From laz at paravis.net Wed Jul 1 02:38:36 2015 From: laz at paravis.net (Laz C. Peterson) Date: Tue, 30 Jun 2015 19:38:36 -0700 Subject: Dovecot auth username mapping Message-ID: I have an interesting case here ? Virtual mailboxes, domain/username/aliases stored in MySQL, authentication done using PAM. PAM authenticates through Kerberos, which are internal realms and not the email domains ? for example, my username would be laz at PARAVIS.LOCAL and my email address would be laz at paravis.net . All of this works just fine. But what I want to do is allow the users to log in using their email address and not their full Kerberos name. It is becoming laborious to help the users understand the difference between their username at LOCAL.REALM and username at email.address and why we have to have two separate identities that mean the same thing. I have the SQL statements to convert either the Kerberos login or the email address to the actual Kerberos login (so they may use either). But I cannot seem to figure out how to get Dovecot to acknowledge this as the mapped username. I?m sure there has to be a way. Any help will be greatly appreciated. Thank you! ~ Laz Peterson Paravis, LLC From jan.ekholm at smultron.net Wed Jul 1 11:50:50 2015 From: jan.ekholm at smultron.net (Jan Ekholm) Date: Wed, 1 Jul 2015 14:50:50 +0300 Subject: Dovecot deleting files and directories Message-ID: Hi, I?m a new Dovecot user and using version 2.2.18 on an OpenSuse system. In general it all works quite nicely and clients can connect to Dovecot and manage mails normally. The layout used is maildir. The users are all virtual, i.e. they do not exist on the Linux system. They all log in without any authentication due to a very specialized and internal setup. However, sometimes Dovecot simply deletes mails from the maildir structure. It also seems to delete entire users too. This is not a simple case of clients deleting mails, but the entire folder for the user seems to sometimes get nuked. I?ve also seen that only the mails and Dovecot?s admin files (indexes etc) are deleted. The log file is not really too informative, mostly lines of this form: Jul 01 14:00:36 imap(firstname.lastname at domain.x): Info: Disconnected: IMAP session state is inconsistent, please relogin. in=781 out=2630 Jul 01 14:00:36 imap(operators-east at east.domain.x): Debug: Namespace : /opt/mail/operators-east doesn't exist yet, using default permissions Jul 01 14:00:36 imap(operators-east at east.domain.x): Debug: Namespace : /opt/mail/operators-east doesn't exist yet, using default permissions Jul 01 14:00:36 imap(operators-east at east.domain.x): Debug: Namespace : Using permissions from /opt/mail/operators-east: mode=0700 gid=default Jul 01 14:00:36 imap(firstname.lastname at domain.x): Debug: Namespace : /opt/mail/firstname.lastname doesn't exist yet, using default permissions Jul 01 14:00:36 imap(firstname.lastname at domain.x): Debug: Namespace : /opt/mail/firstname.lastname doesn't exist yet, using default permissions Jul 01 14:00:36 imap(firstname.lastname at domain.x): Debug: Namespace : Using permissions from /opt/mail/firstname.lastname: mode=0700 gid=default Jul 01 14:01:03 imap-login: Info: Login: user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=9326, secured, session=<2+YiPc4ZGwB/AAAB> Jul 01 14:01:03 imap(firstname.lastname at domain.x): Debug: Effective uid=1001, gid=100, home=/opt/mail/firstname.lastname Jul 01 14:01:03 imap(firstname.lastname at domain.x): Debug: maildir++: root=/opt/mail/firstname.lastname, index=, indexpvt=, control=, inbox=/opt/mail/firstname.lastname, alt= Jul 01 14:01:07 imap-login: Info: Login: user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=9333, secured, session=<11NpPc4ZHAB/AAAB> Jul 01 14:01:07 imap(operators-east at east.domain.x): Debug: Effective uid=1001, gid=100, home=/opt/mail/operators-east Jul 01 14:01:07 imap(operators-east at east.domain.x): Debug: maildir++: root=/opt/mail/operators-east, index=, indexpvt=, control=, inbox=/opt/mail/operators-east, alt= I?ve changed the name and domain. Not sure if the namespace complaints have anything to do with the directories on disk, but normally they are there when the logging comes. Below is the used config file. I can?t see anything that would trigger deletions and there is no logging or similar about it. To me it?s quite serious that an IMAP server randomly deletes mails and its own files. ########################################################################################### # support only