# ls -l /etc/ssl/*/dovecot.pem -r--r--r-- 1 root root 1326 Nov 3 14:24 /etc/ssl/certs/dovecot.pem -r-------- 1 root root 1704 Nov 3 14:24 /etc/ssl/private/dovecot.pem root at deb7:/etc/dovecot/conf.d# Other information on the page, as I understand, has to do with more "advanced" setups than mine. I still have the same problem. When I set ssl parameter to yes/required I can still not connect to port 995. This time I set ssl=verbose. This is what the log shows when I try to connect with ssl. Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x10, ret=1: before/accept initialization [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: before/accept initialization [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read client hello A [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write server hello A [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write certificate A [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write server done A [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 flush data [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2002, ret=-1: SSLv3 read client certificate A [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2002, ret=-1: SSLv3 read client certificate A [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read client key exchange A [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read finished A [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write change cipher spec A [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write finished A [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 flush data [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x20, ret=1: SSL negotiation finished successfully [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2002, ret=1: SSL negotiation finished successfully [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL alert: where=0x4008, ret=256: warning close notify [12.12.12.7] Nov 8 08:42:25 deb7 dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=12.12.12.7, lip=13.13.13.239, TLS: Disconnected, session=<zrnz+fbNpwBBNykH> Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x10, ret=1: before/accept initialization [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: before/accept initialization [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read client hello A [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write server hello A [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write certificate A [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write server done A [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 flush data [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2002, ret=-1: SSLv3 read client certificate A [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2002, ret=-1: SSLv3 read client certificate A [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read client key exchange A [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read finished A [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write change cipher spec A [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write finished A [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1: SSLv3 flush data [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x20, ret=1: SSL negotiation finished successfully [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2002, ret=1: SSL negotiation finished successfully [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL alert: where=0x4008, ret=256: warning close notify [12.12.12.7] Nov 8 08:42:26 deb7 dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=12.12.12.7, lip=13.13.13.239, TLS: Disconnected, session=<N9L9+fbNqABBNykH> root at deb7:/etc/dovecot/conf.d# root at deb7:/etc/dovecot/conf.d# doveconf -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-3-686-pae i686 Debian wheezy/sid disable_plaintext_auth = no mail_gid = mail mail_location = mbox:~/mail:INBOX=/var/mail/%u namespace inbox { inbox = yes location = prefix = } passdb { args = scheme=CRYPT username_format=%u /etc/dovecot/users driver = passwd-file } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = " imap pop3" ssl = required ssl_cert = </etc/ssl/certs/dovecot.pem ssl_key = </etc/ssl/private/dovecot.pem userdb { args = username_format=%u /etc/dovecot/users driver = passwd-file } root at deb7:/etc/dovecot/conf.d# Thanks for repying. I still have the same problem. Dovecot works for me on port 110, but not on 995/ssl. -- View this message in context: http://dovecot.2317879.n4.nabble.com/Dovecot-ok-for-port-110-but-not-for-SSL-beginner-asking-tp38611p38656.html Sent from the Dovecot mailing list archive at Nabble.com. From rs at sys4.de Thu Nov 8 10:18:53 2012 From: rs at sys4.de (Robert Schetterer) Date: Thu, 08 Nov 2012 09:18:53 +0100 Subject: [Dovecot] Dovecot ok for port 110, but not for SSL (beginner asking) In-Reply-To: <1352361261767-38656.post@n4.nabble.com> References: <1352279608118-38611.post@n4.nabble.com> <509A35C0.8040209@sys4.de> <1352361261767-38656.post@n4.nabble.com> Message-ID: <509B6AED.7070107@sys4.de> Am 08.11.2012 08:54, schrieb ycc_Swe: > Thanks for repying. I still have the same problem. Dovecot works for me on > port 110, but not on 995/ssl. look here http://wiki2.dovecot.org/TestPop3Installation look for your auth fit what you want disable_plaintext_auth.... verify your pem/crt is not broken look http://wiki2.dovecot.org/AuthDatabase/PasswdFile Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From rs at sys4.de Thu Nov 8 10:21:26 2012 From: rs at sys4.de (Robert Schetterer) Date: Thu, 08 Nov 2012 09:21:26 +0100 Subject: [Dovecot] pop3 exim4 dovecot In-Reply-To: <63736.188.25.63.54.1352360926.squirrel@boosthardware.com> References: <63736.188.25.63.54.1352360926.squirrel@boosthardware.com> Message-ID: <509B6B86.6050600@sys4.de> Am 08.11.2012 08:48, schrieb Patrick Shirkey: > Hi, > > I have an exim4 and dovecot system. The system has multiple accounts. > Exim4 is receiving emails in the /var/mail/user files and dovecot is > configured to use /home/user/mail (mbox) folder. > > I have one account that dovecot is not processing replies/bounces/etc... > The data is being written in the /var/mail/user file by exim4 but as far > as dovecot is aware there is nothing in the pop3 inbox. > > Can anyone suggest how I can enable dovecot to know that the data is in > the /var/mail/user file and deliver it to the pop3 inbox for this account? > > > > -- > Patrick Shirkey > Boost Hardware Ltd > show logs and config like doveconf -n Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From design at 1stwebdesigns.com Thu Nov 8 10:29:05 2012 From: design at 1stwebdesigns.com (1st WebDesigns) Date: Thu, 08 Nov 2012 08:29:05 +0000 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access Message-ID: <509B6D51.8030408@1stwebdesigns.com> Hi there, We're using Dovecot version 1.0.7 and Postfix, and since upgrading our Linux box we're getting this in the maillog: Nov 8 07:49:11 server1 postfix/local[27901]: 04B8E7081DA: to=<xyz at xyz.com>, orig_to=<abc at abc.com>, relay=local, delay=19, delays=0.07/0/0/19, dsn=4.2.0, status=deferred (cannot update mailbox /var/spool/mail/abc for user abc. unable to lock for exclusive access: Resource temporarily unavailable) Postfix is currently set to: mailbox_delivery_lock = fcntl, dotlock Dovecot has this: mbox_read_locks = fcntl mbox_write_locks = fcntl dotlock I've scoured the web and tried all kinds of different locking mechanisms and combinations to no avail. The mail is eventually delivered but on a busy day this can take several hours. In the evening it generally doesn't happen, which leads me to believe it occurs during the day when people have their mail clients open. However, this particular issue doesn't affect every user that has their mail client open, only some! We currently have the mailboxes in mbox format - yes I know we should upgrade to maildir which we will eventually, however we've been using mbox for the last 10 years and this has only become an issue since upgrading. What I have discovered this morning is a Dovecot connection that is open for 6 minutes before disconnection. During this 6 minutes the above problem occurs (new mail cannot get an exclusive lock). The same user will have connected and disconnected several times before and after, with a connection taking no more than a few seconds. But it seems sometimes the connection is taking longer than it should and I suspect the problem lies here. Please can anyone help! Thank you, G From p at sys4.de Thu Nov 8 10:34:56 2012 From: p at sys4.de (Patrick Ben Koetter) Date: Thu, 8 Nov 2012 09:34:56 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: <509B61E6.3090604@sys4.de> References: <n2ks0xmebooc8ajg4t5bijon.1352328640116@email.android.com> <DC1B4E39-DC89-47DB-842A-8D08DF082494@iki.fi> <3b757e0a-bc1a-48af-a4b3-582a886e650b@email.android.com> <88042DDA-00C2-4143-86C5-CD6B62D397AD@iki.fi> <a7e99d4d-2566-4b50-bdf0-838b0e77b729@email.android.com> <3A1F6CA1-423F-4DF7-905C-9B161463D024@iki.fi> <da6b3938-5081-43c1-ab67-bd60dea8e6a9@email.android.com> <509B61E6.3090604@sys4.de> Message-ID: <20121108083456.GA8522@sys4.de> * Robert Schetterer <rs at sys4.de>: > Am 08.11.2012 01:18, schrieb Massimiliano Cianelli: > > Yes, different teams, but I think Google is still a lot more reasonable > >>company to deal with things like this than Microsoft. Although > >>surprisingly even Microsoft appears to support SPECIAL-USE in the next > >>Outlook(?) client. > > yeah it works, but they had bugged it for my last tests, > mail in sent folder ( which is corect in use by SPECIAL-USE ) > always stay unread, seems they have had design problems using now a > standard outgoing folder, however there is a bug report about that > and they anounced to fix it, but it isnt in my last tests after the last > upgrade, if they dont fix it you cant use the sent folder via imap in a > handy way , and you have to disable the feature in total ( this point > was changed also ), and need to set this function via filter wizard like > long time ago outlook versions needed it We could work around this with a SIEVE rule that marks the message 'read' when it is put into the Sent folder, couldn't we? p at rick -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From pshirkey at boosthardware.com Thu Nov 8 10:36:54 2012 From: pshirkey at boosthardware.com (Patrick Shirkey) Date: Thu, 8 Nov 2012 19:36:54 +1100 (EST) Subject: [Dovecot] pop3 exim4 dovecot In-Reply-To: <509B6B86.6050600@sys4.de> References: <63736.188.25.63.54.1352360926.squirrel@boosthardware.com> <509B6B86.6050600@sys4.de> Message-ID: <64315.188.25.63.54.1352363814.squirrel@boosthardware.com> On Thu, November 8, 2012 7:21 pm, Robert Schetterer wrote: > Am 08.11.2012 08:48, schrieb Patrick Shirkey: >> Hi, >> >> I have an exim4 and dovecot system. The system has multiple accounts. >> Exim4 is receiving emails in the /var/mail/user files and dovecot is >> configured to use /home/user/mail (mbox) folder. >> >> I have one account that dovecot is not processing replies/bounces/etc... >> The data is being written in the /var/mail/user file by exim4 but as far >> as dovecot is aware there is nothing in the pop3 inbox. >> >> Can anyone suggest how I can enable dovecot to know that the data is in >> the /var/mail/user file and deliver it to the pop3 inbox for this >> account? >> >> >> >> -- >> Patrick Shirkey >> Boost Hardware Ltd >> > > show logs > and config like doveconf -n > > There is nothing in the dovecot logs afaict echo "my test" | mail -s "test message" test at xxx 2012-11-08 08:34:38 1TWNZO-0000TG-8s <= root at xxx U=root P=local S=398 2012-11-08 08:34:38 1TWNZO-0000TG-8s => xxx <test at xxx> R=local_user T=mail_spool 2012-11-08 08:34:38 1TWNZO-0000TG-8s Completed exim -bt test at xxx R: system_aliases for xxx at localhost R: userforward for xxx at localhost R: procmail for xxx at localhost R: maildrop for xxx at localhost R: lowuid_aliases for xxx at localhost (UID 1238) R: local_user for xxx at localhost xxx at localhost <-- test at xxx router = local_user, transport = mail_spool - Here's the dovecot config: # dovecot -n # 1.2.15: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.6 log_timestamp: %Y-%m-%d %H:%M:%S protocols: pop3 pop3s listen: 127.0.0.1 login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/pop3-login mail_privileged_group: mail mail_location: mbox:~/mail mail_debug: yes mbox_write_locks: fcntl dotlock mail_executable: /usr/lib/dovecot/pop3 mail_plugin_dir: /usr/lib/dovecot/modules/pop3 auth default: debug: yes passdb: driver: pam userdb: driver: passwd -- Patrick Shirkey Boost Hardware Ltd From skdovecot at smail.inf.fh-brs.de Thu Nov 8 11:21:30 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 8 Nov 2012 10:21:30 +0100 (CET) Subject: [Dovecot] %{ldap:nonExistantAttribut} (was Re: v2.2.alpha1 released) In-Reply-To: <F64A14D2-3C1E-4FA3-90AA-22AD5D4330F8@iki.fi> References: <1351544456.13571.102.camel@hurina> <alpine.DEB.1.10.1211051947560.7480@pc-2m63a.inf.fh-bonn-rhein-sieg.de> <F64A14D2-3C1E-4FA3-90AA-22AD5D4330F8@iki.fi> Message-ID: <alpine.DEB.2.02.1211081018070.3023@pc-2m63nn> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 7 Nov 2012, Timo Sirainen wrote: > >> http://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb?highlight=(%25{ldap) >> >> is the only reference I found so far and the TODO file. >> >> If the attribute does not exist, there should be a default value, you can specify, e.g.: %{ldap:attrName[,]:default value} . [,] the optional delimiter from the TODO. > > Where do you see "," as optional delimiter? But yeah, The TODO file contains the snippet: - multiple ldap values could be joined into one field with specified separator (e.g. mail_access_groups=%{ldap:gidNumber:,}) Well, I did ignored the colon in front of the ','. > %{ldap:attrName:default} would be simple to do. Attached patch to do it. > Let me know if it works. I applied it to v2.1. It works like charm, thanks :) - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUJt5mmoxLS8a3A9mAQJpRgf+JviFB7+za6bODz2eWdWCMeSy7GocD9Zc VvmqlcRqCSgGD/37h6m6cyhJ9/XkUm+Z2dbGH5RaznIqEPcQ0GwlIcrkUzfvSSrv ByMRSFDPpu1kWYC1/ieajUrIZTUvhxctpQMtIFkm2Vi6TusgXuTWQGgbf69sIJEF COfPpCO6UYZFe96biNEE171wl+KpEeDBx8xwb4lu+tOXFNbCQEqUMe1kgF6Qda3i cfnAIb+pU+ljYMMQbpuIBpA14i9GGsQAzd39HL3aFKqGq3WU54M8xOZqDfSeUGjh ES/y4U20kbogfUZTUkbA7j3tO463RvCCvFjWh1/FvYLrouAVo2p43A== =Kkac -----END PGP SIGNATURE----- From stan at hardwarefreak.com Thu Nov 8 11:23:51 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Thu, 08 Nov 2012 03:23:51 -0600 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <509B6D51.8030408@1stwebdesigns.com> References: <509B6D51.8030408@1stwebdesigns.com> Message-ID: <509B7A27.3080308@hardwarefreak.com> On 11/8/2012 2:29 AM, 1st WebDesigns wrote: > Hi there, > > We're using Dovecot version 1.0.7 and Postfix, and since upgrading our > Linux box we're getting this in the maillog: 1.0.7 is absolutely ancient and no longer officially supported. You need 1.2.x minimum, 2.x.x even better. And you say you just recently upgraded your Linux distro? What planet do you live on son? You're a few light years behind current stable software. > Nov 8 07:49:11 server1 postfix/local[27901]: 04B8E7081DA: > to=<xyz at xyz.com>, orig_to=<abc at abc.com>, relay=local, delay=19, > delays=0.07/0/0/19, dsn=4.2.0, status=deferred (cannot update mailbox > /var/spool/mail/abc for user abc. unable to lock for exclusive access: > Resource temporarily unavailable) The simple permanent fix to Postfix/Dovecot mbox locking issues is switching from Postfix LOCAL to Dovecot LDA for mailbox delivery. 1.0.7 is before my time. I do not know if LDA was available then. Upgrade and you'll have it, and you'll also fix other problems you're not even aware of yet. > Postfix is currently set to: > mailbox_delivery_lock = fcntl, dotlock > > Dovecot has this: > mbox_read_locks = fcntl > mbox_write_locks = fcntl dotlock LDA completely eliminates lock contention. http://wiki.dovecot.org/LDA/Postfix http://wiki2.dovecot.org/LDA/Postfix -- Stan From rs at sys4.de Thu Nov 8 11:56:42 2012 From: rs at sys4.de (Robert Schetterer) Date: Thu, 08 Nov 2012 10:56:42 +0100 Subject: [Dovecot] Android ICS stock client and IMAP Capability issue. In-Reply-To: <20121108083456.GA8522@sys4.de> References: <n2ks0xmebooc8ajg4t5bijon.1352328640116@email.android.com> <DC1B4E39-DC89-47DB-842A-8D08DF082494@iki.fi> <3b757e0a-bc1a-48af-a4b3-582a886e650b@email.android.com> <88042DDA-00C2-4143-86C5-CD6B62D397AD@iki.fi> <a7e99d4d-2566-4b50-bdf0-838b0e77b729@email.android.com> <3A1F6CA1-423F-4DF7-905C-9B161463D024@iki.fi> <da6b3938-5081-43c1-ab67-bd60dea8e6a9@email.android.com> <509B61E6.3090604@sys4.de> <20121108083456.GA8522@sys4.de> Message-ID: <509B81DA.3080804@sys4.de> Am 08.11.2012 09:34, schrieb Patrick Ben Koetter: > * Robert Schetterer <rs at sys4.de>: >> Am 08.11.2012 01:18, schrieb Massimiliano Cianelli: >>> Yes, different teams, but I think Google is still a lot more reasonable >>>> company to deal with things like this than Microsoft. Although >>>> surprisingly even Microsoft appears to support SPECIAL-USE in the next >>>> Outlook(?) client. >> >> yeah it works, but they had bugged it for my last tests, >> mail in sent folder ( which is corect in use by SPECIAL-USE ) >> always stay unread, seems they have had design problems using now a >> standard outgoing folder, however there is a bug report about that >> and they anounced to fix it, but it isnt in my last tests after the last >> upgrade, if they dont fix it you cant use the sent folder via imap in a >> handy way , and you have to disable the feature in total ( this point >> was changed also ), and need to set this function via filter wizard like >> long time ago outlook versions needed it > > We could work around this with a SIEVE rule that marks the message 'read' when > it is put into the Sent folder, couldn't we? > > p at rick > its a copy/move imap to sent folder act, cant see how we could get sieve involved in that "for now" , cause sieve only act when lda or lmtp is used ,in my understandig but lets hope microsoft has/will fix it, i will test the stable new outlook, until i get more powerfull hardware to install it, i am also looking forward whats happening with imap special use on different language versions Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From skdovecot at smail.inf.fh-brs.de Thu Nov 8 12:01:45 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 8 Nov 2012 11:01:45 +0100 (CET) Subject: [Dovecot] %{ldap:nonExistantAttribut} (was Re: v2.2.alpha1 released) In-Reply-To: <alpine.DEB.2.02.1211081018070.3023@pc-2m63nn> References: <1351544456.13571.102.camel@hurina> <alpine.DEB.1.10.1211051947560.7480@pc-2m63a.inf.fh-bonn-rhein-sieg.de> <F64A14D2-3C1E-4FA3-90AA-22AD5D4330F8@iki.fi> <alpine.DEB.2.02.1211081018070.3023@pc-2m63nn> Message-ID: <alpine.DEB.2.02.1211081059430.3023@pc-2m63nn> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 8 Nov 2012, Steffen Kaiser wrote: >> %{ldap:attrName:default} would be simple to do. Attached patch to do it. >> Let me know if it works. > > I applied it to v2.1. It works like charm, thanks :) yes, works in v2.2 alpha 15390:af331bc452d0, too. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUJuDCWoxLS8a3A9mAQLqowf9HRhh84cjgaE1nAxZ9VwmJK+83wPVNGoQ E2wMudyTcAuzZU/hZUMNTqXZjnS6Ono/bDBhizK3QfrPQ+3KgxbBDXa76csVt+G4 /vWic3jOWMboSw76Gg6u7g+rXrsikdkzNcNh/qxonK0W0k316gI8J/YN3W2vgR0H EVkSF+qfLFEs9I4+LjvX86e3VfVCkQ8ekOJyuf5gMyweQOCAi2+04aQRRZ5vVmir 8hf4LWsmedEiDZOX8FTG1IDXDWDppcBlsQOhm3QeQqoQX0Ew2OTxLY//qspIYASW I8bWxqCWGRoScpSJGVKPlmBtjxRJmPx4FX7VGBPyWn5SDLuEbRgN9Q== =tHXu -----END PGP SIGNATURE----- From CMarcus at Media-Brokers.com Thu Nov 8 13:45:41 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Thu, 08 Nov 2012 06:45:41 -0500 Subject: [Dovecot] Solr 4.0 - lucene - FTS In-Reply-To: <385519A7-AE91-4C38-94C6-7CD8A957E178@iki.fi> References: <509A5B99.1000900@Media-Brokers.com> <385519A7-AE91-4C38-94C6-7CD8A957E178@iki.fi> Message-ID: <509B9B65.4020801@Media-Brokers.com> On 2012-11-07 10:14 AM, Timo Sirainen <tss at iki.fi> wrote: > No, fts-lucene and fts-solr are separate backends. But I do have some small plans to add a few more features to fts-solr. Thanks again Timo, but one last follow-up... According to the wiki, Solr is the preferred method, but that seems weird to me - it requires a full blown Solr server that dovecot communicates with using HTTP/XML queries? Maybe not that big a deal, but just sounds like overkill to me, unless you are maybe already using Solr for website searches (which I'm not and have no need for). I would much prefer something simpler that doesn't require any external dependencies like that, so, next choice is Lucene... Looks much simpler, only requires Lucene's C++ library... But it builds only a single Lucene index for all mailboxes - not sure if this is good or bad? Seems like it would be better/more efficient (and less chance of index corruption, but most importantly, less overhead in the event that one gets hosed and dovecot needs to rebuild it) to build individual indexes for each mailbox, then, maybe, to provide support for searching ALL mailboxes, have a master index that basically just maintains a list of all of the individual indexes to be used for the search (so it doesn't have to scan all available mailboxes, but which it can do in the event that *it* ever got hosed). Obviously I don't know much about all this, so may be totally off base... Thanks again, and for listening to my ramblings, -- Best regards, Charles From odhiambo at gmail.com Thu Nov 8 15:13:07 2012 From: odhiambo at gmail.com (Odhiambo Washington) Date: Thu, 8 Nov 2012 16:13:07 +0300 Subject: [Dovecot] pop3 exim4 dovecot In-Reply-To: <64315.188.25.63.54.1352363814.squirrel@boosthardware.com> References: <63736.188.25.63.54.1352360926.squirrel@boosthardware.com> <509B6B86.6050600@sys4.de> <64315.188.25.63.54.1352363814.squirrel@boosthardware.com> Message-ID: <CAAdA2WMPNiAJ8-Q7Pr-=YrgqKhjJNMKyBg5EjLSkBHtKNs2EMw@mail.gmail.com> On Thu, Nov 8, 2012 at 11:36 AM, Patrick Shirkey <pshirkey at boosthardware.com > wrote: > > On Thu, November 8, 2012 7:21 pm, Robert Schetterer wrote: > > Am 08.11.2012 08:48, schrieb Patrick Shirkey: > >> Hi, > >> > >> I have an exim4 and dovecot system. The system has multiple accounts. > >> Exim4 is receiving emails in the /var/mail/user files and dovecot is > >> configured to use /home/user/mail (mbox) folder. > >> > >> I have one account that dovecot is not processing replies/bounces/etc... > >> The data is being written in the /var/mail/user file by exim4 but as far > >> as dovecot is aware there is nothing in the pop3 inbox. > >> > >> Can anyone suggest how I can enable dovecot to know that the data is in > >> the /var/mail/user file and deliver it to the pop3 inbox for this > >> account? > >> > >> > >> > >> -- > >> Patrick Shirkey > >> Boost Hardware Ltd > >> > > > > show logs > > and config like doveconf -n > > > > > > There is nothing in the dovecot logs afaict > > echo "my test" | mail -s "test message" test at xxx > > 2012-11-08 08:34:38 1TWNZO-0000TG-8s <= root at xxx U=root P=local S=398 > 2012-11-08 08:34:38 1TWNZO-0000TG-8s => xxx <test at xxx> R=local_user > T=mail_spool > 2012-11-08 08:34:38 1TWNZO-0000TG-8s Completed > > > exim -bt test at xxx > R: system_aliases for xxx at localhost > R: userforward for xxx at localhost > R: procmail for xxx at localhost > R: maildrop for xxx at localhost > R: lowuid_aliases for xxx at localhost (UID 1238) > R: local_user for xxx at localhost > xxx at localhost > <-- test at xxx > router = local_user, transport = mail_spool > > > - Here's the dovecot config: > > # dovecot -n > # 1.2.15: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.6 > log_timestamp: %Y-%m-%d %H:%M:%S > protocols: pop3 pop3s > listen: 127.0.0.1 > login_dir: /var/run/dovecot/login > login_executable: /usr/lib/dovecot/pop3-login > mail_privileged_group: mail > mail_location: mbox:~/mail > mail_debug: yes > mbox_write_locks: fcntl dotlock > mail_executable: /usr/lib/dovecot/pop3 > mail_plugin_dir: /usr/lib/dovecot/modules/pop3 > auth default: > debug: yes > passdb: > driver: pam > userdb: > driver: passwd > > > You are telling dovecot that mails are in mbox format (why you even use mbox instead of Maildir++ beats me, but that's not what you asked for help with) and are stored in /home/$user/mbox so go ahead at also tell Exim to deliver to the same location! If you want Exim to deliver to /var/mail/$user then change your mail_location in dovecot.conf to point to this too. -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ I can't hear you -- I'm using the scrambler. From pshirkey at boosthardware.com Thu Nov 8 16:03:11 2012 From: pshirkey at boosthardware.com (Patrick Shirkey) Date: Fri, 9 Nov 2012 01:03:11 +1100 (EST) Subject: [Dovecot] pop3 exim4 dovecot In-Reply-To: <CAAdA2WMPNiAJ8-Q7Pr-=YrgqKhjJNMKyBg5EjLSkBHtKNs2EMw@mail.gmail.com> References: <63736.188.25.63.54.1352360926.squirrel@boosthardware.com> <509B6B86.6050600@sys4.de> <64315.188.25.63.54.1352363814.squirrel@boosthardware.com> <CAAdA2WMPNiAJ8-Q7Pr-=YrgqKhjJNMKyBg5EjLSkBHtKNs2EMw@mail.gmail.com> Message-ID: <50869.188.25.63.54.1352383391.squirrel@boosthardware.com> On Fri, November 9, 2012 12:13 am, Odhiambo Washington wrote: > On Thu, Nov 8, 2012 at 11:36 AM, Patrick Shirkey > <pshirkey at boosthardware.com >> wrote: > >> >> On Thu, November 8, 2012 7:21 pm, Robert Schetterer wrote: >> > Am 08.11.2012 08:48, schrieb Patrick Shirkey: >> >> Hi, >> >> >> >> I have an exim4 and dovecot system. The system has multiple accounts. >> >> Exim4 is receiving emails in the /var/mail/user files and dovecot is >> >> configured to use /home/user/mail (mbox) folder. >> >> >> >> I have one account that dovecot is not processing >> replies/bounces/etc... >> >> The data is being written in the /var/mail/user file by exim4 but as >> far >> >> as dovecot is aware there is nothing in the pop3 inbox. >> >> >> >> Can anyone suggest how I can enable dovecot to know that the data is >> in >> >> the /var/mail/user file and deliver it to the pop3 inbox for this >> >> account? >> >> >> >> >> >> >> >> -- >> >> Patrick Shirkey >> >> Boost Hardware Ltd >> >> >> > >> > show logs >> > and config like doveconf -n >> > >> > >> >> There is nothing in the dovecot logs afaict >> >> echo "my test" | mail -s "test message" test at xxx >> >> 2012-11-08 08:34:38 1TWNZO-0000TG-8s <= root at xxx U=root P=local S=398 >> 2012-11-08 08:34:38 1TWNZO-0000TG-8s => xxx <test at xxx> R=local_user >> T=mail_spool >> 2012-11-08 08:34:38 1TWNZO-0000TG-8s Completed >> >> >> exim -bt test at xxx >> R: system_aliases for xxx at localhost >> R: userforward for xxx at localhost >> R: procmail for xxx at localhost >> R: maildrop for xxx at localhost >> R: lowuid_aliases for xxx at localhost (UID 1238) >> R: local_user for xxx at localhost >> xxx at localhost >> <-- test at xxx >> router = local_user, transport = mail_spool >> >> >> - Here's the dovecot config: >> >> # dovecot -n >> # 1.2.15: /etc/dovecot/dovecot.conf >> # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.6 >> log_timestamp: %Y-%m-%d %H:%M:%S >> protocols: pop3 pop3s >> listen: 127.0.0.1 >> login_dir: /var/run/dovecot/login >> login_executable: /usr/lib/dovecot/pop3-login >> mail_privileged_group: mail >> mail_location: mbox:~/mail >> mail_debug: yes >> mbox_write_locks: fcntl dotlock >> mail_executable: /usr/lib/dovecot/pop3 >> mail_plugin_dir: /usr/lib/dovecot/modules/pop3 >> auth default: >> debug: yes >> passdb: >> driver: pam >> userdb: >> driver: passwd >> >> >> > You are telling dovecot that mails are in mbox format (why you even use > mbox instead of Maildir++ beats me, but that's not what you asked for help > with) and are stored in /home/$user/mbox so go ahead at also tell Exim to > deliver to the same location! > If you want Exim to deliver to /var/mail/$user then change your > mail_location in dovecot.conf to point to this too. > > Thanks for your advice. I inherited this system and it is a live B2B system so I am trying not to break it as well as to keep it running :-) I have seen some unusual behaviour now. 1: According to my script to process the inbox for each account the pop3 account was empty. The code was previously working for many months. I thought it might be related to the missing mail_location directive because the home/xxx/mail folder was missing for the specific account that was having a problem so I added it as above but it didn't appear to fix the problem. 2: I modified it as suggested : mail_location = INBOX=/var/mail/%u That gave me an error Nov 8 13:47:03 mail dovecot: POP3(xxx): mail_location: Ambiguous mail location setting, don't know what to do with it: INBOX=/var/mail/xxx (try prefixing it with mbox: or maildir:) Nov 8 13:47:03 mail dovecot: POP3(xxx): Fatal: Namespace initialization failed 3: I then disabled the directive and restarted dovecot. The processing script now appears to be working but I see this message in the maillog: Nov 8 13:48:00 mail dovecot: POP3(xxx): fchown(/home/xxx/mail/.imap/INBOX/dovecot.index.tmp, -1, 8(mail)) failed: Operation not permitted (egid=1238(xxx), group based on /var/mail/xxx) Nov 8 13:48:00 mail dovecot: POP3(xxx): fchown(/home/xxx/mail/.imap/INBOX/dovecot.index.log.newlock, -1, 8(mail)) failed: Operation not permitted (egid=1238(xxx), group based on /var/mail/xxx) Nov 8 13:48:00 mail dovecot: POP3(xxx): fchown(/home/xxx/mail/.imap/INBOX/dovecot.index.cache.lock, -1, 8(mail)) failed: Operation not permitted (egid=1238(xxx), group based on /var/mail/xxx) So it looks like setting the mail_location to the /home/user did actually help but only after the mbox was auto created by dovecot and then the directive disabled and dovecot restarted. Based on this it appears that this system is configured to use both the /var/mail/user and /home/user/mail folders. I suppose it is a useful backup to have exim4 write to /var/mail/user and have dovecot transfer the data to /home/user/mail as it is received? Everything was working for many months so I'm not sure why the /home/user/mail folder was not auto created for this new account. AFAICT it is supposed to be handled by dovecot when a mail is received and the default location is /home/user/mail so setting it in dovecot.conf is not explicitly required? -- Patrick Shirkey Boost Hardware Ltd From pshirkey at boosthardware.com Thu Nov 8 16:39:55 2012 From: pshirkey at boosthardware.com (Patrick Shirkey) Date: Fri, 9 Nov 2012 01:39:55 +1100 (EST) Subject: [Dovecot] pop3 exim4 dovecot In-Reply-To: <CAAdA2WOxGoRTMFSzz0BLmHDeF2ZhA+bb_h=U=ppq3cQrBn2jQw@mail.gmail.com> References: <63736.188.25.63.54.1352360926.squirrel@boosthardware.com> <509B6B86.6050600@sys4.de> <64315.188.25.63.54.1352363814.squirrel@boosthardware.com> <CAAdA2WMPNiAJ8-Q7Pr-=YrgqKhjJNMKyBg5EjLSkBHtKNs2EMw@mail.gmail.com> <50869.188.25.63.54.1352383391.squirrel@boosthardware.com> <CAAdA2WOxGoRTMFSzz0BLmHDeF2ZhA+bb_h=U=ppq3cQrBn2jQw@mail.gmail.com> Message-ID: <51168.188.25.63.54.1352385595.squirrel@boosthardware.com> On Fri, November 9, 2012 1:10 am, Odhiambo Washington wrote: > On Thu, Nov 8, 2012 at 5:03 PM, Patrick Shirkey > <pshirkey at boosthardware.com>wrote: > >> >> On Fri, November 9, 2012 12:13 am, Odhiambo Washington wrote: >> > On Thu, Nov 8, 2012 at 11:36 AM, Patrick Shirkey >> > <pshirkey at boosthardware.com >> >> wrote: >> > >> >> >> >> On Thu, November 8, 2012 7:21 pm, Robert Schetterer wrote: >> >> > Am 08.11.2012 08:48, schrieb Patrick Shirkey: >> >> >> Hi, >> >> >> >> >> >> I have an exim4 and dovecot system. The system has multiple >> accounts. >> >> >> Exim4 is receiving emails in the /var/mail/user files and dovecot >> is >> >> >> configured to use /home/user/mail (mbox) folder. >> >> >> >> >> >> I have one account that dovecot is not processing >> >> replies/bounces/etc... >> >> >> The data is being written in the /var/mail/user file by exim4 but >> as >> >> far >> >> >> as dovecot is aware there is nothing in the pop3 inbox. >> >> >> >> >> >> Can anyone suggest how I can enable dovecot to know that the data >> is >> >> in >> >> >> the /var/mail/user file and deliver it to the pop3 inbox for this >> >> >> account? >> >> >> >> >> >> >> >> >> >> >> >> -- >> >> >> Patrick Shirkey >> >> >> Boost Hardware Ltd >> >> >> >> >> > >> >> > show logs >> >> > and config like doveconf -n >> >> > >> >> > >> >> >> >> There is nothing in the dovecot logs afaict >> >> >> >> echo "my test" | mail -s "test message" test at xxx >> >> >> >> 2012-11-08 08:34:38 1TWNZO-0000TG-8s <= root at xxx U=root P=local S=398 >> >> 2012-11-08 08:34:38 1TWNZO-0000TG-8s => xxx <test at xxx> R=local_user >> >> T=mail_spool >> >> 2012-11-08 08:34:38 1TWNZO-0000TG-8s Completed >> >> >> >> >> >> exim -bt test at xxx >> >> R: system_aliases for xxx at localhost >> >> R: userforward for xxx at localhost >> >> R: procmail for xxx at localhost >> >> R: maildrop for xxx at localhost >> >> R: lowuid_aliases for xxx at localhost (UID 1238) >> >> R: local_user for xxx at localhost >> >> xxx at localhost >> >> <-- test at xxx >> >> router = local_user, transport = mail_spool >> >> >> >> >> >> - Here's the dovecot config: >> >> >> >> # dovecot -n >> >> # 1.2.15: /etc/dovecot/dovecot.conf >> >> # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.6 >> >> log_timestamp: %Y-%m-%d %H:%M:%S >> >> protocols: pop3 pop3s >> >> listen: 127.0.0.1 >> >> login_dir: /var/run/dovecot/login >> >> login_executable: /usr/lib/dovecot/pop3-login >> >> mail_privileged_group: mail >> >> mail_location: mbox:~/mail >> >> mail_debug: yes >> >> mbox_write_locks: fcntl dotlock >> >> mail_executable: /usr/lib/dovecot/pop3 >> >> mail_plugin_dir: /usr/lib/dovecot/modules/pop3 >> >> auth default: >> >> debug: yes >> >> passdb: >> >> driver: pam >> >> userdb: >> >> driver: passwd >> >> >> >> >> >> >> > You are telling dovecot that mails are in mbox format (why you even >> use >> > mbox instead of Maildir++ beats me, but that's not what you asked for >> help >> > with) and are stored in /home/$user/mbox so go ahead at also tell Exim >> to >> > deliver to the same location! >> > If you want Exim to deliver to /var/mail/$user then change your >> > mail_location in dovecot.conf to point to this too. >> > >> > >> >> >> Thanks for your advice. I inherited this system and it is a live B2B >> system so I am trying not to break it as well as to keep it running :-) >> >> I have seen some unusual behaviour now. >> >> 1: According to my script to process the inbox for each account the pop3 >> account was empty. The code was previously working for many months. I >> thought it might be related to the missing mail_location directive >> because >> the home/xxx/mail folder was missing for the specific account that was >> having a problem so I added it as above but it didn't appear to fix the >> problem. >> > > You DO NOT need to add it manually. All you have to do is to send a test > mail to the user and the mbox will be created with the correct > permissions. > > >> >> 2: I modified it as suggested : mail_location = INBOX=/var/mail/%u >> >> That gave me an error >> >> Nov 8 13:47:03 mail dovecot: POP3(xxx): mail_location: Ambiguous mail >> location setting, don't know what to do with it: INBOX=/var/mail/xxx >> (try >> prefixing it with mbox: or maildir:) >> Nov 8 13:47:03 mail dovecot: POP3(xxx): Fatal: Namespace initialization >> failed >> > > > You must RTFM. The examples are in conf.d/10-mail.conf and they have the > following text: > > <quote> > ## Mailbox locations and namespaces > ## > > # Location for users' mailboxes. The default is empty, which means that > Dovecot > # tries to find the mailboxes automatically. This won't work if the user > # doesn't yet have any mail, so you should explicitly tell Dovecot the > full > # location. > # > # If you're using mbox, giving a path to the INBOX file (eg. /var/mail/%u) > # isn't enough. You'll also need to tell Dovecot where the other mailboxes > are > # kept. This is called the "root mail directory", and it must be the first > # path given in the mail_location setting. > # > # There are a few special variables you can use, eg.: > # > # %u - username > # %n - user part in user at domain, same as %u if there's no domain > # %d - domain part in user at domain, empty if there's no domain > # %h - home directory > # > # See doc/wiki/Variables.txt for full list. Some examples: > # > # mail_location = maildir:~/Maildir > # mail_location = mbox:~/mail:INBOX=/var/mail/%u > # mail_location = mbox:/var/mail/%d/%1n/%n:INDEX=/var/indexes/%d/%1n/%n > # > # <doc/wiki/MailLocation.txt> > </quote> > > ... make sense? > Starting to now. My first attempt to *not* break the existing system was to try with the following: mail_location = mbox:~/mail But that didn't work so I asked here and according to your first email it seemed this config was necessary: mail_location = INBOX=/var/mail/%u But after re reading the docs it appears that *both* locations are required: mail_location = mbox:~/mail:INBOX=/var/mail/%u -- Patrick Shirkey Boost Hardware Ltd From list at airstreamcomm.net Thu Nov 8 16:45:03 2012 From: list at airstreamcomm.net (list at airstreamcomm.net) Date: Thu, 08 Nov 2012 08:45:03 -0600 Subject: [Dovecot] IMAP session state inconsistent Message-ID: <509BC56F.6030606@airstreamcomm.net> Running Dovecot 1.2.12 (we are in the process of upgrading to 2.1.x) Didn't find much in old threads, but we are seeing the following in the logs this morning: dovecot: imap-login: Login: user=<wajabrun>, method=PLAIN, rip=x.x.x.x, lip=y.y.y.y dovecot: IMAP(wajabrun): Disconnected: IMAP session state is inconsistent, please relogin. bytes=443/1146 dovecot: imap-login: Login: user=<wajabrun>, method=PLAIN, rip=x.x.x.x, lip=y.y.y.y dovecot: IMAP(wajabrun): Disconnected: IMAP session state is inconsistent, please relogin. bytes=561/1637 dovecot: imap-login: Login: user=<wajabrun>, method=PLAIN, rip=x.x.x.x, lip=y.y.y.y dovecot: IMAP(wajabrun): file_dotlock_open() failed with file /mail/w/a/wajabrun/Maildir/.INBOX.02 ORDERS.Gaiam/dovecot.index.log: No such file or directory dovecot: IMAP(wajabrun): file_dotlock_open() failed with file /mail/w/a/wajabrun/Maildir/.INBOX.02 ORDERS.Gaiam/dovecot.index.log: No such file or directory Not sure what to make of this sequence? From davide.marchi at mail.cgilfe.it Thu Nov 8 16:51:35 2012 From: davide.marchi at mail.cgilfe.it (Davide) Date: Thu, 08 Nov 2012 15:51:35 +0100 Subject: [Dovecot] Hardlink with Maildir a brief help Message-ID: <509BC6F7.1050107@mail.cgilfe.it> Hi to all, my question is: Is possible implementing SIS (with hardlink) with maildir instead of *dbox format? If yes in dovecot.conf it's only necessary the below parameters or what else? mail_attachment_dir = /var/qmail/attachments I have also acting the zlib plugin it is not a problem isn't it? Thanks in advance for any response -- */Davide Marchi /Teorema Ferrara Srl /(Tel: /**/+39 0532 783161)/**/ (Fax: +/**/39 0532 783368/**/)/**//**/ /**//**/Davide.Marchi at mail.cgilfe.it <mailto:davide.marchi at mail.cgilfe.it?subject=Info> /CONFIDENZIALITA? *** Questo messaggio, inclusi gli eventuali allegati, ? indirizzato solo ai destinatari e pu? contenere informazioni riservate e confidenziali. Se avete ricevuto il messaggio senza esserne un destinatario, siete pregati di non utilizzare, copiare o distribuire questo messaggio o i suoi allegati. Se avete ricevuto il messaggio per errore, siete pregati di cancellarlo dal vostro sistema, assieme a tutti gli allegati, e di informare immediatamente il mittente,sia ai sensi dell'art. 616 c.p., sia ai sensi del DL n. 196/03. *CONFIDENTIALITY*** This message and any attachments are intended only for the use of the addressee(s) and may contain information that is privileged and/or confidential. If the reader of the message is not the intended recipient(s) or an authorized representative of the intended recipient(s), please do not use, copy, distribute this email or its attachments or take action based on them. If you have received this communication in error, please notify us immediately by email and delete the message and any attachments from your system. *Teorema FerraraSrl - Via Spronello, 7 - 44121 Ferrara Italia - P. IVA 01244490387** P**S**tampa questo messaggio solo se veramente necessario, pensa alla natura! - Please consider whether it is necessary to print this e-mail* From jerry at seibercom.net Thu Nov 8 16:56:50 2012 From: jerry at seibercom.net (Jerry) Date: Thu, 8 Nov 2012 09:56:50 -0500 Subject: [Dovecot] pop3 exim4 dovecot In-Reply-To: <51168.188.25.63.54.1352385595.squirrel@boosthardware.com> References: <63736.188.25.63.54.1352360926.squirrel@boosthardware.com> <509B6B86.6050600@sys4.de> <64315.188.25.63.54.1352363814.squirrel@boosthardware.com> <CAAdA2WMPNiAJ8-Q7Pr-=YrgqKhjJNMKyBg5EjLSkBHtKNs2EMw@mail.gmail.com> <50869.188.25.63.54.1352383391.squirrel@boosthardware.com> <CAAdA2WOxGoRTMFSzz0BLmHDeF2ZhA+bb_h=U=ppq3cQrBn2jQw@mail.gmail.com> <51168.188.25.63.54.1352385595.squirrel@boosthardware.com> Message-ID: <20121108095650.6696cb85@scorpio> On Fri, 9 Nov 2012 01:39:55 +1100 (EST) Patrick Shirkey articulated: > My first attempt to *not* break the existing system was to try with > the following: > > mail_location = mbox:~/mail > > But that didn't work so I asked here and according to your first > email it seemed this config was necessary: > > mail_location = INBOX=/var/mail/%u > > But after re reading the docs it appears that *both* locations are > required: > > mail_location = mbox:~/mail:INBOX=/var/mail/%u Seriously, how much effort does it actually take to trim the excess garbage off of a post before replying to it? Personally, once I have to page through four pages of old nonsense I totally lose interest in the thread. -- Jerry ? Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From tlx at leuxner.net Thu Nov 8 17:18:06 2012 From: tlx at leuxner.net (Thomas Leuxner) Date: Thu, 8 Nov 2012 16:18:06 +0100 Subject: [Dovecot] pop3 exim4 dovecot In-Reply-To: <63736.188.25.63.54.1352360926.squirrel@boosthardware.com> References: <63736.188.25.63.54.1352360926.squirrel@boosthardware.com> Message-ID: <20121108151806.GA5906@nihlus.leuxner.net> On Thu, Nov 08, 2012 at 06:48:46PM +1100, Patrick Shirkey wrote: > I have one account that dovecot is not processing replies/bounces/etc... > The data is being written in the /var/mail/user file by exim4 but as far > as dovecot is aware there is nothing in the pop3 inbox. > > Can anyone suggest how I can enable dovecot to know that the data is in > the /var/mail/user file and deliver it to the pop3 inbox for this account? It's possible to override locations per user, if that's what your trying to achieve: http://wiki.dovecot.org/MailLocation http://wiki.dovecot.org/UserDatabase http://wiki.dovecot.org/UserDatabase/ExtraFields Regards Thomas -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121108/8a6379d1/attachment-0004.bin> From ben at morrow.me.uk Thu Nov 8 21:16:51 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Thu, 8 Nov 2012 19:16:51 +0000 Subject: [Dovecot] Dovecot ok for port 110, but not for SSL (beginner asking) In-Reply-To: <1352361261767-38656.post@n4.nabble.com> References: <1352279608118-38611.post@n4.nabble.com> <509A35C0.8040209@sys4.de> <1352361261767-38656.post@n4.nabble.com> Message-ID: <20121108191650.GA89679@anubis.morrow.me.uk> At 11PM -0800 on 7/11/12 you (ycc_Swe) wrote: > > I still have the same problem. When I set ssl parameter to yes/required I > can still not connect to port 995. > This time I set ssl=verbose. This is what the log shows when I try to > connect with ssl. > <snip> > Nov 8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2002, > ret=-1: SSLv3 read client certificate A [12.12.12.7] Are you trying to authenticate with a client certificate, or with user/password under SSL? Using a client certificate requires more configuration than you have used. Does your dovecot machine have a proper publically-signed SSL certificate, or are you using a self-signed cert? If you're using a self-signed cert you'll probably find third-pary systems (like the website you're using for testing) won't accept it, and will disconnect immediately. Can you connect with 'openssl s_client' and log in manually, as you did with telnet before? Can you connect to port 110 and upgrade to SSL with 'STLS' (s_client will try this for you if you pass -starttls pop3)? Ben From fxmulder at gmail.com Thu Nov 8 22:03:57 2012 From: fxmulder at gmail.com (James Devine) Date: Thu, 8 Nov 2012 13:03:57 -0700 Subject: [Dovecot] IP/SSL configuration Message-ID: <CAPmoJaN6=bAOJa9fdd2zxivKp79jO-SJ9ogoyBNOMdGhEuB4Fw@mail.gmail.com> Is there a way I can have something like the following setup: 192.168.0.2 port 110/143, with no starttls/ssl 192.168.0.3 port 110,995/143,993 with starttls/ssl 192.168.0.4 port 110,995/143,993 with starttls/ssl I am looking to setup dovecot so that some IPs will run without any notion of SSL whereas other IPs will run with with ssl/starttls available, each with its own certs From cullinan at rocketmail.com Thu Nov 8 23:21:48 2012 From: cullinan at rocketmail.com (cullinan at rocketmail.com) Date: Thu, 08 Nov 2012 22:21:48 +0100 Subject: [Dovecot] Mails don't get deleted after POP3 Message-ID: <509C226C.9090208@rocketmail.com> Hi, there! Well, I am new to dovecot, so please be patient with me: I have a virtual server and want to setup simple mail delivery. postfix, saslauthd and dovecot basically work fine. The only open issue is, that (I guess) dovecot doesn't remove the mail when it's retrieved via pop3 from the server. It keeps sending me the same emails again and again. (The mail client (Thunderbird) is configured to remove the messages from the server - it was working already.) I guess that dovecot cannot write to some files / has problems with write permissions. But it doesn't tell me anything... Can you tell me, what configuration might be wrong or how can I enable more debugging to see what dovecot is doing after the mails got sent out via pop3? Here is the configuration: # dovecot -n # 1.2.15: /etc/dovecot/dovecot.conf # OS: Linux 2.6.38-8-server x86_64 Ubuntu 11.04 log_timestamp: %Y-%m-%d %H:%M:%S protocols: pop3 pop3s login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/pop3-login mail_privileged_group: mail mbox_write_locks: fcntl dotlock mail_executable: /usr/lib/dovecot/pop3 mail_plugin_dir: /usr/lib/dovecot/modules/pop3 auth default: passdb: driver: pam userdb: driver: passwd -----8<----- # dovecot -a # 1.2.15: /etc/dovecot/dovecot.conf # OS: Linux 2.6.38-8-server x86_64 Ubuntu 11.04 base_dir: /var/run/dovecot log_path: info_log_path: log_timestamp: %Y-%m-%d %H:%M:%S syslog_facility: mail protocols: pop3 pop3s listen: * ssl_listen: ssl: yes ssl_ca_file: ssl_cert_file: /etc/ssl/certs/dovecot.pem ssl_key_file: /etc/ssl/private/dovecot.pem ssl_key_password: ssl_parameters_regenerate: 168 ssl_cipher_list: ssl_cert_username_field: commonName ssl_verify_client_cert: no disable_plaintext_auth: yes verbose_ssl: no shutdown_clients: yes nfs_check: yes version_ignore: no login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/pop3-login login_user: dovecot login_greeting: Dovecot ready. login_log_format_elements: user=<%u> method=%m rip=%r lip=%l %c login_log_format: %$: %s login_process_per_connection: yes login_chroot: yes login_trusted_networks: login_process_size: 64 login_processes_count: 3 login_max_processes_count: 128 login_max_connections: 256 valid_chroot_dirs: mail_chroot: max_mail_processes: 512 mail_max_userip_connections: 10 verbose_proctitle: no first_valid_uid: 500 last_valid_uid: 0 first_valid_gid: 1 last_valid_gid: 0 mail_access_groups: mail_privileged_group: mail mail_uid: mail_gid: mail_location: mail_cache_fields: mail_never_cache_fields: imap.envelope mail_cache_min_mail_count: 0 mailbox_idle_check_interval: 30 mail_debug: no mail_full_filesystem_access: no mail_max_keyword_length: 50 mail_save_crlf: no mmap_disable: no dotlock_use_excl: yes fsync_disable: no mail_nfs_storage: no mail_nfs_index: no mailbox_list_index_disable: yes lock_method: fcntl maildir_stat_dirs: no maildir_copy_with_hardlinks: yes maildir_copy_preserve_filename: no maildir_very_dirty_syncs: no mbox_read_locks: fcntl mbox_write_locks: fcntl dotlock mbox_lock_timeout: 300 mbox_dotlock_change_timeout: 120 mbox_min_index_size: 0 mbox_dirty_syncs: yes mbox_very_dirty_syncs: no mbox_lazy_writes: yes dbox_rotate_size: 2048 dbox_rotate_min_size: 16 dbox_rotate_days: 1 mail_drop_priv_before_exec: no mail_executable: /usr/lib/dovecot/pop3 mail_process_size: 256 mail_plugins: mail_plugin_dir: /usr/lib/dovecot/modules/pop3 mail_log_prefix: %Us(%u): mail_log_max_lines_per_sec: 10 imap_max_line_length: 65536 imap_capability: imap_client_workarounds: imap_logout_format: bytes=%i/%o imap_id_send: imap_id_log: imap_idle_notify_interval: 120 pop3_no_flag_updates: no pop3_enable_last: no pop3_reuse_xuidl: no pop3_save_uidl: no pop3_lock_session: no pop3_uidl_format: %08Xu%08Xv pop3_client_workarounds: pop3_logout_format: top=%t/%p, retr=%r/%b, del=%d/%m, size=%s dict_db_config: dict_process_count: 1 managesieve_max_line_length: 65536 managesieve_logout_format: bytes=%i/%o managesieve_implementation_string: dovecot auth default: mechanisms: plain realms: default_realm: cache_size: 0 cache_ttl: 3600 cache_negative_ttl: 3600 executable: /usr/lib/dovecot/dovecot-auth user: root chroot: username_chars: abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ username_translation: username_format: master_user_separator: anonymous_username: anonymous krb5_keytab: gssapi_hostname: winbind_helper_path: /usr/bin/ntlm_auth failure_delay: 2 verbose: no debug: no debug_passwords: no ssl_require_client_cert: no ssl_username_from_cert: no use_winbind: no count: 1 worker_max_count: 30 process_size: 256 passdb: driver: pam args: deny: no pass: no master: no userdb: driver: passwd args: -----8<----- Please let me know if you need more. Thank you in advance! Regards, Rob From daniel.parthey at informatik.tu-chemnitz.de Thu Nov 8 23:46:17 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Thu, 8 Nov 2012 22:46:17 +0100 Subject: [Dovecot] Mails don't get deleted after POP3 In-Reply-To: <509C226C.9090208@rocketmail.com> References: <509C226C.9090208@rocketmail.com> Message-ID: <20121108214616.GA16774@daniel.localdomain> cullinan at rocketmail.com wrote: > Can you tell me, how can I enable more debugging > to see what dovecot is doing after the mails got sent out via pop3? You can log mail actions session with MailLog: http://wiki.dovecot.org/Plugins/MailLog Regards Daniel -- https://plus.google.com/103021802792276734820 From stan at hardwarefreak.com Thu Nov 8 23:55:12 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Thu, 08 Nov 2012 15:55:12 -0600 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <509B86C2.90207@1stwebdesigns.com> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <509B86C2.90207@1stwebdesigns.com> Message-ID: <509C2A40.9000400@hardwarefreak.com> Please always reply to the list, not individuals. On 11/8/2012 4:17 AM, 1st WebDesigns wrote: > On 08/11/2012 09:23, Stan Hoeppner wrote: >> On 11/8/2012 2:29 AM, 1st WebDesigns wrote: >>> Hi there, >>> >>> We're using Dovecot version 1.0.7 and Postfix, and since upgrading our >>> Linux box we're getting this in the maillog: >> >> 1.0.7 is absolutely ancient and no longer officially supported. You >> need 1.2.x minimum, 2.x.x even better. And you say you just recently >> upgraded your Linux distro? What planet do you live on son? You're a >> few light years behind current stable software. >> >>> Nov 8 07:49:11 server1 postfix/local[27901]: 04B8E7081DA: >>> to=<xyz at xyz.com>, orig_to=<abc at abc.com>, relay=local, delay=19, >>> delays=0.07/0/0/19, dsn=4.2.0, status=deferred (cannot update mailbox >>> /var/spool/mail/abc for user abc. unable to lock for exclusive access: >>> Resource temporarily unavailable) >> >> The simple permanent fix to Postfix/Dovecot mbox locking issues is >> switching from Postfix LOCAL to Dovecot LDA for mailbox delivery. 1.0.7 >> is before my time. I do not know if LDA was available then. Upgrade >> and you'll have it, and you'll also fix other problems you're not even >> aware of yet. >> >>> Postfix is currently set to: >>> mailbox_delivery_lock = fcntl, dotlock >>> >>> Dovecot has this: >>> mbox_read_locks = fcntl >>> mbox_write_locks = fcntl dotlock >> >> LDA completely eliminates lock contention. >> >> http://wiki.dovecot.org/LDA/Postfix >> http://wiki2.dovecot.org/LDA/Postfix >> > > Thanks for your reply. We have upgraded from RHEL4 to RHEL5, so 1.0.7 > is the "stable" version that they provide RHEL 5 is also ancient, released in March 2007, over 5 years ago. The current stable release is RHEL 6.3, released in June 2012. What is the valid reason preventing you from upgrading to the 6.x distribution? The packages in general in 6.x are 5 years newer than 5.x. And given the fact that RHEL runs miles behind the bleeding edge, you're way behind the curve even with a recent RHEL distribution. You can probably find a much newer version of Dovecot in an RPM somewhere, and Postfix for that matter. But it would be better for you if you simply upgraded to RHEL 6.3. -- Stan From ben at morrow.me.uk Fri Nov 9 01:53:35 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Thu, 8 Nov 2012 23:53:35 +0000 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <509B7A27.3080308@hardwarefreak.com> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> Message-ID: <20121108235334.GB89679@anubis.morrow.me.uk> At 3AM -0600 on 8/11/12 you (Stan Hoeppner) wrote: > > 1.0.7 is absolutely ancient and no longer officially supported. You > need 1.2.x minimum, 2.x.x even better. And you say you just recently > upgraded your Linux distro? What planet do you live on son? You're a > few light years behind current stable software. [A light-year is a measure of distance, not of time.] > LDA completely eliminates lock contention. As we have discussed before, using the LDA does not prevent lock contention, it just prevents the problems that arise when different software is using different locking strategies on the same mailbox (assuming nothing except LDA and imap is touching the mailbox directly). There are valid reasons for not using the LDA: the OP might be already using procmail, for instance, and have users with procmail recipies which sort into IMAP folders. These folders will need to be locked by procmail even if the default delivery to INBOX is changed (globally) to happen through dovecot-lda. While migrating to sieve (and mdbox, and LMTP) would, IMHO, be the best long-term solution, this isn't necessarily something that can be set up overnight. Ben From calestyo at scientia.net Fri Nov 9 02:22:37 2012 From: calestyo at scientia.net (Christoph Anton Mitterer) Date: Fri, 09 Nov 2012 01:22:37 +0100 Subject: [Dovecot] mbox vs. maildir storage block waste In-Reply-To: <9C95F27A-0D85-4CD4-8172-9829BC026A14@iki.fi> References: <1351544049.3435.47.camel@fermat.scientia.net> <9D29C5F7-A6BC-4D74-AAA9-14675035D09C@iki.fi> <1351545330.3435.66.camel@fermat.scientia.net> <22F4E090-F572-40F4-8B69-D48E48856815@iki.fi> <1351547682.3435.76.camel@fermat.scientia.net> <A15D492A-72F5-44F9-9167-6E1AE8CC9647@iki.fi> <1351556165.3435.88.camel@fermat.scientia.net> <9C95F27A-0D85-4CD4-8172-9829BC026A14@iki.fi> Message-ID: <1352420557.5071.54.camel@fermat.scientia.net> On Wed, 2012-11-07 at 17:30 +0200, Timo Sirainen wrote: > On 30.10.2012, at 2.16, Christoph Anton Mitterer wrote: > > Have you ever thought about adding a "real" DB backend? Nothing against > > dbox... :) ... and I have no performance comparison of dbox with what > > could be done with a DBMS... but the advantage of the later would be > > that you get all fancy features from database systems for free... like > > fast indexing, online replication, etc. p.. > > One might even reuse something like AOX for this. > SQL indexes aren't very helpful for IMAP-like data. It would be fun to > some day have SQL backend in Dovecot (there already is read-only > INBOX-only SQL backend), but I don't expect it to have very good > performance. I see... well I haven't tested AOX or dbmail so far (especially as they're not in Debian and I was too lazy till now to compile them)... At least I had the impression that performance (especially in searches) was one of the major things these people were proud of. I'll stay tuned, whether we ever see a fully usable SQL backend for Dovecot :) Cheers, Chris. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5113 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121109/bfa44548/attachment-0004.bin> From kgc at corp.sonic.net Fri Nov 9 02:49:15 2012 From: kgc at corp.sonic.net (Kelsey Cummings) Date: Thu, 8 Nov 2012 16:49:15 -0800 Subject: [Dovecot] memory allocation issues Message-ID: <20121109004915.GJ70186@corp.sonic.net> One of our dovecot backend servers ran into a problem with it's auth process a few days ago. This doesn't appear to be the error logged when dovecot hits its internal limit so I'm not sure what is going on here. auth: Error: malloc: 58012: Cannot allocate memory auth: Error: Unable to allocate memory for mutexes from the region auth: Error: PANIC: Cannot allocate memory auth: passwd(test,1.1.1.1,<8HTlNHzNIQBAjhKC>): unknown user pop3: Error: Authenticated user not found from userdb, auth lookup +id=2509111297 (client-pid=4781 client-id=1) pop3-login: Internal login failure (pid=4781 id=1) (internal failure, 1 +succesful auths): user=<test>... There was at least 10+GB free RAM on the server and no indication of a system level issue at the same time. The server is running 2.1.9. There were about 3,200 active sessions, with something like 12 new sessions/sec. The other identical servers are/were handling virtually identical load with the same service uptime and haven't had any issues so far. (Crash happened 7 days ago.) -- Kelsey Cummings - kgc at corp.sonic.net sonic.net, inc. System Architect 2260 Apollo Way 707.522.1000 Santa Rosa, CA 95407 From dovecot at r.paypc.com Fri Nov 9 03:54:11 2012 From: dovecot at r.paypc.com (Robin) Date: Thu, 08 Nov 2012 17:54:11 -0800 Subject: [Dovecot] mbox vs. maildir storage block waste In-Reply-To: <1352420557.5071.54.camel@fermat.scientia.net> References: <1351544049.3435.47.camel@fermat.scientia.net> <9D29C5F7-A6BC-4D74-AAA9-14675035D09C@iki.fi> <1351545330.3435.66.camel@fermat.scientia.net> <22F4E090-F572-40F4-8B69-D48E48856815@iki.fi> <1351547682.3435.76.camel@fermat.scientia.net> <A15D492A-72F5-44F9-9167-6E1AE8CC9647@iki.fi> <1351556165.3435.88.camel@fermat.scientia.net> <9C95F27A-0D85-4CD4-8172-9829BC026A14@iki.fi> <1352420557.5071.54.camel@fermat.scientia.net> Message-ID: <509C6243.9040002@r.paypc.com> Obvious caveats and qualifications apply here throughout this email. Christoph Anton Mitterer <calestyo at scientia.net> wrote: > I see... well I haven't tested AOX or dbmail so far (especially as > they're not in Debian and I was too lazy till now to compile them)... > > At least I had the impression that performance (especially in searches) > was one of the major things these people were proud of. > > > I'll stay tuned, whether we ever see a fully usable SQL backend for > Dovecot :) I wouldn't hold your breath. It's a recurringly seductive "meme" in email circles, but the reality is that email is mostly unstructured data with a few fields of reasonably structured data (dates, from, to, maybe attachment types + filenames). The bulk of the emails, and the part of the emails that people really want to search quickly: the body, is unstructured, and doesn't perform quickly with the stock "full text search" modules in the main SQL engines. I'd given dbmail2 a try with MySQL 5, 5.5, and Postgres 8.4 and 9.1 branches. I've dedicated 16GB of DDR3-1800/3.4GHz 6-core AMD 1090T with hardware RAID local storage (12 x Seagate ES 7200RPM spindles). (64 bit Slackware 13.37 running Linux 3.2 kernels built for the platform.) The performance is surprisingly bad ... doing almost everything. Searches through IMAP, bulk importation of mail folders, large numbers of simultaneous mail deliveries, you name it. There wasn't a task that the dbmail setup performed faster than Dovecot, in either low or high load situations. When I tossed a test load that introduced lots of mail deliveries as well as searches and full folder pulls, things got really pear-shaped. Even putting dovecot's mailstore on NFS (GigE) didn't really slow Dovecot down enough to make dbmail competitive. When pressed on this lack of performance, I was instructed to "add more RAM" to the DB machine, and that for ideal performance I should have more RAM than my mailbox sizes. *sigh* This sounds great for a very small installation, but this clearly is not something that scales. I think the final humiliation was comparing the body + header searching performance using Timo's practically obsolete fts_squat plugin against dbmail's. Wow. Squat was multiple orders of magnitude faster. Lucene and Solr are even moreso when fed large datasets (mail folder hives of about 100GB). The SQL setups hit the obvious performance shelf once they were unable to maintain everything in RAM or cache. The dbmail folk are earnest and hard-working, and I don't mean to cast the slightest bit of negativity on their project. I think the assumptions about what SQL servers can do well often doesn't square with the reality of many applications that people try to fit them into. On my first initial round of tests, I imported 24,000 emails comprising a mere 560MB of space. Just about all of the non-SQL imap servers handled the importation (basically IMAP APPENDs) within 6 minutes. dbmail2 required hours (using MySQL), and a bit shorter time (but still hours') with Postgres. >From an old email: > Searching INBOX #msgs = 24714 > [NOFIND] Time=2.072423, matches=24714 <--- this should be zero *BUG* > [date] Time=2.07519, matches=24714 <--- this is correct > [here] Time=2.072075, matches=24714 <--- this should be about 30% of total # of msgs *BUG* > > Does dbmail break IMAP SEARCH TEXT (i.e., search both body + headers)? Is this a result of relying on MySQL's search algorithms in text-like fields? I'm still puzzled, because I can't believe that 'here' appears in EVERY email. It looks like dbmail's returning EVERY email on a SEARCH TEXT. This is not correct operation. > > When I alter the search to use "FROM" as the key instead of "TEXT", the results are more discriminating and meet expectations. > > Searching INBOX #msgs = 24714 > [NOFIND] Time=2.161049, matches=0 > [james] Time=2.273255, matches=1049 > [here] Time=2.165406, matches=2 > > Not that it matters, but it's much slower than Dovecot's fts_squat for substring searches. > > Dovecot's fts_squat IMAP SEARCH TEXT results are: > > Searching INBOX #msgs = 55731 > [Updating Index] Time=78.184637 (66% of the mailbox unindexed at start) > [NOFIND] Time=0.045654, matches=0 > [date] Time=0.13364, matches=55731 > [here] Time=0.069091, matches=24663 FWIW, I found Postgres to be faster than MySQL (5 and 5.5, though 5.5 with a hand-rolled config file using metrics supplied by a dbmail/MySQL guru helped a great deal for size(data_set) < size(PHYSICAL MEMORY) cases. Where lots of write-commits were involved on the same exact setup. MySQL "got close" to PSQL's performance when I did crazy things like remove filesystem journaling, write barriers, etc on the mail db mountpoint. Obviously, this is desperation talking. I concede that the motivations behind SQLising mail storage extends to administration/replication and other non-performance/scalability aspects. I suspect what constitutes "good enough" performance when squared against those other considerations may raise a SQL approach high enough for some people to use it. I suspect a "NoSQL" key-value store type of database to offer much better performance than SQL RDBs, since most of the assumptions behind the storage and access patterns of email don't really fit into the SQL RDB model very efficiently. dbmail's author and a couple of key dbmail users are very active and responsive on their mailing list, and bend over backwards to try to help new users with tuning and performance related problems. I simply don't have enough of a budget for populating my DB machines with TBs of RAM to make it work as quickly as I need it to for my midrange mail store (10TB). Good luck! =R= From bangkokmaco at gmail.com Fri Nov 9 04:05:49 2012 From: bangkokmaco at gmail.com (cc "maco" young) Date: Fri, 9 Nov 2012 09:05:49 +0700 Subject: [Dovecot] mbox vs. maildir storage block waste In-Reply-To: <509C6243.9040002@r.paypc.com> References: <1351544049.3435.47.camel@fermat.scientia.net> <9D29C5F7-A6BC-4D74-AAA9-14675035D09C@iki.fi> <1351545330.3435.66.camel@fermat.scientia.net> <22F4E090-F572-40F4-8B69-D48E48856815@iki.fi> <1351547682.3435.76.camel@fermat.scientia.net> <A15D492A-72F5-44F9-9167-6E1AE8CC9647@iki.fi> <1351556165.3435.88.camel@fermat.scientia.net> <9C95F27A-0D85-4CD4-8172-9829BC026A14@iki.fi> <1352420557.5071.54.camel@fermat.scientia.net> <509C6243.9040002@r.paypc.com> Message-ID: <CAJ1RXL8SDKRpmg3-S49GbWqJKLoXYgCyZCBXZO9gqYvtHRra1g@mail.gmail.com> robin - what a great write up! thanks! On Fri, Nov 9, 2012 at 8:54 AM, Robin <dovecot at r.paypc.com> wrote: > Obvious caveats and qualifications apply here throughout this email. > > Christoph Anton Mitterer <calestyo at scientia.net> wrote: > > I see... well I haven't tested AOX or dbmail so far (especially as > > they're not in Debian and I was too lazy till now to compile them)... > > > > At least I had the impression that performance (especially in searches) > > was one of the major things these people were proud of. > > > > > > I'll stay tuned, whether we ever see a fully usable SQL backend for > > Dovecot :) > > I wouldn't hold your breath. > > It's a recurringly seductive "meme" in email circles, but the reality is > that email is mostly unstructured data with a few fields of reasonably > structured data (dates, from, to, maybe attachment types + filenames). The > bulk of the emails, and the part of the emails that people really want to > search quickly: the body, is unstructured, and doesn't perform quickly with > the stock "full text search" modules in the main SQL engines. > > I'd given dbmail2 a try with MySQL 5, 5.5, and Postgres 8.4 and 9.1 > branches. I've dedicated 16GB of DDR3-1800/3.4GHz 6-core AMD 1090T with > hardware RAID local storage (12 x Seagate ES 7200RPM spindles). (64 bit > Slackware 13.37 running Linux 3.2 kernels built for the platform.) > > The performance is surprisingly bad ... doing almost everything. Searches > through IMAP, bulk importation of mail folders, large numbers of > simultaneous mail deliveries, you name it. There wasn't a task that the > dbmail setup performed faster than Dovecot, in either low or high load > situations. When I tossed a test load that introduced lots of mail > deliveries as well as searches and full folder pulls, things got really > pear-shaped. Even putting dovecot's mailstore on NFS (GigE) didn't really > slow Dovecot down enough to make dbmail competitive. > > When pressed on this lack of performance, I was instructed to "add more > RAM" to the DB machine, and that for ideal performance I should have more > RAM than my mailbox sizes. *sigh* This sounds great for a very small > installation, but this clearly is not something that scales. > > I think the final humiliation was comparing the body + header searching > performance using Timo's practically obsolete fts_squat plugin against > dbmail's. Wow. Squat was multiple orders of magnitude faster. Lucene and > Solr are even moreso when fed large datasets (mail folder hives of about > 100GB). The SQL setups hit the obvious performance shelf once they were > unable to maintain everything in RAM or cache. > > The dbmail folk are earnest and hard-working, and I don't mean to cast the > slightest bit of negativity on their project. I think the assumptions > about what SQL servers can do well often doesn't square with the reality of > many applications that people try to fit them into. > > On my first initial round of tests, I imported 24,000 emails comprising a > mere 560MB of space. Just about all of the non-SQL imap servers handled > the importation (basically IMAP APPENDs) within 6 minutes. dbmail2 > required hours (using MySQL), and a bit shorter time (but still hours') > with Postgres. > > From an old email: > > > Searching INBOX #msgs = 24714 > > [NOFIND] Time=2.072423, matches=24714 <--- this should be zero *BUG* > > [date] Time=2.07519, matches=24714 <--- this is correct > > [here] Time=2.072075, matches=24714 <--- this should be about 30% of > total # of msgs *BUG* > > > > Does dbmail break IMAP SEARCH TEXT (i.e., search both body + headers)? > Is this a result of relying on MySQL's search algorithms in text-like > fields? I'm still puzzled, because I can't believe that 'here' appears in > EVERY email. It looks like dbmail's returning EVERY email on a SEARCH > TEXT. This is not correct operation. > > > > When I alter the search to use "FROM" as the key instead of "TEXT", the > results are more discriminating and meet expectations. > > > > Searching INBOX #msgs = 24714 > > [NOFIND] Time=2.161049, matches=0 > > [james] Time=2.273255, matches=1049 > > [here] Time=2.165406, matches=2 > > > > Not that it matters, but it's much slower than Dovecot's fts_squat for > substring searches. > > > > Dovecot's fts_squat IMAP SEARCH TEXT results are: > > > > Searching INBOX #msgs = 55731 > > [Updating Index] Time=78.184637 (66% of the mailbox unindexed at start) > > [NOFIND] Time=0.045654, matches=0 > > [date] Time=0.13364, matches=55731 > > [here] Time=0.069091, matches=24663 > > FWIW, I found Postgres to be faster than MySQL (5 and 5.5, though 5.5 with > a hand-rolled config file using metrics supplied by a dbmail/MySQL guru > helped a great deal for size(data_set) < size(PHYSICAL MEMORY) cases. > > Where lots of write-commits were involved on the same exact setup. MySQL > "got close" to PSQL's performance when I did crazy things like remove > filesystem journaling, write barriers, etc on the mail db mountpoint. > Obviously, this is desperation talking. > > I concede that the motivations behind SQLising mail storage extends to > administration/replication and other non-performance/scalability aspects. > I suspect what constitutes "good enough" performance when squared against > those other considerations may raise a SQL approach high enough for some > people to use it. > > I suspect a "NoSQL" key-value store type of database to offer much better > performance than SQL RDBs, since most of the assumptions behind the storage > and access patterns of email don't really fit into the SQL RDB model very > efficiently. > > dbmail's author and a couple of key dbmail users are very active and > responsive on their mailing list, and bend over backwards to try to help > new users with tuning and performance related problems. > > I simply don't have enough of a budget for populating my DB machines with > TBs of RAM to make it work as quickly as I need it to for my midrange mail > store (10TB). > > Good luck! > > =R= > From yngve_l2 at hotmail.com Fri Nov 9 06:32:18 2012 From: yngve_l2 at hotmail.com (ycc_Swe) Date: Thu, 8 Nov 2012 20:32:18 -0800 (PST) Subject: [Dovecot] Dovecot ok for port 110, but not for SSL (beginner asking) In-Reply-To: <20121108191650.GA89679@anubis.morrow.me.uk> References: <1352279608118-38611.post@n4.nabble.com> <509A35C0.8040209@sys4.de> <1352361261767-38656.post@n4.nabble.com> <20121108191650.GA89679@anubis.morrow.me.uk> Message-ID: <1352435538283-38686.post@n4.nabble.com> Thank you for your replies. I am trying to authenticate with user/password under SSL (port 995). Ben wrote: Does your dovecot machine have a proper publically-signed SSL certificate, or are you using a self-signed cert? If you're using a self-signed cert you'll probably find third-pary systems (like the website you're using for testing) won't accept it, and will disconnect immediately. *Thank you very much for your comment Ben, I think you spotted my problem. I just use the certificate and key that are generated during the installation. To be able to make web-sites connect I must have a proper "publically-signed SSL". Thanks, this question is solved, at least for the time being.* -- View this message in context: http://dovecot.2317879.n4.nabble.com/Dovecot-ok-for-port-110-but-not-for-SSL-beginner-asking-tp38611p38686.html Sent from the Dovecot mailing list archive at Nabble.com. From mrn666 at yahoo.com Fri Nov 9 07:37:29 2012 From: mrn666 at yahoo.com (Jay) Date: Thu, 8 Nov 2012 21:37:29 -0800 (PST) Subject: [Dovecot] Is there a hook for a plugin to do some transient operation on the mail body ... Message-ID: <1352439449.79235.YahooMailNeo@web165005.mail.bf1.yahoo.com> ... when the MUA has issued a FETCH? ? I am a Dovecot newbie ... so please bear with me if this is obvious. Basically what I am trying to do is process the mail body (in my own specific way) before Dovecot serves it up to the MUA. I want to do it as a transient operation in memory. So think of the scenario as ... ? - the MUA issues a FETCH ? - Dovecot intercepts the FETCH ? - Dovecot internally gets the mail from the storage into a buffer in memory ? ----> This is where I'd like to apply a function to the mail body and modify the mail body?in the buffer (not in the storage) ? - Dovecot serves up the (modified) mail to the MUA ? Looking for a hook that allows me to do it using a plugin. Looks like the zlib plugin does something similar ... applies a decompression function ... but I am not 100% sure. ? Thanks for your help. -- J. From rs at sys4.de Fri Nov 9 09:05:50 2012 From: rs at sys4.de (Robert Schetterer) Date: Fri, 09 Nov 2012 08:05:50 +0100 Subject: [Dovecot] Mails don't get deleted after POP3 In-Reply-To: <509C226C.9090208@rocketmail.com> References: <509C226C.9090208@rocketmail.com> Message-ID: <509CAB4E.7020909@sys4.de> Am 08.11.2012 22:21, schrieb cullinan at rocketmail.com: > Hi, there! > > Well, I am new to dovecot, so please be patient with me: > > I have a virtual server and want to setup simple mail delivery. > postfix, saslauthd and dovecot basically work fine. > > The only open issue is, that (I guess) dovecot doesn't remove the > mail when it's retrieved via pop3 from the server. > It keeps sending me the same emails again and again. > (The mail client (Thunderbird) is configured to remove the messages > from the server - it was working already.) 1.2.15 is very old, consider upgrade to recent version if it allready worked ,what did you changed in the near past double check your thunderbird settings look at your logs , switch them to be more verbose Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From rs at sys4.de Fri Nov 9 09:10:01 2012 From: rs at sys4.de (Robert Schetterer) Date: Fri, 09 Nov 2012 08:10:01 +0100 Subject: [Dovecot] mbox vs. maildir storage block waste In-Reply-To: <509C6243.9040002@r.paypc.com> References: <1351544049.3435.47.camel@fermat.scientia.net> <9D29C5F7-A6BC-4D74-AAA9-14675035D09C@iki.fi> <1351545330.3435.66.camel@fermat.scientia.net> <22F4E090-F572-40F4-8B69-D48E48856815@iki.fi> <1351547682.3435.76.camel@fermat.scientia.net> <A15D492A-72F5-44F9-9167-6E1AE8CC9647@iki.fi> <1351556165.3435.88.camel@fermat.scientia.net> <9C95F27A-0D85-4CD4-8172-9829BC026A14@iki.fi> <1352420557.5071.54.camel@fermat.scientia.net> <509C6243.9040002@r.paypc.com> Message-ID: <509CAC49.1010802@sys4.de> Am 09.11.2012 02:54, schrieb Robin: > I'll stay tuned, whether we ever see a fully usable SQL backend for >> Dovecot :) thats not a new idea, but there is still tons of stuff which has to coded in more prime, as dovecot works nice with other existing storage file backends, there isnt hard pressure for sql storage, but feel free to code your own , youre welcome Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From cullinan at rocketmail.com Fri Nov 9 10:24:32 2012 From: cullinan at rocketmail.com (cullinan at rocketmail.com) Date: Fri, 09 Nov 2012 09:24:32 +0100 Subject: [Dovecot] Mails don't get deleted after POP3 [SOLVED] In-Reply-To: <509C226C.9090208@rocketmail.com> References: <509C226C.9090208@rocketmail.com> Message-ID: <509CBDC0.7030304@rocketmail.com> Hi, there! > I guess that dovecot cannot write to some files / has problems > with write permissions. But it doesn't tell me anything... The reason was indeed that dovecot couldn't write to /var/mail I had to chown it to the mail group as it says in: mail_privileged_group: mail Thank you, Regards, Rob Am 08.11.2012 22:21, schrieb cullinan at rocketmail.com: > Hi, there! > > Well, I am new to dovecot, so please be patient with me: > > I have a virtual server and want to setup simple mail delivery. > postfix, saslauthd and dovecot basically work fine. > > The only open issue is, that (I guess) dovecot doesn't remove the > mail when it's retrieved via pop3 from the server. > It keeps sending me the same emails again and again. > (The mail client (Thunderbird) is configured to remove the messages > from the server - it was working already.) > > I guess that dovecot cannot write to some files / has problems > with write permissions. But it doesn't tell me anything... > > Can you tell me, what configuration might be wrong or how can I > enable more debugging to see what dovecot is doing after > the mails got sent out via pop3? > > Here is the configuration: > > # dovecot -n > # 1.2.15: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.38-8-server x86_64 Ubuntu 11.04 > log_timestamp: %Y-%m-%d %H:%M:%S > protocols: pop3 pop3s > login_dir: /var/run/dovecot/login > login_executable: /usr/lib/dovecot/pop3-login > mail_privileged_group: mail > mbox_write_locks: fcntl dotlock > mail_executable: /usr/lib/dovecot/pop3 > mail_plugin_dir: /usr/lib/dovecot/modules/pop3 > auth default: > passdb: > driver: pam > userdb: > driver: passwd > > -----8<----- > > # dovecot -a > # 1.2.15: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.38-8-server x86_64 Ubuntu 11.04 > base_dir: /var/run/dovecot > log_path: > info_log_path: > log_timestamp: %Y-%m-%d %H:%M:%S > syslog_facility: mail > protocols: pop3 pop3s > listen: * > ssl_listen: > ssl: yes > ssl_ca_file: > ssl_cert_file: /etc/ssl/certs/dovecot.pem > ssl_key_file: /etc/ssl/private/dovecot.pem > ssl_key_password: > ssl_parameters_regenerate: 168 > ssl_cipher_list: > ssl_cert_username_field: commonName > ssl_verify_client_cert: no > disable_plaintext_auth: yes > verbose_ssl: no > shutdown_clients: yes > nfs_check: yes > version_ignore: no > login_dir: /var/run/dovecot/login > login_executable: /usr/lib/dovecot/pop3-login > login_user: dovecot > login_greeting: Dovecot ready. > login_log_format_elements: user=<%u> method=%m rip=%r lip=%l %c > login_log_format: %$: %s > login_process_per_connection: yes > login_chroot: yes > login_trusted_networks: > login_process_size: 64 > login_processes_count: 3 > login_max_processes_count: 128 > login_max_connections: 256 > valid_chroot_dirs: > mail_chroot: > max_mail_processes: 512 > mail_max_userip_connections: 10 > verbose_proctitle: no > first_valid_uid: 500 > last_valid_uid: 0 > first_valid_gid: 1 > last_valid_gid: 0 > mail_access_groups: > mail_privileged_group: mail > mail_uid: > mail_gid: > mail_location: > mail_cache_fields: > mail_never_cache_fields: imap.envelope > mail_cache_min_mail_count: 0 > mailbox_idle_check_interval: 30 > mail_debug: no > mail_full_filesystem_access: no > mail_max_keyword_length: 50 > mail_save_crlf: no > mmap_disable: no > dotlock_use_excl: yes > fsync_disable: no > mail_nfs_storage: no > mail_nfs_index: no > mailbox_list_index_disable: yes > lock_method: fcntl > maildir_stat_dirs: no > maildir_copy_with_hardlinks: yes > maildir_copy_preserve_filename: no > maildir_very_dirty_syncs: no > mbox_read_locks: fcntl > mbox_write_locks: fcntl dotlock > mbox_lock_timeout: 300 > mbox_dotlock_change_timeout: 120 > mbox_min_index_size: 0 > mbox_dirty_syncs: yes > mbox_very_dirty_syncs: no > mbox_lazy_writes: yes > dbox_rotate_size: 2048 > dbox_rotate_min_size: 16 > dbox_rotate_days: 1 > mail_drop_priv_before_exec: no > mail_executable: /usr/lib/dovecot/pop3 > mail_process_size: 256 > mail_plugins: > mail_plugin_dir: /usr/lib/dovecot/modules/pop3 > mail_log_prefix: %Us(%u): > mail_log_max_lines_per_sec: 10 > imap_max_line_length: 65536 > imap_capability: > imap_client_workarounds: > imap_logout_format: bytes=%i/%o > imap_id_send: > imap_id_log: > imap_idle_notify_interval: 120 > pop3_no_flag_updates: no > pop3_enable_last: no > pop3_reuse_xuidl: no > pop3_save_uidl: no > pop3_lock_session: no > pop3_uidl_format: %08Xu%08Xv > pop3_client_workarounds: > pop3_logout_format: top=%t/%p, retr=%r/%b, del=%d/%m, size=%s > dict_db_config: > dict_process_count: 1 > managesieve_max_line_length: 65536 > managesieve_logout_format: bytes=%i/%o > managesieve_implementation_string: dovecot > auth default: > mechanisms: plain > realms: > default_realm: > cache_size: 0 > cache_ttl: 3600 > cache_negative_ttl: 3600 > executable: /usr/lib/dovecot/dovecot-auth > user: root > chroot: > username_chars: abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ > username_translation: > username_format: > master_user_separator: > anonymous_username: anonymous > krb5_keytab: > gssapi_hostname: > winbind_helper_path: /usr/bin/ntlm_auth > failure_delay: 2 > verbose: no > debug: no > debug_passwords: no > ssl_require_client_cert: no > ssl_username_from_cert: no > use_winbind: no > count: 1 > worker_max_count: 30 > process_size: 256 > passdb: > driver: pam > args: > deny: no > pass: no > master: no > userdb: > driver: passwd > args: > > -----8<----- > > Please let me know if you need more. > Thank you in advance! > > Regards, > > Rob > > > From adrian.stoica at dacris.net Fri Nov 9 11:11:08 2012 From: adrian.stoica at dacris.net (Adrian Stoica) Date: Fri, 09 Nov 2012 11:11:08 +0200 Subject: [Dovecot] quota recalc does not work Message-ID: <sig.16604aa31b.509CC8AC.8050804@dacris.net> Hi I upgraded dovecot from 2.0 to 2.1 , and now i face the quota recalc problem. All settings are keep in mysql Before , after a change in mailbox.quota field, i run doveadm quota recalc and all was ok , but now that command doesn't do anything. After i change a quota for a user , i have to restart dovecot to get the new quota , or do a "doveadm reload" instead of recalc. And the doveadm quota recalc -A" give me back a lot of "doveadm(username): Info: User no longer exists, skipping" Any thoughts ? # 2.1.10: /usr/dovecot21/etc/dovecot/dovecot.conf # OS: Linux 2.6.35.4 i686 auth_cache_negative_ttl = 1 secs auth_cache_size = 2 M auth_failure_delay = 4 secs auth_mechanisms = plain login digest-md5 cram-md5 auth_worker_max_count = 100 base_dir = /var/run/dovecot/ default_client_limit = 4096 default_internal_user = vmail default_login_user = nobody default_process_limit = 256 deliver_log_format = mail delivery from=%f subject=%s msgid=%m: %$ dict { acl = mysql:/usr/dovecot21/etc/dovecot/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no first_valid_uid = 1 lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes listen = * mail_location = maildir:~/Maildir mail_plugins = " quota acl trash notify mail_log" managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace { hidden = no list = children location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u prefix = shared/%%u/ separator = / subscriptions = no type = shared } namespace inbox { inbox = yes list = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / subscriptions = yes type = private } passdb { args = /usr/dovecot21/etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { acl = vfile acl_shared_dict = proxy::acl autocreate = Trash autocreate2 = Drafts autocreate3 = Sent autosubscribe = Trash autosubscribe2 = Drafts autosubscribe3 = INBOX autosubscribe4 = Sent mail_log_events = delete mailbox_delete mailbox_rename mail_log_fields = box subject from msgid size quota = maildir:User quota quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=95%% quota-warning 90 %u quota_warning3 = storage=85%% quota-warning 85 %u sieve = ~/.dovecot.sieve sieve_dir = ~/sieve trash = /usr/dovecot21/etc/dovecot/dovecot-trash.conf.ext } postmaster_address = postmaster at dacris.net protocols = imap quota_full_tempfail = yes rejection_subject = Rejected: %s: %r service auth { unix_listener auth-client { mode = 0666 user = vmail } unix_listener auth-userdb { mode = 0666 user = vmail } } service dict { unix_listener dict { user = vmail } } service imap-login { process_min_avail = 4 } service imap-postlogin { executable = script-login /bin/imap.sh unix_listener imap-postlogin { mode = 01232 } } service imap { executable = imap imap-postlogin process_limit = 1024 vsz_limit = 1 G } service quota-warning { executable = script /bin/quota_warning.sh unix_listener quota-warning { user = vmail } user = vmail } ssl_cert = </etc/ssl/certs/dovecot.pem ssl_key = </etc/ssl/private/dovecot.pem userdb { args = /usr/dovecot21/etc/dovecot/dovecot-sql.conf.ext driver = sql } protocol lda { mail_plugins = " quota acl trash notify mail_log sieve autocreate" } protocol imap { imap_client_workarounds = delay-newmail mail_max_userip_connections = 20 mail_plugins = " quota acl trash notify mail_log imap_quota imap_acl" } dovecot-sql.conf.ext: password_query = SELECT password FROM mailbox WHERE \ username = '%Ln' AND domain = '%Ld' AND \ active = '1' user_query = SELECT CONCAT('/srv/vmail/',mailbox.domain,'/%Ln') AS 'home' ,'98' AS 'uid', '98' AS 'gid' , \ CONCAT('*:storage=', mailbox.quota,'M') AS quota_rule ,"Trash:storage=+50M" AS quota_rule2 FROM mailbox WHERE \ mailbox.username = '%Ln' AND mailbox.domain = '%Ld' AND \ mailbox.active = '1' iterate_query = SELECT username AS user , domain FROM mailbox WHERE active = '1' -------------- next part -------------- A non-text attachment was scrubbed... Name: adrian_stoica.vcf Type: text/x-vcard Size: 195 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121109/098b1027/attachment-0004.vcf> From crohmann at netcologne.de Fri Nov 9 15:24:23 2012 From: crohmann at netcologne.de (Christian Rohmann) Date: Fri, 09 Nov 2012 14:24:23 +0100 Subject: [Dovecot] Sieve puts incoming message into inbox on any problem with submission_host Message-ID: <509D0407.8070307@netcologne.de> Hello dovecot-users, I have a question/suggestion regarding the submission_host feature of the lda (either via dovecot-lda binary or lmtp) in combination with sieve. When trying to deliver message to a mailbox and this message has a sieve redirect action applied to it, dovecot is using the configured smtp server to forward the message just fine. Unfortunately, if the server configured for submission is unavailable, returns an error or cannot be found via DNS, sieve will simply put the message into the inbox and be done with it: --- dovecot.log --- dovecot: lda(user1): Error: lmtp client: DNS lookup of idonotexist.example.com failed: Name or service not known dovecot: lda(user1): Error: sieve: msgid=unspecified: failed to redirect message to <user2> (refer to server log for more information) dovecot: lda(user1): sieve: msgid=unspecified: stored mail into mailbox 'INBOX' dovecot: lda(user1): Error: sieve: execution of script /mailboxes/user1/.dovecot.sieve failed, but implicit keep was successful (user logfile /mailboxes/user1/.dovecot.sieve.log may reveal additional details) --- /dovecot.log --- The same applies to vacation messages being sent out. Especially with an (unconditional) redirect action, users don't expect to find messages in their inbox. Also problems with the submission_host could very much be temporary and a little delay in delivering a message is better then putting it somewhere the user doesn't expect a message to be. Is there any way to change the behavior of dovecot or the sieve plugin to tempfail in case a message cannot be sent out? I know that with multiple sieve actions it gets more complicated as there could be corner cases were the first message can be sent via the submission server and another message produced by the same sieve script cannot. I'd love sieve to behave like this: a) if submission host is unreachable (hostname wrong, timeout, ...) -> tempfail b) if submission host returns 4xx error -> tempfail c) if submission host returns 5xx error -> fail(-save) and just drop the message into inbox or even have an option to reject the message completely in this case. In case of a tempfail response, the mta simply queues the message and tries again later. In case of a permanent fail the mta will create a bounce message to in form the sender. Regards and have a great weekend, Christian From ramon.frontera at uib.es Fri Nov 9 17:11:59 2012 From: ramon.frontera at uib.es (Ramon Frontera) Date: Fri, 9 Nov 2012 16:11:59 +0100 Subject: [Dovecot] doveadm quota get -A via doveadm-proxy director with LDAP Message-ID: <F7BACE70-2FBE-4B5B-A938-3AAB2F28B26D@uib.es> Hi, We are running Dovecot 2.1.10 I want configure dovecot to do execute doveadm commands on the proxy server. We have 1 proxy with director and 2 mail servers. we use LDAP when I try to do doveadm quota get -u user it works fine. The problem is when I try to do doveadm quota get -A ON PROXY I have this result: doveadm(first_user): Error: Proxy is missing destination host doveadm: Error: Failed to iterate through some users Username Quota name Type Value Limit % in 10-auth.conf I have "!include auth-ldap.conf.ext" in auth-ldap.conf.ext I hve: passdb { driver = ldap args = /etc/dovecot/dovecot-ldap.conf.ext } userdb { driver = ldap args = /etc/dovecot/dovecot-ldap.conf.ext } and In dovecot-ldap.conf.ext I have: uris = ldap://ldap:port dn = xxxxx dnpass = yyyyy auth_bind = no ldap_version = 3 base =base scope = subtree user_attrs = attributes user_filter = (mail=%u) pass_attrs = userPassword=password,uid=user=%L$,cn=proxy,=starttls=any-cert pass_filter = (mail=%u) iterate_attrs = uid=user iterate_filter = (uid=*) I don't know where is my error!!! Thanks in advance -- ------------------------------------------ Ramon Frontera Gallardo Universitat de les Illes Balears From listen at mjh.name Fri Nov 9 17:18:45 2012 From: listen at mjh.name (Milan =?ISO-8859-1?Q?Holz=E4pfel?=) Date: Fri, 9 Nov 2012 16:18:45 +0100 Subject: [Dovecot] Rebuilding indexes fails on inconsistent mdbox In-Reply-To: <394FADB5-4E6C-4179-BF30-244390964FA4@iki.fi> References: <20121024132811.7cf18fdf7343b4dd961b2858@mjh.name> <394FADB5-4E6C-4179-BF30-244390964FA4@iki.fi> Message-ID: <20121109161845.503766441fbb2a1df97d7220@mjh.name> On Mon, 29 Oct 2012 17:31:42 +0200 Timo Sirainen <tss at iki.fi> wrote: > On 24.10.2012, at 14.28, Milan Holz?pfel wrote: > > > Oct 24 10:45:19 two dovecot: imap(listen at mjh.name): Panic: file mdbox-storage-rebuild.c: line 773 (rebuild_update_refcounts): assertion failed: (map_uid < msgs[i]->map_uid) > > Now this is a bug. > > > Dovecot 2.0.19-0ubuntu1 > > But the bug may have already been fixed in v2.1. I downloaded Dovecot 2.1.10 and compiled from source. Accessing the mailbox still fails: $ doveadm mailbox status all xen-devel doveadm(...): Error: mdbox map /home/test/mdbox/storage/dovecot.map.index corrupted: Unexpectedly lost xen-devel uid=108079 map_uid=809892 doveadm(...): Warning: mdbox /home/test/mdbox/storage: rebuilding indexes doveadm(...): Panic: file mdbox-storage-rebuild.c: line 743 (rebuild_update_refcounts): assertion failed: (map_uid < msgs[i]->map_uid) doveadm(...): Error: Raw backtrace: /home/test/prefix/dovecot/lib/dovecot/libdovecot.so.0(+0x45b3a) [0x7fd2942f9b3a] -> /home/test/prefix/dovecot/lib/dovecot/libdovecot.so.0(default_fatal_handler+0x2a) [0x7fd2942f9bfa] -> /home/test/prefix/dovecot/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7fd2942cdc60] -> /home/test/prefix/dovecot/lib/dovecot/libdovecot-storage.so.0(mdbox_storage_rebuild_in_context+0x105e) [0x7fd2945838be] -> /home/test/prefix/dovecot/lib/dovecot/libdovecot-storage.so.0(mdbox_storage_rebuild+0x24) [0x7fd294583a54] -> /home/test/prefix/dovecot/lib/dovecot/libdovecot-storage.so.0(+0x3b525) [0x7fd294581525] -> /home/test/prefix/dovecot/lib/dovecot/libdovecot-storage.so.0(mailbox_close+0x1a) [0x7fd2945c047a] -> /home/test/prefix/dovecot/lib/dovecot/libdovecot-storage.so.0(mailbox_free+0x13) [0x7fd2945c04c3] -> /home/test/prefix/dovecot/bin/doveadm() [0x41383d] -> /home/test/prefix/dovecot/bin/doveadm() [0x40e8e7] -> /home/test/prefix/dovecot/bin/doveadm() [0x40f3ae] -> /home/test/prefix/dovecot/bin/doveadm(doveadm_mail_try_run+0x11e) [0x40f8be] -> /home/test/prefix/dovecot/bin/doveadm(main+0x3bd) [0x40e50d] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed) [0x7fd293f1676d] -> /home/test/prefix/dovecot/bin/doveadm() [0x40e6f1] Aborted I will send you an Email with a download link for the files. Thanks for you help. Regards, Milan -- Milan Holz?pfel <listen at mjh.name> From daniel.parthey at informatik.tu-chemnitz.de Fri Nov 9 20:26:19 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Fri, 9 Nov 2012 19:26:19 +0100 Subject: [Dovecot] mbox vs. maildir storage block waste In-Reply-To: <1352420557.5071.54.camel@fermat.scientia.net> References: <1351544049.3435.47.camel@fermat.scientia.net> <9D29C5F7-A6BC-4D74-AAA9-14675035D09C@iki.fi> <1351545330.3435.66.camel@fermat.scientia.net> <22F4E090-F572-40F4-8B69-D48E48856815@iki.fi> <1351547682.3435.76.camel@fermat.scientia.net> <A15D492A-72F5-44F9-9167-6E1AE8CC9647@iki.fi> <1351556165.3435.88.camel@fermat.scientia.net> <9C95F27A-0D85-4CD4-8172-9829BC026A14@iki.fi> <1352420557.5071.54.camel@fermat.scientia.net> Message-ID: <20121109182619.GA27051@daniel.localdomain> Christoph Anton Mitterer wrote: > On Wed, 2012-11-07 at 17:30 +0200, Timo Sirainen wrote: > > On 30.10.2012, at 2.16, Christoph Anton Mitterer wrote: > > > Have you ever thought about adding a "real" DB backend? Nothing against > > > dbox... :) ... and I have no performance comparison of dbox with what > > > could be done with a DBMS... but the advantage of the later would be > > > that you get all fancy features from database systems for free... like > > > fast indexing, online replication, etc. p.. > > > One might even reuse something like AOX for this. > > > SQL indexes aren't very helpful for IMAP-like data. It would be fun to > > some day have SQL backend in Dovecot (there already is read-only > > INBOX-only SQL backend), but I don't expect it to have very good > > performance. > I see... well I haven't tested AOX or dbmail so far (especially as > they're not in Debian and I was too lazy till now to compile them)... Bad performance experiences with dbmail 2.x were the main reason why we migrated to dovecot. If you've got a MySQL database with 80 GB of binary chunks then things are getting ugly, especially when it comes to efficient backup and restore of whole mailboxes or single e-mails. The SQL backend (and the IMAP user experience) becomes very slow if the database does not fit completely into RAM. There are many performance improvements and bug fixes in dbmail 3.x, but instead of evaluating then, we decided to migrate to Dovecot. One should think twice, or even three times about how to design an efficient SQL backend for a good user experience. Regards Daniel -- https://plus.google.com/103021802792276734820 From daniel.parthey at informatik.tu-chemnitz.de Sat Nov 10 03:04:32 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 10 Nov 2012 02:04:32 +0100 Subject: [Dovecot] doveadm quota get -A via doveadm-proxy director with LDAP In-Reply-To: <F7BACE70-2FBE-4B5B-A938-3AAB2F28B26D@uib.es> References: <F7BACE70-2FBE-4B5B-A938-3AAB2F28B26D@uib.es> Message-ID: <20121110010432.GA32305@daniel.localdomain> Ramon Frontera wrote: > We are running Dovecot 2.1.10 > I want configure dovecot to do execute doveadm commands on the proxy server. > We have 1 proxy with director and 2 mail servers. we use LDAP > when I try to do doveadm quota get -u user it works fine. > The problem is when I try to do doveadm quota get -A ON PROXY > > I have this result: > doveadm(first_user): Error: Proxy is missing destination host > doveadm: Error: Failed to iterate through some users Sounds similar to the doveadm director problem described in this thread: http://dovecot.org/list/dovecot/2012-October/069100.html What do you see in your backend mail server dovecot.log? Regards Daniel -- https://plus.google.com/103021802792276734820 From JohnsonE at usc.edu Sat Nov 10 12:44:35 2012 From: JohnsonE at usc.edu (Erik A Johnson) Date: Sat, 10 Nov 2012 02:44:35 -0800 Subject: [Dovecot] imap-login hanging when firewall blocks ssl handshaking Message-ID: <B7D3B051-AEFD-42CD-87DC-60764AF401D4@usc.edu> imap-login processes are hanging (using 100% of CPU) when connected from a client that is partially blocked by a firewall. It appears that imap-login is stuck in a loop trying to complete an ssl handshake. imap-login is working fine for other clients not blocked by the firewall (including localhost). This is dovecot 2.1.10 under Mac OS X 10.8.2 (compiled from sources); the firewall is Little Snitch 3.0.1 blocking port 993, which appears to let the connection initiate but then squashes and disconnects the socket during ssl handshaking. gdb backtrace and Activity Monitor's "Sample Process" show that imap-login is stuck calling ioloop-kqueue's io_loop_handler_run -> io_loop_call_io -> ssl_step repeatedly; dtruss shows that it is repeatedly making system calls to kevent and read, the latter returning -1 with errno 57=ENOTCONN="Socket is not connected". (I also tried ./configure --with-ioloop=poll and --with-iopoll=select instead of the default best = kqueue but the results were the same; --with-iopoll=epoll didn't work because epoll is not available on this machine.) The client, initiated by the command "openssl s_client -connect SERVER:993", first responds "CONNECTED(00000003)" but then immediately the error "60278:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:/SourceCache/OpenSSL098/OpenSSL098-44/src/ssl/s23_lib.c:182:". The infinite loop is in src/lib/ioloop.c in the function "io_loop_run" where the statement "while (ioloop->running) io_loop_handler_run(ioloop)" is executed. While I think the firewall is not doing the right thing (i.e., it lets a connection start but then kills it), it seems that imap-login should fail gracefully when the socket is no longer connected. Ideas? Thanks. ----------------------------------- /usr/local/sbin/dovecot -n # 2.1.10: /usr/local/etc/dovecot/dovecot.conf # OS: Darwin 12.2.0 x86_64 default_internal_user = _dovecot default_login_user = _dovenull namespace { hidden = no list = yes location = mbox:/Users/%u/Documents/Mailboxes prefix = mbox/ separator = / type = private } namespace { inbox = yes location = maildir:/Users/%u/Documents/Maildir mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / type = private } passdb { driver = pam } protocols = imap lmtp ssl = required ssl_cert = </usr/local/etc/dovecot/dovecot.pem ssl_key = </usr/local/etc/dovecot/dovecot.pem userdb { driver = passwd } protocol imap { mail_plugins = " zlib imap_zlib" } ----------------------------------- gdb's "bt full" gives various results depending on where in the loop, but they are they same from ssl23_accept on down. (gdb) bt full #0 0x00007fff92d19f63 in sha1_block_data_order () #1 0x00007fff92d1a4ae in SHA1_Final () #2 0x00007fff92d45430 in EVP_DigestFinal_ex () #3 0x00007fff92d17d7a in ssleay_rand_add () #4 0x00007fff974529be in ssl23_accept () #5 0x000000010cac0729 in ssl_handshake [inlined] () at /private/tmp/johnsone/dovecot-2.1.10/src/login-common/ssl-proxy-openssl.c:465 ret = -949939536 #6 0x000000010cac0729 in ssl_step (proxy=0x7fff53152b90) at ssl-proxy-openssl.c:528 ret = -949939536 #7 0x000000010cb11bd1 in io_loop_call_io (io=0x7f7fa0c1c240) at ioloop.c:379 ioloop = (struct ioloop *) 0x7f7fa0c03b00 t_id = 2 #8 0x000000010cb12c69 in io_loop_handler_run (ioloop=0x0) at ioloop-kqueue.c:148 tv = { tv_sec = 130, tv_usec = 124797 } ctx = (struct ioloop_handler_context *) 0x7f7fa0c1a890 ret = 1 ts = { tv_sec = 130, tv_nsec = 124797000 } events = (struct kevent *) 0x10cb4ee78 #9 0x000000010cb11b88 in io_loop_run (ioloop=0x7fff53152b90) at ioloop.c:398 No locals. #10 0x000000010cafde9b in master_service_run (service=0x7f7fa0c039f0, callback=0x7f7fa0c1c2d8) at master-service.c:543 No locals. #11 0x000000010cabdcd1 in main_deinit [inlined] () at /private/tmp/johnsone/dovecot-2.1.10/src/login-common/main.c:406 set_pool = (pool_t) 0x7f7fa100b420 login_socket = 0x10cb4f7f8 "?9??" #12 0x000000010cabdcd1 in login_binary_run (argc=1, argv=0x7f7fa0c037c0, binary=0x7fff53152b90) at main.c:407 set_pool = (pool_t) 0x7f7fa100b420 login_socket = 0x10cb4f7f8 "?9??" #13 0x00007fff8ac847e1 in start () (gdb) bt full #0 0x00007fff96e4c110 in malloc_zone_malloc () #1 0x00007fff96e4cba7 in malloc () #2 0x00007fff92d2c9e2 in CRYPTO_malloc () #3 0x00007fff92d4535f in EVP_DigestInit_ex () #4 0x00007fff92d17caa in ssleay_rand_add () #5 0x00007fff974529be in ssl23_accept () ... #0 0x00007fff94775ffa in read () #1 0x00007fff92cf41e6 in sock_read () #2 0x00007fff92d15598 in BIO_read () #3 0x00007fff9745294a in ssl23_read_bytes () #4 0x00007fff97452c3e in ssl23_get_client_hello () #5 0x00007fff97452b4d in ssl23_accept () ... ----------------------------------- From ramon.frontera at uib.es Sat Nov 10 17:41:37 2012 From: ramon.frontera at uib.es (=?UTF-8?B?UmFtw7NuIEZyb250ZXJh?=) Date: Sat, 10 Nov 2012 16:41:37 +0100 Subject: [Dovecot] doveadm quota get -A via doveadm-proxy director with LDAP In-Reply-To: <20121110010432.GA32305@daniel.localdomain> References: <F7BACE70-2FBE-4B5B-A938-3AAB2F28B26D@uib.es> <20121110010432.GA32305@daniel.localdomain> Message-ID: <509E75B1.2010006@uib.es> Hi, I think that the problem is different to http://dovecot.org/list/dovecot/2012-October/069100.html The command don't print anything in backend mail server dovecot.log. If I do " doveadm -D quota get -u user1" on proxy it works! the backend mail server responds to proxy. If I do: doveadm -D search -A mailbox Trash savedbefore 10d I have this result: doveadm(root): Debug: Loading modules from directory: /usr/lib64/dovecot doveadm(root): Debug: Module loaded: /usr/lib64/dovecot/lib10_quota_plugin.so doveadm(root): Debug: Module loaded: /usr/lib64/dovecot/lib20_expire_plugin.so doveadm(root): Debug: Loading modules from directory: /usr/lib64/dovecot/doveadm doveadm(root): Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: /usr/lib64/dovecot/doveadm/lib10_doveadm_acl_plugin.so: undefined symbol: acl_user_module (this is usually intentional, so just ignore this message) doveadm(root): Debug: Module loaded: /usr/lib64/dovecot/doveadm/lib10_doveadm_expire_plugin.so doveadm(root): Debug: Module loaded: /usr/lib64/dovecot/doveadm/lib10_doveadm_quota_plugin.so doveadm(root): Debug: Skipping module doveadm_zlib_plugin, because dlopen() failed: /usr/lib64/dovecot/doveadm/lib10_doveadm_zlib_plugin.so: undefined symbol: i_stream_create_deflate (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib64/dovecot/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_list_backend (this is usually intentional, so just ignore this message) doveadm(root): Debug: expire: Searching only users listed in expire database doveadm(rfg144): Error: Proxy is missing destination host doveadm: Error: Failed to iterate through some users and When I try to do this: doveadm -D search -u user1 mailbox Trash savedbefore 1d I find this in the log: Nov 10 16:36:01 mail2 dovecot: doveadm: Debug: expire: Searching only users listed in expire database Nov 10 16:36:01 mail2 dovecot: doveadm: Fatal: master: service(doveadm): child 3116 killed with signal 11 (core dumped) Thanks for your help! ------------------------------------------ Ramon Frontera Gallardo Universitat de les Illes Balears El 10/11/2012 2:04, Daniel Parthey escribi?: > Ramon Frontera wrote: >> We are running Dovecot 2.1.10 >> I want configure dovecot to do execute doveadm commands on the proxy server. >> We have 1 proxy with director and 2 mail servers. we use LDAP >> when I try to do doveadm quota get -u user it works fine. >> The problem is when I try to do doveadm quota get -A ON PROXY >> >> I have this result: >> doveadm(first_user): Error: Proxy is missing destination host >> doveadm: Error: Failed to iterate through some users > Sounds similar to the doveadm director problem described in this thread: > http://dovecot.org/list/dovecot/2012-October/069100.html > > What do you see in your backend mail server dovecot.log? > > Regards > Daniel From eliezer at ngtech.co.il Sat Nov 10 18:46:44 2012 From: eliezer at ngtech.co.il (Eliezer Croitoru) Date: Sat, 10 Nov 2012 18:46:44 +0200 Subject: [Dovecot] Sieve users script problem. Message-ID: <509E84F4.4030406@ngtech.co.il> I am using Dovecot 2.1.9 which seems to solve older bug in sieve. Now I have another problem with users scripts. I want dovecot to run users scripts but it seems to not even see them. Dovecot runs the default sieve script from home dir but wont see the sieve scripts in the sieve subdirectory and some logs: Nov 10 18:35:54 lda(user at domain.local): Debug: Quota root: name=User quota backend=maildir args= Nov 10 18:35:54 lda(user at domain.local): Debug: Quota rule: root=User quota mailbox=* bytes=1073741824 messages=0 Nov 10 18:35:54 lda(user at domain.local): Debug: Quota rule: root=User quota mailbox=Trash bytes=+32212254 (3%) messages=0 Nov 10 18:35:54 lda(user at domain.local): Debug: Quota warning: bytes=1020054732 (95%) messages=0 reverse=no command=quota-warning 95 raw mail user Nov 10 18:35:54 lda(user at domain.local): Debug: Quota warning: bytes=214748364 (20%) messages=0 reverse=no command=quota-warning 20 raw mail user Nov 10 18:35:54 lda(user at domain.local): Debug: none: root=, index=, control=, inbox=, alt= Nov 10 18:35:54 lda(user at domain.local): Debug: Destination address: eliezer at domain.local (source: user at hostname) Nov 10 18:35:54 lda(user at domain.local): Debug: sieve: include: sieve_global_dir is not set; it is currently not possible to include `:global' scripts. Nov 10 18:35:54 lda(user at domain.local): Debug: sieve: using the following location for user's Sieve script: /home/vmail/domain.local/eliezer/home/.dovecot.sieve Nov 10 18:35:54 lda(user at domain.local): Debug: sieve: opening script /home/vmail/domain.local/eliezer/home/.dovecot.sieve Nov 10 18:35:54 lda(user at domain.local): Debug: sieve: script binary /home/vmail/domain.local/eliezer/home/.dovecot.svbin successfully loaded Nov 10 18:35:54 lda(user at domain.local): Debug: sieve: binary save: not saving binary /home/vmail/domain.local/eliezer/home/.dovecot.svbin, because it is already stored Nov 10 18:35:54 lda(user at domain.local): Debug: sieve: executing script from /home/vmail/domain.local/eliezer/home/.dovecot.svbin Nov 10 18:35:54 lda(user at domain.local): Info: sieve: msgid=<XXXX at XXXX>: stored mail into mailbox 'INBOX' So it recognizes the home sir but wont look at the sieve sub directory. My dovecot -n output: # 2.1.9: /etc/dovecot/dovecot.conf # OS: Linux 3.3.8-gentoo x86_64 Gentoo Base System release 2.0.3 ext3 auth_mechanisms = plain login dict { quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no first_valid_uid = 5000 last_valid_uid = 5000 log_path = /var/log/dovecot.log mail_debug = yes mail_gid = 5000 mail_location = maildir:/home/vmail/%d/%n/Maildir/ mail_plugins = " quota" mail_privileged_group = vmail mail_uid = 5000 namespace { inbox = yes list = yes location = prefix = separator = . subscriptions = yes type = private } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { quota = maildir:User quota quota_rule = *:storage=1G quota_rule2 = Trash:storage=+3%% quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=20%% quota-warning 20 %u sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = +include +vnd.dovecot.debug +imapflags +spamtest +spamtestplus +relational +comparator-i;ascii-numeric } postmaster_address = postmastert at domain.local service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-userdb { group = vmail mode = 0600 user = vmail } } service dict { unix_listener dict { group = vmail mode = 0600 user = vmail } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } } service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } } service quota-warning { executable = script /etc/dovecot/quota-warning.sh user = vmail } ssl_ca = </etc/ssl/dca.pem ssl_cert = </etc/ssl/ssl.crt ssl_key = </etc/ssl/ssl.key userdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } protocol lda { mail_plugins = " quota sieve" } protocol imap { mail_plugins = " quota imap_quota" } protocol pop3 { pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_uidl_format = %08Xu%08Xv } Thanks, Eliezer From stan at hardwarefreak.com Sat Nov 10 20:49:40 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Sat, 10 Nov 2012 12:49:40 -0600 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <20121108235334.GB89679@anubis.morrow.me.uk> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> Message-ID: <509EA1C4.3050103@hardwarefreak.com> On 11/8/2012 5:53 PM, Ben Morrow wrote: > At 3AM -0600 on 8/11/12 you (Stan Hoeppner) wrote: >> >> 1.0.7 is absolutely ancient and no longer officially supported. You >> need 1.2.x minimum, 2.x.x even better. And you say you just recently >> upgraded your Linux distro? What planet do you live on son? You're a >> few light years behind current stable software. > > [A light-year is a measure of distance, not of time.] "metric fuckload" isn't a real measurement, but that doesn't stop people from [mis]using the term to get a point across. Don't arrogantly assume that intentional misuse of a term equals mouth breathing or knuckle dragging. >> LDA completely eliminates lock contention. > > As we have discussed before, using the LDA does not prevent lock > contention, it just prevents the problems that arise when different > software is using different locking strategies on the same mailbox > (assuming nothing except LDA and imap is touching the mailbox directly). You seem to have contradicted yourself. You described lock contention to a T, and stated Dovecot does prevents that "problem", but also said Dovecot doesn't prevent lock contention. File locking != lock contention. You can have the former without the latter. > There are valid reasons for not using the LDA: the OP might be already > using procmail, for instance, and have users with procmail recipies > which sort into IMAP folders. These folders will need to be locked by > procmail even if the default delivery to INBOX is changed (globally) to > happen through dovecot-lda. While migrating to sieve (and mdbox, and > LMTP) would, IMHO, be the best long-term solution, this isn't necessarily > something that can be set up overnight. And? I'm failing to understand your point here. The OP hasn't stated yet, that I recall, if he's accessing the mbox files with anything other than Dovecot and Postfix. If he does state this, we'll make further recommendations as to how get across the LDA bridge with the same functionality, or if it's workable. None of that precludes making the LDA recommendation. Most people already running procmail or local UNIX MUAs are savvy enough to discover LDA before hitting this list. So you can assume with some surety that the OP who doesn't know about LDA likely isn't using procmail, mutt, pine, etc. Sure there are exceptions, but this is normally the case. I think the problem here, given the tone of your prose above and correcting me on the use of "light year" of all damn things, is that my earlier praise directed at you due to your slightly greater knowledge of the intricacies of file locking, has given you the impression that I'm some kind of knuckle dragging noob in need of education by you. If that is the case please read my last 500 posts to this list to dispel that misconception. You are my peer, not my superior. Keep that in mind in your future correspondence. -- Stan From ben at morrow.me.uk Sat Nov 10 22:25:29 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Sat, 10 Nov 2012 20:25:29 +0000 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <509EA1C4.3050103@hardwarefreak.com> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> <509EA1C4.3050103@hardwarefreak.com> Message-ID: <20121110202529.GA30152@anubis.morrow.me.uk> At 12PM -0600 on 10/11/12 you (Stan Hoeppner) wrote: > On 11/8/2012 5:53 PM, Ben Morrow wrote: > > At 3AM -0600 on 8/11/12 you (Stan Hoeppner) wrote: > >> > >> LDA completely eliminates lock contention. > > > > As we have discussed before, using the LDA does not prevent lock > > contention, it just prevents the problems that arise when different > > software is using different locking strategies on the same mailbox > > (assuming nothing except LDA and imap is touching the mailbox directly). > > You seem to have contradicted yourself. You described lock contention > to a T, and stated Dovecot does prevents that "problem", but also said > Dovecot doesn't prevent lock contention. File locking != lock > contention. You can have the former without the latter. The usual meaning of 'lock contention' is 'two processes legitimately competing for the *same* lock'. For instance, a search for 'lock contention' on Wikipedia leads to lock contention: This occurs whenever one process or thread attempts to acquire a lock held by another process or thread. This will still occur when using the LDA: that is, there will still be occasions where the LDA and the imap process are competing for the mbox lock, and one ends up locking the other out temporarily. The problems with locking that arise when accessing the same mailbox using both Dovecot and non-Dovecot software come from different processes using *different* locks from each other, or acquiring them in a different order. This is not ordinary lock contention: in fact, in the worst case, the two processes end up not having any locks in common, so you get no lock contention at all but data corruption instead. > > There are valid reasons for not using the LDA: the OP might be already > > using procmail, for instance, and have users with procmail recipies > > which sort into IMAP folders. These folders will need to be locked by > > procmail even if the default delivery to INBOX is changed (globally) to > > happen through dovecot-lda. While migrating to sieve (and mdbox, and > > LMTP) would, IMHO, be the best long-term solution, this isn't necessarily > > something that can be set up overnight. > > And? I'm failing to understand your point here. You appear to be advocating the LDA as the solution to all possible problems with mail delivery, and implying anyone not using it is doing something seriously wrong. I was pointing out that that is not always the case. > The OP hasn't stated > yet, that I recall, if he's accessing the mbox files with anything other > than Dovecot and Postfix. If he does state this, we'll make further > recommendations as to how get across the LDA bridge with the same > functionality, or if it's workable. None of that precludes making the > LDA recommendation. Most people already running procmail or local UNIX > MUAs are savvy enough to discover LDA before hitting this list. So you > can assume with some surety that the OP who doesn't know about LDA > likely isn't using procmail, mutt, pine, etc. Sure there are > exceptions, but this is normally the case. I believe the OP mentioned something about having run out of mboxes for 20 years? To me that suggests an old-fashioned Unix setup, which in turn suggests procmail as a likely possibility. I could, of course, be wrong. > I think the problem here, given the tone of your prose above and > correcting me on the use of "light year" of all damn things, is that my > earlier praise directed at you due to your slightly greater knowledge of > the intricacies of file locking, has given you the impression that I'm > some kind of knuckle dragging noob in need of education by you. If that > is the case please read my last 500 posts to this list to dispel that > misconception. > > You are my peer, not my superior. Keep that in mind in your future > correspondence. If I have offended you, I apologise. That was certainly not my intention. Ben From radikn at seznam.cz Sat Nov 10 22:34:07 2012 From: radikn at seznam.cz (=?UTF-8?Q?Radek_Novotn=C3=BD?=) Date: Sat, 10 Nov 2012 21:34:07 +0100 Subject: [Dovecot] User iteration with static userdb Message-ID: <97e9e4ee533292752c95ef18bdfb3367@r-n.cz> Hi all, can someone explain me, please, why user iteration (iterate_query) doesn't work with static userdb? There isn't reason why it shouldn't work. In my opinion. However static userdb doesn't mean that user list not exist. Thanks Radek From ben at morrow.me.uk Sun Nov 11 02:39:21 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Sun, 11 Nov 2012 00:39:21 +0000 Subject: [Dovecot] Sieve users script problem. In-Reply-To: <509E84F4.4030406@ngtech.co.il> References: <509E84F4.4030406@ngtech.co.il> Message-ID: <20121111003920.GD30152@anubis.morrow.me.uk> At 6PM +0200 on 10/11/12 you (Eliezer Croitoru) wrote: > I am using Dovecot 2.1.9 which seems to solve older bug in sieve. > Now I have another problem with users scripts. > I want dovecot to run users scripts but it seems to not even see them. > Dovecot runs the default sieve script from home dir but wont see the > sieve scripts in the sieve subdirectory and some logs: Sieve only runs one user-specified sieve script. The other scripts in the sieve/ directory are alternatives which can be managed and activated using managesieve. The ~/.dovecot.sieve script should be a symlink to the currently-activated script in the sieve/ directory, so that managesieve can change which script is activated. It is also possible to run other scripts from the sieve/ directory using the 'include' extension, but you must use the :personal location (or simply not specify :global, since :personal is the default). If a user wants to run several scripts in succession I believe the only way currently is to create a 'master' script which looks like require ["include"]; include "script1"; include "script2"; and activate that script. > Nov 10 18:35:54 lda(user at domain.local): Debug: sieve: include: > sieve_global_dir is not set; it is currently not possible to include > `:global' scripts. It's not clear to me what's happening here: does that script use the 'include :global' command? If you want that to work you will need to create a system-wide scripts directory and set the sieve_global_dir parameter to point to it. If OTOH you wanted to include a script from the user's sieve/ directory, you need to leave off the :global tag. Ben From emailbuilder88 at yahoo.com Sun Nov 11 09:53:20 2012 From: emailbuilder88 at yahoo.com (E.B.) Date: Sat, 10 Nov 2012 23:53:20 -0800 (PST) Subject: [Dovecot] LDA without lookup as non-root? In-Reply-To: <1352619573.99460.YahooMailNeo@web39302.mail.mud.yahoo.com> References: <1350679409.31412.YahooMailNeo@web39302.mail.mud.yahoo.com> <1350760632.64676.YahooMailNeo@web39305.mail.mud.yahoo.com> <1350765252.74118.YahooMailNeo@web39301.mail.mud.yahoo.com> <1352619573.99460.YahooMailNeo@web39302.mail.mud.yahoo.com> Message-ID: <1352620400.63560.YahooMailNeo@web39304.mail.mud.yahoo.com> Timo, Sorry I didn't see your response until now >> 3) The interesting part -- I am invoking LDA from Maildrop. See: >> http://thread.gmane.org/gmane.mail.imap.dovecot/65473 > So >> when invoked, Maildrop has already dropped to the destination UID/GID >> and the needed paths are available in the environment.? However, using >> as many permutations of calling LDA as I can think of (based on? ? >> http://wiki2.dovecot.org/LDA ), I always get this: >> >> (command line usage error. Command output: lda: Fatal: Couldn't lookup >> our? username (uid=2500) ) > > Set USER environment. Sorry, would you mind being more specific?? If you see my follow-up posts on this thread, I found a source file with this error message in it (link below) and reading that code, there is no way to avoid this error for non-system users (uid's) if you don't use -d.? (looking at the "destination" variable) http://hg.dovecot.org/dovecot-sieve-1.1/raw-rev/7d85833eff96 From stephan at rename-it.nl Mon Nov 12 01:15:22 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Mon, 12 Nov 2012 00:15:22 +0100 Subject: [Dovecot] Sieve puts incoming message into inbox on any problem with submission_host In-Reply-To: <509D0407.8070307@netcologne.de> References: <509D0407.8070307@netcologne.de> Message-ID: <50A0318A.7080005@rename-it.nl> On 11/9/2012 2:24 PM, Christian Rohmann wrote: > Hello dovecot-users, > > I have a question/suggestion regarding the submission_host feature of > the lda (either via dovecot-lda binary or lmtp) in combination with sieve. > > The same applies to vacation messages being sent out. Especially with an > (unconditional) redirect action, users don't expect to find messages in > their inbox. Also problems with the submission_host could very much be > temporary and a little delay in delivering a message is better then > putting it somewhere the user doesn't expect a message to be. Yes, I agree. With the normal sendmail configuration this situation was much less likely to occur since messages would be queued locally first. > Is there any way to change the behavior of dovecot or the sieve plugin > to tempfail in case a message cannot be sent out? Not currently, I've been thinking about something like that for use with the extprograms plugin, which presents similar challenges. > I know that with multiple sieve actions it gets more complicated as > there could be corner cases were the first message can be sent via the > submission server and another message produced by the same sieve script > cannot. Exactly. And other kind of actions even make this more annoying. The Sieve interpreter tries to do things atomically as much as possible. With outgoing messages, that is rather difficult, so these actions are performed only after all other actions, e.g. local folder deliveries, succeed. So, in the current implementation simply issuing a temp fail would yield the even nastier result of duplicating deliveries; it is not possible to simply undo local message deliveries at that stage anymore. To solve this definitively I'll have to do some redesign of the action execution sequence. > I'd love sieve to behave like this: > > a) if submission host is unreachable (hostname wrong, timeout, ...) -> > tempfail The simplest solution right now would be to perform a pre-check on whether the message submission is likely to succeed or not. Regards, Stephan. From dmiller at amfes.com Mon Nov 12 03:11:10 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Sun, 11 Nov 2012 17:11:10 -0800 Subject: [Dovecot] v2.1 memory usage In-Reply-To: <5A7F7F7A-9CEB-4A20-B03C-99EE81351114@iki.fi> References: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> <1352151633.13571.116.camel@hurina> <1352157757.13571.121.camel@hurina> <50992C33.8030505@wildgooses.com> <5A7F7F7A-9CEB-4A20-B03C-99EE81351114@iki.fi> Message-ID: <assp.1663b64dd1.50A04CAE.5040608@amfes.com> On 11/6/2012 12:30 PM, Timo Sirainen wrote: > On 6.11.2012, at 17.26, Ed W wrote: > >> On 05/11/2012 23:22, Timo Sirainen wrote: >>> On Mon, 2012-11-05 at 23:40 +0200, Timo Sirainen wrote: >>> This also provides a nice abstraction to OpenSSL, making it again >>> possible to implement other backends like GnuTLS or NSS. (Except >>> login process code doesn't use lib-ssl-iostream yet.) >> Does libtomcrypt implement enough? > It doesn't do SSL, which is all Dovecot cares about. > Can the GnuTLS OpenSSL compatibility layer be used safely? -- Daniel From h.reindl at thelounge.net Mon Nov 12 03:20:58 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Mon, 12 Nov 2012 02:20:58 +0100 Subject: [Dovecot] v2.1 memory usage In-Reply-To: <assp.1663b64dd1.50A04CAE.5040608@amfes.com> References: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> <1352151633.13571.116.camel@hurina> <1352157757.13571.121.camel@hurina> <50992C33.8030505@wildgooses.com> <5A7F7F7A-9CEB-4A20-B03C-99EE81351114@iki.fi> <assp.1663b64dd1.50A04CAE.5040608@amfes.com> Message-ID: <50A04EFA.1080202@thelounge.net> Am 12.11.2012 02:11, schrieb Daniel L. Miller: > On 11/6/2012 12:30 PM, Timo Sirainen wrote: >> On 6.11.2012, at 17.26, Ed W wrote: >> >>> On 05/11/2012 23:22, Timo Sirainen wrote: >>>> On Mon, 2012-11-05 at 23:40 +0200, Timo Sirainen wrote: >>>> This also provides a nice abstraction to OpenSSL, making it again possible to implement other backends like >>>> GnuTLS or NSS. (Except login process code doesn't use lib-ssl-iostream yet.) >>> Does libtomcrypt implement enough? >> It doesn't do SSL, which is all Dovecot cares about. >> > > Can the GnuTLS OpenSSL compatibility layer be used safely? where is the problem with openssl? please leave us in peace with gnuTLS and see how it affects OpenVAS / Greenbone Sceurity Assistant on distributions like Fedora the whole year what about config compatibility like ssl_cipher_list = ALL:!LOW:!MEDIUM:!SSLv2:!MD5:!aNULL:!eNUL:!ADH:!AESGCM:!EXP:HIGH -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 259 bytes Desc: OpenPGP digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121112/e06fa043/attachment-0004.bin> From calestyo at scientia.net Mon Nov 12 03:26:21 2012 From: calestyo at scientia.net (Christoph Anton Mitterer) Date: Mon, 12 Nov 2012 02:26:21 +0100 Subject: [Dovecot] mbox vs. maildir storage block waste In-Reply-To: <509C6243.9040002@r.paypc.com> References: <1351544049.3435.47.camel@fermat.scientia.net> <9D29C5F7-A6BC-4D74-AAA9-14675035D09C@iki.fi> <1351545330.3435.66.camel@fermat.scientia.net> <22F4E090-F572-40F4-8B69-D48E48856815@iki.fi> <1351547682.3435.76.camel@fermat.scientia.net> <A15D492A-72F5-44F9-9167-6E1AE8CC9647@iki.fi> <1351556165.3435.88.camel@fermat.scientia.net> <9C95F27A-0D85-4CD4-8172-9829BC026A14@iki.fi> <1352420557.5071.54.camel@fermat.scientia.net> <509C6243.9040002@r.paypc.com> Message-ID: <1352683581.12282.11.camel@fermat.scientia.net> On Thu, 2012-11-08 at 17:54 -0800, Robin wrote: > The performance is surprisingly bad ... doing almost everything. > Searches through IMAP, bulk importation of mail folders, large > numbers of simultaneous mail deliveries, you name it. Have you made systematic tests? I.e. compared times for all of these with those from the different dovecot backends. > There wasn't a task that the dbmail setup performed faster than > Dovecot, in either low or high load situations. Which backend did you use? > When pressed on this lack of performance, I was instructed to "add > more RAM" to the DB machine, and that for ideal performance I should > have more RAM than my mailbox sizes. *sigh* This sounds great for a > very small installation, but this clearly is not something that > scales. Yeah... that?s truly disappointing... Do you have detailed numbers? I guess you?ve "only" tried dbmail? > The dbmail folk are earnest and hard-working, and I don't mean to cast > the slightest bit of negativity on their project. I think the > assumptions about what SQL servers can do well often doesn't square > with the reality of many applications that people try to fit them > into. hmm... > remove filesystem journaling, write barriers, etc on the mail db > mountpoint. All something I wouldn?t want to do on my production systems ;) Thanks for your detailed information :) Cheers, Chris. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5113 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121112/b9ecc4c5/attachment-0004.bin> From dmiller at amfes.com Mon Nov 12 06:05:22 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Sun, 11 Nov 2012 20:05:22 -0800 Subject: [Dovecot] Solr 4.0 - lucene - FTS In-Reply-To: <509B9B65.4020801@Media-Brokers.com> References: <509A5B99.1000900@Media-Brokers.com> <385519A7-AE91-4C38-94C6-7CD8A957E178@iki.fi> <509B9B65.4020801@Media-Brokers.com> Message-ID: <assp.0663ccfa4e.1a55e639b2a9e3dfd82152de9fa2fd9a@amfes.com> On 2012-11-08 03:45, Charles Marcus wrote: > On 2012-11-07 10:14 AM, Timo Sirainen <tss at iki.fi> wrote: > >> No, fts-lucene and fts-solr are separate backends. But I do have some small plans to add a few more features to fts-solr. > > Thanks again Timo, but one last follow-up... > > According to the wiki, Solr is the preferred method, but that seems > weird to me - it requires a full blown Solr server that dovecot > communicates with using HTTP/XML queries? Maybe not that big a deal, but > just sounds like overkill to me, unless you are maybe already using Solr > for website searches (which I'm not and have no need for). I would much > prefer something simpler that doesn't require any external dependencies > like that, so, next choice is Lucene... > > Looks much simpler, only requires Lucene's C++ library... > > But it builds only a single Lucene index for all mailboxes - not sure if > this is good or bad? Seems like it would be better/more efficient (and > less chance of index corruption, but most importantly, less overhead in > the event that one gets hosed and dovecot needs to rebuild it) to build > individual indexes for each mailbox, then, maybe, to provide support for > searching ALL mailboxes, have a master index that basically just > maintains a list of all of the individual indexes to be used for the > search (so it doesn't have to scan all available mailboxes, but which it > can do in the event that *it* ever got hosed). > > Obviously I don't know much about all this, so may be totally off base... > > Thanks again, and for listening to my ramblings, My, probably wrong, impression is this: The concept of running a "full blown Solr server" seems intimidating - until you actually do it. It's just another Java process. If you're already using Java for something else then I don't think there's much concern - my (again, probably wrong) understanding is once you've got one Java process running, other than process-specific variables/caching the overall overhead of the Java VM is shared - so in for a penny in for a pound. Lucene development is actively done in Java, with Solr being the primary reference implementation. The C libraries (I know of two) are then derived from the Java library - so the C implementations always lag behind the Java one, and it looks like there's much more active work going into the Java library. There's no question the Lucene implementation in Dovecot is the simplest for an administrator to work with - but the Solr version sure looks a lot more powerful. The tradeoff is sometimes needing to fiddle with configuration settings (not like we ever need to that for anything else, right?), especially with new versions of either Dovecot or Solr. Having a single index store - I suppose theoretically increases a point of failure, but given that the FTS indexes are a partial duplicate of and generated from the mail storage I'm not losing sleep over it. I put my Solr installation on the same raid array as my mail store - I'm not seeing any issues with it but I don't claim to be a senior admin. I'm currently running Solr 4.0. A few tweaks are needed to get it running, but once it's up it goes quite smoothly. -- Daniel From dmiller at amfes.com Mon Nov 12 06:13:54 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Sun, 11 Nov 2012 20:13:54 -0800 Subject: [Dovecot] v2.1 memory usage In-Reply-To: <50A04EFA.1080202@thelounge.net> References: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> <1352151633.13571.116.camel@hurina> <1352157757.13571.121.camel@hurina> <50992C33.8030505@wildgooses.com> <5A7F7F7A-9CEB-4A20-B03C-99EE81351114@iki.fi> <50A04CAE.5040608@amfes.com> <50A04EFA.1080202@thelounge.net> Message-ID: <assp.1663a3b60b.f55349df7c455907404f9b76b8a6809e@amfes.com> On 2012-11-11 17:20, Reindl Harald wrote: > Am 12.11.2012 02:11, schrieb Daniel L. Miller: > >> On 11/6/2012 12:30 PM, Timo Sirainen wrote: >> >>> On 6.11.2012, at 17.26, Ed W wrote: >>> >>>> On 05/11/2012 23:22, Timo Sirainen wrote: >>>> >>>>> On Mon, 2012-11-05 at 23:40 +0200, Timo Sirainen wrote: This also provides a nice abstraction to OpenSSL, making it again possible to implement other backends like GnuTLS or NSS. (Except login process code doesn't use lib-ssl-iostream yet.) >>>> Does libtomcrypt implement enough? >>> It doesn't do SSL, which is all Dovecot cares about. >> Can the GnuTLS OpenSSL compatibility layer be used safely? > > where is the problem with openssl? I don't know what the problem is - I just know that I've heard from a number of developers (including the Postfix & Dovecot developers) that they don't like OpenSSL - but while GnuTLS looks interesting they aren't interested in working on the interface - though they're willing to accept patches. (My full apologies right now if Timo or Wietse are offended by my speaking out of turn). I'm no security expert, but I do know that OpenSSL has had issues with version compatiblity. I had a very troubled time during an OpenSSL/Postfix upgrade that left me non-functional until I found the exact version pairings required. The tiny bit of Googling I've done tells me GnuTLS seems to be a more standards-compliant implementation, and MAY be "safer" than OpenSSL. However, as OpenSSL is the de-facto standard used by most Linux programs, acceptance of GnuTLS is quite limited. I've been intrigued by what I've read about it, and took a quick look at enabling support in Dovecot for GnuTLS directly - but while it didn't seem overly heavy at first glance the fact that Timo doesn't want to do it tells me I'm underestimating the complexity. -- Daniel From eliezer at ngtech.co.il Mon Nov 12 06:45:00 2012 From: eliezer at ngtech.co.il (Eliezer Croitoru) Date: Mon, 12 Nov 2012 06:45:00 +0200 Subject: [Dovecot] Sieve users script problem. In-Reply-To: <20121111003920.GD30152@anubis.morrow.me.uk> References: <509E84F4.4030406@ngtech.co.il> <20121111003920.GD30152@anubis.morrow.me.uk> Message-ID: <50A07ECC.8020708@ngtech.co.il> On 11/11/2012 2:39 AM, Ben Morrow wrote: > require ["include"]; > > include "script1"; > include "script2"; > > and activate that script. > >> >Nov 10 18:35:54 lda(user at domain.local): Debug: sieve: include: >> >sieve_global_dir is not set; it is currently not possible to include >> >`:global' scripts. > It's not clear to me what's happening here: does that script use the > 'include :global' command? If you want that to work you will need to > create a system-wide scripts directory and set the sieve_global_dir > parameter to point to it. If OTOH you wanted to include a script from > the user's sieve/ directory, you need to leave off the :global tag. > > Ben > Thanks, Now I kind of understand it but from the documentation it feels like there is a default and directory which works always.(Or this what I understood) Since its not like that it makes my options limited but stil this can do what I need. I need it to filter mails into sub-directories for my user only so it's fine. Thanks Again, Eliezer -- Eliezer Croitoru https://www1.ngtech.co.il IT consulting for Nonprofit organizations eliezer <at> ngtech.co.il From lukashaase at gmx.at Mon Nov 12 11:10:09 2012 From: lukashaase at gmx.at (Lukas Haase) Date: Mon, 12 Nov 2012 01:10:09 -0800 Subject: [Dovecot] dovecot lost mail! Cause? Message-ID: <k7qedh$kg$1@ger.gmane.org> Hi, After using dovecot for several years now, today happend something which makes me really feel unconfortable: An email received was just not delivered properly, or, is lost! The mail (from an external server) was sent to two local mailboxes, user1 and user2. user1 received the message but for user2, it *magically* disappeared. MTA is exim4 which definitely processed the messages and handed over to dovecot deliver: 2012-11-12 07:28:21 1TXnVG-00053I-GD SA: [...] id=8644593.887351352701 685934.JavaMail 2012-11-12 07:28:21 1TXnVG-00053I-GD => user1 <user1 at example.com> R=dovecot T=dovecot_pipe 2012-11-12 07:28:21 1TXnVG-00053I-GD => user2 <user2 at example.com> R=dovecot T=dovecot_pipe 2012-11-12 07:28:21 1TXnVG-00053I-GD Completed Also, the log of dovecot tells that the mail should have been stored: Nov 12 07:28:21 mail dovecot: deliver(user1): sieve: msgid=<8644593.887351352701685934.JavaMail>: stored mail into mailbox 'INBOX' Nov 12 07:28:21 mail dovecot: deliver(user2): sieve: msgid=<8644593.887351352701685934.JavaMail.orbitz>: stored mail into mailbox 'INBOX' user1 received the mail but user2 not. Since user2 is myself, I *know* that I did not accidently delete any mail or something like that. It was just never received! Disk space is 3GB left, so enough. So I grepped the whole Maildir of user2 for the message ID. There is only one match in the dovecot.index.cache and within that, the most important data of the mail (Message ID, Date, Sender, Receiver, Subject) appears. But apart from that, not a single file! Is there hope to ever find out why what was going wrong here? It feels me veeeeeeeeery unconfortable because from now on I can never be sure any more that all my mails are really received :( :( However, as I said, my mail system processed maybe millions of messages the past 8 years. Although, I can not be sure if that was the case ... :( And help greatly appreciated! Luke PS: Dovecot version 1.2.15 (Debian 6.0.6) with Maildir backend on local harddrive. No NFS, nothing which can go wrong ... PPS: Original log files, just named replaced for privacy. From skdovecot at smail.inf.fh-brs.de Mon Nov 12 11:19:17 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Mon, 12 Nov 2012 10:19:17 +0100 (CET) Subject: [Dovecot] dovecot lost mail! Cause? In-Reply-To: <k7qedh$kg$1@ger.gmane.org> References: <k7qedh$kg$1@ger.gmane.org> Message-ID: <alpine.DEB.1.10.1211121018330.10160@pc-2m63a.inf.fh-bonn-rhein-sieg.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 12 Nov 2012, Lukas Haase wrote: > Nov 12 07:28:21 mail dovecot: deliver(user2): sieve: > msgid=<8644593.887351352701685934.JavaMail.orbitz>: stored mail into > mailbox 'INBOX' are there any other log lines of user2? - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBUKC/FmoxLS8a3A9mAQJLEAgAkghKGBYWFj94OMCo5mM26XV4c0nHKgob ec0ELqgOIGZf+DA7+Dztwq/MWgdkhB/ZbUSQ2rd4qQ7nf7gEO10L0WXUXWzMJ9sm upvn8JaOJDZ37Ne7AeoOib/m5fXyQUa0oiW7y8ShdeveTAOtn+Bu0OT2BuibOeT8 /EsTA+DfVlymTgHrMYU0LIjjvHh94Duj4at1k1X1So2kTaNbw48ljKYMd0qb2+pR 39D/ZtynOqnEKzj5f+JU+WmCcCAEAW9IL8U8pySvuZaXkPN+cfcLO82J9UIEmIAf IKymFt7JuNabGCsJ0FpMeuLAyXNOxJdKmGxgqmpyfilPY2ty8hstmg== =Uz9E -----END PGP SIGNATURE----- From tibby at tibby.hu Mon Nov 12 11:40:11 2012 From: tibby at tibby.hu (Tibby) Date: Mon, 12 Nov 2012 10:40:11 +0100 Subject: [Dovecot] Help me with IMAP config Message-ID: <3960A514-7030-4F63-A346-5DE5DDAA4C63@tibby.hu> Hello! I have dovecot running. Imap works fine. When i connect with outlook an when i delete a message it gets crossed out but still stays in my mailbox. I want to disable this feature. I want it once its deleted then go to trash folder on the mail server and thats it. Is there an option for this? I'm running dovecot 1.2.15 Thanks! From lukashaase at gmx.at Mon Nov 12 11:44:37 2012 From: lukashaase at gmx.at (Lukas Haase) Date: Mon, 12 Nov 2012 01:44:37 -0800 Subject: [Dovecot] dovecot lost mail! Cause? In-Reply-To: <alpine.DEB.1.10.1211121018330.10160@pc-2m63a.inf.fh-bonn-rhein-sieg.de> References: <k7qedh$kg$1@ger.gmane.org> <alpine.DEB.1.10.1211121018330.10160@pc-2m63a.inf.fh-bonn-rhein-sieg.de> Message-ID: <k7qge4$g5r$1@ger.gmane.org> Hi, On 11/12/2012 1:19 AM, Steffen Kaiser wrote: > On Mon, 12 Nov 2012, Lukas Haase wrote: > >> Nov 12 07:28:21 mail dovecot: deliver(user2): sieve: >> msgid=<8644593.887351352701685934.JavaMail.orbitz>: stored mail into >> mailbox 'INBOX' > > are there any other log lines of user2? Anfortunately not :-( Grepped everything, and I would have posted otherwise. My hope is that the dovecot.index.cache may provide some insights (I made a backup copy of it). Luke From Bill at KnoxvilleChristian.org Mon Nov 12 11:46:25 2012 From: Bill at KnoxvilleChristian.org (Bill Shirley) Date: Mon, 12 Nov 2012 04:46:25 -0500 Subject: [Dovecot] Help me with IMAP config In-Reply-To: <3960A514-7030-4F63-A346-5DE5DDAA4C63@tibby.hu> References: <3960A514-7030-4F63-A346-5DE5DDAA4C63@tibby.hu> Message-ID: <50A0C571.7000005@KnoxvilleChristian.org> On 11/12/2012 4:40 AM, Tibby wrote: > Hello! > I have dovecot running. Imap works fine. When i connect with outlook an when i delete a message it gets crossed out but still stays in my mailbox. I want to disable this feature. I want it once its deleted then go to trash folder on the mail server and thats it. Is there an option for this? I'm running dovecot 1.2.15 > > Thanks! This is the way IMAP works. Deleted items are marked delete and then removed when the client issues the 'expunge' command. It's best to change this in the email client. Look at your Outlook configuration for a way to 'move deleted items to trash' or 'expunge'. Bill From busseniu at in.tum.de Mon Nov 12 11:49:06 2012 From: busseniu at in.tum.de (=?UTF-8?B?Q2hyaXN0b3BoIEJ1w59lbml1cw==?=) Date: Mon, 12 Nov 2012 10:49:06 +0100 Subject: [Dovecot] Invalid Managesieve commands are counted twice Message-ID: <50A0C612.8020903@in.tum.de> Hi, the Managesieve server closes the connection if it receives an unknown command before authentication: "IMPLEMENTATION" "Dovecot Pigeonhole" "SIEVE" "fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave" "NOTIFY" "mailto" "SASL" "PLAIN" "STARTTLS" "VERSION" "1.0" OK "Dovecot ready." --> BOGUS NO "Error in MANAGESIEVE command received by server." NO "Error in MANAGESIEVE command received by server." BYE "Too many invalid MANAGESIEVE commands." Connection closed by foreign host. Note that only one bogus command has been sent by the client, however the server sends two identical error messages. This seems to be a bug in Pigeonhole 0.3.3. In version 0.2.6, the connection was kept open after the error message. This is actually important to us because we use the "sieveshell" utility which is shipped with the Python "managesieve" package. The managesieve.py module always sends a BOGUS command after the TLS handshake. According to its comments, this is done to work around problems with other server implementations: # Some servers send capabilities after TLS handshake, some # do not. We send a bogus command, and expect a NO. If you # get something else instead, read the extra NO to clear # the buffer. typ, data = self._command('BOGUS') (The full source is at http://pydoc.net/managesieve/0.4.2/managesieve) As a result, sieveshell cannot be used with TLS and a current Dovecot/Pigeonhole server. Cheers, Christoph -- Christoph Bu?enius Rechnerbetriebsgruppe der Fakult?ten Informatik und Mathematik Technische Universit?t M?nchen +49 89-289-18519 <> Raum 00.05.040 <> Boltzmannstr. 3 <> Garching From stephan at rename-it.nl Mon Nov 12 12:18:37 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Mon, 12 Nov 2012 11:18:37 +0100 Subject: [Dovecot] Invalid Managesieve commands are counted twice In-Reply-To: <50A0C612.8020903@in.tum.de> References: <50A0C612.8020903@in.tum.de> Message-ID: <50A0CCFD.2000900@rename-it.nl> On 11/12/2012 10:49 AM, Christoph Bu?enius wrote: > Hi, > > the Managesieve server closes the connection if it receives an unknown > command before authentication: > > Note that only one bogus command has been sent by the client, however > the server sends two identical error messages. > > This seems to be a bug in Pigeonhole 0.3.3. In version 0.2.6, the > connection was kept open after the error message. It is a bug. > As a result, sieveshell cannot be used with TLS and a current > Dovecot/Pigeonhole server. I fixed this a while back, but hasn't been released so far: http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/ceef02768dee Regards, Stephan. From busseniu at in.tum.de Mon Nov 12 12:47:00 2012 From: busseniu at in.tum.de (=?UTF-8?B?Q2hyaXN0b3BoIEJ1w59lbml1cw==?=) Date: Mon, 12 Nov 2012 11:47:00 +0100 Subject: [Dovecot] Invalid Managesieve commands are counted twice In-Reply-To: <50A0CCFD.2000900@rename-it.nl> References: <50A0C612.8020903@in.tum.de> <50A0CCFD.2000900@rename-it.nl> Message-ID: <50A0D3A4.5070906@in.tum.de> Hi Stephan, On 12.11.2012 11:18, Stephan Bosch wrote: > I fixed this a while back, but hasn't been released so far: > > http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/ceef02768dee thanks, I am going to try out the current hg version. I guess I should have tried this first... Cheers, Christoph -- Christoph Bu?enius Rechnerbetriebsgruppe der Fakult?ten Informatik und Mathematik Technische Universit?t M?nchen +49 89-289-18519 <> Raum 00.05.040 <> Boltzmannstr. 3 <> Garching From design at 1stwebdesigns.com Mon Nov 12 13:15:49 2012 From: design at 1stwebdesigns.com (1st WebDesigns) Date: Mon, 12 Nov 2012 11:15:49 +0000 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <20121108235334.GB89679@anubis.morrow.me.uk> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> Message-ID: <50A0DA65.9080503@1stwebdesigns.com> On 08/11/2012 23:53, Ben Morrow wrote: > At 3AM -0600 on 8/11/12 you (Stan Hoeppner) wrote: >> >> 1.0.7 is absolutely ancient and no longer officially supported. You >> need 1.2.x minimum, 2.x.x even better. And you say you just recently >> upgraded your Linux distro? What planet do you live on son? You're a >> few light years behind current stable software. > > [A light-year is a measure of distance, not of time.] > >> LDA completely eliminates lock contention. > > As we have discussed before, using the LDA does not prevent lock > contention, it just prevents the problems that arise when different > software is using different locking strategies on the same mailbox > (assuming nothing except LDA and imap is touching the mailbox directly). > > There are valid reasons for not using the LDA: the OP might be already > using procmail, for instance, and have users with procmail recipies > which sort into IMAP folders. These folders will need to be locked by > procmail even if the default delivery to INBOX is changed (globally) to > happen through dovecot-lda. While migrating to sieve (and mdbox, and > LMTP) would, IMHO, be the best long-term solution, this isn't necessarily > something that can be set up overnight. > > Ben > > > > ----- > No virus found in this message. > Checked by AVG - www.avg.com > Version: 2012.0.2221 / Virus Database: 2441/5382 - Release Date: 11/08/12 > > Thanks for your replies. I switched to Dovecot LDA this morning, but the issue still persists, albeit logged slightly differently by Dovecot now instead of Postfix: "save failed to INBOX: Timeout while waiting for lock" The reason is because some pop3 clients are holding their connection for 5 or 6 minutes (don't ask me why - and the iPhone seems to be the major culprit). In dovecot.conf I changed: mbox_lock_timeout = 300 to mbox_lock_timeout = 600 Which seems to have helped. I am unclear if this value only applied to Dovecot LDA or if it would have worked previously before switching to Dovecot LDA? From tss at iki.fi Mon Nov 12 13:33:45 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Nov 2012 13:33:45 +0200 Subject: [Dovecot] Commercial features in Dovecot future: Object storage, archive Message-ID: <85966921-0276-4B80-8F7B-37B5B9558FFC@iki.fi> Hi all, Dovecot Oy?s web pages at www.dovecot.fi have been updated. The products page lists two features that will be available for commercial licensing, extending the functionality of the basic open-source version of Dovecot. * Storing emails to (high-latency) object storage, initially supporting Amazon S3, Caringo CAStor and Scality. * Email archive storage. See http://www.dovecot.fi/products/index.html for details. I?ve been developing Dovecot for over 10 years now. For a long time it was my primary motivation in life to create the best IMAP server available :) I think I've pretty much accomplished that by now. The future is looking very bright for Dovecot: we will continue the open source development stronger than ever, but in addition, for the long term it needs some additional licensed components that bring the money to cover the cost for future Dovecot development and to be able to build up the support in a professional way. These new features will be added as plugins on top of Dovecot to extend the functionality. Note that I?m not just randomly choosing which features will be open and which will be licensed. Only some specific features will be licensed where my company is going to make money with partnerships and in other measurable ways. From jerry at seibercom.net Mon Nov 12 13:54:37 2012 From: jerry at seibercom.net (Jerry) Date: Mon, 12 Nov 2012 06:54:37 -0500 Subject: [Dovecot] v2.1 memory usage In-Reply-To: <assp.1663a3b60b.f55349df7c455907404f9b76b8a6809e@amfes.com> References: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> <1352151633.13571.116.camel@hurina> <1352157757.13571.121.camel@hurina> <50992C33.8030505@wildgooses.com> <5A7F7F7A-9CEB-4A20-B03C-99EE81351114@iki.fi> <50A04CAE.5040608@amfes.com> <50A04EFA.1080202@thelounge.net> <assp.1663a3b60b.f55349df7c455907404f9b76b8a6809e@amfes.com> Message-ID: <20121112065437.1f174b59@scorpio> On Sun, 11 Nov 2012 20:13:54 -0800 Daniel L. Miller articulated: > I don't know what the problem is - I just know that I've > heard from a number of developers (including the Postfix & Dovecot > developers) that they don't like OpenSSL - but while GnuTLS looks > interesting they aren't interested in working on the interface - > though they're willing to accept patches. (My full apologies right > now if Timo or Wietse are offended by my speaking out of turn). > > I'm no security > expert, but I do know that OpenSSL has had issues with version > compatiblity. I had a very troubled time during an OpenSSL/Postfix > upgrade that left me non-functional until I found the exact version > pairings required. > > The tiny bit of Googling I've done tells me GnuTLS > seems to be a more standards-compliant implementation, and MAY be > "safer" than OpenSSL. However, as OpenSSL is the de-facto standard > used by most Linux programs, acceptance of GnuTLS is quite limited. > I've been intrigued by what I've read about it, and took a quick look > at enabling support in Dovecot for GnuTLS directly - but while it > didn't seem overly heavy at first glance the fact that Timo doesn't > want to do it tells me I'm underestimating the complexity. I have OpenSSL 1.0.1c 10 May 2012 installed on a FreeBSD machine that also runs Postfix and Dovecot. When I first updated to the new version from then 0.9x branch there were some minor problems. I believe that there was something Wietse had to do to get Postfix fully functional in the new environment, but it was done extremely quickly. The biggest problem I faced was that I discovered that I had to recompile every program on my system that depended on the new version of Openssl. Once that was done, virtually every problem I experienced disappeared. I am not aware of any developer who fears using the new version of Openssl, although apparently you do. The fact that a newer version of any software is not totally compatible with an older version is nothing new. I am amazed when they are fully compatible. Openssl is the de facto standard and I think that making a concerted effort to work with it would be a wise choice. I have also Googled and have not found any evidence that GnuTLS is more "standards compliant" nor "safer". I would be interested in those URLs. I would like to know who is making those claims and what their basis for them actually is. -- Jerry ? Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From alessio at skye.it Mon Nov 12 14:00:50 2012 From: alessio at skye.it (Alessio Cecchi) Date: Mon, 12 Nov 2012 13:00:50 +0100 Subject: [Dovecot] Commercial features in Dovecot future: Object storage, archive In-Reply-To: <85966921-0276-4B80-8F7B-37B5B9558FFC@iki.fi> References: <85966921-0276-4B80-8F7B-37B5B9558FFC@iki.fi> Message-ID: <50A0E4F2.1090906@skye.it> Il 12/11/2012 12:33, Timo Sirainen ha scritto: > Hi all, > > Dovecot Oy?s web pages at www.dovecot.fi have been updated. The products page lists two features that will be available for commercial licensing, extending the functionality of the basic open-source version of Dovecot. > > * Storing emails to (high-latency) object storage, initially supporting Amazon S3, Caringo CAStor and Scality. > > * Email archive storage. > > See http://www.dovecot.fi/products/index.html for details. > > I?ve been developing Dovecot for over 10 years now. For a long time it was my primary motivation in life to create the best IMAP server available :) I think I've pretty much accomplished that by now. > > The future is looking very bright for Dovecot: we will continue the open source development stronger than ever, but in addition, for the long term it needs some additional licensed components that bring the money to cover the cost for future Dovecot development and to be able to build up the support in a professional way. > > These new features will be added as plugins on top of Dovecot to extend the functionality. Note that I?m not just randomly choosing which features will be open and which will be licensed. Only some specific features will be licensed where my company is going to make money with partnerships and in other measurable ways. > I'm really interesting in storing email into object storage, since our IaaS provider is using Scality we can simple buy dovecot's plugin for scality. I will contact Dovecot Oy for more informations. -- Alessio Cecchi is: @ ILS -> http://www.linux.it/~alessice/ on LinkedIn -> http://www.linkedin.com/in/alessice Assistenza Sistemi GNU/Linux -> http://www.cecchi.biz/ @ PLUG -> ex-Presidente, adesso senatore a vita, http://www.prato.linux.it From lists at wildgooses.com Mon Nov 12 21:31:45 2012 From: lists at wildgooses.com (Ed W) Date: Mon, 12 Nov 2012 19:31:45 +0000 Subject: [Dovecot] v2.1 memory usage In-Reply-To: <assp.1663a3b60b.f55349df7c455907404f9b76b8a6809e@amfes.com> References: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> <1352151633.13571.116.camel@hurina> <1352157757.13571.121.camel@hurina> <50992C33.8030505@wildgooses.com> <5A7F7F7A-9CEB-4A20-B03C-99EE81351114@iki.fi> <50A04CAE.5040608@amfes.com> <50A04EFA.1080202@thelounge.net> <assp.1663a3b60b.f55349df7c455907404f9b76b8a6809e@amfes.com> Message-ID: <50A14EA1.3050307@wildgooses.com> On 12/11/2012 04:13, Daniel L. Miller wrote: > The tiny bit of Googling I've done tells me GnuTLS > seems to be a more standards-compliant implementation, and MAY be > "safer" than OpenSSL. However, as OpenSSL is the de-facto standard used > by most Linux programs, acceptance of GnuTLS is quite limited. I've been > intrigued by what I've read about it, and took a quick look at enabling > support in Dovecot for GnuTLS directly - but while it didn't seem overly > heavy at first glance the fact that Timo doesn't want to do it tells me > I'm underestimating the complexity. > Openssl is a *massive* project and I'm unsure that gnutls is much smaller... We should assume that both are quite scary from a "security" point of view. Licensing is the main thing which divides them, gnutls is stated as GPL compatible (however, the nominal incompatibility of openssl seems difficult to understand?) OpenVPN integrated with PolarSSL and got Dutch government official approval for the combined package. I think elsewhere it's stated that openssl would not have been approved because something like the codebase was too large to inspect and sign off http://polarssl.org/news?item=0132 I haven't worked with PolarSSL, so no idea, but it's massively smaller codebase is likely attractive if you are the kind of person who actually *does* security audits on the software you run in secure situations. Openssl is just a complete swiss army knife of tools! Ed W From tss at iki.fi Mon Nov 12 21:44:01 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Nov 2012 21:44:01 +0200 Subject: [Dovecot] v2.1 memory usage In-Reply-To: <assp.1663a3b60b.f55349df7c455907404f9b76b8a6809e@amfes.com> References: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> <1352151633.13571.116.camel@hurina> <1352157757.13571.121.camel@hurina> <50992C33.8030505@wildgooses.com> <5A7F7F7A-9CEB-4A20-B03C-99EE81351114@iki.fi> <50A04CAE.5040608@amfes.com> <50A04EFA.1080202@thelounge.net> <assp.1663a3b60b.f55349df7c455907404f9b76b8a6809e@amfes.com> Message-ID: <974F70A7-6A21-42C0-B7D4-43CAC3D5D9CB@iki.fi> On 12.11.2012, at 6.13, Daniel L. Miller wrote: >> where is the problem with openssl? > > I don't know what the problem is - I just know that I've > heard from a number of developers (including the Postfix & Dovecot > developers) that they don't like OpenSSL - but while GnuTLS looks > interesting they aren't interested in working on the interface - though > they're willing to accept patches. (My full apologies right now if Timo > or Wietse are offended by my speaking out of turn). OpenSSL documentation is very bad. Its API has some annoying missing features. For example you can load certificates from a directory or a file but not from anything else like from a string in memory. I had to copy&paste a few functions from OpenSSL code just to be able to do them. > The tiny bit of Googling I've done tells me GnuTLS > seems to be a more standards-compliant implementation, and MAY be > "safer" than OpenSSL. However, as OpenSSL is the de-facto standard used > by most Linux programs, acceptance of GnuTLS is quite limited. I've been > intrigued by what I've read about it, and took a quick look at enabling > support in Dovecot for GnuTLS directly - but while it didn't seem overly > heavy at first glance the fact that Timo doesn't want to do it tells me > I'm underestimating the complexity. I already once wrote GnuTLS support for Dovecot, but GnuTLS changed its APIs since then and it was probably originally already buggy. I think the only somewhat "special" APIs that Dovecot needs nowadays are related to reading cert/keys from memory instead of from files. If GnuTLS can do that, I don't think there's anything special in supporting it. Although it might be a bit complex to make it work properly asynchronously. istream-openssl was a bit annoying in that way (all the data read from the fd must be parsed and decoded all the way through to the SSL istream, regardless of any max buffer limits). From dovecot at r.paypc.com Tue Nov 13 00:44:22 2012 From: dovecot at r.paypc.com (Robin) Date: Mon, 12 Nov 2012 14:44:22 -0800 Subject: [Dovecot] mbox vs. maildir storage block waste In-Reply-To: <1352683581.12282.11.camel@fermat.scientia.net> References: <1351544049.3435.47.camel@fermat.scientia.net> <9D29C5F7-A6BC-4D74-AAA9-14675035D09C@iki.fi> <1351545330.3435.66.camel@fermat.scientia.net> <22F4E090-F572-40F4-8B69-D48E48856815@iki.fi> <1351547682.3435.76.camel@fermat.scientia.net> <A15D492A-72F5-44F9-9167-6E1AE8CC9647@iki.fi> <1351556165.3435.88.camel@fermat.scientia.net> <9C95F27A-0D85-4CD4-8172-9829BC026A14@iki.fi> <1352420557.5071.54.camel@fermat.scientia.net> <509C6243.9040002@r.paypc.com> <1352683581.12282.11.camel@fermat.scientia.net> Message-ID: <50A17BC6.5070100@r.paypc.com> On 11/11/2012 5:26 PM, Christoph Anton Mitterer wrote: > Have you made systematic tests? I.e. compared times for all of these > with those from the different dovecot backends. The choice of Dovecot backends made no substantial difference. I used maildir, sdbox, and mdbox. I also added SiS (with mdbox). Initial tests were on local multi-spindle RAID5 storage, but to handicap Dovecot, I pushed it over NFS (also Linux 3.2 on a local GigE segment). It wasn't slow enough to make dbmail competitive, even though you have to start turning off performance optimisation features in Dovecot to avoid NFS bugs. >> There wasn't a task that the dbmail setup performed faster than >> Dovecot, in either low or high load situations. > Which backend did you use? Backend for dbmail? Two MySQL versions (5.0 and 5.5) - InnoDB is required for dbmail, by the way. Postgres 8.4 and 9.1 backends, using its default storage engine. I tried the tests with both a separate DB machine, as well as a cohosted one with the dbmail connector using local sockets instead of TCP/IP, but that didn't significantly alter the performance. I've found my first notes from the tests. It was the second round of tests with the latest MySQL 5.0 server given some tuning to more aggressively use system memory. You will note the puny size of the mail folder hive in this round. > The mysqld process has consumed nearly an hour of CPU time during this process. > dbmail is configured to use local sockets rather than network I/O. > > I'm using the PERL MailTools http://search.cpan.org/dist/MailTools/ > to import about 10 folders' worth of email, totaling about 560MB in raw size, > constituting about 23,000 emails. The script basically creates the folders, > and does an APPEND for each email. It's bog simple. > > I DROP the database, recreated it, added the one user, verify DBMail > accepts authentication for the newly created mailbox, and then do the import. > The MySQL files live on a freshly formatted ext4 filesystem. > > The import takes Dovecot (MailDir or mdbox format), or Panda IMAP (mix) > about six minutes to complete. > > DBMail 3 took 4h 23m. Casual inspection of the system showed modestly > high CPU usage in mysqld and dbmail-imapd (as well as the import perl > command on occasion), but the Load Average didn't get too close to 1.0, > let alone 2.0, which concerns me that I might have hit some kind of > "busy wait" pathology. To clarify the above: To streamline iterative testing, I made a script to deactivate the currently running SQL server, unmount, re-format, re-mount, and re-populate the skeletal DB directories and restart the DB engine. So between each test, no matter the imapd or DB back-end, the mailstore was presented with a freshly formatted volume on dedicated spindles. The filesystem was ext4, formatted with: lazy_itable_init=0,lazy_journal_init=0,dir_index=1,extents=1,uninit_bg=0,flex_bg=0,has_journal=0,inode_size=256,dir_index=1, > Do you have detailed numbers? Not really, but after it was clear that I wasn't going to get comparable performance even within the same magnitude, I stopped testing it. I included the IMAP SEARCH performance comparison against fts_squat in my original mail to this list. In addition to huge performance deficiencies, it also has/had fatal operational bugs. > I guess you?ve "only" tried dbmail? I did try Manitou, but the lack of a proper IMAP service for it made extensive "like for like" testing very difficult. Manitou is still in the very early days, alas. It also relies on the SQL DB's underlying authentication systems which is rather ... alarming. It performs quite a bit better than dbmail, but still it's not close to Dovecot. At the time I tested it, only custom-rolled clients could talk to it, i.e., no imap4/pop3 "gateways" to it. I think I was most alarmed to see that the widely assumed benefits of putting mail on a SQL DB, i.e., fast searching/sorting, didn't actually happen in reality. As others have mentioned, I also shudder to think of backup/restore issues, especially on a single user level. The mechanisms of backing up and restoring maildirs and even mdboxes, i.e., simple files, are not only well understood, the failure modes are generally fully recoverable. SQL-DB file blobs, especially with MySQL, remind me too much of the "PST Hell" that Exchange administrators face. But maybe that's just my ignorance talking. > All something I wouldn?t want to do on my production systems ;) Neither would I. But as I said, I was "desperate" to get this close to Dovecot's performance. I had about 2-3 weeks to pre-qualify mail storage back-ends with an eye towards 4 or 5 digits of usercount, and maybe tens to hundreds of TBs' scale of mail storage. Running across such poor performance with such relatively small loads disqualified the DB-based mail products very very quickly, for ME, anyway. If you want to run your own tests, my suggestion is to start with Postgres, put as much RAM into your DB machine as you can afford, and maybe populate your DB machine exclusively with SSDs. =R= From tss at iki.fi Tue Nov 13 01:02:26 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 13 Nov 2012 01:02:26 +0200 Subject: [Dovecot] mbox vs. maildir storage block waste In-Reply-To: <50A17BC6.5070100@r.paypc.com> References: <1351544049.3435.47.camel@fermat.scientia.net> <9D29C5F7-A6BC-4D74-AAA9-14675035D09C@iki.fi> <1351545330.3435.66.camel@fermat.scientia.net> <22F4E090-F572-40F4-8B69-D48E48856815@iki.fi> <1351547682.3435.76.camel@fermat.scientia.net> <A15D492A-72F5-44F9-9167-6E1AE8CC9647@iki.fi> <1351556165.3435.88.camel@fermat.scientia.net> <9C95F27A-0D85-4CD4-8172-9829BC026A14@iki.fi> <1352420557.5071.54.camel@fermat.scientia.net> <509C6243.9040002@r.paypc.com> <1352683581.12282.11.camel@fermat.scientia.net> <50A17BC6.5070100@r.paypc.com> Message-ID: <85E7498A-1E79-4C7A-8DDA-8ED3D841A0DF@iki.fi> On 13.11.2012, at 0.44, Robin wrote: > On 11/11/2012 5:26 PM, Christoph Anton Mitterer wrote: >> Have you made systematic tests? I.e. compared times for all of these >> with those from the different dovecot backends. > > The choice of Dovecot backends made no substantial difference. I used maildir, sdbox, and mdbox. I also added SiS (with mdbox). Initial tests were on local multi-spindle RAID5 storage, With local disks the tests often measure only the local RAM/CPU speed, unless you're testing thousands of users. > but to handicap Dovecot, I pushed it over NFS (also Linux 3.2 on a local GigE segment). It wasn't slow enough to make dbmail competitive, even though you have to start turning off performance optimisation features in Dovecot to avoid NFS bugs. NFS makes a better test case if you're measuring single user performance. Much of it is probably due to the index file access latency, although not all. In some cases Dovecot's prefetching mails can help (maildir, sdbox backends with local disks currently, nothing preventing it from working in other use cases though, even with Dovecot-SQL backend). >> I guess you?ve "only" tried dbmail? > > I did try Manitou, but the lack of a proper IMAP service for it made extensive "like for like" testing very difficult. Manitou is still in the very early days, alas. It also relies on the SQL DB's underlying authentication systems which is rather ... alarming. It performs quite a bit better than dbmail, but still it's not close to Dovecot. At the time I tested it, only custom-rolled clients could talk to it, i.e., no imap4/pop3 "gateways" to it. Manitou seems to advertise itself as being email client .. although then also seems to say SQL is faster than IMAP (which doesn't make much sense itself). > I think I was most alarmed to see that the widely assumed benefits of putting mail on a SQL DB, i.e., fast searching/sorting, didn't actually happen in reality. SQL has nothing that makes any type of email access even potentially efficient. SQL indexes are mostly about binary trees, and there are about zero things in IMAP where I have thought of binary tree being even potentially useful. (Okay, potentially for expunging old mails when you have >1M mails in one folder. Not something you normally optimize for.) With most of Dovecot's optimized lookups, latency is the most important thing. SQL is bad for latency. With remote systems it's usually much faster to just download 1 MB blob and parse it than fetch a couple of 100 byte blocks. > As others have mentioned, I also shudder to think of backup/restore issues, especially on a single user level. The mechanisms of backing up and restoring maildirs and even mdboxes, i.e., simple files, are not only well understood, the failure modes are generally fully recoverable. SQL-DB file blobs, especially with MySQL, remind me too much of the "PST Hell" that Exchange administrators face. But maybe that's just my ignorance talking. I'd think everyone would use the human-readable SQL dumps for database backups. At least with MySQL/PostgreSQL I wouldn't really trust anything else. From tss at iki.fi Tue Nov 13 01:09:44 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 13 Nov 2012 01:09:44 +0200 Subject: [Dovecot] mbox vs. maildir storage block waste In-Reply-To: <85E7498A-1E79-4C7A-8DDA-8ED3D841A0DF@iki.fi> References: <1351544049.3435.47.camel@fermat.scientia.net> <9D29C5F7-A6BC-4D74-AAA9-14675035D09C@iki.fi> <1351545330.3435.66.camel@fermat.scientia.net> <22F4E090-F572-40F4-8B69-D48E48856815@iki.fi> <1351547682.3435.76.camel@fermat.scientia.net> <A15D492A-72F5-44F9-9167-6E1AE8CC9647@iki.fi> <1351556165.3435.88.camel@fermat.scientia.net> <9C95F27A-0D85-4CD4-8172-9829BC026A14@iki.fi> <1352420557.5071.54.camel@fermat.scientia.net> <509C6243.9040002@r.paypc.com> <1352683581.12282.11.camel@fermat.scientia.net> <50A17BC6.5070100@r.paypc.com> <85E7498A-1E79-4C7A-8DDA-8ED3D841A0DF@iki.fi> Message-ID: <8445ED76-AF63-417D-95B3-CFF03E2090AF@iki.fi> Uh.. On 13.11.2012, at 1.02, Timo Sirainen wrote: > On 13.11.2012, at 0.44, Robin wrote: > >> On 11/11/2012 5:26 PM, Christoph Anton Mitterer wrote: >>> Have you made systematic tests? I.e. compared times for all of these >>> with those from the different dovecot backends. >> >> The choice of Dovecot backends made no substantial difference. I used maildir, sdbox, and mdbox. I also added SiS (with mdbox). Initial tests were on local multi-spindle RAID5 storage, > > With local disks the tests often measure only the local RAM/CPU speed, unless you're testing thousands of users. ..measuring disk I/O most importantly. >> but to handicap Dovecot, I pushed it over NFS (also Linux 3.2 on a local GigE segment). It wasn't slow enough to make dbmail competitive, even though you have to start turning off performance optimisation features in Dovecot to avoid NFS bugs. > > NFS makes a better test case if you're measuring single user performance. Much of it is probably due to the index file access latency, although not all. In some cases Dovecot's prefetching mails can help (maildir, sdbox backends with local disks currently, nothing preventing it from working in other use cases though, even with Dovecot-SQL backend). Prefetching is done only with mail_prefetch_count setting. Someone in blog.dovecot.org mentioned that it was bad for performance with local disk+maildir. Linux apparently doesn't do this with NFS. It would of course be possible to just have the prefetching create a new thread/process to download the mail locally and read it (similar to what the object storage plugin does). From symbiat at gmail.com Tue Nov 13 07:09:37 2012 From: symbiat at gmail.com (Ajai Khattri) Date: Tue, 13 Nov 2012 00:09:37 -0500 Subject: [Dovecot] Dovecot newbie (migrating from qmail) Message-ID: <CA+7x2W-yQ-XvjNardvhvwS_T+y+jbCVvwM=Gn=xsRbcgypf4JA@mail.gmail.com> Ive been using qmail+vpopmail+courier-imap for many years but its time to retire that server so I thought this might be an opportunity to see how I could use Postfix and Dovecot to provide the same services. Im running Dovecot 2.1.9 and Postfix 2.9.4. I have spent a few days reading through some of the docs on the wiki (there's doesn't seem to be any large overview of Dovecot concepts or books so bear with me). Im thinking something simple like passwd-file setup would suffice for me. I want to use completely virtual users. Id like to store mail under /home/vmail/$domain/$user. I think Ive figured out how to do that. But how do I create the maildir? I understand the need to have a mail directory but also a directory for things like sieve - how to specify that? Im thinking the structure would be something like: /home/vmail/$domain/$user/mail <-- mail stored here /home/vmail/$domain/$user/ <-- sieve and other sundry store here Or should the sieve stuff also be under its own folder alongside the maildir? Is it possible to have a separate passwd file per domain? It is possible to combine password and userdb files into one per domain? (I prefer to keep all files related to each domain in its own folder). Also would like to configure Postfix to use dovecot-sasl and I want to use dovecot-lmtp for deliveries. Any good docs / example on those? Later on, I think I want to integrate some kind of virus and spam filtering (amavisd and maybe dspam - anybody used those? would I configure Postfix to handle that or dovecot-lmtp?) Im sure Ill have more questions as I get more complicated but baby steps for now. -- Aj. From alessio at skye.it Tue Nov 13 09:04:47 2012 From: alessio at skye.it (Alessio Cecchi) Date: Tue, 13 Nov 2012 08:04:47 +0100 Subject: [Dovecot] Dovecot newbie (migrating from qmail) In-Reply-To: <CA+7x2W-yQ-XvjNardvhvwS_T+y+jbCVvwM=Gn=xsRbcgypf4JA@mail.gmail.com> References: <CA+7x2W-yQ-XvjNardvhvwS_T+y+jbCVvwM=Gn=xsRbcgypf4JA@mail.gmail.com> Message-ID: <50A1F10F.9090204@skye.it> Il 13/11/2012 06:09, Ajai Khattri ha scritto: > Ive been using qmail+vpopmail+courier-imap for many years but its time to > retire that server so I thought this might be an opportunity to see how I > could use Postfix and Dovecot to provide the same services. Im running > Dovecot 2.1.9 and Postfix 2.9.4. > > I have spent a few days reading through some of the docs on the wiki > (there's doesn't seem to be any large overview of Dovecot concepts or books > so bear with me). > > Im thinking something simple like passwd-file setup would suffice for me. I > want to use completely virtual users. > > Id like to store mail under /home/vmail/$domain/$user. I think Ive figured > out how to do that. But how do I create the maildir? Maildir/ will automatically created when the first email arrives or during the first user login. It would be better if you create the folder during the creation of the users. > > I understand the need to have a mail directory but also a directory for > things like sieve - how to specify that? > > Im thinking the structure would be something like: > /home/vmail/$domain/$user/mail <-- mail stored here Yes, better (by convention) if named Maildir/ > /home/vmail/$domain/$user/ <-- sieve and other sundry store here > Or should the sieve stuff also be under its own folder alongside the > maildir? Inside Maildir/ named sieve/ or always without tarting with a dot > > Is it possible to have a separate passwd file per domain? It is possible to > combine password and userdb files into one per domain? (I prefer to keep > all files related to each domain in its own folder). Yes, passdb { driver = passwd-file # Each domain has a separate passwd-file: args = /etc/auth/%d/passwd } Yes: http://wiki2.dovecot.org/AuthDatabase/PasswdFile > > Also would like to configure Postfix to use dovecot-sasl and I want to use > dovecot-lmtp for deliveries. Any good docs / example on those? For SASL http://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL Ciao -- Alessio Cecchi is: @ ILS -> http://www.linux.it/~alessice/ on LinkedIn -> http://www.linkedin.com/in/alessice Assistenza Sistemi GNU/Linux -> http://www.cecchi.biz/ @ PLUG -> ex-Presidente, adesso senatore a vita, http://www.prato.linux.it From janfrode at tanso.net Tue Nov 13 11:17:44 2012 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Tue, 13 Nov 2012 10:17:44 +0100 Subject: [Dovecot] Commercial features in Dovecot future: Object storage, archive In-Reply-To: <85966921-0276-4B80-8F7B-37B5B9558FFC@iki.fi> References: <85966921-0276-4B80-8F7B-37B5B9558FFC@iki.fi> Message-ID: <CAHwPatiW7OCV-WAa=n_-pEm59kU_6Hj+eKJuMx_zQpW0sCRYmg@mail.gmail.com> On Mon, Nov 12, 2012 at 12:33 PM, Timo Sirainen <tss at iki.fi> wrote: > Hi all, > > Dovecot Oy?s web pages at www.dovecot.fi have been updated. The products page lists two features that will be available for commercial licensing, extending the functionality of the basic open-source version of Dovecot. > > * Storing emails to (high-latency) object storage, initially supporting Amazon S3, Caringo CAStor and Scality. > > * Email archive storage. > > See http://www.dovecot.fi/products/index.html for details. 404 file not found, but it was not too difficult to guess where you meant. I'm not too interested in the extended functionality, but the extra tested, bugfix-only/mainly Enterprise Release sounds very interesting. That page isn't quite clear on if the enterprise release is meant to be free or not "(Some features may require license fees)". Could you please clarify? Is it available already? We're starting to be long overdue for an overhaul of our installation (currently on v2.0.14 + some fixes), so we need to do something soon... -jf From mfi at tf.uni-kiel.de Tue Nov 13 11:18:26 2012 From: mfi at tf.uni-kiel.de (Michael Firnau) Date: Tue, 13 Nov 2012 10:18:26 +0100 Subject: [Dovecot] dovecot lost mail! Cause? In-Reply-To: <k7qge4$g5r$1@ger.gmane.org> References: <k7qedh$kg$1@ger.gmane.org> <alpine.DEB.1.10.1211121018330.10160@pc-2m63a.inf.fh-bonn-rhein-sieg.de> <k7qge4$g5r$1@ger.gmane.org> Message-ID: <20121113091826.GS36787@fanty-a.tf.uni-kiel.de> On Mon, Nov 12, 2012 at 01:44:37AM -0800, Lukas Haase wrote: > Hi, > > On 11/12/2012 1:19 AM, Steffen Kaiser wrote: > > On Mon, 12 Nov 2012, Lukas Haase wrote: > > > >> Nov 12 07:28:21 mail dovecot: deliver(user2): sieve: > >> msgid=<8644593.887351352701685934.JavaMail.orbitz>: stored mail into > >> mailbox 'INBOX' > > > > are there any other log lines of user2? > > Anfortunately not :-( Grepped everything, and I would have posted otherwise. > > My hope is that the dovecot.index.cache may provide some insights (I > made a backup copy of it). Hi, yesterday i had a user missing mail and he had the junk-filter in thunderbird activated. The mail was automagically moved from the inbox to the spam folder. From the header i see you use thunderbird, so it's a shot in the dark ... Regards, Mike From marco.gatti at gmail.com Tue Nov 13 12:35:04 2012 From: marco.gatti at gmail.com (Marco Gatti) Date: Tue, 13 Nov 2012 11:35:04 +0100 Subject: [Dovecot] multiple users to same e-mail account with ldap authentication Message-ID: <CA+-Sp6nBFStLsLvxXz4uybAksN8scY=9SqF+RkbEz_v385Bh8w@mail.gmail.com> Hi, I was looking for a particular case of dovecot configuration I cannot find anywhere. Is there a way dovecot can authenticate via ldap different windows 2008 AD users that have access to the same e-mail account (like user authorization in ms exchange)? For example I want to extend AD schema to let users have 10 email accounts (with multiple domain support). If they are private accounts I think there is no problem at all. But if I want two or more users to access the same mail account what happens? Can I do it with dovecot? Or should I create AD groups and add members to that, to let user access the same mail account? Cheers -- Marco From CMarcus at Media-Brokers.com Tue Nov 13 13:14:20 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Tue, 13 Nov 2012 06:14:20 -0500 Subject: [Dovecot] dovecot lost mail! Cause? In-Reply-To: <20121113091826.GS36787@fanty-a.tf.uni-kiel.de> References: <k7qedh$kg$1@ger.gmane.org> <alpine.DEB.1.10.1211121018330.10160@pc-2m63a.inf.fh-bonn-rhein-sieg.de> <k7qge4$g5r$1@ger.gmane.org> <20121113091826.GS36787@fanty-a.tf.uni-kiel.de> Message-ID: <50A22B8C.7020409@Media-Brokers.com> On 2012-11-13 4:18 AM, Michael Firnau <mfi at tf.uni-kiel.de> wrote: > yesterday i had a user missing mail and he had the junk-filter > in thunderbird activated. The mail was automagically moved from > the inbox to the spam folder. From the header i see you use thunderbird, > so it's a shot in the dark ... I have a user that uses filters, and occasionally will shoot himself in the foot trying to be a little bit too smart trying to catch junk (his definition of junk is just anything that he doesn't want), and he calls me occasionally to come figure out why his filter is catching all of his good mail (usually a typo)... So, check for any filters too... -- Best regards, Charles From rs at sys4.de Tue Nov 13 13:32:38 2012 From: rs at sys4.de (Robert Schetterer) Date: Tue, 13 Nov 2012 12:32:38 +0100 Subject: [Dovecot] Commercial features in Dovecot future: Object storage, archive In-Reply-To: <CAHwPatiW7OCV-WAa=n_-pEm59kU_6Hj+eKJuMx_zQpW0sCRYmg@mail.gmail.com> References: <85966921-0276-4B80-8F7B-37B5B9558FFC@iki.fi> <CAHwPatiW7OCV-WAa=n_-pEm59kU_6Hj+eKJuMx_zQpW0sCRYmg@mail.gmail.com> Message-ID: <50A22FD6.2040501@sys4.de> Am 13.11.2012 10:17, schrieb Jan-Frode Myklebust: >> See http://www.dovecot.fi/products/index.html for details. > 404 file not found, but it was not too difficult to guess where you meant. no problem here Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From h.reindl at thelounge.net Tue Nov 13 13:38:05 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Tue, 13 Nov 2012 12:38:05 +0100 Subject: [Dovecot] Commercial features in Dovecot future: Object storage, archive In-Reply-To: <50A22FD6.2040501@sys4.de> References: <85966921-0276-4B80-8F7B-37B5B9558FFC@iki.fi> <CAHwPatiW7OCV-WAa=n_-pEm59kU_6Hj+eKJuMx_zQpW0sCRYmg@mail.gmail.com> <50A22FD6.2040501@sys4.de> Message-ID: <50A2311D.7060308@thelounge.net> Am 13.11.2012 12:32, schrieb Robert Schetterer: > Am 13.11.2012 10:17, schrieb Jan-Frode Myklebust: >>> See http://www.dovecot.fi/products/index.html for details. >> 404 file not found, but it was not too difficult to guess where you meant. > > no problem here having a shiny laout does not mean that you do not see a error page since it is one httpd-config-line read the page title <title>Whoops! Page Not Found | The world's most popular IMAP server! read the response-headers: HTTP/1.1 404 Not Found Date: Tue, 13 Nov 2012 11:36:40 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3 scroll down: Whoops! Page Not Found Don't fret, you didn't do anything wrong. It appears that the page you are looking for does not exist or has been moved elsewhere. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 259 bytes Desc: OpenPGP digital signature URL: From rs at sys4.de Tue Nov 13 13:40:29 2012 From: rs at sys4.de (Robert Schetterer) Date: Tue, 13 Nov 2012 12:40:29 +0100 Subject: [Dovecot] multiple users to same e-mail account with ldap authentication In-Reply-To: References: Message-ID: <50A231AD.6050308@sys4.de> Am 13.11.2012 11:35, schrieb Marco Gatti: > Hi, I was looking for a particular case of dovecot configuration I > cannot find anywhere. > Is there a way dovecot can authenticate via ldap different windows > 2008 AD users that have access to the same e-mail account (like user > authorization in ms exchange)? > For example I want to extend AD schema to let users have 10 email > accounts (with multiple domain support). If they are private accounts > I think there is no problem at all. But if I want two or more users to > access the same mail account what happens? Can I do it with dovecot? > Or should I create AD groups and add members to that, to let user > access the same mail account? > Cheers > there may more ways to goal this, for short looking one, way is described here http://wiki2.dovecot.org/HowTo/ActiveDirectoryNtlm using ldap might be better look i.e http://blog.al-shami.net/2008/05/freebsd-postfix-dovecot-and-active-directory/ http://www.howtoforge.com/postfix-dovecot-authentication-against-active-directory-on-centos-5.x for ideas Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From rs at sys4.de Tue Nov 13 13:43:14 2012 From: rs at sys4.de (Robert Schetterer) Date: Tue, 13 Nov 2012 12:43:14 +0100 Subject: [Dovecot] Commercial features in Dovecot future: Object storage, archive In-Reply-To: <50A2311D.7060308@thelounge.net> References: <85966921-0276-4B80-8F7B-37B5B9558FFC@iki.fi> <50A22FD6.2040501@sys4.de> <50A2311D.7060308@thelounge.net> Message-ID: <50A23252.1010603@sys4.de> Am 13.11.2012 12:38, schrieb Reindl Harald: > read the page title > Whoops! Page Not Found | ok , i see youre right, i am rare looking in tab text Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From tss at iki.fi Tue Nov 13 14:27:48 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 13 Nov 2012 14:27:48 +0200 Subject: [Dovecot] Commercial features in Dovecot future: Object storage, archive In-Reply-To: <CAHwPatiW7OCV-WAa=n_-pEm59kU_6Hj+eKJuMx_zQpW0sCRYmg@mail.gmail.com> References: <85966921-0276-4B80-8F7B-37B5B9558FFC@iki.fi> <CAHwPatiW7OCV-WAa=n_-pEm59kU_6Hj+eKJuMx_zQpW0sCRYmg@mail.gmail.com> Message-ID: <A2F46699-9091-4B6C-95F6-05EB8B3A0782@iki.fi> On 13.11.2012, at 11.17, Jan-Frode Myklebust wrote: > On Mon, Nov 12, 2012 at 12:33 PM, Timo Sirainen <tss at iki.fi> wrote: >> Hi all, >> >> Dovecot Oy?s web pages at www.dovecot.fi have been updated. The products page lists two features that will be available for commercial licensing, extending the functionality of the basic open-source version of Dovecot. >> >> * Storing emails to (high-latency) object storage, initially supporting Amazon S3, Caringo CAStor and Scality. >> >> * Email archive storage. >> >> See http://www.dovecot.fi/products/index.html for details. > > 404 file not found, but it was not too difficult to guess where you meant. It worked when I wrote the email, but broke since then :) > I'm not too interested in the extended functionality, but the extra > tested, bugfix-only/mainly Enterprise Release sounds very interesting. > That page isn't quite clear on if the enterprise release is meant to > be free or not "(Some features may require license fees)". Could you > please clarify? Is it available already? It's currently available if you buy a support contract. (RPMs and source tarball, DEBs should come in somewhat near future.) From andreas.schulze at datev.de Tue Nov 13 15:09:53 2012 From: andreas.schulze at datev.de (Andreas Schulze) Date: Tue, 13 Nov 2012 14:09:53 +0100 Subject: [Dovecot] older gcc don't know --as-needed Message-ID: <20121113130953.GA22714@spider.services.datevnet.de> Hi, I have to build dovecot-2.1.10 for SuSE SLES9. /bin/sh ../../libtool --tag=CC --mode=link gcc -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -no-undefined -Wl,--as-needed -o test-lib test_lib-test-lib.o test_lib-test-array.o test_lib-test-aqueue.o test_lib-test-base64.o test_lib-test-bsearch-insert-pos.o test_lib-test-buffer.o test_lib-test-crc32.o test_lib-test-hash-format.o test_lib-test-hex-binary.o test_lib-test-istream-base64-encoder.o test_lib-test-istream-concat.o test_lib-test-istream-crlf.o test_lib-test-istream-seekable.o test_lib-test-istream-tee.o test_lib-test-llist.o test_lib-test-mempool-alloconly.o test_lib-test-network.o test_lib-test-ostream-file.o test_lib-test-primes.o test_lib-test-priorityq.o test_lib-test-seq-range-array.o test_lib-test-strescape.o test_lib-test-strfuncs.o test_lib-test-str-find.o test_lib-test-str-sanitize.o test_lib-test-time-util.o test_lib-test-utc-mktime.o test_lib-test-var-expand.o ../lib-test/libtest.la liblib.la -lrt libtool: link: gcc -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wl,--as-needed -o test-lib test_lib-test-lib.o test_lib-test-array.o test_lib-test-aqueue.o test_lib-test-base64.o test_lib-test-bsearch-insert-pos.o test_lib-test-buffer.o test_lib-test-crc32.o test_lib-test-hash-format.o test_lib-test-hex-binary.o test_lib-test-istream-base64-encoder.o test_lib-test-istream-concat.o test_lib-test-istream-crlf.o test_lib-test-istream-seekable.o test_lib-test-istream-tee.o test_lib-test-llist.o test_lib-test-mempool-alloconly.o test_lib-test-network.o test_lib-test-ostream-file.o test_lib-test-primes.o test_lib-test-priorityq.o test_lib-test-seq-range-array.o test_lib-test-strescape.o test_lib-test-strfuncs.o test_lib-test-str-find.o test_lib-test-str-sanitize.o test_lib-test-time-util.o test_lib-test-utc-mktime.o test_lib-test-var-expand.o ../lib-test/.libs/libtest.a ./.libs/liblib.a -lrt /usr/lib/gcc-lib/i586-suse-linux/3.3.3/../../../../i586-suse-linux/bin/ld: unrecognized option '--as-needed' /usr/lib/gcc-lib/i586-suse-linux/3.3.3/../../../../i586-suse-linux/bin/ld: use the --help option for usage information gcc version is 3.3.3 Is there a special option to disable ithe ld option or do I have to apply a special patch? Are there other suggestions? Thanks -- Andreas Schulze Internetdienste | P252 DATEV eG 90329 N?rnberg | Telefon +49 911 319-0 | Telefax +49 911 319-3196 E-Mail info @datev.de | Internet www.datev.de Sitz: 90429 N?rnberg, Paumgartnerstr. 6-14 | Registergericht N?rnberg, GenReg Nr.70 Vorstand Prof. Dieter Kempf (Vorsitzender) Dipl.-Kfm. Wolfgang Stegmann (stellvertretender Vorsitzender) Dipl.-Kfm. Michael Leistenschneider Dipl.-Kfm. Dr. Robert Mayr J?rg Rabe v. Pappenheim Dipl.-Vw. Eckhard Schwarzer Vorsitzender des Aufsichtsrates: Reinhard Verholen From amateo at um.es Tue Nov 13 15:22:50 2012 From: amateo at um.es (Angel L. Mateo) Date: Tue, 13 Nov 2012 14:22:50 +0100 Subject: [Dovecot] Problem importing messages with lazy_expunged configured Message-ID: <50A249AA.9000704@um.es> Hello, I have a problem importing messages since I have configured lazy_expunge. My lazy_expunge configuration (that is correctly working when a message is expunged) is: plugin { lazy_expunge = BORRADOS. } namespace { hidden = yes list = no location = maildir:~/Maildir/expunged prefix = BORRADOS. separator = . } but when I try to import messages I get: amateo_adm at myotis31:~$ sudo doveadm -vD import -u angel.luis maildir:/tmp/angel.luis '' mailbox INBOX doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/lib02_lazy_expunge_plugin.so doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/lib10_quota_plugin.so doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/lib20_zlib_plugin.so doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules/doveadm doveadm(root): Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_acl_plugin.so: undefined symbol: acl_user_module (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_deinit (this is usually intentional, so just ignore this message) doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_quota_plugin.so doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_zlib_plugin.so doveadm(root): Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_backend_rescan (this is usually intentional, so just ignore this message) doveadm(root): Debug: Effective uid=0, gid=0, home=/home/amateo_adm doveadm(root): Debug: Quota root: name=User quota backend=dict args=:file:/home/amateo_adm/Maildir/dovecot.quota doveadm(root): Debug: Quota rule: root=User quota mailbox=* bytes=10737418240 messages=0 doveadm(root): Debug: Quota rule: root=User quota mailbox=Trash bytes=+1073741824 messages=0 doveadm(root): Debug: dict quota: user=doveadm, uri=file:/home/amateo_adm/Maildir/dovecot.quota, noenforcing=0 doveadm(root): Debug: maildir++: root=/tmp/angel.luis, index=, control=, inbox=/tmp/angel.luis, alt= doveadm(root): Fatal: lazy_expunge: Unknown namespace: 'BORRADOS.' in /tmp/<user> I don't have any "expunged" folder, it is just a maildir. In order to use it I have to deactivate this plugin in the running command with something like "sudo doveadm -vD -o mail_plugins='quota zlib' import -u <user> maildir:/tmp/<user> '' mailbox INBOX". Any idea? -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n y las Comunicaciones Aplicadas (ATICA) http://www.um.es/atica Tfo: 868889150 Fax: 868888337 -------------- next part -------------- # 2.1.9: /etc/dovecot/dovecot.conf # OS: Linux 3.2.19um1 x86_64 Ubuntu 12.04.1 LTS auth_cache_size = 20 M auth_cache_ttl = 1 days auth_master_user_separator = * auth_verbose = yes default_process_limit = 1024 disable_plaintext_auth = no log_timestamp = %Y-%m-%d %H:%M:%S login_trusted_networks = 155.54.211.176/28 mail_location = maildir:~/Maildir:INDEX=/var/indexes/%n mail_plugins = quota zlib lazy_expunge mail_privileged_group = mail maildir_very_dirty_syncs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave imapflags mdbox_rotate_size = 20 M namespace { inbox = yes location = prefix = separator = . } namespace { hidden = yes list = no location = maildir:~/Maildir/expunged prefix = BORRADOS. separator = . } passdb { args = /etc/dovecot/master-users driver = passwd-file master = yes pass = yes } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } passdb { args = session=yes cache_key=%n dovecot driver = pam } plugin { lazy_expunge = BORRADOS. quota = dict:User quota::file:%h/Maildir/dovecot.quota quota_rule = *:storage=10G quota_rule2 = Trash:storage=+1G sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = +imapflags sieve_max_redirects = 15 zlib_save = gz zlib_save_level = 6 } postmaster_address = postmaster at um.es protocols = imap pop3 lmtp sieve service anvil { client_limit = 3075 } service auth { client_limit = 4096 unix_listener auth-userdb { mode = 0666 } } service doveadm { inet_listener { port = 24245 } } service imap { process_limit = 5120 process_min_avail = 6 vsz_limit = 512 M } service ipc { unix_listener ipc { user = dovecot } } service lmtp { inet_listener lmtp { port = 24 } process_min_avail = 10 vsz_limit = 512 M } service pop3 { process_min_avail = 6 } ssl = no ssl_cert = </etc/ssl/certs/dovecot.pem ssl_key = </etc/ssl/private/dovecot.pem userdb { driver = prefetch } userdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } protocol lda { mail_plugins = quota zlib lazy_expunge sieve } protocol imap { mail_plugins = quota zlib lazy_expunge imap_quota } protocol lmtp { mail_plugins = quota zlib lazy_expunge sieve } protocol pop3 { pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, in=%i, out=%o } local 155.54.211.160/27/27 { doveadm_password = <password> } From marco.gatti at gmail.com Tue Nov 13 15:56:46 2012 From: marco.gatti at gmail.com (Marco Gatti) Date: Tue, 13 Nov 2012 14:56:46 +0100 Subject: [Dovecot] multiple users to same e-mail account with ldap authentication In-Reply-To: <50A231AD.6050308@sys4.de> References: <CA+-Sp6nBFStLsLvxXz4uybAksN8scY=9SqF+RkbEz_v385Bh8w@mail.gmail.com> <50A231AD.6050308@sys4.de> Message-ID: <CA+-Sp6mRy_p=_g+uRKa+-BUgNC3acFoGafzH5kQduQCPsyA_VA@mail.gmail.com> 2012/11/13 Robert Schetterer <rs at sys4.de>: > Am 13.11.2012 11:35, schrieb Marco Gatti: >> Hi, I was looking for a particular case of dovecot configuration I >> cannot find anywhere. >> Is there a way dovecot can authenticate via ldap different windows >> 2008 AD users that have access to the same e-mail account (like user >> authorization in ms exchange)? >> For example I want to extend AD schema to let users have 10 email >> accounts (with multiple domain support). If they are private accounts >> I think there is no problem at all. But if I want two or more users to >> access the same mail account what happens? Can I do it with dovecot? >> Or should I create AD groups and add members to that, to let user >> access the same mail account? >> Cheers >> > > there may more ways to goal this, for short looking one, way is > described here > > http://wiki2.dovecot.org/HowTo/ActiveDirectoryNtlm > > using ldap might be better > > look i.e > > http://blog.al-shami.net/2008/05/freebsd-postfix-dovecot-and-active-directory/ > http://www.howtoforge.com/postfix-dovecot-authentication-against-active-directory-on-centos-5.x > > > for ideas > > Best Regards > MfG Robert Schetterer > > -- > [*] sys4 AG > > http://sys4.de, +49 (89) 30 90 46 64 > Franziskanerstra?e 15, 81669 M?nchen > > Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 > Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer > Aufsichtsratsvorsitzender: Joerg Heidrich Thank you Robert for the quick reply. I'm aware of the links you sent me, however they don't give me a clue if what I was asking may me done. I'll try to give more details. I have to build a multiple domain mail server with the use of windows AD authentication. I've managed to add some extra filed in the AD schema like this: mail1: account1 at example1.com box1: /example1.com/account1/ enabled1: TRUE quota1: 1000000 mail2: account2 at example2.com box2: /example2.com/account2/ enabled2: TRUE quota2: 1000000 There could be 10 or 50 of them for each AD user. If I use NTLM or PAM authentication (after joining the AD) I have to use AD usernames to login with dovecot and I don't know how then to deal with different email addresses configured per user. If I use LDAP lookup I have to use the email address as username but then if different AD users have to access the same email account how dovecot can manage it??? For example the LDAP configuration for user and password lookup may be something like this: user_attrs = sAMAccountName=mail=maildir:/var/mail/%d/%n,=uid=102,=gid=10050 user_filter = (&(objectClass=person)(|(&(mail1=%u)(enabled1=TRUE)) (&(mail2=%u)(enabled2=TRUE)))) pass_attrs = userPassword=password pass_filter = (&(objectClass=person)(|(&(mail1=%u)(enabled1=TRUE)) (&(mail2=%u)(enabled2=TRUE)))) I think I may be missing something important in how dovecot works, but cannot find any documentation about it. Regards -- Marco From ott at mirix.org Tue Nov 13 16:10:34 2012 From: ott at mirix.org (Matthias-Christian Ott) Date: Tue, 13 Nov 2012 15:10:34 +0100 Subject: [Dovecot] v2.1 memory usage In-Reply-To: <974F70A7-6A21-42C0-B7D4-43CAC3D5D9CB@iki.fi> References: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> <1352151633.13571.116.camel@hurina> <1352157757.13571.121.camel@hurina> <50992C33.8030505@wildgooses.com> <5A7F7F7A-9CEB-4A20-B03C-99EE81351114@iki.fi> <50A04CAE.5040608@amfes.com> <50A04EFA.1080202@thelounge.net> <assp.1663a3b60b.f55349df7c455907404f9b76b8a6809e@amfes.com> <974F70A7-6A21-42C0-B7D4-43CAC3D5D9CB@iki.fi> Message-ID: <50A254DA.6040901@mirix.org> On 2012-11-12 20:44, Timo Sirainen wrote: > On 12.11.2012, at 6.13, Daniel L. Miller wrote: >> The tiny bit of Googling I've done tells me GnuTLS >> seems to be a more standards-compliant implementation, and MAY be >> "safer" than OpenSSL. However, as OpenSSL is the de-facto standard used >> by most Linux programs, acceptance of GnuTLS is quite limited. I've been >> intrigued by what I've read about it, and took a quick look at enabling >> support in Dovecot for GnuTLS directly - but while it didn't seem overly >> heavy at first glance the fact that Timo doesn't want to do it tells me >> I'm underestimating the complexity. > > I already once wrote GnuTLS support for Dovecot, but GnuTLS changed its APIs since then and it was probably originally already buggy. I think the only somewhat "special" APIs that Dovecot needs nowadays are related to reading cert/keys from memory instead of from files. If GnuTLS can do that, I don't think there's anything special in supporting it. Although it might be a bit complex to make it work properly asynchronously. istream-openssl was a bit annoying in that way (all the data read from the fd must be parsed and decoded all the way through to the SSL istream, regardless of any max buffer limits). A while ago, I started working on GnuTLS support for Dovecot. While I didn't finish the implementation due to time constraints (the "abstract" API of lib-ssl-iostream is made for OpenSSL and you have to emulate some things), I think it would be possible to add GnuTLS support and with GnuTLS it would be possible to load X.509 certificates from memory. Regards, Matthias-Christian From tibby at tibby.hu Tue Nov 13 16:44:26 2012 From: tibby at tibby.hu (tibby at tibby.hu) Date: Tue, 13 Nov 2012 15:44:26 +0100 Subject: [Dovecot] IPhone wont delete IMAP messages from dovecot mailbox Message-ID: <3d72996f8a91b2a663c0713fbe0e3697@tibby.hu> Hello! I've got dovecot running with postfix. Have virtual users under vmail folder. When I connect with outlook, I can read, delete messages. When I sign on with webmail, also can delete messages, Mutt is working as well on the mail server, can delete messages. Once the message is deleted it moves to the trash. Works as it supposed to. But on Iphone, when I add a mail user, got the mailbox synced with IMAP I can see the INBOX, but when I delete a message, get this error: "Unable to Move Message The message could not be moved to the mailbox Trash." http://www.netchimp.co.uk/webdesign/wp-content/uploads/2011/12/iphone_unable_to_move_message.png What causing this problem? Please Help. From symbiat at gmail.com Tue Nov 13 16:52:46 2012 From: symbiat at gmail.com (Ajai Khattri) Date: Tue, 13 Nov 2012 09:52:46 -0500 Subject: [Dovecot] Dovecot newbie (migrating from qmail) In-Reply-To: <50A1F10F.9090204@skye.it> References: <CA+7x2W-yQ-XvjNardvhvwS_T+y+jbCVvwM=Gn=xsRbcgypf4JA@mail.gmail.com> <50A1F10F.9090204@skye.it> Message-ID: <50A25EBE.7000605@gmail.com> On 11/13/12 2:04 AM, Alessio Cecchi wrote: > Yes, better (by convention) if named Maildir/ Incidently, Im only using maildir because Im familiar with it and it scales well. How does it compare against mdbox? Does Dovecot have its own mailbox format? -- Aj. From ben at morrow.me.uk Tue Nov 13 16:57:34 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Tue, 13 Nov 2012 14:57:34 +0000 Subject: [Dovecot] sieve-extprograms strips Return-Path headers Message-ID: <20121113145732.GB40206@anubis.morrow.me.uk> The sieve-extprograms extension strips Return-Path headers before passing mail off to the external program. The patch to remove this behavious is trivial (and attached), but since it appears to be deliberate I felt I should investigate further. I believe this is basically a cut-and-paste error. The code to strip Return-Path has been there since the sieve-pipe plugin for Dovecot 1.x, and I believe it was copied from the equivalent code in the 'redirect' action for passing mail off to sendmail(8). In that case, stripping Return-Path is correct, since the message is being resubmitted for delivery (by SMTP or otherwise), and the last step of the new delivery will (should) add a new Return-Path header with the new envelope information. In the case of sieve-extprograms, though, the filtering is happening post-delivery, so a stripped Return-Path will never be replaced. Ben -------------- next part -------------- A non-text attachment was scrubbed... Name: return-path.patch Type: text/x-diff Size: 1012 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121113/5433942f/attachment-0004.bin> From rs at sys4.de Tue Nov 13 17:15:15 2012 From: rs at sys4.de (Robert Schetterer) Date: Tue, 13 Nov 2012 16:15:15 +0100 Subject: [Dovecot] multiple users to same e-mail account with ldap authentication In-Reply-To: <CA+-Sp6mRy_p=_g+uRKa+-BUgNC3acFoGafzH5kQduQCPsyA_VA@mail.gmail.com> References: <CA+-Sp6nBFStLsLvxXz4uybAksN8scY=9SqF+RkbEz_v385Bh8w@mail.gmail.com> <50A231AD.6050308@sys4.de> <CA+-Sp6mRy_p=_g+uRKa+-BUgNC3acFoGafzH5kQduQCPsyA_VA@mail.gmail.com> Message-ID: <50A26403.3020200@sys4.de> Am 13.11.2012 14:56, schrieb Marco Gatti: > 2012/11/13 Robert Schetterer <rs at sys4.de>: >> Am 13.11.2012 11:35, schrieb Marco Gatti: >>> Hi, I was looking for a particular case of dovecot configuration I >>> cannot find anywhere. >>> Is there a way dovecot can authenticate via ldap different windows >>> 2008 AD users that have access to the same e-mail account (like user >>> authorization in ms exchange)? >>> For example I want to extend AD schema to let users have 10 email >>> accounts (with multiple domain support). If they are private accounts >>> I think there is no problem at all. But if I want two or more users to >>> access the same mail account what happens? Can I do it with dovecot? >>> Or should I create AD groups and add members to that, to let user >>> access the same mail account? >>> Cheers >>> >> >> there may more ways to goal this, for short looking one, way is >> described here >> >> http://wiki2.dovecot.org/HowTo/ActiveDirectoryNtlm >> >> using ldap might be better >> >> look i.e >> >> http://blog.al-shami.net/2008/05/freebsd-postfix-dovecot-and-active-directory/ >> http://www.howtoforge.com/postfix-dovecot-authentication-against-active-directory-on-centos-5.x >> >> >> for ideas >> >> Best Regards >> MfG Robert Schetterer >> >> -- >> [*] sys4 AG >> >> http://sys4.de, +49 (89) 30 90 46 64 >> Franziskanerstra?e 15, 81669 M?nchen >> >> Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 >> Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer >> Aufsichtsratsvorsitzender: Joerg Heidrich > > > Thank you Robert for the quick reply. > I'm aware of the links you sent me, however they don't give me a clue > if what I was asking may me done. > I'll try to give more details. > I have to build a multiple domain mail server with the use of windows > AD authentication. > I've managed to add some extra filed in the AD schema like this: > > mail1: account1 at example1.com > box1: /example1.com/account1/ > enabled1: TRUE > quota1: 1000000 > > mail2: account2 at example2.com > box2: /example2.com/account2/ > enabled2: TRUE > quota2: 1000000 > > There could be 10 or 50 of them for each AD user. > If I use NTLM or PAM authentication (after joining the AD) I have to > use AD usernames to login with dovecot and I don't know how then to > deal with different email addresses configured per user. > If I use LDAP lookup I have to use the email address as username but > then if different AD users have to access the same email account how > dovecot can manage it??? > For example the LDAP configuration for user and password lookup may be > something like this: > > user_attrs = sAMAccountName=mail=maildir:/var/mail/%d/%n,=uid=102,=gid=10050 > user_filter = (&(objectClass=person)(|(&(mail1=%u)(enabled1=TRUE)) > (&(mail2=%u)(enabled2=TRUE)))) > pass_attrs = userPassword=password > pass_filter = (&(objectClass=person)(|(&(mail1=%u)(enabled1=TRUE)) > (&(mail2=%u)(enabled2=TRUE)))) > > I think I may be missing something important in how dovecot works, but > cannot find any documentation about it. > Regards > hm thats complex, however i would not recommand trying change exchange/active dir schemas however the only reason i can think of for what you want is using dovecot as proxy? so what about this ? http://wiki2.dovecot.org/HowTo/ImapcProxy http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy http://wiki2.dovecot.org/Director Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From wgillespie+dovecot at es2eng.com Tue Nov 13 17:21:40 2012 From: wgillespie+dovecot at es2eng.com (Willie Gillespie) Date: Tue, 13 Nov 2012 08:21:40 -0700 Subject: [Dovecot] IPhone wont delete IMAP messages from dovecot mailbox In-Reply-To: <3d72996f8a91b2a663c0713fbe0e3697@tibby.hu> References: <3d72996f8a91b2a663c0713fbe0e3697@tibby.hu> Message-ID: <50A26584.7030908@es2eng.com> On 11/13/2012 07:44 AM, tibby at tibby.hu wrote: > But on Iphone, when I add a mail user, got the mailbox synced with IMAP > I can see the INBOX, but when I delete a message, get this error: > "Unable to Move Message The message could not be moved to the mailbox > Trash." Do you have a mailbox named Trash? Do the other clients move the message to Trash as well? From tom at whyscream.net Tue Nov 13 17:30:04 2012 From: tom at whyscream.net (Tom Hendrikx) Date: Tue, 13 Nov 2012 16:30:04 +0100 Subject: [Dovecot] IPhone wont delete IMAP messages from dovecot mailbox In-Reply-To: <50A26584.7030908@es2eng.com> References: <3d72996f8a91b2a663c0713fbe0e3697@tibby.hu> <50A26584.7030908@es2eng.com> Message-ID: <50A2677C.4060808@whyscream.net> On 11/13/12 4:21 PM, Willie Gillespie wrote: > On 11/13/2012 07:44 AM, tibby at tibby.hu wrote: >> But on Iphone, when I add a mail user, got the mailbox synced with IMAP >> I can see the INBOX, but when I delete a message, get this error: >> "Unable to Move Message The message could not be moved to the mailbox >> Trash." > > Do you have a mailbox named Trash? Do the other clients move the > message to Trash as well? In stead of sending us the message from the iPhone, tell us what dovecot puts in its logfile when you try this. -- Tom From tibby at tibby.hu Tue Nov 13 18:09:19 2012 From: tibby at tibby.hu (tibby at tibby.hu) Date: Tue, 13 Nov 2012 17:09:19 +0100 Subject: [Dovecot] IPhone wont delete IMAP messages from dovecot mailbox In-Reply-To: <50A2677C.4060808@whyscream.net> References: <3d72996f8a91b2a663c0713fbe0e3697@tibby.hu> <50A26584.7030908@es2eng.com> <50A2677C.4060808@whyscream.net> Message-ID: <f970ca8ed9317a52dc814c9c977f6740@tibby.hu> On 2012-11-13 16:30, Tom Hendrikx wrote: > On 11/13/12 4:21 PM, Willie Gillespie wrote: >> On 11/13/2012 07:44 AM, tibby at tibby.hu wrote: >>> But on Iphone, when I add a mail user, got the mailbox synced with >>> IMAP >>> I can see the INBOX, but when I delete a message, get this error: >>> "Unable to Move Message The message could not be moved to the >>> mailbox >>> Trash." >> >> Do you have a mailbox named Trash? Do the other clients move the >> message to Trash as well? > > In stead of sending us the message from the iPhone, tell us what > dovecot > puts in its logfile when you try this. > > -- > Tom This is the output of ls inside of the maildir: # ll total 120K 4.0K drwx------ 10 vmail 4.0K Nov 13 17:06 . 