IMAP, no pop3 protocols = imap # listen only on IPv4 (the default is: "* ::") listen = * # where logging gets sent log_path = /var/log/dovecot.log # disable SSL ssl = no disable_plaintext_auth = no # we're using maildir without any extra folders in the user's home directory (set in userdb) mail_location = maildir:~ # user ids default_login_user = dovenull default_internal_user = dovecot # auth config auth_verbose = yes auth_mechanisms = plain # password scheme. Uses an external Python application to verify the password. It gets # sent the username and password and can perform authentication. The current one # simply accepts anything. passdb { driver = checkpassword args = /opt/dovecot-2.2.18/bin/checkpassword.py } # user database userdb { driver = static args = uid=navie gid=users home=/opt/mail/maildir/%n } ########################################################################################### Anything obviously wrong? I?ve seen that mail_location and mail_home should not be the same, but using mail_location = maildir:~/mail gives the exact same behavior. Best regards, Jan Ekholm From skdovecot at smail.inf.fh-brs.de Wed Jul 1 12:31:33 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Wed, 1 Jul 2015 14:31:33 +0200 (CEST) Subject: Dovecot deleting files and directories In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 1 Jul 2015, Jan Ekholm wrote: > The log file is not really too informative, mostly lines of this form: > > Jul 01 14:00:36 imap(operators-east at east.domain.x): Debug: Namespace : /opt/mail/operators-east doesn't exist yet, using default permissions > Jul 01 14:00:36 imap(operators-east at east.domain.x): Debug: Namespace : /opt/mail/operators-east doesn't exist yet, using default permissions > > Below is the used config file. I can?t see anything that would trigger deletions and there is no logging or similar > about it. To me it?s quite serious that an IMAP server randomly deletes mails and its own files. the config looks like you've copied it from some files, please do: + restart dovecot (service dovecot restart or /etc/init.d/dovecot restart or whatever is appropriate on your system) + run: doveconf -n and post its output. + Also run: doveadm user -u operators-east at east.domain.x > > # we're using maildir without any extra folders in the user's home directory (set in userdb) > mail_location = maildir:~ > > # user database > userdb { > driver = static > args = uid=navie gid=users home=/opt/mail/maildir/%n > } > ########################################################################################### > > Anything obviously wrong? I?ve seen that mail_location and mail_home should not be the same, but using > > mail_location = maildir:~/mail The log entries does not fit the configuration shown, therefore I suspect that Dovecot is using another config. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVZPdpXz1H7kL/d9rAQLPqAf/T98U5F6TWYuSb+ccX5NGXlLrw79hu0q1 +D+RmWFiLpwk3S5Q+I7nZ9++zVPdCSkAkS4cis4DyvkNbn43GBx0HvWV9H9zFMsh NvTnHlv4nTZcf+5W0PIpstjIBlMzjZd5hc4V5Xo5srsoP7kH/gaHTX/OsBfskavU qHimGb4ArJS1nVliLhPJTmpEW7hpfS6yBViSLhqpt1eLMnwCjir5IirPUNvg+BKY WmIRRHSLYRu0o8IkPmbyghE4pJ8Zu61Z3MOmBpcRFDGf/UUkbUmbS2OdWCFgP2Z9 JhEcvkpHuamwYDLMD+isTz14aLjRDu15QB8nURmlmkGXhxAVn5IxhA== =UIYT -----END PGP SIGNATURE----- From shopps at pridetechdesign.com Wed Jul 1 14:28:45 2015 From: shopps at pridetechdesign.com (Steven Hopps) Date: Wed, 01 Jul 2015 10:28:45 -0400 Subject: dovecot-lmtp Message-ID: <5593F91D.6030609@pridetechdesign.com> Hi, I'm trying to use dovecot-lmtp so that I can filter messages with sieve, however it doesn't appear to be working. I followed the instructions on wiki2.dovecot.org. I'm running Debian Wheezy. I've got runit configured to execute postfix and dovecot, which may be the source of the problem (runit executes /usr/sbin/dovecot -F). I've got mail_debug turned on and there is nothing in the mail log about lmtp. Any help would be appreciated. -- Steven Hopps || shopps at pridetechdesign.com 424-888-0443 || http://www.pridetechdesign.com = Ask about my Security Tune-Up & 24/7 Server Monitoring! = From user+dovecot at localhost.localdomain.org Wed Jul 1 16:17:28 2015 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Wed, 1 Jul 2015 16:17:28 +0000 Subject: dovecot-lmtp In-Reply-To: <5593F91D.6030609@pridetechdesign.com> References: <5593F91D.6030609@pridetechdesign.com> Message-ID: <55941298.4080104@localhost.localdomain.org> On 07/01/2015 02:28 PM, Steven Hopps wrote: > Hi, I'm trying to use dovecot-lmtp so that