4.0K drwx------ 3 vmail 4.0K Nov 12 18:38 .. 4.0K drwx------ 2 vmail 4.0K Nov 13 16:58 cur 4.0K drwx------ 5 vmail 4.0K Nov 13 15:49 .Deleted Messages 4.0K -rw------- 1 vmail 736 Nov 13 16:53 dovecot.index 28K -rw------- 1 vmail 27K Nov 13 16:58 dovecot.index.cache 24K -rw------- 1 vmail 17K Nov 13 16:59 dovecot.index.log 4.0K -rw------- 1 vmail 180 Nov 13 16:53 dovecot.index.thread 4.0K -rw------- 1 vmail 25 Nov 12 23:26 dovecot-keywords 4.0K -rw------- 1 vmail 48 Nov 13 16:58 dovecot-quota 4.0K -rw------- 1 vmail 468 Nov 13 16:37 dovecot-uidlist 4.0K -rw------- 1 vmail 8 Nov 13 15:47 dovecot-uidvalidity 0 -rw------- 1 vmail 0 Nov 10 12:57 dovecot-uidvalidity.509e4145 4.0K drwx------ 5 vmail 4.0K Nov 13 15:44 .Drafts 4.0K drwx------ 2 vmail 4.0K Nov 13 16:53 new 4.0K drwx------ 5 vmail 4.0K Nov 13 15:47 .Notes 4.0K drwx------ 5 vmail 4.0K Nov 13 17:02 .Sent 4.0K -rw------- 1 vmail 41 Nov 13 15:47 subscriptions 4.0K drwx------ 2 vmail 4.0K Nov 13 16:37 tmp 4.0K drwx------ 5 vmail 4.0K Nov 13 17:02 .Trash The log Doesnt shows anything regarding the error on the phone. From tibby at tibby.hu Tue Nov 13 18:20:47 2012 From: tibby at tibby.hu (tibby at tibby.hu) Date: Tue, 13 Nov 2012 17:20:47 +0100 Subject: [Dovecot] IPhone wont delete IMAP messages from dovecot mailbox In-Reply-To: <f970ca8ed9317a52dc814c9c977f6740@tibby.hu> References: <3d72996f8a91b2a663c0713fbe0e3697@tibby.hu> <50A26584.7030908@es2eng.com> <50A2677C.4060808@whyscream.net> <f970ca8ed9317a52dc814c9c977f6740@tibby.hu> Message-ID: <27c6781ea65c978ef8b57dd7a54b8ac5@tibby.hu> On 2012-11-13 17:09, tibby at tibby.hu wrote: > On 2012-11-13 16:30, Tom Hendrikx wrote: >> On 11/13/12 4:21 PM, Willie Gillespie wrote: >>> On 11/13/2012 07:44 AM, tibby at tibby.hu wrote: >>>> But on Iphone, when I add a mail user, got the mailbox synced with >>>> IMAP >>>> I can see the INBOX, but when I delete a message, get this error: >>>> "Unable to Move Message The message could not be moved to the >>>> mailbox >>>> Trash." >>> >>> Do you have a mailbox named Trash? Do the other clients move the >>> message to Trash as well? >> >> In stead of sending us the message from the iPhone, tell us what >> dovecot >> puts in its logfile when you try this. >> >> -- >> Tom > > This is the output of ls inside of the maildir: > > # ll > total 120K > 4.0K drwx------ 10 vmail 4.0K Nov 13 17:06 . > 4.0K drwx------ 3 vmail 4.0K Nov 12 18:38 .. > 4.0K drwx------ 2 vmail 4.0K Nov 13 16:58 cur > 4.0K drwx------ 5 vmail 4.0K Nov 13 15:49 .Deleted Messages > 4.0K -rw------- 1 vmail 736 Nov 13 16:53 dovecot.index > 28K -rw------- 1 vmail 27K Nov 13 16:58 dovecot.index.cache > 24K -rw------- 1 vmail 17K Nov 13 16:59 dovecot.index.log > 4.0K -rw------- 1 vmail 180 Nov 13 16:53 dovecot.index.thread > 4.0K -rw------- 1 vmail 25 Nov 12 23:26 dovecot-keywords > 4.0K -rw------- 1 vmail 48 Nov 13 16:58 dovecot-quota > 4.0K -rw------- 1 vmail 468 Nov 13 16:37 dovecot-uidlist > 4.0K -rw------- 1 vmail 8 Nov 13 15:47 dovecot-uidvalidity > 0 -rw------- 1 vmail 0 Nov 10 12:57 > dovecot-uidvalidity.509e4145 > 4.0K drwx------ 5 vmail 4.0K Nov 13 15:44 .Drafts > 4.0K drwx------ 2 vmail 4.0K Nov 13 16:53 new > 4.0K drwx------ 5 vmail 4.0K Nov 13 15:47 .Notes > 4.0K drwx------ 5 vmail 4.0K Nov 13 17:02 .Sent > 4.0K -rw------- 1 vmail 41 Nov 13 15:47 subscriptions > 4.0K drwx------ 2 vmail 4.0K Nov 13 16:37 tmp > 4.0K drwx------ 5 vmail 4.0K Nov 13 17:02 .Trash > > The log Doesnt shows anything regarding the error on the phone. I have got dovecot logging in Debug mode. The only problems I see: autocreate: No namespace found for Trash autocreate: No namespace found for Spam autocreate: No namespace found for Sent autocreate: No namespace found for Trash autocreate: No namespace found for Spam autocreate: No namespace found for Sent in the config file I have: plugin { autocreate = Trash autocreate2 = Spam autocreate3 = Sent autosubscribe = Trash autosubscribe2 = Spam autosubscribe3 = Sent } Something is wrong here... From symbiat at gmail.com Tue Nov 13 18:28:05 2012 From: symbiat at gmail.com (Ajai Khattri) Date: Tue, 13 Nov 2012 11:28:05 -0500 Subject: [Dovecot] Dovecot newbie (migrating from qmail) In-Reply-To: <50A1F10F.9090204@skye.it> References: <CA+7x2W-yQ-XvjNardvhvwS_T+y+jbCVvwM=Gn=xsRbcgypf4JA@mail.gmail.com> <50A1F10F.9090204@skye.it> Message-ID: <CA+7x2W_cSQobKxEPARvvBpEr0S+R4RTthkc6A_NKUbctzW4Hig@mail.gmail.com> On Tue, Nov 13, 2012 at 2:04 AM, Alessio Cecchi <alessio at skye.it> wrote: > Maildir/ will automatically created when the first email arrives or during > the first user login. It would be better if you create the folder during > the creation of the users. Does Dovecot provide a utility to create maildirs? -- Aj. From alessio at skye.it Tue Nov 13 18:30:45 2012 From: alessio at skye.it (Alessio Cecchi) Date: Tue, 13 Nov 2012 17:30:45 +0100 Subject: [Dovecot] Dovecot newbie (migrating from qmail) In-Reply-To: <CA+7x2W_cSQobKxEPARvvBpEr0S+R4RTthkc6A_NKUbctzW4Hig@mail.gmail.com> References: <CA+7x2W-yQ-XvjNardvhvwS_T+y+jbCVvwM=Gn=xsRbcgypf4JA@mail.gmail.com> <50A1F10F.9090204@skye.it> <CA+7x2W_cSQobKxEPARvvBpEr0S+R4RTthkc6A_NKUbctzW4Hig@mail.gmail.com> Message-ID: <50A275B5.3030503@skye.it> Il 13/11/2012 17:28, Ajai Khattri ha scritto: > On Tue, Nov 13, 2012 at 2:04 AM, Alessio Cecchi <alessio at skye.it> wrote: > > >> Maildir/ will automatically created when the first email arrives or during >> the first user login. It would be better if you create the folder during >> the creation of the users. > > Does Dovecot provide a utility to create maildirs? > Yes, "maildirmake" -- Alessio Cecchi is: @ ILS -> http://www.linux.it/~alessice/ on LinkedIn -> http://www.linkedin.com/in/alessice Assistenza Sistemi GNU/Linux -> http://www.cecchi.biz/ @ PLUG -> ex-Presidente, adesso senatore a vita, http://www.prato.linux.it From ben at morrow.me.uk Tue Nov 13 19:51:50 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Tue, 13 Nov 2012 17:51:50 +0000 Subject: [Dovecot] multiple users to same e-mail account with ldap authentication In-Reply-To: <CA+-Sp6mRy_p=_g+uRKa+-BUgNC3acFoGafzH5kQduQCPsyA_VA@mail.gmail.com> References: <CA+-Sp6nBFStLsLvxXz4uybAksN8scY=9SqF+RkbEz_v385Bh8w@mail.gmail.com> <50A231AD.6050308@sys4.de> <CA+-Sp6mRy_p=_g+uRKa+-BUgNC3acFoGafzH5kQduQCPsyA_VA@mail.gmail.com> Message-ID: <20121113175149.GA94077@anubis.morrow.me.uk> At 2PM +0100 on 13/11/12 you (Marco Gatti) wrote: > 2012/11/13 Robert Schetterer <rs at sys4.de>: > > Am 13.11.2012 11:35, schrieb Marco Gatti: > >> Hi, I was looking for a particular case of dovecot configuration I > >> cannot find anywhere. > >> Is there a way dovecot can authenticate via ldap different windows > >> 2008 AD users that have access to the same e-mail account (like user > >> authorization in ms exchange)? > >> For example I want to extend AD schema to let users have 10 email > >> accounts (with multiple domain support). If they are private accounts > >> I think there is no problem at all. But if I want two or more users to > >> access the same mail account what happens? Can I do it with dovecot? > >> Or should I create AD groups and add members to that, to let user > >> access the same mail account? <snip> > I'll try to give more details. > I have to build a multiple domain mail server with the use of windows > AD authentication. > I've managed to add some extra filed in the AD schema like this: > > mail1: account1 at example1.com > box1: /example1.com/account1/ > enabled1: TRUE > quota1: 1000000 > > mail2: account2 at example2.com > box2: /example2.com/account2/ > enabled2: TRUE > quota2: 1000000 This isn't a good schema to use for this. The mail1, mail2 &c attributes represent the same property of different addresses, so they should be the same attribute on different objects. I don't know much about AD's LDAP server, is it straightforward to create brand new objectclasses? If I were doing this in an ordinary LDAP server I might create a class of objects which looked like mailboxAddr: account1 at example1.com mailboxLocation: /example1/account1 mailboxEnabled: TRUE mailboxQuota: 1000000 with mailboxAddr as the RDN, and then give each user a multi-valued mailbox attribute with the addresses that user has access to. > There could be 10 or 50 of them for each AD user. > If I use NTLM or PAM authentication (after joining the AD) I have to > use AD usernames to login with dovecot and I don't know how then to > deal with different email addresses configured per user. > If I use LDAP lookup I have to use the email address as username but > then if different AD users have to access the same email account how > dovecot can manage it??? If you want the user to be able to log in and see just one address at a time you have to have the user tell dovecot which user and which address they want when they log in. Since (usually) the only fields you have are 'user' and 'password', they will need to stuff both components into the user field somehow; perhaps by logging on with a user name of user at domain.ad!account1 at example.com You would then need (probably) to write a checkpassword userdb script to split this into username and account name, verify the user is authorized for the account, look up the mailbox location using the account name, and pass the username back to be checked against the password. So, it could be done, but it would be messy and users would get it wrong all the time. Alternatively, you could have the user log in with their ordinary AD account name, and then present them with *all* the email accounts they have access to, as separate (trees of) folders. You can do this with a post-login script which sets up a namespace for each account: see the example at the bottom of http://wiki2.dovecot.org/PostLoginScripting for something vaguely similar. You would need to use Net::LDAP (or some equivalent in some other language) to look up the user's accounts in the AD, and then create the relevant environment variables. (I'm not sure what to do about INBOX in a setup like this: I don't think you're allowed to *not* have an INBOX. Probably each user should have one 'canonical' private account, which contains their IMAP INBOX. If you didn't want to do this I expect you could set up a default namespace which is read-only, with just an empty INBOX in it.) If you want to try this, and you're having trouble getting the scripting right, I'd be happy to help you through it if you can post enough information about the LDAP schema you eventually decide on. Ben From wgillespie+dovecot at es2eng.com Tue Nov 13 19:59:22 2012 From: wgillespie+dovecot at es2eng.com (Willie Gillespie) Date: Tue, 13 Nov 2012 10:59:22 -0700 Subject: [Dovecot] multiple users to same e-mail account with ldap authentication In-Reply-To: <CA+-Sp6nBFStLsLvxXz4uybAksN8scY=9SqF+RkbEz_v385Bh8w@mail.gmail.com> References: <CA+-Sp6nBFStLsLvxXz4uybAksN8scY=9SqF+RkbEz_v385Bh8w@mail.gmail.com> Message-ID: <50A28A7A.90105@es2eng.com> On 11/13/2012 03:35 AM, Marco Gatti wrote: > Is there a way dovecot can authenticate via ldap different windows > 2008 AD users that have access to the same e-mail account (like user > authorization in ms exchange)? Symlinks on the Dovecot maildirs? You'd have to read up on the caveats of that: http://wiki.dovecot.org/SharedMailboxes/Symlinks From user+dovecot at localhost.localdomain.org Tue Nov 13 20:26:17 2012 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Tue, 13 Nov 2012 19:26:17 +0100 Subject: [Dovecot] Dovecot newbie (migrating from qmail) In-Reply-To: <CA+7x2W_cSQobKxEPARvvBpEr0S+R4RTthkc6A_NKUbctzW4Hig@mail.gmail.com> References: <CA+7x2W-yQ-XvjNardvhvwS_T+y+jbCVvwM=Gn=xsRbcgypf4JA@mail.gmail.com> <50A1F10F.9090204@skye.it> <CA+7x2W_cSQobKxEPARvvBpEr0S+R4RTthkc6A_NKUbctzW4Hig@mail.gmail.com> Message-ID: <50A290C9.9010809@localhost.localdomain.org> On 11/13/2012 05:28 PM Ajai Khattri wrote: > > Does Dovecot provide a utility to create maildirs? http://wiki2.dovecot.org/Tools/Doveadm/Mailbox#command_mailbox_create doveadm <http://wiki2.dovecot.org/Tools/Doveadm> will be your friend. Regards, Pascal -- The trapper recommends today: deadbeef.1231819 at localdomain.org From marco.gatti at gmail.com Wed Nov 14 10:55:59 2012 From: marco.gatti at gmail.com (Marco Gatti) Date: Wed, 14 Nov 2012 09:55:59 +0100 Subject: [Dovecot] multiple users to same e-mail account with ldap authentication In-Reply-To: <50A26403.3020200@sys4.de> References: <CA+-Sp6nBFStLsLvxXz4uybAksN8scY=9SqF+RkbEz_v385Bh8w@mail.gmail.com> <50A231AD.6050308@sys4.de> <CA+-Sp6mRy_p=_g+uRKa+-BUgNC3acFoGafzH5kQduQCPsyA_VA@mail.gmail.com> <50A26403.3020200@sys4.de> Message-ID: <CA+-Sp6nvGgbg5JbpZwOxm9=e+w8NfoJg06ujf6P0Lnb7SAWj-g@mail.gmail.com> 2012/11/13 Robert Schetterer <rs at sys4.de>: > Am 13.11.2012 14:56, schrieb Marco Gatti: >> 2012/11/13 Robert Schetterer <rs at sys4.de>: >>> Am 13.11.2012 11:35, schrieb Marco Gatti: >>>> Hi, I was looking for a particular case of dovecot configuration I >>>> cannot find anywhere. >>>> Is there a way dovecot can authenticate via ldap different windows >>>> 2008 AD users that have access to the same e-mail account (like user >>>> authorization in ms exchange)? >>>> For example I want to extend AD schema to let users have 10 email >>>> accounts (with multiple domain support). If they are private accounts >>>> I think there is no problem at all. But if I want two or more users to >>>> access the same mail account what happens? Can I do it with dovecot? >>>> Or should I create AD groups and add members to that, to let user >>>> access the same mail account? >>>> Cheers >>>> >>> >>> there may more ways to goal this, for short looking one, way is >>> described here >>> >>> http://wiki2.dovecot.org/HowTo/ActiveDirectoryNtlm >>> >>> using ldap might be better >>> >>> look i.e >>> >>> http://blog.al-shami.net/2008/05/freebsd-postfix-dovecot-and-active-directory/ >>> http://www.howtoforge.com/postfix-dovecot-authentication-against-active-directory-on-centos-5.x >>> >>> >>> for ideas >>> >>> Best Regards >>> MfG Robert Schetterer >>> >>> -- >>> [*] sys4 AG >>> >>> http://sys4.de, +49 (89) 30 90 46 64 >>> Franziskanerstra?e 15, 81669 M?nchen >>> >>> Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 >>> Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer >>> Aufsichtsratsvorsitzender: Joerg Heidrich >> >> >> Thank you Robert for the quick reply. >> I'm aware of the links you sent me, however they don't give me a clue >> if what I was asking may me done. >> I'll try to give more details. >> I have to build a multiple domain mail server with the use of windows >> AD authentication. >> I've managed to add some extra filed in the AD schema like this: >> >> mail1: account1 at example1.com >> box1: /example1.com/account1/ >> enabled1: TRUE >> quota1: 1000000 >> >> mail2: account2 at example2.com >> box2: /example2.com/account2/ >> enabled2: TRUE >> quota2: 1000000 >> >> There could be 10 or 50 of them for each AD user. >> If I use NTLM or PAM authentication (after joining the AD) I have to >> use AD usernames to login with dovecot and I don't know how then to >> deal with different email addresses configured per user. >> If I use LDAP lookup I have to use the email address as username but >> then if different AD users have to access the same email account how >> dovecot can manage it??? >> For example the LDAP configuration for user and password lookup may be >> something like this: >> >> user_attrs = sAMAccountName=mail=maildir:/var/mail/%d/%n,=uid=102,=gid=10050 >> user_filter = (&(objectClass=person)(|(&(mail1=%u)(enabled1=TRUE)) >> (&(mail2=%u)(enabled2=TRUE)))) >> pass_attrs = userPassword=password >> pass_filter = (&(objectClass=person)(|(&(mail1=%u)(enabled1=TRUE)) >> (&(mail2=%u)(enabled2=TRUE)))) >> >> I think I may be missing something important in how dovecot works, but >> cannot find any documentation about it. >> Regards >> > > hm thats complex, however i would not > recommand trying change exchange/active dir schemas > however the only reason i can think of for what you want is using > dovecot as proxy? > > so what about this ? > > http://wiki2.dovecot.org/HowTo/ImapcProxy > http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy > http://wiki2.dovecot.org/Director Hmm I don't know honestly. I'll give it a try. -- Marco From marco.gatti at gmail.com Wed Nov 14 11:07:47 2012 From: marco.gatti at gmail.com (Marco Gatti) Date: Wed, 14 Nov 2012 10:07:47 +0100 Subject: [Dovecot] multiple users to same e-mail account with ldap authentication In-Reply-To: <20121113175149.GA94077@anubis.morrow.me.uk> References: <CA+-Sp6nBFStLsLvxXz4uybAksN8scY=9SqF+RkbEz_v385Bh8w@mail.gmail.com> <50A231AD.6050308@sys4.de> <CA+-Sp6mRy_p=_g+uRKa+-BUgNC3acFoGafzH5kQduQCPsyA_VA@mail.gmail.com> <20121113175149.GA94077@anubis.morrow.me.uk> Message-ID: <CA+-Sp6nx+e=kB+TY-J2u0xYpRJUfdiSy+OdCcf4PGuuLHj1Jfg@mail.gmail.com> 2012/11/13 Ben Morrow <ben at morrow.me.uk>: > At 2PM +0100 on 13/11/12 you (Marco Gatti) wrote: >> 2012/11/13 Robert Schetterer <rs at sys4.de>: >> > Am 13.11.2012 11:35, schrieb Marco Gatti: >> >> Hi, I was looking for a particular case of dovecot configuration I >> >> cannot find anywhere. >> >> Is there a way dovecot can authenticate via ldap different windows >> >> 2008 AD users that have access to the same e-mail account (like user >> >> authorization in ms exchange)? >> >> For example I want to extend AD schema to let users have 10 email >> >> accounts (with multiple domain support). If they are private accounts >> >> I think there is no problem at all. But if I want two or more users to >> >> access the same mail account what happens? Can I do it with dovecot? >> >> Or should I create AD groups and add members to that, to let user >> >> access the same mail account? > <snip> >> I'll try to give more details. >> I have to build a multiple domain mail server with the use of windows >> AD authentication. >> I've managed to add some extra filed in the AD schema like this: >> >> mail1: account1 at example1.com >> box1: /example1.com/account1/ >> enabled1: TRUE >> quota1: 1000000 >> >> mail2: account2 at example2.com >> box2: /example2.com/account2/ >> enabled2: TRUE >> quota2: 1000000 > > This isn't a good schema to use for this. The mail1, mail2 &c attributes > represent the same property of different addresses, so they should be > the same attribute on different objects. > > I don't know much about AD's LDAP server, is it straightforward to > create brand new objectclasses? If I were doing this in an ordinary LDAP > server I might create a class of objects which looked like > > mailboxAddr: account1 at example1.com > mailboxLocation: /example1/account1 > mailboxEnabled: TRUE > mailboxQuota: 1000000 > > with mailboxAddr as the RDN, and then give each user a multi-valued > mailbox attribute with the addresses that user has access to. You mean multi-valued mailboxAddr, mailboxLocation, and so on? How can I extract a single one and be sure it's correct? >> There could be 10 or 50 of them for each AD user. >> If I use NTLM or PAM authentication (after joining the AD) I have to >> use AD usernames to login with dovecot and I don't know how then to >> deal with different email addresses configured per user. >> If I use LDAP lookup I have to use the email address as username but >> then if different AD users have to access the same email account how >> dovecot can manage it??? > > If you want the user to be able to log in and see just one address at a > time you have to have the user tell dovecot which user and which address > they want when they log in. Since (usually) the only fields you have are > 'user' and 'password', they will need to stuff both components into the > user field somehow; perhaps by logging on with a user name of > > user at domain.ad!account1 at example.com > > You would then need (probably) to write a checkpassword userdb script to > split this into username and account name, verify the user is authorized > for the account, look up the mailbox location using the account name, > and pass the username back to be checked against the password. So, it > could be done, but it would be messy and users would get it wrong all > the time. Since users don't configure mail clients on their own it could be a solution! > Alternatively, you could have the user log in with their ordinary AD > account name, and then present them with *all* the email accounts they > have access to, as separate (trees of) folders. You can do this with a > post-login script which sets up a namespace for each account: see the > example at the bottom of http://wiki2.dovecot.org/PostLoginScripting for > something vaguely similar. You would need to use Net::LDAP (or some > equivalent in some other language) to look up the user's accounts in the > AD, and then create the relevant environment variables. > > (I'm not sure what to do about INBOX in a setup like this: I don't think > you're allowed to *not* have an INBOX. Probably each user should have > one 'canonical' private account, which contains their IMAP INBOX. If you > didn't want to do this I expect you could set up a default namespace > which is read-only, with just an empty INBOX in it.) > > If you want to try this, and you're having trouble getting the scripting > right, I'd be happy to help you through it if you can post enough > information about the LDAP schema you eventually decide on. > > Ben > All accounts in a tree sounds bad since users won't clearly understand which is which. Thank you Ben! -- Marco From marco.gatti at gmail.com Wed Nov 14 11:15:28 2012 From: marco.gatti at gmail.com (Marco Gatti) Date: Wed, 14 Nov 2012 10:15:28 +0100 Subject: [Dovecot] multiple users to same e-mail account with ldap authentication In-Reply-To: <50A28A7A.90105@es2eng.com> References: <CA+-Sp6nBFStLsLvxXz4uybAksN8scY=9SqF+RkbEz_v385Bh8w@mail.gmail.com> <50A28A7A.90105@es2eng.com> Message-ID: <CA+-Sp6mU5keDKTpG0d89kfhjNzSuT_oS1xeZvDy-M7DXnRm3Cg@mail.gmail.com> 2012/11/13 Willie Gillespie <wgillespie+dovecot at es2eng.com>: > On 11/13/2012 03:35 AM, Marco Gatti wrote: >> >> Is there a way dovecot can authenticate via ldap different windows >> 2008 AD users that have access to the same e-mail account (like user >> authorization in ms exchange)? > > > Symlinks on the Dovecot maildirs? You'd have to read up on the caveats of > that: http://wiki.dovecot.org/SharedMailboxes/Symlinks I would like to keep the configuration of new accounts on the Windows AD only and not to deal with links every time. But the problem I have is at authentication time: avoiding the "matched multiple objects" or a general authentication failure. Cheers -- Marco From lukashaase at gmx.at Wed Nov 14 11:45:17 2012 From: lukashaase at gmx.at (Lukas Haase) Date: Wed, 14 Nov 2012 01:45:17 -0800 Subject: [Dovecot] dovecot lost mail! Cause? In-Reply-To: <20121113091826.GS36787@fanty-a.tf.uni-kiel.de> References: <k7qedh$kg$1@ger.gmane.org> <alpine.DEB.1.10.1211121018330.10160@pc-2m63a.inf.fh-bonn-rhein-sieg.de> <k7qge4$g5r$1@ger.gmane.org> <20121113091826.GS36787@fanty-a.tf.uni-kiel.de> Message-ID: <k7vp7c$e26$1@ger.gmane.org> On 11/13/2012 1:18 AM, Michael Firnau wrote: > On Mon, Nov 12, 2012 at 01:44:37AM -0800, Lukas Haase wrote: >> Hi, >> >> On 11/12/2012 1:19 AM, Steffen Kaiser wrote: >>> On Mon, 12 Nov 2012, Lukas Haase wrote: >>> >>>> Nov 12 07:28:21 mail dovecot: deliver(user2): sieve: >>>> msgid=<8644593.887351352701685934.JavaMail.orbitz>: stored mail into >>>> mailbox 'INBOX' >>> >>> are there any other log lines of user2? >> >> Anfortunately not :-( Grepped everything, and I would have posted otherwise. >> >> My hope is that the dovecot.index.cache may provide some insights (I >> made a backup copy of it). > > Hi, > > yesterday i had a user missing mail and he had the junk-filter > in thunderbird activated. The mail was automagically moved from > the inbox to the spam folder. From the header i see you use thunderbird, > so it's a shot in the dark ... Hmm, yes, but even in that case, the mail would have been moved to the Spam folder in the account (i.e., on the IMAP server) and I would have found it when grepping over anything. Thanks, Luke From burak4burak at msn.com Wed Nov 14 12:03:53 2012 From: burak4burak at msn.com (=?windows-1254?B?YnVyYWsgZ/xyZXI=?=) Date: Wed, 14 Nov 2012 12:03:53 +0200 Subject: [Dovecot] auth attempts errors Message-ID: <SNT002-W148D74260FC1A9246065436F1530@phx.gbl> i have install 2.1.1 and configured in dovecot log this error is coming every 20 seconds: dovecot: imap-login: Disconnected (no auth attempts in 0 secs): rip=**********, lip=**********, TLS handshaking: SSL_accept() syscall failed: Connection reset by peer and this error every 2 seconds: dovecot: imap-login: Disconnected (no auth attempts in 0 secs): rip=**********, lip=********** what can be the problem? thanks.. From r.zimmermann at siegnetz.de Wed Nov 14 12:29:16 2012 From: r.zimmermann at siegnetz.de (Ralf Zimmermann) Date: Wed, 14 Nov 2012 11:29:16 +0100 Subject: [Dovecot] Dovecot 2.1.10 Message-ID: <50A3727C.8040107@siegnetz.de> Hi all, I've a problem with dovecot-2.1.10. At time we use dovecot-1.2 without zlib. We setup a new server with dovecot 2.1.10. After syncing the emails everything looks fine. But if we use zlib plugin all new emails have no content. There are a lot of "Error: Maildir filename has wrong S value" log entrys. So we have compiled dovecot-2.0.18 and we use exactly the same configuration. Everything works. What can be our problem with version 2.1.10? Greets Ralf From rs at sys4.de Wed Nov 14 12:35:55 2012 From: rs at sys4.de (Robert Schetterer) Date: Wed, 14 Nov 2012 11:35:55 +0100 Subject: [Dovecot] Dovecot 2.1.10 In-Reply-To: <50A3727C.8040107@siegnetz.de> References: <50A3727C.8040107@siegnetz.de> Message-ID: <50A3740B.3030107@sys4.de> Am 14.11.2012 11:29, schrieb Ralf Zimmermann: > Hi all, > > I've a problem with dovecot-2.1.10. At time we use dovecot-1.2 without > zlib. We setup a new server with dovecot 2.1.10. After syncing the > emails everything looks fine. But if we use zlib plugin all new emails > have no content. > > There are a lot of "Error: Maildir filename has wrong S value" log entrys. > > So we have compiled dovecot-2.0.18 and we use exactly the same > configuration. Everything works. > > What can be our problem with version 2.1.10? > > Greets > > Ralf > how did you synced ? ? look list archives, this may happen at migration to 2.1 before this failure was ignored as far i remember there are scripts to fix broken mailboxes but i you do all brand new, you should try resync better Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From rs at sys4.de Wed Nov 14 12:37:29 2012 From: rs at sys4.de (Robert Schetterer) Date: Wed, 14 Nov 2012 11:37:29 +0100 Subject: [Dovecot] Dovecot 2.1.10 In-Reply-To: <50A3727C.8040107@siegnetz.de> References: <50A3727C.8040107@siegnetz.de> Message-ID: <50A37469.9070503@sys4.de> Am 14.11.2012 11:29, schrieb Ralf Zimmermann: > Maildir filename has wrong S value try set maildir_broken_filename_sizes=yes Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From CMarcus at Media-Brokers.com Wed Nov 14 13:34:39 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 14 Nov 2012 06:34:39 -0500 Subject: [Dovecot] auth attempts errors In-Reply-To: <SNT002-W148D74260FC1A9246065436F1530@phx.gbl> References: <SNT002-W148D74260FC1A9246065436F1530@phx.gbl> Message-ID: <50A381CF.6090209@Media-Brokers.com> On 2012-11-14 5:03 AM, burak g?rer <burak4burak at msn.com> wrote: > i have install 2.1.1 and configured Hopefully you meant 2.1.10? 2.1.1 is old/buggy... > in dovecot log this error is coming every 20 seconds: > > dovecot: imap-login: Disconnected (no auth attempts in 0 secs): rip=**********, lip=**********, TLS handshaking: SSL_accept() syscall failed: Connection reset by peer Looks like your SSL is broken... -- Best regards, Charles From alessio at skye.it Wed Nov 14 15:08:11 2012 From: alessio at skye.it (Alessio Cecchi) Date: Wed, 14 Nov 2012 14:08:11 +0100 Subject: [Dovecot] Dovecot 2.1.10 In-Reply-To: <50A3740B.3030107@sys4.de> References: <50A3727C.8040107@siegnetz.de> <50A3740B.3030107@sys4.de> Message-ID: <50A397BB.6060108@skye.it> Il 14/11/2012 11:35, Robert Schetterer ha scritto: > Am 14.11.2012 11:29, schrieb Ralf Zimmermann: >> Hi all, >> >> I've a problem with dovecot-2.1.10. At time we use dovecot-1.2 without >> zlib. We setup a new server with dovecot 2.1.10. After syncing the >> emails everything looks fine. But if we use zlib plugin all new emails >> have no content. >> >> There are a lot of "Error: Maildir filename has wrong S value" log entrys. >> >> So we have compiled dovecot-2.0.18 and we use exactly the same >> configuration. Everything works. >> >> What can be our problem with version 2.1.10? >> >> Greets >> >> Ralf >> > how did you synced ? ? > > look list archives, this may happen at migration to 2.1 > before this failure was ignored as far i remember > there are scripts to fix broken mailboxes > but i you do all brand new, you should try resync better Hi, with this command you can fix the problem of the wrong value doveadm fetch -u user at domains.com text all > /dev/null but I'm using dovecot 2.1.10 with zlib and, though I have those errors in the logs, users have no problem. Ciao -- Alessio Cecchi is: @ ILS -> http://www.linux.it/~alessice/ on LinkedIn -> http://www.linkedin.com/in/alessice Assistenza Sistemi GNU/Linux -> http://www.cecchi.biz/ @ PLUG -> ex-Presidente, adesso senatore a vita, http://www.prato.linux.it From hakon at alstadheim.priv.no Wed Nov 14 15:59:13 2012 From: hakon at alstadheim.priv.no (=?UTF-8?B?SMOla29uIEFsc3RhZGhlaW0=?=) Date: Wed, 14 Nov 2012 14:59:13 +0100 Subject: [Dovecot] IPhone wont delete IMAP messages from dovecot mailbox In-Reply-To: <3d72996f8a91b2a663c0713fbe0e3697@tibby.hu> References: <3d72996f8a91b2a663c0713fbe0e3697@tibby.hu> Message-ID: <50A3A3B1.9060406@alstadheim.priv.no> On 13. nov. 2012 15:44, tibby at tibby.hu wrote: > Hello! > I've got dovecot running with postfix. Have virtual users under vmail > folder. > When I connect with outlook, I can read, delete messages. > When I sign on with webmail, also can delete messages, > Mutt is working as well on the mail server, can delete messages. > > Once the message is deleted it moves to the trash. Works as it > supposed to. > > But on Iphone, when I add a mail user, got the mailbox synced with > IMAP I can see the INBOX, but when I delete a message, get this error: > "Unable to Move Message The message could not be moved to the mailbox > Trash." > > http://www.netchimp.co.uk/webdesign/wp-content/uploads/2011/12/iphone_unable_to_move_message.png > > > What causing this problem? > Please Help. > > I've seen this. Fixed it for my device by changing the settings on the Ipad, and then changing them back. Seems the local trash folder is not created automatically on iOS. From r.zimmermann at siegnetz.de Wed Nov 14 16:14:19 2012 From: r.zimmermann at siegnetz.de (Ralf Zimmermann) Date: Wed, 14 Nov 2012 15:14:19 +0100 Subject: [Dovecot] Dovecot 2.1.10 In-Reply-To: <50A3740B.3030107@sys4.de> References: <50A3727C.8040107@siegnetz.de> <50A3740B.3030107@sys4.de> Message-ID: <50A3A73B.2020406@siegnetz.de> We have synced the emails with imapsync. On 11/14/2012 11:35 AM, Robert Schetterer wrote: > Am 14.11.2012 11:29, schrieb Ralf Zimmermann: >> Hi all, >> >> I've a problem with dovecot-2.1.10. At time we use dovecot-1.2 without >> zlib. We setup a new server with dovecot 2.1.10. After syncing the >> emails everything looks fine. But if we use zlib plugin all new emails >> have no content. >> >> There are a lot of "Error: Maildir filename has wrong S value" log entrys. >> >> So we have compiled dovecot-2.0.18 and we use exactly the same >> configuration. Everything works. >> >> What can be our problem with version 2.1.10? >> >> Greets >> >> Ralf >> > > how did you synced ? ? > > look list archives, this may happen at migration to 2.1 > before this failure was ignored as far i remember > there are scripts to fix broken mailboxes > but i you do all brand new, you should try resync better > > Best Regards > MfG Robert Schetterer > Regards Ralf From tibby at tibby.hu Wed Nov 14 16:55:41 2012 From: tibby at tibby.hu (tibby at tibby.hu) Date: Wed, 14 Nov 2012 15:55:41 +0100 Subject: [Dovecot] IPhone wont delete IMAP messages from dovecot mailbox In-Reply-To: <50A3A3B1.9060406@alstadheim.priv.no> References: <3d72996f8a91b2a663c0713fbe0e3697@tibby.hu> <50A3A3B1.9060406@alstadheim.priv.no> Message-ID: <2e09cf570304a31295edf27f940ebf0d@tibby.hu> On 2012-11-14 14:59, H?kon Alstadheim wrote: > On 13. nov. 2012 15:44, tibby at tibby.hu wrote: >> Hello! >> I've got dovecot running with postfix. Have virtual users under >> vmail folder. >> When I connect with outlook, I can read, delete messages. >> When I sign on with webmail, also can delete messages, >> Mutt is working as well on the mail server, can delete messages. >> >> Once the message is deleted it moves to the trash. Works as it >> supposed to. >> >> But on Iphone, when I add a mail user, got the mailbox synced with >> IMAP I can see the INBOX, but when I delete a message, get this error: >> "Unable to Move Message The message could not be moved to the >> mailbox Trash." >> >> >> http://www.netchimp.co.uk/webdesign/wp-content/uploads/2011/12/iphone_unable_to_move_message.png >> >> >> What causing this problem? >> Please Help. >> >> > I've seen this. Fixed it for my device by changing the settings on > the Ipad, and then changing them back. Seems the local trash folder > is > not created automatically on iOS. But I dont want to use the IOS trash folder. I want the phone to use the trash on the mail server. From rs at sys4.de Wed Nov 14 17:08:29 2012 From: rs at sys4.de (Robert Schetterer) Date: Wed, 14 Nov 2012 16:08:29 +0100 Subject: [Dovecot] IPhone wont delete IMAP messages from dovecot mailbox In-Reply-To: <2e09cf570304a31295edf27f940ebf0d@tibby.hu> References: <3d72996f8a91b2a663c0713fbe0e3697@tibby.hu> <50A3A3B1.9060406@alstadheim.priv.no> <2e09cf570304a31295edf27f940ebf0d@tibby.hu> Message-ID: <50A3B3ED.4000902@sys4.de> Am 14.11.2012 15:55, schrieb tibby at tibby.hu: > On 2012-11-14 14:59, H?kon Alstadheim wrote: >> On 13. nov. 2012 15:44, tibby at tibby.hu wrote: >>> Hello! >>> I've got dovecot running with postfix. Have virtual users under vmail >>> folder. >>> When I connect with outlook, I can read, delete messages. >>> When I sign on with webmail, also can delete messages, >>> Mutt is working as well on the mail server, can delete messages. >>> >>> Once the message is deleted it moves to the trash. Works as it >>> supposed to. >>> >>> But on Iphone, when I add a mail user, got the mailbox synced with >>> IMAP I can see the INBOX, but when I delete a message, get this error: >>> "Unable to Move Message The message could not be moved to the mailbox >>> Trash." >>> >>> >>> http://www.netchimp.co.uk/webdesign/wp-content/uploads/2011/12/iphone_unable_to_move_message.png >>> >>> >>> >>> What causing this problem? >>> Please Help. >>> >>> >> I've seen this. Fixed it for my device by changing the settings on >> the Ipad, and then changing them back. Seems the local trash folder is >> not created automatically on iOS. > > But I dont want to use the IOS trash folder. I want the phone to use the > trash on the mail server. > looks like iphone is special ( why i dont wonder... ) http://support.ecenica.com/email/troubleshooting-draft-trash-folders-iphone/ some config may also conflict with "archive" settings on iphone, as ever ,behave may also different in different versions, at all ,nothing direct dovecot related , i am not up2date with apple stuff , isnt there a better imap mail client in there app store ? Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From tibby at tibby.hu Wed Nov 14 17:16:20 2012 From: tibby at tibby.hu (tibby at tibby.hu) Date: Wed, 14 Nov 2012 16:16:20 +0100 Subject: [Dovecot] IPhone wont delete IMAP messages from dovecot mailbox In-Reply-To: <50A3B3ED.4000902@sys4.de> References: <3d72996f8a91b2a663c0713fbe0e3697@tibby.hu> <50A3A3B1.9060406@alstadheim.priv.no> <2e09cf570304a31295edf27f940ebf0d@tibby.hu> <50A3B3ED.4000902@sys4.de> Message-ID: <01da87b3f4a99fc9682a577bbd966dd8@tibby.hu> On 2012-11-14 16:08, Robert Schetterer wrote: > Am 14.11.2012 15:55, schrieb tibby at tibby.hu: >> On 2012-11-14 14:59, H?kon Alstadheim wrote: >>> On 13. nov. 2012 15:44, tibby at tibby.hu wrote: >>>> Hello! >>>> I've got dovecot running with postfix. Have virtual users under >>>> vmail >>>> folder. >>>> When I connect with outlook, I can read, delete messages. >>>> When I sign on with webmail, also can delete messages, >>>> Mutt is working as well on the mail server, can delete messages. >>>> >>>> Once the message is deleted it moves to the trash. Works as it >>>> supposed to. >>>> >>>> But on Iphone, when I add a mail user, got the mailbox synced with >>>> IMAP I can see the INBOX, but when I delete a message, get this >>>> error: >>>> "Unable to Move Message The message could not be moved to the >>>> mailbox >>>> Trash." >>>> >>>> >>>> >>>> http://www.netchimp.co.uk/webdesign/wp-content/uploads/2011/12/iphone_unable_to_move_message.png >>>> >>>> >>>> >>>> What causing this problem? >>>> Please Help. >>>> >>>> >>> I've seen this. Fixed it for my device by changing the settings on >>> the Ipad, and then changing them back. Seems the local trash folder >>> is >>> not created automatically on iOS. >> >> But I dont want to use the IOS trash folder. I want the phone to use >> the >> trash on the mail server. >> > > looks like iphone is special ( why i dont wonder... ) > > > http://support.ecenica.com/email/troubleshooting-draft-trash-folders-iphone/ > > some config may also conflict with "archive" settings on iphone, > as ever ,behave may also different in different versions, > at all ,nothing direct dovecot related , i am not up2date with apple > stuff , isnt there a better imap mail client in there app store ? > > > Best Regards > MfG Robert Schetterer With the iPhone there is this guide. If I set imap prefix path to INBOX from / as it says, then works fine. What do I need to configure to get this working with / by default? I Think this would solve the problem. http://www.netchimp.co.uk/webdesign/iphone-ipad-macbook-mac/iphone-unable-to-move-message-to-trash-imap/ From h.reindl at thelounge.net Wed Nov 14 17:52:53 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Wed, 14 Nov 2012 16:52:53 +0100 Subject: [Dovecot] IPhone wont delete IMAP messages from dovecot mailbox In-Reply-To: <01da87b3f4a99fc9682a577bbd966dd8@tibby.hu> References: <3d72996f8a91b2a663c0713fbe0e3697@tibby.hu> <50A3A3B1.9060406@alstadheim.priv.no> <2e09cf570304a31295edf27f940ebf0d@tibby.hu> <50A3B3ED.4000902@sys4.de> <01da87b3f4a99fc9682a577bbd966dd8@tibby.hu> Message-ID: <50A3BE55.7020801@thelounge.net> Am 14.11.2012 16:16, schrieb tibby at tibby.hu: > With the iPhone there is this guide. > If I set imap prefix path to INBOX from / as it says, then works fine. > What do I need to configure to get this working with / by default? I Think this would solve the problem. > http://www.netchimp.co.uk/webdesign/iphone-ipad-macbook-mac/iphone-unable-to-move-message-to-trash-imap/ you simply need ACTIVLIY to configure ANY mail client using the same account, especially apple Apple Inc. is the only company which manages to have 5 sent folders over a few months because different devices and different software versions are naming them differently and the same for other special folders too and i you have more than one account go get a nex incarnation wit "special (accountname)" they are simply stoo stupid for using english words like "inbox", "sent", "trash" and DISPLAY it localized like thunderbird does since forever if you are using webmail and different clients / operating systems too you have to configure ANY client to the same folders and remove the additional created crap manually this is NOT a problem of the mailserver -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 261 bytes Desc: OpenPGP digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121114/b3a894e6/attachment-0004.bin> From ben at morrow.me.uk Wed Nov 14 19:47:26 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Wed, 14 Nov 2012 17:47:26 +0000 Subject: [Dovecot] multiple users to same e-mail account with ldap authentication In-Reply-To: <CA+-Sp6nx+e=kB+TY-J2u0xYpRJUfdiSy+OdCcf4PGuuLHj1Jfg@mail.gmail.com> References: <CA+-Sp6nBFStLsLvxXz4uybAksN8scY=9SqF+RkbEz_v385Bh8w@mail.gmail.com> <50A231AD.6050308@sys4.de> <CA+-Sp6mRy_p=_g+uRKa+-BUgNC3acFoGafzH5kQduQCPsyA_VA@mail.gmail.com> <20121113175149.GA94077@anubis.morrow.me.uk> <CA+-Sp6nx+e=kB+TY-J2u0xYpRJUfdiSy+OdCcf4PGuuLHj1Jfg@mail.gmail.com> Message-ID: <20121114174726.GC94077@anubis.morrow.me.uk> At 10AM +0100 on 14/11/12 you (Marco Gatti) wrote: > 2012/11/13 Ben Morrow <ben at morrow.me.uk>: > > At 2PM +0100 on 13/11/12 you (Marco Gatti) wrote: > > <snip> > >> I'll try to give more details. > >> I have to build a multiple domain mail server with the use of windows > >> AD authentication. > >> I've managed to add some extra filed in the AD schema like this: > >> > >> mail1: account1 at example1.com > >> box1: /example1.com/account1/ > >> enabled1: TRUE > >> quota1: 1000000 > >> > >> mail2: account2 at example2.com > >> box2: /example2.com/account2/ > >> enabled2: TRUE > >> quota2: 1000000 > > > > This isn't a good schema to use for this. The mail1, mail2 &c attributes > > represent the same property of different addresses, so they should be > > the same attribute on different objects. > > > > I don't know much about AD's LDAP server, is it straightforward to > > create brand new objectclasses? If I were doing this in an ordinary LDAP > > server I might create a class of objects which looked like > > > > mailboxAddr: account1 at example1.com > > mailboxLocation: /example1/account1 > > mailboxEnabled: TRUE > > mailboxQuota: 1000000 > > > > with mailboxAddr as the RDN, and then give each user a multi-valued > > mailbox attribute with the addresses that user has access to. > > You mean multi-valued mailboxAddr, mailboxLocation, and so on? How can > I extract a single one and be sure it's correct? No. I mean you want separate objects for the mail accounts, completely distinct from the user objects (under a different branch of the LDAP tree). Each 'mail account' object has one Addr, one Location and so on. Then, each user who should have access to one of these accounts has a multi-valued 'mailbox' attribute pointing to the mail accounts that user can see. Something like (I don't really know how AD schemas work...) dn: mailboxAddr=account1 at example.com,ou=Mailboxes,dc=example,dc=com mailboxAddr: account1 at example.com mailboxLocation: /example/account1 dn: mailboxAddr=account2 at example.com,ou=Mailboxes,dc=example,dc=com mailboxAddr: account2 at example.com mailboxLocation: /example/account2 dn: sAMAccountName=bob,ou=People,dc=example,dc=com sAMAccountName: bob mailbox: account1 at example.com mailbox: account2 at example.com dn: sAMAccountName=bill,ou=People,dc=example,dc=com sAMAccountName: bill mailbox: account2 at example.com If your 'mail account' attribute is sometimes called 'mail1' and sometimes called 'mail2' how do you expect to search for it? > >> There could be 10 or 50 of them for each AD user. > >> If I use NTLM or PAM authentication (after joining the AD) I have to > >> use AD usernames to login with dovecot and I don't know how then to > >> deal with different email addresses configured per user. > >> If I use LDAP lookup I have to use the email address as username but > >> then if different AD users have to access the same email account how > >> dovecot can manage it??? > > > > If you want the user to be able to log in and see just one address at a > > time you have to have the user tell dovecot which user and which address > > they want when they log in. Since (usually) the only fields you have are > > 'user' and 'password', they will need to stuff both components into the > > user field somehow; perhaps by logging on with a user name of > > > > user at domain.ad!account1 at example.com > > > > You would then need (probably) to write a checkpassword userdb script to > > split this into username and account name, verify the user is authorized > > for the account, look up the mailbox location using the account name, > > and pass the username back to be checked against the password. So, it > > could be done, but it would be messy and users would get it wrong all > > the time. > > Since users don't configure mail clients on their own it could be a solution! If users don't know how to choose which username they are logging in with how will they choose which account they want to look at? I *think* this is simpler than I thought: I think Dovecot's 'master user' stuff will work for this. You need to set up a master user passdb which looks up %u (or %n) as the AD account name and also checks that that user has a 'mailbox' attribute (whatever you decide to call it) of %{login_user}. > > Alternatively, you could have the user log in with their ordinary AD > > account name, and then present them with *all* the email accounts they > > have access to, as separate (trees of) folders. <snip> > All accounts in a tree sounds bad since users won't clearly understand > which is which. OK, if you say so. ISTM that having a number of top-level folders called (e.g.) 'account1 at example.com' with the mail for account1 at example.com in is much easier to deal with than magic usernames, but you know your users. Ben From burak4burak at msn.com Wed Nov 14 20:59:19 2012 From: burak4burak at msn.com (=?windows-1254?B?YnVyYWsgZ/xyZXI=?=) Date: Wed, 14 Nov 2012 20:59:19 +0200 Subject: [Dovecot] auth attempts errors In-Reply-To: <50A381CF.6090209@Media-Brokers.com> References: <SNT002-W148D74260FC1A9246065436F1530@phx.gbl>, <50A381CF.6090209@Media-Brokers.com> Message-ID: <SNT002-W146B40604902A8AB0846C6DF1530@phx.gbl> "broken!" what do you mean > Date: Wed, 14 Nov 2012 06:34:39 -0500 > From: CMarcus at Media-Brokers.com > To: dovecot at dovecot.org > Subject: Re: [Dovecot] auth attempts errors > > On 2012-11-14 5:03 AM, burak g?rer <burak4burak at msn.com> wrote: > > i have install 2.1.1 and configured > > > Hopefully you meant 2.1.10? 2.1.1 is old/buggy... > > > in dovecot log this error is coming every 20 seconds: > > > > dovecot: imap-login: Disconnected (no auth attempts in 0 secs): rip=**********, lip=**********, TLS handshaking: SSL_accept() syscall failed: Connection reset by peer > > Looks like your SSL is broken... > > -- > > Best regards, > > Charles > From CMarcus at Media-Brokers.com Wed Nov 14 21:26:15 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 14 Nov 2012 14:26:15 -0500 Subject: [Dovecot] auth attempts errors In-Reply-To: <SNT002-W146B40604902A8AB0846C6DF1530@phx.gbl> References: <SNT002-W148D74260FC1A9246065436F1530@phx.gbl>, <50A381CF.6090209@Media-Brokers.com> <SNT002-W146B40604902A8AB0846C6DF1530@phx.gbl> Message-ID: <50A3F057.5040908@Media-Brokers.com> Please don't top-post... On 2012-11-14 1:59 PM, burak g?rer <burak4burak at msn.com> wrote: >> Date: Wed, 14 Nov 2012 06:34:39 -0500 >> From: CMarcus at Media-Brokers.com >> To: dovecot at dovecot.org >> Subject: Re: [Dovecot] auth attempts errors >> >> On 2012-11-14 5:03 AM, burak g?rer<burak4burak at msn.com> wrote: >>> in dovecot log this error is coming every 20 seconds: >>> >>> dovecot: imap-login: Disconnected (no auth attempts in 0 secs): rip=**********, lip=**********, TLS handshaking: SSL_accept() syscall failed: Connection reset by peer >> Looks like your SSL is broken... > "broken!" > > what do you mean Look at the error message: "TLS handshaking: SSL_accept() syscall failed:" I'm not an expert, but thats what it looks like to me. -- Best regards, Charles From david at blue-labs.org Thu Nov 15 01:59:57 2012 From: david at blue-labs.org (David Ford) Date: Wed, 14 Nov 2012 18:59:57 -0500 Subject: [Dovecot] auth attempts errors In-Reply-To: <50A3F057.5040908@Media-Brokers.com> References: <SNT002-W148D74260FC1A9246065436F1530@phx.gbl>, <50A381CF.6090209@Media-Brokers.com> <SNT002-W146B40604902A8AB0846C6DF1530@phx.gbl> <50A3F057.5040908@Media-Brokers.com> Message-ID: <50A4307D.9090906@blue-labs.org> please don't bottom post On 11/14/2012 02:26 PM, Charles Marcus wrote: > Please don't top-post... > > On 2012-11-14 1:59 PM, burak g?rer <burak4burak at msn.com> wrote: >>> Date: Wed, 14 Nov 2012 06:34:39 -0500 >>> From: CMarcus at Media-Brokers.com >>> To: dovecot at dovecot.org >>> Subject: Re: [Dovecot] auth attempts errors >>> >>> On 2012-11-14 5:03 AM, burak g?rer<burak4burak at msn.com> wrote: >>>> in dovecot log this error is coming every 20 seconds: >>>> >>>> dovecot: imap-login: Disconnected (no auth attempts in 0 secs): >>>> rip=**********, lip=**********, TLS handshaking: SSL_accept() >>>> syscall failed: Connection reset by peer >>> Looks like your SSL is broken... > >> "broken!" >> >> what do you mean > > Look at the error message: > > "TLS handshaking: SSL_accept() syscall failed:" > > I'm not an expert, but thats what it looks like to me. > > From nick.z.edwards at gmail.com Thu Nov 15 06:55:09 2012 From: nick.z.edwards at gmail.com (Nick Edwards) Date: Thu, 15 Nov 2012 14:55:09 +1000 Subject: [Dovecot] Quotas 2.1clarification Message-ID: <CAMD-=VKpQB1Kk7RuGREOqA5jRhzpt__nTNJQYq-_Ca4zKaXqig@mail.gmail.com> Timo, I have much suspicion that our quota system is not working correctly since we migrate to 2.1 Currently using 2.1.10 Previously we had for issue of warnings quota_warning = storage=90%% /scripts/dqwarn-90.sh quota_warning2 = storage=75%% /scripts/dqwarn-75.sh worked great, these lines also migrated to new conf upon conversion. But quota conf example shows plugin { #quota_warning = storage=95%% quota-warning 95 %u #quota_warning2 = storage=80%% quota-warning 80 %u } # Example quota-warning service. The unix listener's permissions should be # set in a way that mail processes can connect to it. Below example assumes # that mail processes run as vmail user. If you use mode=0666, all system users # can generate quota warnings to anyone. #service quota-warning { # executable = script /usr/local/bin/quota-warning.sh # user = dovecot # unix_listener quota-warning { # user = vmail # } #} So this seems to indicate /scripts/dqwarn-75.sh should be a service name, which then calls the service quota-warning with that script in it etc etc etc surely this old 4 line method has not been replaced into a 20 line mess? Is this old way still functioning as I suspect it is not, and we need to write up two separate new quota warning services given our warnings are worded differently, or should the old methods still be working as they did in 1.2 and we have an error elsewhere? Niki From burak4burak at msn.com Thu Nov 15 12:10:27 2012 From: burak4burak at msn.com (=?windows-1254?B?YnVyYWsgZ/xyZXI=?=) Date: Thu, 15 Nov 2012 12:10:27 +0200 Subject: [Dovecot] auth attempts errors In-Reply-To: <50A4307D.9090906@blue-labs.org> References: <SNT002-W148D74260FC1A9246065436F1530@phx.gbl>, , <50A381CF.6090209@Media-Brokers.com>, <SNT002-W146B40604902A8AB0846C6DF1530@phx.gbl>, <50A3F057.5040908@Media-Brokers.com>, <50A4307D.9090906@blue-labs.org> Message-ID: <SNT002-W78405ED74B30D854170680F1520@phx.gbl> > Subject: Re: [Dovecot] auth attempts errors > > please don't bottom post > > On 11/14/2012 02:26 PM, Charles Marcus wrote: > > Please don't top-post... > > sorry. i am confused.. top or bottom. let me bottom-post.. anyway i have to ask: - how can i compile rpm package of dovecot. are there any guide or ... anything (or how can dovecot be compiled from source code - there is a guide here but it is for rpm version older than 4.4) - how can i create a stable TLS certificate for dovecot. are there any guide or ... anything - for this line "dovecot: imap-login: Disconnected (no auth attempts in 0 secs): rip=**********, lip=**********" in dovecot logs, any idea thanks.. From burak4burak at msn.com Thu Nov 15 13:05:13 2012 From: burak4burak at msn.com (=?windows-1254?B?YnVyYWsgZ/xyZXI=?=) Date: Thu, 15 Nov 2012 13:05:13 +0200 Subject: [Dovecot] auth attempts errors In-Reply-To: <SNT002-W78405ED74B30D854170680F1520@phx.gbl> References: <SNT002-W148D74260FC1A9246065436F1530@phx.gbl>, , <50A381CF.6090209@Media-Brokers.com>, <SNT002-W146B40604902A8AB0846C6DF1530@phx.gbl>, <50A3F057.5040908@Media-Brokers.com>, <50A4307D.9090906@blue-labs.org>, <SNT002-W78405ED74B30D854170680F1520@phx.gbl> Message-ID: <SNT002-W872ACE28F647D5345928A7F1520@phx.gbl> From: burak4burak at msn.com To: dovecot at dovecot.org Subject: RE: [Dovecot] auth attempts errors Date: Thu, 15 Nov 2012 12:10:27 +0200 > Subject: Re: [Dovecot] auth attempts errors > > please don't bottom post > > On 11/14/2012 02:26 PM, Charles Marcus wrote: > > Please don't top-post... > > sorry. i am confused.. top or bottom. let me bottom-post.. anyway i have to ask: - how can i compile rpm package of dovecot. are there any guide or ... anything (or how can dovecot be compiled from source code - there is a guide here but it is for rpm version older than 4.4) - how can i create a stable TLS certificate for dovecot. are there any guide or ... anything - for this line "dovecot: imap-login: Disconnected (no auth attempts in 0 secs): rip=**********, lip=**********" in dovecot logs, any idea thanks.. Building your own rpms link: http://wiki2.dovecot.org/PrebuiltBinaries#Building_your_own_rpms From CMarcus at Media-Brokers.com Thu Nov 15 14:55:45 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Thu, 15 Nov 2012 07:55:45 -0500 Subject: [Dovecot] auth attempts errors In-Reply-To: <50A4307D.9090906@blue-labs.org> References: <SNT002-W148D74260FC1A9246065436F1530@phx.gbl>, <50A381CF.6090209@Media-Brokers.com> <SNT002-W146B40604902A8AB0846C6DF1530@phx.gbl> <50A3F057.5040908@Media-Brokers.com> <50A4307D.9090906@blue-labs.org> Message-ID: <50A4E651.4000806@Media-Brokers.com> On 2012-11-14 6:59 PM, David Ford <david at blue-labs.org> wrote: > On 11/14/2012 02:26 PM, Charles Marcus wrote: >> Please don't top-post... >> >> On 2012-11-14 1:59 PM, burak g?rer<burak4burak at msn.com> wrote: >>>> Date: Wed, 14 Nov 2012 06:34:39 -0500 >>>> From: CMarcus at Media-Brokers.com >>>> To: dovecot at dovecot.org >>>> Subject: Re: [Dovecot] auth attempts errors >>>> >>>> On 2012-11-14 5:03 AM, burak g?rer<burak4burak at msn.com> wrote: >>>>> in dovecot log this error is coming every 20 seconds: >>>>> >>>>> dovecot: imap-login: Disconnected (no auth attempts in 0 secs): >>>>> rip=**********, lip=**********, TLS handshaking: SSL_accept() >>>>> syscall failed: Connection reset by peer >>>> Looks like your SSL is broken... >>> "broken!" >>> >>> what do you mean >> Look at the error message: >> >> "TLS handshaking: SSL_accept() syscall failed:" >> >> I'm not an expert, but thats what it looks like to me. > please don't bottom post Don't be an ass. Top-posting in a thread that is already inline/bottom posting totally breaks the thread. PLONK -- Best regards, Charles From dfischer at fi4it.de Thu Nov 15 16:20:56 2012 From: dfischer at fi4it.de (Daniel Fischer) Date: Thu, 15 Nov 2012 15:20:56 +0100 Subject: [Dovecot] emails are not displayed Message-ID: <50A4FA48.6010108@fi4it.de> Hello, i have a problem with some public folders in my testing environment. But after the series, here is my konfiguraion: doveconf -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-3-amd64 x86_64 Debian wheezy/sid hostname = ......................................... lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes listen = * mail_debug = no mail_gid = 5000 mail_location = maildir:~:INDEX=/var/mail/indexes/%d/%n mail_plugins = acl mail_privileged_group = vmail mail_uid = 5000 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace { list = children location = maildir:/var/mail/vhosts/%d/public:INDEX=/var/mail/indexes/%d/public:CONTROL=/var/mail/controls/%d/public prefix = Public. separator = . subscriptions = no type = public } namespace inbox { hidden = no inbox = yes list = yes location = prefix = separator = . subscriptions = yes type = private } passdb { args = scheme=CRAM-MD5 username_format=%u /var/mail/vhosts/auth.d/%d/shadow driver = passwd-file } plugin { acl = vfile antispam_allow_append_to_spam = no antispam_backend = pipe antispam_pipe_program = /usr/local/bin/sa-learn-pipe.sh antispam_pipe_program_notspam_arg = --ham antispam_pipe_program_spam_arg = --spam antispam_pipe_tmpdir = /tmp antispam_spam = Spam antispam_trash = Trash sieve = /var/mail/vhosts/sieve/users/%d/%n/.dovecot.sieve sieve_before = /var/mail/vhosts/sieve/%d/before sieve_dir = /var/mail/vhosts/sieve/users/%d/%n sieve_global_dir = /var/mail/vhosts/sieve/%d/global sieve_user_log = /var/mail/vhosts/sieve/users/%d/%n/.dovecot.sieve.log } postmaster_address = postmaster at ..... protocols = " imap lmtp sieve pop3" service auth { unix_listener /var/spool/postfix/private/auth { mode = 0666 } unix_listener auth-userdb { mode = 0660 user = vmail } } service managesieve-login { inet_listener sieve { port = 4190 } } ssl_cert = </etc/ssl/private/................................. ssl_key = </etc/ssl/private/......................... userdb { args = username_format=%u /var/mail/vhosts/auth.d/%d/passwd driver = passwd-file } protocol lmtp { mail_plugins = acl sieve } protocol lda { log_path = /var/log/sieve.log mail_plugins = acl sieve } protocol imap { imap_idle_notify_interval = 24 mins mail_plugins = acl imap_acl antispam } protocol sieve { managesieve_implementation_string = Dovecot Pigeonhole managesieve_logout_format = bytes=%i/%o } the problem is that any, not all public folder appear empty. if I delete the index files, I see the emails again for a while(1-2 hours) until they're gone again sometime. The directories change their content not for weeks. It is a test environment. but in one of the folders are more than 13000 mails (the Faxbox). Currently 3 of 13 folders are affected. I thought that it may be due to the size, but it is not the largest folders. For normal mail boxes I have not observed this effect. a3 EXAMINE Public.faxe * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) * OK [PERMANENTFLAGS ()] Read-only mailbox. * 0 EXISTS * 0 RECENT * OK [UIDVALIDITY 1349419566] UIDs valid * OK [UIDNEXT 141737] Predicted next UID * OK [HIGHESTMODSEQ 5] Highest Delete indexes.... /var/mail/indexes/........../public# rm -r .faxe/ a3 EXAMINE Public.faxe * OK [CLOSED] Previous mailbox closed. * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) * OK [PERMANENTFLAGS ()] Read-only mailbox. * 13778 EXISTS * 0 RECENT * OK [UIDVALIDITY 1349419566] UIDs valid * OK [UIDNEXT 141737] Predicted next UID * OK [NOMODSEQ] No permanent modsequences i would like to show you log files but i didn't see any error message. Does Have anyone an idea? Thanks for comment... Daniel From yago at ityd.com.ar Thu Nov 15 17:19:38 2012 From: yago at ityd.com.ar (Yago Alonso - Ityd) Date: Thu, 15 Nov 2012 12:19:38 -0300 Subject: [Dovecot] Change errors to spanish Message-ID: <CAOPFTw85ZMh171dmMZnXQhF50gsuEqWVaL8k0K_qBrHWcgm6fg@mail.gmail.com> Hello, i have dovecot version 1.2.17 and i need to translate all the errors that my users receive when a mail fails to send. Were and how should i change it? Thanks a lot! -- Yago Alonso From h.reindl at thelounge.net Thu Nov 15 17:21:49 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Thu, 15 Nov 2012 16:21:49 +0100 Subject: [Dovecot] Change errors to spanish In-Reply-To: <CAOPFTw85ZMh171dmMZnXQhF50gsuEqWVaL8k0K_qBrHWcgm6fg@mail.gmail.com> References: <CAOPFTw85ZMh171dmMZnXQhF50gsuEqWVaL8k0K_qBrHWcgm6fg@mail.gmail.com> Message-ID: <50A5088D.4020308@thelounge.net> Am 15.11.2012 16:19, schrieb Yago Alonso - Ityd: > Hello, i have dovecot version 1.2.17 and i need to translate all the errors > that my users receive when a mail fails to send. Were and how should i > change it? bounces are generated by the MTA and NOT dovecot! look at /etc/postfix/bounce.cf.default and "bounce_template_file" in the postfix documentation -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 261 bytes Desc: OpenPGP digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121115/9a69f3e8/attachment-0004.bin> From dave at boostpro.com Wed Nov 14 16:52:36 2012 From: dave at boostpro.com (Dave Abrahams) Date: Wed, 14 Nov 2012 09:52:36 -0500 Subject: [Dovecot] [BUMP] Unanswered: how to force FTS indexing? References: <m2pq43k7n3.fsf@cone.luannocracy.com> <508C9C8A.8000309@hardwarefreak.com> <m2vcdpfkz7.fsf@cone.luannocracy.com> Message-ID: <m2zk2knsnf.fsf_-_@cone.luannocracy.com> Does anyone have an answer to this question? Should I simply issue an IMAP search command, or is there a better way? on Thu Nov 01 2012, Dave Abrahams <dave-AT-boostpro.com> wrote: >> This index is not updated in real time. This is why Timo and others >> recommend cron'ing a script to index folders regularly that are >> searched regularly. > > And how does one index the folders for search? Is that "doveadm > index" or "doveadm fts rescan" (which I see at > http://wiki2.dovecot.org/Plugins/FTS but NOT in the manpage), or...? > >> This keeps the indexes up to date and keeps searches fast. If you >> don't do this or search often, your indexes become stale. Then each >> time you do an FTS search the first thing that happens is an FTS >> re-indexing of the mail folder. Only then does it display the search >> results. >> >>> BTW, I'm using the clucene search backend. >> >> I've not used Lucene, but I believe the default behavior is similar to >> the Dovecot 1.2.x FTS indexer. > > Not sure what conclusion to draw from that, thanks. -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From dave at boostpro.com Thu Nov 15 22:35:44 2012 From: dave at boostpro.com (Dave Abrahams) Date: Thu, 15 Nov 2012 15:35:44 -0500 Subject: [Dovecot] [BUMP] Unanswered: how to force FTS indexing? References: <m2pq43k7n3.fsf@cone.luannocracy.com> <508C9C8A.8000309@hardwarefreak.com> <m2vcdpfkz7.fsf@cone.luannocracy.com> <m2zk2knsnf.fsf_-_@cone.luannocracy.com> Message-ID: <m2pq3eioyn.fsf@pluto.luannocracy.com> After all this, some experimentation shows that doveadm index /does/ after all, update FTS indices. I wish this were better documented. on Wed Nov 14 2012, Dave Abrahams <dave-AT-boostpro.com> wrote: > Does anyone have an answer to this question? Should I simply issue an > IMAP search command, or is there a better way? > > on Thu Nov 01 2012, Dave Abrahams <dave-AT-boostpro.com> wrote: > >>> This index is not updated in real time. This is why Timo and others >>> recommend cron'ing a script to index folders regularly that are >>> searched regularly. >> >> And how does one index the folders for search? Is that "doveadm >> index" or "doveadm fts rescan" (which I see at >> http://wiki2.dovecot.org/Plugins/FTS but NOT in the manpage), or...? >> >>> This keeps the indexes up to date and keeps searches fast. If you >>> don't do this or search often, your indexes become stale. Then each >>> time you do an FTS search the first thing that happens is an FTS >>> re-indexing of the mail folder. Only then does it display the search >>> results. >>> >>>> BTW, I'm using the clucene search backend. >>> >>> I've not used Lucene, but I believe the default behavior is similar to >>> the Dovecot 1.2.x FTS indexer. >> >> Not sure what conclusion to draw from that, thanks. -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From zaphod at tdl.com Fri Nov 16 05:27:46 2012 From: zaphod at tdl.com (Chuck Cochems) Date: Thu, 15 Nov 2012 20:27:46 -0700 Subject: [Dovecot] whoson plugin for 2.0 Message-ID: <50A5B2B2.40409@tdl.com> I have found a plugin at ftp://ftp.ufanet.ru/pub/boco/dovecot/whoson-plugin/ I was able to make it function on a dovecot 1.2.8 server, by changing __attr_unused__ to ATTR_UNUSED and strlcpy to i_strocpy (since glibc doesn't HAVE strlcpy, on purpose). However, it doesn't work with 2.1 this is, of course, because getenv() no longer functions lie it used to in plugins. so i need a replacement for getenv("IP") and getenv("USER") to make this work. i know, pop before SMTP is stupid, but the isp i'm doing this for hs customers that have used pop before smtp for ages. so I MUST make a whoson plugin. as i said, the remote ip and the email address are required to interface with whoson. (this is superior to DRAC, which just opens the IP) From dmiller at amfes.com Fri Nov 16 05:43:34 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Thu, 15 Nov 2012 19:43:34 -0800 Subject: [Dovecot] [BUMP] Unanswered: how to force FTS indexing? In-Reply-To: <m2zk2knsnf.fsf_-_@cone.luannocracy.com> References: <m2pq43k7n3.fsf@cone.luannocracy.com> <508C9C8A.8000309@hardwarefreak.com> <m2vcdpfkz7.fsf@cone.luannocracy.com> <m2zk2knsnf.fsf_-_@cone.luannocracy.com> Message-ID: <assp.166787f57b.50A5B666.9090507@amfes.com> On 11/14/2012 6:52 AM, Dave Abrahams wrote: > Does anyone have an answer to this question? Should I simply issue an > IMAP search command, or is there a better way? > Put this in a cron script: doveadm search -A text zyxabcxyz > /dev/null That will perform a search through every mailbox on the system, indexing as it goes. The search query is unlikely to return much in the way of results, so log files won't fill up much. -- Daniel From kae at midnighthax.com Fri Nov 16 11:33:29 2012 From: kae at midnighthax.com (Keith Edmunds) Date: Fri, 16 Nov 2012 09:33:29 +0000 Subject: [Dovecot] Folder layout after Cyrus to Dovecot migration Message-ID: <20121116093329.045f4585@kae.tiger-computing.wbp> # dovecot --version 1.2.15 We're trying to migrate a server from Cyrus to Dovecot, and we're mostly there. On Cyrus, the folder layout in the MUA is: INBOX subfolder subfolder ... Sent Drafts Queue Trash Users cannot create sibling folders to the Inbox, only subfolders (and sub-subfolders, etc). We've replicated that with: -------------------------------------------------------------------------------- mail_location = maildir:/shared/imapmail/users/%u:INBOX=/shared/imapmail/users/%u:LAYOUT=fs namespace private { separator = / prefix = "INBOX/" inbox = yes } -------------------------------------------------------------------------------- ...however, the Sent/Drafts/Queue/Trash folders are now subfolders of Inbox. Cyrus seems to default to the above layout (at least, I can't find anywhere that defines it). There are no special settings in the MUA to achieve the abovev. Is there a way of replicating the above within Dovecot? We can probably go to V2 if we have to, but 1.2.15 would be preferable. Thanks, Keith From rs at sys4.de Fri Nov 16 11:59:32 2012 From: rs at sys4.de (Robert Schetterer) Date: Fri, 16 Nov 2012 10:59:32 +0100 Subject: [Dovecot] Folder layout after Cyrus to Dovecot migration In-Reply-To: <20121116093329.045f4585@kae.tiger-computing.wbp> References: <20121116093329.045f4585@kae.tiger-computing.wbp> Message-ID: <50A60E84.6050307@sys4.de> Am 16.11.2012 10:33, schrieb Keith Edmunds: > # dovecot --version > 1.2.15 > > We're trying to migrate a server from Cyrus to Dovecot, and we're mostly > there. > > On Cyrus, the folder layout in the MUA is: > > INBOX > subfolder > subfolder > ... > Sent > Drafts > Queue > Trash > > Users cannot create sibling folders to the Inbox, only subfolders (and > sub-subfolders, etc). We've replicated that with: > > -------------------------------------------------------------------------------- > mail_location = > maildir:/shared/imapmail/users/%u:INBOX=/shared/imapmail/users/%u:LAYOUT=fs > > namespace private { > separator = / > prefix = "INBOX/" > inbox = yes > } > -------------------------------------------------------------------------------- > > ...however, the Sent/Drafts/Queue/Trash folders are now subfolders of > Inbox. Cyrus seems to default to the above layout (at least, I can't find > anywhere that defines it). There are no special settings in the MUA to > achieve the abovev. Is there a way of replicating the above within > Dovecot? We can probably go to V2 if we have to, but 1.2.15 would be > preferable. > > Thanks, > Keith > read http://wiki2.dovecot.org/Migration http://wiki2.dovecot.org/Namespaces Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From amateo at um.es Fri Nov 16 12:11:19 2012 From: amateo at um.es (Angel L. Mateo) Date: Fri, 16 Nov 2012 11:11:19 +0100 Subject: [Dovecot] shared mailboxes and indexes Message-ID: <50A61147.5040201@um.es> Hello, We are deploying shared mailboxes in our mail system. We are running 2.1.9 and mail backend is maildir. As described at http://wiki.dovecot.org/SharedMailboxes/Shared when shared namespace is configured as namespace shared { separator = / prefix = shared/%%u/ location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u subscriptions = no list = children } each user accessing this folder has its own index, stored in ~/Maildir/shared/%%u/<shared mailbox>, hasn't it? Our mail is store in NFS disks so we are very concerned about indexes optimizations (we had performance problems until we got all of our indexes and nfs tunned). So, is there any way so those indexes could be shared for all users (and they always would be updated). Regarding this... if we'd use dbox instead of maildir, indexes are a really important part of the mailbox and they can't be re-constructed when they are outdated. So, how do shared mailboxes work with dbox backend? Do I have to configure indexes in any particular way? -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n y las Comunicaciones Aplicadas (ATICA) http://www.um.es/atica Tfo: 868889150 Fax: 868888337 From kae at midnighthax.com Fri Nov 16 12:36:49 2012 From: kae at midnighthax.com (Keith Edmunds) Date: Fri, 16 Nov 2012 10:36:49 +0000 Subject: [Dovecot] Folder layout after Cyrus to Dovecot migration In-Reply-To: <50A60E84.6050307@sys4.de> References: <20121116093329.045f4585@kae.tiger-computing.wbp> <50A60E84.6050307@sys4.de> Message-ID: <20121116103649.1e54e72e@kae.tiger-computing.wbp> > read > > http://wiki2.dovecot.org/Migration > http://wiki2.dovecot.org/Namespaces Thank you: I have (already had) read both. Are you suggesting that hidden namespaces will provide the functionality we are looking for? Or have I missed the point? Thanks, Keith From rs at sys4.de Fri Nov 16 13:52:37 2012 From: rs at sys4.de (Robert Schetterer) Date: Fri, 16 Nov 2012 12:52:37 +0100 Subject: [Dovecot] Folder layout after Cyrus to Dovecot migration In-Reply-To: <20121116103649.1e54e72e@kae.tiger-computing.wbp> References: <20121116093329.045f4585@kae.tiger-computing.wbp> <50A60E84.6050307@sys4.de> <20121116103649.1e54e72e@kae.tiger-computing.wbp> Message-ID: <50A62905.6040402@sys4.de> Am 16.11.2012 11:36, schrieb Keith Edmunds: >> read >> >> http://wiki2.dovecot.org/Migration >> http://wiki2.dovecot.org/Namespaces > > Thank you: I have (already had) read both. > > Are you suggesting that hidden namespaces will provide the functionality > we are looking for? Or have I missed the point? > > Thanks, > Keith > i you like your users have the same namespace as before configure dovecot like it if not use ,a new namespace layout, its your choice hidden namespaces may help making migration transparent for old clients Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From nicolas.kowalski at gmail.com Fri Nov 16 16:12:59 2012 From: nicolas.kowalski at gmail.com (Nicolas KOWALSKI) Date: Fri, 16 Nov 2012 15:12:59 +0100 Subject: [Dovecot] Initial status notification not received Message-ID: <20121116141259.GA9371@petole.demisel.net> Hello, We have SLES-11 SP2 Xen VMs running dovecot as IMAP proxies. At VMs startup, dovecot almost always shows these errors: Nov 16 14:29:19 server dovecot: master: Dovecot v2.1.10 starting up (core dumps disabled) Nov 16 14:29:55 server dovecot: master: Error: service(anvil): Initial status notification not received in 30 seconds, killing the process Nov 16 14:29:55 server dovecot: master: Error: service(log): Initial status notification not received in 30 seconds, killing the process Nov 16 14:29:55 server dovecot: master: Error: service(ssl-params): Initial status notification not received in 30 seconds, killing the process Nov 16 14:29:55 server dovecot: master: Error: service(log): child 3591 killed with signal 9 As the last line tells, dovecot stops logging information. We have to restart the dovecot processes to get back normal behaviour. I also tried to set idle_kill values to services definitions, without success. Is there a way to prevent these errors? Here is the dovecot -n output: # 2.1.10: /etc/dovecot/dovecot.conf # OS: Linux 3.0.42-0.7-xen x86_64 SUSE Linux Enterprise Server 11 (x86_64) default_client_limit = 4096 default_idle_kill = 5 mins default_process_limit = 16384 listen = 10.254.251.18 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap sieve service anvil { client_limit = 65536 idle_kill = 0 } service auth { client_limit = 32768 } service imap-login { inet_listener imap { port = 0 } } service imap { process_limit = 0 } service log { idle_kill = 0 } service managesieve { process_limit = 0 } service ssl-params { idle_kill = 0 } ssl_ca = </etc/dovecot/ssl/ca.pem ssl_cert = </etc/dovecot/ssl/server-crt.pem ssl_key = </etc/dovecot/ssl/server-key.pem userdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } protocol sieve { passdb { args = /etc/dovecot/dovecot-ldap-sieve.conf.ext driver = ldap } } Thanks, -- Nicolas From weber at zackbummfertig.de Fri Nov 16 17:24:48 2012 From: weber at zackbummfertig.de (weber at zackbummfertig.de) Date: Fri, 16 Nov 2012 16:24:48 +0100 Subject: [Dovecot] =?utf-8?q?Is_there_any_Documentation_or_Howto/Guide_for?= =?utf-8?q?_Dovecot_Replication_or_do_i_have_to_wait_for_dovecot_2=2E2=2Ex?= =?utf-8?q?=3F?= Message-ID: <72bd3d101cab445e8b4216300b43b798@zackbummfertig.de> dear timo, can you help me? best regards marko, from hamburg From user+dovecot at localhost.localdomain.org Fri Nov 16 20:53:27 2012 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Fri, 16 Nov 2012 19:53:27 +0100 Subject: [Dovecot] whoson plugin for 2.0 In-Reply-To: <50A5B2B2.40409@tdl.com> References: <50A5B2B2.40409@tdl.com> Message-ID: <50A68BA7.4080500@localhost.localdomain.org> On 11/16/2012 04:27 AM Chuck Cochems wrote: > ? > this is, of course, because getenv() no longer functions lie it used to > in plugins. > > so i need a replacement for getenv("IP") and getenv("USER") to make this > work. AFAIR: getenv was replaced by mail_user_plugin_getenv ,--[ lib-storage/mail-user.h ]-- | /* If name exists in plugin_envs, return its value. */ | const char *mail_user_plugin_getenv(struct mail_user *user, const char *name); `-- Regards, Pascal -- The trapper recommends today: cafefeed.1232119 at localdomain.org From daniel.parthey at informatik.tu-chemnitz.de Fri Nov 16 22:31:22 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Fri, 16 Nov 2012 21:31:22 +0100 Subject: [Dovecot] Is there any Documentation or Howto/Guide for Dovecot Replication or do i have to wait for dovecot 2.2.x? In-Reply-To: <72bd3d101cab445e8b4216300b43b798@zackbummfertig.de> References: <72bd3d101cab445e8b4216300b43b798@zackbummfertig.de> Message-ID: <20121116203122.GA9979@daniel.localdomain> Marko Weber wrote: > Is there any Documentation or Howto/Guide for Dovecot Replication? You might start with dovecot mirroring according to the documentation http://wiki2.dovecot.org/Tools/Dsync http://wiki2.dovecot.org/Design/Dsync and ask if something is unclear. Regards Daniel -- https://plus.google.com/103021802792276734820 From hawat.thufir at gmail.com Fri Nov 16 22:47:52 2012 From: hawat.thufir at gmail.com (Thufir) Date: Fri, 16 Nov 2012 12:47:52 -0800 Subject: [Dovecot] dovecot: lda(root): Fatal: Invalid user settings. Refer to server log for more information. Message-ID: <50A6A678.2020601@gmail.com> I ran dovecot -a and the blizzard of data seemed ok to my limited knowledge. Is there another log I should look into to trace this error down? Dovecot and system info: thufir at dur:~$ thufir at dur:~$ dovecot --version 2.0.19 thufir at dur:~$ thufir at dur:~$ cat /etc/lsb-release DISTRIB_ID=Ubuntu DISTRIB_RELEASE=12.04 DISTRIB_CODENAME=precise DISTRIB_DESCRIPTION="Ubuntu 12.04.1 LTS" thufir at dur:~$ testing postfix & dovecot (http://packages.ubuntu.com/precise/dovecot-postfix): root at dur:/etc/postfix# root at dur:/etc/postfix# telnet localhost 25 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 dur.bounceme.net ESMTP Postfix (Ubuntu) helo me 250 dur.bounceme.net mail from:foo at bar.com 250 2.1.0 Ok rcpt to:root at dur.bounceme.net 250 2.1.5 Ok data 354 End data with <CR><LF>.<CR><LF> subject:ping 3 blah blah . 250 2.0.0 Ok: queued as 35EC92A0D72 quit 221 2.0.0 Bye Connection closed by foreign host. root at dur:/etc/postfix# root at dur:/etc/postfix# tail /var/log/mail.log Nov 16 12:30:07 dur postfix/smtpd[4113]: connect from localhost[127.0.0.1] Nov 16 12:30:40 dur postfix/smtpd[4113]: 35EC92A0D72: client=localhost[127.0.0.1] Nov 16 12:30:52 dur postfix/cleanup[4133]: 35EC92A0D72: message-id=<20121116203040.35EC92A0D72 at dur.bounceme.net> Nov 16 12:30:52 dur postfix/qmgr[1681]: 35EC92A0D72: from=<foo at bar.com>, size=321, nrcpt=1 (queue active) Nov 16 12:30:52 dur dovecot: lda(root): Error: chdir(/root/) failed: Permission denied (euid=65534(nobody) egid=65534(nogroup) missing +x perm: /root, dir owned by 0:0 mode=0700) Nov 16 12:30:52 dur dovecot: lda(root): Error: chdir(/root) failed: Permission denied Nov 16 12:30:52 dur dovecot: lda(root): Error: user root: Initialization failed: Initializing mail storage from mail_location setting failed: stat(/root/Maildir) failed: Permission denied (euid=65534(nobody) egid=65534(nogroup) missing +x perm: /root, dir owned by 0:0 mode=0700) Nov 16 12:30:52 dur dovecot: lda(root): Fatal: Invalid user settings. Refer to server log for more information. Nov 16 12:30:52 dur postfix/local[4134]: 35EC92A0D72: to=<root at dur.bounceme.net>, relay=local, delay=25, delays=25/0.02/0/0.12, dsn=4.3.0, status=deferred (temporary failure) Nov 16 12:30:56 dur postfix/smtpd[4113]: disconnect from localhost[127.0.0.1] root at dur:/etc/postfix# thanks, Thufir From dave at boostpro.com Fri Nov 16 22:58:00 2012 From: dave at boostpro.com (Dave Abrahams) Date: Fri, 16 Nov 2012 15:58:00 -0500 Subject: [Dovecot] [BUMP] Unanswered: how to force FTS indexing? References: <m2pq43k7n3.fsf@cone.luannocracy.com> <508C9C8A.8000309@hardwarefreak.com> <m2vcdpfkz7.fsf@cone.luannocracy.com> <m2zk2knsnf.fsf_-_@cone.luannocracy.com> <assp.166787f57b.50A5B666.9090507@amfes.com> Message-ID: <m2zk2hnu3r.fsf@cube.luannocracy.com> on Thu Nov 15 2012, "Daniel L. Miller" <dmiller-AT-amfes.com> wrote: > On 11/14/2012 6:52 AM, Dave Abrahams wrote: >> Does anyone have an answer to this question? Should I simply issue an >> IMAP search command, or is there a better way? >> > > Put this in a cron script: > > doveadm search -A text zyxabcxyz > /dev/null > > That will perform a search through every mailbox on the system, > indexing as it goes. The search query is unlikely to return much in > the way of results, so log files won't fill up much. That actually doesn't work for me. "doveadm index ..." does, though. -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From rob0 at gmx.co.uk Sat Nov 17 00:09:54 2012 From: rob0 at gmx.co.uk (/dev/rob0) Date: Fri, 16 Nov 2012 16:09:54 -0600 Subject: [Dovecot] dovecot: lda(root): Fatal: Invalid user settings. Refer to server log for more information. In-Reply-To: <50A6A678.2020601@gmail.com> References: <50A6A678.2020601@gmail.com> Message-ID: <20121116220954.GX3672@harrier.slackbuilds.org> On Fri, Nov 16, 2012 at 12:47:52PM -0800, Thufir wrote: > I ran dovecot -a and the blizzard of data seemed ok to my limited > knowledge. Is there another log I should look into to trace this > error down? It's actually a Postfix problem. Postfix is invoking your Dovecot LDA with wrong permissions. > Dovecot and system info: > > thufir at dur:~$ > thufir at dur:~$ dovecot --version > 2.0.19 > thufir at dur:~$ > thufir at dur:~$ cat /etc/lsb-release > DISTRIB_ID=Ubuntu > DISTRIB_RELEASE=12.04 > DISTRIB_CODENAME=precise > DISTRIB_DESCRIPTION="Ubuntu 12.04.1 LTS" > thufir at dur:~$ > > testing postfix & dovecot > (http://packages.ubuntu.com/precise/dovecot-postfix): > > root at dur:/etc/postfix# > root at dur:/etc/postfix# telnet localhost 25 > Trying 127.0.0.1... > Connected to localhost. > Escape character is '^]'. > 220 dur.bounceme.net ESMTP Postfix (Ubuntu) > helo me > 250 dur.bounceme.net > mail from:foo at bar.com Angle brackets are required on envelope addresses (and I bet you don't own bar.com): MAIL FROM:<foo at example.com> > 250 2.1.0 Ok > rcpt to:root at dur.bounceme.net RCPT TO:<root at dur.bounceme.net> > 250 2.1.5 Ok > data > 354 End data with <CR><LF>.<CR><LF> > subject:ping 3 > blah blah > . A header must have a space after the colon. Header and body are separated by a blank line. See RFC 5322. > 250 2.0.0 Ok: queued as 35EC92A0D72 > quit > 221 2.0.0 Bye > Connection closed by foreign host. > root at dur:/etc/postfix# > root at dur:/etc/postfix# tail /var/log/mail.log > Nov 16 12:30:07 dur postfix/smtpd[4113]: connect from localhost[127.0.0.1] > Nov 16 12:30:40 dur postfix/smtpd[4113]: 35EC92A0D72: > client=localhost[127.0.0.1] > Nov 16 12:30:52 dur postfix/cleanup[4133]: 35EC92A0D72: > message-id=<20121116203040.35EC92A0D72 at dur.bounceme.net> > Nov 16 12:30:52 dur postfix/qmgr[1681]: 35EC92A0D72: > from=<foo at bar.com>, size=321, nrcpt=1 (queue active) > Nov 16 12:30:52 dur dovecot: lda(root): Error: chdir(/root/) failed: > Permission denied (euid=65534(nobody) egid=65534(nogroup) missing +x > perm: /root, dir owned by 0:0 mode=0700) The fix to this is simply not to deliver mail to root. You should have aliased root to a mortal user. Postfix will not invoke a mailbox_command as root. In broader terms, you should only use root for actual system administration, and not for user tasks such as reading and sending mail. See and edit /etc/aliases, then run "newaliases". Example: root: thufir http://www.postfix.org/postconf.5.html#default_privs http://www.postfix.org/postconf.5.html#mailbox_command http://www.postfix.org/local.8.html http://www.postfix.org/aliases.5.html After you have done this, requeue the message: # postsuper -r 35EC92A0D72 (or just delete it, s/-r/-d/, and try another test.) http://www.postfix.org/postsuper.1.html > Nov 16 12:30:52 dur dovecot: lda(root): Error: chdir(/root) failed: > Permission denied > Nov 16 12:30:52 dur dovecot: lda(root): Error: user root: > Initialization failed: Initializing mail storage from mail_location > setting failed: stat(/root/Maildir) failed: Permission denied > (euid=65534(nobody) egid=65534(nogroup) missing +x perm: /root, dir > owned by 0:0 mode=0700) > Nov 16 12:30:52 dur dovecot: lda(root): Fatal: Invalid user settings. > Refer to server log for more information. > Nov 16 12:30:52 dur postfix/local[4134]: 35EC92A0D72: > to=<root at dur.bounceme.net>, relay=local, delay=25, > delays=25/0.02/0/0.12, dsn=4.3.0, status=deferred (temporary failure) > Nov 16 12:30:56 dur postfix/smtpd[4113]: disconnect from > localhost[127.0.0.1] > root at dur:/etc/postfix# -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if "/dev/rob0" is in the Subject: From ben at morrow.me.uk Sat Nov 17 00:15:24 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Fri, 16 Nov 2012 22:15:24 +0000 Subject: [Dovecot] dovecot: lda(root): Fatal: Invalid user settings. Refer to server log for more information. In-Reply-To: <50A6A678.2020601@gmail.com> References: <50A6A678.2020601@gmail.com> Message-ID: <20121116221524.GE94077@anubis.morrow.me.uk> At 12PM -0800 on 16/11/12 you (Thufir) wrote: > I ran dovecot -a and the blizzard of data seemed ok to my limited > knowledge. Is there another log I should look into to trace this error > down? <snip> > > Nov 16 12:30:52 dur dovecot: lda(root): Error: chdir(/root/) failed: > Permission denied (euid=65534(nobody) egid=65534(nogroup) missing +x > perm: /root, dir owned by 0:0 mode=0700) > Nov 16 12:30:52 dur dovecot: lda(root): Error: chdir(/root) failed: > Permission denied > Nov 16 12:30:52 dur dovecot: lda(root): Error: user root: Initialization > failed: Initializing mail storage from mail_location setting failed: > stat(/root/Maildir) failed: Permission denied (euid=65534(nobody) > egid=65534(nogroup) missing +x perm: /root, dir owned by 0:0 mode=0700) > Nov 16 12:30:52 dur dovecot: lda(root): Fatal: Invalid user settings. > Refer to server log for more information. You should not be attempting to deliver mail to root directly. Instead you should forward root's mail to a real user with /etc/aliases; postfix's local(8) will not allow you to deliver mail as root. Ben From zaphod at tdl.com Sat Nov 17 00:21:30 2012 From: zaphod at tdl.com (Chuck Cochems) Date: Fri, 16 Nov 2012 15:21:30 -0700 Subject: [Dovecot] whoson plugin for 2.0 In-Reply-To: <50A68BA7.4080500@localhost.localdomain.org> References: <50A5B2B2.40409@tdl.com> <50A68BA7.4080500@localhost.localdomain.org> Message-ID: <50A6BC6A.6070504@tdl.com> On 11/16/2012 11:53 AM, Pascal Volk wrote: > On 11/16/2012 04:27 AM Chuck Cochems wrote: >> ? >> this is, of course, because getenv() no longer functions lie it used to >> in plugins. >> >> so i need a replacement for getenv("IP") and getenv("USER") to make this >> work. > > AFAIR: getenv was replaced by mail_user_plugin_getenv > > ,--[ lib-storage/mail-user.h ]-- > | /* If name exists in plugin_envs, return its value. */ > | const char *mail_user_plugin_getenv(struct mail_user *user, const char *name); > `-- > > Ye, but it requires the user struct to be passed as a parameter, which this plugin doesn't even use. Also, it seems the ip address is stored in a different format than used by the old getenv("IP") (which was a string) I need to return both the IP and the email address as a string to drop it into the old code. I attempted to use the drac plugin as a base (the new 2.0 compatible one) but i found the code hard to follow, and also DRAC seems to just use the IP, while whoson also uses the email address. From rob0 at gmx.co.uk Sat Nov 17 00:29:16 2012 From: rob0 at gmx.co.uk (/dev/rob0) Date: Fri, 16 Nov 2012 16:29:16 -0600 Subject: [Dovecot] dovecot: lda(root): Fatal: Invalid user settings. Refer to server log for more information. In-Reply-To: <20121116221524.GE94077@anubis.morrow.me.uk> References: <50A6A678.2020601@gmail.com> <20121116221524.GE94077@anubis.morrow.me.uk> Message-ID: <20121116222916.GY3672@harrier.slackbuilds.org> On Fri, Nov 16, 2012 at 10:15:24PM +0000, Ben Morrow wrote: > postfix's local(8) will not allow you to deliver mail as root. Strictly speaking it will deliver to/as root, but not if invoking commands, which is what the OP was doing. -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if "/dev/rob0" is in the Subject: From user+dovecot at localhost.localdomain.org Sat Nov 17 01:43:06 2012 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Sat, 17 Nov 2012 00:43:06 +0100 Subject: [Dovecot] whoson plugin for 2.0 In-Reply-To: <50A6BC6A.6070504@tdl.com> References: <50A5B2B2.40409@tdl.com> <50A68BA7.4080500@localhost.localdomain.org> <50A6BC6A.6070504@tdl.com> Message-ID: <50A6CF8A.40202@localhost.localdomain.org> On 11/16/2012 11:21 PM Chuck Cochems wrote: > ? > I need to return both the IP and the email address as a string to drop > it into the old code. > ? You could check the code of the `doveadm who` command <http://wiki2.dovecot.org/Tools/Doveadm/Who>. It shows both, the user name and the IP address. Regards, Pascal -- The trapper recommends today: c01dcafe.1232200 at localdomain.org From hawat.thufir at gmail.com Sat Nov 17 03:32:16 2012 From: hawat.thufir at gmail.com (Thufir) Date: Fri, 16 Nov 2012 17:32:16 -0800 Subject: [Dovecot] dovecot: lda(root): Fatal: Invalid user settings. Refer to In-Reply-To: <50A6A678.2020601@gmail.com> References: <50A6A678.2020601@gmail.com> Message-ID: <50A6E920.4040000@gmail.com> On Fri, 16 Nov 2012 16:09:54 -0600, /dev/rob0 wrote: > The fix to this is simply not to deliver mail to root. You should have > aliased root to a mortal user. Postfix will not invoke a mailbox_command > as root. > > In broader terms, you should only use root for actual system > administration, and not for user tasks such as reading and sending mail. > > See and edit /etc/aliases, then run "newaliases". Example: > > root: thufir > > http://www.postfix.org/postconf.5.html#default_privs > http://www.postfix.org/postconf.5.html#mailbox_command > http://www.postfix.org/local.8.html > http://www.postfix.org/aliases.5.html > > After you have done this, requeue the message: > > # postsuper -r 35EC92A0D72 > > (or just delete it, s/-r/-d/, and try another test.) > > http://www.postfix.org/postsuper.1.html Ah, thank you. Not dovecot at all, makes sense. I was sending to root because of a problem with keychain preventing usage of the "mail" command for users: http://ubuntuforums.org/showthread.php?t=2065461 Anyhow, that's fixed so that I can now use the "mail" command as a mortal, as you put it. I think I'm on my way, and that this is a postfix and not dovecot problem. The mail doesn't arrive, but the log shows as delivered (I think) and then removed for some reason: thufir at dur:~$ thufir at dur:~$ thufir at dur:~$ telnet localhost 25 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 dur.bounceme.net ESMTP Postfix (Ubuntu) HELO me 250 dur.bounceme.net mail from:<thufir at example.com> 250 2.1.0 Ok rcpt to:<thufir at localhost> 250 2.1.5 Ok data 354 End data with <CR><LF>.<CR><LF> subject: never arrives postfix problem? . 250 2.0.0 Ok: queued as 3C8392A0007 quit 221 2.0.0 Bye Connection closed by foreign host. thufir at dur:~$ thufir at dur:~$ mail No mail for thufir thufir at dur:~$ thufir at dur:~$ thufir at dur:~$ tail /var/log/mail.log Nov 16 17:19:04 dur postfix/smtpd[2975]: connect from localhost[127.0.0.1] Nov 16 17:19:32 dur postfix/smtpd[2975]: disconnect from localhost [127.0.0.1] Nov 16 17:19:36 dur postfix/smtpd[2975]: connect from localhost[127.0.0.1] Nov 16 17:20:06 dur postfix/smtpd[2975]: 3C8392A0007: client=localhost [127.0.0.1] Nov 16 17:20:48 dur postfix/cleanup[2985]: 3C8392A0007: message- id=<20121117012006.3C8392A0007 at dur.bounceme.net> Nov 16 17:20:48 dur postfix/qmgr[1521]: 3C8392A0007: from=<thufir at example.com>, size=336, nrcpt=1 (queue active) Nov 16 17:20:48 dur dovecot: lda(thufir): msgid=<20121117012006.3C8392A0007 at dur.bounceme.net>: saved mail to INBOX Nov 16 17:20:48 dur postfix/local[2988]: 3C8392A0007: to=<thufir at localhost>, relay=local, delay=55, delays=55/0.02/0/0.17, dsn=2.0.0, status=sent (delivered to command: /usr/lib/dovecot/deliver - c /etc/dovecot/conf.d/01-mail-stack-delivery.conf -m "${EXTENSION}") Nov 16 17:20:48 dur postfix/qmgr[1521]: 3C8392A0007: removed Nov 16 17:20:54 dur postfix/smtpd[2975]: disconnect from localhost [127.0.0.1] thufir at dur:~$ thanks, Thufir From rob0 at gmx.co.uk Sat Nov 17 03:58:55 2012 From: rob0 at gmx.co.uk (/dev/rob0) Date: Fri, 16 Nov 2012 19:58:55 -0600 Subject: [Dovecot] dovecot: lda(root): Fatal: Invalid user settings. Refer to In-Reply-To: <50A6E920.4040000@gmail.com> References: <50A6A678.2020601@gmail.com> <50A6E920.4040000@gmail.com> Message-ID: <20121117015855.GA3672@harrier.slackbuilds.org> On Fri, Nov 16, 2012 at 05:32:16PM -0800, Thufir wrote: > On Fri, 16 Nov 2012 16:09:54 -0600, /dev/rob0 wrote: > >The fix to this is simply not to deliver mail to root. You > >should have aliased root to a mortal user. Postfix will not > >invoke a mailbox_command as root. > > Ah, thank you. Not dovecot at all, makes sense. I was sending > to root because of a problem with keychain preventing usage of > the "mail" command for users: > > http://ubuntuforums.org/showthread.php?t=2065461 > > Anyhow, that's fixed so that I can now use the "mail" command as a > mortal, as you put it. I think I'm on my way, and that this is a > postfix and not dovecot problem. The mail doesn't arrive, but the > log shows as delivered (I think) and then removed for some reason: It was delivered and removed from the queue. > thufir at dur:~$ telnet localhost 25 > Trying 127.0.0.1... > Connected to localhost. > Escape character is '^]'. > 220 dur.bounceme.net ESMTP Postfix (Ubuntu) > HELO me > 250 dur.bounceme.net > mail from:<thufir at example.com> > 250 2.1.0 Ok > rcpt to:<thufir at localhost> > 250 2.1.5 Ok > data > 354 End data with <CR><LF>.<CR><LF> > subject: never arrives > > postfix problem? > . > 250 2.0.0 Ok: queued as 3C8392A0007 > quit > 221 2.0.0 Bye > Connection closed by foreign host. > thufir at dur:~$ > thufir at dur:~$ mail > No mail for thufir Your mail(1) MUA is not configured (or unable) to look in the place where the mail was, in fact, delivered. > thufir at dur:~$ tail /var/log/mail.log > Nov 16 17:19:04 dur postfix/smtpd[2975]: connect from localhost[127.0.0.1] > Nov 16 17:19:32 dur postfix/smtpd[2975]: disconnect from localhost > [127.0.0.1] > Nov 16 17:19:36 dur postfix/smtpd[2975]: connect from localhost[127.0.0.1] > Nov 16 17:20:06 dur postfix/smtpd[2975]: 3C8392A0007: client=localhost > [127.0.0.1] > Nov 16 17:20:48 dur postfix/cleanup[2985]: 3C8392A0007: message- > id=<20121117012006.3C8392A0007 at dur.bounceme.net> > Nov 16 17:20:48 dur postfix/qmgr[1521]: 3C8392A0007: > from=<thufir at example.com>, size=336, nrcpt=1 (queue active) > Nov 16 17:20:48 dur dovecot: lda(thufir): > msgid=<20121117012006.3C8392A0007 at dur.bounceme.net>: saved mail to INBOX Dovecot says it delivered it ... > Nov 16 17:20:48 dur postfix/local[2988]: 3C8392A0007: > to=<thufir at localhost>, relay=local, delay=55, delays=55/0.02/0/0.17, > dsn=2.0.0, status=sent (delivered to command: /usr/lib/dovecot/deliver - > c /etc/dovecot/conf.d/01-mail-stack-delivery.conf -m "${EXTENSION}") > Nov 16 17:20:48 dur postfix/qmgr[1521]: 3C8392A0007: removed ... and duly reported this success to Postfix, which deleted it from the queue as a result. > Nov 16 17:20:54 dur postfix/smtpd[2975]: disconnect from localhost > [127.0.0.1] Judging from your previous post where deliver tried to write to /root/Maildir/, I suppose your mail will be found in ~thufir/Maildir/new/ . Now Postfix is fine, Dovecot seems to be fine also. Your remaining issue is with "mail". If it's old BSD mailx, that is not very configurable. Consider other choices, such as mutt, alpine, or Heirloom mailx. -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if "/dev/rob0" is in the Subject: From hawat.thufir at gmail.com Sat Nov 17 05:06:47 2012 From: hawat.thufir at gmail.com (Thufir) Date: Fri, 16 Nov 2012 19:06:47 -0800 Subject: [Dovecot] dovecot: lda(root): Fatal: Invalid user settings. Refer to In-Reply-To: <50A6E920.4040000@gmail.com> References: <50A6A678.2020601@gmail.com> <50A6E920.4040000@gmail.com> Message-ID: <50A6FF47.2030803@gmail.com> On Fri, 16 Nov 2012 19:58:55 -0600, /dev/rob0 wrote: > Judging from your previous post where deliver tried to write to > /root/Maildir/, I suppose your mail will be found in > ~thufir/Maildir/new/ > . > > Now Postfix is fine, Dovecot seems to be fine also. Your remaining issue > is with "mail". If it's old BSD mailx, that is not very configurable. > Consider other choices, such as mutt, alpine, or Heirloom mailx. Thanks, it's right there: thufir at dur:~$ thufir at dur:~$ ll Maildir/new/ total 20 drwx------ 2 thufir thufir 4096 Nov 16 18:56 ./ drwx------ 5 thufir thufir 4096 Nov 16 18:56 ../ -rw------- 1 thufir thufir 410 Nov 16 11:57 1353095866.M305477P3932.dur,S=410,W=422 -rw------- 1 thufir thufir 424 Nov 16 17:20 1353115248.M841336P2990.dur,S=424,W=436 -rw------- 1 thufir thufir 445 Nov 16 18:56 1353121003.M187706P3838.dur,S=445,W=457 thufir at dur:~$ thufir at dur:~$ nl Maildir/new/1353121003.M187706P3838.dur\,S\=445\,W\=457 1 Return-Path: <thufir at example.net> 2 X-Original-To: thufir at localhost 3 Delivered-To: thufir at localhost 4 Received: from me (localhost [127.0.0.1]) 5 by dur.bounceme.net (Postfix) with SMTP id 43D6F2A07C1 6 for <thufir at localhost>; Fri, 16 Nov 2012 18:55:55 -0800 (PST) 7 subject: to evolution mail 8 Message-Id: <20121117025613.43D6F2A07C1 at dur.bounceme.net> 9 Date: Fri, 16 Nov 2012 18:55:55 -0800 (PST) 10 From: thufir at example.net 11 we'll see if this goes through. thufir at dur:~$ and it even looks like Evolution's supported :) thanks again for the help with what turned not to be dovecot at all. -Thufir From dmiller at amfes.com Sat Nov 17 08:35:51 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Fri, 16 Nov 2012 22:35:51 -0800 Subject: [Dovecot] [BUMP] Unanswered: how to force FTS indexing? In-Reply-To: <m2zk2hnu3r.fsf@cube.luannocracy.com> References: <m2pq43k7n3.fsf@cone.luannocracy.com> <508C9C8A.8000309@hardwarefreak.com> <m2vcdpfkz7.fsf@cone.luannocracy.com> <m2zk2knsnf.fsf_-_@cone.luannocracy.com> <50A5B666.9090507@amfes.com> <m2zk2hnu3r.fsf@cube.luannocracy.com> Message-ID: <assp.166829000f.50A73047.7080706@amfes.com> On 11/16/2012 12:58 PM, Dave Abrahams wrote: > on Thu Nov 15 2012, "Daniel L. Miller" <dmiller-AT-amfes.com> wrote: > >> On 11/14/2012 6:52 AM, Dave Abrahams wrote: >>> Does anyone have an answer to this question? Should I simply issue an >>> IMAP search command, or is there a better way? >>> >> Put this in a cron script: >> >> doveadm search -A text zyxabcxyz > /dev/null >> >> That will perform a search through every mailbox on the system, >> indexing as it goes. The search query is unlikely to return much in >> the way of results, so log files won't fill up much. > That actually doesn't work for me. "doveadm index ..." does, though. > Use whatever works for you. The problem (for me) with "doveadm index" is it only works with the specified mailboxes. It can be done for all users - but only designated mailboxes. So a "doveadm index -A INBOX" will scan all inboxes - but none of the other folders. The search command I showed performs a recursive search that hits everything. -- Daniel From e-frog at gmx.de Sat Nov 17 09:27:36 2012 From: e-frog at gmx.de (e-frog) Date: Sat, 17 Nov 2012 08:27:36 +0100 Subject: [Dovecot] [BUMP] Unanswered: how to force FTS indexing? In-Reply-To: <assp.166829000f.50A73047.7080706@amfes.com> References: <m2pq43k7n3.fsf@cone.luannocracy.com> <508C9C8A.8000309@hardwarefreak.com> <m2vcdpfkz7.fsf@cone.luannocracy.com> <m2zk2knsnf.fsf_-_@cone.luannocracy.com> <50A5B666.9090507@amfes.com> <m2zk2hnu3r.fsf@cube.luannocracy.com> <assp.166829000f.50A73047.7080706@amfes.com> Message-ID: <50A73C68.1030307@gmx.de> On 17.11.2012 07:35, wrote Daniel L. Miller: > On 11/16/2012 12:58 PM, Dave Abrahams wrote: >> on Thu Nov 15 2012, "Daniel L. Miller" <dmiller-AT-amfes.com> wrote: >> >>> On 11/14/2012 6:52 AM, Dave Abrahams wrote: >>>> Does anyone have an answer to this question? Should I simply issue an >>>> IMAP search command, or is there a better way? >>>> >>> Put this in a cron script: >>> >>> doveadm search -A text zyxabcxyz > /dev/null >>> >>> That will perform a search through every mailbox on the system, >>> indexing as it goes. The search query is unlikely to return much in >>> the way of results, so log files won't fill up much. >> That actually doesn't work for me. "doveadm index ..." does, though. >> > > Use whatever works for you. The problem (for me) with "doveadm index" > is it only works with the specified mailboxes. It can be done for all > users - but only designated mailboxes. So a "doveadm index -A INBOX" > will scan all inboxes - but none of the other folders. The following works for me: doveadm index -A "*" > The search > command I showed performs a recursive search that hits everything. > From tim at titan21.co.uk Sat Nov 17 18:23:40 2012 From: tim at titan21.co.uk (Tim Smith) Date: Sat, 17 Nov 2012 16:23:40 +0000 Subject: [Dovecot] Different Mechanism for POP3 Message-ID: <50A7BA0C.7010207@titan21.co.uk> Just wondered if there was a way of making the PLAIN an authentication method for POP3S transactions only without making this an option for IMAP? I am attempting to connect to a POP3S server through the GMail interface available through "Accounts and Import". The issue is that there does not seem to be an option to specify the type of mechanism within their interface so I think I have to offer PLAIN along with SSL. Has anyone else had any experience of using the GMail import settings? -- Tim Smith Tel: 01423 564 078 Mob: 07984 398 299 Email: info at titan21.co.uk Web: www.titan21.co.uk From h.reindl at thelounge.net Sat Nov 17 21:55:49 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Sat, 17 Nov 2012 20:55:49 +0100 Subject: [Dovecot] Different Mechanism for POP3 In-Reply-To: <50A7BA0C.7010207@titan21.co.uk> References: <50A7BA0C.7010207@titan21.co.uk> Message-ID: <50A7EBC5.80303@thelounge.net> Am 17.11.2012 17:23, schrieb Tim Smith: > Just wondered if there was a way of making the PLAIN an authentication method for POP3S transactions only without > making this an option for IMAP? I am attempting to connect to a POP3S server through the GMail interface available > through "Accounts and Import". The issue is that there does not seem to be an option to specify the type of > mechanism within their interface so I think I have to offer PLAIN along with SSL. Has anyone else had any > experience of using the GMail import settings? why not simply allow PLAIN at all? nearly all modern clients are using CRAM-MD5 as default if offered as also SSL/TLS if offered - let your users decide which mech they are using, really, some of them my use whatever sync-tools like imapsync or whatever which should not bother you at all -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 261 bytes Desc: OpenPGP digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121117/198cf0b1/attachment-0004.bin> From raan at graand-visions.com Sun Nov 18 00:31:26 2012 From: raan at graand-visions.com (Raan Young) Date: Sat, 17 Nov 2012 14:31:26 -0800 Subject: [Dovecot] couple questions about dovecot Message-ID: <000001cdc513$4831dbd0$d8959370$@graand-visions.com> I am attempting to migrate an ancient IMAP server to Dovecot 2.0.9 running on CentOS 6.3, while trying to minimize the impact on users. Most are using Outlook. I have everything working, but have run into a couple of problems, neither horrible, but both weird. It started when I noticed Outlook shows the .subscriptions file in the folder listing. I figured out a way to prevent that (see below), but then decided to attempt the same tactic to move the .imap index structure out of the folder tree and ran into an interesting side-effect. The .subscriptions issue would seem to be a bug, since the documentation I found implies Dovecot should be hiding it from list requests - as it does for the .imap index structure. I made a workaround by using the below mail_location setting. This puts the .subscriptions file above the imap folder structure and hence outside the list scope. mail_location = mbox:~/imap:INBOX=~/mbox:CONTROL=~:INDEX=~/.imap You'll note I have also moved the .imap index. This works, but the full path to the index files has extra layers of .imap. For example, if a folder tree of imap/A/B/C/D exists, where D is the actual mbox format message file, then the index files are stored in .imap/A/B/C/.imap/D. Don't know if this is a bug or I'm misunderstanding something. Can you provide any insight or better solutions for either issue? Some clients are also using iPhones and/or roundcubemail for web access. Those do not have the .subscriptions issue. Raan From andre.bischof at rheinsinn.de Sun Nov 18 15:32:52 2012 From: andre.bischof at rheinsinn.de (Andre Bischof) Date: Sun, 18 Nov 2012 14:32:52 +0100 Subject: [Dovecot] users mail folders have to be subscribed Message-ID: <CADLvNSZJJgET1PGdPjZEnt4zrc0UPX15=FZQ2SihK+aUQz8ZZQ@mail.gmail.com> Hi, I did a migration from cyrus 2.2 to dovecot (fresh installation, details below) via cyrus2dovecot from FU Berlin. That worked, but I first was missing mails in subfolders ander Inbox. No I detected that they are in the users Maildir in folders in his directory. They are listed when using telnet: * LIST (\HasChildren) "." "INBOX.ebay" * LIST (\HasNoChildren) "." "INBOX.ebay.xj" But they are not shown in thunderbird, I have to subscribe to them one by one. I probably did something wrong and maybe messed up with namespace and seperator settings - it would be great if one could lead me out of that. The wiki was a great help installing and configuring everything, but now I'm stuck. I use dovecot 2.1.7 under Ubuntu 12.10: # dovecot -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.5.0-18-generic x86_64 Ubuntu 12.10 auth_verbose = yes mail_debug = yes mail_location = maildir:~/Maildir managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation s ubaddress comparator-i;ascii-numeric relational regex imap4flags copy include variab les body enotify environment mailbox date ihave namespace inbox { inbox = yes list = yes location = prefix = separator = . type = private } passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } postmaster_address = postmaster at localhost protocols = imap pop3 sieve service auth { unix_listener /var/spool/postfix/private/dovecot-auth { group = postfix mode = 0660 user = postfix } } ssl_cert = </etc/ssl/certs/dovecot.pem ssl_cipher_list = ALL:!LOW:!SSLv2:ALL:!aNULL:!ADH:!eNULL:!EXP:RC4+RSA:+HIGH:+MEDIUM ssl_key = </etc/ssl/private/dovecot.pem userdb { driver = passwd } protocol imap { imap_client_workarounds = delay-newmail mail_max_userip_connections = 10 } protocol pop3 { mail_max_userip_connections = 10 pop3_client_workarounds = outlook-no-nuls oe-ns-eoh } } ssl_cert = </etc/ssl/certs/dovecot.pem ssl_cipher_list = ALL:!LOW:!SSLv2:ALL:!aNULL:!ADH:!eNULL:!EXP:RC4+RSA:+HIGH:+MEDIUM ssl_key = </etc/ssl/private/dovecot.pem userdb { driver = passwd } protocol imap { imap_client_workarounds = delay-newmail mail_max_userip_connections = 10 } protocol pop3 { mail_max_userip_connections = 10 pop3_client_workarounds = outlook-no-nuls oe-ns-eoh } protocol lda { deliver_log_format = msgid=%m: %$ mail_plugins = sieve sieve postmaster_address = postmaster quota_full_tempfail = yes rejection_reason = Your message to <%t> was automatically rejected:%n%r } Any help is greatly appreciated! Regards Andre From CMarcus at Media-Brokers.com Sun Nov 18 16:18:23 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Sun, 18 Nov 2012 09:18:23 -0500 Subject: [Dovecot] Different Mechanism for POP3 In-Reply-To: <50A7EBC5.80303@thelounge.net> References: <50A7BA0C.7010207@titan21.co.uk> <50A7EBC5.80303@thelounge.net> Message-ID: <50A8EE2F.8010407@Media-Brokers.com> On 2012-11-17 2:55 PM, Reindl Harald <h.reindl at thelounge.net> wrote: > Am 17.11.2012 17:23, schrieb Tim Smith: >> Just wondered if there was a way of making the PLAIN an authentication method for POP3S transactions only without making this an option for IMAP? I am attempting to connect to a POP3S server through the GMail interface available through "Accounts and Import". The issue is that there does not seem to be an option to specify the type of mechanism within their interface so I think I have to offer PLAIN along with SSL. Has anyone else had any experience of using the GMail import settings? > why not simply allow PLAIN at all? +1... as long as you only allow encrypted sessions, there is no security danger allowing PLAIN... -- Best regards, Charles From stroetgen at gei.de Sun Nov 18 16:54:00 2012 From: stroetgen at gei.de (=?ISO-8859-1?Q?Robert_Str=F6tgen?=) Date: Sun, 18 Nov 2012 15:54:00 +0100 Subject: [Dovecot] panic fts_solr for bad attachment Message-ID: <50A8F688.2040802@gei.de> Hi! I use dovecot 2.1.7 on Ubuntu 12.10 with fts_solr und decode2text.sh for indexing attachments. This works great in general. Just for one user there is a problem with an unknown bad attachment. I run "doveadm index -A '*'". After a while I receive: doveadm(xyz): Error: fts_solr: Invalid XML input at line 1: mismatched tag doveadm(xyz): Panic: file solr-connection.c: line 545 (solr_connection_post_more): assertion failed: (maxfd >= 0) doveadm(xyz): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x3c14a) [0x7f7ce2c1714a] -> /usr/lib/dovecot/libdovecot.so.0(default_fatal_handler+0x2a) [0x7f7ce2c1720a] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f7ce2bee81a] -> /usr/lib/dovecot/modules/lib21_fts_solr_plugin.so(solr_connection_post_more+0x249) [0x7f7ce11913a9] -> /usr/lib/dovecot/modules/lib21_fts_solr_plugin.so(+0x4597) [0x7f7ce118e597] -> /usr/lib/dovecot/modules/lib20_fts_plugin.so(+0x6f57) [0x7f7ce159df57] -> /usr/lib/dovecot/modules/lib20_fts_plugin.so(fts_build_mail+0xf5) [0x7f7ce159e085] -> /usr/lib/dovecot/modules/lib20_fts_plugin.so(+0xba70) [0x7f7ce15a2a70] -> doveadm(+0x15309) [0x7f7ce35cc309] -> doveadm(+0x11f36) [0x7f7ce35c8f36] -> doveadm(+0x12bf1) [0x7f7ce35c9bf1] -> doveadm(doveadm_mail_try_run+0x161) [0x7f7ce35c9ed1] -> doveadm(main+0x3d1) [0x7f7ce35c8ae1] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed) [0x7f7ce283d76d] -> doveadm(+0x11d15) [0x7f7ce35c8d15] In catalina out I find: Nov 18, 2012 2:59:09 PM org.apache.solr.common.SolrException log SEVERE: org.apache.solr.common.SolrException: Invalid UTF-8 start byte 0xfc (at char #25214836, byte #26687495) at org.apache.solr.handler.XMLLoader.load(XMLLoader.java:81) at org.apache.solr.handler.ContentStreamHandlerBase.handleRequestBody(ContentStreamHandlerBase.java:58) at org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:129) at org.apache.solr.core.SolrCore.execute(SolrCore.java:1376) at org.apache.solr.servlet.SolrDispatchFilter.execute(SolrDispatchFilter.java:365) at org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:260) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.apache.catalina.valves.RequestFilterValve.process(RequestFilterValve.java:316) at org.apache.catalina.valves.RemoteAddrValve.invoke(RemoteAddrValve.java:81) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:859) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:602) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489) at java.lang.Thread.run(Thread.java:722) Caused by: com.ctc.wstx.exc.WstxIOException: Invalid UTF-8 start byte 0xfc (at char #25214836, byte #26687495) at com.ctc.wstx.sr.StreamScanner.constructFromIOE(StreamScanner.java:625) at com.ctc.wstx.sr.StreamScanner.loadMore(StreamScanner.java:994) at com.ctc.wstx.sr.StreamScanner.getNext(StreamScanner.java:754) at com.ctc.wstx.sr.BasicStreamReader.nextFromTree(BasicStreamReader.java:2691) at com.ctc.wstx.sr.BasicStreamReader.next(BasicStreamReader.java:1065) at org.apache.solr.handler.XMLLoader.readDoc(XMLLoader.java:309) at org.apache.solr.handler.XMLLoader.processUpdate(XMLLoader.java:156) at org.apache.solr.handler.XMLLoader.load(XMLLoader.java:79) ... 19 more Caused by: java.io.CharConversionException: Invalid UTF-8 start byte 0xfc (at char #25214836, byte #26687495) at com.ctc.wstx.io.UTF8Reader.reportInvalidInitial(UTF8Reader.java:303) at com.ctc.wstx.io.UTF8Reader.read(UTF8Reader.java:189) at com.ctc.wstx.io.ReaderSource.readInto(ReaderSource.java:87) at com.ctc.wstx.io.BranchingReaderSource.readInto(BranchingReaderSource.java:57) at com.ctc.wstx.sr.StreamScanner.loadMore(StreamScanner.java:988) ... 25 more doveadm index stops after this error. How can I make doveadm just to skip the error and to continue indexing? Thanks Robert -- Robert Str?tgen Abteilungsleiter Informationsmanagement und Publikationen Georg-Eckert-Institut f?r internationale Schulbuchforschung Celler Str. 3 38114 Braunschweig Tel. +49 (0)531 59099-47 & +49 (0)531 123103-205 Fax +49 (0)531 59099-99 http://www.gei.de/ From dave at boostpro.com Sun Nov 18 16:57:28 2012 From: dave at boostpro.com (Dave Abrahams) Date: Sun, 18 Nov 2012 09:57:28 -0500 Subject: [Dovecot] [BUMP] Unanswered: how to force FTS indexing? References: <m2pq43k7n3.fsf@cone.luannocracy.com> <508C9C8A.8000309@hardwarefreak.com> <m2vcdpfkz7.fsf@cone.luannocracy.com> <m2zk2knsnf.fsf_-_@cone.luannocracy.com> <50A5B666.9090507@amfes.com> <m2zk2hnu3r.fsf@cube.luannocracy.com> <assp.166829000f.50A73047.7080706@amfes.com> Message-ID: <m2k3tjgdrb.fsf@boostpro.com> on Sat Nov 17 2012, "Daniel L. Miller" <dmiller-AT-amfes.com> wrote: > On 11/16/2012 12:58 PM, Dave Abrahams wrote: >> on Thu Nov 15 2012, "Daniel L. Miller" <dmiller-AT-amfes.com> wrote: >> >>> On 11/14/2012 6:52 AM, Dave Abrahams wrote: >>>> Does anyone have an answer to this question? Should I simply issue an >>>> IMAP search command, or is there a better way? >>>> >>> Put this in a cron script: >>> >>> doveadm search -A text zyxabcxyz > /dev/null >>> >>> That will perform a search through every mailbox on the system, >>> indexing as it goes. The search query is unlikely to return much in >>> the way of results, so log files won't fill up much. >> That actually doesn't work for me. "doveadm index ..." does, though. >> > > Use whatever works for you. The problem (for me) with "doveadm index" > is it only works with the specified mailboxes. It can be done for all > users - but only designated mailboxes. So a "doveadm index -A INBOX" > will scan all inboxes - but none of the other folders. The search > command I showed performs a recursive search that hits everything. I take it back; I'm not sure if "doveadm search" causes re-indexing. However, I *know* issuing a search command from a Python IMAP library doesn't do so. -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From zaphod at tdl.com Sun Nov 18 18:04:57 2012 From: zaphod at tdl.com (Chuck Cochems) Date: Sun, 18 Nov 2012 09:04:57 -0700 Subject: [Dovecot] whoson plugin for 2.0 In-Reply-To: <50A6CF8A.40202@localhost.localdomain.org> References: <50A5B2B2.40409@tdl.com> <50A68BA7.4080500@localhost.localdomain.org> <50A6BC6A.6070504@tdl.com> <50A6CF8A.40202@localhost.localdomain.org> Message-ID: <50A90729.7000608@tdl.com> On 11/16/2012 4:43 PM, Pascal Volk wrote: > On 11/16/2012 11:21 PM Chuck Cochems wrote: >> ? >> I need to return both the IP and the email address as a string to drop >> it into the old code. >> ? > > You could check the code of the `doveadm who` command > <http://wiki2.dovecot.org/Tools/Doveadm/Who>. It shows both, the user > name and the IP address. That's not much better... I just want the bare minimum of code to do this. The 1.x code was so simple, and i just want a 2.0 equivalent. is that so wrong? :) WHy the heck did they remove those incredibly useful environment variables anyway? From survietamine.droid at gmail.com Sun Nov 18 21:12:38 2012 From: survietamine.droid at gmail.com (Surviet Amine) Date: Sun, 18 Nov 2012 20:12:38 +0100 Subject: [Dovecot] advices for a new installation Message-ID: <CAORAmk2r51CUziuDDAiWRJNeHueyb_SW159mxxi4DixHJ7Zi0g@mail.gmail.com> hello everyone, first of all, please forgive my bad english skill, I live in France. On our "old" Dovecot 1.x architecture, we have NFS shares between the front servers (MTA, IMAP...) and mail storage server. I've read some wiki2 pages that present the new director and imap proxy. But I'm still don't see things clearly, so I post here to have your advices to set-up a new mail architecture. The hardware we have : - 24x hard drives in a SAS bay - this bay is directly attached via SAS to a server that I'll call : mail storage server - 2 others servers run ProxMox Virtual Environment The PVE will help us to get many virtual servers : - MX : "mail in" servers - IMAP/POP : our hosted clients services These clients may come from webmail (RoundCube) and others clients (Outlook, Thunderbird, mobile clients...) - RoundCube webmail - MySQL server (hosts in databases accounts and settings for Postfix, Dovecot and RoundCube) - maybe antivirus and antispam servers I've read several threads about NFS and IMAP issues. So I decided to not keeping it. In this scenario, I've tried for the mail receiving part : - front-end (postfix lmtp-client) to mail storage server (lmtp server) that seems to runs fine, now i'll must try to add antispam and antivirus scans Now, for the IMAP part, could you, please tell me, if it is better to : - have several IMAP frontend servers that proxy to the mail storage server or - still keeps NFS between the mail storage server and the frontends Dovecot ? On our Dovecot 1.x webmail use imapproxy. I've read that others proxies exist. We have used for a limited time Perdition. What is the differences between imapproxy, Perdition, nginx imap proxy and Dovecot proxy ? Thanks for sharing your experience of "large mail service" that are solid enought to be scaled. From daniel.parthey at informatik.tu-chemnitz.de Sun Nov 18 21:38:22 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sun, 18 Nov 2012 20:38:22 +0100 Subject: [Dovecot] users mail folders have to be subscribed In-Reply-To: <CADLvNSZJJgET1PGdPjZEnt4zrc0UPX15=FZQ2SihK+aUQz8ZZQ@mail.gmail.com> References: <CADLvNSZJJgET1PGdPjZEnt4zrc0UPX15=FZQ2SihK+aUQz8ZZQ@mail.gmail.com> Message-ID: <20121118193822.GA7565@daniel.localdomain> Andre Bischof wrote: > I did a migration from cyrus 2.2 to dovecot (fresh installation, details > below) via cyrus2dovecot from FU Berlin. That worked, but I first was > missing mails in subfolders ander Inbox. No I detected that they are in the > users Maildir in folders in his directory. They are listed when using > telnet: > > * LIST (\HasChildren) "." "INBOX.ebay" > * LIST (\HasNoChildren) "." "INBOX.ebay.xj" > > But they are not shown in thunderbird, I have to subscribe to them one by > one. I probably did something wrong and maybe messed up with namespace and > seperator settings - it would be great if one could lead me out of that. > The wiki was a great help installing and configuring everything, but now > I'm stuck. Unsubscribed mailboxes are not shown in thunderbird, while subscriptions being stored server side, not in your local thunderbird. You can use this command to subscribe one or more mailboxes: doveadm mailbox subscribe [-A|-u user] [-S socket_path] mailbox ... This should subscribe all mailboxes of a specific user (-A for all users): doveadm mailbox subscribe -u user at example.com "*" You can set this configuration option to auto-subscribe new folders: lda_mailbox_autosubscribe = yes Regards Daniel -- https://plus.google.com/103021802792276734820 From andre.bischof at rheinsinn.de Mon Nov 19 00:29:25 2012 From: andre.bischof at rheinsinn.de (Andre Bischof) Date: Sun, 18 Nov 2012 23:29:25 +0100 Subject: [Dovecot] users mail folders have to be subscribed In-Reply-To: <20121118193822.GA7565@daniel.localdomain> References: <CADLvNSZJJgET1PGdPjZEnt4zrc0UPX15=FZQ2SihK+aUQz8ZZQ@mail.gmail.com> <20121118193822.GA7565@daniel.localdomain> Message-ID: <CADLvNSZQCRDenkENPHc9wkv6BHaoA+rfsVoy_53r2SSpoCc_PA@mail.gmail.com> 2012/11/18 Daniel Parthey <daniel.parthey at informatik.tu-chemnitz.de> > Andre Bischof wrote: > > I did a migration from cyrus 2.2 to dovecot (fresh installation, details > > below) via cyrus2dovecot from FU Berlin. That worked, but I first was > > missing mails in subfolders ander Inbox. No I detected that they are in > the > > users Maildir in folders in his directory. They are listed when using > > telnet: > > > > * LIST (\HasChildren) "." "INBOX.ebay" > > * LIST (\HasNoChildren) "." "INBOX.ebay.xj" > > > > But they are not shown in thunderbird, I have to subscribe to them one by > > one. I probably did something wrong and maybe messed up with namespace > and > > seperator settings - it would be great if one could lead me out of that. > > The wiki was a great help installing and configuring everything, but now > > I'm stuck. > > Unsubscribed mailboxes are not shown in thunderbird, while subscriptions > being stored server side, not in your local thunderbird. > > Hi Daniel, thank you, I guess that will be helpful - but before trying it, I would like to get one thing clear, which could be the reason for my misunderstandings: IMHO I don't need any subscriptions, I would like to appear the imported cyrus folders and subfolders as subfolders in dovecot. The directory structure seperated by '.' in the folders names in my Maildir is exactly how I would like to have it in Thunderbird. Do I need subscriptions for that (I always thought subscriptions are to subscribe to other users folders, shared by them) or should I have that any other way? > You can use this command to subscribe one or more mailboxes: > doveadm mailbox subscribe [-A|-u user] [-S socket_path] mailbox ... > > This should subscribe all mailboxes of a specific user (-A for all users): > doveadm mailbox subscribe -u user at example.com "*" > > You can set this configuration option to auto-subscribe new folders: > lda_mailbox_autosubscribe = yes > > I will set this, thanks. Regards Andre From daniel.parthey at informatik.tu-chemnitz.de Mon Nov 19 00:59:40 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sun, 18 Nov 2012 23:59:40 +0100 Subject: [Dovecot] users mail folders have to be subscribed In-Reply-To: <CADLvNSZQCRDenkENPHc9wkv6BHaoA+rfsVoy_53r2SSpoCc_PA@mail.gmail.com> References: <CADLvNSZJJgET1PGdPjZEnt4zrc0UPX15=FZQ2SihK+aUQz8ZZQ@mail.gmail.com> <20121118193822.GA7565@daniel.localdomain> <CADLvNSZQCRDenkENPHc9wkv6BHaoA+rfsVoy_53r2SSpoCc_PA@mail.gmail.com> Message-ID: <20121118225940.GA7581@daniel.localdomain> Andre Bischof wrote: > 2012/11/18 Daniel Parthey <daniel.parthey at informatik.tu-chemnitz.de> > > Unsubscribed mailboxes are not shown in thunderbird, while subscriptions > > being stored server side, not in your local thunderbird. > > IMHO I don't need any subscriptions, I would like to appear the imported > cyrus folders and subfolders as subfolders in dovecot. The directory > structure seperated by '.' in the folders names in my Maildir is exactly > how I would like to have it in Thunderbird. No, strictly speaking you don't need subscriptions, but Thunderbird is configured to display only subscribed folders by default. You can configure thunderbird to not use subscriptions: Edit > Settings > Edit configuration mail.server.default.using_subscription false Under Account Settings > Server Settings > Extended you have the possibility to only display subscribed folders. So you might want to remove the checkmark in order to display even unsubscribed folders. Regards Daniel -- https://plus.google.com/103021802792276734820 From sven at svenhartge.de Mon Nov 19 01:03:18 2012 From: sven at svenhartge.de (Sven Hartge) Date: Mon, 19 Nov 2012 00:03:18 +0100 Subject: [Dovecot] users mail folders have to be subscribed References: <CADLvNSZJJgET1PGdPjZEnt4zrc0UPX15=FZQ2SihK+aUQz8ZZQ@mail.gmail.com> <20121118193822.GA7565@daniel.localdomain> <CADLvNSZQCRDenkENPHc9wkv6BHaoA+rfsVoy_53r2SSpoCc_PA@mail.gmail.com> Message-ID: <899ee7qld4v8@mids.svenhartge.de> Andre Bischof <andre.bischof at rheinsinn.de> wrote: > 2012/11/18 Daniel Parthey <daniel.parthey at informatik.tu-chemnitz.de> >> Unsubscribed mailboxes are not shown in thunderbird, while subscriptions >> being stored server side, not in your local thunderbird. > thank you, I guess that will be helpful - but before trying it, I > would like to get one thing clear, which could be the reason for my > misunderstandings: > IMHO I don't need any subscriptions, I would like to appear the > imported cyrus folders and subfolders as subfolders in dovecot. The > directory structure seperated by '.' in the folders names in my > Maildir is exactly how I would like to have it in Thunderbird. > Do I need subscriptions for that (I always thought subscriptions are > to subscribe to other users folders, shared by them) or should I have > that any other way? "supscription" in IMAP-speak is the server telling the client: show this folder to the user. There is no differentiation between your folders an other users folders. Your problem is that during your conversion from cyrus to dovecot your subscriptions got lost. Maybe because the folder structure changed and no longer matches the server-stored subscription or because the server-stored subscription was not converted at all. Gr??e, S? -- Sigmentation fault. Core dumped. From nicolas.kowalski at gmail.com Mon Nov 19 12:09:48 2012 From: nicolas.kowalski at gmail.com (Nicolas KOWALSKI) Date: Mon, 19 Nov 2012 11:09:48 +0100 Subject: [Dovecot] Initial status notification not received In-Reply-To: <20121116141259.GA9371@petole.demisel.net> References: <20121116141259.GA9371@petole.demisel.net> Message-ID: <20121119100948.GA19772@petole.demisel.net> Hello, Has anybody some suggestions about the problem below? I see in the archives (http://thread.gmane.org/gmane.mail.imap.dovecot/67077) that someone also has (had?) this problem; a cronjob workaround was used, but no dovecot solution was given. Thanks, Nicolas On Fri, Nov 16, 2012 at 03:12:59PM +0100, Nicolas KOWALSKI wrote: > Hello, > > We have SLES-11 SP2 Xen VMs running dovecot as IMAP proxies. At VMs > startup, dovecot almost always shows these errors: > > Nov 16 14:29:19 server dovecot: master: Dovecot v2.1.10 starting up (core dumps disabled) > Nov 16 14:29:55 server dovecot: master: Error: service(anvil): Initial status notification not received in 30 seconds, killing the process > Nov 16 14:29:55 server dovecot: master: Error: service(log): Initial status notification not received in 30 seconds, killing the process > Nov 16 14:29:55 server dovecot: master: Error: service(ssl-params): Initial status notification not received in 30 seconds, killing the process > Nov 16 14:29:55 server dovecot: master: Error: service(log): child 3591 killed with signal 9 > > As the last line tells, dovecot stops logging information. We have to > restart the dovecot processes to get back normal behaviour. I also tried > to set idle_kill values to services definitions, without success. > > Is there a way to prevent these errors? > > > Here is the dovecot -n output: > > # 2.1.10: /etc/dovecot/dovecot.conf > # OS: Linux 3.0.42-0.7-xen x86_64 SUSE Linux Enterprise Server 11 > (x86_64) > default_client_limit = 4096 > default_idle_kill = 5 mins > default_process_limit = 16384 > listen = 10.254.251.18 > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = > } > passdb { > args = /etc/dovecot/dovecot-ldap.conf.ext > driver = ldap > } > plugin { > sieve = ~/.dovecot.sieve > sieve_dir = ~/sieve > } > protocols = imap sieve > service anvil { > client_limit = 65536 > idle_kill = 0 > } > service auth { > client_limit = 32768 > } > service imap-login { > inet_listener imap { > port = 0 > } > } > service imap { > process_limit = 0 > } > service log { > idle_kill = 0 > } > service managesieve { > process_limit = 0 > } > service ssl-params { > idle_kill = 0 > } > ssl_ca = </etc/dovecot/ssl/ca.pem > ssl_cert = </etc/dovecot/ssl/server-crt.pem > ssl_key = </etc/dovecot/ssl/server-key.pem > userdb { > args = /etc/dovecot/dovecot-ldap.conf.ext > driver = ldap > } > protocol sieve { > passdb { > args = /etc/dovecot/dovecot-ldap-sieve.conf.ext > driver = ldap > } > } > > > Thanks, > -- > Nicolas -- Nicolas From andre.bischof at rheinsinn.de Mon Nov 19 12:27:47 2012 From: andre.bischof at rheinsinn.de (Andre Bischof) Date: Mon, 19 Nov 2012 11:27:47 +0100 Subject: [Dovecot] users mail folders have to be subscribed In-Reply-To: <899ee7qld4v8@mids.svenhartge.de> References: <CADLvNSZJJgET1PGdPjZEnt4zrc0UPX15=FZQ2SihK+aUQz8ZZQ@mail.gmail.com> <20121118193822.GA7565@daniel.localdomain> <CADLvNSZQCRDenkENPHc9wkv6BHaoA+rfsVoy_53r2SSpoCc_PA@mail.gmail.com> <899ee7qld4v8@mids.svenhartge.de> Message-ID: <CADLvNSayLhZ39zjvmBqpkYOteFTbdWAMrTGNnD=LrSLRE59-pQ@mail.gmail.com> Sven, Daniel, 2012/11/19 Sven Hartge <sven at svenhartge.de> > Andre Bischof <andre.bischof at rheinsinn.de> wrote: > > 2012/11/18 Daniel Parthey <daniel.parthey at informatik.tu-chemnitz.de> > ... > > "supscription" in IMAP-speak is the server telling the client: show this > folder to the user. > > There is no differentiation between your folders an other users folders. > > Your problem is that during your conversion from cyrus to dovecot your > subscriptions got lost. Maybe because the folder structure changed and > no longer matches the server-stored subscription or because the > server-stored subscription was not converted at all. > > Ah, now I understand. Thanks to Daniel I now know how I could tune Thunderbird accordingly, but I prefer to have it solved server-side, thus not tweaking every client I use from different computers. Sven, I believe subscription have been lost while converting from cyrus to dovecot, and I understand that I should use the commands shown by Daniel to subscribe this folders one time server side, and my problems should be solved no matter which clients I use (I put lda_mailbox_autosubscribe = yes already): doveadm mailbox subscribe -u user at example.com "*" One more question: Should the user for "-u" be the system user the mailboxes belong to or has the user to be written in form of an email adress (user at localhost / user at n.dyndns.org)? Regards From Benoit.Branciard at univ-paris1.fr Mon Nov 19 14:06:50 2012 From: Benoit.Branciard at univ-paris1.fr (Benoit Branciard) Date: Mon, 19 Nov 2012 13:06:50 +0100 Subject: [Dovecot] upgrade 1.0.15 -> 2.1.7: MBOX index compatibility and performance Message-ID: <50AA20DA.1060406@univ-paris1.fr> Hi, we just upgraded our mailserver from Dovecot 1.0.15 to Dovecot 2.1.7. We use MBOX format (due to legacy compatibility), system users, PAM+GSSAPI auth, filesystem quotas, and indexes located on a separate filesystem: mail_location = mbox:~/mail:INBOX=~/mail/INBOX:INDEX=/var/cache/dovecot/indexes/%16Hu/%u The 2.1.7 configuration files have been rewritten based on default templates instead of converting it from 1.0.15. The server has ~8000 mailboxes and about ~2000 simultaneous IMAP/POP active connexions. The problem is: - indexes seem to be rebuilt: first IMAP/POP connexion for each user thows lots of error messages in the log, and the global index size decreases. Example error log: Nov 19 08:56:38 myhost dovecot: imap(myuser): Error: Cached message size larger than expected (27884 > 27855) Nov 19 08:56:38 myhost dovecot: imap(myuser): Error: Corrupted index cache file /var/cache/dovecot/indexes/4/myuser/.imap/INBOX/dovecot.index.cache: Broken physical size for mail UID 4414 Nov 19 08:56:38 myhost dovecot: imap(myuser): Error: Cached message size larger than expected (27884 > 27855) Nov 19 08:56:38 myhost dovecot: imap(myuser): Error: Corrupted index cache file /var/cache/dovecot/indexes/4/myuser/.imap/INBOX/dovecot.index.cache: Broken physical size for mail UID 4414 Nov 19 08:56:38 myhost dovecot: imap(myuser): Error: Cached message size larger than expected (27884 > 27855) Nov 19 08:56:38 myhost dovecot: imap(myuser): Error: Corrupted index cache file /var/cache/dovecot/indexes/4/myuser/.imap/INBOX/dovecot.index.cache: Broken physical size for mail UID 4414 Nov 19 08:56:38 myhost dovecot: imap(myuser): Error: Cached message size larger than expected (27884 > 27855) Nov 19 08:56:38 myhost dovecot: imap(myuser): Error: Corrupted index cache file /var/cache/dovecot/indexes/4/myuser/.imap/INBOX/dovecot.index.cache: Broken physical size for mail UID 4414 Nov 19 08:56:38 myhost dovecot: imap(myuser): Error: copy: i_stream_read() failed: Input/output error Nov 19 08:56:38 myhost dovecot: imap(myuser): Error: Cached message size larger than expected (27884 > 27855) Nov 19 08:56:38 myhost dovecot: imap(myuser): Error: Corrupted index cache file /var/cache/dovecot/indexes/4/myuser/.imap/INBOX/dovecot.index.cache: Broken physical size for mail UID 4414 - load average is extremely high (more than 10x the usual one), resulting from an significant increase of disk I/O, and for now (4h after the "monday rush") this doesn't seem to decrease. Questions: - are 1.05 indexes supposed to be backward compatible with Dovecot 2.1.7 ? - are there some technical reasons which could explain the increase of disk I/O, apart from index rebuild ? -- Benoit BRANCIARD Service InfraStructures (SIS) - Direction du Syst?me d'Information (DSI) Universit? Paris 1 Panth?on-Sorbonne Centre Pierre Mend?s France B 406 - 90, rue de Tolbiac - 75634 Paris cedex 13 - France T?l : +33 1 44 07 89 68 - Fax : +33 1 44 07 89 66 Accueil t?l. : +33 1 44 07 89 65 Assistance : assistance-dsi at univ-paris1.fr Web : http://dsi.univ-paris1.fr -- Ce message a ete verifie par MailScanner pour des virus ou des polluriels et rien de suspect n'a ete trouve. From rgelfand2 at gmail.com Mon Nov 19 15:48:50 2012 From: rgelfand2 at gmail.com (Roman Gelfand) Date: Mon, 19 Nov 2012 08:48:50 -0500 Subject: [Dovecot] Data Store Synchronization Message-ID: <CAJbW+rnDSG3ee=-+g=x2Kx2VM=-6q6VB_Tn7gM0Yqw6RFdPvew@mail.gmail.com> Is there a way to synchronize dovecote mail store with another mail store, like zarafa, via imap or pop3? Thanks in advance From km at mathcs.emory.edu Mon Nov 19 16:02:27 2012 From: km at mathcs.emory.edu (Ken Mandelberg) Date: Mon, 19 Nov 2012 09:02:27 -0500 Subject: [Dovecot] fs_flush_file_handle_cache_dir: rmdir(/var/mail) AGAIN Message-ID: <50AA3BF3.6060802@mathcs.emory.edu> We are running Dovecot 2.0.12. It runs on only one server and /var/mail is local where all the INBOX's are stored. Users other IMAP folders are NFS mounted on the server. We see frequent Error: nfs_flush_file_handle_cache_dir: rmdir(/var/mail) failed: Device busy I know this error message has been around a long time. Should we still be seeing it on 2.0.12 with a local /var/mail. Perhaps the message is misleading and really complaining about folders other than INBOX that are NFS mounted. Our config has dovecot.conf:mail_nfs_index = no dovecot.conf:mail_nfs_storage = yes is that correct given the above? Also, does the flush error messages have any real consequences? My understanding is that the rmdir is meant to fail, just to force a flush. From rs at sys4.de Mon Nov 19 16:05:20 2012 From: rs at sys4.de (Robert Schetterer) Date: Mon, 19 Nov 2012 15:05:20 +0100 Subject: [Dovecot] Data Store Synchronization In-Reply-To: <CAJbW+rnDSG3ee=-+g=x2Kx2VM=-6q6VB_Tn7gM0Yqw6RFdPvew@mail.gmail.com> References: <CAJbW+rnDSG3ee=-+g=x2Kx2VM=-6q6VB_Tn7gM0Yqw6RFdPvew@mail.gmail.com> Message-ID: <50AA3CA0.5060507@sys4.de> Am 19.11.2012 14:48, schrieb Roman Gelfand: > Is there a way to synchronize dovecote mail store with another mail > store, like zarafa, via imap or pop3? > > Thanks in advance > depends "what" sync you goal search www for i.e imapsync getmail or more filesystem related rsync dsync Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From trusktr at gmail.com Mon Nov 19 16:17:33 2012 From: trusktr at gmail.com (/#!/JoePea) Date: Mon, 19 Nov 2012 06:17:33 -0800 Subject: [Dovecot] Dovecot sieve with postfix. Message-ID: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> Hi all, I can't get dovecot working with postfix. If I leave virtual_transport set to "virtual", I can send and receive messages just fine in roundcube. If I set virtual_transport to "dovecot", I can only send messages in roundcube, but incoming messages never arrive. Seems I can't get dovecot-lda to work. I need dovecot-lda in order for sieve filters to work. Any idea what I'm doing wrong? Here's `doveconf -n`: http://pastie.org/5401133 `postconf -n`: http://pastie.org/5401157 and `postconf -M`: http://pastie.org/5401177 Note: All I have to do is change virtual_transport = dovecot to virtual_transport = virtual and all will be fine, except for that I won't have sieve filtering which is what I really want. */#!/*JoePea From pipefab at mweb.co.za Mon Nov 19 17:49:43 2012 From: pipefab at mweb.co.za (Hendrik) Date: Mon, 19 Nov 2012 17:49:43 +0200 Subject: [Dovecot] Unsuscribe Message-ID: <006801cdc66d$7e971d60$7bc55820$@mweb.co.za> Please unsubscribe me From user+dovecot at localhost.localdomain.org Mon Nov 19 17:51:22 2012 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Mon, 19 Nov 2012 16:51:22 +0100 Subject: [Dovecot] Unsuscribe In-Reply-To: <006801cdc66d$7e971d60$7bc55820$@mweb.co.za> References: <006801cdc66d$7e971d60$7bc55820$@mweb.co.za> Message-ID: <50AA557A.2060001@localhost.localdomain.org> On 11/19/2012 04:49 PM Hendrik wrote: > Please unsubscribe me The header of your message contains: List-Unsubscribe: <http://dovecot.org/cgi-bin/mailman/options/dovecot>, <mailto:dovecot-request at dovecot.org?subject=unsubscribe> Regards, Pascal -- The trapper recommends today: defaced.1232416 at localdomain.org From h.reindl at thelounge.net Mon Nov 19 17:51:45 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Mon, 19 Nov 2012 16:51:45 +0100 Subject: [Dovecot] Unsuscribe In-Reply-To: <006801cdc66d$7e971d60$7bc55820$@mweb.co.za> References: <006801cdc66d$7e971d60$7bc55820$@mweb.co.za> Message-ID: <50AA5591.7060200@thelounge.net> Am 19.11.2012 16:49, schrieb Hendrik: > Please unsubscribe me whay do people not read nor understand welcome messages of mailing-lists? unsubscribe yourself because we can NOT and we want not too List-Unsubscribe: <http://dovecot.org/cgi-bin/mailman/options/dovecot>, <mailto:dovecot-request at dovecot.org?subject=unsubscribe> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 261 bytes Desc: OpenPGP digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121119/28da65a6/attachment-0004.bin> From ben at morrow.me.uk Mon Nov 19 18:47:54 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Mon, 19 Nov 2012 16:47:54 +0000 Subject: [Dovecot] Dovecot sieve with postfix. In-Reply-To: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> References: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> Message-ID: <20121119164753.GK94077@anubis.morrow.me.uk> At 6AM -0800 on 19/11/12 you (/#!/JoePea) wrote: > > I can't get dovecot working with postfix. If I leave virtual_transport set > to "virtual", I can send and receive messages just fine in roundcube. If I > set virtual_transport to "dovecot", I can only send messages in roundcube, > but incoming messages never arrive. Seems I can't get dovecot-lda to work. > I need dovecot-lda in order for sieve filters to work. > > Any idea what I'm doing wrong? > > Here's `doveconf -n`: > http://pastie.org/5401133 > > `postconf -n`: > http://pastie.org/5401157 > > and `postconf -M`: > http://pastie.org/5401177 The only obvious thing I can see wrong there is that you have mail_plugins = " sieve" in dovecot.conf, which should be mail_plugins = sieve but I don't know that that would prevent delivery. Is Postfix deferring the message, or does it think it's been delivered? What do you see in your logs when a message is delivered (since you've redirected Dovecot away from syslog, you'd need to look at both Postfix's and Dovecot's logs)? What happens if you feed a message to dovecot-lda manually, as 'mailman'? Check the exitcode of lda and the logs, as well as seeing if the message was delivered. Since you've set up a dedicated transport for Dovecot, it would probably be worth using LMTP instead of the LDA. It should be more efficient, and since you're only using a single virtual user you can tell dovecot to run the LMTP server as 'mailman' instead of root. Ben From root at doctor.nl2k.ab.ca Sun Nov 18 02:23:43 2012 From: root at doctor.nl2k.ab.ca (Dave Shariff Yadallee - System Administrator a.k.a. The Root of the Problem) Date: Sat, 17 Nov 2012 17:23:43 -0700 Subject: [Dovecot] ACL and SSL Message-ID: <20121118002343.GA18703@doctor.nl2k.ab.ca> Finally got Dovecot to work on ports 100 and 143. I would like to a) Learn about ACL esp on port 110 as there are still yodellaks that try to brake in on port 110. b) Setting up separate SSL cert for imaps and pop3s. -- For effective Internet Etiquette and communications read http://catb.org/jargon/html/T/top-post.html, http://idallen.com/topposting.html & http://www.caliburn.nl/topposting.html -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From dfischer at fi4it.de Mon Nov 19 19:04:37 2012 From: dfischer at fi4it.de (Fi4IT - Daniel Fischer) Date: Mon, 19 Nov 2012 18:04:37 +0100 Subject: [Dovecot] Dovecot sieve with postfix. In-Reply-To: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> References: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> Message-ID: <50AA66A5.4050702@fi4it.de> Hello Joe, i use this: main.cf virtual_transport = dovecot master.cf dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient} /etc/dovecot/conf.d/15-lda.conf protocol lda { log_path = /var/log/sieve.log mail_plugins = acl sieve } and that works fine with my tested clients (tb,outlook,roundcube) daniel Am 19.11.2012 15:17, schrieb /#!/JoePea: > Hi all, > > I can't get dovecot working with postfix. If I leave virtual_transport set > to "virtual", I can send and receive messages just fine in roundcube. If I > set virtual_transport to "dovecot", I can only send messages in roundcube, > but incoming messages never arrive. Seems I can't get dovecot-lda to work. > I need dovecot-lda in order for sieve filters to work. > > Any idea what I'm doing wrong? > > Here's `doveconf -n`: > http://pastie.org/5401133 > > `postconf -n`: > http://pastie.org/5401157 > > and `postconf -M`: > http://pastie.org/5401177 > > Note: All I have to do is change virtual_transport = dovecot to > virtual_transport > = virtual and all will be fine, except for that I won't have sieve > filtering which is what I really want. > > */#!/*JoePea > -- Fischer Daniel FI4IT - that's it Messerschmittstrasse 17 89231 Neu Ulm Email: dfischer at fi4it.de Web: www.fi4it.de Telefon: 073180019370 Fax: 073180019375 Mobil: 01729230731 From ben at morrow.me.uk Mon Nov 19 19:22:47 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Mon, 19 Nov 2012 17:22:47 +0000 Subject: [Dovecot] ACL and SSL In-Reply-To: <20121118002343.GA18703@doctor.nl2k.ab.ca> References: <20121118002343.GA18703@doctor.nl2k.ab.ca> Message-ID: <20121119172246.GL94077@anubis.morrow.me.uk> At 5PM -0700 on 17/11/12 you (Dave Shariff Yadallee - System Administrator a.k.a. The Root of the Problem) wrote: > Finally got Dovecot to work on ports 100 and 143. Port 100 is unassigned. Are you using it for POP3? > I would like to > > a) Learn about ACL esp on port 110 as there are still yodellaks that try > to brake in on port 110. If Dovecot is not listening on port 110 there is nothing it can do about people trying to connect to that port. Perhaps you want to simply block it in your firewall? > b) Setting up separate SSL cert for imaps and pop3s. See the section called 'Different certificates per IP and protocol' in http://wiki2.dovecot.org/SSL/DovecotConfiguration . Ben From rs at sys4.de Mon Nov 19 19:47:11 2012 From: rs at sys4.de (Robert Schetterer) Date: Mon, 19 Nov 2012 18:47:11 +0100 Subject: [Dovecot] ACL and SSL In-Reply-To: <20121118002343.GA18703@doctor.nl2k.ab.ca> References: <20121118002343.GA18703@doctor.nl2k.ab.ca> Message-ID: <50AA709F.8010706@sys4.de> Am 18.11.2012 01:23, schrieb Dave Shariff Yadallee - System Administrator a.k.a. The Root of the Problem: > ) Learn about ACL esp on port 110 as there are still yodellaks that try > to brake in on port 110. what acl you like to set over pop3 ? usually acl at dovecot means folder permissions in imap http://wiki2.dovecot.org/ACL if you mean what to do against brute force use i.e fail2ban http://wiki2.dovecot.org/HowTo/Fail2Ban Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From doctor at doctor.nl2k.ab.ca Mon Nov 19 19:55:56 2012 From: doctor at doctor.nl2k.ab.ca (The Doctor) Date: Mon, 19 Nov 2012 10:55:56 -0700 Subject: [Dovecot] ACL and SSL In-Reply-To: <20121118002343.GA18703@doctor.nl2k.ab.ca> References: <20121118002343.GA18703@doctor.nl2k.ab.ca> Message-ID: <20121119175556.GA21193@doctor.nl2k.ab.ca> On Sat, Nov 17, 2012 at 05:23:43PM -0700, Dave Shariff Yadallee - System Administrator a.k.a. The Root of the Problem wrote: > Finally got Dovecot to work on ports 100 and 143. > > I would like to > > a) Learn about ACL esp on port 110 as there are still yodellaks that try > to brake in on port 110. > > b) Setting up separate SSL cert for imaps and pop3s. Found this one out easily, however new issue: Nov 19 09:21:23 doctor dovecot: pop3-login: Login: user=<MOEuser>, method=PLAIN, rip=208.118.93.81, lip=local mail server, TLS Nov 19 09:21:23 doctor dovecot: POP3(MOEuser):Debug: Effective uid=2618, gid=2991, home=/usr/home/MOEuser Nov 19 09:21:23 doctor dovecot: POP3(MOEuser):Debug: fs: root=/usr/home/MOEuser/mail, index=, control=, inbox=/var/mail/MOEuser, alt= Nov 19 09:21:23 doctor dovecot: POP3(MOEuser):Debug: Namespace : /usr/home/MOEuser/mail doesn't exist yet, using default permissions Nov 19 09:21:23 doctor dovecot: POP3(MOEuser):Debug: Namespace : Using permissions from /usr/home/MOEuser/mail: mode=0700 gid=-1 Nov 19 09:21:23 doctor dovecot: POP3(MOEuser):Error: user MOEuser: Initialization failed: Initializing mail storage from mail_location setting failed: mkdir(/usr/home/MOEuser/mail) failed: Permission denied (euid=2618(MOEuser) egid=2991(sc) missing +w perm: /usr/home/MOEuser, dir owned by 0:2991 mode=0755) Nov 19 09:21:23 doctor dovecot: POP3(MOEuser):Error: Invalid user settings. Refer to server log for more information. Nov 19 09:21:27 doctor dovecot: pop3-login: Login: user=<MOEuser>, method=PLAIN, rip=208.118.93.81, lip=local mail server, TLS Nov 19 09:21:27 doctor dovecot: POP3(MOEuser):Debug: Effective uid=2618, gid=2991, home=/usr/home/MOEuser Nov 19 09:21:27 doctor dovecot: POP3(MOEuser):Debug: fs: root=/usr/home/MOEuser/mail, index=, control=, inbox=/var/mail/MOEuser, alt= Nov 19 09:21:27 doctor dovecot: POP3(MOEuser):Debug: Namespace : /usr/home/MOEuser/mail doesn't exist yet, using default permissions Nov 19 09:21:27 doctor dovecot: POP3(MOEuser):Debug: Namespace : Using permissions from /usr/home/MOEuser/mail: mode=0700 gid=-1 Nov 19 09:21:27 doctor dovecot: POP3(MOEuser):Error: user MOEuser: Initialization failed: Initializing mail storage from mail_location setting failed: mkdir(/usr/home/MOEuser/mail) failed: Permission denied (euid=2618(MOEuser) egid=2991(sc) missing +w perm: /usr/home/MOEuser, dir owned by 0:2991 mode=0755) Nov 19 09:21:27 doctor dovecot: POP3(MOEuser):Error: Invalid user settings. Refer to server log for more information. Nov 19 09:21:35 doctor dovecot: imap-login: Login: user=<MOEuser>, method=PLAIN, rip=208.118.93.81, lip=local mail server Nov 19 09:21:35 doctor dovecot: IMAP(MOEuser):Debug: Effective uid=2618, gid=2991, home=/usr/home/MOEuser Nov 19 09:21:35 doctor dovecot: IMAP(MOEuser):Debug: fs: root=/usr/home/MOEuser/mail, index=, control=, inbox=/var/mail/MOEuser, alt= Nov 19 09:21:35 doctor dovecot: IMAP(MOEuser):Debug: Namespace : /usr/home/MOEuser/mail doesn't exist yet, using default permissions Nov 19 09:21:35 doctor dovecot: IMAP(MOEuser):Debug: Namespace : Using permissions from /usr/home/MOEuser/mail: mode=0700 gid=-1 Nov 19 09:21:35 doctor dovecot: IMAP(MOEuser):Error: user MOEuser: Initialization failed: Initializing mail storage from mail_location setting failed: mkdir(/usr/home/MOEuser/mail) failed: Permission denied (euid=2618(MOEuser) egid=2991(sc) missing +w perm: /usr/home/MOEuser, dir owned by 0:2991 mode=0755) Nov 19 09:21:35 doctor dovecot: IMAP(MOEuser):Error: Invalid user settings. Refer to server log for more information. Nov 19 09:21:48 doctor dovecot: imap-login: Login: user=<MOEuser>, method=PLAIN, rip=208.118.93.81, lip=local mail server Nov 19 09:21:48 doctor dovecot: IMAP(MOEuser):Debug: Effective uid=2618, gid=2991, home=/usr/home/MOEuser Nov 19 09:21:48 doctor dovecot: IMAP(MOEuser):Debug: fs: root=/usr/home/MOEuser/mail, index=, control=, inbox=/var/mail/MOEuser, alt= Nov 19 09:21:48 doctor dovecot: IMAP(MOEuser):Debug: Namespace : /usr/home/MOEuser/mail doesn't exist yet, using default permissions Nov 19 09:21:48 doctor dovecot: IMAP(MOEuser):Debug: Namespace : Using permissions from /usr/home/MOEuser/mail: mode=0700 gid=-1 Nov 19 09:21:48 doctor dovecot: IMAP(MOEuser):Error: user MOEuser: Initialization failed: Initializing mail storage from mail_location setting failed: mkdir(/usr/home/MOEuser/mail) failed: Permission denied (euid=2618(MOEuser) egid=2991(sc) missing +w perm: /usr/home/MOEuser, dir owned by 0:2991 mode=0755) Nov 19 09:21:48 doctor dovecot: IMAP(MOEuser):Error: Invalid user settings. Refer to server log for more information. The MOEuser atnds for Microsoft Outlook Express user. The credentials were correct i.e. user/pw but Dovecot kept reject the user. I heard similar complants from M$ Mail, OE, and Outlook users doveconf -n # 2.1.10: /usr/dovecot2/etc/dovecot/dovecot.conf # OS: BSD/OS 4.3 i386 base_dir = /var/run/dovecot/ disable_plaintext_auth = no first_valid_uid = 100 listen = [::] login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c mail_debug = yes mail_location = mbox:~/mail:INBOX=/var/mail/%u mail_log_prefix = %Us(%u): mdbox_rotate_size = 2 k passdb { args = /etc/master.passwd driver = passwd-file } plugin { home = /usr/dovecot2 } protocols = imap pop3 service auth { executable = /usr/dovecot2/libexec/dovecot/auth user = root } service imap-login { chroot = login client_limit = 256 executable = /usr/dovecot2/libexec/dovecot/imap-login inet_listener imap { address = local mail server port = 143 } inet_listener imaps { address = local mail server port = 993 ssl = yes } process_limit = 128 process_min_avail = 3 service_count = 1 user = dovecot } service imap { executable = /usr/dovecot2/libexec/dovecot/imap process_limit = 512 } service pop3-login { chroot = login client_limit = 256 executable = /usr/dovecot2/libexec/dovecot/pop3-login inet_listener pop3s { address = local mail server port = 995 ssl = yes } process_limit = 128 process_min_avail = 3 service_count = 1 user = dovecot } service pop3 { executable = /usr/dovecot2/libexec/dovecot/pop3 process_limit = 512 } ssl_cert = </usr/dovecot2/etc/dovecot/ssl/pop3.nk.ca.crt ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:aNULL ssl_key = </usr/dovecot2/etc/dovecot/ssl/pop3.nk.ca.key userdb { driver = passwd } userdb { args = /etc/passwd driver = passwd-file } verbose_ssl = yes local local mail server { protocol imap { imap_client_workarounds = delay-newmail tb-extra-mailbox-sep imap_idle_notify_interval = 2 mins imap_logout_format = bytes=%i/%o imap_max_line_length = 64 k mail_max_userip_connections = 10 mail_plugin_dir = /usr/dovecot2/lib/dovecot/imap ssl_cert = </usr/dovecot2/etc/dovecot/ssl/pop3.nk.ca.crt ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:aNULL ssl_key = </usr/dovecot2/etc/dovecot/ssl/pop3.nk.ca.key verbose_ssl = yes } } local local mail server { protocol pop3 { mail_max_userip_connections = 3 mail_plugins = pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_enable_last = yes pop3_lock_session = yes pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s pop3_no_flag_updates = yes pop3_reuse_xuidl = yes pop3_save_uidl = no pop3_uidl_format = %08Xu%08Xv ssl_cert = </usr/dovecot2/etc/dovecot/ssl/pop3.nk.ca.crt ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:aNULL ssl_key = </usr/dovecot2/etc/dovecot/ssl/pop3.nk.ca.key verbose_ssl = yes } } Thunderbird works. Why are M$ mail clients messing up? > > -- > For effective Internet Etiquette and communications read > http://catb.org/jargon/html/T/top-post.html, http://idallen.com/topposting.html > & http://www.caliburn.nl/topposting.html > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. -- Member - Liberal International This is doctor at nl2k.ab.ca Ici doctor at nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Merry Christmas 2012 and Happy New Year 2013 From rs at sys4.de Mon Nov 19 20:13:21 2012 From: rs at sys4.de (Robert Schetterer) Date: Mon, 19 Nov 2012 19:13:21 +0100 Subject: [Dovecot] ACL and SSL In-Reply-To: <20121119175556.GA21193@doctor.nl2k.ab.ca> References: <20121118002343.GA18703@doctor.nl2k.ab.ca> <20121119175556.GA21193@doctor.nl2k.ab.ca> Message-ID: <50AA76C1.30407@sys4.de> Am 19.11.2012 18:55, schrieb The Doctor: > /mail) failed: Permission denied (euid=2618(MOEuser) egid=2991(sc) missing +w perm: /usr/home/MOEuser, dir owned by 0:2991 mode=0755 seems you got a permisson problem Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From dmiller at amfes.com Mon Nov 19 21:27:44 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Mon, 19 Nov 2012 11:27:44 -0800 Subject: [Dovecot] [BUMP] Unanswered: how to force FTS indexing? In-Reply-To: <m2k3tjgdrb.fsf@boostpro.com> References: <m2pq43k7n3.fsf@cone.luannocracy.com> <508C9C8A.8000309@hardwarefreak.com> <m2vcdpfkz7.fsf@cone.luannocracy.com> <m2zk2knsnf.fsf_-_@cone.luannocracy.com> <50A5B666.9090507@amfes.com> <m2zk2hnu3r.fsf@cube.luannocracy.com> <50A73047.7080706@amfes.com> <m2k3tjgdrb.fsf@boostpro.com> Message-ID: <assp.06705d8db5.50AA8830.9000903@amfes.com> On 11/18/2012 6:57 AM, Dave Abrahams wrote: > on Sat Nov 17 2012, "Daniel L. Miller" <dmiller-AT-amfes.com> wrote: > >> On 11/16/2012 12:58 PM, Dave Abrahams wrote: >>> on Thu Nov 15 2012, "Daniel L. Miller" <dmiller-AT-amfes.com> wrote: >>> >>>> On 11/14/2012 6:52 AM, Dave Abrahams wrote: >>>>> Does anyone have an answer to this question? Should I simply issue an >>>>> IMAP search command, or is there a better way? >>>>> >>>> Put this in a cron script: >>>> >>>> doveadm search -A text zyxabcxyz > /dev/null >>>> >>>> That will perform a search through every mailbox on the system, >>>> indexing as it goes. The search query is unlikely to return much in >>>> the way of results, so log files won't fill up much. >>> That actually doesn't work for me. "doveadm index ..." does, though. >>> >> Use whatever works for you. The problem (for me) with "doveadm index" >> is it only works with the specified mailboxes. It can be done for all >> users - but only designated mailboxes. So a "doveadm index -A INBOX" >> will scan all inboxes - but none of the other folders. The search >> command I showed performs a recursive search that hits everything. > I take it back; I'm not sure if "doveadm search" causes re-indexing. > However, I *know* issuing a search command from a Python IMAP library > doesn't do so. > That indicates something else is broken - unless my Dovecot understanding is totally off (which is always possible, even likely). To my knowledge, until the relatively recent support for the "doveadm index" command, the primary and indeed only way to index was to perform a search. When Dovecot receives a search request, whether passed by IMAP or through the doveadm backdoor, if the mailbox isn't current then any new mails are supposed to be added to the index in the course of the search. If that doesn't happen - then I think something is broken in your setup. -- Daniel From daniel.parthey at informatik.tu-chemnitz.de Tue Nov 20 00:32:05 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Mon, 19 Nov 2012 23:32:05 +0100 Subject: [Dovecot] users mail folders have to be subscribed In-Reply-To: <CADLvNSayLhZ39zjvmBqpkYOteFTbdWAMrTGNnD=LrSLRE59-pQ@mail.gmail.com> References: <CADLvNSZJJgET1PGdPjZEnt4zrc0UPX15=FZQ2SihK+aUQz8ZZQ@mail.gmail.com> <20121118193822.GA7565@daniel.localdomain> <CADLvNSZQCRDenkENPHc9wkv6BHaoA+rfsVoy_53r2SSpoCc_PA@mail.gmail.com> <899ee7qld4v8@mids.svenhartge.de> <CADLvNSayLhZ39zjvmBqpkYOteFTbdWAMrTGNnD=LrSLRE59-pQ@mail.gmail.com> Message-ID: <20121119223205.GA7800@daniel.localdomain> Andre Bischof wrote: > doveadm mailbox subscribe -u user at example.com "*" > > Should the user for "-u" be the system user the > mailboxes belong to or has the user to be written in form of an email > adress (user at localhost / user at n.dyndns.org)? It should be the same userdb username as used for imap login. Regards Daniel -- https://plus.google.com/103021802792276734820 From zaphod at tdl.com Tue Nov 20 02:13:11 2012 From: zaphod at tdl.com (Chuck Cochems) Date: Mon, 19 Nov 2012 17:13:11 -0700 Subject: [Dovecot] whoson plugin for 2.0 In-Reply-To: <50A6CF8A.40202@localhost.localdomain.org> References: <50A5B2B2.40409@tdl.com> <50A68BA7.4080500@localhost.localdomain.org> <50A6BC6A.6070504@tdl.com> <50A6CF8A.40202@localhost.localdomain.org> Message-ID: <50AACB17.2070008@tdl.com> On 11/16/2012 4:43 PM, Pascal Volk wrote: > On 11/16/2012 11:21 PM Chuck Cochems wrote: >> ? >> I need to return both the IP and the email address as a string to drop >> it into the old code. >> ? > > You could check the code of the `doveadm who` command > <http://wiki2.dovecot.org/Tools/Doveadm/Who>. It shows both, the user > name and the IP address. > > > Regards, > Pascal > Problem solved. i finally found a working verion. i told the author to switch from strlcpy (which is not part of glibc) to i_strocpy (which dovecot provides). hopefulyl he will listen. if not, that's how to fix it. http://ftp.ufanet.ru/pub/boco/dovecot/whoson-plugin-2/ someone update the 2.0 wiki link. :) From tss at iki.fi Tue Nov 20 02:55:16 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 20 Nov 2012 02:55:16 +0200 Subject: [Dovecot] FYI: News about Mark Crispin References: <E7C54D4EA2D977429FC82EF4@[192.168.0.2]> Message-ID: <EF9FB64E-28F2-4F6B-B6E8-1DE394E0C1E1@iki.fi> Begin forwarded message: > From: Barry Leiba <barryleiba at computer.org> > Date: 20. marraskuuta 2012 2.44.51 UTC+2.00 > To: imap5 at ietf.org, imapext at ietf.org, imap-protocol at u.washington.edu, imap-use at u.washington.edu > Subject: [imapext] News about Mark Crispin > Reply-To: imap5 at ietf.org > > Everyone here knows Mark Crispin -- or at least knows who he is: Mark is the author of the original IMAP specification, and has taken it through its different versions to the present IMAP4rev1. He's written reference implementations of both server and client, and has been a vocal participant on all the mailing lists I'm posting this to. > > I'm sad to have to report that Mark is now terminally ill, and is in hospice care. > > For now, at least, I'm told that Mark is at least somewhat aware. If anyone has brief well-wishing messages they'd like to send him, please post them to the <imap5 at ietf.org> mailing list, and I'll forward them to Mark's long-term companion, Annie. I will also post updates to that list as I get them. > > [The Reply-To for this message is set to <imap5 at ietf.org>, so that replies will go there. You will have to subscribe to that mailing list in order to post to it. You can do that here: > http://www.ietf.org/mailman/listinfo/imap5 ] > > Barry Leiba > > _______________________________________________ > imapext mailing list > imapext at ietf.org > https://www.ietf.org/mailman/listinfo/imapext > From noel.butler at ausics.net Tue Nov 20 04:26:47 2012 From: noel.butler at ausics.net (Noel Butler) Date: Tue, 20 Nov 2012 12:26:47 +1000 Subject: [Dovecot] FYI: News about Mark Crispin In-Reply-To: <EF9FB64E-28F2-4F6B-B6E8-1DE394E0C1E1@iki.fi> References: <E7C54D4EA2D977429FC82EF4@[192.168.0.2]> <EF9FB64E-28F2-4F6B-B6E8-1DE394E0C1E1@iki.fi> Message-ID: <1353378407.12776.28.camel@tardis> That's so sad, Marks a nice guy, and too fricken young for this to happen On Tue, 2012-11-20 at 02:55 +0200, Timo Sirainen wrote: > Begin forwarded message: > > > From: Barry Leiba <barryleiba at computer.org> > > Date: 20. marraskuuta 2012 2.44.51 UTC+2.00 > > To: imap5 at ietf.org, imapext at ietf.org, imap-protocol at u.washington.edu, imap-use at u.washington.edu > > Subject: [imapext] News about Mark Crispin > > Reply-To: imap5 at ietf.org > > > > Everyone here knows Mark Crispin -- or at least knows who he is: Mark is the author of the original IMAP specification, and has taken it through its different versions to the present IMAP4rev1. He's written reference implementations of both server and client, and has been a vocal participant on all the mailing lists I'm posting this to. > > > > I'm sad to have to report that Mark is now terminally ill, and is in hospice care. > > > > For now, at least, I'm told that Mark is at least somewhat aware. If anyone has brief well-wishing messages they'd like to send him, please post them to the <imap5 at ietf.org> mailing list, and I'll forward them to Mark's long-term companion, Annie. I will also post updates to that list as I get them. > > > > [The Reply-To for this message is set to <imap5 at ietf.org>, so that replies will go there. You will have to subscribe to that mailing list in order to post to it. You can do that here: > > http://www.ietf.org/mailman/listinfo/imap5 ] > > > > Barry Leiba > > > > _______________________________________________ > > imapext mailing list > > imapext at ietf.org > > https://www.ietf.org/mailman/listinfo/imapext > > > -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20121120/ebf5e0c1/attachment-0004.bin> From doctor at doctor.nl2k.ab.ca Tue Nov 20 04:27:58 2012 From: doctor at doctor.nl2k.ab.ca (The Doctor) Date: Mon, 19 Nov 2012 19:27:58 -0700 Subject: [Dovecot] ACL and SSL In-Reply-To: <50AA76C1.30407@sys4.de> References: <20121118002343.GA18703@doctor.nl2k.ab.ca> <20121119175556.GA21193@doctor.nl2k.ab.ca> <50AA76C1.30407@sys4.de> Message-ID: <20121120022758.GA8370@doctor.nl2k.ab.ca> On Mon, Nov 19, 2012 at 07:13:21PM +0100, Robert Schetterer wrote: > Am 19.11.2012 18:55, schrieb The Doctor: > > /mail) failed: Permission denied (euid=2618(MOEuser) egid=2991(sc) missing +w perm: /usr/home/MOEuser, dir owned by 0:2991 mode=0755 > > seems you got a permisson problem > Found it ! Looks like the user account was missing the mail directory. fail2ban will implement. Now Outlook 2010 reporting repeated mail. Is this a similar issue with OL2003? > > Best Regards > MfG Robert Schetterer > > -- > [*] sys4 AG > > http://sys4.de, +49 (89) 30 90 46 64 > Franziskanerstra?e 15, 81669 M?nchen > > Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 > Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer > Aufsichtsratsvorsitzender: Joerg Heidrich -- Member - Liberal International This is doctor at nl2k.ab.ca Ici doctor at nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Merry Christmas 2012 and Happy New Year 2013 From andre.bischof at rheinsinn.de Tue Nov 20 09:07:10 2012 From: andre.bischof at rheinsinn.de (Andre Bischof) Date: Tue, 20 Nov 2012 08:07:10 +0100 Subject: [Dovecot] users mail folders have to be subscribed Message-ID: <CADLvNSY+rDbOFEdDpkmK6x=o47XDXxNWX6oM9w6pE2WLoLYZNg@mail.gmail.com> Daniel, Am 19.11.2012 23:32 schrieb "Daniel Parthey" < daniel.parthey at informatik.tu-chemnitz.de>: > > Andre Bischof wrote: > > doveadm mailbox subscribe -u user at example.com "*" > > > > Should the user for "-u" be the system user the > > mailboxes belong to or has the user to be written in form of an email > > adress (user at localhost / user at n.dyndns.org)? > > It should be the same userdb username as used for imap login. Thank you. One thing that still doesn't work is subscribing to all mailboxes via "*", I guess because the folder names start with "." but dovecot mailbbox subscribe wants it without a starting "." Any clues how that can be solved? Regards Andre From rs at sys4.de Tue Nov 20 10:53:05 2012 From: rs at sys4.de (Robert Schetterer) Date: Tue, 20 Nov 2012 09:53:05 +0100 Subject: [Dovecot] ACL and SSL In-Reply-To: <20121120022758.GA8370@doctor.nl2k.ab.ca> References: <20121118002343.GA18703@doctor.nl2k.ab.ca> <20121119175556.GA21193@doctor.nl2k.ab.ca> <50AA76C1.30407@sys4.de> <20121120022758.GA8370@doctor.nl2k.ab.ca> Message-ID: <50AB44F1.4070009@sys4.de> Am 20.11.2012 03:27, schrieb The Doctor: > Now Outlook 2010 reporting repeated mail. Is this a similar issue with > OL2003? it doesnt look like general a client issue at all, check your logs for more warnings and errors, outlook(s) may not best clients, but they arent guilty for all Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From skdovecot at smail.inf.fh-brs.de Tue Nov 20 15:53:19 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Tue, 20 Nov 2012 14:53:19 +0100 (CET) Subject: [Dovecot] users mail folders have to be subscribed In-Reply-To: <CADLvNSY+rDbOFEdDpkmK6x=o47XDXxNWX6oM9w6pE2WLoLYZNg@mail.gmail.com> References: <CADLvNSY+rDbOFEdDpkmK6x=o47XDXxNWX6oM9w6pE2WLoLYZNg@mail.gmail.com> Message-ID: <alpine.DEB.2.02.1211201440390.5511@pc-2m63nn> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 20 Nov 2012, Andre Bischof wrote: > Date: Tue, 20 Nov 2012 08:07:10 +0100 > From: Andre Bischof <andre.bischof at rheinsinn.de> > To: dovecot at dovecot.org > Subject: Re: [Dovecot] users mail folders have to be subscribed > > Daniel, > > Am 19.11.2012 23:32 schrieb "Daniel Parthey" < > daniel.parthey at informatik.tu-chemnitz.de>: >> >> Andre Bischof wrote: >>> doveadm mailbox subscribe -u user at example.com "*" >>> >>> Should the user for "-u" be the system user the >>> mailboxes belong to or has the user to be written in form of an email >>> adress (user at localhost / user at n.dyndns.org)? >> >> It should be the same userdb username as used for imap login. > > Thank you. One thing that still doesn't work is subscribing to all > mailboxes via "*", I guess because the folder names start with "." but > dovecot mailbbox subscribe wants it without a starting "." Any clues how > that can be solved? In v2.1.10 doveadm mailbox subscribe -u user at example.com "*" does indeed add the string "*" to the subscription list, hence, one cannot add "all folders" with this wildcard. However, you can use the Unix flexible modular command line system :-) e.g.: doveadm mailbox subscribe -u user at example.com \ $( doveadm mailbox list -u user at example.com ) Make sure to use the same "-u ..." switch. I'm not sure about shared mailboxes by other users. In my test, mailbox list displays them, but subscribe does not add them, but silently ignores them. Other way would be to add subscribed folders into "/home/of/user/Maildir/subscriptions", as you seem to use Maildir. One folder per line. Kind regards, - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUKuLT2oxLS8a3A9mAQKPnwf+NO+Q57UyYqedZ2M3hAf1i+LFgEKJV4JO r6hDQ6kn6qABJc03udiaNrS+1bpLKyhZ+geMBua+qs4UGrMdE/fi0lyI4yvVtCBC mR41EuBvL9Jf5tFtKYG65tAhj6gjSOMAuXL6xwsawXSkrTV/33NFRG5FQ0bZRQvV pcG50V5lvOSXhpM4GqhQwEIurwGef9w8iG2rNxkTaSLWa/5ZaBCg9vFgCE0xs0hg N6aURUsqiebN+AIzzjJDOFwE4cDrH1TUbbGNW3cutjkolf3Jf6cGU96yUGKf4NvA bWv+3i4BUnUQ547DNNV5NNlw2Mz9569dRUyD6WHaiEVCW0Tp6U3iZw== =4zMT -----END PGP SIGNATURE----- From listas.correo at yahoo.es Tue Nov 20 17:54:29 2012 From: listas.correo at yahoo.es (mailing lists) Date: Tue, 20 Nov 2012 15:54:29 +0000 (GMT) Subject: [Dovecot] doveadm fails with passdb authentication binds (dovecot 2.0.16) Message-ID: <1353426869.63536.YahooMailNeo@web171501.mail.ir2.yahoo.com> Hello, I'm testing passdb auth binds with dovecot 2.0.16, but for some reason dovedm fails to work with the configuration showed below. The network trace shows the successful bind for the administrative user (uid=mailapp), but nothing for the mail user (uid=user001). what am i missing here? # doveadm mailbox list -u user001 doveadm(user001): Error: user user001: Auth PASS lookup failed doveadm(user001): Fatal: passdb lookup failed 10-auth.conf: ==================== disable_plaintext_auth = no auth_cache_size = 0 auth_cache_ttl = 0 auth_cache_negative_ttl = 0 auth_mechanisms = plain !include auth-ldap.conf.ext auth-ldap.conf.ext: ===================================== passdb { ? driver = ldap ? args = /etc/dovecot/passdb-dovecot-ldap.conf.ext } userdb { ? driver = ldap ? args = /etc/dovecot/userdb-dovecot-ldap.conf.ext } passdb-dovecot-ldap.conf.ext: ===================================== uris = ldap://ldap.example.com dn = uid=mailapp,ou=People,dc=example,dc=com dnpass = xxxxxxxxxx sasl_bind = no tls = no auth_bind = yes ldap_version = 3 base = dc=example,dc=com deref = never scope = subtree pass_attrs = uid=user pass_filter = (uid=%n) userdb-dovecot-ldap.conf.ext: ==================================== uris = ldap://ldap.example.com dn = uid=mailapp,ou=People,dc=example,dc=com dnpass = xxxxxxxxxx sasl_bind = no tls = no auth_bind = yes ldap_version = 3 base = dc=example,dc=com deref = never scope = subtree user_attrs = mailbox=mail=maildir:/var/maildir/%$,homeFilter=home,mailQuota=quota_rule=*:bytes=%$ user_filter = (&(objectClass=posixAccount)(uid=%n)) pass_attrs = uid=user,userPassword=password,\ ??? mailbox=userdb_mail=maildir:/var/maildir/%$,homeFilter=userdb_home,mailQuota=userdb_quota_rule=*:bytes=%$ pass_filter = (&(objectClass=posixAccount)(uid=%n)) iterate_attrs = uid=user iterate_filter = (objectClass=posixMailAccount) From mathieu at 400iso.net Tue Nov 20 21:10:38 2012 From: mathieu at 400iso.net (Mathieu R.) Date: Tue, 20 Nov 2012 20:10:38 +0100 Subject: [Dovecot] Need help for configure sieve Message-ID: <5f92c95abae1b9ffe8d39bc5edd267c2@400iso.net> Hello, i just did set up a mail server with postfix+dovecot+mysql+roundcube everything work fine. Now i'm trying to configure dovecot to get sieve working, and i probably missing something, cause i can not get it to fall in work... Thanks in advance, if you can help me a bit... here is my dovecot (2.1.10) conf : 20:07 root at curzio /home/mathieu # dovecot -n # 2.1.10: /etc/dovecot/dovecot.conf # OS: Linux 3.2.30-xenU-7157-x86_64 x86_64 Arch Linux mail_home = /srv/vmail/%d/%u mail_location = maildir:~ managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 sieve service auth { unix_listener auth-client { group = postfix mode = 0660 user = postfix } user = root } ssl_cert = </etc/ssl/private/server.crt ssl_key = </etc/ssl/private/server.key userdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } protocol lda { mail_plugins = " sieve" } here is my postfix conf : 20:07 root at curzio /home/mathieu # postconf -n alias_database = $alias_maps alias_maps = hash:/etc/postfix/aliases broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/lib/postfix data_directory = /var/lib/postfix debug_peer_level = 2 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5 html_directory = no inet_protocols = ipv4 local_recipient_maps = $virtual_mailbox_maps local_transport = virtual mail_owner = postfix mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man newaliases_path = /usr/bin/newaliases queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix relay_domains = * sample_directory = /etc/postfix/sample sendmail_path = /usr/sbin/sendmail setgid_group = postdrop smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $mydomain smtpd_sasl_path = /var/run/dovecot/auth-client smtpd_sasl_security_options = noanonymous smtpd_sasl_tls_security_options = $smtpd_sasl_security_options smtpd_sasl_type = dovecot smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/ssl/private/server.crt smtpd_tls_key_file = /etc/ssl/private/server.key smtpd_tls_loglevel = 1 transport_maps = hash:/etc/postfix/transport unknown_local_recipient_reject_code = 550 virtual_alias_maps = proxy:mysql:/etc/postfix/virtual_alias_maps.cf virtual_gid_maps = static:5000 virtual_mailbox_base = /srv/vmail virtual_mailbox_domains = proxy:mysql:/etc/postfix/virtual_domains_maps.cf virtual_mailbox_limit = 512000000 virtual_mailbox_maps = proxy:mysql:/etc/postfix/virtual_mailbox_maps.cf virtual_minimum_uid = 5000 virtual_transport = virtual virtual_uid_maps = static:5000 i use the roundcube plugin managesieve, wich seems to work correctly. -- Mathieu R. From user+dovecot at localhost.localdomain.org Tue Nov 20 21:51:26 2012 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Tue, 20 Nov 2012 20:51:26 +0100 Subject: [Dovecot] Need help for configure sieve In-Reply-To: <5f92c95abae1b9ffe8d39bc5edd267c2@400iso.net> References: <5f92c95abae1b9ffe8d39bc5edd267c2@400iso.net> Message-ID: <50ABDF3E.2040605@localhost.localdomain.org> On 11/20/2012 08:10 PM Mathieu R. wrote: > ? > Now i'm trying to configure dovecot to get sieve working, and i > probably missing something, cause i can not get it to fall in work... > > Thanks in advance, if you can help me a bit... > > here is my dovecot (2.1.10) conf : > > > 20:07 root at curzio /home/mathieu # dovecot -n > # 2.1.10: /etc/dovecot/dovecot.conf > # OS: Linux 3.2.30-xenU-7157-x86_64 x86_64 Arch Linux > ? > protocol lda { > mail_plugins = " sieve" > } > > > here is my postfix conf : > 20:07 root at curzio /home/mathieu # postconf -n > ? > transport_maps = hash:/etc/postfix/transport > ? > ? > virtual_transport = virtual > ? > > > i use the roundcube plugin managesieve, wich seems to work correctly. What is the content of your /etc/postfix/transport? "virtual_transport = virtual" let Postfix deliver your mails to the mail store. You have to use Dovecot's LMTP <http://master.wiki2.dovecot.org/HowTo/PostfixDovecotLMTP> or Dovecot's LDA <http://master.wiki2.dovecot.org/LDA/Postfix> in order to apply Sieve rules on mail delivery. Regards, Pascal -- The trapper recommends today: cafebabe.1232520 at localdomain.org From mathieu at 400iso.net Tue Nov 20 22:01:18 2012 From: mathieu at 400iso.net (Mathieu R.) Date: Tue, 20 Nov 2012 21:01:18 +0100 Subject: [Dovecot] Need help for configure sieve In-Reply-To: <50ABDF3E.2040605@localhost.localdomain.org> References: <5f92c95abae1b9ffe8d39bc5edd267c2@400iso.net> <50ABDF3E.2040605@localhost.localdomain.org> Message-ID: <591e65f27a23bef233371ba237841cb3@400iso.net> Le 20/11/2012 20:51, Pascal Volk a ?crit?: > On 11/20/2012 08:10 PM Mathieu R. wrote: >> ? >> Now i'm trying to configure dovecot to get sieve working, and i >> probably missing something, cause i can not get it to fall in >> work... >> >> Thanks in advance, if you can help me a bit... >> >> here is my dovecot (2.1.10) conf : >> >> >> 20:07 root at curzio /home/mathieu # dovecot -n >> # 2.1.10: /etc/dovecot/dovecot.conf >> # OS: Linux 3.2.30-xenU-7157-x86_64 x86_64 Arch Linux >> ? >> protocol lda { >> mail_plugins = " sieve" >> } >> >> >> here is my postfix conf : >> 20:07 root at curzio /home/mathieu # postconf -n >> ? >> transport_maps = hash:/etc/postfix/transport >> ? >> ? >> virtual_transport = virtual >> ? >> >> >> i use the roundcube plugin managesieve, wich seems to work >> correctly. > > What is the content of your /etc/postfix/transport? it's empty, come with archlinux default conf. > > "virtual_transport = virtual" let Postfix deliver your mails to the > mail > store. > > You have to use Dovecot's LMTP > <http://master.wiki2.dovecot.org/HowTo/PostfixDovecotLMTP> or > Dovecot's > LDA <http://master.wiki2.dovecot.org/LDA/Postfix> in order to apply > Sieve rules on mail delivery. i added dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/local/libexec/dovecot/dovecot-lda -f ${sender} -d ${recipient} in master.cf in order to use LDA, is that enough ? > > > Regards, > Pascal -- Mathieu R. From user+dovecot at localhost.localdomain.org Tue Nov 20 22:10:03 2012 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Tue, 20 Nov 2012 21:10:03 +0100 Subject: [Dovecot] Need help for configure sieve In-Reply-To: <591e65f27a23bef233371ba237841cb3@400iso.net> References: <5f92c95abae1b9ffe8d39bc5edd267c2@400iso.net> <50ABDF3E.2040605@localhost.localdomain.org> <591e65f27a23bef233371ba237841cb3@400iso.net> Message-ID: <50ABE39B.5070103@localhost.localdomain.org> On 11/20/2012 09:01 PM Mathieu R. wrote: > i added > > dovecot unix - n n - - pipe > flags=DRhu user=vmail:vmail > argv=/usr/local/libexec/dovecot/dovecot-lda -f ${sender} -d ${recipient} > > in master.cf in order to use LDA, is that enough ? > don't forget: postconf -e virtual_transport=dovecot: postfix reload Regards, Pascal -- The trapper recommends today: 5e1f1e55.1232521 at localdomain.org From beber at meleeweb.net Tue Nov 20 22:56:03 2012 From: beber at meleeweb.net (Bertrand Jacquin) Date: Tue, 20 Nov 2012 21:56:03 +0100 Subject: [Dovecot] v2.1.10: Director director_servers order issue Message-ID: <20121120205603.GA1789@lemonhead.scabb> Hi, I'm setting up an IMAP/POP cluster using dovecot director for some NFS reasons and I'm getting some troubles with director_servers directive. Configuration is shared on both nodes : director_servers = 10.0.50.50 10.0.50.51 director_mail_servers = 192.168.0.150 192.168.0.151 director_user_expire = 15 min service director { unix_listener login/director { mode = 0666 } fifo_listener login/proxy-notify { mode = 0600 user = $default_login_user } unix_listener director-userdb { mode = 0600 } inet_listener { port = 9090 } } service ipc { unix_listener ipc { user = $default_login_user } } Here 10.0.50.50 is node1, 10.0.50.51 is node2 # ring status on node1 director ip port type last failed 10.0.50.50 9090 self never 10.0.50.51 9090 never # ring status on node2 director ip port type last failed 10.0.50.50 9090 self never 10.0.50.51 9090 never self is the same on both nodes, and that generate some cases that can be observed on logs : # logs on node1 dovecot: director: Error: Remote director thinks it's someone else (connected to 10.0.50.51:9090, remote says it's 10.0.50.50:9090) And this is true, TCP packet contain bad DATA : # tcpdump -i eth0 -nn src host 10.0.50.51 and port 9090 -s 0 -w - -l | strings | egrep '^ME' ME 10.0.50.50 9090 # logs on node2 dovecot: director: Error: connect(10.0.50.51:9090) failed: Invalid argument Invalid argument is present as bind() is not done with the appropriate IP : # strace -p 6063 -fF -s 1024 -e trace=bind,connect bind(28, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("10.0.50.50")}, 16) = 0 connect(28, {sa_family=AF_INET, sin_port=htons(9090), sin_addr=inet_addr("10.0.50.51")}, 16) = -1 EINVAL (Invalid argument) Also, during this time, CPU is ~100% used. bind() is done with node1 IP address. I also tested using a DNS : director_servers = director-all director-all is two A entries, first containing 10.0.50.50, second 10.0.50.51 and the result here is exactly the same. Using two configurations : # director_servers on node1 director_servers = 10.0.50.50 10.0.50.51 # director_servers on node2 director_servers = 10.0.50.51 10.0.50.50 Give the same result as showed before : # ring status on node1 director ip port type last failed 10.0.50.50 9090 self never 10.0.50.51 9090 never # ring status on node2 director ip port type last failed 10.0.50.50 9090 self never 10.0.50.51 9090 never It seems that first sorted entry in director_servers is considered as "self". I'm using dovecot 2.1.10-0~auto+55 debian package from rename-it repository. Thanks for your help. -- Beber -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121120/3cad8bb1/attachment-0004.bin> From mathieu at 400iso.net Wed Nov 21 00:08:52 2012 From: mathieu at 400iso.net (Mathieu R.) Date: Tue, 20 Nov 2012 23:08:52 +0100 Subject: [Dovecot] Need help for configure sieve In-Reply-To: <50ABE39B.5070103@localhost.localdomain.org> References: <5f92c95abae1b9ffe8d39bc5edd267c2@400iso.net> <50ABDF3E.2040605@localhost.localdomain.org> <591e65f27a23bef233371ba237841cb3@400iso.net> <50ABE39B.5070103@localhost.localdomain.org> Message-ID: <babad5ee75be26067052f340f26bedd4@400iso.net> Le 20/11/2012 21:10, Pascal Volk a ?crit?: > On 11/20/2012 09:01 PM Mathieu R. wrote: >> i added >> >> dovecot unix - n n - - pipe >> flags=DRhu user=vmail:vmail >> argv=/usr/local/libexec/dovecot/dovecot-lda -f ${sender} -d >> ${recipient} >> >> in master.cf in order to use LDA, is that enough ? >> > > don't forget: > > postconf -e virtual_transport=dovecot: > postfix reload just did what you tell me, broke my config (gave me : virtual_transport = dovecot: and then got that error : 2012-11-20T22:03:23.108392+00:00 localhost pipe[28359] fatal: pipe_command: execvp /usr/local/libexec/dovecot/dovecot-lda: No such file or directory switched back to previous config... > > > Regards, > Pascal -- Mathieu R. From user+dovecot at localhost.localdomain.org Wed Nov 21 00:11:16 2012 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Tue, 20 Nov 2012 23:11:16 +0100 Subject: [Dovecot] Need help for configure sieve In-Reply-To: <babad5ee75be26067052f340f26bedd4@400iso.net> References: <5f92c95abae1b9ffe8d39bc5edd267c2@400iso.net> <50ABDF3E.2040605@localhost.localdomain.org> <591e65f27a23bef233371ba237841cb3@400iso.net> <50ABE39B.5070103@localhost.localdomain.org> <babad5ee75be26067052f340f26bedd4@400iso.net> Message-ID: <50AC0004.2080301@localhost.localdomain.org> On 11/20/2012 11:08 PM Mathieu R. wrote: > Le 20/11/2012 21:10, Pascal Volk a ?crit : >> On 11/20/2012 09:01 PM Mathieu R. wrote: >>> i added >>> >>> dovecot unix - n n - - pipe >>> flags=DRhu user=vmail:vmail >>> argv=/usr/local/libexec/dovecot/dovecot-lda -f ${sender} -d >>> ${recipient} >>> >>> in master.cf in order to use LDA, is that enough ? >>> >> >> don't forget: >> >> postconf -e virtual_transport=dovecot: >> postfix reload > > just did what you tell me, broke my config (gave me : virtual_transport > = dovecot: and then got that error : > > 2012-11-20T22:03:23.108392+00:00 localhost pipe[28359] fatal: > pipe_command: execvp /usr/local/libexec/dovecot/dovecot-lda: No such > file or directory > > switched back to previous config... Are you sure your dovecot-lda binary is located in /usr/local/libexec/dovecot/? You have to use an existing path - not just copy and paste something. Regards, Pascal -- The trapper recommends today: face1e55.1232523 at localdomain.org From mathieu at 400iso.net Wed Nov 21 00:53:36 2012 From: mathieu at 400iso.net (Mathieu R.) Date: Tue, 20 Nov 2012 23:53:36 +0100 Subject: [Dovecot] Need help for configure sieve In-Reply-To: <50AC0004.2080301@localhost.localdomain.org> References: <5f92c95abae1b9ffe8d39bc5edd267c2@400iso.net> <50ABDF3E.2040605@localhost.localdomain.org> <591e65f27a23bef233371ba237841cb3@400iso.net> <50ABE39B.5070103@localhost.localdomain.org> <babad5ee75be26067052f340f26bedd4@400iso.net> <50AC0004.2080301@localhost.localdomain.org> Message-ID: <cd1638cdebaa43febc318a8f46d07893@400iso.net> Le 20/11/2012 23:11, Pascal Volk a ?crit?: > On 11/20/2012 11:08 PM Mathieu R. wrote: >> Le 20/11/2012 21:10, Pascal Volk a ?crit : >>> On 11/20/2012 09:01 PM Mathieu R. wrote: >>>> i added >>>> >>>> dovecot unix - n n - - pipe >>>> flags=DRhu user=vmail:vmail >>>> argv=/usr/local/libexec/dovecot/dovecot-lda -f ${sender} -d >>>> ${recipient} >>>> >>>> in master.cf in order to use LDA, is that enough ? >>>> >>> >>> don't forget: >>> >>> postconf -e virtual_transport=dovecot: >>> postfix reload >> >> just did what you tell me, broke my config (gave me : >> virtual_transport >> = dovecot: and then got that error : >> >> 2012-11-20T22:03:23.108392+00:00 localhost pipe[28359] fatal: >> pipe_command: execvp /usr/local/libexec/dovecot/dovecot-lda: No such >> file or directory >> >> switched back to previous config... > > > Are you sure your dovecot-lda binary is located in > /usr/local/libexec/dovecot/? > You have to use an existing path - not just copy and paste something. of course you're right, i was stupid. corrected the path (to /usr/lib/dovecot/dovecot-lda), executed postconf -e virtual_transport=dovecot: postfix reload and got this error now : 2012-11-20T22:50:03.121109+00:00 localhost postfix/pipe[28785]: 7D9F825269: to=<mathieu at 400iso.net>, relay=dovecot, de lay=8620, delays=8619/0.06/0/0.07, dsn=4.3.0, status=deferred (temporary failure. Command output: lda: Error: user mat hieu at 400iso.net: Error reading configuration: Invalid settings: postmaster_address setting not given lda: Fatal: Inter nal error occurred. Refer to server log for more information. ) thank a lot for your help > > > Regards, > Pascal -- Mathieu R. From user+dovecot at localhost.localdomain.org Wed Nov 21 00:57:52 2012 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Tue, 20 Nov 2012 23:57:52 +0100 Subject: [Dovecot] Need help for configure sieve In-Reply-To: <cd1638cdebaa43febc318a8f46d07893@400iso.net> References: <5f92c95abae1b9ffe8d39bc5edd267c2@400iso.net> <50ABDF3E.2040605@localhost.localdomain.org> <591e65f27a23bef233371ba237841cb3@400iso.net> <50ABE39B.5070103@localhost.localdomain.org> <babad5ee75be26067052f340f26bedd4@400iso.net> <50AC0004.2080301@localhost.localdomain.org> <cd1638cdebaa43febc318a8f46d07893@400iso.net> Message-ID: <50AC0AF0.30900@localhost.localdomain.org> On 11/20/2012 11:53 PM Mathieu R. wrote: > > and got this error now : > ? lda: Error: user mathieu at 400iso.net: Error reading configuration: Invalid settings: > postmaster_address setting not given ? You have to configure a valid postmaster_address in conf.d/15-lda.conf Regards, Pascal -- The trapper recommends today: face1e55.1232523 at localdomain.org From mathieu at 400iso.net Wed Nov 21 01:00:37 2012 From: mathieu at 400iso.net (Mathieu R.) Date: Wed, 21 Nov 2012 00:00:37 +0100 Subject: [Dovecot] Need help for configure sieve In-Reply-To: <50AC0AF0.30900@localhost.localdomain.org> References: <5f92c95abae1b9ffe8d39bc5edd267c2@400iso.net> <50ABDF3E.2040605@localhost.localdomain.org> <591e65f27a23bef233371ba237841cb3@400iso.net> <50ABE39B.5070103@localhost.localdomain.org> <babad5ee75be26067052f340f26bedd4@400iso.net> <50AC0004.2080301@localhost.localdomain.org> <cd1638cdebaa43febc318a8f46d07893@400iso.net> <50AC0AF0.30900@localhost.localdomain.org> Message-ID: <8133e84c1059fa344dee37994bdf0c47@400iso.net> Le 20/11/2012 23:57, Pascal Volk a ?crit?: > On 11/20/2012 11:53 PM Mathieu R. wrote: >> >> and got this error now : >> ? lda: Error: user mathieu at 400iso.net: Error reading configuration: >> Invalid settings: >> postmaster_address setting not given ? > > You have to configure a valid postmaster_address in > conf.d/15-lda.conf > > > Regards, > Pascal just made it falling in work... thanks a lot, again -- Mathieu R. From dave at boostpro.com Wed Nov 21 04:30:39 2012 From: dave at boostpro.com (Dave Abrahams) Date: Tue, 20 Nov 2012 21:30:39 -0500 Subject: [Dovecot] [BUMP] Unanswered: how to force FTS indexing? References: <m2pq43k7n3.fsf@cone.luannocracy.com> <508C9C8A.8000309@hardwarefreak.com> <m2vcdpfkz7.fsf@cone.luannocracy.com> <m2zk2knsnf.fsf_-_@cone.luannocracy.com> <50A5B666.9090507@amfes.com> <m2zk2hnu3r.fsf@cube.luannocracy.com> <50A73047.7080706@amfes.com> <m2k3tjgdrb.fsf@boostpro.com> <assp.06705d8db5.50AA8830.9000903@amfes.com> Message-ID: <m2wqxfelgw.fsf@boostpro.com> on Mon Nov 19 2012, "Daniel L. Miller" <dmiller-AT-amfes.com> wrote: > On 11/18/2012 6:57 AM, Dave Abrahams wrote: >> I take it back; I'm not sure if "doveadm search" causes re-indexing. >> However, I *know* issuing a search command from a Python IMAP library >> doesn't do so. >> > > That indicates something else is broken - unless my Dovecot > understanding is totally off (which is always possible, even likely). > To my knowledge, until the relatively recent support for the "doveadm > index" command, the primary and indeed only way to index was to > perform a search. When Dovecot receives a search request, whether > passed by IMAP or through the doveadm backdoor, if the mailbox isn't > current then any new mails are supposed to be added to the index in > the course of the search. If that doesn't happen - then I think > something is broken in your setup. Well, perhaps I didn't satisfy the "mailbox isn't current" criterion. All I had done was to delete the FTS indices when I tried this. -- Dave Abrahams BoostPro Computing Software Development Training http://www.boostpro.com Clang/LLVM/EDG Compilers C++ Boost From timor at o2.pl Wed Nov 21 12:15:31 2012 From: timor at o2.pl (Tomek) Date: Wed, 21 Nov 2012 11:15:31 +0100 Subject: [Dovecot] Proxy to join two accounts Message-ID: <50ACA9C3.9000004@o2.pl> Hello, I have server with IMAP on dovecot for user mails and second server on archiveopteryx as mail archive. I'm wondering if it's possible to make some sort of proxy to these two servers in way where: - dovecot server will be main IMAP service with INBOX, etc - I want archiveopteryx account to be something like shared folder with read only access (no delete, no move, etc) in path ex. /archive/user.name - this proxy mappings should allow adding few archive accounts to one user (in case of people replacement) + it will be cool if this mappings could be defined in database so I could write tools to manage archive access for bosses. Is such case possible to achieve with dovecot (any howto or example would be very helpful)? If not - do you know any proxy tools that could allow such configuration? Thanks for any help. Regards, Tomek. From CMarcus at Media-Brokers.com Wed Nov 21 14:02:55 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 21 Nov 2012 07:02:55 -0500 Subject: [Dovecot] v2.1 memory usage In-Reply-To: <50A14EA1.3050307@wildgooses.com> References: <4AC709BB-5749-49AD-8C93-69AD2A70D25A@iki.fi> <1352151633.13571.116.camel@hurina> <1352157757.13571.121.camel@hurina> <50992C33.8030505@wildgooses.com> <5A7F7F7A-9CEB-4A20-B03C-99EE81351114@iki.fi> <50A04CAE.5040608@amfes.com> <50A04EFA.1080202@thelounge.net> <assp.1663a3b60b.f55349df7c455907404f9b76b8a6809e@amfes.com> <50A14EA1.3050307@wildgooses.com> Message-ID: <50ACC2EF.6060203@Media-Brokers.com> On 2012-11-12 2:31 PM, Ed W <lists at wildgooses.com> wrote: > Openssl is a *massive* project and I'm unsure that gnutls is much > smaller... We should assume that both are quite scary from a > "security" point of view. Licensing is the main thing which divides > them, gnutls is stated as GPL compatible (however, the nominal > incompatibility of openssl seems difficult to understand?) > > OpenVPN integrated with PolarSSL and got Dutch government official > approval for the combined package. I think elsewhere it's stated that > openssl would not have been approved because something like the > codebase was too large to inspect and sign off > http://polarssl.org/news?item=0132 > > I haven't worked with PolarSSL, so no idea, but it's massively smaller > codebase is likely attractive if you are the kind of person who > actually *does* security audits on the software you run in secure > situations. > > Openssl is just a complete swiss army knife of tools! Very interesting... I'd certainly be interested in switching to it, as long as the most common tools are supported Is it considered a drop in replacement for OpenSSL? -- Best regards, Charles From ramon.frontera at uib.es Wed Nov 21 15:05:17 2012 From: ramon.frontera at uib.es (Ramon Frontera) Date: Wed, 21 Nov 2012 14:05:17 +0100 Subject: [Dovecot] Dovecot director doveadm with switch "-A" error Message-ID: <453DDEEC-1372-40D2-ADD5-00F56904C52A@uib.es> Hi, we have a problem with our director proxy configuration. When we run on proxy server the doveadm command with -A switch, fails with the error: # doveadm -D quota get -A doveadm(user1): Debug: auth input: user=user1 proxy starttls=any-cert doveadm(user1): Error: Proxy is missing destination host doveadm: Error: Failed to iterate through some users If we execute the command with a single user, director assigns host and goes well, Example: # doveadm -D quota get -u user1 doveadm(user1): Debug: auth input: user=user1 proxy starttls=any-cert host=xx.xx.xx.xx proxy_refresh=450 Quota name Type Value Limit % User quota STORAGE 159401 2621440 6 User quota MESSAGE 341 - 0 We have tried different configurations and all goes wrong with this "-A" switch, Timo please, could you tell us if we have a missconfiguration or its a possible director bug ?? We really want execute the expire plugin on ours directors and them redirect to the backends servers of every user. thanks in advance. Our doveconf -n: # dovecot -n # 2.1.10: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-279.14.1.el6.x86_64 x86_64 CentOS release 6.3 (Final) auth_cache_size = 3 k auth_cache_ttl = 15 mins auth_debug = yes auth_verbose = yes base_dir = /var/run/dovecot/ default_client_limit = 30000 default_process_limit = 5000 dict { expire = mysql:/etc/dovecot/dovecot-dict-expire.conf.ext } director_doveadm_port = 990 director_mail_servers = mailserver1 mailserver2 director_servers = proxy1 doveadm_proxy_port = 24245 lmtp_proxy = yes mail_debug = yes mail_plugins = expire quota managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace inbox { location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-ldap-users.conf.ext driver = ldap } plugin { expire = Trash expire2 = Trash/* expire_dict = proxy::expire } postmaster_address = postmaster<at>company protocols = imap pop3 lmtp sieve service auth { client_limit = 27048 unix_listener /var/spool/postfix/private/auth { mode = 0666 } unix_listener auth-userdb { group = dovecot mode = 0660 } } service director { fifo_listener login/proxy-notify { mode = 0600 user = $default_login_user } inet_listener { port = 9090 } unix_listener director-userdb { mode = 0660 } unix_listener login/director { mode = 0666 } } service doveadm { executable = doveadm-server director inet_listener doveadm-server { port = 24245 } } service imap-login { executable = imap-login director inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } } service ipc { unix_listener ipc { user = dovecot } } service lmtp { client_limit = 1 inet_listener lmtp { port = 30025 } } service managesieve-login { executable = managesieve-login director } service pop3-login { executable = pop3-login director inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } } ssl = required ssl_cert = </etc/pki/tls/certs/imap.crt ssl_key = </etc/pki/tls/private/imap.uib.es_privatekey.pem syslog_facility = local1 userdb { driver = prefetch } userdb { args = /etc/dovecot/dovecot-ldap-users.conf.ext driver = ldap } verbose_proctitle = yes protocol lmtp { auth_socket_path = director-userdb mail_plugins = expire quota sieve quota passdb { args = /etc/dovecot/dovecot-ldap-pass.conf.lmtp driver = ldap } } protocol doveadm { auth_socket_path = director-userdb } protocol imap { mail_max_userip_connections = 20 mail_plugins = expire quota } protocol pop3 { pop3_client_workarounds = outlook-no-nuls oe-ns-eoh } local ip/24/24 { doveadm_password = supersecretpassword } -- ------------------------------------------ Ramon Frontera Gallardo Universitat de les Illes Balears From tibby at tibby.hu Wed Nov 21 16:23:41 2012 From: tibby at tibby.hu (tibby at tibby.hu) Date: Wed, 21 Nov 2012 15:23:41 +0100 Subject: [Dovecot] Autocreate No namespace for Problem Message-ID: <2a18f5a901122a66ca063fa0e2122c4f@tibby.hu> Hi! I see this in the log: autocreate: No namespace found for Trash autocreate: No namespace found for Spam autocreate: No namespace found for Sent autocreate: No namespace found for Trash autocreate: No namespace found for Spam autocreate: No namespace found for Sent Why do I get this error ? Do I need to create a separate namespace for every folder? The config file looks like this: namespace private { separator = . prefix = INBOX. inbox = yes subscriptions = yes list = yes } ... plugin { autocreate = Trash autocreate2 = Spam autocreate3 = Sent autosubscribe = Trash autosubscribe2 = Spam autosubscribe3 = Sent } Thanks! From rs at sys4.de Wed Nov 21 16:41:14 2012 From: rs at sys4.de (Robert Schetterer) Date: Wed, 21 Nov 2012 15:41:14 +0100 Subject: [Dovecot] Autocreate No namespace for Problem In-Reply-To: <2a18f5a901122a66ca063fa0e2122c4f@tibby.hu> References: <2a18f5a901122a66ca063fa0e2122c4f@tibby.hu> Message-ID: <50ACE80A.8050207@sys4.de> Am 21.11.2012 15:23, schrieb tibby at tibby.hu: > Hi! > > I see this in the log: > autocreate: No namespace found for Trash > autocreate: No namespace found for Spam > autocreate: No namespace found for Sent > autocreate: No namespace found for Trash > autocreate: No namespace found for Spam > autocreate: No namespace found for Sent > > Why do I get this error ? > Do I need to create a separate namespace for every folder? > > The config file looks like this: > namespace private { > separator = . > prefix = INBOX. > inbox = yes > subscriptions = yes > list = yes > } > ... > plugin { > autocreate = Trash > autocreate2 = Spam > autocreate3 = Sent > autosubscribe = Trash > autosubscribe2 = Spam > autosubscribe3 = Sent > } > > Thanks! > just a guess try autocreate = INBOX.Trash cause you did prefix = INBOX. Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From egbert at vandenbussche.nl Wed Nov 21 16:58:31 2012 From: egbert at vandenbussche.nl (Egbert) Date: Wed, 21 Nov 2012 15:58:31 +0100 Subject: [Dovecot] XMLRPC anyone? Message-ID: <50ACEC17.5090504@vandenbussche.nl> Hi, Is there any code around that lets Dovecot (2.x) aauthenticate via a XMLRPC server (which connects to a LDAP server) instead of going directly to a LDAP server? It could give much more flexibility. TIA Egbert Jan, NL From andreas.kasenides at cs.ucy.ac.cy Wed Nov 21 19:34:55 2012 From: andreas.kasenides at cs.ucy.ac.cy (Andreas Kasenides) Date: Wed, 21 Nov 2012 19:34:55 +0200 Subject: [Dovecot] Filesystem quotas Message-ID: <50AD10BF.8040500@cs.ucy.ac.cy> I could not determine if when using filesystem quotas (http://wiki2.dovecot.org/Quota/FS) Dovecot will use the reported quota and limits without the need of configuring them via "quota_rules". Is this possible somehow? Such a feature would determine the quota limits automatically from the filesystem quotas thereby allowing to make use of them in quota warnings. Dovecot already knows the quota settings and limits. Here is evidence from the logs > Nov 21 19:24:22 iolaos dovecot: imap(user): Debug: box=/Mail/ank > mount=/newmail match=yes > Nov 21 19:24:22 iolaos dovecot: imap(user): Debug: quota-fs: > host=xxxx.xxxx.ucy.xx.cy, path=/mail, uid=211, bytes > Nov 21 19:24:22 iolaos dovecot: imap(user): Debug: quota-fs: uid=211, > value=2779115520, limit=8388608000 I am using (testing) version 2.2alpha1. Thankx. -- Andreas Kasenides Senior IT Officer University of Cyprus, Dept. of Computer Science Tel: 22892714, Fax: 22892701 From pzucchi at gmail.com Thu Nov 22 10:46:34 2012 From: pzucchi at gmail.com (Piero Zucchi) Date: Thu, 22 Nov 2012 09:46:34 +0100 Subject: [Dovecot] imap_acl and osx 10.7 Message-ID: <CA+rZbg4cAbJRefQF-AkvQtHvXNxJrgbpe=wfXnj_Uob6q1KtVQ@mail.gmail.com> Hello everybody, I'm trying to setup public folder with ACLs on a Lion Server 10.7.5 unfortunately it seems that the imap_acl plugin is not loaded properly do you have any advice? cheers Piero This is what i get from the log with imap_acl plugin enabled in protocol imap?{ } Log file: imap: Debug: Loading modules from directory: /usr/lib/dovecot Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: dlopen(/usr/lib/dovecot/lib02_imap_acl_plugin.so) failed: dlopen(/usr/lib/dovecot/lib02_imap_acl_plugin.so, 10): Symbol not found: _acl_user_module Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: Referenced from: /usr/lib/dovecot/lib02_imap_acl_plugin.so Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: Expected in: flat namespace Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: in /usr/lib/dovecot/lib02_imap_acl_plugin.so Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Fatal: Couldn't load required plugins Nov 22 09:08:14 xserve04 dovecot[43220]: master: Error: service(imap): command startup failed, throttling dovecot config # 2.0.16apple1: /etc/dovecot/dovecot.conf # OS: Darwin 11.4.2 x86_64 acfs auth_debug = yes auth_debug_passwords = yes auth_gssapi_hostname = $ALL auth_mechanisms = cram-md5 x-plain-submit apop gssapi plain login auth_socket_path = /var/run/dovecot/auth-userdb auth_username_format = %n default_internal_user = _dovecot default_login_user = _dovenull disable_plaintext_auth = no first_valid_gid = 6 first_valid_uid = 6 hostname = mail.customer.com mail_access_groups = mail mail_debug = yes mail_location = maildir:/Volumes/XsanVolume/Mail/%u mail_log_prefix = "%s(pid %p user %u): " mail_plugins = quota zlib fts fts_sk acl managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mdbox_rotate_size = 200 M namespace { inbox = yes location = prefix = separator = / type = private } namespace { hidden = yes list = children location = maildir:/Volumes/XsanVolume/Mail/Condivise/Interno:CONTROL=/Volumes/XsanVolume/Mail/Condivise/Indexes/%u/shared_Interno:INDEX=/Volumes/XsanVolume/Mail/Condivise/Indexes/%u/shared_Interno prefix = Interno/ separator = / subscriptions = no type = public } passdb { args = /etc/dovecot/submit.passdb driver = passwd-file pass = yes submit = yes } passdb { driver = od } plugin { acl = vfile fts = sk quota = maildir:User quota quota_warning = storage=100%% quota-exceeded %u quota_warning2 = storage=80%% quota-warning %u sieve = /Library/Server/Mail/Data/rules/%u/dovecot.sieve sieve_dir = /Library/Server/Mail/Data/rules/%u } postmaster_address = postmaster at xserve04.customer.com protocols = imap pop3 lmtp sieve quota_full_tempfail = yes service auth { extra_groups = _keytabusers idle_kill = 15 mins } service dns_client { unix_listener dns-client { mode = 0600 } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } service_count = 0 } service imap-postlogin { executable = script-login -d /etc/dovecot/acl_groups.sh unix_listener imap-postlogin { group = mail mode = 0600 user = _dovecot } user = _dovecot } service imap { client_limit = 5 executable = imap imap-postlogin process_limit = 200 service_count = 0 } service lmtp { unix_listener lmtp { mode = 0600 } } service managesieve-login { inet_listener sieve { port = 4190 } inet_listener sieve_deprecated { port = 2000 } } service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } } service pop3 { client_limit = 5 process_limit = 200 service_count = 0 } service quota-exceeded { executable = script /usr/libexec/dovecot/quota-exceeded.sh unix_listener quota-exceeded { group = mail mode = 0660 user = _dovecot } user = _dovecot } service quota-warning { executable = script /usr/libexec/dovecot/quota-warning.sh unix_listener quota-warning { group = mail mode = 0660 user = _dovecot } user = _dovecot } ssl_ca = </etc/certificates/xserve04.customer.com.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.chain.pem ssl_cert = </etc/certificates/xserve04.customer.com.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.cert.pem ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL:!ADH:!eNULL ssl_key = </etc/certificates/xserve04.customer.com.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.key.pem ssl_key_path = /etc/certificates/xserve04.customer.com.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.key.pem syslog_facility = local6 userdb { args = partition=/etc/dovecot/partition_map.conf enforce_quotas=yes driver = od } verbose_proctitle = yes protocol lmtp { mail_plugins = quota zlib fts fts_sk sieve } protocol lda { mail_plugins = quota zlib fts fts_sk sieve } protocol imap { imap_id_log = * imap_id_send = "name" * "version" * mail_max_userip_connections = 20 mail_plugins = quota zlib fts fts_sk imap_quota imap_zlib imap_fts imap_acl urlauth } protocol pop3 { mail_max_userip_connections = 6 } -- Piero Zucchi Apple Certified Trainer Apple Certified Specialist Professional 10.8 Apple Certified Technical Coordinator 10.7 Apple Certified System Administrator 10.6 Apple Certified Technical Coordinator 10.6 Apple Certified Specialist - Mac Os X Directory Services 10.6 Apple Certified Specialist - Mobility and Security 10.6 Apple Certified System Administrator 10.5 Apple Certified Technical Coordinator 10.5 Apple Certified Support Professional 10.5 Apple Certified Pro - Final Cut Pro 7, Level 1 From andre.bischof at rheinsinn.de Thu Nov 22 10:53:45 2012 From: andre.bischof at rheinsinn.de (Andre Bischof) Date: Thu, 22 Nov 2012 09:53:45 +0100 Subject: [Dovecot] users mail folders have to be subscribed In-Reply-To: <alpine.DEB.2.02.1211201440390.5511@pc-2m63nn> References: <CADLvNSY+rDbOFEdDpkmK6x=o47XDXxNWX6oM9w6pE2WLoLYZNg@mail.gmail.com> <alpine.DEB.2.02.1211201440390.5511@pc-2m63nn> Message-ID: <CADLvNSapszKO3XbMa7ovF8xqdAD6Pz5-tny1t2ZuwwqWtgHB6w@mail.gmail.com> Steffen, 2012/11/20 Steffen Kaiser <skdovecot at smail.inf.fh-brs.de> > ... >> >> Thank you. One thing that still doesn't work is subscribing to all >> mailboxes via "*", I guess because the folder names start with "." but >> dovecot mailbbox subscribe wants it without a starting "." Any clues how >> that can be solved? >> > > > In v2.1.10 > > > doveadm mailbox subscribe -u user at example.com "*" > > does indeed add the string "*" to the subscription list, hence, one cannot > add "all folders" with this wildcard. > > However, you can use the Unix flexible modular command line system :-) > e.g.: > > doveadm mailbox subscribe -u user at example.com \ > $( doveadm mailbox list -u user at example.com ) > > ... That's smart! I solved it a similar way yesterday evening using a loop (found it via google), but your way is even shorter. Regards Andre From rs at sys4.de Thu Nov 22 11:00:08 2012 From: rs at sys4.de (Robert Schetterer) Date: Thu, 22 Nov 2012 10:00:08 +0100 Subject: [Dovecot] imap_acl and osx 10.7 In-Reply-To: <CA+rZbg4cAbJRefQF-AkvQtHvXNxJrgbpe=wfXnj_Uob6q1KtVQ@mail.gmail.com> References: <CA+rZbg4cAbJRefQF-AkvQtHvXNxJrgbpe=wfXnj_Uob6q1KtVQ@mail.gmail.com> Message-ID: <50ADE998.5020803@sys4.de> Am 22.11.2012 09:46, schrieb Piero Zucchi: > Hello everybody, > > I'm trying to setup public folder with ACLs on a Lion Server 10.7.5 > > unfortunately it seems that the imap_acl plugin is not loaded properly > > do you have any advice? > > cheers > Piero i dont really remember but at some time there was a bug with acl plugin try 2.0.21 or 2.1.10 compare your config against http://wiki2.dovecot.org/ACL Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From pzucchi at gmail.com Thu Nov 22 11:22:54 2012 From: pzucchi at gmail.com (Piero Zucchi) Date: Thu, 22 Nov 2012 10:22:54 +0100 Subject: [Dovecot] imap_acl and osx 10.7 In-Reply-To: <50ADE998.5020803@sys4.de> References: <CA+rZbg4cAbJRefQF-AkvQtHvXNxJrgbpe=wfXnj_Uob6q1KtVQ@mail.gmail.com> <50ADE998.5020803@sys4.de> Message-ID: <CA+rZbg7rxf78qpDeHB6QAybZMM8gKrUh+Y5nRP5FjE19nL1QrA@mail.gmail.com> Thank you for your quick reply, Robert. The configuration looks ok, so I will search for version related bugs although it would be very hard upgrading to a newer version, because apple patches apply up to 2.0.16. cheers P. 2012/11/22 Robert Schetterer <rs at sys4.de>: > Am 22.11.2012 09:46, schrieb Piero Zucchi: >> Hello everybody, >> >> I'm trying to setup public folder with ACLs on a Lion Server 10.7.5 >> >> unfortunately it seems that the imap_acl plugin is not loaded properly >> >> do you have any advice? >> >> cheers >> Piero > > i dont really remember but at some time there was a bug with acl plugin > > try 2.0.21 or > 2.1.10 > > compare your config against > > http://wiki2.dovecot.org/ACL > > Best Regards > MfG Robert Schetterer > -- Piero Zucchi Apple Certified Trainer Apple Certified Technical Coordinator 10.8 Apple Certified Technical Coordinator 10.7 Apple Certified System Administrator 10.6 Apple Certified Technical Coordinator 10.6 Apple Certified Specialist - Mac Os X Directory Services 10.6 Apple Certified Specialist - Mobility and Security 10.6 Apple Certified System Administrator 10.5 Apple Certified Technical Coordinator 10.5 Apple Certified Support Professional 10.5 Apple Certified Pro - Final Cut Pro 7, Level 1 From stan at hardwarefreak.com Thu Nov 22 13:26:58 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Thu, 22 Nov 2012 05:26:58 -0600 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <20121110202529.GA30152@anubis.morrow.me.uk> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> <509EA1C4.3050103@hardwarefreak.com> <20121110202529.GA30152@anubis.morrow.me.uk> Message-ID: <50AE0C02.3090207@hardwarefreak.com> On 11/10/2012 2:25 PM, Ben Morrow wrote: > The usual meaning of 'lock contention' is 'two processes legitimately > competing for the *same* lock'. Sure, this is the textbook definition, and software designers will discuss it as such in that context. However, when systems users use the term, in a production use context, they are using it in the context of problems resulting from it, performance or otherwise. I.e. if lock contention isn't causing problems, systems users will not be discussing it. With many things, including software, context is critical. > You appear to be advocating the LDA as the solution to all possible > problems with mail delivery, and implying anyone not using it is doing > something seriously wrong. I advocated no such thing, nor implied such a thing. I stated that if one is using Postfix/local(8) for mbox delivery and Dovecot for POP/IMAP that s/he should switch to LDA (or LMTP) to eliminate any potential mbox locking problems; that it doesn't make sense to use Postfix/local(8) with Dovecot as there is no upside. Again, the context is mbox. Did you see me state this in relation to maildir? > I was pointing out that that is not always > the case. You seem to spend a lot of time pointing out exceptions. > I believe the OP mentioned something about having run out of mboxes for > 20 years? To me that suggests an old-fashioned Unix setup, which in turn > suggests procmail as a likely possibility. I could, of course, be wrong. Examination of his log entry indicates he's not using procmail, but Postfix' local(8) delivery agent directly to the mailbox file: Nov 8 07:49:11 server1 postfix/local[27901]: 04B8E7081DA: to=<xyz at xyz.com>, orig_to=<abc at abc.com>, relay=local, delay=19, delays=0.07/0/0/19, dsn=4.2.0, status=deferred (cannot update mailbox /var/spool/mail/abc for user abc. unable to lock for exclusive access: Resource temporarily unavailable) "unable to lock for exclusive access: Resource temporarily unavailable" is a Postfix local(8) error message. If procmail was configured, you'd likely see this instead: ...status=sent (delivered to command: /usr/bin/procmail...) Then procmail would do the actual delivery to the mailbox (mbox) file, and if a locking problem occurred, it would be logged by procmail, and possibly a bounce sent to the sender. I'm not sure what, if any, error would be returned to local(8) as I've never used procmail. > If I have offended you, I apologise. That was certainly not my > intention. I was not offended, just a bit annoyed. When you attempted to correct my intentional misuse of "light year" it reminded me of something similar. Almost daily I've wanted to stomp on Europeans for sticking the indefinite article "an" in front of words beginning with consonants, when they should be using "a" instead, butchering the English language in the process: "I need help with an Debian Linux install on an Dell server." "I'm installing an Dovecot cluster and need help configuring an Dovecot Director." Supremely irritating, but I've never stomped on them, bit my tongue every time, as it's a waste of time. Maybe you could follow suit. -- Stan From stan at hardwarefreak.com Thu Nov 22 14:09:12 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Thu, 22 Nov 2012 06:09:12 -0600 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <50A0DA65.9080503@1stwebdesigns.com> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> <50A0DA65.9080503@1stwebdesigns.com> Message-ID: <50AE15E8.7050400@hardwarefreak.com> On 11/12/2012 5:15 AM, 1st WebDesigns wrote: > Thanks for your replies. I switched to Dovecot LDA this morning, but > the issue still persists, albeit logged slightly differently by Dovecot > now instead of Postfix: > > "save failed to INBOX: Timeout while waiting for lock" > > The reason is because some pop3 clients Full stop. This is the first time you've mentioned POP that I recall. FYI, Dovecot is primarily an IMAP server. Unless an OP states up front that he's using primarily POP, everyone assumes IMAP and counsels accordingly. You should have stated POP in your first post. Actually, you should have included many more details prior to now. Please post your complete 'dovecot -n' output. > are holding their connection for > 5 or 6 minutes (don't ask me why - and the iPhone seems to be the major > culprit). I'm no smartphone POP expert, but old rural tower, poor tower connection, etc, all cause low data rates, which could cause this. However, you state this problem cropped up out of nowhere after a distro upgrade to CentOS 5. Can you confirm that the problem didn't exist before the upgrade? Your definitive answer to this question dictates the troubleshooting course of action. > In dovecot.conf I changed: > > mbox_lock_timeout = 300 > > to > > mbox_lock_timeout = 600 > > Which seems to have helped. I am unclear if this value only applied to > Dovecot LDA or if it would have worked previously before switching to > Dovecot LDA? This simply changes how long Dovecot will wait to acquire a lock. Increasing this value simply increases delays, masks the underlying problem without really helping much. The only real architectural solution to such a POP/mbox locking problem due to slow/long client downloads is, as you mentioned, moving to a lockless mailbox format, such as maildir or sdbox. Worth noting, we are both/all at fault in the slow progress of this issue, you for not stating POP up front, and me/us for not asking. Your 'dovecot -n' output may allow us to help get mbox working a little better, but the long term solution is very likely moving to maildir/sdbox. -- Stan From skdovecot at smail.inf.fh-brs.de Thu Nov 22 14:18:09 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 22 Nov 2012 13:18:09 +0100 (CET) Subject: [Dovecot] imap_acl and osx 10.7 In-Reply-To: <CA+rZbg4cAbJRefQF-AkvQtHvXNxJrgbpe=wfXnj_Uob6q1KtVQ@mail.gmail.com> References: <CA+rZbg4cAbJRefQF-AkvQtHvXNxJrgbpe=wfXnj_Uob6q1KtVQ@mail.gmail.com> Message-ID: <alpine.DEB.1.10.1211221315190.20004@pc-2m63a.inf.fh-bonn-rhein-sieg.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 22 Nov 2012, Piero Zucchi wrote: > imap: Debug: Loading modules from directory: /usr/lib/dovecot > Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: > dlopen(/usr/lib/dovecot/lib02_imap_acl_plugin.so) failed: > dlopen(/usr/lib/dovecot/lib02_imap_acl_plugin.so, 10): Symbol not > found: _acl_user_module are you sure, that the module is from the very same Dovecot version? I had Symbol not found errors, because I changed the ./configure options and something was not installed properly. After starting from scratch and copying the config over, it worked. Regards, - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBUK4YAmoxLS8a3A9mAQL6bQf/Z1/m/d0fgzPC/g6oA3bSQj4v344BcC7y SeCEHf4YRZITRP87gtGyJSyrK8DamupXSiM3eyutddl3aNUmsfhDoV0f2DVBkSeI soAQeMTSOal4214sUzJVK51kC448f1mdVLGhsCGI+FtUKSlq0K6XX4W+RTFQcEri Q1cq+Z+2fP42DfQlhXxvW3N4vJmqPDkARyCylu6IUs0S9xuc9mE1BF/aRQCGk6cv 68pD+Bt/PzfBNnm+TuA+xyZab90JrbZTh5pYnvf9i17xcEvi2VqRMAX6hfhg3FkV Wp7M5as+kY7op23cnCvULzdMMbKoZnPl3LEY+/YetU7gB0nyqlAW9g== =yB4V -----END PGP SIGNATURE----- From pzucchi at gmail.com Thu Nov 22 15:30:22 2012 From: pzucchi at gmail.com (Piero Zucchi) Date: Thu, 22 Nov 2012 14:30:22 +0100 Subject: [Dovecot] imap_acl and osx 10.7 In-Reply-To: <alpine.DEB.1.10.1211221315190.20004@pc-2m63a.inf.fh-bonn-rhein-sieg.de> References: <CA+rZbg4cAbJRefQF-AkvQtHvXNxJrgbpe=wfXnj_Uob6q1KtVQ@mail.gmail.com> <alpine.DEB.1.10.1211221315190.20004@pc-2m63a.inf.fh-bonn-rhein-sieg.de> Message-ID: <CA+rZbg4x4_xrpVDo=q3nA3WznJ+vxQH+1xhA9KMRf34DO9nM3Q@mail.gmail.com> Hallo Steffen, yes, I'm quite sure since it's a default mac os x server installation, so I haven neither installed nor compiled anything. P. 2012/11/22 Steffen Kaiser <skdovecot at smail.inf.fh-brs.de>: > are you sure, that the module is from the very same Dovecot version? > I had Symbol not found errors, because I changed the ./configure options and > something was not installed properly. After starting from scratch and > copying the config over, it worked. > > Regards, > > - -- Steffen Kaiser -- Piero Zucchi Apple Certified Trainer Apple Certified Specialist Professional 10.8 Apple Certified Technical Coordinator 10.7 Apple Certified System Administrator 10.6 Apple Certified Technical Coordinator 10.6 Apple Certified Specialist - Mac Os X Directory Services 10.6 Apple Certified Specialist - Mobility and Security 10.6 Apple Certified System Administrator 10.5 Apple Certified Technical Coordinator 10.5 Apple Certified Support Professional 10.5 Apple Certified Pro - Final Cut Pro 7, Level 1 From puccia+ml-dovecot at gmail.com Thu Nov 22 15:50:32 2012 From: puccia+ml-dovecot at gmail.com (Emanuele Pucciarelli) Date: Thu, 22 Nov 2012 14:50:32 +0100 Subject: [Dovecot] imap_acl and osx 10.7 In-Reply-To: <CA+rZbg4cAbJRefQF-AkvQtHvXNxJrgbpe=wfXnj_Uob6q1KtVQ@mail.gmail.com> References: <CA+rZbg4cAbJRefQF-AkvQtHvXNxJrgbpe=wfXnj_Uob6q1KtVQ@mail.gmail.com> Message-ID: <CA+oQUaQK7-EmTYAFT5okRT8PZyUmvK=e+rOOydFpwpNU2pS46Q@mail.gmail.com> Ciao Piero! :) Apparently, you might be running into this: http://dovecot.org/list/dovecot/2012-October/068723.html OS X's dynamic linker is not among the forgiving ones (as far as I know from experience with other software). It looks like Apple shipped Dovecot without running any tests with the extra plugins (which I do not believe they do). Unfortunately, even assuming this nails it, I wouldn't know off the top of my head how to fix it without recompiling from sources; install_name_tool(1) will only change the names of listed shared libraries, but not add new ones. Perhaps someone else has further advice on this matter. Emanuele On 22 November 2012 09:46, Piero Zucchi <pzucchi at gmail.com> wrote: > Hello everybody, > > I'm trying to setup public folder with ACLs on a Lion Server 10.7.5 > > unfortunately it seems that the imap_acl plugin is not loaded properly > > do you have any advice? > > cheers > Piero > > > > This is what i get from the log with imap_acl plugin enabled in > protocol imap { } > > Log file: > > imap: Debug: Loading modules from directory: /usr/lib/dovecot > Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: > dlopen(/usr/lib/dovecot/lib02_imap_acl_plugin.so) failed: > dlopen(/usr/lib/dovecot/lib02_imap_acl_plugin.so, 10): Symbol not > found: _acl_user_module > Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: Referenced > from: /usr/lib/dovecot/lib02_imap_acl_plugin.so > Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: Expected in: > flat namespace > Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: in > /usr/lib/dovecot/lib02_imap_acl_plugin.so > Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Fatal: Couldn't load > required plugins > Nov 22 09:08:14 xserve04 dovecot[43220]: master: Error: service(imap): > command startup failed, throttling > > > dovecot config > > # 2.0.16apple1: /etc/dovecot/dovecot.conf > # OS: Darwin 11.4.2 x86_64 acfs > auth_debug = yes > auth_debug_passwords = yes > auth_gssapi_hostname = $ALL > auth_mechanisms = cram-md5 x-plain-submit apop gssapi plain login > auth_socket_path = /var/run/dovecot/auth-userdb > auth_username_format = %n > default_internal_user = _dovecot > default_login_user = _dovenull > disable_plaintext_auth = no > first_valid_gid = 6 > first_valid_uid = 6 > hostname = mail.customer.com > mail_access_groups = mail > mail_debug = yes > mail_location = maildir:/Volumes/XsanVolume/Mail/%u > mail_log_prefix = "%s(pid %p user %u): " > mail_plugins = quota zlib fts fts_sk acl > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope > encoded-character vacation subaddress comparator-i;ascii-numeric > relational regex imap4flags copy include variables body enotify > environment mailbox date ihave > mdbox_rotate_size = 200 M > namespace { > inbox = yes > location = > prefix = > separator = / > type = private > } > namespace { > hidden = yes > list = children > location = maildir:/Volumes/XsanVolume/Mail/Condivise/Interno:CONTROL=/Volumes/XsanVolume/Mail/Condivise/Indexes/%u/shared_Interno:INDEX=/Volumes/XsanVolume/Mail/Condivise/Indexes/%u/shared_Interno > prefix = Interno/ > separator = / > subscriptions = no > type = public > } > passdb { > args = /etc/dovecot/submit.passdb > driver = passwd-file > pass = yes > submit = yes > } > passdb { > driver = od > } > plugin { > acl = vfile > fts = sk > quota = maildir:User quota > quota_warning = storage=100%% quota-exceeded %u > quota_warning2 = storage=80%% quota-warning %u > sieve = /Library/Server/Mail/Data/rules/%u/dovecot.sieve > sieve_dir = /Library/Server/Mail/Data/rules/%u > } > postmaster_address = postmaster at xserve04.customer.com > protocols = imap pop3 lmtp sieve > quota_full_tempfail = yes > service auth { > extra_groups = _keytabusers > idle_kill = 15 mins > } > service dns_client { > unix_listener dns-client { > mode = 0600 > } > } > service imap-login { > inet_listener imap { > port = 143 > } > inet_listener imaps { > port = 993 > ssl = yes > } > service_count = 0 > } > service imap-postlogin { > executable = script-login -d /etc/dovecot/acl_groups.sh > unix_listener imap-postlogin { > group = mail > mode = 0600 > user = _dovecot > } > user = _dovecot > } > service imap { > client_limit = 5 > executable = imap imap-postlogin > process_limit = 200 > service_count = 0 > } > service lmtp { > unix_listener lmtp { > mode = 0600 > } > } > service managesieve-login { > inet_listener sieve { > port = 4190 > } > inet_listener sieve_deprecated { > port = 2000 > } > } > service pop3-login { > inet_listener pop3 { > port = 110 > } > inet_listener pop3s { > port = 995 > ssl = yes > } > } > service pop3 { > client_limit = 5 > process_limit = 200 > service_count = 0 > } > service quota-exceeded { > executable = script /usr/libexec/dovecot/quota-exceeded.sh > unix_listener quota-exceeded { > group = mail > mode = 0660 > user = _dovecot > } > user = _dovecot > } > service quota-warning { > executable = script /usr/libexec/dovecot/quota-warning.sh > unix_listener quota-warning { > group = mail > mode = 0660 > user = _dovecot > } > user = _dovecot > } > ssl_ca = </etc/certificates/xserve04.customer.com.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.chain.pem > ssl_cert = </etc/certificates/xserve04.customer.com.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.cert.pem > ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL:!ADH:!eNULL > ssl_key = </etc/certificates/xserve04.customer.com.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.key.pem > ssl_key_path = /etc/certificates/xserve04.customer.com.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.key.pem > syslog_facility = local6 > userdb { > args = partition=/etc/dovecot/partition_map.conf enforce_quotas=yes > driver = od > } > verbose_proctitle = yes > protocol lmtp { > mail_plugins = quota zlib fts fts_sk sieve > } > protocol lda { > mail_plugins = quota zlib fts fts_sk sieve > } > protocol imap { > imap_id_log = * > imap_id_send = "name" * "version" * > mail_max_userip_connections = 20 > mail_plugins = quota zlib fts fts_sk imap_quota imap_zlib imap_fts > imap_acl urlauth > } > protocol pop3 { > mail_max_userip_connections = 6 > } > > > > > -- > Piero Zucchi > > Apple Certified Trainer > > Apple Certified Specialist Professional 10.8 > > Apple Certified Technical Coordinator 10.7 > > Apple Certified System Administrator 10.6 > Apple Certified Technical Coordinator 10.6 > Apple Certified Specialist - Mac Os X Directory Services 10.6 > Apple Certified Specialist - Mobility and Security 10.6 > > Apple Certified System Administrator 10.5 > Apple Certified Technical Coordinator 10.5 > Apple Certified Support Professional 10.5 > > Apple Certified Pro - Final Cut Pro 7, Level 1 From rplatel at tucows.com Thu Nov 22 17:06:15 2012 From: rplatel at tucows.com (Richard Platel) Date: Thu, 22 Nov 2012 10:06:15 -0500 Subject: [Dovecot] Plugin help, number of messages in mailbox Message-ID: <E1F02117-7120-4920-9807-4295BD5732A5@tucows.com> Hi, We use Dovecot for IMAP and POP (but not LDA), we want to do something when a user has an INBOX that becomes empty, or becomes not empty (set a flag in memcached, but that's not really important). I'm writing a plugin (for Dovecot 2.1.7). On mailbox_open() I can use mailbox_get_status() to get a count of messages in the mailbox, and then decrement this in expunge() or increment it in mailbox save_finish() (for IMAP APPEND or COPY commands). However in expunge() and mailbox_save_finish, even after calling the super function, mailbox_get_status doesn't update the number of messages in the mailbox. This is a problem if (for example) there are concurrent POP sessions. Two POP sessions could get all the messages in INBOX, one could logout, calling expunge a few times, eventually causing my plugin to note that the inbox is empty, then our LDA could deliver a message, mark the INBOX not empty, then the other POP session could log out, call expunge and cause my plugin to mark the INBOX empty, when it's not. So in summation: how can a plugin be notified of changes to a mailbox, and then accurately get the real number of messages in that mailbox? From pzucchi at gmail.com Thu Nov 22 17:07:14 2012 From: pzucchi at gmail.com (Piero Zucchi) Date: Thu, 22 Nov 2012 16:07:14 +0100 Subject: [Dovecot] imap_acl and osx 10.7 In-Reply-To: <CA+oQUaQK7-EmTYAFT5okRT8PZyUmvK=e+rOOydFpwpNU2pS46Q@mail.gmail.com> References: <CA+rZbg4cAbJRefQF-AkvQtHvXNxJrgbpe=wfXnj_Uob6q1KtVQ@mail.gmail.com> <CA+oQUaQK7-EmTYAFT5okRT8PZyUmvK=e+rOOydFpwpNU2pS46Q@mail.gmail.com> Message-ID: <CA+rZbg5U1EEzUt1j_UYa7DkfeeX_F6D6qtWE1EiBeRF=p-HphA@mail.gmail.com> ciao Emanuele! :) Thanks so much for your answer :). I will file a bug on radar (apple) and see if they fix it or piss me off: "we do not support acl on email". P. 2012/11/22 Emanuele Pucciarelli <puccia+ml-dovecot at gmail.com>: > Ciao Piero! :) > > Apparently, you might be running into this: > > http://dovecot.org/list/dovecot/2012-October/068723.html > > OS X's dynamic linker is not among the forgiving ones (as far as I > know from experience with other software). It looks like Apple shipped > Dovecot without running any tests with the extra plugins (which I do > not believe they do). > > Unfortunately, even assuming this nails it, I wouldn't know off the > top of my head how to fix it without recompiling from sources; > install_name_tool(1) will only change the names of listed shared > libraries, but not add new ones. Perhaps someone else has further > advice on this matter. > > Emanuele > > > On 22 November 2012 09:46, Piero Zucchi <pzucchi at gmail.com> wrote: >> Hello everybody, >> >> I'm trying to setup public folder with ACLs on a Lion Server 10.7.5 >> >> unfortunately it seems that the imap_acl plugin is not loaded properly >> >> do you have any advice? >> >> cheers >> Piero >> >> >> >> This is what i get from the log with imap_acl plugin enabled in >> protocol imap { } >> >> Log file: >> >> imap: Debug: Loading modules from directory: /usr/lib/dovecot >> Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: >> dlopen(/usr/lib/dovecot/lib02_imap_acl_plugin.so) failed: >> dlopen(/usr/lib/dovecot/lib02_imap_acl_plugin.so, 10): Symbol not >> found: _acl_user_module >> Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: Referenced >> from: /usr/lib/dovecot/lib02_imap_acl_plugin.so >> Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: Expected in: >> flat namespace >> Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Error: in >> /usr/lib/dovecot/lib02_imap_acl_plugin.so >> Nov 22 09:08:14 xserve04 dovecot[87688]: imap: Fatal: Couldn't load >> required plugins >> Nov 22 09:08:14 xserve04 dovecot[43220]: master: Error: service(imap): >> command startup failed, throttling >> >> >> dovecot config >> >> # 2.0.16apple1: /etc/dovecot/dovecot.conf >> # OS: Darwin 11.4.2 x86_64 acfs >> auth_debug = yes >> auth_debug_passwords = yes >> auth_gssapi_hostname = $ALL >> auth_mechanisms = cram-md5 x-plain-submit apop gssapi plain login >> auth_socket_path = /var/run/dovecot/auth-userdb >> auth_username_format = %n >> default_internal_user = _dovecot >> default_login_user = _dovenull >> disable_plaintext_auth = no >> first_valid_gid = 6 >> first_valid_uid = 6 >> hostname = mail.customer.com >> mail_access_groups = mail >> mail_debug = yes >> mail_location = maildir:/Volumes/XsanVolume/Mail/%u >> mail_log_prefix = "%s(pid %p user %u): " >> mail_plugins = quota zlib fts fts_sk acl >> managesieve_notify_capability = mailto >> managesieve_sieve_capability = fileinto reject envelope >> encoded-character vacation subaddress comparator-i;ascii-numeric >> relational regex imap4flags copy include variables body enotify >> environment mailbox date ihave >> mdbox_rotate_size = 200 M >> namespace { >> inbox = yes >> location = >> prefix = >> separator = / >> type = private >> } >> namespace { >> hidden = yes >> list = children >> location = maildir:/Volumes/XsanVolume/Mail/Condivise/Interno:CONTROL=/Volumes/XsanVolume/Mail/Condivise/Indexes/%u/shared_Interno:INDEX=/Volumes/XsanVolume/Mail/Condivise/Indexes/%u/shared_Interno >> prefix = Interno/ >> separator = / >> subscriptions = no >> type = public >> } >> passdb { >> args = /etc/dovecot/submit.passdb >> driver = passwd-file >> pass = yes >> submit = yes >> } >> passdb { >> driver = od >> } >> plugin { >> acl = vfile >> fts = sk >> quota = maildir:User quota >> quota_warning = storage=100%% quota-exceeded %u >> quota_warning2 = storage=80%% quota-warning %u >> sieve = /Library/Server/Mail/Data/rules/%u/dovecot.sieve >> sieve_dir = /Library/Server/Mail/Data/rules/%u >> } >> postmaster_address = postmaster at xserve04.customer.com >> protocols = imap pop3 lmtp sieve >> quota_full_tempfail = yes >> service auth { >> extra_groups = _keytabusers >> idle_kill = 15 mins >> } >> service dns_client { >> unix_listener dns-client { >> mode = 0600 >> } >> } >> service imap-login { >> inet_listener imap { >> port = 143 >> } >> inet_listener imaps { >> port = 993 >> ssl = yes >> } >> service_count = 0 >> } >> service imap-postlogin { >> executable = script-login -d /etc/dovecot/acl_groups.sh >> unix_listener imap-postlogin { >> group = mail >> mode = 0600 >> user = _dovecot >> } >> user = _dovecot >> } >> service imap { >> client_limit = 5 >> executable = imap imap-postlogin >> process_limit = 200 >> service_count = 0 >> } >> service lmtp { >> unix_listener lmtp { >> mode = 0600 >> } >> } >> service managesieve-login { >> inet_listener sieve { >> port = 4190 >> } >> inet_listener sieve_deprecated { >> port = 2000 >> } >> } >> service pop3-login { >> inet_listener pop3 { >> port = 110 >> } >> inet_listener pop3s { >> port = 995 >> ssl = yes >> } >> } >> service pop3 { >> client_limit = 5 >> process_limit = 200 >> service_count = 0 >> } >> service quota-exceeded { >> executable = script /usr/libexec/dovecot/quota-exceeded.sh >> unix_listener quota-exceeded { >> group = mail >> mode = 0660 >> user = _dovecot >> } >> user = _dovecot >> } >> service quota-warning { >> executable = script /usr/libexec/dovecot/quota-warning.sh >> unix_listener quota-warning { >> group = mail >> mode = 0660 >> user = _dovecot >> } >> user = _dovecot >> } >> ssl_ca = </etc/certificates/xserve04.customer.com.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.chain.pem >> ssl_cert = </etc/certificates/xserve04.customer.com.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.cert.pem >> ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL:!ADH:!eNULL >> ssl_key = </etc/certificates/xserve04.customer.com.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.key.pem >> ssl_key_path = /etc/certificates/xserve04.customer.com.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.key.pem >> syslog_facility = local6 >> userdb { >> args = partition=/etc/dovecot/partition_map.conf enforce_quotas=yes >> driver = od >> } >> verbose_proctitle = yes >> protocol lmtp { >> mail_plugins = quota zlib fts fts_sk sieve >> } >> protocol lda { >> mail_plugins = quota zlib fts fts_sk sieve >> } >> protocol imap { >> imap_id_log = * >> imap_id_send = "name" * "version" * >> mail_max_userip_connections = 20 >> mail_plugins = quota zlib fts fts_sk imap_quota imap_zlib imap_fts >> imap_acl urlauth >> } >> protocol pop3 { >> mail_max_userip_connections = 6 >> } >> >> >> >> >> -- >> Piero Zucchi >> >> Apple Certified Trainer >> >> Apple Certified Specialist Professional 10.8 >> >> Apple Certified Technical Coordinator 10.7 >> >> Apple Certified System Administrator 10.6 >> Apple Certified Technical Coordinator 10.6 >> Apple Certified Specialist - Mac Os X Directory Services 10.6 >> Apple Certified Specialist - Mobility and Security 10.6 >> >> Apple Certified System Administrator 10.5 >> Apple Certified Technical Coordinator 10.5 >> Apple Certified Support Professional 10.5 >> >> Apple Certified Pro - Final Cut Pro 7, Level 1 -- Piero Zucchi Apple Certified Trainer Apple Certified Specialist Professional 10.8 Apple Certified Technical Coordinator 10.7 Apple Certified System Administrator 10.6 Apple Certified Technical Coordinator 10.6 Apple Certified Specialist - Mac Os X Directory Services 10.6 Apple Certified Specialist - Mobility and Security 10.6 Apple Certified System Administrator 10.5 Apple Certified Technical Coordinator 10.5 Apple Certified Support Professional 10.5 Apple Certified Pro - Final Cut Pro 7, Level 1 From design at 1stwebdesigns.com Thu Nov 22 23:26:24 2012 From: design at 1stwebdesigns.com (1st WebDesigns) Date: Thu, 22 Nov 2012 21:26:24 +0000 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <50AE15E8.7050400@hardwarefreak.com> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> <50A0DA65.9080503@1stwebdesigns.com> <50AE15E8.7050400@hardwarefreak.com> Message-ID: <50AE9880.7040405@1stwebdesigns.com> Output of dovecot -n is as follows: # 1.0.7: /etc/dovecot.conf login_dir: /var/run/dovecot/login login_executable(default): /usr/libexec/dovecot/imap-login login_executable(imap): /usr/libexec/dovecot/imap-login login_executable(pop3): /usr/libexec/dovecot/pop3-login mail_privileged_group: mail mail_location: mbox:~/mail:INBOX=/var/mail/%u mbox_lock_timeout: 600 mail_executable(default): /usr/libexec/dovecot/imap mail_executable(imap): /usr/libexec/dovecot/imap mail_executable(pop3): /usr/libexec/dovecot/pop3 mail_plugin_dir(default): /usr/lib64/dovecot/imap mail_plugin_dir(imap): /usr/lib64/dovecot/imap mail_plugin_dir(pop3): /usr/lib64/dovecot/pop3 auth default: passdb: driver: pam userdb: driver: passwd We upgraded from RedHat 4 to RedHat 5. The problem didn't exist with RH4 and an even older version of Dovecot. When emails are stuck in the queue, doing this: lsof /var/spool/mail/<user> shows the spool file in use by a pop3 login and the Dovecot deliver process. Since changing mbox_lock_timeout from 300 to 600 the pop3 process eventually finishes before 600 seconds and the deliver process is able to complete. I admit this is masking the problem rather than solving it. As discussed before our version of Dovecot is dated now, however it's the version provided by RedHat and the version supported by our support company (who aren't doing a great job, hence me posting here). Thanks, On 22/11/2012 12:09, Stan Hoeppner wrote: > On 11/12/2012 5:15 AM, 1st WebDesigns wrote: > >> Thanks for your replies. I switched to Dovecot LDA this morning, but >> the issue still persists, albeit logged slightly differently by Dovecot >> now instead of Postfix: >> >> "save failed to INBOX: Timeout while waiting for lock" >> >> The reason is because some pop3 clients > > Full stop. This is the first time you've mentioned POP that I recall. > FYI, Dovecot is primarily an IMAP server. Unless an OP states up front > that he's using primarily POP, everyone assumes IMAP and counsels > accordingly. You should have stated POP in your first post. Actually, > you should have included many more details prior to now. Please post > your complete 'dovecot -n' output. > >> are holding their connection for >> 5 or 6 minutes (don't ask me why - and the iPhone seems to be the major >> culprit). > > I'm no smartphone POP expert, but old rural tower, poor tower > connection, etc, all cause low data rates, which could cause this. > However, you state this problem cropped up out of nowhere after a distro > upgrade to CentOS 5. Can you confirm that the problem didn't exist > before the upgrade? Your definitive answer to this question dictates > the troubleshooting course of action. > >> In dovecot.conf I changed: >> >> mbox_lock_timeout = 300 >> >> to >> >> mbox_lock_timeout = 600 >> >> Which seems to have helped. I am unclear if this value only applied to >> Dovecot LDA or if it would have worked previously before switching to >> Dovecot LDA? > > This simply changes how long Dovecot will wait to acquire a lock. > Increasing this value simply increases delays, masks the underlying > problem without really helping much. > > The only real architectural solution to such a POP/mbox locking problem > due to slow/long client downloads is, as you mentioned, moving to a > lockless mailbox format, such as maildir or sdbox. > > Worth noting, we are both/all at fault in the slow progress of this > issue, you for not stating POP up front, and me/us for not asking. > > Your 'dovecot -n' output may allow us to help get mbox working a little > better, but the long term solution is very likely moving to maildir/sdbox. > From stan at hardwarefreak.com Fri Nov 23 08:07:32 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Fri, 23 Nov 2012 00:07:32 -0600 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <50AE9880.7040405@1stwebdesigns.com> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> <50A0DA65.9080503@1stwebdesigns.com> <50AE15E8.7050400@hardwarefreak.com> <50AE9880.7040405@1stwebdesigns.com> Message-ID: <50AF12A4.7060201@hardwarefreak.com> On 11/22/2012 3:26 PM, 1st WebDesigns wrote: > Output of dovecot -n is as follows: > > # 1.0.7: /etc/dovecot.conf > login_dir: /var/run/dovecot/login > login_executable(default): /usr/libexec/dovecot/imap-login > login_executable(imap): /usr/libexec/dovecot/imap-login > login_executable(pop3): /usr/libexec/dovecot/pop3-login > mail_privileged_group: mail > mail_location: mbox:~/mail:INBOX=/var/mail/%u > mbox_lock_timeout: 600 > mail_executable(default): /usr/libexec/dovecot/imap > mail_executable(imap): /usr/libexec/dovecot/imap > mail_executable(pop3): /usr/libexec/dovecot/pop3 > mail_plugin_dir(default): /usr/lib64/dovecot/imap > mail_plugin_dir(imap): /usr/lib64/dovecot/imap > mail_plugin_dir(pop3): /usr/lib64/dovecot/pop3 > auth default: > passdb: > driver: pam > userdb: > driver: passwd Are your mailboxes on NFS storage? You haven't stated on what storage your mailboxes reside. NFS complicates locking. If you use an NFS server, did anything on it change recently, such as an upgrade to RHEL5? I found a thread stating RHEL5 has a bad FCNTL implementation that could be related to your write lock delay problem. Try using dotlock only for read and write and see if that helps. It has additional filesystem IO overhead, but nothing like the many minutes of delay you have now. mbox_read_locks = dotlock mbox_write_locks = dotlock > We upgraded from RedHat 4 to RedHat 5. The problem didn't exist with > RH4 and an even older version of Dovecot. That may be, but you're surely not planning on downgrading back to RHEL4. > When emails are stuck in the queue, doing this: Dovecot doesn't use queues. It writes directly to the mailbox files. > lsof /var/spool/mail/<user> These are mailbox files, your user inbox mbox files, not spool files. Spool implies temporary storage. Don't let "spool" fool you. On many/most systems /var/spool/mail is a link to /var/mail. > shows the spool file in use by a pop3 login and the Dovecot deliver > process. Since changing mbox_lock_timeout from 300 to 600 the pop3 > process eventually finishes before 600 seconds and the deliver process > is able to complete. I admit this is masking the problem rather than > solving it. Does the larger timeout value completely eliminate the errors? If so this may be the best outcome you can get with Dovecot 1.0.7, mbox storage, on RHEL5, unless a different locking method fixes it. > As discussed before our version of Dovecot is dated now, however it's > the version provided by RedHat and the version supported by our support > company (who aren't doing a great job, hence me posting here). It's the version provided by RHEL5. RHEL6.3 has Dovecot 2.0.9. There are 3rd party 1.2.x RPMs available for RHEL5.x as well as 2.x.x RPMs for RHEL5.x. What "support company"? If you're using RHEL, Red Hat provides the support. That's the whole reason for "paying for" a Linux distro. What is preventing you from upgrading to RHEL 6.3, the current release? Which BTW is behind nearly all other distros WRT package versions. For instance Debian stable has Dovecot 2.1.7 available in the backports repo. -- Stan > > On 22/11/2012 12:09, Stan Hoeppner wrote: >> On 11/12/2012 5:15 AM, 1st WebDesigns wrote: >> >>> Thanks for your replies. I switched to Dovecot LDA this morning, but >>> the issue still persists, albeit logged slightly differently by Dovecot >>> now instead of Postfix: >>> >>> "save failed to INBOX: Timeout while waiting for lock" >>> >>> The reason is because some pop3 clients >> >> Full stop. This is the first time you've mentioned POP that I recall. >> FYI, Dovecot is primarily an IMAP server. Unless an OP states up front >> that he's using primarily POP, everyone assumes IMAP and counsels >> accordingly. You should have stated POP in your first post. Actually, >> you should have included many more details prior to now. Please post >> your complete 'dovecot -n' output. >> >>> are holding their connection for >>> 5 or 6 minutes (don't ask me why - and the iPhone seems to be the major >>> culprit). >> >> I'm no smartphone POP expert, but old rural tower, poor tower >> connection, etc, all cause low data rates, which could cause this. >> However, you state this problem cropped up out of nowhere after a distro >> upgrade to CentOS 5. Can you confirm that the problem didn't exist >> before the upgrade? Your definitive answer to this question dictates >> the troubleshooting course of action. >> >>> In dovecot.conf I changed: >>> >>> mbox_lock_timeout = 300 >>> >>> to >>> >>> mbox_lock_timeout = 600 >>> >>> Which seems to have helped. I am unclear if this value only applied to >>> Dovecot LDA or if it would have worked previously before switching to >>> Dovecot LDA? >> >> This simply changes how long Dovecot will wait to acquire a lock. >> Increasing this value simply increases delays, masks the underlying >> problem without really helping much. >> >> The only real architectural solution to such a POP/mbox locking problem >> due to slow/long client downloads is, as you mentioned, moving to a >> lockless mailbox format, such as maildir or sdbox. >> >> Worth noting, we are both/all at fault in the slow progress of this >> issue, you for not stating POP up front, and me/us for not asking. >> >> Your 'dovecot -n' output may allow us to help get mbox working a little >> better, but the long term solution is very likely moving to >> maildir/sdbox. >> > From tss at iki.fi Fri Nov 23 08:18:32 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 08:18:32 +0200 Subject: [Dovecot] Initial status notification not received In-Reply-To: <20121116141259.GA9371@petole.demisel.net> References: <20121116141259.GA9371@petole.demisel.net> Message-ID: <7D584D20-225A-4790-A293-5AB95EF7CD76@iki.fi> On 16.11.2012, at 16.12, Nicolas KOWALSKI wrote: > We have SLES-11 SP2 Xen VMs running dovecot as IMAP proxies. At VMs > startup, dovecot almost always shows these errors: > > Nov 16 14:29:19 server dovecot: master: Dovecot v2.1.10 starting up (core dumps disabled) > Nov 16 14:29:55 server dovecot: master: Error: service(anvil): Initial status notification not received in 30 seconds, killing the process > Nov 16 14:29:55 server dovecot: master: Error: service(log): Initial status notification not received in 30 seconds, killing the process > Nov 16 14:29:55 server dovecot: master: Error: service(ssl-params): Initial status notification not received in 30 seconds, killing the process > Nov 16 14:29:55 server dovecot: master: Error: service(log): child 3591 killed with signal 9 > > As the last line tells, dovecot stops logging information. We have to > restart the dovecot processes to get back normal behaviour. I also tried > to set idle_kill values to services definitions, without success. You mean this happens when the VM starts up, but if you manually restart it later they don't happen? > Is there a way to prevent these errors? I wonder if it's because of SLES or something else. From tss at iki.fi Fri Nov 23 08:20:00 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 08:20:00 +0200 Subject: [Dovecot] Is there any Documentation or Howto/Guide for Dovecot Replication or do i have to wait for dovecot 2.2.x? In-Reply-To: <72bd3d101cab445e8b4216300b43b798@zackbummfertig.de> References: <72bd3d101cab445e8b4216300b43b798@zackbummfertig.de> Message-ID: <AE4A00E5-5683-4766-A400-9B1057AF77A9@iki.fi> On 16.11.2012, at 17.24, weber at zackbummfertig.de wrote: > dear timo, > can you help me? There are some mails about it somewhere in the mailing list. I'll write some documentation before v2.2.0 is out. From tss at iki.fi Fri Nov 23 08:29:10 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 08:29:10 +0200 Subject: [Dovecot] maildir and end-of-line encoding In-Reply-To: <1352343439.5059.202.camel@fermat.scientia.net> References: <1351648223.24721.4.camel@fermat.scientia.net> <A52B651B-B5D8-4B16-9A79-4231CAAD4ECD@iki.fi> <1352343439.5059.202.camel@fermat.scientia.net> Message-ID: <FE7D8BAA-A713-4CFE-B012-C7EB820E0C48@iki.fi> On 8.11.2012, at 4.57, Christoph Anton Mitterer wrote: > On Wed, 2012-11-07 at 17:33 +0200, Timo Sirainen wrote: >> Dovecot automatically adds CRs where necessary. Even within the same file there can be mixed LF/CRLF lines. > Can you detail this a bit, or point me to the specific code areas? > > 1) Is only CR added? Or also LF? If CR is alone, it's not treated as newline. So only CRs may be added before LF. > 2) What happens e.g. when LFCR is found? Is that then "doubled" to > CRLFCR or even CRLFCRLF? CRLFCR > 3) When does it "add" these chars? Only when using dovecot-lda? Or also > when some other MDA places files into e.g. a maildir? When saving a mail, based on mail_save_crlf setting the CRs are either added or removed when writing the mail to disk. When reading a mail and sending to IMAP/POP3 client the CRs are always added. (doveadm fetch text doesn't add/remove CRs I think.) > I did some reading on the RFC 5322 which says: > > - new mails must not have single CR or LF, both may only occur as CRL > > - but from the previous RFCs, it allows existing messages to have CR and > LF alone, in which case they are not newlines as CRLF, but rather the CR > and LF characters in the their meaning as control characters. > > > 4) So from that point of view... automatic conversion may actually > "corrupt" things in a strict sense. > (One should hope of course, that only few people use(d) CR or LF alone > to get their control character meaning... but rather that these are just > cases of accidents.) SMTP and IMAP protocols are the only normal ways to get messages into a system. Both of them require CRLF newlines. So there's really no way for Dovecot to ever see valid LF-only newlines. One exception is Content-Type: binary, but that's not really supported by Dovecot (or any commonly used SMTP servers either I think). > 5) I agree with you that mails should be stored with CRLF, as this is > their native format.... and I found nothing on the maildir[++] standards > that would forbid that (neither that would encourage it). > But for mbox there are "definitions" that _always_ LF is used (AFAIU, > even on non-UNIX platforms. mbox isn't really standardized. Anyway, storing mails with CRLF allows some optimizations, but if the mails aren't stored compressed it wastes a bit of disk space. > 6) I went through my mails and basically I found everything: > CR, LF, CRLF and even LFCR. > Now I have no real idea how to deal with that? > Keep all as is? Make all LFs CRLFs and/or all CFs to CRLFs? What about > the LFCRs? Handle them as group and perhaps swap them to CRLF. Or doing > the same as with single LFs and CRs. Why do you need to do something about them? Dovecot should handle all of them fine. From tss at iki.fi Fri Nov 23 08:33:20 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 08:33:20 +0200 Subject: [Dovecot] IMAP session state inconsistent In-Reply-To: <509BC56F.6030606@airstreamcomm.net> References: <509BC56F.6030606@airstreamcomm.net> Message-ID: <FC27D231-C54E-438D-968A-5932D2FF221D@iki.fi> On 8.11.2012, at 16.45, list at airstreamcomm.net wrote: > Running Dovecot 1.2.12 (we are in the process of upgrading to 2.1.x) > > Didn't find much in old threads, but we are seeing the following in the logs this morning: > > dovecot: imap-login: Login: user=<wajabrun>, method=PLAIN, rip=x.x.x.x, lip=y.y.y.y > dovecot: IMAP(wajabrun): Disconnected: IMAP session state is inconsistent, please relogin. bytes=443/1146 > dovecot: imap-login: Login: user=<wajabrun>, method=PLAIN, rip=x.x.x.x, lip=y.y.y.y > dovecot: IMAP(wajabrun): Disconnected: IMAP session state is inconsistent, please relogin. bytes=561/1637 > dovecot: imap-login: Login: user=<wajabrun>, method=PLAIN, rip=x.x.x.x, lip=y.y.y.y > dovecot: IMAP(wajabrun): file_dotlock_open() failed with file /mail/w/a/wajabrun/Maildir/.INBOX.02 ORDERS.Gaiam/dovecot.index.log: No such file or directory > dovecot: IMAP(wajabrun): file_dotlock_open() failed with file /mail/w/a/wajabrun/Maildir/.INBOX.02 ORDERS.Gaiam/dovecot.index.log: No such file or directory > > Not sure what to make of this sequence? Probably user deleted the mailbox while other sessions still had it opened. There are some more checks to avoid those in newer versions. From tss at iki.fi Fri Nov 23 08:33:49 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 08:33:49 +0200 Subject: [Dovecot] Hardlink with Maildir a brief help In-Reply-To: <509BC6F7.1050107@mail.cgilfe.it> References: <509BC6F7.1050107@mail.cgilfe.it> Message-ID: <8FD6F712-98D9-47CE-AD41-ACC469092525@iki.fi> On 8.11.2012, at 16.51, Davide wrote: > Hi to all, my question is: > > Is possible implementing SIS (with hardlink) with maildir instead of *dbox format? No. Way too difficult and non-standard. From tss at iki.fi Fri Nov 23 08:36:37 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 08:36:37 +0200 Subject: [Dovecot] memory allocation issues In-Reply-To: <20121109004915.GJ70186@corp.sonic.net> References: <20121109004915.GJ70186@corp.sonic.net> Message-ID: <840D1B6B-956A-442C-8550-62EBAD352B73@iki.fi> On 9.11.2012, at 2.49, Kelsey Cummings wrote: > One of our dovecot backend servers ran into a problem with it's auth > process a few days ago. This doesn't appear to be the error logged when > dovecot hits its internal limit so I'm not sure what is going on here. > > auth: Error: malloc: 58012: Cannot allocate memory > auth: Error: Unable to allocate memory for mutexes from the region > auth: Error: PANIC: Cannot allocate memory > auth: passwd(test,1.1.1.1,<8HTlNHzNIQBAjhKC>): unknown user It would have been nicer if libc would have just crashed the process instead of silently converting it into "unknown user" error.. That's probably actually a bug since the getpwuid_r() that Dovecot uses would have been able to return an error message. > pop3: Error: Authenticated user not found from userdb, auth lookup +id=2509111297 (client-pid=4781 client-id=1) > pop3-login: Internal login failure (pid=4781 id=1) (internal failure, 1 +succesful auths): user=<test>... > > There was at least 10+GB free RAM on the server and no indication of a > system level issue at the same time. The server is running 2.1.9. > There were about 3,200 active sessions, with something like 12 new > sessions/sec. The other identical servers are/were handling virtually > identical load with the same service uptime and haven't had any issues > so far. (Crash happened 7 days ago.) Memory leak maybe? service auth { vsz_limit } anyway was reached (default 256 MB). From tss at iki.fi Fri Nov 23 08:39:32 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 08:39:32 +0200 Subject: [Dovecot] Is there a hook for a plugin to do some transient operation on the mail body ... In-Reply-To: <1352439449.79235.YahooMailNeo@web165005.mail.bf1.yahoo.com> References: <1352439449.79235.YahooMailNeo@web165005.mail.bf1.yahoo.com> Message-ID: <1E94A3D1-6B4B-4217-983B-8576099B3F91@iki.fi> On 9.11.2012, at 7.37, Jay wrote: > ... when the MUA has issued a FETCH? > > I am a Dovecot newbie ... so please bear with me if this is obvious. Basically what I am trying to do is process the mail body (in my own specific way) before Dovecot serves it up to the MUA. I want to do it as a transient operation in memory. So think of the scenario as ... > - the MUA issues a FETCH > - Dovecot intercepts the FETCH > - Dovecot internally gets the mail from the storage into a buffer in memory > ----> This is where I'd like to apply a function to the mail body and modify the mail body in the buffer (not in the storage) > - Dovecot serves up the (modified) mail to the MUA > > Looking for a hook that allows me to do it using a plugin. Looks like the zlib plugin does something similar ... applies a decompression function ... but I am not 100% sure. http://dovecot.org/patches/2.1/mail-filter.tar.gz allows you to run it through a script. But note that IMAP protocol requires that messages never change, and Dovecot relies on that internally as well. Practically it's ok enough to change the message content, as long as you don't change the message/MIME structure sizes. From tss at iki.fi Fri Nov 23 08:52:59 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 08:52:59 +0200 Subject: [Dovecot] imap-login hanging when firewall blocks ssl handshaking In-Reply-To: <B7D3B051-AEFD-42CD-87DC-60764AF401D4@usc.edu> References: <B7D3B051-AEFD-42CD-87DC-60764AF401D4@usc.edu> Message-ID: <8EDD59BD-AC4B-442F-B148-285BC368B49B@iki.fi> On 10.11.2012, at 12.44, Erik A Johnson wrote: > imap-login processes are hanging (using 100% of CPU) when connected from a client that is partially blocked by a firewall. It appears that imap-login is stuck in a loop trying to complete an ssl handshake. imap-login is working fine for other clients not blocked by the firewall (including localhost). > > This is dovecot 2.1.10 under Mac OS X 10.8.2 (compiled from sources); the firewall is Little Snitch 3.0.1 blocking port 993, which appears to let the connection initiate but then squashes and disconnects the socket during ssl handshaking. > > gdb backtrace and Activity Monitor's "Sample Process" show that imap-login is stuck calling ioloop-kqueue's io_loop_handler_run -> io_loop_call_io -> ssl_step repeatedly; dtruss shows that it is repeatedly making system calls to kevent and read, the latter returning -1 with errno 57=ENOTCONN="Socket is not connected". (I also tried ./configure --with-ioloop=poll and --with-iopoll=select instead of the default best = kqueue but the results were the same; --with-iopoll=epoll didn't work because epoll is not available on this machine.) The client, initiated by the command "openssl s_client -connect SERVER:993", first responds "CONNECTED(00000003)" but then immediately the error "60278:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:/SourceCache/OpenSSL098/OpenSSL098-44/src/ssl/s23_lib.c:182:". The infinite loop is in src/lib/ioloop.c in the function "io_loop_run" where the statement "while (ioloop->running) io_loop_handler_run(ioloop)" is executed. I wonder if this fixes it? http://hg.dovecot.org/dovecot-2.1/rev/e95479f439aa From tss at iki.fi Fri Nov 23 08:54:07 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 08:54:07 +0200 Subject: [Dovecot] User iteration with static userdb In-Reply-To: <97e9e4ee533292752c95ef18bdfb3367@r-n.cz> References: <97e9e4ee533292752c95ef18bdfb3367@r-n.cz> Message-ID: <E984064E-8E3E-44A2-AB3F-2F3F03995737@iki.fi> On 10.11.2012, at 22.34, Radek Novotn? wrote: > can someone explain me, please, why user iteration (iterate_query) > doesn't work with static userdb? There isn't reason why > it shouldn't work. In my opinion. However static userdb doesn't mean that user list > not exist. Where would you like the static userdb to get the list of users then? From nicolas.kowalski at gmail.com Fri Nov 23 09:01:04 2012 From: nicolas.kowalski at gmail.com (Nicolas KOWALSKI) Date: Fri, 23 Nov 2012 08:01:04 +0100 Subject: [Dovecot] Initial status notification not received In-Reply-To: <7D584D20-225A-4790-A293-5AB95EF7CD76@iki.fi> References: <20121116141259.GA9371@petole.demisel.net> <7D584D20-225A-4790-A293-5AB95EF7CD76@iki.fi> Message-ID: <20121123070104.GA13525@petole.demisel.net> On Fri, Nov 23, 2012 at 08:18:32AM +0200, Timo Sirainen wrote: > On 16.11.2012, at 16.12, Nicolas KOWALSKI wrote: > > > We have SLES-11 SP2 Xen VMs running dovecot as IMAP proxies. At VMs > > startup, dovecot almost always shows these errors: > > > > Nov 16 14:29:19 server dovecot: master: Dovecot v2.1.10 starting up (core dumps disabled) > > Nov 16 14:29:55 server dovecot: master: Error: service(anvil): Initial status notification not received in 30 seconds, killing the process > > Nov 16 14:29:55 server dovecot: master: Error: service(log): Initial status notification not received in 30 seconds, killing the process > > Nov 16 14:29:55 server dovecot: master: Error: service(ssl-params): Initial status notification not received in 30 seconds, killing the process > > Nov 16 14:29:55 server dovecot: master: Error: service(log): child 3591 killed with signal 9 > > > > As the last line tells, dovecot stops logging information. We have to > > restart the dovecot processes to get back normal behaviour. I also tried > > to set idle_kill values to services definitions, without success. > > You mean this happens when the VM starts up, but if you manually restart it later they don't happen? Yes. > > Is there a way to prevent these errors? > > I wonder if it's because of SLES or something else. We narrowed the problem to another process, started before dovecot, which takes a lot of CPU and disk resources; since we delayed its launch, dovecot starts up happily. However, I am still confused about why dovecot kills itself. Maybe the master process could restart its runaway processes, or the initial status notification delay could be customized? -- Nicolas From tss at iki.fi Fri Nov 23 09:01:30 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 09:01:30 +0200 Subject: [Dovecot] Quotas 2.1clarification In-Reply-To: <CAMD-=VKpQB1Kk7RuGREOqA5jRhzpt__nTNJQYq-_Ca4zKaXqig@mail.gmail.com> References: <CAMD-=VKpQB1Kk7RuGREOqA5jRhzpt__nTNJQYq-_Ca4zKaXqig@mail.gmail.com> Message-ID: <72936630-5A87-4F7A-930E-527A98D9500F@iki.fi> On 15.11.2012, at 6.55, Nick Edwards wrote: > Timo, > > I have much suspicion that our quota system is not working correctly > since we migrate to 2.1 > Currently using 2.1.10 > Previously we had for issue of warnings > > quota_warning = storage=90%% /scripts/dqwarn-90.sh > quota_warning2 = storage=75%% /scripts/dqwarn-75.sh > > worked great, these lines also migrated to new conf upon conversion. > > > But quota conf example shows > > plugin { > #quota_warning = storage=95%% quota-warning 95 %u > #quota_warning2 = storage=80%% quota-warning 80 %u > } > > # Example quota-warning service. The unix listener's permissions should be > # set in a way that mail processes can connect to it. Below example assumes > # that mail processes run as vmail user. If you use mode=0666, all system users > # can generate quota warnings to anyone. > #service quota-warning { > # executable = script /usr/local/bin/quota-warning.sh > # user = dovecot > # unix_listener quota-warning { > # user = vmail > # } > #} > > > So this seems to indicate /scripts/dqwarn-75.sh should be a service > name, which then calls the service quota-warning with that script in > it etc etc etc surely this old 4 line method has not been replaced > into a 20 line mess? Yes, it has been replaced with a more complex setup. The new way is more efficient, safer and "cleaner", even though it's more complex to setup. > Is this old way still functioning as I suspect it is not, and we need > to write up two separate new quota warning services given our warnings > are worded differently, or should the old methods still be working as > they did in 1.2 and we have an error elsewhere? If you want to run two separate scripts you need two separate services. But it would be easier to have just one script (= one service) and give the 75 or 90 as parameter to it. From tss at iki.fi Fri Nov 23 09:07:26 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 09:07:26 +0200 Subject: [Dovecot] shared mailboxes and indexes In-Reply-To: <50A61147.5040201@um.es> References: <50A61147.5040201@um.es> Message-ID: <14BDCFB7-B11E-4D4A-95AD-5BB92085DB91@iki.fi> On 16.11.2012, at 12.11, Angel L. Mateo wrote: > We are deploying shared mailboxes in our mail system. We are running 2.1.9 and mail backend is maildir. > > As described at http://wiki.dovecot.org/SharedMailboxes/Shared when shared namespace is configured as > > namespace shared { > separator = / > prefix = shared/%%u/ > location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u > subscriptions = no > list = children > } > > each user accessing this folder has its own index, stored in ~/Maildir/shared/%%u/<shared mailbox>, hasn't it? Right. > Our mail is store in NFS disks so we are very concerned about indexes optimizations (we had performance problems until we got all of our indexes and nfs tunned). So, is there any way so those indexes could be shared for all users (and they always would be updated). If you don't need per-user flags you can just remove the per-user INDEX. If you want per-user flags and want to share indexes, you need the new INDEXPVT option that exists in v2.2 or as a patch to v2.1: http://dovecot.org/patches/2.1/private-index.diff > Regarding this... if we'd use dbox instead of maildir, indexes are a really important part of the mailbox and they can't be re-constructed when they are outdated. So, how do shared mailboxes work with dbox backend? Do I have to configure indexes in any particular way? INDEXPVT is a requirement with dbox if you want per-user flags. BTW. Do you have multiple Dovecot backend servers? Director works only when you're not using shared mailboxes.. From tss at iki.fi Fri Nov 23 09:11:20 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 09:11:20 +0200 Subject: [Dovecot] whoson plugin for 2.0 In-Reply-To: <50A90729.7000608@tdl.com> References: <50A5B2B2.40409@tdl.com> <50A68BA7.4080500@localhost.localdomain.org> <50A6BC6A.6070504@tdl.com> <50A6CF8A.40202@localhost.localdomain.org> <50A90729.7000608@tdl.com> Message-ID: <BDDD87FF-B556-4002-8E11-83C48B873B10@iki.fi> On 18.11.2012, at 18.04, Chuck Cochems wrote: > On 11/16/2012 4:43 PM, Pascal Volk wrote: >> On 11/16/2012 11:21 PM Chuck Cochems wrote: >>> ? >>> I need to return both the IP and the email address as a string to drop >>> it into the old code. >>> ? >> >> You could check the code of the `doveadm who` command >> <http://wiki2.dovecot.org/Tools/Doveadm/Who>. It shows both, the user >> name and the IP address. > > That's not much better... > > I just want the bare minimum of code to do this. The 1.x code was so simple, and i just want a 2.0 equivalent. is that so wrong? :) WHy the heck did they remove those incredibly useful environment variables anyway? Because a single process can now handle multiple connections with different IPs/usernames. From tss at iki.fi Fri Nov 23 09:15:50 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 09:15:50 +0200 Subject: [Dovecot] doveadm fails with passdb authentication binds (dovecot 2.0.16) In-Reply-To: <1353426869.63536.YahooMailNeo@web171501.mail.ir2.yahoo.com> References: <1353426869.63536.YahooMailNeo@web171501.mail.ir2.yahoo.com> Message-ID: <592ACC86-265E-476F-81B2-E797C0414165@iki.fi> On 20.11.2012, at 17.54, mailing lists wrote: > Hello, > > I'm testing passdb auth binds with dovecot 2.0.16, but for some reason dovedm fails to work with the configuration showed below. The network trace shows the successful bind for the administrative user (uid=mailapp), but nothing for the mail user (uid=user001). > > what am i missing here? > > > # doveadm mailbox list -u user001 > doveadm(user001): Error: user user001: Auth PASS lookup failed > doveadm(user001): Fatal: passdb lookup failed Are you running this on a Dovecot proxy? It looks like doveadm wants to do a passdb lookup to find out which server should handle this user. Passdb lookups don't work with LDAP binding. But if everything else works then I think you simply shouldn't have enabled doveadm proxying. So, set doveadm_proxy_port back to 0? From tss at iki.fi Fri Nov 23 09:20:36 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 09:20:36 +0200 Subject: [Dovecot] v2.1.10: Director director_servers order issue In-Reply-To: <20121120205603.GA1789@lemonhead.scabb> References: <20121120205603.GA1789@lemonhead.scabb> Message-ID: <97ED851C-0E9D-41CF-B898-ABCFC7B9BF55@iki.fi> On 20.11.2012, at 22.56, Bertrand Jacquin wrote: > # ring status on node1 > director ip port type last failed > 10.0.50.50 9090 self never > 10.0.50.51 9090 never > > # ring status on node2 > director ip port type last failed > 10.0.50.50 9090 self never > 10.0.50.51 9090 never > > self is the same on both nodes, and that generate some cases that can > be observed on logs : .. > It seems that first sorted entry in director_servers is considered as > "self". No, Dovecot tries to find the self by bind()ing to all the listed IPs, and assuming that the first one that succeeds is self. Apparently in your system bind() succeeds for non-self IPs as well. Any idea why? I think I recently found out about some nicer way to check if an IP belongs to the local system, but I seem to have forgotten what it was. From tss at iki.fi Fri Nov 23 09:24:08 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 09:24:08 +0200 Subject: [Dovecot] Proxy to join two accounts In-Reply-To: <50ACA9C3.9000004@o2.pl> References: <50ACA9C3.9000004@o2.pl> Message-ID: <832A79D9-D2C7-4A69-8FE0-469724C1D64B@iki.fi> On 21.11.2012, at 12.15, Tomek wrote: > I have server with IMAP on dovecot for user mails and second server on archiveopteryx as mail archive. > > I'm wondering if it's possible to make some sort of proxy to these two servers in way where: > - dovecot server will be main IMAP service with INBOX, etc > - I want archiveopteryx account to be something like shared folder with read only access (no delete, no move, etc) in path ex. /archive/user.name > - this proxy mappings should allow adding few archive accounts to one user (in case of people replacement) > + it will be cool if this mappings could be defined in database so I could write tools to manage archive access for bosses. > > Is such case possible to achieve with dovecot (any howto or example would be very helpful)? If not - do you know any proxy tools that could allow such configuration? You should be able to implement something like that by creating a new namespace with location=imapc: http://wiki2.dovecot.org/HowTo/ImapcProxy and http://wiki2.dovecot.org/Migration/Dsync have some information about the imapc settings. ACLs are a bit more difficult though, since currently there aren't any "default ACLs". From beber at meleeweb.net Fri Nov 23 09:23:35 2012 From: beber at meleeweb.net (Bertrand Jacquin) Date: Fri, 23 Nov 2012 08:23:35 +0100 Subject: [Dovecot] v2.1.10: Director director_servers order issue In-Reply-To: <97ED851C-0E9D-41CF-B898-ABCFC7B9BF55@iki.fi> References: <20121120205603.GA1789@lemonhead.scabb> <97ED851C-0E9D-41CF-B898-ABCFC7B9BF55@iki.fi> Message-ID: <20121123072335.GA15577@lady-voodoo.exosec.local> D'ar gwener 23 a viz Du 2012 e 08 eur 20, ? Timo Sirainen ? he deus skrivet : > On 20.11.2012, at 22.56, Bertrand Jacquin wrote: > > > # ring status on node1 > > director ip port type last failed > > 10.0.50.50 9090 self never > > 10.0.50.51 9090 never > > > > # ring status on node2 > > director ip port type last failed > > 10.0.50.50 9090 self never > > 10.0.50.51 9090 never > > > > self is the same on both nodes, and that generate some cases that can > > be observed on logs : > .. > > It seems that first sorted entry in director_servers is considered as > > "self". > > No, Dovecot tries to find the self by bind()ing to all the listed IPs, and assuming that the first one that succeeds is self. Apparently in your system bind() succeeds for non-self IPs as well. Any idea why? Yes ! I have the following sysctl : net.ipv4.ip_nonlocal_bind = 1 > I think I recently found out about some nicer way to check if an IP belongs to the local system, but I seem to have forgotten what it was. -- Beber -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121123/ce359269/attachment-0004.bin> From beber at meleeweb.net Fri Nov 23 09:29:01 2012 From: beber at meleeweb.net (Bertrand Jacquin) Date: Fri, 23 Nov 2012 08:29:01 +0100 Subject: [Dovecot] v2.1.10: Director director_servers order issue In-Reply-To: <20121123072335.GA15577@lady-voodoo.exosec.local> References: <20121120205603.GA1789@lemonhead.scabb> <97ED851C-0E9D-41CF-B898-ABCFC7B9BF55@iki.fi> <20121123072335.GA15577@lady-voodoo.exosec.local> Message-ID: <20121123072901.GB15577@lady-voodoo.exosec.local> D'ar gwener 23 a viz Du 2012 e 08 eur 23, ? Bertrand Jacquin ? he deus skrivet : > D'ar gwener 23 a viz Du 2012 e 08 eur 20, ? Timo Sirainen ? he deus skrivet : > > On 20.11.2012, at 22.56, Bertrand Jacquin wrote: > > > > > # ring status on node1 > > > director ip port type last failed > > > 10.0.50.50 9090 self never > > > 10.0.50.51 9090 never > > > > > > # ring status on node2 > > > director ip port type last failed > > > 10.0.50.50 9090 self never > > > 10.0.50.51 9090 never > > > > > > self is the same on both nodes, and that generate some cases that can > > > be observed on logs : > > .. > > > It seems that first sorted entry in director_servers is considered as > > > "self". > > > > No, Dovecot tries to find the self by bind()ing to all the listed IPs, and assuming that the first one that succeeds is self. Apparently in your system bind() succeeds for non-self IPs as well. Any idea why? > > Yes ! I have the following sysctl : > > net.ipv4.ip_nonlocal_bind = 1 Anyway, with net.ipv4.ip_nonlocal_bind = 0 it's OK. -- Beber -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121123/35162392/attachment-0004.bin> From koshikov at gmail.com Fri Nov 23 09:46:35 2012 From: koshikov at gmail.com (Nikita Koshikov) Date: Fri, 23 Nov 2012 09:46:35 +0200 Subject: [Dovecot] Default fallback behaviour Message-ID: <CANYsE-wYxa1hf=Z4Kom5pTWoFji_aqMous9Gty_zBNhynnzkAA@mail.gmail.com> Hello list, Here is the problem: I have few: passdb { #1 } passdb { #2 } And relative userdb sections. If user not found in 1) section it fallbacks to next one - it's expected and right, IMHO. But when the user exists in both section and password verification fails on 1) database it successfully authenticated on next one. I think this behaviour should be configured. The main goal of 1) section for this server is to overwrite users in main (section2) database. Maybe I missed something and this option is already in dovecot code and I can't find it ? Or if not - will it be added in the future ? Dovecot version 2.1.10. From timor at o2.pl Fri Nov 23 10:35:09 2012 From: timor at o2.pl (Tomek) Date: Fri, 23 Nov 2012 09:35:09 +0100 Subject: [Dovecot] Proxy to join two accounts In-Reply-To: <832A79D9-D2C7-4A69-8FE0-469724C1D64B@iki.fi> References: <50ACA9C3.9000004@o2.pl> <832A79D9-D2C7-4A69-8FE0-469724C1D64B@iki.fi> Message-ID: <50AF353D.9080507@o2.pl> -------- Original Message -------- Subject: Re: [Dovecot] Proxy to join two accounts From: Timo Sirainen <tss at iki.fi> To: Tomek <timor at o2.pl> Date: 23.11.2012 08:24 > You should be able to implement something like that by creating a new > namespace with location=imapc: > > http://wiki2.dovecot.org/HowTo/ImapcProxy and > http://wiki2.dovecot.org/Migration/Dsync have some information about > the imapc settings. > > ACLs are a bit more difficult though, since currently there aren't > any "default ACLs". Thanks for tip. Will check that. Regards, Tomek. From mathieu at 400iso.net Fri Nov 23 13:13:12 2012 From: mathieu at 400iso.net (Mathieu R.) Date: Fri, 23 Nov 2012 12:13:12 +0100 Subject: [Dovecot] dovecot trying to update my sieve directory Message-ID: <b22a99aa6763ab35204244dfde87db53@400iso.net> Hello, i got an error in maillog, dovecot trying tu update my sieve directory : 2012-11-23T11:01:33.943047+00:00 localhost dovecot: imap(mathieu at 400iso.net): Error: stat(/srv/vmail/400iso.net/mathieu at 400iso.net/.dovecot.sieve/tmp) failed: Not a directory this cause no problem but i probably misconfigured something... here is my dovecot.conf : protocols = imap pop3 sieve mail_home = /srv/vmail/%d/%u mail_location = maildir:~ mail_plugins = $mail_plugins quota ssl_cert = </etc/ssl/private/server.crt ssl_key = </etc/ssl/private/server.key service auth { unix_listener auth-client { group = postfix mode = 0660 user = postfix } user = root } passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } userdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } protocol lda { mail_plugins = $mail_plugins sieve postmaster_address = postmaster at 400iso.net hostname = 400iso.net } managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve # sieve_global_dir = /srv/vmail/sieve/ quota = fs:vm quota quota_rule = *:storage=5G } protocol imap { mail_plugins = $mail_plugins imap_quota } -- Mathieu Rousseau http://400iso.net/ From alessio at skye.it Fri Nov 23 13:20:23 2012 From: alessio at skye.it (Alessio Cecchi) Date: Fri, 23 Nov 2012 12:20:23 +0100 Subject: [Dovecot] Default fallback behaviour In-Reply-To: <CANYsE-wYxa1hf=Z4Kom5pTWoFji_aqMous9Gty_zBNhynnzkAA@mail.gmail.com> References: <CANYsE-wYxa1hf=Z4Kom5pTWoFji_aqMous9Gty_zBNhynnzkAA@mail.gmail.com> Message-ID: <50AF5BF7.1050907@skye.it> Il 23/11/2012 08:46, Nikita Koshikov ha scritto: > Hello list, > > Here is the problem: > I have few: > passdb { > #1 > } > passdb { > #2 > } > And relative userdb sections. If user not found in 1) section it fallbacks > to next one - it's expected and right, IMHO. But when the user exists in > both section and password verification fails on 1) database it successfully > authenticated on next one. I think this behaviour should be configured. The > main goal of 1) section for this server is to overwrite users in main > (section2) database. > > Maybe I missed something and this option is already in dovecot code and I > can't find it ? Or if not - will it be added in the future ? > > Dovecot version 2.1.10. > You can enable this features by adding "deny=yes" in the passdb extra_fields of specific users. You can find more information here: http://wiki2.dovecot.org/AuthDatabase/PasswdFile ot you can use the "auth-deny.conf.ext" example configuration. Ciao -- Alessio Cecchi is: @ ILS -> http://www.linux.it/~alessice/ on LinkedIn -> http://www.linkedin.com/in/alessice Assistenza Sistemi GNU/Linux -> http://www.cecchi.biz/ @ PLUG -> ex-Presidente, adesso senatore a vita, http://www.prato.linux.it From alessio at skye.it Fri Nov 23 13:27:24 2012 From: alessio at skye.it (Alessio Cecchi) Date: Fri, 23 Nov 2012 12:27:24 +0100 Subject: [Dovecot] shared mailboxes and indexes In-Reply-To: <14BDCFB7-B11E-4D4A-95AD-5BB92085DB91@iki.fi> References: <50A61147.5040201@um.es> <14BDCFB7-B11E-4D4A-95AD-5BB92085DB91@iki.fi> Message-ID: <50AF5D9C.7050204@skye.it> Il 23/11/2012 08:07, Timo Sirainen ha scritto: > BTW. Do you have multiple Dovecot backend servers? Director works only > when you're not using shared mailboxes.. I'm not happy to hear that, so if today we are running one dovecot server with shared mailbox enabled and tomorrow we will switch to a more complex installation with Director we will be unable to still provide shared mailbox to our customers? -- Alessio Cecchi is: @ ILS -> http://www.linux.it/~alessice/ on LinkedIn -> http://www.linkedin.com/in/alessice Assistenza Sistemi GNU/Linux -> http://www.cecchi.biz/ @ PLUG -> ex-Presidente, adesso senatore a vita, http://www.prato.linux.it From tss at iki.fi Fri Nov 23 13:32:51 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Nov 2012 13:32:51 +0200 Subject: [Dovecot] shared mailboxes and indexes In-Reply-To: <50AF5D9C.7050204@skye.it> References: <50A61147.5040201@um.es> <14BDCFB7-B11E-4D4A-95AD-5BB92085DB91@iki.fi> <50AF5D9C.7050204@skye.it> Message-ID: <7DEEDB49-0441-4194-911D-6B5E4E5ADCD1@iki.fi> On 23.11.2012, at 13.27, Alessio Cecchi wrote: > Il 23/11/2012 08:07, Timo Sirainen ha scritto: >> BTW. Do you have multiple Dovecot backend servers? Director works only when you're not using shared mailboxes.. > > I'm not happy to hear that, so if today we are running one dovecot server with shared mailbox enabled and tomorrow we will switch to a more complex installation with Director we will be unable to still provide shared mailbox to our customers? You can't reliably do it if the mailboxes are accessed directly via NFS. The current idea to solve this is to use imapc backend with master users, so the actual mailbox access for each user is always done by only one server. I think someone already managed to configure such a setup. From design at 1stwebdesigns.com Fri Nov 23 13:36:06 2012 From: design at 1stwebdesigns.com (1st WebDesigns) Date: Fri, 23 Nov 2012 11:36:06 +0000 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <50AF12A4.7060201@hardwarefreak.com> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> <50A0DA65.9080503@1stwebdesigns.com> <50AE15E8.7050400@hardwarefreak.com> <50AE9880.7040405@1stwebdesigns.com> <50AF12A4.7060201@hardwarefreak.com> Message-ID: <50AF5FA6.5070500@1stwebdesigns.com> On 23/11/2012 06:07, Stan Hoeppner wrote: > On 11/22/2012 3:26 PM, 1st WebDesigns wrote: >> Output of dovecot -n is as follows: >> >> # 1.0.7: /etc/dovecot.conf >> login_dir: /var/run/dovecot/login >> login_executable(default): /usr/libexec/dovecot/imap-login >> login_executable(imap): /usr/libexec/dovecot/imap-login >> login_executable(pop3): /usr/libexec/dovecot/pop3-login >> mail_privileged_group: mail >> mail_location: mbox:~/mail:INBOX=/var/mail/%u >> mbox_lock_timeout: 600 >> mail_executable(default): /usr/libexec/dovecot/imap >> mail_executable(imap): /usr/libexec/dovecot/imap >> mail_executable(pop3): /usr/libexec/dovecot/pop3 >> mail_plugin_dir(default): /usr/lib64/dovecot/imap >> mail_plugin_dir(imap): /usr/lib64/dovecot/imap >> mail_plugin_dir(pop3): /usr/lib64/dovecot/pop3 >> auth default: >> passdb: >> driver: pam >> userdb: >> driver: passwd > > Are your mailboxes on NFS storage? You haven't stated on what storage > your mailboxes reside. NFS complicates locking. If you use an NFS > server, did anything on it change recently, such as an upgrade to RHEL5? No they are not on NFS storage, the mailboxes are stored on the local filesystem. > > I found a thread stating RHEL5 has a bad FCNTL implementation that could > be related to your write lock delay problem. Try using dotlock only for > read and write and see if that helps. It has additional filesystem IO > overhead, but nothing like the many minutes of delay you have now. > > mbox_read_locks = dotlock > mbox_write_locks = dotlock Thank you I will try this. I did read that when using Postfix and Dovecot, both systems should use a matching locking mechanism, which I had already tried. However, I hadn't tried just dotlock, only FCNTL and a combination of FCNTL and dotlock. > >> We upgraded from RedHat 4 to RedHat 5. The problem didn't exist with >> RH4 and an even older version of Dovecot. > > That may be, but you're surely not planning on downgrading back to RHEL4. No, not at all. > >> When emails are stuck in the queue, doing this: > > Dovecot doesn't use queues. It writes directly to the mailbox files. > >> lsof /var/spool/mail/<user> > > These are mailbox files, your user inbox mbox files, not spool files. > Spool implies temporary storage. Don't let "spool" fool you. On > many/most systems /var/spool/mail is a link to /var/mail. Yes that's correct. > >> shows the spool file in use by a pop3 login and the Dovecot deliver >> process. Since changing mbox_lock_timeout from 300 to 600 the pop3 >> process eventually finishes before 600 seconds and the deliver process >> is able to complete. I admit this is masking the problem rather than >> solving it. > > Does the larger timeout value completely eliminate the errors? If so > this may be the best outcome you can get with Dovecot 1.0.7, mbox > storage, on RHEL5, unless a different locking method fixes it. Yes it completely eliminates the errors. If a pop3 connection has the lock, the mail simply sits there and is eventually delivered in (less than) 600 seconds. Whereas before, it would get deferred. When re-delivery was attempted, it's possible that the box would be locked again, and the mail would get deferred again, leading to a delay of several hours on a busy day. > >> As discussed before our version of Dovecot is dated now, however it's >> the version provided by RedHat and the version supported by our support >> company (who aren't doing a great job, hence me posting here). > > It's the version provided by RHEL5. RHEL6.3 has Dovecot 2.0.9. There > are 3rd party 1.2.x RPMs available for RHEL5.x as well as 2.x.x RPMs for > RHEL5.x. > > What "support company"? If you're using RHEL, Red Hat provides the > support. That's the whole reason for "paying for" a Linux distro. What > is preventing you from upgrading to RHEL 6.3, the current release? > Which BTW is behind nearly all other distros WRT package versions. For > instance Debian stable has Dovecot 2.1.7 available in the backports repo. Our server is with Rackspace, and RHEL5 is the OS they offered us as an upgrade path from RHEL4. So they're getting the support from Red Hat and we're getting the support from Rackspace. > From tlx at leuxner.net Fri Nov 23 13:42:42 2012 From: tlx at leuxner.net (Thomas Leuxner) Date: Fri, 23 Nov 2012 12:42:42 +0100 Subject: [Dovecot] dovecot trying to update my sieve directory In-Reply-To: <b22a99aa6763ab35204244dfde87db53@400iso.net> References: <b22a99aa6763ab35204244dfde87db53@400iso.net> Message-ID: <3AD428AF-5913-428C-B328-009EA8F18ADB@leuxner.net> Am 23.11.2012 um 12:13 schrieb "Mathieu R." <mathieu at 400iso.net>: > 2012-11-23T11:01:33.943047+00:00 localhost dovecot: imap(mathieu at 400iso.net): Error: stat(/srv/vmail/400iso.net/mathieu at 400iso.net/.dovecot.sieve/tmp) failed: Not a directory > > mail_home = /srv/vmail/%d/%u > mail_location = maildir:~ This is caused by "blending" the maildir structure with non-maildir files rather than using separate roots, e.g. mail_location = maildir:~/Maildir http://wiki2.dovecot.org/VirtualUsers/Home http://wiki2.dovecot.org/MailLocation/Maildir Regards Thomas -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4364 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121123/ecb0fd93/attachment-0004.bin> From mathieu at 400iso.net Fri Nov 23 13:48:23 2012 From: mathieu at 400iso.net (Mathieu R.) Date: Fri, 23 Nov 2012 12:48:23 +0100 Subject: [Dovecot] dovecot trying to update my sieve directory In-Reply-To: <3AD428AF-5913-428C-B328-009EA8F18ADB@leuxner.net> References: <b22a99aa6763ab35204244dfde87db53@400iso.net> <3AD428AF-5913-428C-B328-009EA8F18ADB@leuxner.net> Message-ID: <b574523db4f6cffa3a039fe991bcaaee@400iso.net> Le 23/11/2012 12:42, Thomas Leuxner a ?crit?: > Am 23.11.2012 um 12:13 schrieb "Mathieu R." <mathieu at 400iso.net>: > >> 2012-11-23T11:01:33.943047+00:00 localhost dovecot: >> imap(mathieu at 400iso.net): Error: >> stat(/srv/vmail/400iso.net/mathieu at 400iso.net/.dovecot.sieve/tmp) >> failed: Not a directory >> > >> mail_home = /srv/vmail/%d/%u >> mail_location = maildir:~ > > > This is caused by "blending" the maildir structure with non-maildir > files rather than using separate roots, e.g. mail_location = > maildir:~/Maildir Thank you. can i safely : - close dovecot - move files to ~Maildir - change the config in docecot.conf - and then restart dovecot ? -- Mathieu Rousseau http://400iso.net/ From kae at midnighthax.com Fri Nov 23 13:54:05 2012 From: kae at midnighthax.com (Keith Edmunds) Date: Fri, 23 Nov 2012 11:54:05 +0000 Subject: [Dovecot] Folder layout after Cyrus to Dovecot migration In-Reply-To: <20121116093329.045f4585@kae.tiger-computing.wbp> References: <20121116093329.045f4585@kae.tiger-computing.wbp> Message-ID: <20121123115405.5224b630@kae.tiger-computing.wbp> Problem: We have some folders (eg, Trash) appearing both as sibling folders to INBOX and as subfolders to INBOX. We want them only to appear at the sibling level. In order to put some folders (Sent, Trash, some others) at a peer level to INBOX, and all other folders under INBOX, we've defined namespaces as follows: -------------------------------------------------------------------------------- mail_location = maildir:/shared/imapmail/users/%u:INBOX=/shared/imapmail/users/%u:LAYOUT=fs namespace private { separator = / prefix = "INBOX/" inbox = yes } namespace private { separator = / prefix = "Trash/" location = maildir:/shared/imapmail/users/%u/Trash:LAYOUT=fs inbox = no } -------------------------------------------------------------------------------- In the file system, the mail_location for each user has all the top-level mail folders plus the cur, tmp and new directories for INBOX, so, for example, there is a directory in mail_location called "Trash". Is there a way to configure Dovecot to show Trash at the top level (as the last namespace definition above does), yet not also show it as a subfolder of INBOX? Thanks, Keith -- We're looking for smart Linux people: http://www.tiger-computing.co.uk/jobs From tlx at leuxner.net Fri Nov 23 13:59:33 2012 From: tlx at leuxner.net (Thomas Leuxner) Date: Fri, 23 Nov 2012 12:59:33 +0100 Subject: [Dovecot] dovecot trying to update my sieve directory In-Reply-To: <b574523db4f6cffa3a039fe991bcaaee@400iso.net> References: <b22a99aa6763ab35204244dfde87db53@400iso.net> <3AD428AF-5913-428C-B328-009EA8F18ADB@leuxner.net> <b574523db4f6cffa3a039fe991bcaaee@400iso.net> Message-ID: <A77F784B-E60B-409B-BAC7-4A51BFA89759@leuxner.net> Am 23.11.2012 um 12:48 schrieb Mathieu R. <mathieu at 400iso.net>: > Thank you. can i safely : > > - close dovecot > - move files to ~Maildir > - change the config in docecot.conf > - and then restart dovecot ? Yes. You are able to move the Maildir structure (cur|new|tmp) like this. Not sure the location is also overridden in your SQL queries. If so, you also need to return the new "home" in the queries. Regards Thomas -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4364 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121123/af5d261d/attachment-0004.bin> From mathieu at 400iso.net Fri Nov 23 14:04:41 2012 From: mathieu at 400iso.net (Mathieu R.) Date: Fri, 23 Nov 2012 13:04:41 +0100 Subject: [Dovecot] dovecot trying to update my sieve directory In-Reply-To: <A77F784B-E60B-409B-BAC7-4A51BFA89759@leuxner.net> References: <b22a99aa6763ab35204244dfde87db53@400iso.net> <3AD428AF-5913-428C-B328-009EA8F18ADB@leuxner.net> <b574523db4f6cffa3a039fe991bcaaee@400iso.net> <A77F784B-E60B-409B-BAC7-4A51BFA89759@leuxner.net> Message-ID: <81793eea7ca3fb8c8822708fc33c3eda@400iso.net> Le 23/11/2012 12:59, Thomas Leuxner a ?crit?: > Am 23.11.2012 um 12:48 schrieb Mathieu R. <mathieu at 400iso.net>: > >> Thank you. can i safely : >> >> - close dovecot >> - move files to ~Maildir >> - change the config in docecot.conf >> - and then restart dovecot ? > > Yes. You are able to move the Maildir structure (cur|new|tmp) like > this. Not sure the location is also overridden in your SQL queries. > If > so, you also need to return the new "home" in the queries. > > Regards > Thomas As i'm very newbie at sql stuff, here is my current dovecot-sql.conf : driver = mysql connect = host=localhost dbname=postfix_db user=postfix_user password=mypass # The new name for MD5 is MD5-CRYPT so you might need to change this depending on version default_pass_scheme = MD5-CRYPT # Get the mailbox user_query = SELECT '/srv/vmail/%d/%u' as home, 'maildir:/srv/vmail/%d/%u' as mail, 5000 AS uid, 5000 AS gid, concat('dirsize:storage=', quota) AS quota FROM mailbox WHERE username = '%u' AND active = '1' # Get the password password_query = SELECT username as user, password, '/srv/vmail/%d/%u' as userdb_home, 'maildir:/srv/vmail/%d/%u' as userdb_mail, 5000 as userdb_uid, 5000 as userdb_gid FROM mailbox WHERE username = '%u' AND active = '1' # If using client certificates for authentication, comment the above and uncomment the following #password_query = SELECT null AS password, '%u' AS user i think i can change it for : driver = mysql connect = host=localhost dbname=postfix_db user=postfix_user password=mypass # The new name for MD5 is MD5-CRYPT so you might need to change this depending on version default_pass_scheme = MD5-CRYPT # Get the mailbox user_query = SELECT '/srv/vmail/%d/%u' as home, 'maildir:/srv/vmail/%d/%u/Maildir' as mail, 5000 AS uid, 5000 AS gid, concat('dirsize:storage=', quota) AS quota FROM mailbox WHERE username = '%u' AND active = '1' # Get the password password_query = SELECT username as user, password, '/srv/vmail/%d/%u' as userdb_home, 'maildir:/srv/vmail/%d/%u/Maildir' as userdb_mail, 5000 as userdb_uid, 5000 as userdb_gid FROM mailbox WHERE username = '%u' AND active = '1' # If using client certificates for authentication, comment the above and uncomment the following #password_query = SELECT null AS password, '%u' AS user maybe can somebody confirm before i mess up everything ? -- Mathieu Rousseau http://400iso.net/ From sven at svenhartge.de Fri Nov 23 17:53:01 2012 From: sven at svenhartge.de (Sven Hartge) Date: Fri, 23 Nov 2012 16:53:01 +0100 Subject: [Dovecot] shared mailboxes and indexes References: <50A61147.5040201@um.es> <14BDCFB7-B11E-4D4A-95AD-5BB92085DB91@iki.fi> <50AF5D9C.7050204@skye.it> <7DEEDB49-0441-4194-911D-6B5E4E5ADCD1@iki.fi> Message-ID: <099qpni2j8v8@mids.svenhartge.de> Timo Sirainen <tss at iki.fi> wrote: > On 23.11.2012, at 13.27, Alessio Cecchi wrote: >> Il 23/11/2012 08:07, Timo Sirainen ha scritto: >>> BTW. Do you have multiple Dovecot backend servers? Director works >>> only when you're not using shared mailboxes.. >> I'm not happy to hear that, so if today we are running one dovecot >> server with shared mailbox enabled and tomorrow we will switch to a >> more complex installation with Director we will be unable to still >> provide shared mailbox to our customers? > You can't reliably do it if the mailboxes are accessed directly via > NFS. The current idea to solve this is to use imapc backend with > master users, so the actual mailbox access for each user is always > done by only one server. I think someone already managed to configure > such a setup. This was me. It works (with one minor quirk, more on this later) in my current test setup like so: a) 1 to X user-servers with the users mailboxes on them b) 1 shared-server with the shared mailboxes on them On the user-servers I have namespace like this: namespace { list = yes location = imapc:~/imapc-shared prefix = IMAPShared/ separator = / subscriptions = no type = public } and a userdb like this: userdb { args = /etc/dovecot/dovecot-ldap.conf.ext default_fields = uid=virtmail gid=virtmail home=/srv/mail/%2MLn/%Ln/ imapc_password=%w quota_rule2=Trash:ignore driver = ldap } Note the "imapc_password=%w" in the default_fields. This is needed to pass the users login-password to the shared-server. The imapc proxy code is configured like this: imapc_host = m-st-sh-01.example.com imapc_master_user = %u imapc_user = shared This uses the original user as the master-user and a fixed user with the original users password to login into the shared-server. Note: You CANNOT have ACLs activated on the users-servers, because this will interfere with the permissions of ht IMAPShared namespace, rendering the mailboxes located in there unavailable for your users. The shared-storage then uses a static passdb for the user "shared": passdb { args = user=shared password=complicatedpasswordhere driver = static } and a static userdb for the virtual-user: userdb { args = uid=virtmail gid=virtmail home=/srv/mail/%Ln driver = static } and additional a passdb for the "master" users: passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap master = yes pass = yes } which are pulled from LDAP, just like on the user-servers. Now the mentioned quirk: Because all connections on the shared-server are made to the same user "shared" and are coming from very few IPs (the 1 to X user-servers), you need to set a very high mail_max_userip_connections value. I set mine to 1000 just to be sure. ---> But: I have NOT configured login_trusted_networks, so this may be my error in that case. And, a second quirk: You can only offer admin-provided shared folders, your users CANNOT share folders themselves, because there is quite some manual work involved in creating and setting them up on the central shared-server. For example: To provide a Mailbox with the Name "Test.3" in IMAPShared I need the following directory structure on m-st-sh-01.example.com: /srv/mail/shared/mdbox/mailboxes/Test.3/ In .../Test.3/ there is the dbox-Mails folder with the indexes and other meta information. The admin needs to create the dovecot-acl file to configure the access permissions: root at m-st-sh-01:/srv/mail/shared/mdbox/mailboxes/Test.3/dbox-Mails# cat dovecot-acl user=gbgr14 lrwstipek user=bbgr99 lrwstipek The users are then able to see those folders as IMAPShared/Test.3/, subscriptions are managed inside the users own subscription file on their respective "home" server, while flages and tags are shared. Gr??e, Sven. -- Sigmentation fault. Core dumped. From stan at hardwarefreak.com Fri Nov 23 22:59:31 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Fri, 23 Nov 2012 14:59:31 -0600 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <50AF5FA6.5070500@1stwebdesigns.com> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> <50A0DA65.9080503@1stwebdesigns.com> <50AE15E8.7050400@hardwarefreak.com> <50AE9880.7040405@1stwebdesigns.com> <50AF12A4.7060201@hardwarefreak.com> <50AF5FA6.5070500@1stwebdesigns.com> Message-ID: <50AFE3B3.2020408@hardwarefreak.com> On 11/23/2012 5:36 AM, 1st WebDesigns wrote: > No they are not on NFS storage, the mailboxes are stored on the local > filesystem. Ok, good. > Thank you I will try this. I did read that when using Postfix and > Dovecot, both systems should use a matching locking mechanism, which I > had already tried. However, I hadn't tried just dotlock, only FCNTL and > a combination of FCNTL and dotlock. Since you're now using Dovecot LDA the locking mech may not make much if any difference, but it's worth trying. > Yes it completely eliminates the errors. If a pop3 connection has the > lock, the mail simply sits there and is eventually delivered in (less > than) 600 seconds. Whereas before, it would get deferred. When > re-delivery was attempted, it's possible that the box would be locked > again, and the mail would get deferred again, leading to a delay of > several hours on a busy day. So this is a step in the right direction. But still far less than optimal. The read/write lock contention on mbox is unnecessarily eating up system resources (mainly memory), and causing unnecessary delivery delays to the mailbox. You should really start looking at migrating to maildir. It's not that difficult (though maybe more so with 1.0.7) if you don't have a ton of mailboxes, and especially with POP since the mailboxes typically wont be holding much mail to migrate. How many do you have? > Our server is with Rackspace, and RHEL5 is the OS they offered us as an > upgrade path from RHEL4. So they're getting the support from Red Hat > and we're getting the support from Rackspace. The plot thickens again. You're using a rented server. Sigh... This entire thread could have been greatly shortened, saving all of us much time, if you'd have given all these details up front. Is this a cloud server (shared host), or a dedicated server? FWIW, you don't have RHEL5, but CentOS 5. Hosting companies don't pay for RHEL licenses for 10s of thousands of hosts. I have a few salient recommendations for you: 1. Migrate to maildir. It is far more appropriate for a POP workload. 2. Switch to a hosting provider that offers much more recent software. 3. Or, get a colo server so you can use whatever software you wish. Finally, if this email service you're providing isn't all that critical to you or your organization, simply prod along as you have been, fighting these problems frequently along the way. -- Stan From doctor at doctor.nl2k.ab.ca Sat Nov 24 04:49:54 2012 From: doctor at doctor.nl2k.ab.ca (The Doctor) Date: Fri, 23 Nov 2012 19:49:54 -0700 Subject: [Dovecot] SSL certificates Message-ID: <20121124024954.GC1824@doctor.nl2k.ab.ca> Who is the best CA Certificate provider for Dovecot? -- Member - Liberal International This is doctor at nl2k.ab.ca Ici doctor at nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Merry Christmas 2012 and Happy New Year 2013 -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From sven at svenhartge.de Sat Nov 24 05:03:40 2012 From: sven at svenhartge.de (Sven Hartge) Date: Sat, 24 Nov 2012 04:03:40 +0100 Subject: [Dovecot] SSL certificates References: <20121124024954.GC1824@doctor.nl2k.ab.ca> Message-ID: <499s2bh2j8v8@mids.svenhartge.de> The Doctor <doctor at doctor.nl2k.ab.ca> wrote: > Who is the best CA Certificate provider for Dovecot? What do you mean by "best"? Gr??e, Sven. -- Sigmentation fault. Core dumped. From noel.butler at ausics.net Sat Nov 24 07:57:33 2012 From: noel.butler at ausics.net (Noel Butler) Date: Sat, 24 Nov 2012 15:57:33 +1000 Subject: [Dovecot] SSL certificates In-Reply-To: <20121124024954.GC1824@doctor.nl2k.ab.ca> References: <20121124024954.GC1824@doctor.nl2k.ab.ca> Message-ID: <1353736653.15992.22.camel@tardis> On Fri, 2012-11-23 at 19:49 -0700, The Doctor wrote: > Who is the best CA Certificate provider for Dovecot? > Anyone but verisign, dont get me started on them :) Now that Thawte are no longer owned by those criminals, I highly recommend them for certs for web sites. But if its just for mail/webmail and you dont need the large insurance protections, then look at the cheaper/free startcom certs, I use them on my private domains for mail certs and webmail - very pleasant and easy to deal with. -------------- next part -------------- A non-text attachment was scrubbed... Name: face-smile.png Type: image/png Size: 873 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121124/577b0679/attachment-0004.png> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20121124/577b0679/attachment-0004.bin> From johnsone at usc.edu Sat Nov 24 10:16:10 2012 From: johnsone at usc.edu (Erik A Johnson) Date: Sat, 24 Nov 2012 00:16:10 -0800 Subject: [Dovecot] imap-login hanging when firewall blocks ssl handshaking In-Reply-To: <8EDD59BD-AC4B-442F-B148-285BC368B49B@iki.fi> References: <B7D3B051-AEFD-42CD-87DC-60764AF401D4@usc.edu> <8EDD59BD-AC4B-442F-B148-285BC368B49B@iki.fi> Message-ID: <AED7EBF0-A31F-4171-88DC-F07463A9E0B1@usc.edu> Thanks, Timo. Nope, still an infinite loop. Anything I can try using gdb to trace? On Nov 22, 2012, at 10:52 PM, Timo Sirainen <tss at iki.fi> wrote: > On 10.11.2012, at 12.44, Erik A Johnson wrote: > >> imap-login processes are hanging (using 100% of CPU) when connected from a client that is partially blocked by a firewall. It appears that imap-login is stuck in a loop trying to complete an ssl handshake. imap-login is working fine for other clients not blocked by the firewall (including localhost). >> >> This is dovecot 2.1.10 under Mac OS X 10.8.2 (compiled from sources); the firewall is Little Snitch 3.0.1 blocking port 993, which appears to let the connection initiate but then squashes and disconnects the socket during ssl handshaking. >> >> gdb backtrace and Activity Monitor's "Sample Process" show that imap-login is stuck calling ioloop-kqueue's io_loop_handler_run -> io_loop_call_io -> ssl_step repeatedly; dtruss shows that it is repeatedly making system calls to kevent and read, the latter returning -1 with errno 57=ENOTCONN="Socket is not connected". (I also tried ./configure --with-ioloop=poll and --with-iopoll=select instead of the default best = kqueue but the results were the same; --with-iopoll=epoll didn't work because epoll is not available on this machine.) The client, initiated by the command "openssl s_client -connect SERVER:993", first responds "CONNECTED(00000003)" but then immediately the error "60278:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:/SourceCache/OpenSSL098/OpenSSL098-44/src/ssl/s23_lib.c:182:". The infinite loop is in src/lib/ioloop.c in the function "io_loop_run" where the statement "while (ioloop->running) io_loop_handler_run(ioloop)" is executed. > > I wonder if this fixes it? http://hg.dovecot.org/dovecot-2.1/rev/e95479f439aa > From stephan at rename-it.nl Sun Nov 25 11:30:39 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Sun, 25 Nov 2012 10:30:39 +0100 Subject: [Dovecot] sieve-extprograms strips Return-Path headers In-Reply-To: <20121113145732.GB40206@anubis.morrow.me.uk> References: <20121113145732.GB40206@anubis.morrow.me.uk> Message-ID: <50B1E53F.7030801@rename-it.nl> Hi Ben, On 11/13/2012 3:57 PM, Ben Morrow wrote: > The sieve-extprograms extension strips Return-Path headers before > passing mail off to the external program. The patch to remove this > behavious is trivial (and attached), but since it appears to be > deliberate I felt I should investigate further. > > I believe this is basically a cut-and-paste error. The code to strip > Return-Path has been there since the sieve-pipe plugin for Dovecot 1.x, > and I believe it was copied from the equivalent code in the 'redirect' > action for passing mail off to sendmail(8). In that case, stripping > Return-Path is correct, since the message is being resubmitted for > delivery (by SMTP or otherwise), and the last step of the new delivery > will (should) add a new Return-Path header with the new envelope > information. In the case of sieve-extprograms, though, the filtering is > happening post-delivery, so a stripped Return-Path will never be > replaced. Yeah, you are right. Applied: http://hg.rename-it.nl/pigeonhole-0.3-sieve-extprograms/rev/3bd6ed27ae26 Regards, Stephan. From dave at morsberger.com Mon Nov 26 08:41:46 2012 From: dave at morsberger.com (David Morsberger) Date: Mon, 26 Nov 2012 01:41:46 -0500 Subject: [Dovecot] Missing Messages on IOS device Message-ID: <BD8E6193-6542-4A53-B6A9-E41F3CDF70F5@morsberger.com> I just converted my old server running UW/Panda to a Mac Mini Server running Mountain Lion (ML) Server. I'm using the postfix / dovecot setup provided by Apple. My IMAP clients are not showing all my emails. The Mail App on my iPhone and iPad is behaving the worse. I can see the emails that are not showing up in the cur directory. The ML Mail App is stating there are 3854 emails in my INBOX. There are 3948 files in the 'cur' directory ('ls cur | wc -l' returns 3948). Other mailboxes and directories have the same behavior. I'm not sure what to expect here. My method of conversion was to bulk copy (drag and drop) all the messages from one the UW server to the Dovecot server using the Apple Desktop Mail App in Mountain Lion. Any idea why these messages are not showing up on my devices and how I can get them to show up? bash-3.2# /Applications/Server.app/Contents/ServerRoot/usr/sbin/dovecotd --version 2.0.19apple1 bash-3.2# /Applications/Server.app/Contents/ServerRoot/usr/sbin/dovecotd -n # 2.0.19apple1: /Library/Server/Mail/Config/dovecot/dovecot.conf # OS: Darwin 12.2.1 x86_64 hfs aps_topic = com.apple.mail.XServer.fc3bb7c3-c8ef-4fe2-aff3-95ecd927fb11 auth_mechanisms = cram-md5 x-plain-submit plain login apop digest-md5 auth_socket_path = /var/run/dovecot/auth-userdb auth_username_format = %n default_internal_user = _dovecot default_login_user = _dovenull disable_plaintext_auth = no first_valid_gid = 6 first_valid_uid = 6 mail_access_groups = mail mail_location = maildir:/Library/Server/Mail/Data/mail/%u mail_log_prefix = "%s(pid %p user %u): " mail_plugins = quota zlib fts fts_sk managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mdbox_rotate_size = 200 M passdb { args = /Library/Server/Mail/Config/dovecot/submit.passdb driver = passwd-file pass = yes submit = yes } passdb { driver = od } plugin { fts = sk quota = maildir:User quota quota_warning = storage=100%% quota-exceeded %u sieve = /Library/Server/Mail/Data/rules/%u/dovecot.sieve sieve_dir = /Library/Server/Mail/Data/rules/%u } postmaster_address = postmaster at mini.mmpcrofton.com protocols = imap pop3 lmtp sieve quota_full_tempfail = yes service auth { extra_groups = _keytabusers idle_kill = 15 mins unix_listener auth-userdb { user = _dovecot } } service dns_client { unix_listener dns-client { mode = 0600 } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } service_count = 0 } service imap { client_limit = 5 process_limit = 200 service_count = 0 } service lmtp { unix_listener lmtp { mode = 0600 } } service managesieve-login { inet_listener sieve { port = 4190 } } service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } } service pop3 { client_limit = 5 process_limit = 200 service_count = 0 } service quota-exceeded { executable = script /Applications/Server.app/Contents/ServerRoot/usr/libexec/dovecot/quota-exceeded.sh unix_listener quota-exceeded { group = mail mode = 0660 user = _dovecot } user = _dovecot } service quota-warning { executable = script /Applications/Server.app/Contents/ServerRoot/usr/libexec/dovecot/quota-warning.sh unix_listener quota-warning { group = mail mode = 0660 user = _dovecot } user = _dovecot } ssl_ca = </etc/certificates/*.chain.pem ssl_cert = </etc/certificates/*.cert.pem ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL:!ADH:!eNULL ssl_key = </etc/certificates/*.key.pem ssl_key_path = /etc/certificates/*.key.pem syslog_facility = local6 userdb { args = partition=/Library/Server/Mail/Config/dovecot/partition_map.conf enforce_quotas=no driver = od } verbose_proctitle = yes protocol lmtp { mail_plugins = quota zlib fts fts_sk sieve push_notify } protocol lda { mail_plugins = quota zlib fts fts_sk sieve push_notify } protocol imap { imap_id_log = * imap_id_send = "name" * "version" * mail_max_userip_connections = 20 mail_plugins = quota zlib fts fts_sk imap_quota imap_zlib imap_fts urlauth } protocol pop3 { mail_max_userip_connections = 6 } From koshikov at gmail.com Mon Nov 26 08:53:26 2012 From: koshikov at gmail.com (Nikita Koshikov) Date: Mon, 26 Nov 2012 08:53:26 +0200 Subject: [Dovecot] Default fallback behaviour In-Reply-To: <50AF5BF7.1050907@skye.it> References: <CANYsE-wYxa1hf=Z4Kom5pTWoFji_aqMous9Gty_zBNhynnzkAA@mail.gmail.com> <50AF5BF7.1050907@skye.it> Message-ID: <20121126085326.4e12dbfc@EBook.agromat.intranet> On Fri, 23 Nov 2012 12:20:23 +0100 Alessio Cecchi wrote: > Il 23/11/2012 08:46, Nikita Koshikov ha scritto: > > Hello list, > > > > Here is the problem: > > I have few: > > passdb { > > #1 > > } > > passdb { > > #2 > > } > > And relative userdb sections. If user not found in 1) section it fallbacks > > to next one - it's expected and right, IMHO. But when the user exists in > > both section and password verification fails on 1) database it successfully > > authenticated on next one. I think this behaviour should be configured. The > > main goal of 1) section for this server is to overwrite users in main > > (section2) database. > > > > Maybe I missed something and this option is already in dovecot code and I > > can't find it ? Or if not - will it be added in the future ? > > > > Dovecot version 2.1.10. > > > > You can enable this features by adding "deny=yes" in the passdb > extra_fields of specific users. > > You can find more information here: > http://wiki2.dovecot.org/AuthDatabase/PasswdFile ot you can use the > "auth-deny.conf.ext" example configuration. > > Ciao Maybe I was not so clear - but this is not what I'm searching for. deny=yes will deny user in corresponding database - I want - allow user to login, if and only if, users password matches and if it fail(in current passdb) - not trying next passdb for checking his password, even if user exists in the next database. From amateo at um.es Mon Nov 26 10:20:27 2012 From: amateo at um.es (Angel L. Mateo) Date: Mon, 26 Nov 2012 09:20:27 +0100 Subject: [Dovecot] shared mailboxes and indexes In-Reply-To: <14BDCFB7-B11E-4D4A-95AD-5BB92085DB91@iki.fi> References: <50A61147.5040201@um.es> <14BDCFB7-B11E-4D4A-95AD-5BB92085DB91@iki.fi> Message-ID: <50B3264B.4080508@um.es> El 23/11/12 08:07, Timo Sirainen escribi?: > On 16.11.2012, at 12.11, Angel L. Mateo wrote: > >> We are deploying shared mailboxes in our mail system. We are running 2.1.9 and mail backend is maildir. >> >> As described at http://wiki.dovecot.org/SharedMailboxes/Shared when shared namespace is configured as >> >> namespace shared { >> separator = / >> prefix = shared/%%u/ >> location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u >> subscriptions = no >> list = children >> } >> >> each user accessing this folder has its own index, stored in ~/Maildir/shared/%%u/<shared mailbox>, hasn't it? > > Right. > >> Our mail is store in NFS disks so we are very concerned about indexes optimizations (we had performance problems until we got all of our indexes and nfs tunned). So, is there any way so those indexes could be shared for all users (and they always would be updated). > > If you don't need per-user flags you can just remove the per-user INDEX. If you want per-user flags and want to share indexes, you need the new INDEXPVT option that exists in v2.2 or as a patch to v2.1: http://dovecot.org/patches/2.1/private-index.diff > >> Regarding this... if we'd use dbox instead of maildir, indexes are a really important part of the mailbox and they can't be re-constructed when they are outdated. So, how do shared mailboxes work with dbox backend? Do I have to configure indexes in any particular way? > > INDEXPVT is a requirement with dbox if you want per-user flags. > > BTW. Do you have multiple Dovecot backend servers? Director works only when you're not using shared mailboxes.. > Oh... sad to read this. I have multiple backend server behind a director one. -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n y las Comunicaciones Aplicadas (ATICA) http://www.um.es/atica Tfo: 868889150 Fax: 868888337 From listas.correo at yahoo.es Mon Nov 26 11:58:54 2012 From: listas.correo at yahoo.es (mailing lists) Date: Mon, 26 Nov 2012 09:58:54 +0000 (GMT) Subject: [Dovecot] doveadm fails with passdb authentication binds (dovecot 2.0.16) In-Reply-To: <50AF6C36.3000500@eservicios.indra.es> References: <1353426869.63536.YahooMailNeo@web171501.mail.ir2.yahoo.com> <592ACC86-265E-476F-81B2-E797C0414165@iki.fi> <50AF6C36.3000500@eservicios.indra.es> Message-ID: <1353923934.14376.YahooMailNeo@web171506.mail.ir2.yahoo.com> Hello, >> # doveadm mailbox list -u user001 >> doveadm(user001): Error: user user001: Auth PASS lookup failed >> doveadm(user001): Fatal: passdb lookup failed > Are you running this on a Dovecot proxy? It looks like doveadm wants to do a passdb lookup to find out which server should handle this user. Passdb lookups don't work with LDAP binding. But if everything else works then I think you simply shouldn't have enabled doveadm proxying. So, set doveadm_proxy_port back to 0? thank you Timo, setting doveadm_proxy_port to 0 did the trick. From trusktr at gmail.com Mon Nov 26 12:59:27 2012 From: trusktr at gmail.com (/#!/JoePea) Date: Mon, 26 Nov 2012 02:59:27 -0800 Subject: [Dovecot] Dovecot sieve with postfix. In-Reply-To: <20121119164753.GK94077@anubis.morrow.me.uk> References: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> <20121119164753.GK94077@anubis.morrow.me.uk> Message-ID: <CAKU1PAUj2gR5PGqWK8TZEOCQn3tYDgE69NrFWbB5bmL=y56qYw@mail.gmail.com> Hi, thanks for the reply. I'm new to all this. How can I tell if postfix is deferring messages, or if it thinks they've been delieverd? Where is the postfix log? How do I feed a message to dovecot-lda manually, as mailman? How do I use LMTP instead of LDA? */#!/*JoePea On Mon, Nov 19, 2012 at 8:47 AM, Ben Morrow <ben at morrow.me.uk> wrote: > At 6AM -0800 on 19/11/12 you (/#!/JoePea) wrote: > > > > I can't get dovecot working with postfix. If I leave virtual_transport > set > > to "virtual", I can send and receive messages just fine in roundcube. If > I > > set virtual_transport to "dovecot", I can only send messages in > roundcube, > > but incoming messages never arrive. Seems I can't get dovecot-lda to > work. > > I need dovecot-lda in order for sieve filters to work. > > > > Any idea what I'm doing wrong? > > > > Here's `doveconf -n`: > > http://pastie.org/5401133 > > > > `postconf -n`: > > http://pastie.org/5401157 > > > > and `postconf -M`: > > http://pastie.org/5401177 > > The only obvious thing I can see wrong there is that you have > > mail_plugins = " sieve" > > in dovecot.conf, which should be > > mail_plugins = sieve > > but I don't know that that would prevent delivery. > > Is Postfix deferring the message, or does it think it's been delivered? > What do you see in your logs when a message is delivered (since you've > redirected Dovecot away from syslog, you'd need to look at both > Postfix's and Dovecot's logs)? > > What happens if you feed a message to dovecot-lda manually, as > 'mailman'? Check the exitcode of lda and the logs, as well as seeing if > the message was delivered. > > Since you've set up a dedicated transport for Dovecot, it would probably > be worth using LMTP instead of the LDA. It should be more efficient, and > since you're only using a single virtual user you can tell dovecot to > run the LMTP server as 'mailman' instead of root. > > Ben > > From trusktr at gmail.com Mon Nov 26 13:00:31 2012 From: trusktr at gmail.com (/#!/JoePea) Date: Mon, 26 Nov 2012 03:00:31 -0800 Subject: [Dovecot] Dovecot sieve with postfix. In-Reply-To: <50AA66A5.4050702@fi4it.de> References: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> <50AA66A5.4050702@fi4it.de> Message-ID: <CAKU1PAXDX=YGSuD=-D_aUbJ59HrN96MUidhVHuhRk6H40xKa2A@mail.gmail.com> Hi, I tried changing dovecot-lda to deliver in master.cf and also added the acl plugin to the lda protocol like yours. It still won't work though. */#!/*JoePea On Mon, Nov 19, 2012 at 9:04 AM, Fi4IT - Daniel Fischer <dfischer at fi4it.de>wrote: > Hello Joe, > > i use this: > main.cf > virtual_transport = dovecot > > master.cf > dovecot unix - n n - - pipe > flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} > -d ${recipient} > > /etc/dovecot/conf.d/15-lda.**conf > protocol lda { > log_path = /var/log/sieve.log > mail_plugins = acl sieve > } > > and that works fine with my tested clients (tb,outlook,roundcube) > > daniel > > Am 19.11.2012 15:17, schrieb /#!/JoePea: > >> Hi all, >> >> I can't get dovecot working with postfix. If I leave virtual_transport set >> to "virtual", I can send and receive messages just fine in roundcube. If I >> set virtual_transport to "dovecot", I can only send messages in roundcube, >> but incoming messages never arrive. Seems I can't get dovecot-lda to work. >> I need dovecot-lda in order for sieve filters to work. >> >> Any idea what I'm doing wrong? >> >> Here's `doveconf -n`: >> http://pastie.org/5401133 >> >> `postconf -n`: >> http://pastie.org/5401157 >> >> and `postconf -M`: >> http://pastie.org/5401177 >> >> Note: All I have to do is change virtual_transport = dovecot to >> virtual_transport >> = virtual and all will be fine, except for that I won't have sieve >> filtering which is what I really want. >> >> */#!/*JoePea >> >> > > -- > > Fischer Daniel > FI4IT - that's it > Messerschmittstrasse 17 > 89231 Neu Ulm > > Email: dfischer at fi4it.de > Web: www.fi4it.de > Telefon: 073180019370 > Fax: 073180019375 > Mobil: 01729230731 > > From ben at morrow.me.uk Mon Nov 26 13:52:36 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Mon, 26 Nov 2012 11:52:36 +0000 Subject: [Dovecot] Dovecot sieve with postfix. In-Reply-To: <CAKU1PAUj2gR5PGqWK8TZEOCQn3tYDgE69NrFWbB5bmL=y56qYw@mail.gmail.com> References: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> <20121119164753.GK94077@anubis.morrow.me.uk> <CAKU1PAUj2gR5PGqWK8TZEOCQn3tYDgE69NrFWbB5bmL=y56qYw@mail.gmail.com> Message-ID: <20121126115235.GC76138@anubis.morrow.me.uk> At 2AM -0800 on 26/11/12 you (/#!/JoePea) wrote: > Hi, thanks for the reply. I'm new to all this. How can I tell if postfix is > deferring messages, or if it thinks they've been delieverd? Where is the > postfix log? You can tell if a message is still in the queue with 'mailq'. You can find out why by reading the log. If messages are being deferred they will eventually start bouncing, once Postfix decides they've spent too long in the queue. Postfix normally logs through the 'mail' facility of syslog. > How do I feed a message to dovecot-lda manually, as mailman? Something along the lines of sudo -u mailman /usr/lib/dovecot/dovecot-lda -f some at user -d some at user </some/mail/message as root should work, depending on your sudo setup. Otherwise you will need to use su, which can be more awkward. > How do I use LMTP instead of LDA? Read the wiki for the Dovecot end, and use virtual_transport = lmtp:unix:/path/to/lmtp/socket on the Postfix end. You will want to test the LMTP server is working manually (with nc -U or something) before trying to get Postfix to deliver to it. Ben From minfrin at sharp.fm Mon Nov 26 16:24:38 2012 From: minfrin at sharp.fm (Graham Leggett) Date: Mon, 26 Nov 2012 16:24:38 +0200 Subject: [Dovecot] IMAP proxy - can it detect parodying to itself? Message-ID: <E7B0E47F-FA5E-40F7-A4E7-7AB6565D73FC@sharp.fm> Hi all, I have some IMAP servers fronted with separate perdition processes, and it would be ideal if I could collapse this down to having dovecot do both the IMAP proxying and the IMAP serving at the same time on the same IP addresses. One of the fields in my LDAP entries contains the canonical name of the server that hosts their mailbox, and if I follow the manual at http://wiki2.dovecot.org/PasswordDatabase/ExtraFields#LDAP I could add the host field to enable proxying. My question is whether dovecot has the ability to notice whether dovecot is being asked to proxy to itself, in other words the value of "host" is the current dovecot server, and when this happens, ignore the proxy and just be a straight IMAP server, because the user has connected to the right box already. Is this possible? Regards, Graham -- -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4365 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121126/b718e8e0/attachment-0004.bin> From minfrin at sharp.fm Mon Nov 26 16:26:52 2012 From: minfrin at sharp.fm (Graham Leggett) Date: Mon, 26 Nov 2012 16:26:52 +0200 Subject: [Dovecot] IMAP proxy - can it detect parodying to itself? In-Reply-To: <E7B0E47F-FA5E-40F7-A4E7-7AB6565D73FC@sharp.fm> References: <E7B0E47F-FA5E-40F7-A4E7-7AB6565D73FC@sharp.fm> Message-ID: <064C6DB5-565C-4EE0-92D0-09921DE893FE@sharp.fm> On 26 Nov 2012, at 4:24 PM, Graham Leggett <minfrin at sharp.fm> wrote: > I have some IMAP servers fronted with separate perdition processes, and it would be ideal if I could collapse this down to having dovecot do both the IMAP proxying and the IMAP serving at the same time on the same IP addresses. A heartfelt thanks to Apple Autocorrect for changing "parodying", oops, I meant "parodying", aargh, I meant "p r o x y i n g", to parodying in the subject of this message. Regards, Graham -- -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4365 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121126/0bb4985e/attachment-0004.bin> From ben at morrow.me.uk Mon Nov 26 18:02:40 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Mon, 26 Nov 2012 16:02:40 +0000 Subject: [Dovecot] IMAP proxy - can it detect parodying to itself? In-Reply-To: <E7B0E47F-FA5E-40F7-A4E7-7AB6565D73FC@sharp.fm> References: <E7B0E47F-FA5E-40F7-A4E7-7AB6565D73FC@sharp.fm> Message-ID: <20121126160239.GD76138@anubis.morrow.me.uk> At 4PM +0200 on 26/11/12 you (Graham Leggett) wrote: > Hi all, > > I have some IMAP servers fronted with separate perdition processes, > and it would be ideal if I could collapse this down to having dovecot > do both the IMAP proxying and the IMAP serving at the same time on the > same IP addresses. > > One of the fields in my LDAP entries contains the canonical name of > the server that hosts their mailbox, and if I follow the manual at > http://wiki2.dovecot.org/PasswordDatabase/ExtraFields#LDAP I could add > the host field to enable proxying. You also need the 'proxy' or 'proxy_maybe' field, which is a boolean (the field just needs to be present). If you just configure 'host' you will get login referrals, which is not what you want. > My question is whether dovecot has the ability to notice whether > dovecot is being asked to proxy to itself, in other words the value of > "host" is the current dovecot server, and when this happens, ignore > the proxy and just be a straight IMAP server, because the user has > connected to the right box already. This is what happens if you use 'proxy_maybe' instead of 'proxy'. Ben From skdovecot at smail.inf.fh-brs.de Mon Nov 26 18:07:37 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Mon, 26 Nov 2012 17:07:37 +0100 (CET) Subject: [Dovecot] lmtp_rcpt_check_quota working somewhere? Message-ID: <alpine.DEB.2.02.1211261658550.3077@pc-2m63nn> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, I'm running Dovecot v2.1 and enabled the lmtp_rcpt_check_quota option in conf.d/20-lmtp.conf, because I just found it in the sample config. Is this option working somewhere? When I have the option enabled, I get _no_ response in the RCPT TO phase, if the user is under quota. If I go on and enter the DATA keyword eventually, I get "554 5.5.1 No valid recipients", so it looks like, the user is really ignored at all. For an user over quota, I get: 552 5.2.2 <user> Quota exceeded (mailbox for user is full) Without lmtp_rcpt_check_quota LMTP works fine. For the user over quota I get the error after DATA phase, the user under quota gets the message delivered. Regards, - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBULOTyWoxLS8a3A9mAQITfggAoC0ujUXE53ePUEsTUHXlL2S0/hQCdAgA ppZnUPv9Gjh2oZjjrOmPa+zYVnd+6xK9m58bV4b7FPC+uz1otaS205WMIeZCuy5l kTtCpNpxxNfsUDzMM8zrRf+AZODAwUzwx7yknGdpXtezIGYg7kTKIXxs3KShgI3i ML/kbj4j+YkpdR0wUnZCIVM7MBukAJ3rhSqvfcY0ekZo8+ownqVjCE1PLhFy6oGE OsN8qY272nuvY9dLjflUjOKsvPVnviIu0kgRAZEsqPPp27Jp4GMsSpqqdAhjgbzH D8n9AnxVc6KYhq8qVpsWBCNy3/CwERsadZcRnl/4zcZmq19VsLLZMQ== =Nyqj -----END PGP SIGNATURE----- From cfowler at scss.tcd.ie Mon Nov 26 19:31:00 2012 From: cfowler at scss.tcd.ie (cfowler) Date: Mon, 26 Nov 2012 17:31:00 +0000 Subject: [Dovecot] Vacation messages come from POSTMASTER, not user Message-ID: <1ae8ff5c569ca991558585c3071131c2@scss.tcd.ie> Problem : All vacation autoreplies come from the postmaster address. Expected behavior : vacation notice comes from the user who set the vacation. Platform : Dovecot 2.1.7 on Debian Squeeze ( See below for example reply, sieve script and dovecot -n output) Any help appreciated! ---------------------------------------------------------------------------------------- Sieve script used: if true { vacation :days 2 :subject "Out of Office" "I am currently out of the office"; stop; } ---------------------------------------------------------------------------------------- Return-Path: <> X-Original-To: teststff at mydomain.com Delivered-To: teststff at mydomain.com Received: from localhost (localhost [127.0.0.1]) by quicksilver.mydomain.com (Postfix) with ESMTP id 12591BE16 for <teststff at mydomain.com>; Mon, 26 Nov 2012 16:54:16 +0000 (GMT) X-Virus-Scanned: Debian amavisd-new at mydomain.com X-Spam-Flag: NO X-Spam-Score: -0.501 X-Spam-Level: X-Spam-Status: No, score=-0.501 required=5 tests=[BAYES_05=-0.5, NO_RELAYS=-0.001] autolearn=no Received: from quicksilver.mydomain.com ([127.0.0.1]) by localhost (quicksilver.mydomain.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DNM8HKzR4d0t for <teststff at mydomain.com>; Mon, 26 Nov 2012 16:54:06 +0000 (GMT) Received: by quicksilver.mydomain.com (Postfix, from userid 15099) id DA3DABE1B; Mon, 26 Nov 2012 16:54:06 +0000 (GMT) X-Sieve: Pigeonhole Sieve 0.3.0 Message-ID: <dovecot-sieve-1353948846-837692-0 at quicksilver.mydomain.com> Date: Mon, 26 Nov 2012 16:54:06 +0000 From: Postmaster <root at mydomain.com> To: <teststff at mydomain.com> Subject: Out of Office In-Reply-To: <ac0fe0e6de81129e7499aba9aa67697a at localhost> References: <ac0fe0e6de81129e7499aba9aa67697a at localhost> Auto-Submitted: auto-replied (vacation) Precedence: bulk MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit I am currently out of the office ---------------------------------------------------------------------------------------- # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.6 ext3 auth_debug = yes auth_debug_passwords = yes auth_verbose = yes listen = *, [::] log_timestamp = "%Y-%m-%d %H:%M:%S " mail_location = maildir:/var/maildirs/%n/Maildir mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave passdb { args = /etc/dovecot/dovecot-ldap.conf driver = ldap } plugin { home = /var/maildirs/%u mail_debug = yes sieve = /var/maildirs/%u/deliver.sieve sieve_dir = /var/maildirs/%n/sieve sieve_global_dir = /etc/sieve/ sieve_global_path = /etc/sieve/deliver.sieve sieve_vacation_dont_check_recipient = yes } protocols = imap pop3 sieve service auth { unix_listener /var/spool/postfix/private/dovecot-auth { group = postfix mode = 0660 user = postfix } unix_listener auth-master { mode = 0600 } user = root } service imap-login { client_limit = 256 process_min_avail = 16 service_count = 0 vsz_limit = 256 M } service managesieve-login { client_limit = 256 process_min_avail = 16 service_count = 0 vsz_limit = 256 M } service pop3-login { client_limit = 256 process_min_avail = 16 service_count = 0 vsz_limit = 256 M } ssl_cert = </var/certs/wildcard.mydomain.ie-including-chain.pem ssl_key = </var/certs/wildcard.mydomain.ie.key userdb { args = /etc/dovecot/dovecot-ldap.conf driver = ldap } protocol imap { imap_client_workarounds = delay-newmail mail_max_userip_connections = 20 } protocol pop3 { pop3_uidl_format = %08Xu%08Xv } protocol lda { auth_socket_path = /var/run/dovecot/auth-master mail_debug = yes mail_plugins = sieve postmaster_address = root at mydomain.ie } From rs at sys4.de Mon Nov 26 19:42:22 2012 From: rs at sys4.de (Robert Schetterer) Date: Mon, 26 Nov 2012 18:42:22 +0100 Subject: [Dovecot] Vacation messages come from POSTMASTER, not user In-Reply-To: <1ae8ff5c569ca991558585c3071131c2@scss.tcd.ie> References: <1ae8ff5c569ca991558585c3071131c2@scss.tcd.ie> Message-ID: <50B3A9FE.6030503@sys4.de> Am 26.11.2012 18:31, schrieb cfowler: > Problem : All vacation autoreplies come from the postmaster address. <> is not really the postmaster address, its special for the mailer daemon > Expected behavior : vacation notice comes from the user who set the > vacation. at my knowledge, does not work that way ,yet, guess what you want, might work with invoking external script via sieve wait for other responses , special stefan might give better answer about sieve > Platform : Dovecot 2.1.7 on Debian Squeeze ( See below for example > reply, sieve script and dovecot -n output) > > Any help appreciated! > > > ---------------------------------------------------------------------------------------- > > > Sieve script used: > > if true > { > vacation :days 2 :subject "Out of Office" "I am currently out of the > office"; > stop; > } > > ---------------------------------------------------------------------------------------- > > > Return-Path: <> > X-Original-To: teststff at mydomain.com > Delivered-To: teststff at mydomain.com > Received: from localhost (localhost [127.0.0.1]) > by quicksilver.mydomain.com (Postfix) with ESMTP id 12591BE16 > for <teststff at mydomain.com>; Mon, 26 Nov 2012 16:54:16 +0000 (GMT) Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From ben at morrow.me.uk Mon Nov 26 19:59:36 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Mon, 26 Nov 2012 17:59:36 +0000 Subject: [Dovecot] Vacation messages come from POSTMASTER, not user In-Reply-To: <1ae8ff5c569ca991558585c3071131c2@scss.tcd.ie> References: <1ae8ff5c569ca991558585c3071131c2@scss.tcd.ie> Message-ID: <20121126175935.GF76138@anubis.morrow.me.uk> At 5PM +0000 on 26/11/12 you (cfowler) wrote: > Problem : All vacation autoreplies come from the postmaster address. > Expected behavior : vacation notice comes from the user who set the > vacation. > Platform : Dovecot 2.1.7 on Debian Squeeze ( See below for example > reply, sieve script and dovecot -n output) <snip> > sieve_vacation_dont_check_recipient = yes Why have you set this? Normally vacation will refuse to respond to a message which doesn't have your address in one of the recipient header fields; in fact the standard says that it MUST NOT respond unless this is the case. This setting turns that check off, in which case Pigeonhole will send a vacation response (despite the standard) but sends it from Postmaster. I assume this is done for privacy reasons, since the person the vacation response is being sent to doesn't necessarily know the user who set the vacation exists, or what their address might be. If you send a message with the user's email address in To:, do you get a vacation response From: the correct address? Ben From cfowler at scss.tcd.ie Mon Nov 26 20:21:05 2012 From: cfowler at scss.tcd.ie (cfowler) Date: Mon, 26 Nov 2012 18:21:05 +0000 Subject: [Dovecot] Vacation messages come from POSTMASTER, not user In-Reply-To: <20121126175935.GF76138@anubis.morrow.me.uk> References: <1ae8ff5c569ca991558585c3071131c2@scss.tcd.ie> <20121126175935.GF76138@anubis.morrow.me.uk> Message-ID: <5fa7ee2d078f950032e1147105f2b61a@scss.tcd.ie> On 26-11-2012 17:59, Ben Morrow wrote: > At 5PM +0000 on 26/11/12 you (cfowler) wrote: >> Problem : All vacation autoreplies come from the postmaster address. >> Expected behavior : vacation notice comes from the user who set the >> vacation. >> Platform : Dovecot 2.1.7 on Debian Squeeze ( See below for example >> reply, sieve script and dovecot -n output) > <snip> > >> sieve_vacation_dont_check_recipient = yes > > Why have you set this? Normally vacation will refuse to respond to a > message which doesn't have your address in one of the recipient > header > fields; in fact the standard says that it MUST NOT respond unless > this > is the case. This setting turns that check off, in which case > Pigeonhole > will send a vacation response (despite the standard) but sends it > from > Postmaster. I assume this is done for privacy reasons, since the > person > the vacation response is being sent to doesn't necessarily know the > user > who set the vacation exists, or what their address might be. > This feature is the reason I've upgraded to 2.1.7 from 1.2.15 Our users have addresses like bmorrow at foo.com We also store aliases for them in LDAP like ben.morrow at foo.com. Postfix knows of these aliases and accepts mail for them. Most of our users prefer to hand out this alias as their email address Mails to bmorrow at foo.com were receiving vacation auto-replies as you'd expect in 1.2.15 Mails to ben.morrow at foo.com were not due to the infamous "discarding vacation response for message implicitly delivered to bmorrow at foo.com" message. I know the correct behavior is for the users to write a correct sieve script with an addresses: line, but that's not going to happen unfortunately. The users just want "Push button to make vacation go". > If you send a message with the user's email address in To:, do you > get a > vacation response From: the correct address? > No, mails to bmorrow at foo.com also get Postmaster replies. With 1.2.15 we were at least getting autoreplies from bmorrow at foo.com when a mail was sent to bmorrow at foo.com. > Ben From klimenko.n at theitidea.ru Mon Nov 26 20:58:30 2012 From: klimenko.n at theitidea.ru (=?UTF-8?B?0J3QuNC60L7Qu9Cw0Lkg0JrQu9C40LzQtdC90LrQvg==?=) Date: Mon, 26 Nov 2012 22:58:30 +0400 Subject: [Dovecot] sieve + dkim Message-ID: <50B3BBD6.5050302@theitidea.ru> message sent from the sieve-vacation does not contain dkim signature how to configure sieve to send messages via smtp transport with signing? From klimenko.n at theitidea.ru Mon Nov 26 21:26:29 2012 From: klimenko.n at theitidea.ru (=?UTF-8?B?0J3QuNC60L7Qu9Cw0Lkg0JrQu9C40LzQtdC90LrQvg==?=) Date: Mon, 26 Nov 2012 23:26:29 +0400 Subject: [Dovecot] Dovecot sieve with postfix. In-Reply-To: <50AA66A5.4050702@fi4it.de> References: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> <50AA66A5.4050702@fi4it.de> Message-ID: <50B3C265.5060409@theitidea.ru> may be this is the best way dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient} -a ${recipient} parameter-a $ {recipient} allow to keep the recipient's address in the headers "from:" 19.11.12 21:04, Fi4IT - Daniel Fischer ?????: > Hello Joe, > > i use this: > main.cf > virtual_transport = dovecot > > master.cf > dovecot unix - n n - - pipe > flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f > ${sender} -d ${recipient} > > /etc/dovecot/conf.d/15-lda.conf > protocol lda { > log_path = /var/log/sieve.log > mail_plugins = acl sieve > } > > and that works fine with my tested clients (tb,outlook,roundcube) > > daniel > > Am 19.11.2012 15:17, schrieb /#!/JoePea: >> Hi all, >> >> I can't get dovecot working with postfix. If I leave >> virtual_transport set >> to "virtual", I can send and receive messages just fine in roundcube. >> If I >> set virtual_transport to "dovecot", I can only send messages in >> roundcube, >> but incoming messages never arrive. Seems I can't get dovecot-lda to >> work. >> I need dovecot-lda in order for sieve filters to work. >> >> Any idea what I'm doing wrong? >> >> Here's `doveconf -n`: >> http://pastie.org/5401133 >> >> `postconf -n`: >> http://pastie.org/5401157 >> >> and `postconf -M`: >> http://pastie.org/5401177 >> >> Note: All I have to do is change virtual_transport = dovecot to >> virtual_transport >> = virtual and all will be fine, except for that I won't have sieve >> filtering which is what I really want. >> >> */#!/*JoePea >> From user+dovecot at localhost.localdomain.org Mon Nov 26 21:52:44 2012 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Mon, 26 Nov 2012 20:52:44 +0100 Subject: [Dovecot] sieve + dkim In-Reply-To: <50B3BBD6.5050302@theitidea.ru> References: <50B3BBD6.5050302@theitidea.ru> Message-ID: <50B3C88C.908@localhost.localdomain.org> On 11/26/2012 07:58 PM ??????? ???????? wrote: > message sent from the sieve-vacation does not contain dkim signature > > how to configure sieve to send messages via smtp transport with signing? Configure a submission host: http://hg.dovecot.org/dovecot-2.1/file/e95479f439aa/doc/example-config/conf.d/15-lda.conf#l20 Regards, Pascal -- The trapper recommends today: face1e55.1233120 at localdomain.org From design at 1stwebdesigns.com Mon Nov 26 21:58:43 2012 From: design at 1stwebdesigns.com (1st WebDesigns) Date: Mon, 26 Nov 2012 19:58:43 +0000 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <50AFE3B3.2020408@hardwarefreak.com> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> <50A0DA65.9080503@1stwebdesigns.com> <50AE15E8.7050400@hardwarefreak.com> <50AE9880.7040405@1stwebdesigns.com> <50AF12A4.7060201@hardwarefreak.com> <50AF5FA6.5070500@1stwebdesigns.com> <50AFE3B3.2020408@hardwarefreak.com> Message-ID: <50B3C9F3.6070709@1stwebdesigns.com> > So this is a step in the right direction. But still far less than > optimal. The read/write lock contention on mbox is unnecessarily eating > up system resources (mainly memory), and causing unnecessary delivery > delays to the mailbox. You should really start looking at migrating to > maildir. It's not that difficult (though maybe more so with 1.0.7) if > you don't have a ton of mailboxes, and especially with POP since the > mailboxes typically wont be holding much mail to migrate. How many do > you have? There's around four hundred mail boxes or so. Some used more intensively than others. > >> Our server is with Rackspace, and RHEL5 is the OS they offered us as an >> upgrade path from RHEL4. So they're getting the support from Red Hat >> and we're getting the support from Rackspace. > > The plot thickens again. You're using a rented server. Sigh... > > This entire thread could have been greatly shortened, saving all of us > much time, if you'd have given all these details up front. > > Is this a cloud server (shared host), or a dedicated server? It's a dedicated server > > FWIW, you don't have RHEL5, but CentOS 5. Hosting companies don't pay > for RHEL licenses for 10s of thousands of hosts. It's RHEL5: $cat /etc/issue Red Hat Enterprise Linux Server release 5.8 (Tikanga) The cost of the license is included in our contract. > > I have a few salient recommendations for you: > > 1. Migrate to maildir. It is far more appropriate for a POP workload. Yes, this will be our next course of action > 2. Switch to a hosting provider that offers much more recent software. We can upgrade the software if we wish, but will no longer get full support from Rackspace if we do this. > 3. Or, get a colo server so you can use whatever software you wish. We can install whatever software we wish at the moment, but see the point above. > > Finally, if this email service you're providing isn't all that critical > to you or your organization, simply prod along as you have been, > fighting these problems frequently along the way. > It's kind of working ok now but we will go with your recommendation of switching to maildir when we have time. Thanks for your help From kgc at corp.sonic.net Mon Nov 26 22:03:14 2012 From: kgc at corp.sonic.net (Kelsey Cummings) Date: Mon, 26 Nov 2012 12:03:14 -0800 Subject: [Dovecot] memory allocation issues In-Reply-To: <840D1B6B-956A-442C-8550-62EBAD352B73@iki.fi> References: <20121109004915.GJ70186@corp.sonic.net> <840D1B6B-956A-442C-8550-62EBAD352B73@iki.fi> Message-ID: <20121126200314.GH62311@corp.sonic.net> On Fri, Nov 23, 2012 at 08:36:37AM +0200, Timo Sirainen wrote: > On 9.11.2012, at 2.49, Kelsey Cummings wrote: > > One of our dovecot backend servers ran into a problem with it's auth > > process a few days ago. This doesn't appear to be the error logged when > > dovecot hits its internal limit so I'm not sure what is going on here. > > > > auth: Error: malloc: 58012: Cannot allocate memory > > auth: Error: Unable to allocate memory for mutexes from the region > > auth: Error: PANIC: Cannot allocate memory > > auth: passwd(test,1.1.1.1,<8HTlNHzNIQBAjhKC>): unknown user > > It would have been nicer if libc would have just crashed the process instead of silently converting it into "unknown user" error.. That's probably actually a bug since the getpwuid_r() that Dovecot uses would have been able to return an error message. We saw two boxes do this over the weekend. > > pop3: Error: Authenticated user not found from userdb, auth lookup +id=2509111297 (client-pid=4781 client-id=1) > > pop3-login: Internal login failure (pid=4781 id=1) (internal failure, 1 +succesful auths): user=<test>... > > > > There was at least 10+GB free RAM on the server and no indication of a > > system level issue at the same time. The server is running 2.1.9. > > There were about 3,200 active sessions, with something like 12 new > > sessions/sec. The other identical servers are/were handling virtually > > identical load with the same service uptime and haven't had any issues > > so far. (Crash happened 7 days ago.) > > Memory leak maybe? service auth { vsz_limit } anyway was reached (default 256 MB). It is currently set to 768M, I'll go ahead and raise it up to 1G. Anything I can do to help see if it is a memory leak? # dovecot -n # 2.1.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-279.9.1.el6.x86_64 x86_64 Scientific Linux release 6.3 (Carbon) auth_master_user_separator = * auth_username_format = %Ln auth_verbose = yes auth_verbose_passwords = sha1 auth_worker_max_count = 64 login_log_format_elements = user=<%u> session=%{session} method=%m rip=%r lip=%l mpid=%e %c mail_fsync = always mail_log_prefix = "%s(%u): session=%{session} " mail_plugins = stats zlib maildir_very_dirty_syncs = yes mmap_disable = yes namespace { inbox = yes location = prefix = INBOX. separator = . type = private } passdb { args = /etc/dovecot/master-users driver = passwd-file master = yes } passdb { args = imap driver = pam } plugin { lazy_expunge = DELETED_MESSAGES. mail_log_events = delete expunge flag_change mail_log_fields = uid box msgid from flags size quota = fs:User quota stats_refresh = 30 secs stats_track_cmds = yes } protocols = imap pop3 service anvil { client_limit = 10000 } service auth { client_limit = 10000 vsz_limit = 768 M } service doveadm { inet_listener { port = 1842 } unix_listener doveadm-server { mode = 0666 } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } process_limit = 7000 process_min_avail = 32 vsz_limit = 256 M } service imap-postlogin { executable = script-login -d /etc/dovecot/bin/sonic-imap-postlogin user = $default_internal_user } service imap { executable = imap imap-postlogin process_limit = 4096 vsz_limit = 512 M } service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } process_limit = 2000 process_min_avail = 32 vsz_limit = 256 M } service pop3-postlogin { executable = script-login -d /etc/dovecot/bin/sonic-pop3-postlogin user = $default_internal_user } service pop3 { executable = pop3 pop3-postlogin process_limit = 4096 } service stats { fifo_listener stats-mail { mode = 0666 } } shutdown_clients = no ssl = required ssl_parameters_regenerate = 1 days syslog_facility = local0 userdb { driver = passwd } verbose_proctitle = yes protocol imap { imap_id_send = support-url support-email mail_max_userip_connections = 20 mail_plugins = stats zlib mwi_update mail_log notify imap_stats imap_zlib } protocol pop3 { mail_plugins = stats zlib lazy_expunge pop3_fast_size_lookups = yes pop3_uidl_format = %f } -- Kelsey Cummings - kgc at corp.sonic.net sonic.net, inc. System Architect 2260 Apollo Way 707.522.1000 Santa Rosa, CA 95407 From klimenko.n at theitidea.ru Mon Nov 26 22:13:24 2012 From: klimenko.n at theitidea.ru (=?UTF-8?B?0J3QuNC60L7Qu9Cw0Lkg0JrQu9C40LzQtdC90LrQvg==?=) Date: Tue, 27 Nov 2012 00:13:24 +0400 Subject: [Dovecot] sieve + dkim In-Reply-To: <50B3C88C.908@localhost.localdomain.org> References: <50B3BBD6.5050302@theitidea.ru> <50B3C88C.908@localhost.localdomain.org> Message-ID: <50B3CD64.2090409@theitidea.ru> thx for answer i use 1.x I found the solution in main.cf content_filter=smtp-amavis:[127.0.0.1]:10026 #filter with dkim and in master.cf public_ip_external_user:smtp inet n - - - - smtpd #some smtpd_recipient_restrictions rules #some smtpd_sender_restrictions rules -o content_filter=smtp-amavis:[127.0.0.1]:10024 #filter for external user 26.11.12 23:52, Pascal Volk ?????: > On 11/26/2012 07:58 PM ??????? ???????? wrote: >> message sent from the sieve-vacation does not contain dkim signature >> >> how to configure sieve to send messages via smtp transport with signing? > Configure a submission host: > http://hg.dovecot.org/dovecot-2.1/file/e95479f439aa/doc/example-config/conf.d/15-lda.conf#l20 > > > Regards, > Pascal From stephan at rename-it.nl Mon Nov 26 22:17:54 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Mon, 26 Nov 2012 21:17:54 +0100 Subject: [Dovecot] Vacation messages come from POSTMASTER, not user In-Reply-To: <1ae8ff5c569ca991558585c3071131c2@scss.tcd.ie> References: <1ae8ff5c569ca991558585c3071131c2@scss.tcd.ie> Message-ID: <50B3CE72.3040507@rename-it.nl> On 11/26/2012 6:31 PM, cfowler wrote: > Problem : All vacation autoreplies come from the postmaster address. > Expected behavior : vacation notice comes from the user who set the > vacation. > Platform : Dovecot 2.1.7 on Debian Squeeze ( See below for example > reply, sieve script and dovecot -n output) > > Any help appreciated! This should fix that: http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/b56711807edc Regards, Stephan. From stephan at rename-it.nl Mon Nov 26 22:28:05 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Mon, 26 Nov 2012 21:28:05 +0100 Subject: [Dovecot] Vacation messages come from POSTMASTER, not user In-Reply-To: <20121126175935.GF76138@anubis.morrow.me.uk> References: <1ae8ff5c569ca991558585c3071131c2@scss.tcd.ie> <20121126175935.GF76138@anubis.morrow.me.uk> Message-ID: <50B3D0D5.30302@rename-it.nl> On 11/26/2012 6:59 PM, Ben Morrow wrote: > At 5PM +0000 on 26/11/12 you (cfowler) wrote: > This setting turns that check off, in which case Pigeonhole > will send a vacation response (despite the standard) but sends it from > Postmaster. Actually, this shouldn't have happened. Originally, it would only use 'Postmaster' when the recipient address is unknown, but that situation would never occur. With the addition of the dont_check_recipient setting, this got changed unintentionally. > I assume this is done for privacy reasons, since the person > the vacation response is being sent to doesn't necessarily know the user > who set the vacation exists, or what their address might be. Interesting notion, but the real reason is of a more stupid nature as explained above. :) Do you think this is something people would want to configure? Since this particular feature deviates from the standard to begin with, nothing is specified about what should be done. I think the added anonymity would often be useless, because the content of the vacation message can contain all sorts of information on the recipient, including the mail address, e.g. in the signature. > If you send a message with the user's email address in To:, do you get a > vacation response From: the correct address? Since the recipient check is not performed, the recipient address used for the reply remained NULL and the reply code would revert to Postmaster at all times. This is fixed now. Regards, Stephan. From CMarcus at Media-Brokers.com Mon Nov 26 22:33:25 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Mon, 26 Nov 2012 15:33:25 -0500 Subject: [Dovecot] sieve + dkim In-Reply-To: <50B3CD64.2090409@theitidea.ru> References: <50B3BBD6.5050302@theitidea.ru> <50B3C88C.908@localhost.localdomain.org> <50B3CD64.2090409@theitidea.ru> Message-ID: <50B3D215.2060806@Media-Brokers.com> You do know that inline comments as you have below are not supported in postfix config files and WILL cause unexpected behavior depending on where they are and what they contain, right? On 2012-11-26 3:13 PM, ??????? ???????? <klimenko.n at theitidea.ru> wrote: > thx for answer > > i use 1.x > I found the solution > > in main.cf > content_filter=smtp-amavis:[127.0.0.1]:10026 #filter with dkim > > and in master.cf > public_ip_external_user:smtp inet n - - > - - smtpd > #some smtpd_recipient_restrictions rules > #some smtpd_sender_restrictions rules > -o content_filter=smtp-amavis:[127.0.0.1]:10024 #filter for > external user > > > 26.11.12 23:52, Pascal Volk ?????: >> On 11/26/2012 07:58 PM ??????? ???????? wrote: >>> message sent from the sieve-vacation does not contain dkim signature >>> >>> how to configure sieve to send messages via smtp transport with >>> signing? >> Configure a submission host: >> http://hg.dovecot.org/dovecot-2.1/file/e95479f439aa/doc/example-config/conf.d/15-lda.conf#l20 >> >> >> >> Regards, >> Pascal > > -- Best regards, Charles Marcus I.T. Director Media Brokers International, Inc. 678.514.6200 x224 | 678.514.6299 fax From klimenko.n at theitidea.ru Mon Nov 26 22:41:19 2012 From: klimenko.n at theitidea.ru (=?UTF-8?B?0J3QuNC60L7Qu9Cw0Lkg0JrQu9C40LzQtdC90LrQvg==?=) Date: Tue, 27 Nov 2012 00:41:19 +0400 Subject: [Dovecot] sieve + dkim In-Reply-To: <50B3D215.2060806@Media-Brokers.com> References: <50B3BBD6.5050302@theitidea.ru> <50B3C88C.908@localhost.localdomain.org> <50B3CD64.2090409@theitidea.ru> <50B3D215.2060806@Media-Brokers.com> Message-ID: <50B3D3EF.5060005@theitidea.ru> yes of course this is only remarks for easily understanding 27.11.12 0:33, Charles Marcus ?????: > You do know that inline comments as you have below are not supported > in postfix config files and WILL cause unexpected behavior depending > on where they are and what they contain, right? > > On 2012-11-26 3:13 PM, ??????? ???????? <klimenko.n at theitidea.ru> wrote: >> thx for answer >> >> i use 1.x >> I found the solution >> >> in main.cf >> content_filter=smtp-amavis:[127.0.0.1]:10026 #filter with dkim >> >> and in master.cf >> public_ip_external_user:smtp inet n - - >> - - smtpd >> #some smtpd_recipient_restrictions rules >> #some smtpd_sender_restrictions rules >> -o content_filter=smtp-amavis:[127.0.0.1]:10024 #filter for >> external user >> >> >> 26.11.12 23:52, Pascal Volk ?????: >>> On 11/26/2012 07:58 PM ??????? ???????? wrote: >>>> message sent from the sieve-vacation does not contain dkim signature >>>> >>>> how to configure sieve to send messages via smtp transport with >>>> signing? >>> Configure a submission host: >>> http://hg.dovecot.org/dovecot-2.1/file/e95479f439aa/doc/example-config/conf.d/15-lda.conf#l20 >>> >>> >>> >>> Regards, >>> Pascal >> >> From trusktr at gmail.com Mon Nov 26 22:59:12 2012 From: trusktr at gmail.com (/#!/JoePea) Date: Mon, 26 Nov 2012 12:59:12 -0800 Subject: [Dovecot] Dovecot sieve with postfix. In-Reply-To: <20121126115235.GC76138@anubis.morrow.me.uk> References: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> <20121119164753.GK94077@anubis.morrow.me.uk> <CAKU1PAUj2gR5PGqWK8TZEOCQn3tYDgE69NrFWbB5bmL=y56qYw@mail.gmail.com> <20121126115235.GC76138@anubis.morrow.me.uk> Message-ID: <CAKU1PAXy2P0u+qvi7_k9MygZ_QLd2=zJ9Xeck3B6WdOCYoEZMA@mail.gmail.com> Hi Ben, Indeed, the mailq command shows my test messages sitting there with "mail transport unavailable". > ??[11:48:22/hypership/root/~] > ??? mailq > -Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient------- > 2DCCB580C01 1901 Mon Nov 26 11:45:02 trusktr at gmail.com > (mail transport > unavailable) > trusktr at bettafootwear.com > > B1449580C03 1895 Mon Nov 26 11:48:41 trusktr at gmail.com > (mail transport > unavailable) > trusktr at bettafootwear.com > > -- 5 Kbytes in 2 Requests. > I checked in /etc/syslog-ng/syslog-ng.conf and it shows destination d_mail { file("/var/log/mail.log"); }; but there is no such mail.log file so I created one. I logged in as mailman by doing su -s /bin/bash mailman then ran /usr/lib/dovecot/dovecot-lda -f trusktr at gmail.com -d trusktr at bettafootwear.com </home/mailman/test_msg.txt where /home/mailman/test_msg.txt contains a plain text sentence. After doing that, mailq shows the new messages, but with the same "mail transport unavailable" message. However, in Roundcube I see a new blank message with no subject for each attempt of the dovecot-lda command. Also, the after running the dovecot-lda command a few times, I noticed it was saying that the log files weren't writable (permission denied), so I fixed that... However, that doesn't seem to have fixed the problem as test emails from gmail still don't appear in Roundcube, but I see them with mailq with "mail transport unavailable". I'll skip setting up LMTP until I get it working with LDA so I know what I'm doing before getting into more complications. */#!/*JoePea On Mon, Nov 26, 2012 at 3:52 AM, Ben Morrow <ben at morrow.me.uk> wrote: > At 2AM -0800 on 26/11/12 you (/#!/JoePea) wrote: > > Hi, thanks for the reply. I'm new to all this. How can I tell if postfix > is > > deferring messages, or if it thinks they've been delieverd? Where is the > > postfix log? > > You can tell if a message is still in the queue with 'mailq'. You can > find out why by reading the log. If messages are being deferred they > will eventually start bouncing, once Postfix decides they've spent too > long in the queue. > > Postfix normally logs through the 'mail' facility of syslog. > > > How do I feed a message to dovecot-lda manually, as mailman? > > Something along the lines of > > sudo -u mailman /usr/lib/dovecot/dovecot-lda -f some at user > -d some at user </some/mail/message > > as root should work, depending on your sudo setup. Otherwise you will > need to use su, which can be more awkward. > > > How do I use LMTP instead of LDA? > > Read the wiki for the Dovecot end, and use > > virtual_transport = lmtp:unix:/path/to/lmtp/socket > > on the Postfix end. You will want to test the LMTP server is working > manually (with nc -U or something) before trying to get Postfix to > deliver to it. > > Ben > > From stan at hardwarefreak.com Mon Nov 26 23:15:42 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Mon, 26 Nov 2012 15:15:42 -0600 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <50B3C9F3.6070709@1stwebdesigns.com> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> <50A0DA65.9080503@1stwebdesigns.com> <50AE15E8.7050400@hardwarefreak.com> <50AE9880.7040405@1stwebdesigns.com> <50AF12A4.7060201@hardwarefreak.com> <50AF5FA6.5070500@1stwebdesigns.com> <50AFE3B3.2020408@hardwarefreak.com> <50B3C9F3.6070709@1stwebdesigns.com> Message-ID: <50B3DBFE.1090400@hardwarefreak.com> On 11/26/2012 1:58 PM, 1st WebDesigns wrote: > >> So this is a step in the right direction. But still far less than >> optimal. The read/write lock contention on mbox is unnecessarily eating >> up system resources (mainly memory), and causing unnecessary delivery >> delays to the mailbox. You should really start looking at migrating to >> maildir. It's not that difficult (though maybe more so with 1.0.7) if >> you don't have a ton of mailboxes, and especially with POP since the >> mailboxes typically wont be holding much mail to migrate. How many do >> you have? > > There's around four hundred mail boxes or so. Some used more > intensively than others. There are methods to convert one mailbox at a time, groups of mailboxes, or all mailboxes in one fell swoop in a batch mode. I'm uncertain WRT the status of the tools in 1.0.7, but given the age of that release you may avoid problems by upgrading to Dovecot 1.2.x or later before doing the conversion. If you attempt the conversion on 1.0.7 and hit snags, this mailing list may not be of much help as nobody has used 1.0.7 for years. You may want to post a new thread asking Timo about such a conversion with 1.0.7. He doesn't seem to be paying attention to this thread. >>> Our server is with Rackspace, and RHEL5 is the OS they offered us as an >>> upgrade path from RHEL4. So they're getting the support from Red Hat >>> and we're getting the support from Rackspace. >> >> The plot thickens again. You're using a rented server. Sigh... >> >> This entire thread could have been greatly shortened, saving all of us >> much time, if you'd have given all these details up front. >> >> Is this a cloud server (shared host), or a dedicated server? > > It's a dedicated server > >> >> FWIW, you don't have RHEL5, but CentOS 5. Hosting companies don't pay >> for RHEL licenses for 10s of thousands of hosts. > > It's RHEL5: > > $cat /etc/issue > Red Hat Enterprise Linux Server release 5.8 (Tikanga) > > The cost of the license is included in our contract. Now that's interesting. >> >> I have a few salient recommendations for you: >> >> 1. Migrate to maildir. It is far more appropriate for a POP workload. > > Yes, this will be our next course of action > >> 2. Switch to a hosting provider that offers much more recent software. > > We can upgrade the software if we wish, but will no longer get full > support from Rackspace if we do this. And you consider this a net loss? If you're that dependent on your provider's tit, find one that can suckle you on RHEL 6.3. Or buy your copy/license directly from Red Hat and get support directly from them. >> 3. Or, get a colo server so you can use whatever software you wish. > > We can install whatever software we wish at the moment, but see the > point above. See my point above. And WRT Dovecot and most other application software, you'll get better support from the community than your bulk hosting provider anyway. Their primary business is making $$ from providing you a host and a pipe. Customer support is a cost, especially application support, not a profit center, and thus is almost always a secondary concern at best. Red Hat's entire business model is customer support, same for SuSE. >> Finally, if this email service you're providing isn't all that critical >> to you or your organization, simply prod along as you have been, >> fighting these problems frequently along the way. > > It's kind of working ok now but we will go with your recommendation of > switching to maildir when we have time. Thanks for your help As I said, you can migrate users individually. You could easily do 10 users a day during coffee breaks etc and be done in a month plus. Do 40 a day and you're done in 10 days. The only time you'll burn is in the learning curve, not the actual mailbox migration which takes no time at all with POP accounts. Always test with a dummy mailbox first to iron out any issues. Then start migrating the problem users first, the smart phone users who tie up their mailboxes for many minutes during download. -- Stan From trusktr at gmail.com Mon Nov 26 23:15:56 2012 From: trusktr at gmail.com (/#!/JoePea) Date: Mon, 26 Nov 2012 13:15:56 -0800 Subject: [Dovecot] Dovecot sieve with postfix. In-Reply-To: <50B3C265.5060409@theitidea.ru> References: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> <50AA66A5.4050702@fi4it.de> <50B3C265.5060409@theitidea.ru> Message-ID: <CAKU1PAVGcAMwPPENVoN8t23zhd5xehKQ2tSB-=4SPVOwT3dNEA@mail.gmail.com> Hi, thanks for the reply, What's the difference between dovecot-lda and deliver? Are they the same? The manpages are identical. I tried both and I also tried adding the -a ${recipient} argument but there was no change. It still doesn't work. Any other ideas? */#!/*JoePea On Mon, Nov 26, 2012 at 11:26 AM, ??????? ???????? <klimenko.n at theitidea.ru>wrote: > may be this is the best way > > > dovecot unix - n n - - pipe > flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} > -d ${recipient} -a ${recipient} > > parameter-a $ {recipient} > allow to keep the recipient's address in the headers "from:" > > > 19.11.12 21:04, Fi4IT - Daniel Fischer ?????: > > Hello Joe, >> >> i use this: >> main.cf >> virtual_transport = dovecot >> >> master.cf >> dovecot unix - n n - - pipe >> flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} >> -d ${recipient} >> >> /etc/dovecot/conf.d/15-lda.**conf >> protocol lda { >> log_path = /var/log/sieve.log >> mail_plugins = acl sieve >> } >> >> and that works fine with my tested clients (tb,outlook,roundcube) >> >> daniel >> >> Am 19.11.2012 15:17, schrieb /#!/JoePea: >> >>> Hi all, >>> >>> I can't get dovecot working with postfix. If I leave virtual_transport >>> set >>> to "virtual", I can send and receive messages just fine in roundcube. If >>> I >>> set virtual_transport to "dovecot", I can only send messages in >>> roundcube, >>> but incoming messages never arrive. Seems I can't get dovecot-lda to >>> work. >>> I need dovecot-lda in order for sieve filters to work. >>> >>> Any idea what I'm doing wrong? >>> >>> Here's `doveconf -n`: >>> http://pastie.org/5401133 >>> >>> `postconf -n`: >>> http://pastie.org/5401157 >>> >>> and `postconf -M`: >>> http://pastie.org/5401177 >>> >>> Note: All I have to do is change virtual_transport = dovecot to >>> virtual_transport >>> = virtual and all will be fine, except for that I won't have sieve >>> filtering which is what I really want. >>> >>> */#!/*JoePea >>> >>> > From design at 1stwebdesigns.com Mon Nov 26 23:39:18 2012 From: design at 1stwebdesigns.com (1st WebDesigns) Date: Mon, 26 Nov 2012 21:39:18 +0000 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <50B3DBFE.1090400@hardwarefreak.com> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> <50A0DA65.9080503@1stwebdesigns.com> <50AE15E8.7050400@hardwarefreak.com> <50AE9880.7040405@1stwebdesigns.com> <50AF12A4.7060201@hardwarefreak.com> <50AF5FA6.5070500@1stwebdesigns.com> <50AFE3B3.2020408@hardwarefreak.com> <50B3C9F3.6070709@1stwebdesigns.com> <50B3DBFE.1090400@hardwarefreak.com> Message-ID: <50B3E186.2040501@1stwebdesigns.com> Thanks, all your comments are noted. > As I said, you can migrate users individually. You could easily do 10 > users a day during coffee breaks etc and be done in a month plus. Do 40 > a day and you're done in 10 days. The only time you'll burn is in the > learning curve, not the actual mailbox migration which takes no time at > all with POP accounts. That's interesting, as I (wrongly) assumed switching from mbox to maildir was an all or nothing process. You're saying we can run half the mailboxes in mbox format and the other half in maildir format? In which case we can get going with this sooner than I thought. > > Always test with a dummy mailbox first to iron out any issues. Then > start migrating the problem users first, the smart phone users who tie > up their mailboxes for many minutes during download. > Thank you - I would probably start with the CEO's mailbox first and then go from there >:-D From ben at morrow.me.uk Tue Nov 27 00:14:59 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Mon, 26 Nov 2012 22:14:59 +0000 Subject: [Dovecot] Vacation messages come from POSTMASTER, not user In-Reply-To: <5fa7ee2d078f950032e1147105f2b61a@scss.tcd.ie> References: <1ae8ff5c569ca991558585c3071131c2@scss.tcd.ie> <20121126175935.GF76138@anubis.morrow.me.uk> <5fa7ee2d078f950032e1147105f2b61a@scss.tcd.ie> Message-ID: <20121126221458.GG76138@anubis.morrow.me.uk> At 6PM +0000 on 26/11/12 you (cfowler) wrote: > On 26-11-2012 17:59, Ben Morrow wrote: > > At 5PM +0000 on 26/11/12 you (cfowler) wrote: > >> Problem : All vacation autoreplies come from the postmaster address. > >> Expected behavior : vacation notice comes from the user who set the > >> vacation. > >> Platform : Dovecot 2.1.7 on Debian Squeeze ( See below for example > >> reply, sieve script and dovecot -n output) > > <snip> > > > >> sieve_vacation_dont_check_recipient = yes > > > > Why have you set this? Normally vacation will refuse to respond to a > > message which doesn't have your address in one of the recipient > > header fields; in fact the standard says that it MUST NOT respond > > unless this is the case. (Stephan has explained that I am wrong here: that's what comes from reading the code rather than running it...) > This feature is the reason I've upgraded to 2.1.7 from 1.2.15 > > Our users have addresses like bmorrow at foo.com > We also store aliases for them in LDAP like ben.morrow at foo.com. Postfix > knows of these aliases and accepts mail for them. Most of our users > prefer to hand out this alias as their email address > > Mails to bmorrow at foo.com were receiving vacation auto-replies as you'd > expect in 1.2.15 > Mails to ben.morrow at foo.com were not due to the infamous "discarding > vacation response for message implicitly delivered to bmorrow at foo.com" > message. > > I know the correct behavior is for the users to write a correct sieve > script with an addresses: line, but that's not going to happen > unfortunately. The users just want "Push button to make vacation go". I see... this is a little tricky, yes, and I think you're right this is the only straightforward solution at the moment. You do want to be a little careful about enabling this, though: the restriction is there in the standard to prevent automated replies from being sent for messages to mailing lists and group aliases and such, where the sender does not (and should not) know the list of final delivery addresses, and certainly doesn't want vacation replies from all of them. Since most mailing lists now set the List-* headers (which prevent vacation replies anyway), they should be OK, so this is probably only a problem if you use internal aliases which expand to lists of users. Ideally pigeonhole would take advantage of this paragraph in the standard An email address is considered to belong to the recipient if it is one of: 1. an email address known by the implementation to be associated with the recipient, and allow you to specify a dict in which to lookup a default :addresses list for each recipient. That way you could turn this parameter back off, but instead give Dovecot the information it needs to determine that a message To: <ben.morrow at foo.com> was in fact directly addressed to this user. I wonder how difficult that would be... > > If you send a message with the user's email address in To:, do you > > get a > > vacation response From: the correct address? > > > > No, mails to bmorrow at foo.com also get Postmaster replies. > With 1.2.15 we were at least getting autoreplies from bmorrow at foo.com > when a mail was sent to bmorrow at foo.com. Stephan said xthread that this has now been fixed. Ben From stan at hardwarefreak.com Tue Nov 27 02:27:58 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Mon, 26 Nov 2012 18:27:58 -0600 Subject: [Dovecot] cannot update mailbox - unable to lock for exclusive access In-Reply-To: <50B3E186.2040501@1stwebdesigns.com> References: <509B6D51.8030408@1stwebdesigns.com> <509B7A27.3080308@hardwarefreak.com> <20121108235334.GB89679@anubis.morrow.me.uk> <50A0DA65.9080503@1stwebdesigns.com> <50AE15E8.7050400@hardwarefreak.com> <50AE9880.7040405@1stwebdesigns.com> <50AF12A4.7060201@hardwarefreak.com> <50AF5FA6.5070500@1stwebdesigns.com> <50AFE3B3.2020408@hardwarefreak.com> <50B3C9F3.6070709@1stwebdesigns.com> <50B3DBFE.1090400@hardwarefreak.com> <50B3E186.2040501@1stwebdesigns.com> Message-ID: <50B4090E.1090809@hardwarefreak.com> On 11/26/2012 3:39 PM, 1st WebDesigns wrote: > Thanks, all your comments are noted. > >> As I said, you can migrate users individually. You could easily do 10 >> users a day during coffee breaks etc and be done in a month plus. Do 40 >> a day and you're done in 10 days. The only time you'll burn is in the >> learning curve, not the actual mailbox migration which takes no time at >> all with POP accounts. > > That's interesting, as I (wrongly) assumed switching from mbox to > maildir was an all or nothing process. You're saying we can run half > the mailboxes in mbox format and the other half in maildir format? > > In which case we can get going with this sooner than I thought. Yes, this can be done. But if you're using UNIX system user accounts IIRC you'll have to convert to virtual users before you can migrate one user at a time. Virtual user setup is required to change mail_location on a per user basis. With system users mail_location is defined once for all users. Converting to virtual users first makes the process more painful. I've not done such a POP mbox<>maildir migration myself, so hopefully someone who has will chime in. If not start a new thread called "need POP mbox<>maildir migration help" or similar. And again, I wouldn't try any of this with 1.0.7. Upgrade to at least 1.2.x first. >> Always test with a dummy mailbox first to iron out any issues. Then >> start migrating the problem users first, the smart phone users who tie >> up their mailboxes for many minutes during download. >> > > Thank you - I would probably start with the CEO's mailbox first and then > go from there >:-D Start a new thread as I suggested. State your version, current user account type (system or virtual), and post your dovecot -n at the end of the email. You'll get many more helpful suggestions and insight from people who've actually done this migration. -- Stan From tss at iki.fi Tue Nov 27 02:42:20 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 02:42:20 +0200 Subject: [Dovecot] lmtp_rcpt_check_quota working somewhere? In-Reply-To: <alpine.DEB.2.02.1211261658550.3077@pc-2m63nn> References: <alpine.DEB.2.02.1211261658550.3077@pc-2m63nn> Message-ID: <19E4CB4D-7961-49A2-84CD-D0370A0B364A@iki.fi> On 26.11.2012, at 18.07, Steffen Kaiser wrote: > I'm running Dovecot v2.1 and enabled the > > lmtp_rcpt_check_quota > > option in conf.d/20-lmtp.conf, because I just found it in the sample config. > > Is this option working somewhere? > > When I have the option enabled, I get _no_ response in the RCPT TO phase, if the user is under quota. If I go on and enter the DATA keyword eventually, I get "554 5.5.1 No valid recipients", so it looks like, the user is really ignored at all. Fixed: http://hg.dovecot.org/dovecot-2.1/rev/bebe54e1d640 From tss at iki.fi Tue Nov 27 03:00:29 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 03:00:29 +0200 Subject: [Dovecot] shared mailboxes and indexes In-Reply-To: <099qpni2j8v8@mids.svenhartge.de> References: <50A61147.5040201@um.es> <14BDCFB7-B11E-4D4A-95AD-5BB92085DB91@iki.fi> <50AF5D9C.7050204@skye.it> <7DEEDB49-0441-4194-911D-6B5E4E5ADCD1@iki.fi> <099qpni2j8v8@mids.svenhartge.de> Message-ID: <4FC65E25-4154-4F8E-A1DB-D4BD7A900A98@iki.fi> On 23.11.2012, at 17.53, Sven Hartge wrote: >>>> BTW. Do you have multiple Dovecot backend servers? Director works >>>> only when you're not using shared mailboxes.. > >> You can't reliably do it if the mailboxes are accessed directly via >> NFS. The current idea to solve this is to use imapc backend with >> master users, so the actual mailbox access for each user is always >> done by only one server. I think someone already managed to configure >> such a setup. > > This was me. > > It works (with one minor quirk, more on this later) in my current test > setup like so: > > a) 1 to X user-servers with the users mailboxes on them > b) 1 shared-server with the shared mailboxes on them For implementing shared mailboxes between all user servers, I think what would need to be developed is: > imapc_host = m-st-sh-01.example.com > imapc_master_user = %u > imapc_user = shared Somehow being able to set "imapc_user = %%u" where %%u expands to the shared namespace's username. Or maybe setting the imapc_user automatically to that when accessing it via type=shared namespace. > Note: You CANNOT have ACLs activated on the users-servers, because this > will interfere with the permissions of ht IMAPShared namespace, > rendering the mailboxes located in there unavailable for your users. And some way to disable ACLs for shared namespaces that use imapc. Not sure what would be a nice way of doing this. The attached patch contains these two changes. The first one I could commit immediately. The second one probably would need to be configurable somehow (maybe a generic disable_acls=yes setting for namespace?) -------------- next part -------------- A non-text attachment was scrubbed... Name: diff Type: application/octet-stream Size: 1148 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121127/1d852c4f/attachment-0004.obj> -------------- next part -------------- > Now the mentioned quirk: Because all connections on the shared-server > are made to the same user "shared" and are coming from very few IPs > (the 1 to X user-servers), you need to set a very high > mail_max_userip_connections value. > > I set mine to 1000 just to be sure. > > ---> But: I have NOT configured login_trusted_networks, so this may be > my error in that case. I don't think that setting helps. From tss at iki.fi Tue Nov 27 03:01:23 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 03:01:23 +0200 Subject: [Dovecot] shared mailboxes and indexes In-Reply-To: <4FC65E25-4154-4F8E-A1DB-D4BD7A900A98@iki.fi> References: <50A61147.5040201@um.es> <14BDCFB7-B11E-4D4A-95AD-5BB92085DB91@iki.fi> <50AF5D9C.7050204@skye.it> <7DEEDB49-0441-4194-911D-6B5E4E5ADCD1@iki.fi> <099qpni2j8v8@mids.svenhartge.de> <4FC65E25-4154-4F8E-A1DB-D4BD7A900A98@iki.fi> Message-ID: <EACB2A56-A9B7-4F4E-8BAB-97ADC617678D@iki.fi> On 27.11.2012, at 3.00, Timo Sirainen wrote: >> Now the mentioned quirk: Because all connections on the shared-server >> are made to the same user "shared" and are coming from very few IPs >> (the 1 to X user-servers), you need to set a very high >> mail_max_userip_connections value. >> >> I set mine to 1000 just to be sure. >> >> ---> But: I have NOT configured login_trusted_networks, so this may be >> my error in that case. > > I don't think that setting helps. But something like this should help: remote 10.0.0.0/8 { mail_max_userip_connections = 0 } From tss at iki.fi Tue Nov 27 03:04:07 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 03:04:07 +0200 Subject: [Dovecot] Default fallback behaviour In-Reply-To: <CANYsE-wYxa1hf=Z4Kom5pTWoFji_aqMous9Gty_zBNhynnzkAA@mail.gmail.com> References: <CANYsE-wYxa1hf=Z4Kom5pTWoFji_aqMous9Gty_zBNhynnzkAA@mail.gmail.com> Message-ID: <B4D76870-723B-414E-8DCB-9F4595F5A42F@iki.fi> On 23.11.2012, at 9.46, Nikita Koshikov wrote: > Hello list, > > Here is the problem: > I have few: > passdb { > #1 > } > passdb { > #2 > } > And relative userdb sections. If user not found in 1) section it fallbacks > to next one - it's expected and right, IMHO. But when the user exists in > both section and password verification fails on 1) database it successfully > authenticated on next one. I think this behaviour should be configured. The > main goal of 1) section for this server is to overwrite users in main > (section2) database. It's not always possible to know why #1 failed. For example PAM doesn't always tell if the password was wrong or if the user didn't exist. > Maybe I missed something and this option is already in dovecot code and I > can't find it ? Or if not - will it be added in the future ? I'm not very interested in adding it, especially because it can't be done reliably. From tss at iki.fi Tue Nov 27 03:09:06 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 03:09:06 +0200 Subject: [Dovecot] Folder layout after Cyrus to Dovecot migration In-Reply-To: <20121123115405.5224b630@kae.tiger-computing.wbp> References: <20121116093329.045f4585@kae.tiger-computing.wbp> <20121123115405.5224b630@kae.tiger-computing.wbp> Message-ID: <B5E1E1EB-3B7B-4334-99CE-79E2B5DE5CD2@iki.fi> On 23.11.2012, at 13.54, Keith Edmunds wrote: > Problem: We have some folders (eg, Trash) appearing both as sibling folders > to INBOX and as subfolders to INBOX. We want them only to appear at the > sibling level. You're breaking all the assumptions that IMAP clients can make about mailbox names and namespaces. Bad idea, don't do it. From tss at iki.fi Tue Nov 27 03:17:00 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 03:17:00 +0200 Subject: [Dovecot] Plugin help, number of messages in mailbox In-Reply-To: <E1F02117-7120-4920-9807-4295BD5732A5@tucows.com> References: <E1F02117-7120-4920-9807-4295BD5732A5@tucows.com> Message-ID: <E0CA4C97-9FFB-4497-ADA4-EE35B4818222@iki.fi> On 22.11.2012, at 17.06, Richard Platel wrote: > We use Dovecot for IMAP and POP (but not LDA), we want to do something when a user has an INBOX that becomes empty, or becomes not empty (set a flag in memcached, but that's not really important). > > I'm writing a plugin (for Dovecot 2.1.7). On mailbox_open() I can use mailbox_get_status() to get a count of messages in the mailbox, and then decrement this in expunge() or increment it in mailbox save_finish() (for IMAP APPEND or COPY commands). So all mailbox access goes through Dovecot. Nothing else changes the underlying storage directly? > However in expunge() and mailbox_save_finish, even after calling the super function, mailbox_get_status doesn't update the number of messages in the mailbox. You'll get the updated count only after mailbox_sync_deinit(). > This is a problem if (for example) there are concurrent POP sessions. Two POP sessions could get all the messages in INBOX, one could logout, calling expunge a few times, eventually causing my plugin to note that the inbox is empty, then our LDA could deliver a message, mark the INBOX not empty, then the other POP session could log out, call expunge and cause my plugin to mark the INBOX empty, when it's not. > > > So in summation: how can a plugin be notified of changes to a mailbox, and then accurately get the real number of messages in that mailbox? I think if you hook into sync_deinit() and use a local lock file while you send the notification it would probably be race-free. From tss at iki.fi Tue Nov 27 03:18:03 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 03:18:03 +0200 Subject: [Dovecot] Filesystem quotas In-Reply-To: <50AD10BF.8040500@cs.ucy.ac.cy> References: <50AD10BF.8040500@cs.ucy.ac.cy> Message-ID: <47CD6D34-3EAB-47FB-9B2D-7A29B2BD15C5@iki.fi> On 21.11.2012, at 19.34, Andreas Kasenides wrote: > I could not determine if when using filesystem quotas (http://wiki2.dovecot.org/Quota/FS) > Dovecot will use the reported quota and limits without the need of configuring them > via "quota_rules". Is this possible somehow? Such a feature would determine the quota limits > automatically from the filesystem quotas thereby allowing to make use of them in quota warnings. > Dovecot already knows the quota settings and limits. Here is evidence from the logs > >> Nov 21 19:24:22 iolaos dovecot: imap(user): Debug: box=/Mail/ank mount=/newmail match=yes >> Nov 21 19:24:22 iolaos dovecot: imap(user): Debug: quota-fs: host=xxxx.xxxx.ucy.xx.cy, path=/mail, uid=211, bytes >> Nov 21 19:24:22 iolaos dovecot: imap(user): Debug: quota-fs: uid=211, value=2779115520, limit=8388608000 > I am using (testing) version 2.2alpha1. With fs quota Dovecot itself doesn't enforce any limits, and the limits are read from the filesystem. So quota_rules are ignored. From sven at svenhartge.de Tue Nov 27 03:24:57 2012 From: sven at svenhartge.de (Sven Hartge) Date: Tue, 27 Nov 2012 02:24:57 +0100 Subject: [Dovecot] shared mailboxes and indexes References: <50A61147.5040201@um.es> <14BDCFB7-B11E-4D4A-95AD-5BB92085DB91@iki.fi> <50AF5D9C.7050204@skye.it> <7DEEDB49-0441-4194-911D-6B5E4E5ADCD1@iki.fi> <099qpni2j8v8@mids.svenhartge.de> <4FC65E25-4154-4F8E-A1DB-D4BD7A900A98@iki.fi> Message-ID: <b9a3pg22j8v8@mids.svenhartge.de> Timo Sirainen <tss at iki.fi> wrote: > On 23.11.2012, at 17.53, Sven Hartge wrote: >>>>> BTW. Do you have multiple Dovecot backend servers? Director works >>>>> only when you're not using shared mailboxes.. >> >>> You can't reliably do it if the mailboxes are accessed directly via >>> NFS. The current idea to solve this is to use imapc backend with >>> master users, so the actual mailbox access for each user is always >>> done by only one server. I think someone already managed to >>> configure such a setup. >> >> This was me. >> >> It works (with one minor quirk, more on this later) in my current >> test setup like so: >> >> a) 1 to X user-servers with the users mailboxes on them >> b) 1 shared-server with the shared mailboxes on them > For implementing shared mailboxes between all user servers, I think > what would need to be developed is: >> imapc_host = m-st-sh-01.example.com >> imapc_master_user = %u >> imapc_user = shared > Somehow being able to set "imapc_user = %%u" where %%u expands to the > shared namespace's username. Or maybe setting the imapc_user > automatically to that when accessing it via type=shared namespace. Wouldn't you still need the target users host because this will be dynamic depending on the target user? Gr??e, Sven. -- Sigmentation fault. Core dumped. From tss at iki.fi Tue Nov 27 03:50:38 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 03:50:38 +0200 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <50A8F688.2040802@gei.de> References: <50A8F688.2040802@gei.de> Message-ID: <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> On 18.11.2012, at 16.54, Robert Str?tgen wrote: > Nov 18, 2012 2:59:09 PM org.apache.solr.common.SolrException log > SEVERE: org.apache.solr.common.SolrException: Invalid UTF-8 start byte > 0xfc (at char #25214836, byte #26687495) Annoying. I guess these fix it: http://hg.dovecot.org/dovecot-2.1/rev/172295f5a78b http://hg.dovecot.org/dovecot-2.1/rev/01550514f189 http://hg.dovecot.org/dovecot-2.1/rev/339e654f371e From tss at iki.fi Tue Nov 27 03:53:53 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 03:53:53 +0200 Subject: [Dovecot] fs_flush_file_handle_cache_dir: rmdir(/var/mail) AGAIN In-Reply-To: <50AA3BF3.6060802@mathcs.emory.edu> References: <50AA3BF3.6060802@mathcs.emory.edu> Message-ID: <5D64E8C8-813C-4FD0-8FCE-409DE51EECDC@iki.fi> On 19.11.2012, at 16.02, Ken Mandelberg wrote: > We are running Dovecot 2.0.12. It runs on only one server and /var/mail is local where all the INBOX's are stored. Users other IMAP folders are NFS mounted on the server. > > We see frequent > > Error: nfs_flush_file_handle_cache_dir: rmdir(/var/mail) failed: Device busy > > I know this error message has been around a long time. Should we still be seeing it on 2.0.12 with a local /var/mail. Perhaps the message is misleading and really complaining about folders other than INBOX that are NFS mounted. > > Our config has > > dovecot.conf:mail_nfs_index = no > dovecot.conf:mail_nfs_storage = yes With just one Dovecot server you don't need mail_nfs_storage=yes setting. Just set it to "no" and the error disappears. > Also, does the flush error messages have any real consequences? My understanding is that the rmdir is meant to fail, just to force a flush. Yeah, nothing breaks, just extra logging. From tss at iki.fi Tue Nov 27 03:55:33 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 03:55:33 +0200 Subject: [Dovecot] shared mailboxes and indexes In-Reply-To: <b9a3pg22j8v8@mids.svenhartge.de> References: <50A61147.5040201@um.es> <14BDCFB7-B11E-4D4A-95AD-5BB92085DB91@iki.fi> <50AF5D9C.7050204@skye.it> <7DEEDB49-0441-4194-911D-6B5E4E5ADCD1@iki.fi> <099qpni2j8v8@mids.svenhartge.de> <4FC65E25-4154-4F8E-A1DB-D4BD7A900A98@iki.fi> <b9a3pg22j8v8@mids.svenhartge.de> Message-ID: <2B57036A-34C8-45C2-9479-839BA095450D@iki.fi> On 27.11.2012, at 3.24, Sven Hartge wrote: >> For implementing shared mailboxes between all user servers, I think >> what would need to be developed is: > >>> imapc_host = m-st-sh-01.example.com >>> imapc_master_user = %u >>> imapc_user = shared > >> Somehow being able to set "imapc_user = %%u" where %%u expands to the >> shared namespace's username. Or maybe setting the imapc_user >> automatically to that when accessing it via type=shared namespace. > > Wouldn't you still need the target users host because this will be > dynamic depending on the target user? imapc_host = director Also the database of which users have mailboxes shared to others would need to be something that all the servers can access. Either via NFS or with SQL backend. From tss at iki.fi Tue Nov 27 06:29:24 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 06:29:24 +0200 Subject: [Dovecot] Dovecot director doveadm with switch "-A" error In-Reply-To: <453DDEEC-1372-40D2-ADD5-00F56904C52A@uib.es> References: <453DDEEC-1372-40D2-ADD5-00F56904C52A@uib.es> Message-ID: <B528BA8C-9575-4C3C-B154-F243252B4B6F@iki.fi> On 21.11.2012, at 15.05, Ramon Frontera wrote: > we have a problem with our director proxy configuration. > When we run on proxy server the doveadm command with -A switch, fails with the error: > > # doveadm -D quota get -A > doveadm(user1): Debug: auth input: user=user1 proxy starttls=any-cert > doveadm(user1): Error: Proxy is missing destination host > doveadm: Error: Failed to iterate through some users Well, I fixed various bugs in doveadm code related to this: http://hg.dovecot.org/dovecot-2.1/rev/6f19c535110e http://hg.dovecot.org/dovecot-2.1/rev/275a57b8dc70 http://hg.dovecot.org/dovecot-2.1/rev/0dc3f56e6468 http://hg.dovecot.org/dovecot-2.1/rev/fdc509644d05 But I don't think they fix your specific issue. It looks as if doveadm is connecting to auth process directly instead of director.. Do: strace -s 1000 -o log doveadm quota get -A and send me the log? Note that the log contains the doveadm_password in the base64 strings. From dmiller at amfes.com Tue Nov 27 06:51:04 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Mon, 26 Nov 2012 20:51:04 -0800 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> Message-ID: <assp.1678966eea.50B446B8.6070701@amfes.com> On 11/26/2012 5:50 PM, Timo Sirainen wrote: > On 18.11.2012, at 16.54, Robert Str?tgen wrote: > >> Nov 18, 2012 2:59:09 PM org.apache.solr.common.SolrException log >> SEVERE: org.apache.solr.common.SolrException: Invalid UTF-8 start byte >> 0xfc (at char #25214836, byte #26687495) > Annoying. I guess these fix it: > > http://hg.dovecot.org/dovecot-2.1/rev/172295f5a78b > http://hg.dovecot.org/dovecot-2.1/rev/01550514f189 > http://hg.dovecot.org/dovecot-2.1/rev/339e654f371e > These patches have improved fts for me - but I still have errors like: Nov 26 20:49:29 bubba dovecot: indexer-worker(dmiller at amfes.com): Panic: file solr-connection.c: line 547 (solr_connection_post_more): assertion failed: (maxfd >= 0) Nov 26 20:49:29 bubba dovecot: indexer-worker(dmiller at amfes.com): Error: Raw backtrace: /usr/local/lib/dovecot/libdovecot.so.0(+0x45cea) [0x7f0c66c33cea] -> /usr/local/lib/dovecot/libdovecot.so.0(+0x45d2e) [0x7f0c66c33d2e] -> /usr/local/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f0c66c07d10] -> /usr/local/lib/dovecot/lib21_fts_solr_plugin.so(+0x6de5) [0x7f0c653a6de5] -> /usr/local/lib/dovecot/lib21_fts_solr_plugin.so(+0x3867) [0x7f0c653a3867] -> /usr/local/lib/dovecot/lib20_fts_plugin.so(fts_build_mail+0x53b) [0x7f0c655b2b2b] -> /usr/local/lib/dovecot/lib20_fts_plugin.so(+0xc530) [0x7f0c655b7530] -> dovecot/indexer-worker [dmiller at amfes.com Archives/2010 - 7000/7266]() [0x402326] -> dovecot/indexer-worker [dmiller at amfes.com Archives/2010 - 7000/7266]() [0x4026cc] -> /usr/local/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x36) [0x7f0c66c40b76] -> /usr/local/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xa7) [0x7f0c66c419c7] -> /usr/local/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7f0c66c406b8] -> /usr/local/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f0c66c2c203] -> dovecot/indexer-worker [dmiller at amfes.com Archives/2010 - 7000/7266](main+0x10a) [0x401dfa] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed) [0x7f0c6685276d] -> dovecot/indexer-worker [dmiller at amfes.com Archives/2010 - 7000/7266]() [0x401e9d] The solr log shows: Nov 26, 2012 8:49:29 PM org.apache.solr.common.SolrException log SEVERE: org.apache.solr.common.SolrException: Illegal character ((CTRL-CHAR, code 8)) at [row,col {unknown-source}]: [1011144,197790] -- Daniel From dmiller at amfes.com Tue Nov 27 06:54:56 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Mon, 26 Nov 2012 20:54:56 -0800 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> Message-ID: <assp.16787275b5.50B447A0.3000502@amfes.com> On 11/26/2012 5:50 PM, Timo Sirainen wrote: > On 18.11.2012, at 16.54, Robert Str?tgen wrote: > >> Nov 18, 2012 2:59:09 PM org.apache.solr.common.SolrException log >> SEVERE: org.apache.solr.common.SolrException: Invalid UTF-8 start byte >> 0xfc (at char #25214836, byte #26687495) > Annoying. I guess these fix it: > > http://hg.dovecot.org/dovecot-2.1/rev/172295f5a78b > http://hg.dovecot.org/dovecot-2.1/rev/01550514f189 > http://hg.dovecot.org/dovecot-2.1/rev/339e654f371e > The "waitFlush" option for solr's commit method has been deprecated - and removed completely in the current version. Suggest a change to fts-backend-solr.c: in fts_backend_solr_update_deinit() str = t_strdup_printf("<commit " "waitSearcher=\"%s\"/>", ctx->documents_added ? "true" : "false"); -- Daniel From tss at iki.fi Tue Nov 27 07:50:51 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 07:50:51 +0200 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <assp.1678966eea.50B446B8.6070701@amfes.com> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> <assp.1678966eea.50B446B8.6070701@amfes.com> Message-ID: <4ED5439E-C949-4F63-A01C-15869DA43FBA@iki.fi> On 27.11.2012, at 6.51, Daniel L. Miller wrote: > On 11/26/2012 5:50 PM, Timo Sirainen wrote: >> On 18.11.2012, at 16.54, Robert Str?tgen wrote: >> >>> Nov 18, 2012 2:59:09 PM org.apache.solr.common.SolrException log >>> SEVERE: org.apache.solr.common.SolrException: Invalid UTF-8 start byte >>> 0xfc (at char #25214836, byte #26687495) >> Annoying. I guess these fix it: >> >> http://hg.dovecot.org/dovecot-2.1/rev/172295f5a78b >> http://hg.dovecot.org/dovecot-2.1/rev/01550514f189 >> http://hg.dovecot.org/dovecot-2.1/rev/339e654f371e Ugh. Should have known this was already being done. Reversed the whole thing. > These patches have improved fts for me - but I still have errors like: .. > Nov 26, 2012 8:49:29 PM org.apache.solr.common.SolrException log > SEVERE: org.apache.solr.common.SolrException: Illegal character ((CTRL-CHAR, code 8)) > at [row,col {unknown-source}]: [1011144,197790] Something's wrong. The Solr code was already supposed to catch all of these. From tss at iki.fi Tue Nov 27 08:08:05 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 08:08:05 +0200 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <4ED5439E-C949-4F63-A01C-15869DA43FBA@iki.fi> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> <assp.1678966eea.50B446B8.6070701@amfes.com> <4ED5439E-C949-4F63-A01C-15869DA43FBA@iki.fi> Message-ID: <FD146DEE-48AF-4D3C-B6FB-9C850205A8AC@iki.fi> On 27.11.2012, at 7.50, Timo Sirainen wrote: >> Nov 26, 2012 8:49:29 PM org.apache.solr.common.SolrException log >> SEVERE: org.apache.solr.common.SolrException: Illegal character ((CTRL-CHAR, code 8)) >> at [row,col {unknown-source}]: [1011144,197790] > > Something's wrong. The Solr code was already supposed to catch all of these. http://dovecot.org/tmp/allchars.gz If you send this mail to yourself and index it, does it fail? (Works for me.) From klimenko.n at theitidea.ru Tue Nov 27 08:19:56 2012 From: klimenko.n at theitidea.ru (=?UTF-8?B?0J3QuNC60L7Qu9Cw0Lkg0JrQu9C40LzQtdC90LrQvg==?=) Date: Tue, 27 Nov 2012 10:19:56 +0400 Subject: [Dovecot] Dovecot sieve with postfix. In-Reply-To: <CAKU1PAVGcAMwPPENVoN8t23zhd5xehKQ2tSB-=4SPVOwT3dNEA@mail.gmail.com> References: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> <50AA66A5.4050702@fi4it.de> <50B3C265.5060409@theitidea.ru> <CAKU1PAVGcAMwPPENVoN8t23zhd5xehKQ2tSB-=4SPVOwT3dNEA@mail.gmail.com> Message-ID: <50B45B8C.9010501@theitidea.ru> 1. clear the log 2. Send message 3. show mail.log mail.err you should add following in main.cf dovecot_destination_recipient_limit = 1 27.11.12 1:15, /#!/JoePea ?????: > Hi, thanks for the reply, > What's the difference between dovecot-lda and deliver? Are they the > same? The manpages are identical. I tried both and I also tried adding > the -a ${recipient} argument but there was no change. It still doesn't > work. Any other ideas? > > */#/!//*JoePea > > > On Mon, Nov 26, 2012 at 11:26 AM, ??????? ???????? > <klimenko.n at theitidea.ru <mailto:klimenko.n at theitidea.ru>> wrote: > > may be this is the best way > > > dovecot unix - n n - - pipe > flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f > ${sender} -d ${recipient} -a ${recipient} > > parameter-a $ {recipient} > allow to keep the recipient's address in the headers "from:" > > > 19.11.12 21:04, Fi4IT - Daniel Fischer ?????: > > Hello Joe, > > i use this: > main.cf <http://main.cf> > virtual_transport = dovecot > > master.cf <http://master.cf> > dovecot unix - n n - - pipe > flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f > ${sender} -d ${recipient} > > /etc/dovecot/conf.d/15-lda.conf > protocol lda { > log_path = /var/log/sieve.log > mail_plugins = acl sieve > } > > and that works fine with my tested clients (tb,outlook,roundcube) > > daniel > > Am 19.11.2012 15:17, schrieb /#!/JoePea: > > Hi all, > > I can't get dovecot working with postfix. If I leave > virtual_transport set > to "virtual", I can send and receive messages just fine in > roundcube. If I > set virtual_transport to "dovecot", I can only send > messages in roundcube, > but incoming messages never arrive. Seems I can't get > dovecot-lda to work. > I need dovecot-lda in order for sieve filters to work. > > Any idea what I'm doing wrong? > > Here's `doveconf -n`: > http://pastie.org/5401133 > > `postconf -n`: > http://pastie.org/5401157 > > and `postconf -M`: > http://pastie.org/5401177 > > Note: All I have to do is change virtual_transport = > dovecot to > virtual_transport > = virtual and all will be fine, except for that I won't > have sieve > filtering which is what I really want. > > */#!/*JoePea > > From tss at iki.fi Tue Nov 27 08:39:49 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 08:39:49 +0200 Subject: [Dovecot] memory allocation issues In-Reply-To: <20121126200314.GH62311@corp.sonic.net> References: <20121109004915.GJ70186@corp.sonic.net> <840D1B6B-956A-442C-8550-62EBAD352B73@iki.fi> <20121126200314.GH62311@corp.sonic.net> Message-ID: <6489C384-2930-4AFE-B60D-1A446DADFB95@iki.fi> On 26.11.2012, at 22.03, Kelsey Cummings wrote: >>> auth: Error: malloc: 58012: Cannot allocate memory >>> auth: Error: Unable to allocate memory for mutexes from the region >>> auth: Error: PANIC: Cannot allocate memory >>> auth: passwd(test,1.1.1.1,<8HTlNHzNIQBAjhKC>): unknown user .. >> Memory leak maybe? service auth { vsz_limit } anyway was reached (default 256 MB). > > It is currently set to 768M, I'll go ahead and raise it up to 1G. > Anything I can do to help see if it is a memory leak? Is it really the auth master process that fails? > passdb { > args = imap > driver = pam > } .. > userdb { > driver = passwd > } Both of these lookups should be done by auth-worker processes. So why is it the auth process that complains? Anyway .. if the problem really is auth-worker and this is only a logging problem (I would have expected auth-worker: prefix in log lines), then the solution is simple. Just restart the auth-worker processes every 1000 lookups: service auth-worker { service_count = 1000 } From tss at iki.fi Tue Nov 27 08:45:14 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 08:45:14 +0200 Subject: [Dovecot] memory allocation issues In-Reply-To: <6489C384-2930-4AFE-B60D-1A446DADFB95@iki.fi> References: <20121109004915.GJ70186@corp.sonic.net> <840D1B6B-956A-442C-8550-62EBAD352B73@iki.fi> <20121126200314.GH62311@corp.sonic.net> <6489C384-2930-4AFE-B60D-1A446DADFB95@iki.fi> Message-ID: <DC6AD7F4-163F-4A9E-ADA3-70900E8E1C11@iki.fi> On 27.11.2012, at 8.39, Timo Sirainen wrote: >> userdb { >> driver = passwd >> } > > Both of these lookups should be done by auth-worker processes. So why is it the auth process that complains? Because of a bug in v2.0.16+ :( http://hg.dovecot.org/dovecot-2.1/rev/8e5d9d88e250 As a workaround you can use for existing versions: userdb { driver = passwd args = blocking=yes } From dmalolepszy at optusnet.com.au Tue Nov 27 08:48:23 2012 From: dmalolepszy at optusnet.com.au (Dominic Malolepszy) Date: Tue, 27 Nov 2012 17:48:23 +1100 Subject: [Dovecot] Dovecot IMAP/POP3 auto creating maildir Message-ID: <50B46237.1070204@optusnet.com.au> Hi I have observed that after deleting a mailbox and removing the user from the userdb, immediately accessing the mail account via POP3/IMAP causes Dovecot to auto create an empty mailbox, because the userdb/passdb details are still cached for 10minutes. Is there any option to tell Dovecot POP3/IMAP not to auto create the mailbox if it does not exist? Alternatively and less desirably is there a mechanism for telling Dovecot to expire a userdb/passdb cached entry? Running Dovecot 2.1.9 Dominic From tss at iki.fi Tue Nov 27 09:07:47 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 09:07:47 +0200 Subject: [Dovecot] Dovecot IMAP/POP3 auto creating maildir In-Reply-To: <50B46237.1070204@optusnet.com.au> References: <50B46237.1070204@optusnet.com.au> Message-ID: <50942EFA-4921-4E3D-9161-0D1E92531E44@iki.fi> On 27.11.2012, at 8.48, Dominic Malolepszy wrote: > I have observed that after deleting a mailbox and removing the user from the userdb, immediately accessing the mail account via POP3/IMAP causes Dovecot to auto create an empty mailbox, because the userdb/passdb details are still cached for 10minutes. Is there any option to tell Dovecot POP3/IMAP not to auto create the mailbox if it does not exist? Change the parent directory permissions so that the mkdir() fails. > Alternatively and less desirably is there a mechanism for telling Dovecot to expire a userdb/passdb cached entry? v2.1.9+ has: doveadm auth cache flush user at domain From tss at iki.fi Tue Nov 27 09:11:07 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 09:11:07 +0200 Subject: [Dovecot] Feature request: add information to error message: client doesn't have lookup permissions for this user: userdb reply doesn't contain uid (change userdb socket permissions) In-Reply-To: <alpine.DEB.2.02.1211021622060.8405@pc-2m63nn> References: <alpine.DEB.2.02.1211021622060.8405@pc-2m63nn> Message-ID: <0BA25BE4-76C4-41BA-85CC-57FE896AB555@iki.fi> On 2.11.2012, at 17.55, Steffen Kaiser wrote: > Please add the information to this error, which socket has the problem and which uid access is and what is expected. > > For instance, when the quota dict request fails, because of permission problems, you get a very detailed info about the current problem. And, further more, hints to solve it. > > BTW: I'm trying to configure shared mailboxes for a virtual user system, when one user with ACLs on other mailboxes requests a LIST, I get this error. In my case, I solved the problem by chmod u+x auth-userdb . http://hg.dovecot.org/dovecot-2.1/rev/c811aab61355 ? From tss at iki.fi Tue Nov 27 09:18:53 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 09:18:53 +0200 Subject: [Dovecot] imap-login hanging when firewall blocks ssl handshaking In-Reply-To: <AED7EBF0-A31F-4171-88DC-F07463A9E0B1@usc.edu> References: <B7D3B051-AEFD-42CD-87DC-60764AF401D4@usc.edu> <8EDD59BD-AC4B-442F-B148-285BC368B49B@iki.fi> <AED7EBF0-A31F-4171-88DC-F07463A9E0B1@usc.edu> Message-ID: <1354000733.2844.25.camel@innu> Could you try with the attached patch, and with only the problematic client running? What does it log (the beginning of the session until it starts repeating the same lines)? On Sat, 2012-11-24 at 00:16 -0800, Erik A Johnson wrote: > Thanks, Timo. Nope, still an infinite loop. Anything I can try using gdb to trace? > > > On Nov 22, 2012, at 10:52 PM, Timo Sirainen <tss at iki.fi> wrote: > > > On 10.11.2012, at 12.44, Erik A Johnson wrote: > > > >> imap-login processes are hanging (using 100% of CPU) when connected from a client that is partially blocked by a firewall. It appears that imap-login is stuck in a loop trying to complete an ssl handshake. imap-login is working fine for other clients not blocked by the firewall (including localhost). > >> > >> This is dovecot 2.1.10 under Mac OS X 10.8.2 (compiled from sources); the firewall is Little Snitch 3.0.1 blocking port 993, which appears to let the connection initiate but then squashes and disconnects the socket during ssl handshaking. > >> > >> gdb backtrace and Activity Monitor's "Sample Process" show that imap-login is stuck calling ioloop-kqueue's io_loop_handler_run -> io_loop_call_io -> ssl_step repeatedly; dtruss shows that it is repeatedly making system calls to kevent and read, the latter returning -1 with errno 57=ENOTCONN="Socket is not connected". (I also tried ./configure --with-ioloop=poll and --with-iopoll=select instead of the default best = kqueue but the results were the same; --with-iopoll=epoll didn't work because epoll is not available on this machine.) The client, initiated by the command "openssl s_client -connect SERVER:993", first responds "CONNECTED(00000003)" but then immediately the error "60278:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:/SourceCache/OpenSSL098/OpenSSL098-44/src/ssl/s23_lib.c:182:". The infinite loop is in src/lib/ioloop.c in the function "io_loop_run" where the statement "while (ioloop->running) io_loop_handler_run(ioloop)" is executed. > > > > I wonder if this fixes it? http://hg.dovecot.org/dovecot-2.1/rev/e95479f439aa > > > -------------- next part -------------- A non-text attachment was scrubbed... Name: diff Type: text/x-patch Size: 1876 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121127/5e11a288/attachment-0004.bin> From koshikov at gmail.com Tue Nov 27 09:37:51 2012 From: koshikov at gmail.com (Nikita Koshikov) Date: Tue, 27 Nov 2012 09:37:51 +0200 Subject: [Dovecot] Default fallback behaviour In-Reply-To: <B4D76870-723B-414E-8DCB-9F4595F5A42F@iki.fi> References: <CANYsE-wYxa1hf=Z4Kom5pTWoFji_aqMous9Gty_zBNhynnzkAA@mail.gmail.com> <B4D76870-723B-414E-8DCB-9F4595F5A42F@iki.fi> Message-ID: <CANYsE-yb59rWePexi-U0foG0xMB13FWGru5awwnBk_7hVz5gDQ@mail.gmail.com> On Tue, Nov 27, 2012 at 3:04 AM, Timo Sirainen <tss at iki.fi> wrote: > On 23.11.2012, at 9.46, Nikita Koshikov wrote: > > > Hello list, > > > > Here is the problem: > > I have few: > > passdb { > > #1 > > } > > passdb { > > #2 > > } > > And relative userdb sections. If user not found in 1) section it > fallbacks > > to next one - it's expected and right, IMHO. But when the user exists in > > both section and password verification fails on 1) database it > successfully > > authenticated on next one. I think this behaviour should be configured. > The > > main goal of 1) section for this server is to overwrite users in main > > (section2) database. > > It's not always possible to know why #1 failed. For example PAM doesn't > always tell if the password was wrong or if the user didn't exist. > > > Maybe I missed something and this option is already in dovecot code and I > > can't find it ? Or if not - will it be added in the future ? > > > I'm not very interested in adding it, especially because it can't be done > reliably. > > Thank's for the anwer. It's a pity to hear, because it's security feature I need to provide. The problem - that main passdb - is ldap and there are about - 5-7 people who can edit it and simply to login as different users. Yes, activity is logged - but mailbox can be read\stolen. The main goal for passwd-file database is to revrite ldap very critical mailboxes to local file. It can be edited only but 1 person - it is nativly to trust 1, but not to 7. From tss at iki.fi Tue Nov 27 09:42:50 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 09:42:50 +0200 Subject: [Dovecot] Default fallback behaviour In-Reply-To: <CANYsE-yb59rWePexi-U0foG0xMB13FWGru5awwnBk_7hVz5gDQ@mail.gmail.com> References: <CANYsE-wYxa1hf=Z4Kom5pTWoFji_aqMous9Gty_zBNhynnzkAA@mail.gmail.com> <B4D76870-723B-414E-8DCB-9F4595F5A42F@iki.fi> <CANYsE-yb59rWePexi-U0foG0xMB13FWGru5awwnBk_7hVz5gDQ@mail.gmail.com> Message-ID: <5E10AA5C-DF78-4F87-B9E2-EA69E4A94C3C@iki.fi> On 27.11.2012, at 9.37, Nikita Koshikov wrote: >>> Here is the problem: >>> I have few: >>> passdb { >>> #1 >>> } >>> passdb { >>> #2 >>> } >>> And relative userdb sections. If user not found in 1) section it >> fallbacks >>> to next one - it's expected and right, IMHO. But when the user exists in >>> both section and password verification fails on 1) database it >> successfully >>> authenticated on next one. I think this behaviour should be configured. >> The >>> main goal of 1) section for this server is to overwrite users in main >>> (section2) database. >> > Thank's for the anwer. It's a pity to hear, because it's security feature I > need to provide. The problem - that main passdb - is ldap and there are > about - 5-7 people who can edit it and simply to login as different users. > Yes, activity is logged - but mailbox can be read\stolen. The main goal for > passwd-file database is to revrite ldap very critical mailboxes to local > file. It can be edited only but 1 person - it is nativly to trust 1, but > not to 7. Try if a modified version of Alessio's suggestion works: passdb { driver = passwd-file args = /etc/passwd.important } passdb { driver = passwd-file args = /etc/passwd.important deny = yes } passdb { driver = ldap } From tss at iki.fi Tue Nov 27 10:42:03 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 10:42:03 +0200 Subject: [Dovecot] Rebuilding indexes fails on inconsistent mdbox In-Reply-To: <20121109161845.503766441fbb2a1df97d7220@mjh.name> References: <20121024132811.7cf18fdf7343b4dd961b2858@mjh.name> <394FADB5-4E6C-4179-BF30-244390964FA4@iki.fi> <20121109161845.503766441fbb2a1df97d7220@mjh.name> Message-ID: <EB83079A-E6DB-44B0-B436-359AC455EAD8@iki.fi> On 9.11.2012, at 17.18, Milan Holz?pfel wrote: >>> Oct 24 10:45:19 two dovecot: imap(listen at mjh.name): Panic: file mdbox-storage-rebuild.c: line 773 (rebuild_update_refcounts): assertion failed: (map_uid < msgs[i]->map_uid) Finally looked into this and fixed: http://hg.dovecot.org/dovecot-2.1/rev/8770940057b9 From tss at iki.fi Tue Nov 27 10:53:35 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 10:53:35 +0200 Subject: [Dovecot] v2.1.11 soon Message-ID: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> Just to let you know: I'm planning on releasing v2.1.11 today/tomorrow. If you wish to get something fixed for it, ask quickly. :) From skdovecot at smail.inf.fh-brs.de Tue Nov 27 12:01:50 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Tue, 27 Nov 2012 11:01:50 +0100 (CET) Subject: [Dovecot] Feature request: add information to error message: client doesn't have lookup permissions for this user: userdb reply doesn't contain uid (change userdb socket permissions) In-Reply-To: <0BA25BE4-76C4-41BA-85CC-57FE896AB555@iki.fi> References: <alpine.DEB.2.02.1211021622060.8405@pc-2m63nn> <0BA25BE4-76C4-41BA-85CC-57FE896AB555@iki.fi> Message-ID: <alpine.DEB.1.10.1211271100160.6954@pc-2m63a.inf.fh-bonn-rhein-sieg.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 27 Nov 2012, Timo Sirainen wrote: > On 2.11.2012, at 17.55, Steffen Kaiser wrote: > >> Please add the information to this error, which socket has the problem >> and which uid access is and what is expected. >> >> For instance, when the quota dict request fails, because of permission >> problems, you get a very detailed info about the current problem. And, >> further more, hints to solve it. > > http://hg.dovecot.org/dovecot-2.1/rev/c811aab61355 ? Many thanks ! - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBULSPj2oxLS8a3A9mAQJTYggAq8OJPR4wZMUalZeuMAjLQAeb7pWTEK5k w5HeamqZH6rjVq5wk7ln2dFsPQm4+RZPtohenMh8sYChvg2YJLulTp0/I0lra2k2 9CU8kO9YgnUL5yZnnixMOJuZG7mze8DlcmH8lmsf7hg2P8YD2WE0S1F9ro3UquCW Y7b8oVU1j2k8n05QD1tu8TwFuxPWRdlCHg3C1J1KLhl0xH7nAdHk3WItE73a5vZ7 9gEDfInnM0UAhBzRb0QxV/6i4s03hv7k8f15MxN5dqIrqKfhVrmWXDmpG5SGr0dz 83CioJo/KZGnJufTqGnrA3iMvovhoPdkw9QToVHcbbaDhaZohK/G7A== =TPv5 -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Tue Nov 27 12:13:37 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Tue, 27 Nov 2012 11:13:37 +0100 (CET) Subject: [Dovecot] lmtp_rcpt_check_quota working somewhere? In-Reply-To: <19E4CB4D-7961-49A2-84CD-D0370A0B364A@iki.fi> References: <alpine.DEB.2.02.1211261658550.3077@pc-2m63nn> <19E4CB4D-7961-49A2-84CD-D0370A0B364A@iki.fi> Message-ID: <alpine.DEB.1.10.1211271111050.6954@pc-2m63a.inf.fh-bonn-rhein-sieg.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 27 Nov 2012, Timo Sirainen wrote: > On 26.11.2012, at 18.07, Steffen Kaiser wrote: > >> I'm running Dovecot v2.1 and enabled the >> >> lmtp_rcpt_check_quota >> >> option in conf.d/20-lmtp.conf, because I just found it in the sample config. >> >> When I have the option enabled, I get _no_ response in the RCPT TO phase, if the user is under quota. If I go on and enter the DATA keyword eventually, I get "554 5.5.1 No valid recipients", so it looks like, the user is really ignored at all. > > Fixed: http://hg.dovecot.org/dovecot-2.1/rev/bebe54e1d640 That seems to fix the problem. Works with single and multiple recipients. Thanks, - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBULSSUWoxLS8a3A9mAQLCJgf/apcvh+4WAYQEPciD4UNAAKmRO04naVxZ 6y/Ik/jGfbtmwEHG+k6n9anIIuVwivfs0G7qugN5Drw3rQC//FEMlfpmtIFf7wBg vS5nvb5m58i6QFTxBzZWbJ11CE5YIN4wG23OzegvvA7xDp6tQmZDNDJUhjQMfnfW Cs4wOnFj5ZTkX9M+GURXiLJfQCBvqOCktuuocoSo3iJaiDwyhcrKSnqTmeJ474UC 5ZRT6AOjvnaHzYYHXyIFu2Th3fNR0qiurQFub//INCwKNqiDCAa+xFSMIkYaDidS cFQjAMo/dFS+meEi1h8/S0HwDbO1KjZ6f+05oFB4B3EaA13ubHUPbA== =Avwv -----END PGP SIGNATURE----- From noel.butler at ausics.net Tue Nov 27 14:19:27 2012 From: noel.butler at ausics.net (Noel Butler) Date: Tue, 27 Nov 2012 22:19:27 +1000 Subject: [Dovecot] v2.1.11 soon In-Reply-To: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> References: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> Message-ID: <1354018767.25506.25.camel@tardis> On Tue, 2012-11-27 at 10:53 +0200, Timo Sirainen wrote: > Just to let you know: I'm planning on releasing v2.1.11 today/tomorrow. If you wish to get something fixed for it, ask quickly. :) > hah, but u won t do it... -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20121127/7e2120c3/attachment-0004.bin> From pw at wk-serv.de Tue Nov 27 14:22:57 2012 From: pw at wk-serv.de (Patrick Westenberg) Date: Tue, 27 Nov 2012 13:22:57 +0100 Subject: [Dovecot] v2.1.11 soon In-Reply-To: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> References: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> Message-ID: <50B4B0A1.4060906@wk-serv.de> Timo Sirainen schrieb: > Just to let you know: I'm planning on releasing v2.1.11 today/tomorrow. If you wish to get something fixed for it, ask quickly. :) Backend-Failover would be nice ;-) From ramon.frontera at uib.es Tue Nov 27 14:27:25 2012 From: ramon.frontera at uib.es (Ramon Frontera) Date: Tue, 27 Nov 2012 13:27:25 +0100 Subject: [Dovecot] Dovecot director doveadm with switch "-A" error In-Reply-To: <B528BA8C-9575-4C3C-B154-F243252B4B6F@iki.fi> References: <453DDEEC-1372-40D2-ADD5-00F56904C52A@uib.es> <B528BA8C-9575-4C3C-B154-F243252B4B6F@iki.fi> Message-ID: <8874EC16-C9A2-4689-91E6-71453FF6ED65@uib.es> Hi, I send you attached the command's output. -------------- next part -------------- A non-text attachment was scrubbed... Name: dovelog.zip Type: application/zip Size: 16759 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121127/d0784542/attachment-0004.zip> -------------- next part -------------- Thanks! -- ------------------------------------------ Ramon Frontera Gallardo Centre de Tecnologies de la Informaci? Universitat de les Illes Balears Ctra. Valldemossa km 7,5 07122 Palma de Mallorca El 27/11/2012, a las 05:29, Timo Sirainen escribi?: > On 21.11.2012, at 15.05, Ramon Frontera wrote: > >> we have a problem with our director proxy configuration. >> When we run on proxy server the doveadm command with -A switch, fails with the error: >> >> # doveadm -D quota get -A >> doveadm(user1): Debug: auth input: user=user1 proxy starttls=any-cert >> doveadm(user1): Error: Proxy is missing destination host >> doveadm: Error: Failed to iterate through some users > > Well, I fixed various bugs in doveadm code related to this: > > http://hg.dovecot.org/dovecot-2.1/rev/6f19c535110e > http://hg.dovecot.org/dovecot-2.1/rev/275a57b8dc70 > http://hg.dovecot.org/dovecot-2.1/rev/0dc3f56e6468 > http://hg.dovecot.org/dovecot-2.1/rev/fdc509644d05 > > But I don't think they fix your specific issue. It looks as if doveadm is connecting to auth process directly instead of director.. Do: > > strace -s 1000 -o log doveadm quota get -A > > and send me the log? Note that the log contains the doveadm_password in the base64 strings. > > From raabe at froglogic.com Tue Nov 27 14:53:37 2012 From: raabe at froglogic.com (Frerich Raabe) Date: Tue, 27 Nov 2012 13:53:37 +0100 Subject: [Dovecot] Cannot STORE \Seen flag on some mails Message-ID: <50B4B7D1.5080204@froglogic.com> Hi, I'm running Dovecot 1.2.17 on FreeBSD (exact output of 'dovecot -n' is atttached to this mail). The machine is serving a public mailinglist archive which is read-only; all mail arriving for the archive is marked as \Seen using Sieve script. This setup works well most of the time, but I noticed that for *some* mails, the \Seen flag doesn't seem to be stored. Right now I have 31255 mails in one of my folders and I can't seem to mark five of them as \Seen - the others work just fine. I first suspected a client issue so I did a little IMAP session by hand: * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready. . LOGIN "xxxxxx" "yyyyyy" . OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT IDLE CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS ACL RIGHTS=texk] Logged in . SELECT "Lists/Archive/squish" * FLAGS (\Answered \Flagged \Deleted \Seen \Draft $NotJunk) * OK [PERMANENTFLAGS ()] Read-only mailbox. * 31250 EXISTS * 0 RECENT * OK [UNSEEN 27126] First unseen. * OK [UIDVALIDITY 1350573750] UIDs valid * OK [UIDNEXT 31265] Predicted next UID * OK [HIGHESTMODSEQ 9512] Highest . OK [READ-ONLY] Select completed. . SEARCH UNSEEN * SEARCH 27126 27127 28484 29835 29838 . OK Search completed (0.000 secs). . STORE 27126 FLAGS \SEEN . OK Store completed. . SEARCH UNSEEN * SEARCH 27126 27127 28484 29835 29838 . OK Search completed (0.000 secs). . LOGOUT * BYE Logging out . OK Logout completed. Note how the first 'SEARCH UNSEEN' command shows that '27126' is unseen, the subsequent 'STORE' command succeeds - but then 'SEARCH UNSEEN' still shows 27126 as unseen! I have all four logging levels being piped to /var/log/maillog (I verified this by running dovecot --log-error) but the file does not show any problems. I checked the file permissions of the Maildir directories, and it all looks dandy to me. Does anybody have some suggestions how to debug this further, or what the reason for this may be? -- Frerich Raabe - raabe at froglogic.com www.froglogic.com - Multi-Platform GUI Testing -------------- next part -------------- # 1.2.17: /usr/local/etc/dovecot.conf # OS: FreeBSD 9.0-RELEASE i386 protocols: imap imaps managesieve listen(default): * listen(imap): * listen(managesieve): *:2000 *:4190 disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable(default): /usr/local/libexec/dovecot/imap-login login_executable(imap): /usr/local/libexec/dovecot/imap-login login_executable(managesieve): /usr/local/libexec/dovecot/managesieve-login verbose_proctitle: yes first_valid_uid: 1000 first_valid_gid: 1000 mail_privileged_group: mail mail_location: maildir:~/Maildir mail_executable(default): /usr/local/libexec/dovecot/imap mail_executable(imap): /usr/local/libexec/dovecot/imap mail_executable(managesieve): /usr/local/libexec/dovecot/managesieve mail_process_size: 512 mail_plugins(default): acl imap_acl fts fts_squat mail_plugins(imap): acl imap_acl fts fts_squat mail_plugins(managesieve): mail_plugin_dir(default): /usr/local/lib/dovecot/imap mail_plugin_dir(imap): /usr/local/lib/dovecot/imap mail_plugin_dir(managesieve): /usr/local/lib/dovecot/managesieve imap_client_workarounds(default): delay-newmail netscape-eoh tb-extra-mailbox-sep imap_client_workarounds(imap): delay-newmail netscape-eoh tb-extra-mailbox-sep imap_client_workarounds(managesieve): namespace: type: private separator: / inbox: yes list: yes subscriptions: yes namespace: type: public separator: / prefix: Lists/ location: maildir:/home/vmail/lists/Maildir:CONTROL=~/Maildir/lists:INDEX=~/Maildir/lists list: yes namespace: type: public separator: / prefix: Lists/Archive/ location: maildir:/home/vmail/lists/archive/Maildir list: yes lda: postmaster_address: postmaster at imap2.froglogic.com mail_plugins: sieve acl sendmail_path: /usr/sbin/sendmail auth default: mechanisms: plain login username_format: %Lu passdb: driver: pam args: session=yes dovecot passdb: driver: ldap args: /usr/local/etc/dovecot-ldap.conf userdb: driver: passwd-file args: username_format=%n /usr/local/etc/dovecot-pseudo-users.passwd userdb: driver: ldap args: /usr/local/etc/dovecot-ldap.conf plugin: acl: vfile sieve_before: /usr/local/etc/keep-broadcast-mail.sieve fts: squat fts_squat: partial=4 full=4 From raabe at froglogic.com Tue Nov 27 15:06:19 2012 From: raabe at froglogic.com (Frerich Raabe) Date: Tue, 27 Nov 2012 14:06:19 +0100 Subject: [Dovecot] Cannot STORE \Seen flag on some mails In-Reply-To: <50B4B7D1.5080204@froglogic.com> References: <50B4B7D1.5080204@froglogic.com> Message-ID: <50B4BACB.3020207@froglogic.com> Am 11/27/2012 1:53 PM, schrieb Frerich Raabe: > I first suspected a client issue so I did a little IMAP session by hand: [..] > Note how the first 'SEARCH UNSEEN' command shows that '27126' is unseen, > the subsequent 'STORE' command succeeds - but then 'SEARCH UNSEEN' still > shows 27126 as unseen! Sorry, I only now realized that my IMAP session wasn't very useful since the dovecot-acl file didn't allow my user to modify the \Seen flag (it only allowed it for the user which runs the Sieve script filing the mail into the archive [and marking it as seen]) in the first place. If I relax the ACL, I can mark the mail as seen myself. I guess that means the question is - why didn't the sieve_before manage to set the flag in all cases. -- Frerich Raabe - raabe at froglogic.com www.froglogic.com - Multi-Platform GUI Testing From koshikov at gmail.com Tue Nov 27 15:26:22 2012 From: koshikov at gmail.com (Nikita Koshikov) Date: Tue, 27 Nov 2012 15:26:22 +0200 Subject: [Dovecot] Default fallback behaviour In-Reply-To: <5E10AA5C-DF78-4F87-B9E2-EA69E4A94C3C@iki.fi> References: <CANYsE-wYxa1hf=Z4Kom5pTWoFji_aqMous9Gty_zBNhynnzkAA@mail.gmail.com> <B4D76870-723B-414E-8DCB-9F4595F5A42F@iki.fi> <CANYsE-yb59rWePexi-U0foG0xMB13FWGru5awwnBk_7hVz5gDQ@mail.gmail.com> <5E10AA5C-DF78-4F87-B9E2-EA69E4A94C3C@iki.fi> Message-ID: <CANYsE-yco7OxvQco_nk1wBsCnDb7gJMTpZoo0dnSC6D40OHWbQ@mail.gmail.com> Yes, thanks a lot - this config is working as expected. From petsy12 at lavabit.com Tue Nov 27 15:32:33 2012 From: petsy12 at lavabit.com (petsy12 at lavabit.com) Date: Tue, 27 Nov 2012 08:32:33 -0500 (EST) Subject: [Dovecot] IMAP over SSL Message-ID: <22331.77.247.181.164.1354023153.squirrel@lavabit.com> Hello. I've never tried Dovecot. Here is my attempt to enable IMAP over SSL on port 993. (BTW, I don't want to use port 143 at all.) # dovecot -n log_timestamp: %Y-%m-%d %H:%M:%S protocols: imaps listen: *:143,[::]:143 ssl_listen: *:993,[::]:993 ssl: required ssl_cert_file: /etc/dovecot/keycert.pem ssl_key_file: /etc/dovecot/keycert.pem ssl_cipher_list: TLSv1+HIGH:!SSLv2:!aNULL:!eNULL:!NULL:@STRENGTH login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/imap-login mail_privileged_group: mail mail_location: maildir:~/Maildir mbox_write_locks: fcntl dotlock auth default: passdb: driver: pam userdb: driver: passwd 1. Here is a snippet from dovecot.conf. Is it correct? Should I change something? (Note that I don't want to enable IMAP on port 143.) protocols = imaps protocol imap { listen = *:143,[::]:143 ssl_listen = *:993,[::]:993 } disable_plaintext_auth = yes ssl_listen = *:993,[::]:933 ssl = required ssl_cert_file = /etc/dovecot/keycert.pem ssl_key_file = /etc/dovecot/keycert.pem ssl_cipher_list = TLSv1+HIGH:!SSLv2:!aNULL:!eNULL:!NULL:@STRENGTH 2. I don't understand the syntax connected with auth. What auth options are enabled by default? dovecot.conf: No sections (e.g. namespace {}) or plugin settings are added by default, they're listed only as examples. Does it mean that passdb pam will use defaults (e.g. session=yes, setrcred=yes)? passdb pam { # [session=yes] [setcred=yes] [failure_show_msg=yes] [max_requests=<n>] # [cache_key=<key>] [<service name>] # # session=yes makes Dovecot open and immediately close PAM session. Some # PAM plugins need this to work, such as pam_mkhomedir. # # setcred=yes makes Dovecot establish PAM credentials if some PAM plugins # need that. They aren't ever deleted though, so this isn't enabled by # default. # # max_requests specifies how many PAM lookups to do in one process before # recreating the process. The default is 100, because many PAM plugins # leak memory. # # cache_key can be used to enable authentication caching for PAM # (auth_cache_size also needs to be set). It isn't enabled by default # because PAM modules can do all kinds of checks besides checking password, # such as checking IP address. Dovecot can't know about these checks # without some help. cache_key is simply a list of variables (see # /usr/share/doc/dovecot-common/wiki/Variables.txt) which must match # for the cached data to be used. # Here are some examples: # %u - Username must match. Probably sufficient for most uses. # %u%r - Username and remote IP address must match. # %u%s - Username and service (ie. IMAP, POP3) must match. # # The service name can contain variables, for example %Ls expands to # pop3 or imap. # # Some examples: # args = session=yes %Ls # args = cache_key=%u dovecot #args = dovecot } 3. Here is the output of `openssl s_client -tls1 -connect mail.example.com:993`. Is it OK? [snip] New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA Server public key is 2048 bit Secure Renegotiation IS supported Compression: zlib compression Expansion: zlib compression [snip] Verify return code: 18 (self signed certificate) --- * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE AUTH=PLAIN] Dovecot ready. Also, where can I read about these options? Any comments are appreciated. From CMarcus at Media-Brokers.com Tue Nov 27 17:23:45 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Tue, 27 Nov 2012 10:23:45 -0500 Subject: [Dovecot] IMAP over SSL In-Reply-To: <22331.77.247.181.164.1354023153.squirrel@lavabit.com> References: <22331.77.247.181.164.1354023153.squirrel@lavabit.com> Message-ID: <50B4DB01.7090705@Media-Brokers.com> On 2012-11-27 8:32 AM, petsy12 at lavabit.com <petsy12 at lavabit.com> wrote: > I've never tried Dovecot. Here is my attempt to enable IMAP over SSL > on port 993. (BTW, I don't want to use port 143 at all.) > > # dovecot -n > > log_timestamp: %Y-%m-%d %H:%M:%S > protocols: imaps Please don't trim the doveconf -n output... It shows the version of dovecot (so no one has to ask)... -- Best regards, Charles From dmiller at amfes.com Tue Nov 27 17:28:37 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Tue, 27 Nov 2012 07:28:37 -0800 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <FD146DEE-48AF-4D3C-B6FB-9C850205A8AC@iki.fi> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> <assp.1678966eea.50B446B8.6070701@amfes.com> <4ED5439E-C949-4F63-A01C-15869DA43FBA@iki.fi> <FD146DEE-48AF-4D3C-B6FB-9C850205A8AC@iki.fi> Message-ID: <assp.0678bad85b.50B4DC25.1000700@amfes.com> On 11/26/2012 10:08 PM, Timo Sirainen wrote: > On 27.11.2012, at 7.50, Timo Sirainen wrote: > >>> Nov 26, 2012 8:49:29 PM org.apache.solr.common.SolrException log >>> SEVERE: org.apache.solr.common.SolrException: Illegal character ((CTRL-CHAR, code 8)) >>> at [row,col {unknown-source}]: [1011144,197790] >> Something's wrong. The Solr code was already supposed to catch all of these. > http://dovecot.org/tmp/allchars.gz > > If you send this mail to yourself and index it, does it fail? (Works for me.) > I think it works - I tried sending it as an attachment (unzipped) and then with a command of "sendmail -t dmiller at amfes.com < allchars" - I don't know how else to do it. Following that by a "doveadm search -u dmiller at amfes.com mailbox INBOX text test" indexed a couple new messages, including I assume these, without errors. Some of my other mailboxes continue to break. I know you've got a filter that strips out control characters prior to sending to solr - so I'm left to assume: 1. solr is breaking on its own 2. I have a hardware problem that is corrupting memory (possible, but this server is using ECC, so I don't think so). 3. Somehow in the communication with solr, control characters are being introduced. Perhaps it's a maximum length or buffer issue? 4. Could it be attachment related? 5. Could it be zlib related - as in compressed mail, or a mix of compressed & uncompressed mail, being processed? -- Daniel From dmiller at amfes.com Tue Nov 27 17:38:10 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Tue, 27 Nov 2012 07:38:10 -0800 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <50B4DC25.1000700@amfes.com> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> <50B446B8.6070701@amfes.com> <4ED5439E-C949-4F63-A01C-15869DA43FBA@iki.fi> <FD146DEE-48AF-4D3C-B6FB-9C850205A8AC@iki.fi> <50B4DC25.1000700@amfes.com> Message-ID: <assp.067872074e.50B4DE62.4070403@amfes.com> On 11/27/2012 7:28 AM, Daniel L. Miller wrote: > On 11/26/2012 10:08 PM, Timo Sirainen wrote: >> On 27.11.2012, at 7.50, Timo Sirainen wrote: >> >>>> Nov 26, 2012 8:49:29 PM org.apache.solr.common.SolrException log >>>> SEVERE: org.apache.solr.common.SolrException: Illegal character >>>> ((CTRL-CHAR, code 8)) >>>> at [row,col {unknown-source}]: [1011144,197790] >>> Something's wrong. The Solr code was already supposed to catch all >>> of these. >> I was taking a brief scan of the code - and as usual I'm probably wrong - but I believe the protection comes from the xml_encode functions. Could it be that there are some solr writes that don't go through that function - because it is assumed that the data in question doesn't need that processing? Like mailbox names, field names, or uids - that SHOULDN'T have any garbage but maybe something is creeping in? -- Daniel From tss at iki.fi Tue Nov 27 23:07:53 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 27 Nov 2012 23:07:53 +0200 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <assp.067872074e.50B4DE62.4070403@amfes.com> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> <50B446B8.6070701@amfes.com> <4ED5439E-C949-4F63-A01C-15869DA43FBA@iki.fi> <FD146DEE-48AF-4D3C-B6FB-9C850205A8AC@iki.fi> <50B4DC25.1000700@amfes.com> <assp.067872074e.50B4DE62.4070403@amfes.com> Message-ID: <45DDC47A-3170-4370-8202-03DBCF91581A@iki.fi> On 27.11.2012, at 17.38, Daniel L. Miller wrote: > On 11/27/2012 7:28 AM, Daniel L. Miller wrote: >> On 11/26/2012 10:08 PM, Timo Sirainen wrote: >>> On 27.11.2012, at 7.50, Timo Sirainen wrote: >>> >>>>> Nov 26, 2012 8:49:29 PM org.apache.solr.common.SolrException log >>>>> SEVERE: org.apache.solr.common.SolrException: Illegal character ((CTRL-CHAR, code 8)) >>>>> at [row,col {unknown-source}]: [1011144,197790] >>>> Something's wrong. The Solr code was already supposed to catch all of these. >>> > > I was taking a brief scan of the code - and as usual I'm probably wrong - but I believe the protection comes from the xml_encode functions. Could it be that there are some solr writes that don't go through that function - because it is assumed that the data in question doesn't need that processing? Like mailbox names, field names, or uids - that SHOULDN'T have any garbage but maybe something is creeping in? I did go through the code looking for that a few times already but didn't notice anything. I went through it once more, and finally found the problem. :) http://hg.dovecot.org/dovecot-2.1/rev/6a97faf3e500 From daniel.parthey at informatik.tu-chemnitz.de Tue Nov 27 23:47:49 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Tue, 27 Nov 2012 22:47:49 +0100 Subject: [Dovecot] v2.1.11 soon In-Reply-To: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> References: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> Message-ID: <20121127214749.GA11546@daniel.localdomain> Timo Sirainen wrote: > Just to let you know: I'm planning on releasing v2.1.11 today/tomorrow. If you wish to get something fixed for it, ask quickly. :) Can you fix these strange stats plugin errors please? These are the only errors regularly occurring in our 2.1.10 logs: Nov 27 08:06:54 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 429 < 622 Nov 27 08:07:06 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 436 < 622 Nov 27 08:07:36 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 443 < 622 Nov 27 08:07:51 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 455 < 622 Nov 27 08:08:21 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 474 < 622 Nov 27 08:08:51 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 477 < 622 Nov 27 08:09:21 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 477 < 622 Nov 27 08:14:21 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 477 < 622 Nov 27 08:19:21 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 477 < 622 Nov 27 16:18:44 10.129.3.213 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mrcount 11 < 13 Nov 27 16:24:20 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 1 < 2 These messages occur after imap/pop3 logouts. Only dovecot.conf attached (director does not produce these errors). Thanks a lot, Daniel -- https://plus.google.com/103021802792276734820 -------------- next part -------------- # 2.1.10: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-44-server x86_64 Ubuntu 10.04.4 LTS auth_cache_negative_ttl = 0 auth_cache_size = 10 M auth_cache_ttl = 1 mins auth_verbose = yes auth_verbose_passwords = sha1 deliver_log_format = mailbox: deliver: session=<%{session}> msgid=%m from=%f: %$ dict { quota = mysql:/etc/dovecot/conf.d/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no doveadm_password = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx imapc_features = rfc822.size imapc_host = local-mailbox imapc_port = 18143 instance_name = dovecot-mailbox lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes login_greeting = Mailbox login_log_format = mailbox: login: %$: %s login_trusted_networks = 10.129.3.0/24 mail_debug = yes mail_fsync = always mail_gid = vmail mail_home = /mail/dovecot/%d/%n mail_location = mdbox:~/mail mail_log_prefix = "mailbox: mail: %s(%u): <%{session}>: " mail_plugins = quota stats mail_privileged_group = vmail mail_uid = vmail managesieve_implementation_string = Sieve managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mdbox_rotate_interval = 1 weeks mdbox_rotate_size = 50 M mmap_disable = yes namespace { inbox = yes location = mailbox Archives { special_use = \Archive } mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / type = private } passdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } plugin { quota = dict:User quota::proxy::quota quota_rule = *:storage=10G quota_rule2 = Trash:storage=+100M quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_dir = ~/sieve stats_refresh = 30 secs stats_track_cmds = yes } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { group = dovecot user = dovecot } } service dict { unix_listener dict { group = vmail mode = 0660 } } service doveadm { inet_listener doveadm-server { port = 19000 } } service imap-login { inet_listener imap { port = 19143 } } service imap-postlogin { executable = script-login /usr/local/bin/dovecot-postlogin user = $default_internal_user } service imap { executable = imap imap-postlogin } service lmtp { inet_listener lmtp-without-quota { address = * port = 19025 } inet_listener lmtp { address = * port = 19024 } } service managesieve-login { inet_listener sieve { port = 19200 } } service pop3-login { inet_listener pop3 { port = 19110 } } service pop3-postlogin { executable = script-login /usr/local/bin/dovecot-postlogin user = $default_internal_user } service pop3 { executable = pop3 pop3-postlogin } service quota-warning { executable = script /usr/local/bin/quota-warning extra_groups = dovecot unix_listener quota-warning { user = vmail } user = vmail } service stats { fifo_listener stats-mail { mode = 0600 user = vmail } } ssl = no syslog_facility = local1 userdb { driver = prefetch } userdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } verbose_proctitle = yes protocol imap { imap_client_workarounds = delay-newmail tb-extra-mailbox-sep mail_plugins = quota stats imap_quota imap_stats } protocol lmtp { mail_plugins = quota stats sieve } From ben at morrow.me.uk Wed Nov 28 02:32:07 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Wed, 28 Nov 2012 00:32:07 +0000 Subject: [Dovecot] Dovecot sieve with postfix. In-Reply-To: <CAKU1PAXy2P0u+qvi7_k9MygZ_QLd2=zJ9Xeck3B6WdOCYoEZMA@mail.gmail.com> References: <CAKU1PAX0OFYX3D7u1PC1taMspaCC119edgBN+jhXRaoqxYfLLA@mail.gmail.com> <20121119164753.GK94077@anubis.morrow.me.uk> <CAKU1PAUj2gR5PGqWK8TZEOCQn3tYDgE69NrFWbB5bmL=y56qYw@mail.gmail.com> <20121126115235.GC76138@anubis.morrow.me.uk> <CAKU1PAXy2P0u+qvi7_k9MygZ_QLd2=zJ9Xeck3B6WdOCYoEZMA@mail.gmail.com> Message-ID: <20121128003206.GH76138@anubis.morrow.me.uk> At 12PM -0800 on 26/11/12 /#!/JoePea wrote: > Hi Ben, > Indeed, the mailq command shows my test messages sitting there with "mail > transport unavailable". > > > ??[11:48:22/hypership/root/~] > > ??? mailq > > -Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient------- > > 2DCCB580C01 1901 Mon Nov 26 11:45:02 trusktr at gmail.com > > (mail transport > > unavailable) > > trusktr at bettafootwear.com > > > > B1449580C03 1895 Mon Nov 26 11:48:41 trusktr at gmail.com > > (mail transport > > unavailable) > > trusktr at bettafootwear.com > > > > -- 5 Kbytes in 2 Requests. > > I checked in /etc/syslog-ng/syslog-ng.conf and it shows destination d_mail > { file("/var/log/mail.log"); }; but there is no such mail.log file so I > created one. I don't know how syslog-ng works, but you need to be able to see the Postfix logs to have any chance of debugging this. Read your system documentation and get that working before trying anything else. > I logged in as mailman by doing su -s /bin/bash mailman then ran > > /usr/lib/dovecot/dovecot-lda -f trusktr at gmail.com -d > trusktr at bettafootwear.com </home/mailman/test_msg.txt > > where /home/mailman/test_msg.txt contains a plain text sentence. A single sentence is not a valid mail. Dovecot mostly doesn't care, but you will see odd client behaviour if you deliver invalid mails... > After doing that, mailq shows the new messages, but with the same "mail > transport unavailable" message. (I assume here that you only see the same list as before you attempted the new delivery? Delivering to LDA by hand shouldn't go anywhere near the Postfix queue.) > However, in Roundcube I see a new blank message with no subject for each > attempt of the dovecot-lda command. ...such as this. It looks like the 'mail' is being successfully delivered; if you try with a proper mail, something like From: root at localhost To: root at localhost Subject: testing dovecot-lda 1 2 3 it should show up properly in your client. At this point I think this is a Postfix problem, not a Dovecot problem. You can apparently successfully deliver mail using dovecot-lda, so something in your Postfix config is not invoking it properly. Ben From tss at iki.fi Wed Nov 28 03:15:05 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 28 Nov 2012 03:15:05 +0200 Subject: [Dovecot] Dovecot director doveadm with switch "-A" error In-Reply-To: <8874EC16-C9A2-4689-91E6-71453FF6ED65@uib.es> References: <453DDEEC-1372-40D2-ADD5-00F56904C52A@uib.es> <B528BA8C-9575-4C3C-B154-F243252B4B6F@iki.fi> <8874EC16-C9A2-4689-91E6-71453FF6ED65@uib.es> Message-ID: <1354065305.2844.30.camel@innu> On Tue, 2012-11-27 at 13:27 +0100, Ramon Frontera wrote: > > >> # doveadm -D quota get -A > >> doveadm(user1): Debug: auth input: user=user1 proxy > starttls=any-cert > >> doveadm(user1): Error: Proxy is missing destination host > >> doveadm: Error: Failed to iterate through some users .. > connect(8, {sa_family=AF_FILE, path="/var/run/dovecot//auth-userdb"}, > 110) = 0 It's connecting to auth-userdb, while it should be connecting to director-userdb. This should have been done by this setting: protocol doveadm { auth_socket_path = director-userdb } Make sure doveconf -n shows that. And if nothing seems to work, this at least should: doveadm -o auth_socket_path=director-userdb quota get -A From tss at iki.fi Wed Nov 28 03:26:52 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 28 Nov 2012 03:26:52 +0200 Subject: [Dovecot] Cannot STORE \Seen flag on some mails In-Reply-To: <50B4BACB.3020207@froglogic.com> References: <50B4B7D1.5080204@froglogic.com> <50B4BACB.3020207@froglogic.com> Message-ID: <CE2A5500-6A3B-49D1-A1DD-B86CF0C4BD89@iki.fi> On 27.11.2012, at 15.06, Frerich Raabe wrote: > Am 11/27/2012 1:53 PM, schrieb Frerich Raabe: >> I first suspected a client issue so I did a little IMAP session by hand: > > [..] > >> Note how the first 'SEARCH UNSEEN' command shows that '27126' is unseen, >> the subsequent 'STORE' command succeeds - but then 'SEARCH UNSEEN' still >> shows 27126 as unseen! > > Sorry, I only now realized that my IMAP session wasn't very useful since the dovecot-acl file didn't allow my user to modify the \Seen flag (it only allowed it for the user which runs the Sieve script filing the mail into the archive [and marking it as seen]) in the first place. > > If I relax the ACL, I can mark the mail as seen myself. I guess that means the question is - why didn't the sieve_before manage to set the flag in all cases. Difficult to say, but I don't think it's worth debugging with v1.2. Might be fixed already in v2.1.. From tss at iki.fi Wed Nov 28 04:31:13 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 28 Nov 2012 04:31:13 +0200 Subject: [Dovecot] v2.1.11 soon In-Reply-To: <20121127214749.GA11546@daniel.localdomain> References: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> <20121127214749.GA11546@daniel.localdomain> Message-ID: <CBBB237A-B634-43E8-B785-134A95203201@iki.fi> On 27.11.2012, at 23.47, Daniel Parthey wrote: > Timo Sirainen wrote: >> Just to let you know: I'm planning on releasing v2.1.11 today/tomorrow. If you wish to get something fixed for it, ask quickly. :) > > Can you fix these strange stats plugin errors please? > These are the only errors regularly occurring in our 2.1.10 logs: > > Nov 27 08:06:54 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 429 < 622 > Nov 27 08:07:06 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 436 < 622 It's strange that I can't figure out how to reproduce this no matter what I do. Could you with latest hg, especially: http://hg.dovecot.org/dovecot-2.1/rev/c81f1ca3cda6 and also the attached patch, which simplifies the stats plugin? -------------- next part -------------- A non-text attachment was scrubbed... Name: diff Type: application/octet-stream Size: 2959 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121128/d081bdcd/attachment-0004.obj> -------------- next part -------------- From tss at iki.fi Wed Nov 28 04:36:44 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 28 Nov 2012 04:36:44 +0200 Subject: [Dovecot] v2.1.11 soon In-Reply-To: <CBBB237A-B634-43E8-B785-134A95203201@iki.fi> References: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> <20121127214749.GA11546@daniel.localdomain> <CBBB237A-B634-43E8-B785-134A95203201@iki.fi> Message-ID: <C081AC31-C264-46E2-BF93-2FD2873523E3@iki.fi> On 28.11.2012, at 4.31, Timo Sirainen wrote: > On 27.11.2012, at 23.47, Daniel Parthey wrote: > >> Timo Sirainen wrote: >>> Just to let you know: I'm planning on releasing v2.1.11 today/tomorrow. If you wish to get something fixed for it, ask quickly. :) >> >> Can you fix these strange stats plugin errors please? >> These are the only errors regularly occurring in our 2.1.10 logs: >> >> Nov 27 08:06:54 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 429 < 622 >> Nov 27 08:07:06 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 436 < 622 Also, can you reproduce this really easily? For example with pop3: telnet localhost 110 user foo pass bar list retr 1 quit Does that log about this? If not, what about if you run imaptest (http://imapwiki.org/ImapTest) against some test user? From dmiller at amfes.com Wed Nov 28 04:43:40 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Tue, 27 Nov 2012 18:43:40 -0800 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <45DDC47A-3170-4370-8202-03DBCF91581A@iki.fi> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> <50B446B8.6070701@amfes.com> <4ED5439E-C949-4F63-A01C-15869DA43FBA@iki.fi> <FD146DEE-48AF-4D3C-B6FB-9C850205A8AC@iki.fi> <50B4DC25.1000700@amfes.com> <50B4DE62.4070403@amfes.com> <45DDC47A-3170-4370-8202-03DBCF91581A@iki.fi> Message-ID: <assp.1679c30da7.50B57A5C.1000300@amfes.com> On 11/27/2012 1:07 PM, Timo Sirainen wrote: > On 27.11.2012, at 17.38, Daniel L. Miller wrote: > >> On 11/27/2012 7:28 AM, Daniel L. Miller wrote: >>> On 11/26/2012 10:08 PM, Timo Sirainen wrote: >>>> On 27.11.2012, at 7.50, Timo Sirainen wrote: >>>> >>>>>> Nov 26, 2012 8:49:29 PM org.apache.solr.common.SolrException log >>>>>> SEVERE: org.apache.solr.common.SolrException: Illegal character ((CTRL-CHAR, code 8)) >>>>>> at [row,col {unknown-source}]: [1011144,197790] >>>>> Something's wrong. The Solr code was already supposed to catch all of these. >> I was taking a brief scan of the code - and as usual I'm probably wrong - but I believe the protection comes from the xml_encode functions. Could it be that there are some solr writes that don't go through that function - because it is assumed that the data in question doesn't need that processing? Like mailbox names, field names, or uids - that SHOULDN'T have any garbage but maybe something is creeping in? > I did go through the code looking for that a few times already but didn't notice anything. I went through it once more, and finally found the problem. :) http://hg.dovecot.org/dovecot-2.1/rev/6a97faf3e500 > :( Mine still breaks. Both UTF-8 and Control-Char errors. -- Daniel From tss at iki.fi Wed Nov 28 04:45:21 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 28 Nov 2012 04:45:21 +0200 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <assp.1679c30da7.50B57A5C.1000300@amfes.com> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> <50B446B8.6070701@amfes.com> <4ED5439E-C949-4F63-A01C-15869DA43FBA@iki.fi> <FD146DEE-48AF-4D3C-B6FB-9C850205A8AC@iki.fi> <50B4DC25.1000700@amfes.com> <50B4DE62.4070403@amfes.com> <45DDC47A-3170-4370-8202-03DBCF91581A@iki.fi> <assp.1679c30da7.50B57A5C.1000300@amfes.com> Message-ID: <B141B96E-0384-4A73-873C-DA3B5B0BAD03@iki.fi> On 28.11.2012, at 4.43, Daniel L. Miller wrote: >> I did go through the code looking for that a few times already but didn't notice anything. I went through it once more, and finally found the problem. :) http://hg.dovecot.org/dovecot-2.1/rev/6a97faf3e500 >> > :( Mine still breaks. Both UTF-8 and Control-Char errors. Can you grab the network traffic between Dovecot and Solr and find the problematic stream? From dave at morsberger.com Wed Nov 28 05:21:07 2012 From: dave at morsberger.com (David Morsberger) Date: Tue, 27 Nov 2012 22:21:07 -0500 Subject: [Dovecot] Missing Messages on IOS device Message-ID: <CA3255CA-B8B2-4BBB-A1D3-395C1FADBA92@morsberger.com> Resending because I didn't get any responses from my first post: I just converted my old server running UW/Panda to a Mac Mini Server running Mountain Lion (ML) Server. I'm using the postfix / dovecot setup provided by Apple. My IMAP clients are not showing all my emails. The Mail App on my iPhone and iPad is behaving the worse. I can see the emails that are not showing up in the cur directory. The ML Mail App is stating there are 3854 emails in my INBOX. There are 3948 files in the 'cur' directory ('ls cur | wc -l' returns 3948). Other mailboxes and directories have the same behavior. I'm not sure what to expect here. My method of conversion was to bulk copy (drag and drop) all the messages from one the UW server to the Dovecot server using the Apple Desktop Mail App in Mountain Lion. Any idea why these messages are not showing up on my devices and how I can get them to show up? bash-3.2# /Applications/Server.app/Contents/ServerRoot/usr/sbin/dovecotd --version 2.0.19apple1 bash-3.2# /Applications/Server.app/Contents/ServerRoot/usr/sbin/dovecotd -n # 2.0.19apple1: /Library/Server/Mail/Config/dovecot/dovecot.conf # OS: Darwin 12.2.1 x86_64 hfs aps_topic = com.apple.mail.XServer.fc3bb7c3-c8ef-4fe2-aff3-95ecd927fb11 auth_mechanisms = cram-md5 x-plain-submit plain login apop digest-md5 auth_socket_path = /var/run/dovecot/auth-userdb auth_username_format = %n default_internal_user = _dovecot default_login_user = _dovenull disable_plaintext_auth = no first_valid_gid = 6 first_valid_uid = 6 mail_access_groups = mail mail_location = maildir:/Library/Server/Mail/Data/mail/%u mail_log_prefix = "%s(pid %p user %u): " mail_plugins = quota zlib fts fts_sk managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mdbox_rotate_size = 200 M passdb { args = /Library/Server/Mail/Config/dovecot/submit.passdb driver = passwd-file pass = yes submit = yes } passdb { driver = od } plugin { fts = sk quota = maildir:User quota quota_warning = storage=100%% quota-exceeded %u sieve = /Library/Server/Mail/Data/rules/%u/dovecot.sieve sieve_dir = /Library/Server/Mail/Data/rules/%u } postmaster_address = postmaster at mini.mmpcrofton.com protocols = imap pop3 lmtp sieve quota_full_tempfail = yes service auth { extra_groups = _keytabusers idle_kill = 15 mins unix_listener auth-userdb { user = _dovecot } } service dns_client { unix_listener dns-client { mode = 0600 } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } service_count = 0 } service imap { client_limit = 5 process_limit = 200 service_count = 0 } service lmtp { unix_listener lmtp { mode = 0600 } } service managesieve-login { inet_listener sieve { port = 4190 } } service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } } service pop3 { client_limit = 5 process_limit = 200 service_count = 0 } service quota-exceeded { executable = script /Applications/Server.app/Contents/ServerRoot/usr/libexec/dovecot/quota-exceeded.sh unix_listener quota-exceeded { group = mail mode = 0660 user = _dovecot } user = _dovecot } service quota-warning { executable = script /Applications/Server.app/Contents/ServerRoot/usr/libexec/dovecot/quota-warning.sh unix_listener quota-warning { group = mail mode = 0660 user = _dovecot } user = _dovecot } ssl_ca = </etc/certificates/*.chain.pem ssl_cert = </etc/certificates/*.cert.pem ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL:!ADH:!eNULL ssl_key = </etc/certificates/*.key.pem ssl_key_path = /etc/certificates/*.key.pem syslog_facility = local6 userdb { args = partition=/Library/Server/Mail/Config/dovecot/partition_map.conf enforce_quotas=no driver = od } verbose_proctitle = yes protocol lmtp { mail_plugins = quota zlib fts fts_sk sieve push_notify } protocol lda { mail_plugins = quota zlib fts fts_sk sieve push_notify } protocol imap { imap_id_log = * imap_id_send = "name" * "version" * mail_max_userip_connections = 20 mail_plugins = quota zlib fts fts_sk imap_quota imap_zlib imap_fts urlauth } protocol pop3 { mail_max_userip_connections = 6 } From stan at hardwarefreak.com Wed Nov 28 07:49:55 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Tue, 27 Nov 2012 23:49:55 -0600 Subject: [Dovecot] Missing Messages on IOS device In-Reply-To: <CA3255CA-B8B2-4BBB-A1D3-395C1FADBA92@morsberger.com> References: <CA3255CA-B8B2-4BBB-A1D3-395C1FADBA92@morsberger.com> Message-ID: <50B5A603.5060509@hardwarefreak.com> On 11/27/2012 9:21 PM, David Morsberger wrote: > Resending because I didn't get any responses from my first post: > > I just converted my old server running UW/Panda to a Mac Mini Server running Mountain Lion (ML) Server. I'm using the postfix / dovecot setup provided by Apple. > > My IMAP clients are not showing all my emails. The Mail App on my iPhone and iPad is behaving the worse. I can see the emails that are not showing up in the cur directory. > > The ML Mail App is stating there are 3854 emails in my INBOX. There are 3948 files in the 'cur' directory ('ls cur | wc -l' returns 3948). Other mailboxes and directories have the same behavior. I'm not sure what to expect here. > > My method of conversion was to bulk copy (drag and drop) all the messages from one the UW server to the Dovecot server using the Apple Desktop Mail App in Mountain Lion. > > Any idea why these messages are not showing up on my devices and how I can get them to show up? Not really. Problem reports are typically accompanied by errors in log files. You've provided none. You've provided only subjective observation which is rarely useful in troubleshooting. If you provide some Dovecot logging related to the problem we may be able to help. Short of that we can only make wild ass guesses. Are your clients subscribing all IMAP folders? Are your clients checking all folders for new mail? -- Stan From tss at iki.fi Wed Nov 28 08:56:26 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 28 Nov 2012 08:56:26 +0200 Subject: [Dovecot] Missing Messages on IOS device In-Reply-To: <CA3255CA-B8B2-4BBB-A1D3-395C1FADBA92@morsberger.com> References: <CA3255CA-B8B2-4BBB-A1D3-395C1FADBA92@morsberger.com> Message-ID: <EA205FFA-14CE-4C5A-B7FC-7DAFC27754EE@iki.fi> On 28.11.2012, at 5.21, David Morsberger wrote: > My IMAP clients are not showing all my emails. The Mail App on my iPhone and iPad is behaving the worse. I can see the emails that are not showing up in the cur directory. Delete the account on iPhone and recreate it. Does that help? From dmiller at amfes.com Wed Nov 28 10:50:29 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Wed, 28 Nov 2012 00:50:29 -0800 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <B141B96E-0384-4A73-873C-DA3B5B0BAD03@iki.fi> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> <50B446B8.6070701@amfes.com> <4ED5439E-C949-4F63-A01C-15869DA43FBA@iki.fi> <FD146DEE-48AF-4D3C-B6FB-9C850205A8AC@iki.fi> <50B4DC25.1000700@amfes.com> <50B4DE62.4070403@amfes.com> <45DDC47A-3170-4370-8202-03DBCF91581A@iki.fi> <50B57A5C.1000300@amfes.com> <B141B96E-0384-4A73-873C-DA3B5B0BAD03@iki.fi> Message-ID: <assp.167950d733.50B5D055.6010605@amfes.com> On 11/27/2012 6:45 PM, Timo Sirainen wrote: > On 28.11.2012, at 4.43, Daniel L. Miller wrote: > >>> I did go through the code looking for that a few times already but didn't notice anything. I went through it once more, and finally found the problem. :) http://hg.dovecot.org/dovecot-2.1/rev/6a97faf3e500 >>> >> :( Mine still breaks. Both UTF-8 and Control-Char errors. > Can you grab the network traffic between Dovecot and Solr and find the problematic stream? > Tell me how and I'll be happy to! -- Daniel From raabe at froglogic.com Wed Nov 28 10:52:48 2012 From: raabe at froglogic.com (Frerich Raabe) Date: Wed, 28 Nov 2012 09:52:48 +0100 Subject: [Dovecot] Cannot STORE \Seen flag on some mails In-Reply-To: <CE2A5500-6A3B-49D1-A1DD-B86CF0C4BD89@iki.fi> References: <50B4B7D1.5080204@froglogic.com> <50B4BACB.3020207@froglogic.com> <CE2A5500-6A3B-49D1-A1DD-B86CF0C4BD89@iki.fi> Message-ID: <50B5D0E0.2090906@froglogic.com> Am 11/28/2012 2:26 AM, schrieb Timo Sirainen: > On 27.11.2012, at 15.06, Frerich Raabe wrote: >> If I relax the ACL, I can mark the mail as seen myself. I guess >> that means the question is - why didn't the sieve_before manage to >> set the flag in all cases. > > Difficult to say, but I don't think it's worth debugging with v1.2. > Might be fixed already in v2.1.. Hm, maybe indeed a reason to stop tip-toeing around upgrading to v2.1... the christmas season is coming, maybe this upgrade would be a good proejct for the vacation. ;-) Thanks for your comment! -- Frerich Raabe - raabe at froglogic.com www.froglogic.com - Multi-Platform GUI Testing From tss at iki.fi Wed Nov 28 10:55:46 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 28 Nov 2012 10:55:46 +0200 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <assp.167950d733.50B5D055.6010605@amfes.com> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> <50B446B8.6070701@amfes.com> <4ED5439E-C949-4F63-A01C-15869DA43FBA@iki.fi> <FD146DEE-48AF-4D3C-B6FB-9C850205A8AC@iki.fi> <50B4DC25.1000700@amfes.com> <50B4DE62.4070403@amfes.com> <45DDC47A-3170-4370-8202-03DBCF91581A@iki.fi> <50B57A5C.1000300@amfes.com> <B141B96E-0384-4A73-873C-DA3B5B0BAD03@iki.fi> <assp.167950d733.50B5D055.6010605@amfes.com> Message-ID: <2745DFD2-9D73-4E17-95A5-F7B858C54DB4@iki.fi> On 28.11.2012, at 10.50, Daniel L. Miller wrote: > On 11/27/2012 6:45 PM, Timo Sirainen wrote: >> On 28.11.2012, at 4.43, Daniel L. Miller wrote: >> >>>> I did go through the code looking for that a few times already but didn't notice anything. I went through it once more, and finally found the problem. :) http://hg.dovecot.org/dovecot-2.1/rev/6a97faf3e500 >>>> >>> :( Mine still breaks. Both UTF-8 and Control-Char errors. >> Can you grab the network traffic between Dovecot and Solr and find the problematic stream? >> > Tell me how and I'll be happy to! Maybe the easiest would be to use tcpflow. It outputs different TCP streams to different files. From them you can then grep for the error and look closer into it. I guess something like wireshark would work too, but I've never been able to use its GUI in a useful way. From Jost.Krieger+dovecot at rub.de Wed Nov 28 10:57:30 2012 From: Jost.Krieger+dovecot at rub.de (Jost Krieger) Date: 28 Nov 2012 09:57:30 +0100 Subject: [Dovecot] Any chance to access read-only mdboxes? Message-ID: <20121128085702.GA28525@ruhr-uni-bochum.de> We would like to provide a self-service restore function to our users using their IMAP client of choice.. Our idea was to use a snapshot (under ZFS, btrfs, whatever) and have it available to the user in a namespace. Unfortunately, but understandably, dovecot doesn't like the mdbox structure to be read-only. Is there any chance to change that? In the meantime, we could use a read-write snapshot, but we wouldn't like the users to really do changes to that snapshot. Our next attempt is to use ACLs, but it's a bit hard to gt the ACLs to the correct place in the snapshots, at least for thousands of users. Our currents solution (in test) is a quick and dirty patch to introduce inheritance to the ACLs by walking up the directory tree, so we need only one ACL. A cleaner solution would be very much appreciated. Yours Jost Krieger -- | Helft Spam ausrotten! HTML in Mail ist unh?flich. | | Postmaster, JAPH, manchmal Wahrsager am RZ der RUB | | Wahre Worte sind nicht gef?llig, gef?llige Worte sind nicht wahr.| | Lao Tse, Tao Te King 81 | From tss at iki.fi Wed Nov 28 11:01:23 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 28 Nov 2012 11:01:23 +0200 Subject: [Dovecot] Any chance to access read-only mdboxes? In-Reply-To: <20121128085702.GA28525@ruhr-uni-bochum.de> References: <20121128085702.GA28525@ruhr-uni-bochum.de> Message-ID: <62077D8D-92EC-4F1A-AD22-E4B7377D2B85@iki.fi> On 28.11.2012, at 10.57, Jost Krieger wrote: > We would like to provide a self-service restore function to our users > using their IMAP client of choice.. > > Our idea was to use a snapshot (under ZFS, btrfs, whatever) and have it > available to the user in a namespace. > > Unfortunately, but understandably, dovecot doesn't like the mdbox > structure to be read-only. Is there any chance to change that? I think it would be possible. I already added some code for that, but apparently it wasn't enough and I stopped because it's a pretty low priority issue.. Anyway, I think the code changes would be pretty easy to do. So start finding the problematic parts and fixing them and sending me patches. :) > Our next attempt is to use ACLs, but it's a bit hard to gt the ACLs to > the correct place in the snapshots, at least for thousands of users. > > Our currents solution (in test) is a quick and dirty patch to introduce > inheritance to the ACLs by walking up the directory tree, so we need > only one ACL. For a long time I've wanted a "default acl" file that applies to the whole namespace. Never got around to implementing that either. Anyway, ACLs don't help when the reading code itself decides to write to indexes (which it does). From rs at sys4.de Wed Nov 28 11:21:55 2012 From: rs at sys4.de (Robert Schetterer) Date: Wed, 28 Nov 2012 10:21:55 +0100 Subject: [Dovecot] Any chance to access read-only mdboxes? In-Reply-To: <20121128085702.GA28525@ruhr-uni-bochum.de> References: <20121128085702.GA28525@ruhr-uni-bochum.de> Message-ID: <50B5D7B3.1000905@sys4.de> Am 28.11.2012 09:57, schrieb Jost Krieger: > We would like to provide a self-service restore function to our users > using their IMAP client of choice.. > > Our idea was to use a snapshot (under ZFS, btrfs, whatever) and have it > available to the user in a namespace. > > Unfortunately, but understandably, dovecot doesn't like the mdbox > structure to be read-only. Is there any chance to change that? > > In the meantime, we could use a read-write snapshot, but we wouldn't > like the users to really do changes to that snapshot. > > Our next attempt is to use ACLs, but it's a bit hard to gt the ACLs to > the correct place in the snapshots, at least for thousands of users. > > Our currents solution (in test) is a quick and dirty patch to introduce > inheritance to the ACLs by walking up the directory tree, so we need > only one ACL. > > A cleaner solution would be very much appreciated. > > Yours > Jost Krieger > a workaround perhaps is, postfix bcc archive mailboxes with a sieve rule which also sort mails spam/in/out/day/month/year in subfolders and then set subfolders acl read only for their related users ( scriptable at user creation time, and/or external sieve plugin),archive mailboxes may show up in their shared namespace then, also forbid pop3 download on the archive mailbox subfolders, if archive shouldnt exist for ever ,use dove expunge on the archive mailboxes/subfolders for x days/weeks/months/years ,whatever you prefer Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From Jost.Krieger at ruhr-uni-bochum.de Wed Nov 28 11:09:55 2012 From: Jost.Krieger at ruhr-uni-bochum.de (Jost Krieger) Date: 28 Nov 2012 10:09:55 +0100 Subject: [Dovecot] Any chance to access read-only mdboxes? In-Reply-To: <62077D8D-92EC-4F1A-AD22-E4B7377D2B85@iki.fi> References: <20121128085702.GA28525@ruhr-uni-bochum.de> <62077D8D-92EC-4F1A-AD22-E4B7377D2B85@iki.fi> Message-ID: <20121128090954.GB28525@ruhr-uni-bochum.de> On Wed 28 Nov 2012 11:01:23 AM GMT, Timo Sirainen wrote: > > On 28.11.2012, at 10.57, Jost Krieger wrote: > > I think it would be possible. I already added some code for that, but apparently it wasn't enough and I stopped because it's a pretty low priority issue.. Anyway, I think the code changes would be pretty easy to do. So start finding the problematic parts and fixing them and sending me patches. :) Will try, but don't hold your breath :-) > > Our currents solution (in test) is a quick and dirty patch to introduce > > inheritance to the ACLs by walking up the directory tree, so we need > > only one ACL. > > For a long time I've wanted a "default acl" file that applies to the whole namespace. Never got around to implementing that either. We'll at least post the patch. > Anyway, ACLs don't help when the reading code itself decides to write to indexes (which it does). That's not so important for us, we don't want to protect the snapshot from dovecot, but from user stupidity^Wintervention, like: "But I need that mails, that I moved over yesterday from the snapshot and that are gone now, again." Yours Jost Krieger -- | Jost.Krieger+sig at ruhr-uni-bochum.de Please help stamp out spam! | | Postmaster, JAPH, resident answer machine at RUB Comp. Center | | Sincere words are not sweet, sweet words are not sincere. | | Lao Tse, Tao Te King 81 | From Jost.Krieger+dovecot at rub.de Wed Nov 28 11:31:06 2012 From: Jost.Krieger+dovecot at rub.de (Jost Krieger) Date: 28 Nov 2012 10:31:06 +0100 Subject: [Dovecot] Any chance to access read-only mdboxes? In-Reply-To: <62077D8D-92EC-4F1A-AD22-E4B7377D2B85@iki.fi> References: <20121128085702.GA28525@ruhr-uni-bochum.de> <62077D8D-92EC-4F1A-AD22-E4B7377D2B85@iki.fi> Message-ID: <20121128093106.GG28525@ruhr-uni-bochum.de> On Wed 28 Nov 2012 11:01:23 AM GMT, Timo Sirainen wrote: > > On 28.11.2012, at 10.57, Jost Krieger wrote: > > I think it would be possible. I already added some code for that, but apparently it wasn't enough and I stopped because it's a pretty low priority issue.. Anyway, I think the code changes would be pretty easy to do. So start finding the problematic parts and fixing them and sending me patches. :) Will try, but don't hold your breath :-) > > Our currents solution (in test) is a quick and dirty patch to introduce > > inheritance to the ACLs by walking up the directory tree, so we need > > only one ACL. > > For a long time I've wanted a "default acl" file that applies to the whole namespace. Never got around to implementing that either. We'll at least post the patch. > Anyway, ACLs don't help when the reading code itself decides to write to indexes (which it does). That's not so important for us, we don't want to protect the snapshot from dovecot, but from user stupidity^Wintervention, like: "But I need that mails, that I moved over yesterday from the snapshot and that are gone now, again." Yours Jost Krieger -- | Jost.Krieger+sig at ruhr-uni-bochum.de Please help stamp out spam! | | Postmaster, JAPH, resident answer machine at RUB Comp. Center | | Sincere words are not sweet, sweet words are not sincere. | | Lao Tse, Tao Te King 81 | From skdovecot at smail.inf.fh-brs.de Wed Nov 28 11:38:16 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Wed, 28 Nov 2012 10:38:16 +0100 (CET) Subject: [Dovecot] backtrace from postgres dict Message-ID: <alpine.DEB.2.02.1211281007050.3077@pc-2m63nn> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, since I enabled ACLs I get following backtrace. It looks like that it happens if the ACLs had been changed only. Also, it looks like that it always happens 1 minute after last "dict: Info: pgsql(localhost): Connected to database dovecot", no matter if the user is logged in (and idle) or logged off. Postgres logs: "could not receive data from client: Connection reset by peer" and "unexpected EOF on client connection". Is there some TCP keep alive issue? Postgres is using the "system default" for TCP keep alive. I'm currently testing ACLs via telnet, so the activity with the ACL dict is pretty low, hence, an idle timeout would make much sense. # ../../sbin/dovecot --version 2.1.10 (a4f02f6c0d32) dict connect string: connect = host=localhost dbname=db user=user 2012-11-28 10:03:39 dict: Info: pgsql(localhost): Connected to database dovecot 2012-11-28 10:03:39 dict: Info: pgsql(localhost): Connected to database dovecot 2012-11-28 10:03:39 dict: Info: pgsql(localhost): Connected to database dovecot 2012-11-28 10:03:58 IMAP(user) [22922]: Info: Disconnected: Logged out in=23 out=763 2012-11-28 10:04:41 dict: Panic: file driver-pgsql.c: line 84 (driver_pgsql_set_state): assertion failed: (state == SQL_DB_STATE_BUSY || db->cur_result == NULL) 2012-11-28 10:04:41 dict: Error: Raw backtrace: /usr/local/dovecot-2.1.10/lib/dovecot/libdovecot.so.0(+0x4857a) [0x7f91f511157a] -> /usr/local/dovecot-2.1.10/lib/dovecot/libdovecot.so.0(+0x485c6) [0x7f91f51115c6] -> /usr/local/dovecot-2.1.10/lib/dovecot/libdovecot.so.0(i_error+0) [0x7f91f50e4eaf] -> dovecot2.1/dict() [0x40aa36] -> dovecot2.1/dict() [0x40aa91] -> dovecot2.1/dict() [0x40bed3] -> dovecot2.1/dict() [0x409504] - -> dovecot2.1/dict(sql_db_cache_deinit+0x20) [0x408a60] -> dovecot2.1/dict(main+0x169) [0x405a59] -> /lib/libc.so.6(__libc_start_main+0xfd) [0x7f91f4b5cc8d] -> dovecot2.1/dict() [0x404bb9] 2012-11-28 10:04:41 dict: Fatal: master: service(dict): child 22923 killed with signal 6 (core not dumped) - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBULXbiGoxLS8a3A9mAQI9Ywf/YItPO4fFT70HcuwCkDXgx0Sn7CEyXu2j +1VzOu3R/TMs1rcxYJIvWiei6Nk3wXywzQl84POadJn61Yf2NuT80nMxwBsBbgio e+0oRE9JNVSjtvX5l7kehEdUDQjqRRKyrhWG9KDlpjWidGsYh7pQg0rDtp3UwG57 HuSBMiBAZ9t9sC2DXjn9wT9vweH3gMIhc/K5U0BLF5JG/K8UAKc5QBUgezjIYzvn KP90TJ4RoZ2vnPzmWfeIsjffRBvvC6UUgWmU02e2H9xJxzF32Nix0s8YWi7G91sH Ei057HW5NsKNDtp6B5fYk+xCpC6ucQiwFSr/ZG+uZCAdtTd2qmf60g== =tQYK -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Wed Nov 28 11:42:35 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Wed, 28 Nov 2012 10:42:35 +0100 (CET) Subject: [Dovecot] doveadm acl recalc (was Re: v2.1.11 soon) In-Reply-To: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> References: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> Message-ID: <alpine.DEB.2.02.1211281040420.3077@pc-2m63nn> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 27 Nov 2012, Timo Sirainen wrote: > Just to let you know: I'm planning on releasing v2.1.11 today/tomorrow. > If you wish to get something fixed for it, ask quickly. :) doveadm acl recalc -u user to update ACL backend information with user's dovecot-acl files. Kind regards, - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBULXcjGoxLS8a3A9mAQIuDwgAo4LYKrQkZ/JXrHJ+e5vWW9+vTg9lqKZD IJybqc5dE9RUPUCiSa2wZ/HP+Wz/V9GcE399Wq+gOMKpB5WTKs3LYkXTKAWDBM4F 6MLArX/XXQ7xaHdsBAVc1Z13D18uErzCt43pLXxy/EoH8hilaPaghD2XJVXb1k32 zZ8FhkiPcMffoQaMM3fsaMm6cUGVHvbnbwkwR2z3Vc640QuuaW85qik3LMvNWUEx fK9GrUphZ3DxGi6dbWQLKBS8vakwtaCPI0O8LKNFNmlq5Waq6iB7IsuyoDF8Jot6 xhcSFDedKD1RD6hmjH0FChKU2tA8RomacrpUNkEZWRKGAble7zr9nA== =zPuV -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Wed Nov 28 12:43:23 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Wed, 28 Nov 2012 11:43:23 +0100 (CET) Subject: [Dovecot] dict sql iterate failed: Not connected to database (was Re: backtrace from postgres dict) In-Reply-To: <alpine.DEB.2.02.1211281007050.3077@pc-2m63nn> References: <alpine.DEB.2.02.1211281007050.3077@pc-2m63nn> Message-ID: <alpine.DEB.2.02.1211281125550.3077@pc-2m63nn> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 28 Nov 2012, Steffen Kaiser wrote: hmm, it seems to be more than just an idle timeout. > since I enabled ACLs I get following backtrace. It looks like that it happens > if the ACLs had been changed only. Also, it looks like that it always happens > 1 minute after last "dict: Info: pgsql(localhost): Connected to database > dovecot", no matter if the user is logged in (and idle) or logged off. > Postgres logs: "could not receive data from client: Connection reset by peer" > and "unexpected EOF on client connection". > > Is there some TCP keep alive issue? > Postgres is using the "system default" for TCP keep alive. > I'm currently testing ACLs via telnet, so the activity with the ACL dict is > pretty low, hence, an idle timeout would make much sense. When I use this script: ( echo 1 login user pass sleep 1 echo 2 getacl Junk sleep 1 for a in $(seq 1 ${1-4}); do echo 3-$a deleteAcl Junk user2 sleep 30 echo 3-$a SetAcl Junk user2 kxilrsc sleep 30 done echo + logout ) | nc -q1 localhost 143 I get (attached are more lines of the log): 2012-11-28 11:08:07 dict: Info: pgsql(localhost): Connected to database dovecot scanning for dovecot-acl 2012-11-28 11:09:07 dict: Info: pgsql(localhost): Connected to database dovecot scanning for dovecot-acl 2012-11-28 11:09:37 dict: Info: pgsql(localhost): Connected to database dovecot scanning for dovecot-acl 2012-11-28 11:10:07 dict: Error: dict sql iterate failed: Not connected to database 2012-11-28 11:10:07 IMAP(user) [23358]: Error: acl: dict iteration failed, can't update dict scanning for dovecot-acl After that the connection is broken and I get the backtrace eventually. > # ../../sbin/dovecot --version > 2.1.10 (a4f02f6c0d32) > > dict connect string: > connect = host=localhost dbname=db user=user - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBULXqy2oxLS8a3A9mAQL4+Af+PQIzpT0/kbot90jYRYmRBA96frDlDubc lsl9iktKGYyxLOQXRLLcUpOgzWqUvxoLtsCMlkcOG8tjyQLr2OsAufnVUL7LUH8y iGIi8lZjfHRUQWWLgC6KG0eNOMT5PEGLB5dBcqMZxsgENjoe0SEYf3SN2bT7UxR7 N6/cbU+qnQ/IVpCCcFTtY1Nv7pHcpBwt7IQqaLTdFJ2OQBtUCFsZlkH2SArBZktC 82rHKvHkN4rsYiOhKQFyG3p7mmdmq3snUpP9fvUE+2nxsIQw2BIht8gGPMsuVoTb DC1JjE6JGuj4z3HrEs2tYRHgnTUuUn2j28bXIp2gNDLUQzbL5DLfLQ== =XUQP -----END PGP SIGNATURE----- -------------- next part -------------- A non-text attachment was scrubbed... Name: acl-pg-error.log.gz Type: application/octet-stream Size: 1139 bytes Desc: URL: <http://dovecot.org/pipermail/dovecot/attachments/20121128/ee569960/attachment-0004.obj> From benedetto.vassallo at unipa.it Wed Nov 28 13:17:36 2012 From: benedetto.vassallo at unipa.it (Benedetto Vassallo) Date: Wed, 28 Nov 2012 12:17:36 +0100 Subject: [Dovecot] v2.1.11 soon In-Reply-To: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> References: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> Message-ID: <20121128121736.12111dhmxva4dqds@webmail.unipa.it> Def. Quota Timo Sirainen <tss at iki.fi>: > Just to let you know: I'm planning on releasing v2.1.11 > today/tomorrow. If you wish to get something fixed for it, ask > quickly. :) > > Please it is possible to have maildir hardlinks working like in v2.0.13? Thank you. -- Benedetto Vassallo Sistema Informativo di Ateneo Settore Gestione Reti Hardware e Software U.O.B. Sviluppo e manutenzione dei sistemi Universit? degli studi di Palermo Phone: +3909123860056 Fax: +390916529124 ------------------------------------------------------------------------- This message was sent using the University of Palermo web mail interface. From cfowler at scss.tcd.ie Wed Nov 28 13:24:43 2012 From: cfowler at scss.tcd.ie (Colin Fowler) Date: Wed, 28 Nov 2012 11:24:43 +0000 Subject: [Dovecot] Vacation messages come from POSTMASTER, not user In-Reply-To: <50B3CE72.3040507@rename-it.nl> References: <1ae8ff5c569ca991558585c3071131c2@scss.tcd.ie> <50B3CE72.3040507@rename-it.nl> Message-ID: <50B5F47B.6040107@scss.tcd.ie> On 26/11/12 20:17, Stephan Bosch wrote: > On 11/26/2012 6:31 PM, cfowler wrote: >> Problem : All vacation autoreplies come from the postmaster address. >> Expected behavior : vacation notice comes from the user who set the >> vacation. >> Platform : Dovecot 2.1.7 on Debian Squeeze ( See below for example >> reply, sieve script and dovecot -n output) >> >> Any help appreciated! > > This should fix that: > > http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/b56711807edc > > Regards, > > Stephan. > Sorry for the late reply. I've been off work sick :( Excellent Work Stephan! Thank you so much. do you know if this patch will make it into 2.1.11? regards, Colin From cfowler at scss.tcd.ie Wed Nov 28 13:27:13 2012 From: cfowler at scss.tcd.ie (Colin Fowler) Date: Wed, 28 Nov 2012 11:27:13 +0000 Subject: [Dovecot] v2.1.11 soon In-Reply-To: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> References: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> Message-ID: <50B5F511.5070009@scss.tcd.ie> On 27/11/12 08:53, Timo Sirainen wrote: > Just to let you know: I'm planning on releasing v2.1.11 today/tomorrow. If you wish to get something fixed for it, ask quickly. :) > Will this patch be in 2.1.11? http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/b56711807edc Stephan Bosch wrote this to fix an unintended issue whereby vacation notices were coming from postmaster. regards, Colin From stephan at rename-it.nl Wed Nov 28 13:29:57 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Wed, 28 Nov 2012 12:29:57 +0100 Subject: [Dovecot] v2.1.11 soon In-Reply-To: <50B5F511.5070009@scss.tcd.ie> References: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> <50B5F511.5070009@scss.tcd.ie> Message-ID: <50B5F5B5.6060709@rename-it.nl> Op 11/28/2012 12:27 PM, Colin Fowler schreef: > On 27/11/12 08:53, Timo Sirainen wrote: >> Just to let you know: I'm planning on releasing v2.1.11 >> today/tomorrow. If you wish to get something fixed for it, ask >> quickly. :) >> > Will this patch be in 2.1.11? > > http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/b56711807edc > > Stephan Bosch wrote this to fix an unintended issue whereby vacation > notices were coming from postmaster. Pigeonhole is not part of Dovecot, so that is released separately. Regards, Stephan. From tss at iki.fi Wed Nov 28 13:33:02 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 28 Nov 2012 13:33:02 +0200 Subject: [Dovecot] v2.1.11 soon In-Reply-To: <20121128121736.12111dhmxva4dqds@webmail.unipa.it> References: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> <20121128121736.12111dhmxva4dqds@webmail.unipa.it> Message-ID: <4D484A24-7BD9-4175-939C-696DB663F696@iki.fi> On 28.11.2012, at 13.17, Benedetto Vassallo wrote: > Def. Quota Timo Sirainen <tss at iki.fi>: > >> Just to let you know: I'm planning on releasing v2.1.11 today/tomorrow. If you wish to get something fixed for it, ask quickly. :) > > Please it is possible to have maildir hardlinks working like in v2.0.13? Not in the same way. That would break other peoples' installations. From btj at havleik.no Wed Nov 28 14:12:15 2012 From: btj at havleik.no (=?UTF-8?B?QmrDuHJu?= T Johansen) Date: Wed, 28 Nov 2012 13:12:15 +0100 Subject: [Dovecot] Shutting down my Dovecot server? Message-ID: <20121128131215.1d7c4d66@havleik.no> I am planning to shut down my own Dovecot server and start using the other Dovecot server I am administering together with a friend.. And I was thinking that I don't want to copy the emails I have on my server so I want to start from scratch on the other server.. But I would like to be able to look at the old emails if I need to, so was wondering if there is a way to do this without using an imap server? Can I convert my mails stored in the maildir format to mbox or is there a better way to solve my problem? Regards, BTJ -- ----------------------------------------------------------------------------------------------- Bj?rn T Johansen btj at havleik.no ----------------------------------------------------------------------------------------------- Someone wrote: "I understand that if you play a Windows CD backwards you hear strange Satanic messages" To which someone replied: "It's even worse than that; play it forwards and it installs Windows" ----------------------------------------------------------------------------------------------- -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From benedetto.vassallo at unipa.it Wed Nov 28 14:22:14 2012 From: benedetto.vassallo at unipa.it (Benedetto Vassallo) Date: Wed, 28 Nov 2012 13:22:14 +0100 Subject: [Dovecot] v2.1.11 soon In-Reply-To: <4D484A24-7BD9-4175-939C-696DB663F696@iki.fi> References: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> <20121128121736.12111dhmxva4dqds@webmail.unipa.it> <4D484A24-7BD9-4175-939C-696DB663F696@iki.fi> Message-ID: <20121128132214.17661rqf1u7a9q0m@webmail.unipa.it> Def. Quota Timo Sirainen <tss at iki.fi>: > On 28.11.2012, at 13.17, Benedetto Vassallo wrote: > >> Def. Quota Timo Sirainen <tss at iki.fi>: >> >>> Just to let you know: I'm planning on releasing v2.1.11 >>> today/tomorrow. If you wish to get something fixed for it, ask >>> quickly. :) >> >> Please it is possible to have maildir hardlinks working like in v2.0.13? > > Not in the same way. That would break other peoples' installations. > > I see. So, please what kind of permission I have to set in the MailDir directory? I tryed to set 700, 770, 777 but it doesn't work. My environment is the following: All users mapped in ldap having the same group. The /home/user permissions are 755 and the /home/user directory is owned by user:group The /home/user/MailDir directory have 755 permissions and is owned by user:group Here is the output of my dovecot -n (v2.0.13) where all works fine for me: # 2.0.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-279.1.1.el6.x86_64 x86_64 CentOS release 6.3 (Final) auth_cache_negative_ttl = 0 auth_cache_size = 10 M auth_cache_ttl = 5 mins auth_socket_path = /var/run/dovecot/auth-master auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_ auth_verbose = yes base_dir = /var/run/dovecot/ default_client_limit = 6500 default_process_limit = 3000 default_vsz_limit = 512 M deliver_log_format = msgid=%m: %$ %f %s %p disable_plaintext_auth = no first_valid_gid = 12 first_valid_uid = 8 lda_original_recipient_header = X-Original-To listen = 147.163.1.137 log_path = /var/log/dovecot.log login_greeting = University of Palermo mail server ready. mail_cache_min_mail_count = 100 mail_gid = mail mail_location = maildir:~/MailDir:LAYOUT=fs mail_plugins = quota mail_privileged_group = mail mail_uid = mail maildir_very_dirty_syncs = yes mbox_write_locks = fcntl passdb { args = /etc/dovecot/conf.d/dovecot-ldap.conf.ext driver = ldap } plugin { expire = Trash 30 Spam 7 fts = squat fts_squat = partial=4 full=10 mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid from subject size quota = maildir:User quota quota_rule2 = Trash:storage=+200M trash = /etc/dovecot/conf.d/trash.conf.ext } postmaster_address = postmaster at unipa.it rejection_subject = Automatically Rejected Mail: %s sendmail_path = /usr/lib/sendmail service auth-worker { user = $default_internal_user } service auth { client_limit = 42288 executable = /usr/libexec/dovecot/auth unix_listener auth-client { mode = 0660 } unix_listener auth-master { group = root mode = 0600 user = root } user = $default_internal_user } service imap-login { chroot = login executable = /usr/libexec/dovecot/imap-login inet_listener imap { port = 143 } process_limit = 1200 process_min_avail = 8 service_count = 0 user = dovenull vsz_limit = 128 M } service imap { executable = /usr/libexec/dovecot/imap process_limit = 1200 vsz_limit = 256 M } service lmtp { inet_listener lmtp { address = 127.0.0.1 port = 24 } unix_listener lmtp { mode = 0666 } } service pop3-login { chroot = login executable = /usr/libexec/dovecot/pop3-login inet_listener pop3 { port = 110 } process_limit = 600 process_min_avail = 4 service_count = 0 user = dovenull vsz_limit = 256 M } service pop3 { executable = /usr/libexec/dovecot/pop3 process_limit = 800 vsz_limit = 256 M } ssl = no userdb { args = /etc/dovecot/conf.d/dovecot-ldap.conf.ext driver = ldap } protocol lda { mail_plugin_dir = /usr/lib64/dovecot mail_plugins = quota } protocol imap { imap_client_workarounds = delay-newmail tb-extra-mailbox-sep imap_idle_notify_interval = 2 mins imap_logout_format = bytes=%i/%o imap_max_line_length = 64 k mail_max_userip_connections = 20 mail_plugin_dir = /usr/lib64/dovecot mail_plugins = quota imap_quota } protocol lmtp { mail_plugins = acl quota } protocol pop3 { mail_max_userip_connections = 1 mail_plugin_dir = /usr/lib64/dovecot pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_enable_last = no pop3_lock_session = yes pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s pop3_no_flag_updates = no pop3_reuse_xuidl = yes pop3_save_uidl = yes pop3_uidl_format = %08Xu%08Xv } The same config in v2.1.10 works fine but it don't use maildir hardlinks. I want to update my dovecot installation to set up sieve in my production server, but I am blocked becouse maildir hardlinks does'nt work. Any help would be really appreciated. Thank you. -- Benedetto Vassallo Sistema Informativo di Ateneo Settore Gestione Reti Hardware e Software U.O.B. Sviluppo e manutenzione dei sistemi Universit? degli studi di Palermo Phone: +3909123860056 Fax: +390916529124 ------------------------------------------------------------------------- This message was sent using the University of Palermo web mail interface. From h.reindl at thelounge.net Wed Nov 28 14:22:22 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Wed, 28 Nov 2012 13:22:22 +0100 Subject: [Dovecot] Shutting down my Dovecot server? In-Reply-To: <20121128131215.1d7c4d66@havleik.no> References: <20121128131215.1d7c4d66@havleik.no> Message-ID: <50B601FE.9010201@thelounge.net> Am 28.11.2012 13:12, schrieb Bj?rn T Johansen: > I am planning to shut down my own Dovecot server and start using the other Dovecot server I am administering together with a friend.. > > And I was thinking that I don't want to copy the emails I have on my server so I want to start from scratch on the other server.. > But I would like to be able to look at the old emails if I need to, so was wondering if there is a way to do this without using an imap server? > Can I convert my mails stored in the maildir format to mbox or is there a better way to solve my problem? why not simply drag&drop them to thunderbird or whatever MUA you are using? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 261 bytes Desc: OpenPGP digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121128/7adf7ed6/attachment-0004.bin> From btj at havleik.no Wed Nov 28 14:31:07 2012 From: btj at havleik.no (=?UTF-8?B?QmrDuHJu?= T Johansen) Date: Wed, 28 Nov 2012 13:31:07 +0100 Subject: [Dovecot] Shutting down my Dovecot server? In-Reply-To: <50B601FE.9010201@thelounge.net> References: <20121128131215.1d7c4d66@havleik.no> <50B601FE.9010201@thelounge.net> Message-ID: <20121128133107.5aabc2df@havleik.no> On Wed, 28 Nov 2012 13:22:22 +0100 Reindl Harald <h.reindl at thelounge.net> wrote: > > > Am 28.11.2012 13:12, schrieb Bj?rn T Johansen: > > I am planning to shut down my own Dovecot server and start using the other Dovecot server I am administering together with a friend.. > > > > And I was thinking that I don't want to copy the emails I have on my server so I want to start from scratch on the other server.. > > But I would like to be able to look at the old emails if I need to, so was wondering if there is a way to do this without using an imap server? > > Can I convert my mails stored in the maildir format to mbox or is there a better way to solve my problem? > > why not simply drag&drop them to thunderbird or whatever MUA > you are using? > Well, I am using Claws Mail but you are thinking about make my emails available in offline modus? Guess that might be one way to go but I was just trying to figure out my options as I have never done this before... :) BTJ -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From skdovecot at smail.inf.fh-brs.de Wed Nov 28 15:20:58 2012 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Wed, 28 Nov 2012 14:20:58 +0100 (CET) Subject: [Dovecot] Shutting down my Dovecot server? In-Reply-To: <20121128133107.5aabc2df@havleik.no> References: <20121128131215.1d7c4d66@havleik.no> <50B601FE.9010201@thelounge.net> <20121128133107.5aabc2df@havleik.no> Message-ID: <alpine.DEB.2.02.1211281419320.3077@pc-2m63nn> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 28 Nov 2012, Bj?rn T Johansen wrote: >> Am 28.11.2012 13:12, schrieb Bj?rn T Johansen: >>> I am planning to shut down my own Dovecot server and start using the other Dovecot server I am administering together with a friend.. >>> >>> And I was thinking that I don't want to copy the emails I have on my server so I want to start from scratch on the other server.. >>> But I would like to be able to look at the old emails if I need to, so was wondering if there is a way to do this without using an imap server? >>> Can I convert my mails stored in the maildir format to mbox or is there a better way to solve my problem? >> >> why not simply drag&drop them to thunderbird or whatever MUA >> you are using? >> > > Well, I am using Claws Mail but you are thinking about make my emails available in offline modus? Guess that might be one way to go but I was just trying to figure out my options > as I have never done this before... :) With Thunderbird you can drop a mbox file into the "Local Folders" directory in the profile. Next start this mbox is displayed as mail folder. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBULYPumoxLS8a3A9mAQIP1AgAjNIFKP21/770mqG55CJnjG/IEFKIaywj Waa94H/eu+6eZQ14Yw4pTVWEdIJxhv+56Yu0qdQo7MXer1haASirGf6z9eZPGg3C WI84qp5ma++y5E35t9LimpdE0i8ox6zu/A+fcxusFat9UHp02BWqunykmim6uHKa yVSjb+mzwOr8IQyCAM5zRi8EXWwKZzG2uo2GbrrYGEWUsbphurapgvv3oato+lmU Msd1D/iOAjkiTKq+5UWHk+21EKa1gX9Ng9rQpftLLDEveBd/EsQJLMRtLNP0Agem +6UbkQDrfcL1md531wOpNjpMhxKLQfBsNe7r9SOLUHxDp2QtsFgGkw== =GRBQ -----END PGP SIGNATURE----- From rs at sys4.de Wed Nov 28 15:53:48 2012 From: rs at sys4.de (Robert Schetterer) Date: Wed, 28 Nov 2012 14:53:48 +0100 Subject: [Dovecot] Shutting down my Dovecot server? In-Reply-To: <20121128131215.1d7c4d66@havleik.no> References: <20121128131215.1d7c4d66@havleik.no> Message-ID: <50B6176C.9010807@sys4.de> Am 28.11.2012 13:12, schrieb Bj?rn T Johansen: > I am planning to shut down my own Dovecot server and start using the other Dovecot server I am administering together with a friend.. > > And I was thinking that I don't want to copy the emails I have on my server so I want to start from scratch on the other server.. > But I would like to be able to look at the old emails if I need to, so was wondering if there is a way to do this without using an imap server? > Can I convert my mails stored in the maildir format to mbox or is there a better way to solve my problem? > > > Regards, > > BTJ > thunderbird since vers 12 has maildir format as option there are also some import and export plugins look i.e here http://jaisejames.wordpress.com/tag/maildir-for-thunderbird/ ( sorry if pop ups ,couldnt get better site quick ) Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From marco.sacchetto at pradac.it Wed Nov 28 16:18:58 2012 From: marco.sacchetto at pradac.it (Marco Sacchetto) Date: Wed, 28 Nov 2012 15:18:58 +0100 Subject: [Dovecot] problems with quota and clients Message-ID: <50B61D52.7070407@pradac.it> Hi, I had configured dovecot in a pretty standard way and had it working nicely enough with maildir quotas (no tests done apart for reaching the quota and looking at mails coming back). Still I wanted to have the quota and the actual quota usage displayed in postfixadmin (3.5) but I think I messed with something. Now I can connect to the mailbox, send mail, receive mail, see the quota usage in postfixadmin but: * thunderbird: can create a subfolder if i do so by hand from the client. But if I try sending a mail i get a [TRYCREATE] mailbox error as it seems that thunderbird can't create the Sent box anymore by its own; * thunderbird: when i delete mail, it goes in the trash folder. I try then to delete it from there. In thunderbird indeed I see no mail anymore but the quota level remain the same. Then I try to browser the mail directory and... yep, all the messages are still there! How come? This is the output of dovecot -n and the relevant sql configuration : # 2.0.19: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-33-generic i686 Ubuntu 12.04.1 LTS ext4 auth_mechanisms = plain login auth_realms = yyyyyyyyy.it aaaaaaa.com xxxxx.it auth_verbose_passwords = plain debug_log_path = syslog dict { quotadict = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext sqlquota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext } first_valid_uid = 150 info_log_path = /var/log/syslog last_valid_uid = 150 listen = * mail_debug = yes mail_gid = mail mail_location = maildir:/var/vmail/%d/%u mail_plugins = " quota" mail_uid = vmail passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid size quota = dict:User quota::proxy::sqlquota quota_rule = *:storage=50M quota_rule2 = Trash:storage=+10M } postmaster_address = xxxxxxxx at yyyyyyyyy.it protocols = " imap pop3" service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } unix_listener auth-userdb { group = mail mode = 0600 user = vmail } } service dict { unix_listener dict { group = mail mode = 0660 user = vmail } } ssl_cert = </etc/ssl/certs/dovecot.pem ssl_key = </etc/ssl/private/dovecot.pem userdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } protocol lda { mail_plugins = quota } protocol imap { mail_plugins = quota imap_quota } protocol pop3 { mail_plugins = quota } >>grep -v '^ *\(#.*\)\?$' dovecot-dict-sql.conf.ext connect = host=127.0.0.1 dbname=mail user=mail password=xxxxxxx map { pattern = priv/quota/storage table = quota2 username_field = username value_field = bytes } map { pattern = priv/quota/messages table = quota2 username_field = username value_field = messages } >>grep -v '^ *\(#.*\)\?$' dovecot-sql.conf.ext driver = mysql connect = host=localhost dbname=mail user=mail password=xxxxxxx default_pass_scheme = MD5-CRYPT password_query = \ SELECT username as user, password, '/var/vmail/%d/%u' as userdb_home, \ 'maildir:/var/vmail/%d/%u' as userdb_mail, 150 as userdb_uid, 8 as userdb_gid \ FROM mailbox WHERE username = '%u' AND active = '1' user_query = \ SELECT '/var/vmail/%d/%u' as home, 'maildir:/var/vmail/%d/%u' as mail, \ 150 AS uid, 8 AS gid, CONCAT('*:storage=',ROUND(mailbox.quota / 1024)) AS quota_rule \ FROM mailbox WHERE username = '%u' AND active = '1' iterate_query = SELECT username AS user FROM mailbox -- -- Questo messaggio ? di carattere riservato ed ? indirizzato esclusivamente al destinatario specificato. L'accesso, la divulgazione, la copia o la diffusione sono vietate a chiunque altro ai sensi delle normative vigenti, e possono costituire una violazione penale. Nel caso abbiate ricevuto questo messaggio per errore siete tenuti a cancellarlo immediatamente confermando al mittente, a mezzo e-mail, l'avvenuta cancellazione. (Legge Italiana 196/2003). From ramon.frontera at uib.es Wed Nov 28 16:50:18 2012 From: ramon.frontera at uib.es (Ramon Frontera) Date: Wed, 28 Nov 2012 15:50:18 +0100 Subject: [Dovecot] Dovecot director doveadm with switch "-A" error In-Reply-To: <1354065305.2844.30.camel@innu> References: <453DDEEC-1372-40D2-ADD5-00F56904C52A@uib.es> <B528BA8C-9575-4C3C-B154-F243252B4B6F@iki.fi> <8874EC16-C9A2-4689-91E6-71453FF6ED65@uib.es> <1354065305.2844.30.camel@innu> Message-ID: <E7FBFA98-4819-4D82-A82E-86455EEAD055@uib.es> Hi, Dovecot -n show the correct configuration like you explain. The command doveadm -o auth_socket_path=director-userdb quota get -A works fine on the proxy and now assigns host. Now, the problem is that when we execute doveadm -A or doveadm -u *something* the command fails in the mailserver with this error: dovecot: doveadm: Fatal: master: service(doveadm): child 13482 killed with signal 11 (core dumps disabled) This errors occurs when the search finds more than one user. When we execute doveadm -u user it works fine I send attached the strace of the mailserver -------------- next part -------------- A non-text attachment was scrubbed... Name: doveadm.log.zip Type: application/zip Size: 21683 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121128/05a435c7/attachment-0004.zip> -------------- next part -------------- Thanks in advance! -- ------------------------------------------ Ramon Frontera Gallardo Centre de Tecnologies de la Informaci? Universitat de les Illes Balears Ctra. Valldemossa km 7,5 07122 Palma de Mallorca El 28/11/2012, a las 02:15, Timo Sirainen escribi?: > On Tue, 2012-11-27 at 13:27 +0100, Ramon Frontera wrote: >> >>>> # doveadm -D quota get -A >>>> doveadm(user1): Debug: auth input: user=user1 proxy >> starttls=any-cert >>>> doveadm(user1): Error: Proxy is missing destination host >>>> doveadm: Error: Failed to iterate through some users > .. > >> connect(8, {sa_family=AF_FILE, path="/var/run/dovecot//auth-userdb"}, >> 110) = 0 > > > It's connecting to auth-userdb, while it should be connecting to > director-userdb. This should have been done by this setting: > > protocol doveadm { > auth_socket_path = director-userdb > } > > Make sure doveconf -n shows that. And if nothing seems to work, this at > least should: > > doveadm -o auth_socket_path=director-userdb quota get -A > > From sven at svenhartge.de Wed Nov 28 17:10:49 2012 From: sven at svenhartge.de (Sven Hartge) Date: Wed, 28 Nov 2012 16:10:49 +0100 Subject: [Dovecot] shared mailboxes and indexes References: <50A61147.5040201@um.es> <14BDCFB7-B11E-4D4A-95AD-5BB92085DB91@iki.fi> <50AF5D9C.7050204@skye.it> <7DEEDB49-0441-4194-911D-6B5E4E5ADCD1@iki.fi> <099qpni2j8v8@mids.svenhartge.de> <4FC65E25-4154-4F8E-A1DB-D4BD7A900A98@iki.fi> <b9a3pg22j8v8@mids.svenhartge.de> <2B57036A-34C8-45C2-9479-839BA095450D@iki.fi> Message-ID: <e9a7uej2j8v8@mids.svenhartge.de> Timo Sirainen <tss at iki.fi> wrote: > On 27.11.2012, at 3.24, Sven Hartge wrote: >>> For implementing shared mailboxes between all user servers, I think >>> what would need to be developed is: >> >>>> imapc_host = m-st-sh-01.example.com >>>> imapc_master_user = %u >>>> imapc_user = shared >> >>> Somehow being able to set "imapc_user = %%u" where %%u expands to the >>> shared namespace's username. Or maybe setting the imapc_user >>> automatically to that when accessing it via type=shared namespace. >> >> Wouldn't you still need the target users host because this will be >> dynamic depending on the target user? > imapc_host = director Is this "director" intended to be a 'magic' string or the hostname of the director? Gr??e, Sven. -- Sigmentation fault. Core dumped. From dmiller at amfes.com Wed Nov 28 18:49:07 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Wed, 28 Nov 2012 08:49:07 -0800 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <2745DFD2-9D73-4E17-95A5-F7B858C54DB4@iki.fi> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> <50B446B8.6070701@amfes.com> <4ED5439E-C949-4F63-A01C-15869DA43FBA@iki.fi> <FD146DEE-48AF-4D3C-B6FB-9C850205A8AC@iki.fi> <50B4DC25.1000700@amfes.com> <50B4DE62.4070403@amfes.com> <45DDC47A-3170-4370-8202-03DBCF91581A@iki.fi> <50B57A5C.1000300@amfes.com> <B141B96E-0384-4A73-873C-DA3B5B0BAD03@iki.fi> <50B5D055.6010605@amfes.com> <2745DFD2-9D73-4E17-95A5-F7B858C54DB4@iki.fi> Message-ID: <assp.0679ec27b1.50B64083.1060605@amfes.com> On 11/28/2012 12:55 AM, Timo Sirainen wrote: > On 28.11.2012, at 10.50, Daniel L. Miller wrote: > >> On 11/27/2012 6:45 PM, Timo Sirainen wrote: >>> On 28.11.2012, at 4.43, Daniel L. Miller wrote: >>> >>>>> I did go through the code looking for that a few times already but didn't notice anything. I went through it once more, and finally found the problem. :) http://hg.dovecot.org/dovecot-2.1/rev/6a97faf3e500 >>>>> >>>> :( Mine still breaks. Both UTF-8 and Control-Char errors. >>> Can you grab the network traffic between Dovecot and Solr and find the problematic stream? >>> >> Tell me how and I'll be happy to! > Maybe the easiest would be to use tcpflow. It outputs different TCP streams to different files. From them you can then grep for the error and look closer into it. I guess something like wireshark would work too, but I've never been able to use its GUI in a useful way. > Would I just do "tcpflow -i lo port 8983"? Or something else? -- Daniel From metro_domain_admin at fastmail.fm Wed Nov 28 18:54:04 2012 From: metro_domain_admin at fastmail.fm (Metro Domain Admin) Date: Wed, 28 Nov 2012 11:54:04 -0500 Subject: [Dovecot] corrupt mdbox, force-resync segfaults Message-ID: <1354121644.30622.140661159272889.146CA37B@webmail.messagingengine.com> I could use some help with a corrupt mdbox. doveadm force-resync is crashing (see below), but I really need just to get this account functioning. What's my next step, as far as deleting index files? These were the earliest errors I could find: Nov 28 09:40:21 macy dovecot[6615]: imap(cory at metro-email.com): Error: Corrupted index cache file /opt/mail/metro-email.com/cory/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index.cache: field index too large (66 >= 30)Nov 28 09:40:21 macy dovecot[6615]: imap(cory at metro-email.com): Error: mdbox map /opt/mail/metro-email.com/cory/mdbox/storage/dovecot.map.index corrupted: Unexpectedly lost INBOX uid=1233 map_uid=1708 As for the segfaults, I am getting this regardless of which mailbox I specify: # /opt/dovecot/bin/doveadm -Dv force-resync -u cory INBOX doveadm(root): Debug: Loading modules from directory: /opt/dovecot/lib/dovecot doveadm(root): Debug: Module loaded: /opt/dovecot/lib/dovecot/lib15_notify_plugin.so doveadm(root): Debug: Module loaded: /opt/dovecot/lib/dovecot/lib20_fts_plugin.so doveadm(root): Debug: Module loaded: /opt/dovecot/lib/dovecot/lib20_mail_log_plugin.so doveadm(root): Debug: Module loaded: /opt/dovecot/lib/dovecot/lib21_fts_squat_plugin.so doveadm(root): Debug: Loading modules from directory: /opt/dovecot-2.1.10/lib/dovecot/doveadm doveadm(root): Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: dlopen(/opt/dovecot-2.1.10/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so, 10): Symbol not found: _acl_user_module Referenced from: /opt/dovecot-2.1.10/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so Expected in: flat namespace in /opt/dovecot-2.1.10/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: dlopen(/opt/dovecot-2.1.10/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so, 10): Symbol not found: _expire_set_deinit Referenced from: /opt/dovecot-2.1.10/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so Expected in: flat namespace in /opt/dovecot-2.1.10/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_quota_plugin, because dlopen() failed: dlopen(/opt/dovecot-2.1.10/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so, 10): Symbol not fo und: _quota_user_module Referenced from: /opt/dovecot-2.1.10/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so Expected in: flat namespace in /opt/dovecot-2.1.10/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_zlib_plugin, because dlopen() failed: dlopen(/opt/dovecot-2.1.10/lib/dovecot/doveadm/lib10_doveadm_zlib_plugin.so, 10): Symbol not found: _i_stream_create_deflate Referenced from: /opt/dovecot-2.1.10/lib/dovecot/doveadm/lib10_doveadm_zlib_plugin.so Expected in: flat namespace in /opt/dovecot-2.1.10/lib/dovecot/doveadm/lib10_doveadm_zlib_plugin.so (this is usually intentional, so just ignore this message) doveadm(root): Debug: Module loaded: /opt/dovecot-2.1.10/lib/dovecot/doveadm/lib20_doveadm_fts_plugin.so doveadm(cory): Debug: auth input: cory at domain.com uid=302 gid=6 home=/opt/mail/domain.com/cory doveadm(cory): Debug: changed username to cory at domain.com doveadm(cory): Debug: Effective uid=302, gid=6, home=/opt/mail/domain.com/cory doveadm(cory): Debug: Namespace inbox: type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=mdbox:/opt/mail/domain.com/cory/mdbox doveadm(cory): Debug: fs: root=/opt/mail/domain.com/cory/mdbox, index=, control=, inbox=, alt= doveadm(cory): Debug: Namespace : Using permissions from /opt/mail/domain.com/cory/mdbox: mode=0700 gid=-1 doveadm(cory): Warning: mdbox /opt/mail/domain.com/cory/mdbox/storage: rebuilding indexes doveadm(cory): Error: mdbox /opt/mail/domain.com/cory/mdbox/storage: Duplicate GUID c3bbb2234d93af505873010097ac0257 in m.1:428519 and m.1:441340 doveadm(cory): Error: mdbox /opt/mail/domain.com/cory/mdbox/storage: Duplicate GUID c3bbb2234d93af505873010097ac0257 in m.1:428519 and m.1:453628 [...] doveadm(cory): Error: mdbox /opt/mail/domain.com/cory/mdbox/storage: Duplicate GUID d45f7f111894af506273010097ac0257 in m.83:8565306 and m.83:8594879 Segmentation fault: 11 macy:postfix root# /opt/dovecot/bin/doveconf -n # 2.1.10: /opt/dovecot-2.1.10/etc/dovecot/dovecot.conf doveconf: Warning: service anvil { client_limit=1000 } is lower than required under max. load (1503) # OS: Darwin 11.4.2 x86_64 auth_cache_negative_ttl = 0 auth_cache_size = 1 M auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain login auth_username_format = %n at domain.com auth_verbose = yes auth_verbose_passwords = plain default_internal_user = _dovecot default_login_user = _dovenull default_process_limit = 500 disable_plaintext_auth = no first_valid_uid = 300 instance_name = dovecot-2.1.10 listen = 192.168.20.123 mail_debug = yes mail_location = mdbox:%h/mdbox mail_plugin_dir = /opt/dovecot/lib/dovecot mail_plugins = fts fts_squat mail_log notify mail_privileged_group = mail maildir_very_dirty_syncs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mdbox_rotate_size = 10 M namespace inbox { inbox = yes location = prefix = separator = / } passdb { args = scheme=CRYPT username_format=%u /opt/dovecot/etc/dovecot/users driver = passwd-file } plugin { fts = squat mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid size from subject } protocols = imap lmtp service aggregator { fifo_listener replication-notify-fifo { mode = 00 } } service auth { unix_listener /opt/local/var/spool/postfix/private/auth { group = _postfix mode = 0660 user = _postfix } unix_listener auth-userdb { group = mail mode = 0660 user = admin } } service director { fifo_listener login/proxy-notify { mode = 00 } } service imap { executable = imap postlogin } service lmtp { unix_listener /opt/local/var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } } service postlogin { executable = script-login rawlog -t } service stats { fifo_listener stats-mail { mode = 00 } } ssl_cert = </apposite/etc/ssl/mail_domain_com/mail_domain_com.crt ssl_key = </apposite/etc/ssl/mail_domain_com/mail_domain_com.key userdb { args = username_format=%u /opt/dovecot/etc/dovecot/users driver = passwd-file } verbose_proctitle = yes protocol imap { mail_max_userip_connections = 16 } From dmiller at amfes.com Wed Nov 28 18:57:04 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Wed, 28 Nov 2012 08:57:04 -0800 Subject: [Dovecot] panic fts_solr for bad attachment In-Reply-To: <50B64083.1060605@amfes.com> References: <50A8F688.2040802@gei.de> <8729EA49-23D7-4FBA-B209-7C752619DA54@iki.fi> <50B446B8.6070701@amfes.com> <4ED5439E-C949-4F63-A01C-15869DA43FBA@iki.fi> <FD146DEE-48AF-4D3C-B6FB-9C850205A8AC@iki.fi> <50B4DC25.1000700@amfes.com> <50B4DE62.4070403@amfes.com> <45DDC47A-3170-4370-8202-03DBCF91581A@iki.fi> <50B57A5C.1000300@amfes.com> <B141B96E-0384-4A73-873C-DA3B5B0BAD03@iki.fi> <50B5D055.6010605@amfes.com> <2745DFD2-9D73-4E17-95A5-F7B858C54DB4@iki.fi> <50B64083.1060605@amfes.com> Message-ID: <assp.06796557cc.50B64260.4030704@amfes.com> On 11/28/2012 8:49 AM, Daniel L. Miller wrote: > On 11/28/2012 12:55 AM, Timo Sirainen wrote: >> On 28.11.2012, at 10.50, Daniel L. Miller wrote: >> >>> On 11/27/2012 6:45 PM, Timo Sirainen wrote: >>>> On 28.11.2012, at 4.43, Daniel L. Miller wrote: >>>> >>>>>> I did go through the code looking for that a few times already >>>>>> but didn't notice anything. I went through it once more, and >>>>>> finally found the problem. :) >>>>>> http://hg.dovecot.org/dovecot-2.1/rev/6a97faf3e500 >>>>>> >>>>> :( Mine still breaks. Both UTF-8 and Control-Char errors. >>>> Can you grab the network traffic between Dovecot and Solr and find >>>> the problematic stream? >>>> >>> Tell me how and I'll be happy to! >> Maybe the easiest would be to use tcpflow. It outputs different TCP >> streams to different files. From them you can then grep for the error >> and look closer into it. I guess something like wireshark would work >> too, but I've never been able to use its GUI in a useful way. >> > Would I just do "tcpflow -i lo port 8983"? Or something else? > Stream capture sent to you. -- Daniel From slitt at troubleshooters.com Wed Nov 28 19:10:40 2012 From: slitt at troubleshooters.com (Steve Litt) Date: Wed, 28 Nov 2012 12:10:40 -0500 Subject: [Dovecot] Shutting down my Dovecot server? In-Reply-To: <20121128131215.1d7c4d66@havleik.no> References: <20121128131215.1d7c4d66@havleik.no> Message-ID: <20121128121040.3dd3da7a@mydesk> On Wed, 28 Nov 2012 13:12:15 +0100, Bj?rn T Johansen said: > I am planning to shut down my own Dovecot server and start using the > other Dovecot server I am administering together with a friend.. > > And I was thinking that I don't want to copy the emails I have on my > server so I want to start from scratch on the other server.. But I > would like to be able to look at the old emails if I need to, so was > wondering if there is a way to do this without using an imap server? > Can I convert my mails stored in the maildir format to mbox or is > there a better way to solve my problem? I'm not sure why you want to convert to mbox, especially when there are multiple mbox versions. I'm also not sure why you don't want to copy emails. How else would they appear on the new server. I suppose you could use rsync to copy the data itself. You use Claws-Mail. If I were in your shoes, I'd bring up the empty Dovecot server and make a new Claws-Mail account for that empty server. Then in Claws-Mail I'd use the copy feature to copy whole folder trees to the new server. Once that's done, I'd reconfigure your original Dovecot so it can serve only on its local machine, and bang, you have your new server, with old emails you can look at. This is similar to the procedure I used to move my Kmail folders (over 100K messages) to Dovecot. http://www.troubleshooters.com/lpm/201202/201202.htm HTH, SteveT Steve Litt * http://www.troubleshooters.com/ * http://twitter.com/stevelitt Troubleshooting Training * Human Performance From btj at havleik.no Wed Nov 28 22:52:37 2012 From: btj at havleik.no (=?UTF-8?Q?Bj=C3=B8rn_T_Johansen?=) Date: Wed, 28 Nov 2012 21:52:37 +0100 Subject: [Dovecot] =?utf-8?q?Shutting_down_my_Dovecot_server=3F?= In-Reply-To: <20121128121040.3dd3da7a@mydesk> References: <20121128131215.1d7c4d66@havleik.no> <20121128121040.3dd3da7a@mydesk> Message-ID: <a837b28f89bbee3195bd1e679bc73711@havleik.no> On 28.11.2012 18:10, Steve Litt wrote: > On Wed, 28 Nov 2012 13:12:15 +0100, Bj?rn T Johansen said: >> I am planning to shut down my own Dovecot server and start using the >> other Dovecot server I am administering together with a friend.. >> >> And I was thinking that I don't want to copy the emails I have on my >> server so I want to start from scratch on the other server.. But I >> would like to be able to look at the old emails if I need to, so was >> wondering if there is a way to do this without using an imap server? >> Can I convert my mails stored in the maildir format to mbox or is >> there a better way to solve my problem? > > I'm not sure why you want to convert to mbox, especially when there > are > multiple mbox versions. > > I'm also not sure why you don't want to copy emails. How else would > they appear on the new server. I suppose you could use rsync to copy > the data itself. > > You use Claws-Mail. If I were in your shoes, I'd bring up the empty > Dovecot server and make a new Claws-Mail account for that empty > server. > Then in Claws-Mail I'd use the copy feature to copy whole folder > trees > to the new server. Once that's done, I'd reconfigure your original > Dovecot so it can serve only on its local machine, and bang, you have > your new server, with old emails you can look at. > > This is similar to the procedure I used to move my Kmail folders > (over > 100K messages) to Dovecot. > > http://www.troubleshooters.com/lpm/201202/201202.htm > > HTH, > > SteveT Well, I could do that... But you see, there is not much of the emails I have at the moment that I really need, I might need one now and then... So that is why I don't want to copy almost 10GB of email to the new server... But I guess that might be the most practical solution perhaps... Doesn't seem to be a better solution.... BTJ -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From h.reindl at thelounge.net Wed Nov 28 22:57:19 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Wed, 28 Nov 2012 21:57:19 +0100 Subject: [Dovecot] Shutting down my Dovecot server? In-Reply-To: <a837b28f89bbee3195bd1e679bc73711@havleik.no> References: <20121128131215.1d7c4d66@havleik.no> <20121128121040.3dd3da7a@mydesk> <a837b28f89bbee3195bd1e679bc73711@havleik.no> Message-ID: <50B67AAF.6080806@thelounge.net> Am 28.11.2012 21:52, schrieb Bj?rn T Johansen: > Well, I could do that... But you see, there is not much of the emails I have at the moment that I really need, I > might need one now and then... > So that is why I don't want to copy almost 10GB of email to the new server... again: if you do NOT want them on the new server drag them to your local MUA - what the hell do you imagine as third option * not on the server * not on the local MUA so where do you believe they are? well, you could delete them but you said you want them archied............ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 261 bytes Desc: OpenPGP digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20121128/976a0920/attachment-0004.bin> From btj at havleik.no Thu Nov 29 00:04:32 2012 From: btj at havleik.no (=?UTF-8?B?QmrDuHJu?= T Johansen) Date: Wed, 28 Nov 2012 23:04:32 +0100 Subject: [Dovecot] Shutting down my Dovecot server? In-Reply-To: <50B67AAF.6080806@thelounge.net> References: <20121128131215.1d7c4d66@havleik.no> <20121128121040.3dd3da7a@mydesk> <a837b28f89bbee3195bd1e679bc73711@havleik.no> <50B67AAF.6080806@thelounge.net> Message-ID: <20121128230432.37c89c4d@havleik.no> On Wed, 28 Nov 2012 21:57:19 +0100 Reindl Harald <h.reindl at thelounge.net> wrote: > > > Am 28.11.2012 21:52, schrieb Bj?rn T Johansen: > > Well, I could do that... But you see, there is not much of the emails I have at the moment that I really need, I > > might need one now and then... > > So that is why I don't want to copy almost 10GB of email to the new server... > > again: > if you do NOT want them on the new server drag them to > your local MUA - what the hell do you imagine as > third option > > * not on the server > * not on the local MUA > > so where do you believe they are? > > well, you could delete them but you said you want > them archied............ > Yes, the other solution I was looking for has to be a away to open the mail in my local MUA, just wondering if there were more than one way to do that... But thx for your suggestions... BTJ -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From tss at iki.fi Thu Nov 29 00:45:50 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 29 Nov 2012 00:45:50 +0200 Subject: [Dovecot] Dovecot director doveadm with switch "-A" error In-Reply-To: <E7FBFA98-4819-4D82-A82E-86455EEAD055@uib.es> References: <453DDEEC-1372-40D2-ADD5-00F56904C52A@uib.es> <B528BA8C-9575-4C3C-B154-F243252B4B6F@iki.fi> <8874EC16-C9A2-4689-91E6-71453FF6ED65@uib.es> <1354065305.2844.30.camel@innu> <E7FBFA98-4819-4D82-A82E-86455EEAD055@uib.es> Message-ID: <1E3289A4-6787-4743-B3F2-D098C6748271@iki.fi> On 28.11.2012, at 16.50, Ramon Frontera wrote: > Dovecot -n show the correct configuration like you explain. > The command doveadm -o auth_socket_path=director-userdb quota get -A works fine on the proxy and now assigns host. Then doveadm isn't seeing the same configuration as what you're looking at. For example did you restart dovecot since the change? Does this return the correct path? : doveconf -m doveadm -f service=doveadm auth_socket_path > Now, the problem is that when we execute doveadm -A or doveadm -u *something* the command fails in the mailserver with this error: > > dovecot: doveadm: Fatal: master: service(doveadm): child 13482 killed with signal 11 (core dumps disabled) I fixed several bugs related to this in hg. I think you hit one of them. > This errors occurs when the search finds more than one user. > When we execute doveadm -u user it works fine > > > I send attached the strace of the mailserver<doveadm.log.zip> strace isn't very useful in debugging crashes. gdb backtraces are: http://dovecot.org/bugreport.html From slitt at troubleshooters.com Thu Nov 29 02:34:57 2012 From: slitt at troubleshooters.com (Steve Litt) Date: Wed, 28 Nov 2012 19:34:57 -0500 Subject: [Dovecot] Shutting down my Dovecot server? In-Reply-To: <a837b28f89bbee3195bd1e679bc73711@havleik.no> References: <20121128131215.1d7c4d66@havleik.no> <20121128121040.3dd3da7a@mydesk> <a837b28f89bbee3195bd1e679bc73711@havleik.no> Message-ID: <20121128193457.019b3e19@mydesk> On Wed, 28 Nov 2012 21:52:37 +0100, Bj?rn T Johansen said: > On 28.11.2012 18:10, Steve Litt wrote: > > On Wed, 28 Nov 2012 13:12:15 +0100, Bj?rn T Johansen said: > >> I am planning to shut down my own Dovecot server and start using > >> the other Dovecot server I am administering together with a > >> friend.. > >> > >> And I was thinking that I don't want to copy the emails I have on > >> my server so I want to start from scratch on the other server.. > >> But I would like to be able to look at the old emails if I need > >> to, so was wondering if there is a way to do this without using an > >> imap server? Can I convert my mails stored in the maildir format > >> to mbox or is there a better way to solve my problem? > > > > I'm not sure why you want to convert to mbox, especially when there > > are > > multiple mbox versions. > > > > I'm also not sure why you don't want to copy emails. How else would > > they appear on the new server. I suppose you could use rsync to copy > > the data itself. > > > > You use Claws-Mail. If I were in your shoes, I'd bring up the empty > > Dovecot server and make a new Claws-Mail account for that empty > > server. > > Then in Claws-Mail I'd use the copy feature to copy whole folder > > trees > > to the new server. Once that's done, I'd reconfigure your original > > Dovecot so it can serve only on its local machine, and bang, you > > have your new server, with old emails you can look at. > > > > This is similar to the procedure I used to move my Kmail folders > > (over > > 100K messages) to Dovecot. > > > > http://www.troubleshooters.com/lpm/201202/201202.htm > > > > HTH, > > > > SteveT > > Well, I could do that... But you see, there is not much of the emails > I have at the moment that I really need, I might need one now and > then... So that is why I don't want to copy almost 10GB of email to > the new server... > > But I guess that might be the most practical solution perhaps... > Doesn't seem to be a better solution.... > > > BTJ Hi Bj?rn, Here's the thought process that led me to the suggestion. All email clients suck. Right now Claws-Mail sucks the least, but that could change in a heartbeat. In my experience, a Dovecot server is a much more reliable place to *keep* email than is any client, because you can access it from *any* IMAP aware email client. A localhost-only Dovecot isn't any harder to set up than an email client, but in my experience it's a much better steward of your email. Imagine if, two years ago, you had kept such emails in Kmail, and then upgraded your Linux and been forced into Kmail2. It would have been a disaster. The other thing is, I'm not really sure what your goal is. It sounds like you want your emails on yours and your friends IMAP server, and then a copy locally. Or perhaps you wanted your old email only locally. Either of those speaks to a local Dovecot server. Thanks SteveT Steve Litt * http://www.troubleshooters.com/ * http://twitter.com/stevelitt Troubleshooting Training * Human Performance From daniel.parthey at informatik.tu-chemnitz.de Thu Nov 29 02:40:28 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Thu, 29 Nov 2012 01:40:28 +0100 Subject: [Dovecot] stats error: stats shrank In-Reply-To: <C081AC31-C264-46E2-BF93-2FD2873523E3@iki.fi> References: <2089EEB4-E249-4D1F-8064-DFE1F9641957@iki.fi> <20121127214749.GA11546@daniel.localdomain> <CBBB237A-B634-43E8-B785-134A95203201@iki.fi> <C081AC31-C264-46E2-BF93-2FD2873523E3@iki.fi> Message-ID: <20121129004028.GA16494@daniel.localdomain> Timo Sirainen wrote: > On 28.11.2012, at 4.31, Timo Sirainen wrote: > > On 27.11.2012, at 23.47, Daniel Parthey wrote: > >> Timo Sirainen wrote: > >>> Just to let you know: I'm planning on releasing v2.1.11 today/tomorrow. If you wish to get something fixed for it, ask quickly. :) > >> > >> Can you fix these strange stats plugin errors please? > >> These are the only errors regularly occurring in our 2.1.10 logs: > >> > >> Nov 27 08:06:54 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 429 < 622 > >> Nov 27 08:07:06 10.129.3.249 dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mlpath 436 < 622 > > Also, can you reproduce this really easily? For example with pop3: Unfortunately not, it occurs sporadically. > telnet localhost 110 > user foo > pass bar > list > retr 1 > quit > > Does that log about this? No it doesn't. Seems to need some more investigation, It logs about 10 to 100 Errors over one day with 10000 lmtp deliveries. Perhaps you could just add some debugging into the logging for upcoming releases, so we can identify the source of the problem? The message "mlpath 429 < 622" actually doesn't tell me anything, neither which user is affected, nor which session. Regards Daniel -- https://plus.google.com/103021802792276734820 From johnsone at usc.edu Thu Nov 29 07:45:51 2012 From: johnsone at usc.edu (Erik A Johnson) Date: Wed, 28 Nov 2012 21:45:51 -0800 Subject: [Dovecot] imap-login hanging when firewall blocks ssl handshaking In-Reply-To: <AED7EBF0-A31F-4171-88DC-F07463A9E0B1@usc.edu> References: <B7D3B051-AEFD-42CD-87DC-60764AF401D4@usc.edu> <8EDD59BD-AC4B-442F-B148-285BC368B49B@iki.fi> <AED7EBF0-A31F-4171-88DC-F07463A9E0B1@usc.edu> Message-ID: <0EBE238A-77D0-4736-86DB-1248BB67F591@usc.edu> Here's the log: Nov 28 21:28:11 macbookpro-e17d.home dovecot[54139]: master: Dovecot v2.1.10 starting up (core dumps disabled) Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: ssl_step() Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: ssl_handshake: SSL_accept()=-1 Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: SSL_get_error() = 2 Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: - want_read Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: ssl_set_io(0) [last 5 lines are repeated until process is killed] On Nov 26, 2012, as 11:38PM PST, Timo Sirainen <tss at iki.fi> wrote: > > Could you try with the attached patch, and with only the problematic > client running? What does it log (the beginning of the session until it > starts repeating the same lines)? > > On 10.11.2012, at 12.44, Erik A Johnson wrote: >> imap-login processes are hanging (using 100% of CPU) when connected from a client that is partially blocked by a firewall. It appears that imap-login is stuck in a loop trying to complete an ssl handshake. imap-login is working fine for other clients not blocked by the firewall (including localhost). >> >> This is dovecot 2.1.10 under Mac OS X 10.8.2 (compiled from sources); the firewall is Little Snitch 3.0.1 blocking port 993, which appears to let the connection initiate but then squashes and disconnects the socket during ssl handshaking. >> >> gdb backtrace and Activity Monitor's "Sample Process" show that imap-login is stuck calling ioloop-kqueue's io_loop_handler_run -> io_loop_call_io -> ssl_step repeatedly; dtruss shows that it is repeatedly making system calls to kevent and read, the latter returning -1 with errno 57=ENOTCONN="Socket is not connected". (I also tried ./configure --with-ioloop=poll and --with-iopoll=select instead of the default best = kqueue but the results were the same; --with-iopoll=epoll didn't work because epoll is not available on this machine.) The client, initiated by the command "openssl s_client -connect SERVER:993", first responds "CONNECTED(00000003)" but then immediately the error "60278:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:/SourceCache/OpenSSL098/OpenSSL098-44/src/ssl/s23_lib.c:182:". The infinite loop is in src/lib/ioloop.c in the function "io_loop_run" where the statement "while (ioloop->running) io_loop_handler_run(ioloop)" is executed. From tss at iki.fi Thu Nov 29 08:18:07 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 29 Nov 2012 08:18:07 +0200 Subject: [Dovecot] imap-login hanging when firewall blocks ssl handshaking In-Reply-To: <0EBE238A-77D0-4736-86DB-1248BB67F591@usc.edu> References: <B7D3B051-AEFD-42CD-87DC-60764AF401D4@usc.edu> <8EDD59BD-AC4B-442F-B148-285BC368B49B@iki.fi> <AED7EBF0-A31F-4171-88DC-F07463A9E0B1@usc.edu> <0EBE238A-77D0-4736-86DB-1248BB67F591@usc.edu> Message-ID: <0F84131D-D17A-4AEC-BFBC-623C859B1ACD@iki.fi> This is either OSX bug or OpenSSL bug.. Apparently what happens is: 1. Client sends SYN packet to Dovecot 2. Dovecot accept()s the connection (sends SYN-ACK) and goes into OpenSSL code 3. Client doesn't send ACK to Dovecot. Does it send RST or nothing or something else? I don't know. 4. OSX notices anyway that something is wrong with the socket, and kqueue says that the socket is ready for reading 5. OpenSSL read()s, which fails with ENOTCONN. But OpenSSL thinks this is a non-fatal error and simply asks to be notified again when something can be read 6. goto 4 So, whose bug is it? OpenSSL's ENOTCONN handling probably makes sense for client connections where connect() hasn't finished yet. But then again, this is accept()ed connection where it typically should fail like that. Except I guess it might be correct behavior if read() is done after SYN-ACK but before receiving ACK. While OSX is receiving ACK from the client, it shouldn't say that the fd is readable. It probably doesn't. But after it receives <something> it realizes that the socket is disconnected. So read() probably shouldn't be returning ENOTCONN anymore at this point, but instead ECONNRESET or ETIMEDOUT. See if the attached patch helps. -------------- next part -------------- A non-text attachment was scrubbed... Name: diff Type: application/octet-stream Size: 754 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20121129/9a40215c/attachment-0004.obj> -------------- next part -------------- On 29.11.2012, at 7.45, Erik A Johnson wrote: > Here's the log: > > Nov 28 21:28:11 macbookpro-e17d.home dovecot[54139]: master: Dovecot v2.1.10 starting up (core dumps disabled) > Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: ssl_step() > Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: ssl_handshake: SSL_accept()=-1 > Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: SSL_get_error() = 2 > Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: - want_read > Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: ssl_set_io(0) > [last 5 lines are repeated until process is killed] > > On Nov 26, 2012, as 11:38PM PST, Timo Sirainen <tss at iki.fi> wrote: >> >> Could you try with the attached patch, and with only the problematic >> client running? What does it log (the beginning of the session until it >> starts repeating the same lines)? >> >> On 10.11.2012, at 12.44, Erik A Johnson wrote: >>> imap-login processes are hanging (using 100% of CPU) when connected from a client that is partially blocked by a firewall. It appears that imap-login is stuck in a loop trying to complete an ssl handshake. imap-login is working fine for other clients not blocked by the firewall (including localhost). >>> >>> This is dovecot 2.1.10 under Mac OS X 10.8.2 (compiled from sources); the firewall is Little Snitch 3.0.1 blocking port 993, which appears to let the connection initiate but then squashes and disconnects the socket during ssl handshaking. >>> >>> gdb backtrace and Activity Monitor's "Sample Process" show that imap-login is stuck calling ioloop-kqueue's io_loop_handler_run -> io_loop_call_io -> ssl_step repeatedly; dtruss shows that it is repeatedly making system calls to kevent and read, the latter returning -1 with errno 57=ENOTCONN="Socket is not connected". (I also tried ./configure --with-ioloop=poll and --with-iopoll=select instead of the default best = kqueue but the results were the same; --with-iopoll=epoll didn't work because epoll is not available on this machine.) The client, initiated by the command "openssl s_client -connect SERVER:993", first responds "CONNECTED(00000003)" but then immediately the error "60278:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:/SourceCache/OpenSSL098/OpenSSL098-44/src/ssl/s23_lib.c:182:". The infinite loop is in src/lib/ioloop.c in the function "io_loop_run" where the statement "while (ioloop->running) io_loop_handler_run(ioloop)" is executed. > > From sobotka.karel at gmail.com Thu Nov 29 03:58:00 2012 From: sobotka.karel at gmail.com (sobotka karel) Date: Thu, 29 Nov 2012 02:58:00 +0100 Subject: [Dovecot] Umask of Homedir Message-ID: <CAMQF1N0WoVy2AUsmNKPOuDNeukawzrBBk5nimKceBsxc==MA0w@mail.gmail.com> Hi, I know it's a while since you've had this issue, but still do you remember by any chance how you solved this? I'm having the same problems, when all the directories are created with 700 and I need a group permissions to be at least 750. Thanks! regards, From tss at iki.fi Thu Nov 29 08:44:34 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 29 Nov 2012 08:44:34 +0200 Subject: [Dovecot] v2.1.11 released Message-ID: <1354171474.13277.5.camel@hurina> http://dovecot.org/releases/2.1/dovecot-2.1.11.tar.gz http://dovecot.org/releases/2.1/dovecot-2.1.11.tar.gz.sig * lmtp/lda: dovecot.index.cache file is no longer fully mapped to memory, allowing mail deliveries to work even if the file is huge. * auth: userdb passwd lookups are now done by auth worker processes instead of auth master process (as it was documented, but accidentally didn't work that way). + lmtp: lmtp_rcpt_check_quota=yes setting checks quota on RCPT TO. - lmtp: After successful proxying RCPT TO, the next one to a nonexistent user gave tempfail error instead of "user not found". - lmtp proxy: Fixed hanging if remote server was down. - imap: Fixed crash when SEARCH contained multiple KEYWORD parameters. - doveadm: Various fixes to handling doveadm-server connections. - -i <instance name> parameter for Dovecot tools didn't work correctly. - director was somewhat broken in v2.1.10. This version also includes various reliability enhancements. - auth: passdb imap was broken in v2.1.10. From tss at iki.fi Thu Nov 29 08:48:40 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 29 Nov 2012 08:48:40 +0200 Subject: [Dovecot] corrupt mdbox, force-resync segfaults In-Reply-To: <1354121644.30622.140661159272889.146CA37B@webmail.messagingengine.com> References: <1354121644.30622.140661159272889.146CA37B@webmail.messagingengine.com> Message-ID: <6D8CCCFE-8599-4EC3-B90B-5D06F25D75DD@iki.fi> On 28.11.2012, at 18.54, Metro Domain Admin wrote: > I could use some help with a corrupt mdbox. doveadm force-resync is > crashing (see below), but I really need just to get this account > functioning. What's my next step, as far as deleting index files? gdb backtrace would be helpful in fixing the crash. http://dovecot.org/bugreport.html Probably you can do simply: gdb --args /opt/dovecot/bin/doveadm -Dv force-resync -u cory INBOX run bt full or if that doesn't work (or simply gives "??" lines or other unusable garbage), try: ulimit -c unlimited /opt/dovecot/bin/doveadm -Dv force-resync -u cory INBOX gdb /opt/dovecot/bin/doveadm core bt full Also the just released v2.1.11 fixes some potential crashes. From btj at havleik.no Thu Nov 29 09:02:19 2012 From: btj at havleik.no (=?UTF-8?B?QmrDuHJu?= T Johansen) Date: Thu, 29 Nov 2012 08:02:19 +0100 Subject: [Dovecot] Shutting down my Dovecot server? In-Reply-To: <20121128193457.019b3e19@mydesk> References: <20121128131215.1d7c4d66@havleik.no> <20121128121040.3dd3da7a@mydesk> <a837b28f89bbee3195bd1e679bc73711@havleik.no> <20121128193457.019b3e19@mydesk> Message-ID: <20121129080219.2edfd707@havleik.no> On Wed, 28 Nov 2012 19:34:57 -0500 Steve Litt <slitt at troubleshooters.com> wrote: > On Wed, 28 Nov 2012 21:52:37 +0100, Bj?rn T Johansen said: > > On 28.11.2012 18:10, Steve Litt wrote: > > > On Wed, 28 Nov 2012 13:12:15 +0100, Bj?rn T Johansen said: > > >> I am planning to shut down my own Dovecot server and start using > > >> the other Dovecot server I am administering together with a > > >> friend.. > > >> > > >> And I was thinking that I don't want to copy the emails I have on > > >> my server so I want to start from scratch on the other server.. > > >> But I would like to be able to look at the old emails if I need > > >> to, so was wondering if there is a way to do this without using an > > >> imap server? Can I convert my mails stored in the maildir format > > >> to mbox or is there a better way to solve my problem? > > > > > > I'm not sure why you want to convert to mbox, especially when there > > > are > > > multiple mbox versions. > > > > > > I'm also not sure why you don't want to copy emails. How else would > > > they appear on the new server. I suppose you could use rsync to copy > > > the data itself. > > > > > > You use Claws-Mail. If I were in your shoes, I'd bring up the empty > > > Dovecot server and make a new Claws-Mail account for that empty > > > server. > > > Then in Claws-Mail I'd use the copy feature to copy whole folder > > > trees > > > to the new server. Once that's done, I'd reconfigure your original > > > Dovecot so it can serve only on its local machine, and bang, you > > > have your new server, with old emails you can look at. > > > > > > This is similar to the procedure I used to move my Kmail folders > > > (over > > > 100K messages) to Dovecot. > > > > > > http://www.troubleshooters.com/lpm/201202/201202.htm > > > > > > HTH, > > > > > > SteveT > > > > Well, I could do that... But you see, there is not much of the emails > > I have at the moment that I really need, I might need one now and > > then... So that is why I don't want to copy almost 10GB of email to > > the new server... > > > > But I guess that might be the most practical solution perhaps... > > Doesn't seem to be a better solution.... > > > > > > BTJ > > > > Hi Bj?rn, > > Here's the thought process that led me to the suggestion. All email > clients suck. Right now Claws-Mail sucks the least, but that could > change in a heartbeat. In my experience, a Dovecot server is a much > more reliable place to *keep* email than is any client, because you can > access it from *any* IMAP aware email client. A localhost-only Dovecot > isn't any harder to set up than an email client, but in my experience > it's a much better steward of your email. > > Imagine if, two years ago, you had kept such emails in Kmail, and then > upgraded your Linux and been forced into Kmail2. It would have been a > disaster. > > The other thing is, I'm not really sure what your goal is. It sounds > like you want your emails on yours and your friends IMAP server, and > then a copy locally. Or perhaps you wanted your old email only locally. > Either of those speaks to a local Dovecot server. > > Thanks > > SteveT > > Steve Litt * http://www.troubleshooters.com/ > * http://twitter.com/stevelitt > Troubleshooting Training * Human Performance > > I only want my old mails locally but I think I have to consider a local Dovecot installation; the more I think about it the more that seems to be the best solution... :) BTJ -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From nanashi at otenet.gr Thu Nov 29 11:00:52 2012 From: nanashi at otenet.gr (nanashi) Date: Thu, 29 Nov 2012 11:00:52 +0200 Subject: [Dovecot] Missing quotes in dovecot-config causes pigeonhole to failed. Message-ID: <50B72444.5000707@otenet.gr> I had to manually quote in dovecot-config LIBDOVECOT_LOGIN='-ldovecot-login -lssl -lcrypto ' by default was LIBDOVECOT_LOGIN=-ldovecot-login -lssl -lcrypto That cause pigeonhole to failed. Regards nanashi From tss at iki.fi Thu Nov 29 12:45:38 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 29 Nov 2012 12:45:38 +0200 Subject: [Dovecot] Missing quotes in dovecot-config causes pigeonhole to failed. In-Reply-To: <50B72444.5000707@otenet.gr> References: <50B72444.5000707@otenet.gr> Message-ID: <149B855F-C5F7-46A6-BF04-CB102ECA3E47@iki.fi> On 29.11.2012, at 11.00, nanashi wrote: > I had to manually quote in dovecot-config > LIBDOVECOT_LOGIN='-ldovecot-login -lssl -lcrypto ' > by default was > LIBDOVECOT_LOGIN=-ldovecot-login -lssl -lcrypto > > That cause pigeonhole to failed. Oh, annoying :( I guess I'll release 2.1.12 with this one change.. or maybe wait a few more hours to see if people find anything else. http://hg.dovecot.org/dovecot-2.1/rev/f77e87298a66 From matt at orphans.co.uk Thu Nov 29 13:02:28 2012 From: matt at orphans.co.uk (Matt Jones) Date: Thu, 29 Nov 2012 11:02:28 +0000 Subject: [Dovecot] Problem with mail_location and INDEX location Message-ID: <50B740C4.9090003@orphans.co.uk> HI, I'm pulling my hair out a little trying to get dovecot to save it's index locally rather than in the NFS mount. No matter what I do it seems to save the indices in the Maildir on the NFS. I'm using dovecot 2.0.18 on CentOS 6.3. The relevant config I'm using: mmap_disable = no dotlock_use_excl = no # only needed with NFSv2, NFSv3+ supports O_EXCL and it's faster mail_fsync = always mail_nfs_storage = yes mail_nfs_index = no lock_method = dotlock # Mail location and mailbox format. mail_location = maildir:/%Lh/Maildir/:INDEX=/var/indexes/%Ld/%Lu/ Dovecot runs under the user:group vmail:vmail, and the user has write access to those directories. [root at tay var]# ls -al total 96 drwxr-xr-x. 24 root root 4096 Nov 29 09:36 . dr-xr-xr-x. 23 root root 4096 Nov 28 15:26 .. drwxr-x--- 5 amavis amavis 4096 Nov 29 09:21 amavis drwxr-xr-x. 10 root root 4096 Nov 28 15:14 cache drwxr-xr-x. 2 clamav clamav 4096 Nov 29 03:49 clamav drwxr-xr-x. 3 root root 4096 Nov 28 14:21 db drwxr-xr-x. 3 root root 4096 Nov 28 13:35 empty drwxr-xr-x. 2 root root 4096 Sep 23 2011 games drwx------ 2 vmail vmail 4096 Nov 29 10:42 indexes drwxr-xr-x. 25 root root 4096 Nov 28 15:15 lib drwxr-xr-x. 2 root root 4096 Sep 23 2011 local drwxrwxr-x. 5 root lock 4096 Nov 29 03:49 lock drwxr-xr-x. 5 root root 4096 Nov 29 04:10 log lrwxrwxrwx. 1 root root 10 Nov 28 13:34 mail -> spool/mail drwxr-xr-x. 2 root root 4096 Sep 23 2011 nis drwxr-xr-x. 2 root root 4096 Sep 23 2011 opt drwxr-xr-x. 2 root root 4096 Sep 23 2011 preserve drwxr-xr-x. 20 root root 4096 Nov 29 09:51 run drwxr-xr-x. 9 root root 4096 Nov 28 15:14 spool drwxrwxrwt. 3 root root 4096 Nov 29 09:22 tmp drwxr-x--- 2 amavis amavis 4096 Jun 8 15:39 virusmails drwx------. 5 vmail vmail 4096 Nov 29 09:35 vmail drwx------. 3 root bin 4096 Nov 29 09:22 webmin drwxr-xr-x. 12 root root 4096 Nov 28 15:17 www drwxr-xr-x. 2 root root 4096 Sep 23 2011 yp After restarting dovecot, and logging in via imap, I see the following under the Maildir: [root at tay Maildir]# ls -al /var/vmail/vmail1/orphans.co.uk/m/a/t/matt-2011.07.06.09.41.05/Maildir total 56 drwx------ 9 vmail vmail 4096 Nov 29 10:57 . drwx------ 3 vmail vmail 4096 Nov 29 10:17 .. drwx------ 2 vmail vmail 4096 Nov 29 10:41 cur -rw------- 1 vmail vmail 248 Nov 29 10:41 dovecot.index.log -rw------- 1 vmail vmail 120 Nov 29 10:41 dovecot.mailbox.log -rw------- 1 vmail vmail 51 Nov 29 10:41 dovecot-uidlist -rw------- 1 vmail vmail 8 Nov 29 10:41 dovecot-uidvalidity -r--r--r-- 1 vmail vmail 0 Nov 29 10:41 dovecot-uidvalidity.50b73be3 drwx------ 5 vmail vmail 4096 Nov 29 10:41 .Drafts drwx------ 5 vmail vmail 4096 Nov 29 10:41 .Junk drwx------ 2 vmail vmail 4096 Nov 29 10:41 new drwx------ 5 vmail vmail 4096 Nov 29 10:41 .Sent -rw------- 1 vmail vmail 29 Nov 29 10:41 subscriptions drwx------ 2 vmail vmail 4096 Nov 29 10:41 tmp drwx------ 5 vmail vmail 4096 Nov 29 10:41 .Trash [root at tay Maildir]# ls -al /var/indexes/ total 8 drwx------ 2 vmail vmail 4096 Nov 29 10:42 . drwxr-xr-x. 24 root root 4096 Nov 29 09:36 .. Any ideas? Matt From benedetto.vassallo at unipa.it Thu Nov 29 14:01:56 2012 From: benedetto.vassallo at unipa.it (Benedetto Vassallo) Date: Thu, 29 Nov 2012 13:01:56 +0100 Subject: [Dovecot] Maildir hardlinks with sieve Message-ID: <20121129130156.86002utrv14t9eic@webmail.unipa.it> Hi all, First of all, excuse me for my previous posts (Maildir hardlinks). Today I realized the following issue. Maildir hardlinks works OK on dovecot 2.1.10 without sieve. If set sieve plugin in dovecot-lmtp hardlinks stop working. Is there a way to have both sieve and hardlinks working? Thank you -- Benedetto Vassallo Sistema Informativo di Ateneo Settore Gestione Reti Hardware e Software U.O.B. Sviluppo e manutenzione dei sistemi Universit? degli studi di Palermo Phone: +3909123860056 Fax: +390916529124 ------------------------------------------------------------------------- This message was sent using the University of Palermo web mail interface. From CMarcus at Media-Brokers.com Thu Nov 29 14:16:32 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Thu, 29 Nov 2012 07:16:32 -0500 Subject: [Dovecot] Problem with mail_location and INDEX location In-Reply-To: <50B740C4.9090003@orphans.co.uk> References: <50B740C4.9090003@orphans.co.uk> Message-ID: <50B75220.6050308@Media-Brokers.com> On 2012-11-29 6:02 AM, Matt Jones <matt at orphans.co.uk> wrote: > The relevant config I'm using: > > > mmap_disable = no Please only/always post full output of doveconf -n, not copy/pastes from the config file... this is the only way to be sure that you are using the config you *think* you are using... -- Best regards, Charles From dave at morsberger.com Thu Nov 29 14:45:02 2012 From: dave at morsberger.com (David Morsberger) Date: Thu, 29 Nov 2012 07:45:02 -0500 Subject: [Dovecot] Missing Messages on IOS device In-Reply-To: <50B5A603.5060509@hardwarefreak.com> References: <CA3255CA-B8B2-4BBB-A1D3-395C1FADBA92@morsberger.com> <50B5A603.5060509@hardwarefreak.com> Message-ID: <2E5CBC77-023F-48A5-B1A8-709334B3C21E@morsberger.com> I checked again and I did not see any log entries on the server or client. Not sure how to debug iPhone/iPad. I'm sure this isn't a bug in dovecot per se because the behavior is different on the different client types. I was just wondering if someone else has seen similar behavior before and worked through it. Thanks, David On Nov 28, 2012, at 12:49 AM, Stan Hoeppner <stan at hardwarefreak.com> wrote: > On 11/27/2012 9:21 PM, David Morsberger wrote: >> Resending because I didn't get any responses from my first post: >> >> I just converted my old server running UW/Panda to a Mac Mini Server running Mountain Lion (ML) Server. I'm using the postfix / dovecot setup provided by Apple. >> >> My IMAP clients are not showing all my emails. The Mail App on my iPhone and iPad is behaving the worse. I can see the emails that are not showing up in the cur directory. >> >> The ML Mail App is stating there are 3854 emails in my INBOX. There are 3948 files in the 'cur' directory ('ls cur | wc -l' returns 3948). Other mailboxes and directories have the same behavior. I'm not sure what to expect here. >> >> My method of conversion was to bulk copy (drag and drop) all the messages from one the UW server to the Dovecot server using the Apple Desktop Mail App in Mountain Lion. >> >> Any idea why these messages are not showing up on my devices and how I can get them to show up? > > Not really. Problem reports are typically accompanied by errors in log > files. You've provided none. You've provided only subjective > observation which is rarely useful in troubleshooting. If you provide > some Dovecot logging related to the problem we may be able to help. > Short of that we can only make wild ass guesses. > > Are your clients subscribing all IMAP folders? Are your clients > checking all folders for new mail? > > -- > Stan > From ramon.frontera at uib.es Thu Nov 29 16:22:49 2012 From: ramon.frontera at uib.es (Ramon Frontera) Date: Thu, 29 Nov 2012 15:22:49 +0100 Subject: [Dovecot] Dovecot director doveadm with switch "-A" error In-Reply-To: <1E3289A4-6787-4743-B3F2-D098C6748271@iki.fi> References: <453DDEEC-1372-40D2-ADD5-00F56904C52A@uib.es> <B528BA8C-9575-4C3C-B154-F243252B4B6F@iki.fi> <8874EC16-C9A2-4689-91E6-71453FF6ED65@uib.es> <1354065305.2844.30.camel@innu> <E7FBFA98-4819-4D82-A82E-86455EEAD055@uib.es> <1E3289A4-6787-4743-B3F2-D098C6748271@iki.fi> Message-ID: <0202B7EE-0411-46BA-ACF2-6C378C7443B4@uib.es> Hi, we have installed dovecot version 2.1.11 Now we have found 3 problems with doveadm on proxy server: 1 problem: In our configuration we have: protocol doveadm { auth_socket_path = director-userdb } I have executed this: # doveconf -m doveadm -f service=doveadm auth_socket_path auth_socket_path = director-userdb Now when We execute doveadm quota get -A we have this error: doveadm(user1): Error: /var/run/dovecot//auth-userdb: Proxy is missing destination host (maybe set auth_socket_path=director-userdb) doveadm: Error: Failed to iterate through some users with "-o auth_socket_path=director-userdb " it works for the early users. 2 problem when we execute doveadm -o auth_socket_path=director-userdb quota get -A it works for the early users and then return this error on proxy: doveadm(userabc): Fatal: table formatter doesn't support multi-line values 3 problem I have tested other doveadm command on proxy wich also fails: # doveadm -o auth_socket_path=director-userdb search -u user mailbox Trash savedbefore 1d on proxy we have this error: " doveadm(user): Error: xx.xx.xx.xx:24245: Internal failure for user" on mailserver we have this error: "doveadm: Fatal: master: service(doveadm): child 22171 killed with signal 11 (core dumps disabled)" I put the gdm bt output hope it help you. (mailserver) Core was generated by `dovecot/doveadm-server'. Program terminated with signal 11, Segmentation fault. #0 auth_master_user_list_next (ctx=0x0) at auth-master.c:680 680 auth-master.c: No such file or directory. in auth-master.c Missing separate debuginfos, use: debuginfo-install dovecot-2.1.11-1_136.el6.x86_64 (gdb) bt full #0 auth_master_user_list_next (ctx=0x0) at auth-master.c:680 No locals. #1 0x00007f2dfe414f23 in mail_storage_service_all_next (ctx=0xf92900, username_r=0x7fff4306cab8) at mail-storage-service.c:1215 __FUNCTION__ = "mail_storage_service_all_next" #2 0x00007f2dfd0b0ed2 in doveadm_expire_mail_init (ctx=0xf89020) at doveadm-expire.c:420 ectx = 0xf89198 dict = 0xf93110 query = <value optimized out> expire_dict = <value optimized out> username = 0x0 value = <value optimized out> username_dup = <value optimized out> #3 0x000000000040aa1a in doveadm_mail_single_user () No symbol table info available. #4 0x00000000004121b9 in client_connection_input () No symbol table info available. #5 0x00007f2dfe14f2c6 in io_loop_call_io (io=0xf8e7a0) at ioloop.c:379 ioloop = 0xf84690 t_id = 2 #6 0x00007f2dfe1502ef in io_loop_handler_run (ioloop=<value optimized out>) at ioloop-epoll.c:213 ---Type <return> to continue, or q <return> to quit--- ctx = 0xf874c0 events = <value optimized out> event = 0xf87530 list = 0xf8e7f0 io = <value optimized out> tv = {tv_sec = 2147483, tv_usec = 0} msecs = <value optimized out> ret = 1 i = <value optimized out> call = <value optimized out> #7 0x00007f2dfe14f268 in io_loop_run (ioloop=0xf84690) at ioloop.c:398 No locals. #8 0x00007f2dfe13ac73 in master_service_run (service=0xf84540, callback=<value optimized out>) at master-service.c:544 No locals. #9 0x00000000004128f1 in main () No symbol table info available. Thanks in advance!!!! -- ------------------------------------------ Ramon Frontera Gallardo Universitat de les Illes Balears El 28/11/2012, a las 23:45, Timo Sirainen escribi?: > On 28.11.2012, at 16.50, Ramon Frontera wrote: > >> Dovecot -n show the correct configuration like you explain. >> The command doveadm -o auth_socket_path=director-userdb quota get -A works fine on the proxy and now assigns host. > > Then doveadm isn't seeing the same configuration as what you're looking at. For example did you restart dovecot since the change? Does this return the correct path? : > > doveconf -m doveadm -f service=doveadm auth_socket_path > >> Now, the problem is that when we execute doveadm -A or doveadm -u *something* the command fails in the mailserver with this error: >> >> dovecot: doveadm: Fatal: master: service(doveadm): child 13482 killed with signal 11 (core dumps disabled) > > I fixed several bugs related to this in hg. I think you hit one of them. > >> This errors occurs when the search finds more than one user. >> When we execute doveadm -u user it works fine >> >> >> I send attached the strace of the mailserver<doveadm.log.zip> > > strace isn't very useful in debugging crashes. gdb backtraces are: http://dovecot.org/bugreport.html > From lists at kokelnet.de Thu Nov 29 16:57:00 2012 From: lists at kokelnet.de (Tobias Hachmer) Date: Thu, 29 Nov 2012 15:57 +0100 Subject: [Dovecot] cmd-vacation.c:4:17: fatal error: lib.h: No such file or directory && ./configure: line 11410: -lssl: command not found Message-ID: <2005376.op1lL5WuKO@tobias-pc> Hello Timo, Building 2.1.11 was ok, but rebuilding pigeonhole 0.3.3 for dovecot 2.1.11 show up the following errors: checking for dovecot-config in "/usr/lib/dovecot"... /usr/lib/dovecot/dovecot- config ./configure: line 11410: -lssl: command not found checking whether OS supports plugin dependencies... yes configure: creating ./config.status config.status: creating Makefile config.status: creating doc/Makefile config.status: creating doc/man/Makefile config.status: creating doc/example-config/Makefile config.status: creating doc/example-config/conf.d/Makefile config.status: creating doc/rfc/Makefile config.status: creating src/Makefile config.status: creating src/lib-sieve/Makefile config.status: creating src/lib-sieve/plugins/Makefile config.status: creating src/lib-sieve/plugins/vacation/Makefile config.status: creating src/lib-sieve/plugins/subaddress/Makefile config.status: creating src/lib-sieve/plugins/comparator-i-ascii- numeric/Makefile config.status: creating src/lib-sieve/plugins/relational/Makefile config.status: creating src/lib-sieve/plugins/regex/Makefile config.status: creating src/lib-sieve/plugins/imap4flags/Makefile config.status: creating src/lib-sieve/plugins/copy/Makefile config.status: creating src/lib-sieve/plugins/include/Makefile config.status: creating src/lib-sieve/plugins/body/Makefile config.status: creating src/lib-sieve/plugins/variables/Makefile config.status: creating src/lib-sieve/plugins/enotify/Makefile config.status: creating src/lib-sieve/plugins/enotify/mailto/Makefile config.status: creating src/lib-sieve/plugins/notify/Makefile config.status: creating src/lib-sieve/plugins/environment/Makefile config.status: creating src/lib-sieve/plugins/mailbox/Makefile config.status: creating src/lib-sieve/plugins/date/Makefile config.status: creating src/lib-sieve/plugins/spamvirustest/Makefile config.status: creating src/lib-sieve/plugins/ihave/Makefile config.status: creating src/lib-sieve/plugins/editheader/Makefile config.status: creating src/lib-sieve/plugins/vnd.dovecot/Makefile config.status: creating src/lib-sieve/plugins/vnd.dovecot/debug/Makefile config.status: creating src/lib-sieve/plugins/vnd.dovecot/duplicate/Makefile config.status: creating src/lib-sieve-tool/Makefile config.status: creating src/lib-sievestorage/Makefile config.status: creating src/lib-managesieve/Makefile config.status: creating src/plugins/Makefile config.status: creating src/plugins/lda-sieve/Makefile config.status: creating src/sieve-tools/Makefile config.status: creating src/managesieve/Makefile config.status: creating src/managesieve-login/Makefile config.status: creating src/testsuite/Makefile config.status: creating stamp.h config.status: creating dummy-config.h config.status: creating pigeonhole-config.h config.status: executing depfiles commands config.status: executing libtool commands dh_testdir # Add here commands to compile the package. /usr/bin/make make[1]: Entering directory `/home/tobias/pighole_test/dovecot-2.1- pigeonhole-0.3.3' /usr/bin/make all-recursive make[2]: Entering directory `/home/tobias/pighole_test/dovecot-2.1- pigeonhole-0.3.3' Making all in src make[3]: Entering directory `/home/tobias/pighole_test/dovecot-2.1- pigeonhole-0.3.3/src' Making all in lib-sieve make[4]: Entering directory `/home/tobias/pighole_test/dovecot-2.1- pigeonhole-0.3.3/src/lib-sieve' Making all in plugins make[5]: Entering directory `/home/tobias/pighole_test/dovecot-2.1- pigeonhole-0.3.3/src/lib-sieve/plugins' Making all in vacation make[6]: Entering directory `/home/tobias/pighole_test/dovecot-2.1- pigeonhole-0.3.3/src/lib-sieve/plugins/vacation' /bin/bash ../../../../libtool --tag=CC --mode=compile x86_64-linux-gnu-gcc - DHAVE_CONFIG_H -I. -I../../../.. -I./../../ -D_FORTIFY_SOURCE=2 -std=gnu99 -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security - Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar- subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict- aliasing=2 -MT cmd-vacation.lo -MD -MP -MF .deps/cmd-vacation.Tpo -c -o cmd- vacation.lo cmd-vacation.c libtool: compile: x86_64-linux-gnu-gcc -DHAVE_CONFIG_H -I. -I../../../.. - I./../../ -D_FORTIFY_SOURCE=2 -std=gnu99 -g -O2 -fstack-protector --param=ssp- buffer-size=4 -Wformat -Wformat-security -Wall -W -Wmissing-prototypes - Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad- function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -MT cmd-vacation.lo - MD -MP -MF .deps/cmd-vacation.Tpo -c cmd-vacation.c -fPIC -DPIC -o .libs/cmd- vacation.o cmd-vacation.c:4:17: fatal error: lib.h: No such file or directory compilation terminated. make[6]: *** [cmd-vacation.lo] Error 1 make[6]: Leaving directory `/home/tobias/pighole_test/dovecot-2.1- pigeonhole-0.3.3/src/lib-sieve/plugins/vacation' make[5]: *** [all-recursive] Error 1 make[5]: Leaving directory `/home/tobias/pighole_test/dovecot-2.1- pigeonhole-0.3.3/src/lib-sieve/plugins' make[4]: *** [all-recursive] Error 1 make[4]: Leaving directory `/home/tobias/pighole_test/dovecot-2.1- pigeonhole-0.3.3/src/lib-sieve' make[3]: *** [all-recursive] Error 1 make[3]: Leaving directory `/home/tobias/pighole_test/dovecot-2.1- pigeonhole-0.3.3/src' make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory `/home/tobias/pighole_test/dovecot-2.1- pigeonhole-0.3.3' make[1]: *** [all] Error 2 make[1]: Leaving directory `/home/tobias/pighole_test/dovecot-2.1- pigeonhole-0.3.3' make: *** [build-stamp] Error 2 my configure options: ./configure --with-dovecot=/usr/lib/dovecot --prefix=/usr --sysconfdir=/etc -- libexecdir=/usr/lib --localstatedir=/var --mandir=/usr/share/man -- infodir=/usr/share/info --with-moduledir=/usr/lib/dovecot/modules Regards, Tobias Hachmer From gilles.chauvin at univ-rouen.fr Thu Nov 29 17:09:35 2012 From: gilles.chauvin at univ-rouen.fr (Gilles Chauvin) Date: Thu, 29 Nov 2012 16:09:35 +0100 Subject: [Dovecot] cmd-vacation.c:4:17: fatal error: lib.h: No such file or directory && ./configure: line 11410: -lssl: command not found In-Reply-To: <2005376.op1lL5WuKO@tobias-pc> References: <2005376.op1lL5WuKO@tobias-pc> Message-ID: <50B77AAF.1080906@univ-rouen.fr> On 29/11/2012 15:57, Tobias Hachmer wrote:> Hello Timo, > > Building 2.1.11 was ok, but rebuilding pigeonhole 0.3.3 for dovecot 2.1.11 > show up the following errors: > > [...] > Hi, Just have a look at: http://www.dovecot.org/list/dovecot/2012-November/069722.html ;). Regards, Gilles.-- ========================================================= Gilles CHAUVIN P?le Syst?me Direction des Syst?mes d'information et de l'Informatique Universit? de Rouen B?timent 16 - IRESE-B Place ?mile Blondel 76821 MONT-SAINT-AIGNAN CEDEX ? http://goo.gl/cYgtX T?l: +33 (0)2 35 14 82 92 Fax: +33 (0)2 35 14 64 64 Mail fonc: systeme at univ-rouen.fr Mail pers: gilles.chauvin at univ-rouen.fr ========================================================= From lists at kokelnet.de Thu Nov 29 17:14:05 2012 From: lists at kokelnet.de (Tobias Hachmer) Date: Thu, 29 Nov 2012 16:14:05 +0100 Subject: [Dovecot] cmd-vacation.c:4:17: fatal error: lib.h: No such file or directory && ./configure: line 11410: -lssl: command not found In-Reply-To: <50B77AAF.1080906@univ-rouen.fr> References: <2005376.op1lL5WuKO@tobias-pc> <50B77AAF.1080906@univ-rouen.fr> Message-ID: <16123573.A1ZQnkdqxL@tobias-pc> On Thursday 29 November 2012 16:09:35 Gilles Chauvin wrote: > Just have a look at: > http://www.dovecot.org/list/dovecot/2012-November/069722.html ;). Yeah, I saw your post. But Timo asked for another possible errors. I don't know if this error belongs to your error: cmd-vacation.c:4:17: fatal error: lib.h: No such file or directory That's why I posted this. Greetz, Tobias Hachmer From gilles.chauvin at univ-rouen.fr Thu Nov 29 17:18:14 2012 From: gilles.chauvin at univ-rouen.fr (Gilles Chauvin) Date: Thu, 29 Nov 2012 16:18:14 +0100 Subject: [Dovecot] cmd-vacation.c:4:17: fatal error: lib.h: No such file or directory && ./configure: line 11410: -lssl: command not found In-Reply-To: <16123573.A1ZQnkdqxL@tobias-pc> References: <2005376.op1lL5WuKO@tobias-pc> <50B77AAF.1080906@univ-rouen.fr> <16123573.A1ZQnkdqxL@tobias-pc> Message-ID: <50B77CB6.5090009@univ-rouen.fr> On 29/11/2012 16:14, Tobias Hachmer wrote: > On Thursday 29 November 2012 16:09:35 Gilles Chauvin wrote: >> Just have a look at: >> http://www.dovecot.org/list/dovecot/2012-November/069722.html ;). > > Yeah, I saw your post. But Timo asked for another possible errors. I don't > know if this error belongs to your error: > > cmd-vacation.c:4:17: fatal error: lib.h: No such file or directory > > That's why I posted this. > > Greetz, > Tobias Hachmer > Tobias, The post I linked above wasn't my post but I had the exact same problem this morning while trying to compile pigeonhole against dovecot 2.1.11. Manually adding the quotes in the dovecot-config file fixed the issue for me. Regards, Gilles. From lists at kokelnet.de Thu Nov 29 17:38:44 2012 From: lists at kokelnet.de (Tobias Hachmer) Date: Thu, 29 Nov 2012 16:38:44 +0100 Subject: [Dovecot] cmd-vacation.c:4:17: fatal error: lib.h: No such file or directory && ./configure: line 11410: -lssl: command not found In-Reply-To: <50B77CB6.5090009@univ-rouen.fr> References: <2005376.op1lL5WuKO@tobias-pc> <16123573.A1ZQnkdqxL@tobias-pc> <50B77CB6.5090009@univ-rouen.fr> Message-ID: <2382092.SW9rUM1cA3@tobias-pc> On Thursday 29 November 2012 16:18:14 Gilles Chauvin wrote: > The post I linked above wasn't my post but I had the exact same problem > this morning while trying to compile pigeonhole against dovecot 2.1.11. > Manually adding the quotes in the dovecot-config file fixed the issue > for me. Oh, sorry, I will test, thanks! Regards, Tobias Hachmer From johnsone at usc.edu Thu Nov 29 17:42:44 2012 From: johnsone at usc.edu (Erik A Johnson) Date: Thu, 29 Nov 2012 07:42:44 -0800 Subject: [Dovecot] imap-login hanging when firewall blocks ssl handshaking In-Reply-To: <AED7EBF0-A31F-4171-88DC-F07463A9E0B1@usc.edu> References: <B7D3B051-AEFD-42CD-87DC-60764AF401D4@usc.edu> <8EDD59BD-AC4B-442F-B148-285BC368B49B@iki.fi> <AED7EBF0-A31F-4171-88DC-F07463A9E0B1@usc.edu> Message-ID: <43B7D59A-BEE2-4954-862D-6B8DF521EB38@usc.edu> No, the test to bug out doesn't work because net_geterror(proxy->fd_ssl) returns 0 in the statement if (!proxy->client_proxy && net_geterror(proxy->fd_ssl) == ENOTCONN) { However, errno is indeed ENOTCONN. Changing the test to if (!proxy->client_proxy && errno == ENOTCONN) { does do the job (i.e., stopping the process with the "syscall failed" error message), though I'm sure I don't understand the ins and outs well enough to know if that is an appropriate test. The full log line is: Nov 29 07:39:14 SERVER dovecot[24362]: imap-login: Disconnected (disconnected before greeting, waited 0 secs): user=<>, rip=CLIENTIP, lip=SERVERIP, TLS handshaking: SSL_accept() syscall failed: Socket is not connected, session=<d5DNFaTP8QAKAAFi> Thoughts? On Nov 28, 2012, at 10:18PM PST, Timo Sirainen <tss at iki.fi> wrote: > This is either OSX bug or OpenSSL bug.. Apparently what happens is: > > 1. Client sends SYN packet to Dovecot > 2. Dovecot accept()s the connection (sends SYN-ACK) and goes into OpenSSL code > 3. Client doesn't send ACK to Dovecot. Does it send RST or nothing or something else? I don't know. > 4. OSX notices anyway that something is wrong with the socket, and kqueue says that the socket is ready for reading > 5. OpenSSL read()s, which fails with ENOTCONN. But OpenSSL thinks this is a non-fatal error and simply asks to be notified again when something can be read > 6. goto 4 > > So, whose bug is it? OpenSSL's ENOTCONN handling probably makes sense for client connections where connect() hasn't finished yet. But then again, this is accept()ed connection where it typically should fail like that. Except I guess it might be correct behavior if read() is done after SYN-ACK but before receiving ACK. > > While OSX is receiving ACK from the client, it shouldn't say that the fd is readable. It probably doesn't. But after it receives <something> it realizes that the socket is disconnected. So read() probably shouldn't be returning ENOTCONN anymore at this point, but instead ECONNRESET or ETIMEDOUT. > > See if the attached patch helps. > > > On 29.11.2012, at 7.45, Erik A Johnson wrote: >> Here's the log: >> >> Nov 28 21:28:11 macbookpro-e17d.home dovecot[54139]: master: Dovecot v2.1.10 starting up (core dumps disabled) >> Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: ssl_step() >> Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: ssl_handshake: SSL_accept()=-1 >> Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: SSL_get_error() = 2 >> Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: - want_read >> Nov 28 21:30:19 macbookpro-e17d.home dovecot[54141]: imap-login: Debug: ssl_set_io(0) >> [last 5 lines are repeated until process is killed] >> >> On Nov 26, 2012, as 11:38PM PST, Timo Sirainen <tss at iki.fi> wrote: >>> >>> Could you try with the attached patch, and with only the problematic >>> client running? What does it log (the beginning of the session until it >>> starts repeating the same lines)? >>> >>> On 10.11.2012, at 12.44, Erik A Johnson wrote: >>>> imap-login processes are hanging (using 100% of CPU) when connected from a client that is partially blocked by a firewall. It appears that imap-login is stuck in a loop trying to complete an ssl handshake. imap-login is working fine for other clients not blocked by the firewall (including localhost). >>>> >>>> This is dovecot 2.1.10 under Mac OS X 10.8.2 (compiled from sources); the firewall is Little Snitch 3.0.1 blocking port 993, which appears to let the connection initiate but then squashes and disconnects the socket during ssl handshaking. >>>> >>>> gdb backtrace and Activity Monitor's "Sample Process" show that imap-login is stuck calling ioloop-kqueue's io_loop_handler_run -> io_loop_call_io -> ssl_step repeatedly; dtruss shows that it is repeatedly making system calls to kevent and read, the latter returning -1 with errno 57=ENOTCONN="Socket is not connected". (I also tried ./configure --with-ioloop=poll and --with-iopoll=select instead of the default best = kqueue but the results were the same; --with-iopoll=epoll didn't work because epoll is not available on this machine.) The client, initiated by the command "openssl s_client -connect SERVER:993", first responds "CONNECTED(00000003)" but then immediately the error "60278:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:/SourceCache/OpenSSL098/OpenSSL098-44/src/ssl/s23_lib.c:182:". The infinite loop is in src/lib/ioloop.c in the function "io_loop_run" where the statement "while (ioloop->running) io_loop_handler_run(ioloop)" is executed. > > From tss at iki.fi Thu Nov 29 22:43:42 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 29 Nov 2012 22:43:42 +0200 Subject: [Dovecot] imap-login hanging when firewall blocks ssl handshaking In-Reply-To: <43B7D59A-BEE2-4954-862D-6B8DF521EB38@usc.edu> References: <B7D3B051-AEFD-42CD-87DC-60764AF401D4@usc.edu> <8EDD59BD-AC4B-442F-B148-285BC368B49B@iki.fi> <AED7EBF0-A31F-4171-88DC-F07463A9E0B1@usc.edu> <43B7D59A-BEE2-4954-862D-6B8DF521EB38@usc.edu> Message-ID: <D3941117-A149-47BB-9E4E-E82631FC04F0@iki.fi> On 29.11.2012, at 17.42, Erik A Johnson wrote: > No, the test to bug out doesn't work because net_geterror(proxy->fd_ssl) returns 0 in the statement > > if (!proxy->client_proxy && > net_geterror(proxy->fd_ssl) == ENOTCONN) { > > However, errno is indeed ENOTCONN. Changing the test to > > if (!proxy->client_proxy && > errno == ENOTCONN) { This change isn't very reliable, since the previous call might not have been read().. I wonder if something like would work: if (!proxy->client && read(proxy->fd_ssl, &err, 0) < 0 && errno == ENOTCONN) { From ben at morrow.me.uk Fri Nov 30 00:12:18 2012 From: ben at morrow.me.uk (Ben Morrow) Date: Thu, 29 Nov 2012 22:12:18 +0000 Subject: [Dovecot] imap-login hanging when firewall blocks ssl handshaking In-Reply-To: <D3941117-A149-47BB-9E4E-E82631FC04F0@iki.fi> References: <B7D3B051-AEFD-42CD-87DC-60764AF401D4@usc.edu> <8EDD59BD-AC4B-442F-B148-285BC368B49B@iki.fi> <AED7EBF0-A31F-4171-88DC-F07463A9E0B1@usc.edu> <43B7D59A-BEE2-4954-862D-6B8DF521EB38@usc.edu> <D3941117-A149-47BB-9E4E-E82631FC04F0@iki.fi> Message-ID: <20121129221217.GL76138@anubis.morrow.me.uk> At 10PM +0200 on 29/11/12 Timo Sirainen wrote: > On 29.11.2012, at 17.42, Erik A Johnson wrote: > > > No, the test to bug out doesn't work because net_geterror(proxy->fd_ssl) returns 0 in the statement > > > > if (!proxy->client_proxy && > > net_geterror(proxy->fd_ssl) == ENOTCONN) { > > > > However, errno is indeed ENOTCONN. Changing the test to > > > > if (!proxy->client_proxy && > > errno == ENOTCONN) { > > This change isn't very reliable, since the previous call might not > have been read().. I wonder if something like would work: > > if (!proxy->client && read(proxy->fd_ssl, &err, 0) < 0 && errno == ENOTCONN) { How about calling getpeername on fd_ssl? That should reliably tell you if the socket is connected or not. http://cr.yp.to/docs/connect.html suggests that read is not always a reliable test for that. Ben From tss at iki.fi Fri Nov 30 00:39:51 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 30 Nov 2012 00:39:51 +0200 Subject: [Dovecot] imap-login hanging when firewall blocks ssl handshaking In-Reply-To: <20121129221217.GL76138@anubis.morrow.me.uk> References: <B7D3B051-AEFD-42CD-87DC-60764AF401D4@usc.edu> <8EDD59BD-AC4B-442F-B148-285BC368B49B@iki.fi> <AED7EBF0-A31F-4171-88DC-F07463A9E0B1@usc.edu> <43B7D59A-BEE2-4954-862D-6B8DF521EB38@usc.edu> <D3941117-A149-47BB-9E4E-E82631FC04F0@iki.fi> <20121129221217.GL76138@anubis.morrow.me.uk> Message-ID: <E5427A32-1E02-48E6-9B8B-FA7A70960688@iki.fi> On 30.11.2012, at 0.12, Ben Morrow wrote: >> This change isn't very reliable, since the previous call might not >> have been read().. I wonder if something like would work: >> >> if (!proxy->client && read(proxy->fd_ssl, &err, 0) < 0 && errno == ENOTCONN) { > > How about calling getpeername on fd_ssl? That should reliably tell you > if the socket is connected or not. http://cr.yp.to/docs/connect.html > suggests that read is not always a reliable test for that. Yes, that sounds like it would work better: if (!proxy->client && net_getpeername(proxy->fd_ssl, NULL, NULL) < 0 && errno == ENOTCONN) { From tss at iki.fi Fri Nov 30 03:17:29 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 30 Nov 2012 03:17:29 +0200 Subject: [Dovecot] Dovecot director doveadm with switch "-A" error In-Reply-To: <0202B7EE-0411-46BA-ACF2-6C378C7443B4@uib.es> References: <453DDEEC-1372-40D2-ADD5-00F56904C52A@uib.es> <B528BA8C-9575-4C3C-B154-F243252B4B6F@iki.fi> <8874EC16-C9A2-4689-91E6-71453FF6ED65@uib.es> <1354065305.2844.30.camel@innu> <E7FBFA98-4819-4D82-A82E-86455EEAD055@uib.es> <1E3289A4-6787-4743-B3F2-D098C6748271@iki.fi> <0202B7EE-0411-46BA-ACF2-6C378C7443B4@uib.es> Message-ID: <1F75A354-F909-4BAB-8843-1821332BFC12@iki.fi> On 29.11.2012, at 16.22, Ramon Frontera wrote: > Now we have found 3 problems with doveadm on proxy server: > > 1 problem: > In our configuration we have: > protocol doveadm { > auth_socket_path = director-userdb > } > > I have executed this: > # doveconf -m doveadm -f service=doveadm auth_socket_path > auth_socket_path = director-userdb > > Now when We execute doveadm quota get -A > we have this error: > doveadm(user1): Error: /var/run/dovecot//auth-userdb: Proxy is missing destination host (maybe set auth_socket_path=director-userdb) > doveadm: Error: Failed to iterate through some users > > with "-o auth_socket_path=director-userdb " it works for the early users. That's strange. I don't really have any ideas left how to debug it easily. > 2 problem > when we execute doveadm -o auth_socket_path=director-userdb quota get -A it works for the early users and then return this error on proxy: > > doveadm(userabc): Fatal: table formatter doesn't support multi-line values Oh. Hmm. I see the problem.. I'll fix it later. For now you could change the formatter with doveadm -f tab or -f flow > 3 problem > I have tested other doveadm command on proxy wich also fails: > > # doveadm -o auth_socket_path=director-userdb search -u user mailbox Trash savedbefore 1d > > on proxy we have this error: " doveadm(user): Error: xx.xx.xx.xx:24245: Internal failure for user" > on mailserver we have this error: "doveadm: Fatal: master: service(doveadm): child 22171 killed with signal 11 (core dumps disabled)" > > I put the gdm bt output hope it help you. (mailserver) > > #0 auth_master_user_list_next (ctx=0x0) at auth-master.c:680 > No locals. > #1 0x00007f2dfe414f23 in mail_storage_service_all_next (ctx=0xf92900, > username_r=0x7fff4306cab8) at mail-storage-service.c:1215 > __FUNCTION__ = "mail_storage_service_all_next" > #2 0x00007f2dfd0b0ed2 in doveadm_expire_mail_init (ctx=0xf89020) > at doveadm-expire.c:420 This should fix it: http://hg.dovecot.org/dovecot-2.1/rev/75dc4cb4bfe0 From dmiller at amfes.com Fri Nov 30 07:32:05 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Thu, 29 Nov 2012 21:32:05 -0800 Subject: [Dovecot] Tcpflow capture In-Reply-To: <41FE2822-B20E-4219-9710-3B0815D96767@iki.fi> References: <50B64243.3090708@amfes.com> <D135A531-7D64-4ACF-9B70-6E257B0739CE@iki.fi> <50B6E458.2060707@amfes.com> <0155E88D-B115-4D63-A134-A69FF13E26E0@iki.fi> <50B6F6FA.4050208@amfes.com> <2F5AA701-1C65-4406-A000-4FBC4502E45B@iki.fi> <50B7880A.6080205@amfes.com> <41FE2822-B20E-4219-9710-3B0815D96767@iki.fi> Message-ID: <assp.0681f97e83.50B844D5.4050705@amfes.com> On 11/29/2012 12:49 PM, Timo Sirainen wrote: > On 29.11.2012, at 18.06, Daniel L. Miller wrote: > >> On 11/28/2012 10:37 PM, Timo Sirainen wrote: >>> On 29.11.2012, at 7.47, Daniel L. Miller wrote: >>> >>>>> doveadm fetch text -u amiller at amfes.com mailbox-guid a47e4e264aa1c94cc35100003bc41c5f uid 12891 >>>>> >>>> The result of that, when adding a "> test", generates a 11 byte file. >>>> >>>> Hexedit shows me that as: >>>> 74 65 78 74 3A 0A 1F 8B 08 0C 0A >>>> >>>> Otherwise a simple 'less' give me: >>>> text: >>>> ^_<8B>^H^L >>>> >>>> Does this tell you anything? >>> First of all it tells me that you either have some very corrupted messages in your mailbox, or you have some compressed messages but without zlib plugin enabled. >> 10-mail.conf - mail_plugins = fts fts_solr acl >> 15-lda.conf - mail_plugins = $mail_plugins sieve >> 20-imap.conf - mail_plugins = $mail_plugins zlib imap_acl >> 20-lmtp.conf - mail_plugins = $mail_plugins sieve > OK, so all of the compressed mails will be indexed as garbage. > >> My intent was to be able to read zlib mails, but not write new ones. I may change this to just have zlib in 10-mail and start writing compressed. Unless this is/will cause corruption. > Enabling zlib plugin doesn't enable compression on writing. plugin { zlib_save=yes } is required for that. > I (hopefully) fixed my config - put 'zlib' into 10-mail.conf and removed it from the others. Re-indexing is now good on some mailboxes that were broken before - but I still have a fault on others. -- Daniel From dmiller at amfes.com Fri Nov 30 07:57:02 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Thu, 29 Nov 2012 21:57:02 -0800 Subject: [Dovecot] Tcpflow capture In-Reply-To: <50B844D5.4050705@amfes.com> References: <50B64243.3090708@amfes.com> <D135A531-7D64-4ACF-9B70-6E257B0739CE@iki.fi> <50B6E458.2060707@amfes.com> <0155E88D-B115-4D63-A134-A69FF13E26E0@iki.fi> <50B6F6FA.4050208@amfes.com> <2F5AA701-1C65-4406-A000-4FBC4502E45B@iki.fi> <50B7880A.6080205@amfes.com> <41FE2822-B20E-4219-9710-3B0815D96767@iki.fi> <50B844D5.4050705@amfes.com> Message-ID: <assp.16818e0f90.50B84AAE.8080905@amfes.com> On 11/29/2012 9:32 PM, Daniel L. Miller wrote: > > I (hopefully) fixed my config - put 'zlib' into 10-mail.conf and > removed it from the others. Re-indexing is now good on some mailboxes > that were broken before - but I still have a fault on others. > Using the tcpflow dump, I found a couple bad messages that I didn't care about storing - so I deleted them. Then, after no change - I remembered to do a "compact" in my MUA. That cleared up one mailbox - then dovecot complained about various errors & corruption on another mailbox. So I'll start a new thread for that as it looks like the solr interface is now good! -- Daniel From dmiller at amfes.com Fri Nov 30 08:03:36 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Thu, 29 Nov 2012 22:03:36 -0800 Subject: [Dovecot] mdbox corruption Message-ID: <assp.06814fa592.50B84C38.2020500@amfes.com> Trying to clean up the last of the corruption caused by my own stupidity. I now have two mailboxes for one user that give errors such as: doveadm(fax at amfes.com): Error: zlib.read(/var/mail/amfes.com/fax/mdbox/storage/m.9): gz trailer has wrong CRC value at 20065618 doveadm(fax at amfes.com): Error: read(/var/mail/amfes.com/fax/mdbox/storage/m.9) failed: Invalid argument (uid=238) doveadm(fax at amfes.com): Error: zlib.read(/var/mail/amfes.com/fax/mdbox/storage/m.9): corrupted data at 20145217 [...] doveadm(fax at amfes.com): Error: read(/var/mail/amfes.com/fax/mdbox/storage/m.20) failed: Invalid argument (uid=5155) doveadm(fax at amfes.com): Error: zlib.read(/var/mail/amfes.com/fax/mdbox/storage/m.20): corrupted data at 24779604 doveadm(fax at amfes.com): Error: Cached message size smaller than expected (1259 < 1260) doveadm(fax at amfes.com): Error: Corrupted index cache file /var/mail/amfes.com/fax/mdbox/mailboxes/INBOX/2010/dbox-Mails/dovecot.index.cache: Broken physical size for mail UID 5158 'doveadm force-resync' does not appear to fix these. There appear to be only the two mdbox files affected and I see about 40 errors. I would prefer to salvage as much as possible of these. What options do I have? Do a dsync to another location and take whatever I get? -- Daniel From tss at iki.fi Fri Nov 30 08:09:03 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 30 Nov 2012 08:09:03 +0200 Subject: [Dovecot] Tcpflow capture In-Reply-To: <assp.16818e0f90.50B84AAE.8080905@amfes.com> References: <50B64243.3090708@amfes.com> <D135A531-7D64-4ACF-9B70-6E257B0739CE@iki.fi> <50B6E458.2060707@amfes.com> <0155E88D-B115-4D63-A134-A69FF13E26E0@iki.fi> <50B6F6FA.4050208@amfes.com> <2F5AA701-1C65-4406-A000-4FBC4502E45B@iki.fi> <50B7880A.6080205@amfes.com> <41FE2822-B20E-4219-9710-3B0815D96767@iki.fi> <50B844D5.4050705@amfes.com> <assp.16818e0f90.50B84AAE.8080905@amfes.com> Message-ID: <25C2B424-F8D5-4C8E-86C0-3131F95FBF91@iki.fi> On 30.11.2012, at 7.57, Daniel L. Miller wrote: > On 11/29/2012 9:32 PM, Daniel L. Miller wrote: >> >> I (hopefully) fixed my config - put 'zlib' into 10-mail.conf and removed it from the others. Re-indexing is now good on some mailboxes that were broken before - but I still have a fault on others. >> > Using the tcpflow dump, I found a couple bad messages that I didn't care about storing - so I deleted them. Then, after no change - I remembered to do a "compact" in my MUA. That cleared up one mailbox - then dovecot complained about various errors & corruption on another mailbox. So I'll start a new thread for that as it looks like the solr interface is now good! Well, there is still bug somewhere if Dovecot can cause Solr to fail.. I just can't figure out how that could happen. From tss at iki.fi Fri Nov 30 08:10:47 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 30 Nov 2012 08:10:47 +0200 Subject: [Dovecot] mdbox corruption In-Reply-To: <assp.06814fa592.50B84C38.2020500@amfes.com> References: <assp.06814fa592.50B84C38.2020500@amfes.com> Message-ID: <DFF9836F-AE6A-4639-A126-322A66A8DC4C@iki.fi> On 30.11.2012, at 8.03, Daniel L. Miller wrote: > Trying to clean up the last of the corruption caused by my own stupidity. I now have two mailboxes for one user that give errors such as: > > doveadm(fax at amfes.com): Error: zlib.read(/var/mail/amfes.com/fax/mdbox/storage/m.9): gz trailer has wrong CRC value at 20065618 > doveadm(fax at amfes.com): Error: read(/var/mail/amfes.com/fax/mdbox/storage/m.9) failed: Invalid argument (uid=238) > doveadm(fax at amfes.com): Error: zlib.read(/var/mail/amfes.com/fax/mdbox/storage/m.9): corrupted data at 20145217 > [...] > doveadm(fax at amfes.com): Error: read(/var/mail/amfes.com/fax/mdbox/storage/m.20) failed: Invalid argument (uid=5155) > doveadm(fax at amfes.com): Error: zlib.read(/var/mail/amfes.com/fax/mdbox/storage/m.20): corrupted data at 24779604 > doveadm(fax at amfes.com): Error: Cached message size smaller than expected (1259 < 1260) > doveadm(fax at amfes.com): Error: Corrupted index cache file /var/mail/amfes.com/fax/mdbox/mailboxes/INBOX/2010/dbox-Mails/dovecot.index.cache: Broken physical size for mail UID 5158 > > 'doveadm force-resync' does not appear to fix these. There appear to be only the two mdbox files affected and I see about 40 errors. I would prefer to salvage as much as possible of these. What options do I have? Do a dsync to another location and take whatever I get? There are no tools to fix broken compressed mails. I guess if dsync doesn't stop in the middle that would work. If it does stop, you'd need to figure out which messages those are (with doveadm dump) and delete them. From dmiller at amfes.com Fri Nov 30 08:18:13 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Thu, 29 Nov 2012 22:18:13 -0800 Subject: [Dovecot] Tcpflow capture In-Reply-To: <25C2B424-F8D5-4C8E-86C0-3131F95FBF91@iki.fi> References: <50B64243.3090708@amfes.com> <D135A531-7D64-4ACF-9B70-6E257B0739CE@iki.fi> <50B6E458.2060707@amfes.com> <0155E88D-B115-4D63-A134-A69FF13E26E0@iki.fi> <50B6F6FA.4050208@amfes.com> <2F5AA701-1C65-4406-A000-4FBC4502E45B@iki.fi> <50B7880A.6080205@amfes.com> <41FE2822-B20E-4219-9710-3B0815D96767@iki.fi> <50B844D5.4050705@amfes.com> <50B84AAE.8080905@amfes.com> <25C2B424-F8D5-4C8E-86C0-3131F95FBF91@iki.fi> Message-ID: <assp.168101c61b.50B84FA5.9070907@amfes.com> On 11/29/2012 10:09 PM, Timo Sirainen wrote: > On 30.11.2012, at 7.57, Daniel L. Miller wrote: > >> On 11/29/2012 9:32 PM, Daniel L. Miller wrote: >>> I (hopefully) fixed my config - put 'zlib' into 10-mail.conf and removed it from the others. Re-indexing is now good on some mailboxes that were broken before - but I still have a fault on others. >>> >> Using the tcpflow dump, I found a couple bad messages that I didn't care about storing - so I deleted them. Then, after no change - I remembered to do a "compact" in my MUA. That cleared up one mailbox - then dovecot complained about various errors & corruption on another mailbox. So I'll start a new thread for that as it looks like the solr interface is now good! > Well, there is still bug somewhere if Dovecot can cause Solr to fail.. I just can't figure out how that could happen. > At this moment, after your last bugfix and my correct plugin config - Solr no longer crashes. Dovecot complains about the corruption - but it never hits solr. Now, I suppose I could break my config again to see if reading compressed mails without zlib enabled still outputs garbage to Solr... -- Daniel From hostmaster at taunusstein.net Fri Nov 30 08:35:08 2012 From: hostmaster at taunusstein.net (Christian Felsing) Date: Fri, 30 Nov 2012 07:35:08 +0100 Subject: [Dovecot] v2.1.11 released In-Reply-To: <1354171474.13277.5.camel@hurina> References: <1354171474.13277.5.camel@hurina> Message-ID: <50B8539C.5000507@taunusstein.net> Hi, seems v2.1.11 has broken Pigeonhole 0.3.3 Christian Am 29.11.2012 07:44, schrieb Timo Sirainen: > http://dovecot.org/releases/2.1/dovecot-2.1.11.tar.gz > http://dovecot.org/releases/2.1/dovecot-2.1.11.tar.gz.sig > > * lmtp/lda: dovecot.index.cache file is no longer fully mapped to > memory, allowing mail deliveries to work even if the file is huge. > * auth: userdb passwd lookups are now done by auth worker processes > instead of auth master process (as it was documented, but > accidentally didn't work that way). > > + lmtp: lmtp_rcpt_check_quota=yes setting checks quota on RCPT TO. > - lmtp: After successful proxying RCPT TO, the next one to a > nonexistent user gave tempfail error instead of "user not found". > - lmtp proxy: Fixed hanging if remote server was down. > - imap: Fixed crash when SEARCH contained multiple KEYWORD parameters. > - doveadm: Various fixes to handling doveadm-server connections. > - -i <instance name> parameter for Dovecot tools didn't work correctly. > - director was somewhat broken in v2.1.10. This version also includes > various reliability enhancements. > - auth: passdb imap was broken in v2.1.10. > > > From tss at iki.fi Fri Nov 30 09:01:10 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 30 Nov 2012 09:01:10 +0200 Subject: [Dovecot] v2.1.12 released Message-ID: <1354258870.2844.32.camel@innu> http://dovecot.org/releases/2.1/dovecot-2.1.12.tar.gz http://dovecot.org/releases/2.1/dovecot-2.1.12.tar.gz.sig The dovecot-config file installed by v2.1.11 was missing quotes, which broke building Pigeonhole. This release fixes that. From stsiol at yahoo.co.uk Fri Nov 30 10:13:07 2012 From: stsiol at yahoo.co.uk (Spyros Tsiolis) Date: Fri, 30 Nov 2012 08:13:07 +0000 (GMT) Subject: [Dovecot] v2.1.12 released In-Reply-To: <1354258870.2844.32.camel@innu> References: <1354258870.2844.32.camel@innu> Message-ID: <1354263187.38918.YahooMailNeo@web132203.mail.ird.yahoo.com> >________________________________ > From: Timo Sirainen <tss at iki.fi> >To: dovecot-news at dovecot.org; dovecot at dovecot.org >Sent: Friday, 30 November 2012, 9:01 >Subject: [Dovecot] v2.1.12 released > >http://dovecot.org/releases/2.1/dovecot-2.1.12.tar.gz >http://dovecot.org/releases/2.1/dovecot-2.1.12.tar.gz.sig > >The dovecot-config file installed by v2.1.11 was missing quotes, which >broke building Pigeonhole. This release fixes that. > Wow ! Boy you're fast ! s. ---- "I merely function as a channel that filters music through the chaos of noise" - Vangelis From lists at kokelnet.de Fri Nov 30 10:30:28 2012 From: lists at kokelnet.de (Tobias Hachmer) Date: Fri, 30 Nov 2012 09:30:28 +0100 Subject: [Dovecot] 2.1.12 - Pigeonhole 0.3.3 build failed: /usr/bin/ld: cannot find -lssl -lcrypto Message-ID: <2172377.X0VnGmhlpd@tobias-pc> Hello list, Although timos bugfix release this morning I can't build pigeonhole 0.3.3 for dovecot 2.1.12 successfully. I don't know if it is a new bug or if I do something wrong but with dovecot 2.1.10 all worked fine, with the same configure options. configure options (out of debian/rules for building debian package): ./configure --with-dovecot=/usr/lib/dovecot \ --host=$(DEB_HOST_GNU_TYPE) \ --build=$(DEB_BUILD_GNU_TYPE) \ --prefix=/usr \ --sysconfdir=/etc \ --libexecdir=\$${prefix}/lib \ --localstatedir=/var \ --mandir=\$${prefix}/share/man \ --infodir=\$${prefix}/share/info \ --with-moduledir=\$${prefix}/lib/dovecot/modules buildlogextraction with error, the full log is available here: https://launchpadlibrarian.net/124478979/buildlog_ubuntu-precise- amd64.dovecot-2.1-pigeonhole_0.3.3-7~kokelnet~precise_FAILEDTOBUILD.txt.gz Thanks in advance for any help, Tobias Hachmer Making all in lib-sieve-tool make[4]: Entering directory `/build/buildd/dovecot-2.1- pigeonhole-0.3.3/src/lib-sieve-tool' /bin/bash ../../libtool --tag=CC --mode=compile x86_64-linux-gnu-gcc - DHAVE_CONFIG_H -I. -I../.. -I../../src/lib-sieve -I/usr/include/dovecot - D_FORTIFY_SOURCE=2 -std=gnu99 -g -O2 -fstack-protector --param=ssp-buffer- size=4 -Wformat -Wformat-security -Wall -W -Wmissing-prototypes -Wmissing- declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -MT sieve-tool.lo -MD -MP -MF .deps/sieve-tool.Tpo -c -o sieve-tool.lo sieve-tool.c libtool: compile: x86_64-linux-gnu-gcc -DHAVE_CONFIG_H -I. -I../.. - I../../src/lib-sieve -I/usr/include/dovecot -D_FORTIFY_SOURCE=2 -std=gnu99 -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security - Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar- subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict- aliasing=2 -MT sieve-tool.lo -MD -MP -MF .deps/sieve-tool.Tpo -c sieve-tool.c -fPIC -DPIC -o .libs/sieve-tool.o libtool: compile: x86_64-linux-gnu-gcc -DHAVE_CONFIG_H -I. -I../.. - I../../src/lib-sieve -I/usr/include/dovecot -D_FORTIFY_SOURCE=2 -std=gnu99 -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security - Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar- subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict- aliasing=2 -MT sieve-tool.lo -MD -MP -MF .deps/sieve-tool.Tpo -c sieve-tool.c -o sieve-tool.o >/dev/null 2>&1 mv -f .deps/sieve-tool.Tpo .deps/sieve-tool.Plo /bin/bash ../../libtool --tag=CC --mode=compile x86_64-linux-gnu-gcc - DHAVE_CONFIG_H -I. -I../.. -I../../src/lib-sieve -I/usr/include/dovecot - D_FORTIFY_SOURCE=2 -std=gnu99 -g -O2 -fstack-protector --param=ssp-buffer- size=4 -Wformat -Wformat-security -Wall -W -Wmissing-prototypes -Wmissing- declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -MT mail-raw.lo -MD -MP -MF .deps/mail-raw.Tpo -c -o mail-raw.lo mail-raw.c libtool: compile: x86_64-linux-gnu-gcc -DHAVE_CONFIG_H -I. -I../.. - I../../src/lib-sieve -I/usr/include/dovecot -D_FORTIFY_SOURCE=2 -std=gnu99 -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security - Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar- subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict- aliasing=2 -MT mail-raw.lo -MD -MP -MF .deps/mail-raw.Tpo -c mail-raw.c -fPIC -DPIC -o .libs/mail-raw.o libtool: compile: x86_64-linux-gnu-gcc -DHAVE_CONFIG_H -I. -I../.. - I../../src/lib-sieve -I/usr/include/dovecot -D_FORTIFY_SOURCE=2 -std=gnu99 -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security - Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar- subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict- aliasing=2 -MT mail-raw.lo -MD -MP -MF .deps/mail-raw.Tpo -c mail-raw.c -o mail-raw.o >/dev/null 2>&1 mv -f .deps/mail-raw.Tpo .deps/mail-raw.Plo /bin/bash ../../libtool --tag=CC --mode=link x86_64-linux-gnu-gcc - std=gnu99 -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat- security -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime - Wstrict-aliasing=2 -Wl,-Bsymbolic-functions -Wl,-z,relro -o libsieve-tool.la sieve-tool.lo mail-raw.lo -lrt libtool: link: ar cru .libs/libsieve-tool.a .libs/sieve-tool.o .libs/mail- raw.o libtool: link: ranlib .libs/libsieve-tool.a libtool: link: ( cd ".libs" && rm -f "libsieve-tool.la" && ln -s "../libsieve- tool.la" "libsieve-tool.la" ) make[4]: Leaving directory `/build/buildd/dovecot-2.1- pigeonhole-0.3.3/src/lib-sieve-tool' Making all in sieve-tools make[4]: Entering directory `/build/buildd/dovecot-2.1- pigeonhole-0.3.3/src/sieve-tools' x86_64-linux-gnu-gcc -DHAVE_CONFIG_H -I. -I../.. -I../../src/lib-sieve - I../../src/lib-sieve-tool -I./debug -I/usr/include/dovecot - D_FORTIFY_SOURCE=2 -std=gnu99 -g -O2 -fstack-protector --param=ssp-buffer- size=4 -Wformat -Wformat-security -Wall -W -Wmissing-prototypes -Wmissing- declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -MT sievec.o -MD -MP -MF .deps/sievec.Tpo -c -o sievec.o sievec.c mv -f .deps/sievec.Tpo .deps/sievec.Po /bin/bash ../../libtool --tag=CC --mode=link x86_64-linux-gnu-gcc - std=gnu99 -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat- security -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime - Wstrict-aliasing=2 -export-dynamic -Wl,-Bsymbolic-functions -Wl,-z,relro -o sievec sievec.o ../../src/lib-sieve/libdovecot-sieve.la ../../src/lib-sieve- tool/libsieve-tool.la -ldovecot-storage -lssl -lcrypto -ldovecot-lda - L/usr/lib/dovecot -ldovecot -lrt libtool: link: x86_64-linux-gnu-gcc -std=gnu99 -g -O2 -fstack-protector -- param=ssp-buffer-size=4 -Wformat -Wformat-security -Wall -W -Wmissing- prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -Wl,-Bsymbolic- functions -Wl,-z -Wl,relro -o .libs/sievec sievec.o -Wl,--export-dynamic ../../src/lib-sieve/.libs/libdovecot-sieve.so ../../src/lib-sieve- tool/.libs/libsieve-tool.a /usr/lib/dovecot/libdovecot-storage.so -lssl - lcrypto /usr/lib/dovecot/libdovecot-lda.so -L/usr/lib/dovecot /usr/lib/dovecot/libdovecot.so -lrt -Wl,-rpath -Wl,/usr/lib/dovecot /usr/bin/ld: cannot find -lssl /usr/bin/ld: cannot find -lcrypto collect2: ld returned 1 exit status make[4]: *** [sievec] Error 1 make[4]: Leaving directory `/build/buildd/dovecot-2.1- pigeonhole-0.3.3/src/sieve-tools' make[3]: *** [all-recursive] Error 1 make[3]: Leaving directory `/build/buildd/dovecot-2.1-pigeonhole-0.3.3/src' make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory `/build/buildd/dovecot-2.1-pigeonhole-0.3.3' make[1]: *** [all] Error 2 make[1]: Leaving directory `/build/buildd/dovecot-2.1-pigeonhole-0.3.3' make: *** [build-stamp] Error 2 From tss at iki.fi Fri Nov 30 10:44:48 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 30 Nov 2012 10:44:48 +0200 Subject: [Dovecot] 2.1.12 - Pigeonhole 0.3.3 build failed: /usr/bin/ld: cannot find -lssl -lcrypto In-Reply-To: <2172377.X0VnGmhlpd@tobias-pc> References: <2172377.X0VnGmhlpd@tobias-pc> Message-ID: <8BCFDF68-BE1D-4F9E-9E70-4FE6355F50BE@iki.fi> On 30.11.2012, at 10.30, Tobias Hachmer wrote: > Although timos bugfix release this morning I can't build pigeonhole 0.3.3 for > dovecot 2.1.12 successfully. I don't know if it is a new bug or if I do > something wrong but with dovecot 2.1.10 all worked fine, with the same configure > options. Yes, the build was changed since v2.1.10 because the old way didn't work with some systems. > configure options (out of debian/rules for building debian package): .. > /usr/bin/ld: cannot find -lssl > /usr/bin/ld: cannot find -lcrypto You built Dovecot from a Debian package too, but don't have OpenSSL installed?.. From lists at kokelnet.de Fri Nov 30 11:02:22 2012 From: lists at kokelnet.de (Tobias Hachmer) Date: Fri, 30 Nov 2012 10:02:22 +0100 Subject: [Dovecot] 2.1.12 - Pigeonhole 0.3.3 build failed: /usr/bin/ld: cannot find -lssl -lcrypto In-Reply-To: <8BCFDF68-BE1D-4F9E-9E70-4FE6355F50BE@iki.fi> References: <2172377.X0VnGmhlpd@tobias-pc> <8BCFDF68-BE1D-4F9E-9E70-4FE6355F50BE@iki.fi> Message-ID: <2236844.32HTZT9t1K@tobias-pc> On Friday 30 November 2012 10:44:48 Timo Sirainen wrote: > You built Dovecot from a Debian package too, but don't have OpenSSL > installed?.. Thanks Timo for hte hint. openssl was installed, but the openssl development files (libssl-dev) dependency for my dovecot-dev package was missing. Regards, Tobias Hachmer From ramon.frontera at uib.es Fri Nov 30 11:22:19 2012 From: ramon.frontera at uib.es (Ramon Frontera) Date: Fri, 30 Nov 2012 10:22:19 +0100 Subject: [Dovecot] Dovecot director doveadm with switch "-A" error In-Reply-To: <1F75A354-F909-4BAB-8843-1821332BFC12@iki.fi> References: <453DDEEC-1372-40D2-ADD5-00F56904C52A@uib.es> <B528BA8C-9575-4C3C-B154-F243252B4B6F@iki.fi> <8874EC16-C9A2-4689-91E6-71453FF6ED65@uib.es> <1354065305.2844.30.camel@innu> <E7FBFA98-4819-4D82-A82E-86455EEAD055@uib.es> <1E3289A4-6787-4743-B3F2-D098C6748271@iki.fi> <0202B7EE-0411-46BA-ACF2-6C378C7443B4@uib.es> <1F75A354-F909-4BAB-8843-1821332BFC12@iki.fi> Message-ID: <9D166B16-D94E-4AFB-B87D-A3AA5090B877@uib.es> Hi, Thanks Timo for your help! I have installed dovecot version 2.1.12 changing format has solved "doveadm -o auth_socket_path=director-userdb quota get -A" Now, "doveadm -o auth_socket_path=director-userdb search -u user mailbox Trash savedbefore 1d" works fine!!!! Best regards! -- ------------------------------------------ Ramon Frontera Gallardo Universitat de les Illes Balears El 30/11/2012, a las 02:17, Timo Sirainen escribi?: > On 29.11.2012, at 16.22, Ramon Frontera wrote: > >> Now we have found 3 problems with doveadm on proxy server: >> >> 1 problem: >> In our configuration we have: >> protocol doveadm { >> auth_socket_path = director-userdb >> } >> >> I have executed this: >> # doveconf -m doveadm -f service=doveadm auth_socket_path >> auth_socket_path = director-userdb >> >> Now when We execute doveadm quota get -A >> we have this error: >> doveadm(user1): Error: /var/run/dovecot//auth-userdb: Proxy is missing destination host (maybe set auth_socket_path=director-userdb) >> doveadm: Error: Failed to iterate through some users >> >> with "-o auth_socket_path=director-userdb " it works for the early users. > > That's strange. I don't really have any ideas left how to debug it easily. > >> 2 problem >> when we execute doveadm -o auth_socket_path=director-userdb quota get -A it works for the early users and then return this error on proxy: >> >> doveadm(userabc): Fatal: table formatter doesn't support multi-line values > > Oh. Hmm. I see the problem.. I'll fix it later. For now you could change the formatter with doveadm -f tab or -f flow > >> 3 problem >> I have tested other doveadm command on proxy wich also fails: >> >> # doveadm -o auth_socket_path=director-userdb search -u user mailbox Trash savedbefore 1d >> >> on proxy we have this error: " doveadm(user): Error: xx.xx.xx.xx:24245: Internal failure for user" >> on mailserver we have this error: "doveadm: Fatal: master: service(doveadm): child 22171 killed with signal 11 (core dumps disabled)" >> >> I put the gdm bt output hope it help you. (mailserver) >> >> #0 auth_master_user_list_next (ctx=0x0) at auth-master.c:680 >> No locals. >> #1 0x00007f2dfe414f23 in mail_storage_service_all_next (ctx=0xf92900, >> username_r=0x7fff4306cab8) at mail-storage-service.c:1215 >> __FUNCTION__ = "mail_storage_service_all_next" >> #2 0x00007f2dfd0b0ed2 in doveadm_expire_mail_init (ctx=0xf89020) >> at doveadm-expire.c:420 > > This should fix it: http://hg.dovecot.org/dovecot-2.1/rev/75dc4cb4bfe0 > From fesarlis at gmail.com Fri Nov 30 12:22:43 2012 From: fesarlis at gmail.com (Aristidis Fesarlis) Date: Fri, 30 Nov 2012 12:22:43 +0200 Subject: [Dovecot] Maildir conversion Message-ID: <50B888F3.7010005@gmail.com> Hi all, I am using Dovecot 1.2.7, and trying to do my first Mbox to Maildir conversion. So I created a small script: > #!/bin/bash > > ls > userlist.txt > > for i in `cat userlist.txt`; do > echo "---------------------"; > echo "Converting user $i..."; > echo "---------------------"; > > su - $i -s /bin/bash -c "/opt/scripts/mb2md.pl -s mail -R"; > su - $i -s /bin/bash -c "/opt/scripts/mb2md.pl -m -s > /var/mail/$i"; > su - $i -s /bin/bash -c "cp ~$i/mail/.subscriptions > ~$i/Maildir/subscriptions"; > done > > rm -f userlist.txt I would like some help with the following: 1. Trying it, I get multiple warnings for some mailboxes like this: > "WARNING: UID from X-UID: header too low. Ignoring it Is this a problem? Or I can ignore it? 2. I understand that I also have to instruct my MDA (procmail) to deliver mail to the new location. I found that I have to create an /etc/procmailrc with the following line: > DEFAULT=$HOME/Maildir/ My question is: Some users have their own .procmailrc file inside their home directory, to filter mail etc. Their file does not contain the above statement. Would the default procmailrc file be processed for them as well? Or their file takes precedence, causing the default file not to be processed at all? Thank you From sirtcp at gmail.com Fri Nov 30 18:20:10 2012 From: sirtcp at gmail.com (Muhammad Yousuf Khan) Date: Fri, 30 Nov 2012 21:20:10 +0500 Subject: [Dovecot] Newbie Basic ACL issue Message-ID: <CAGWVfMncYwZF3mA37un4uqinGSJR+h3zxzTv=yRxetZ3B3+Uzw@mail.gmail.com> i can not impliment a basic acl to a /public/.News folder. however with out ACL it works great but after implementing acl "Public" folder can be seen while subscribing but i can not create folder inside it nor i can view already created ".News" folder. when i restart dovecot it shows me some thing like this root at mailsrv:/public/.News# /etc/init.d/dovecot restart Restarting IMAP/POP3 mail server: dovecotILoading modules from directory: /usr/lib/dovecot/modules/imap IModule loaded: /usr/lib/dovecot/modules/imap/lib01_acl_plugin.so IModule loaded: /usr/lib/dovecot/modules/imap/lib02_imap_acl_plugin.so IEffective uid=65534, gid=65534, home=/tmp Iacl: No acl_shared_dict setting - shared mailbox listing is disabled root at mailsrv:/public/.News# dovecot -n # 1.2.15: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.6 log_timestamp: %Y-%m-%d %H:%M:%S ssl_cert_file: /etc/ssl/certs/postfix.pem ssl_key_file: /etc/ssl/private/postfix.key login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/imap-login mail_privileged_group: mail mail_location: maildir:~/Maildir:INBOX=~/Maildir/:INDEX=~/Maildir/index mail_debug: yes mbox_write_locks: fcntl dotlock mail_plugins: acl imap_acl namespace: type: private separator: / inbox: yes list: yes subscriptions: yes namespace: type: public separator: / prefix: Public/ location: maildir:/public:INDEX=/public/index list: yes subscriptions: yes lda: mail_plugins: acl auth default: mechanisms: plain login passdb: driver: pam userdb: driver: passwd socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: postfix plugin: acl: vfile as i read in few howto's that "dovecot-acl" file should be placed in the mail publish folder like in my case "/public/.News/dovecot-acl" here is the output of my file root at mailsrv:/public/.News# cat dovecot-acl owner lrwstipekxa anyone= lr now after this implimentation i can see the folder "Public" in subscription now when i try to create a new folder inside ".News" folder via outlook 2007 it says "cannot move the item. the server responded: 'NOPERM] Permission denied" i think i am messed up permission actually i have 2 users "tom" and "fmaster" both doing the same thing. weather i write this "anyone lrwstpekxa" or "user=tom lrwstpekxa" it does the same for both user what i want is just a simple thing. i want tom to be the owner of .News and fmaster has read only. so he can only read the news but can not delete even can not change the flag to read or unread. Note: both are system users (not virtual users) Nov 30 20:50:42 mailsrv dovecot: IMAP(fmaster): open(/public/.News/dovecot-uidlist) failed: Permission denied Nov 30 20:50:42 mailsrv dovecot: IMAP(fmaster): open(/public/.News/dovecot-uidlist) failed: Permission denied Nov 30 20:54:45 mailsrv dovecot: IMAP(fmaster): open(/public/index/.News/dovecot.index.log) failed: Permission denied (euid=1001(fmaster) egid=1001(fmaster) missing +w perm: /public/index/.News/dovecot.index.log) Nov 30 20:54:50 mailsrv dovecot: IMAP(fmaster): open(/public/index/.News/dovecot.index.log) failed: Permission denied (euid=1001(fmaster) egid=1001(fmaster) missing +w perm: /public/index/.News/dovecot.index.log) i thought its a system level permission issue so i pass this command "chmod 777 /public -R" but still i receive the same outlook error but no errors in /var/log/mail.err. please hell me what kind of user right should be on the .News folder. for example, tom or root which one should have the "rwx" rights on the folder. and what kind of changes should i made in deovecot-acl any help, tip would be highly appreciated. Thanks, From ssilva at sgvwater.com Fri Nov 30 20:42:12 2012 From: ssilva at sgvwater.com (Scott Silva) Date: Fri, 30 Nov 2012 10:42:12 -0800 Subject: [Dovecot] Maildir conversion In-Reply-To: <50B888F3.7010005@gmail.com> References: <50B888F3.7010005@gmail.com> Message-ID: <k9aum1$tep$1@ger.gmane.org> <snip> > > 2. I understand that I also have to instruct my MDA (procmail) to deliver mail > to the new location. I found that I have to create an /etc/procmailrc with the > following line: > >> DEFAULT=$HOME/Maildir/ > > My question is: Some users have their own .procmailrc file inside their home > directory, to filter mail etc. Their file does not contain the above > statement. Would the default procmailrc file be processed for them as well? Or > their file takes precedence, causing the default file not to be processed at all? > > Thank you > > On my systems it works that way. Only the /etc/procmailrc file has that statement.