I can filter messages with > sieve, however it doesn't appear to be working. > > I followed the instructions on wiki2.dovecot.org. I'm running Debian > Wheezy. I've got runit configured to execute postfix and dovecot, which > may be the source of the problem (runit executes /usr/sbin/dovecot -F). > I've got mail_debug turned on and there is nothing in the mail log about > lmtp. > > Any help would be appreciated. > `postconf virtual_transport mailbox_transport`? `doveconf -n`? Regards, Pascal -- The trapper recommends today: c01dcafe.1518218 at localdomain.org From shopps at pridetechdesign.com Wed Jul 1 17:19:42 2015 From: shopps at pridetechdesign.com (Steven Hopps) Date: Wed, 01 Jul 2015 13:19:42 -0400 Subject: dovecot-lmtp In-Reply-To: <55941298.4080104@localhost.localdomain.org> References: <5593F91D.6030609@pridetechdesign.com> <55941298.4080104@localhost.localdomain.org> Message-ID: <5594212E.4010806@pridetechdesign.com> I tried copying virtual_transport to mailbox_transport and started receiving user unknown and no such user errors. Current configuration output follows: virtual_transport = lmtp:unix:private/dovecot-lmtp mailbox_transport = # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.8 auth_mechanisms = plain login mail_debug = yes mail_location = maildir:~/Maildir namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } plugin { sieve = file:~/sieve;active=~/Maildir/filters.sieve } protocols = lmtp imap service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix user = postfix } } ssl_cert = On 07/01/2015 02:28 PM, Steven Hopps wrote: >> Hi, I'm trying to use dovecot-lmtp so that I can filter messages with >> sieve, however it doesn't appear to be working. >> >> I followed the instructions on wiki2.dovecot.org. I'm running Debian >> Wheezy. I've got runit configured to execute postfix and dovecot, which >> may be the source of the problem (runit executes /usr/sbin/dovecot -F). >> I've got mail_debug turned on and there is nothing in the mail log about >> lmtp. >> >> Any help would be appreciated. >> > > `postconf virtual_transport mailbox_transport`? > `doveconf -n`? > > > Regards, > Pascal > From shopps at pridetechdesign.com Wed Jul 1 17:32:01 2015 From: shopps at pridetechdesign.com (Steven Hopps) Date: Wed, 01 Jul 2015 13:32:01 -0400 Subject: dovecot-lmtp In-Reply-To: <55941298.4080104@localhost.localdomain.org> References: <5593F91D.6030609@pridetechdesign.com> <55941298.4080104@localhost.localdomain.org> Message-ID: <55942411.3010000@pridetechdesign.com> I apologize for the multiple emails, I forgot to mention that when I added a mailbox_transport line, suddenly the log started showing lmtp entries, however everything was bouncing (I did mention the bouncing.) When I removed that line, it works again, but now the log does not show any lmtp entries, same as before. I should point out that this email server has been functional for a long while. Steven Hopps || shopps at pridetechdesign.com 424-888-0443 || http://www.pridetechdesign.com = Ask about my Security Tune-Up & 24/7 Server Monitoring! = On 7/1/2015 12:17, Pascal Volk wrote: > On 07/01/2015 02:28 PM, Steven Hopps wrote: >> Hi, I'm trying to use dovecot-lmtp so that I can filter messages with >> sieve, however it doesn't appear to be working. >> >> I followed the instructions on wiki2.dovecot.org. I'm running Debian >> Wheezy. I've got runit configured to execute postfix and dovecot, which >> may be the source of the problem (runit executes /usr/sbin/dovecot -F). >> I've got mail_debug turned on and there is nothing in the mail log about >> lmtp. >> >> Any help would be appreciated. >> > > `postconf virtual_transport mailbox_transport`? > `doveconf -n`? > > > Regards, > Pascal > From jhg at jhmg.net Wed Jul 1 21:14:19 2015 From: jhg at jhmg.net (Jim Garrison) Date: Wed, 01 Jul 2015 14:14:19 -0700 Subject: Using PAM and passwdfile together Message-ID: <5594582B.50001@jhmg.net> Dovecot 2.0.9 on Centos 6.6 I have some local users and some Postfix virtual mailboxes. The config currently has: > # 2.0.9: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.32-504.12.2.el6.x86_64 x86_64 CentOS release 6.6 (Final) > first_valid_uid = 190 > log_path = /var/log/dovecot.log > mail_access_groups = mail > mail_location = mbox:~/mail:INBOX=/var/mail/%u > mbox_write_locks = fcntl > passdb { > driver = pam > } > passdb { > args = scheme=MD5 username_format=%u /etc/dovecot/auth/%d.passwd > driver = passwd-file > } > protocols = imap pop3 > ssl_ca = ssl_cert = ssl_key = ssl_parameters_regenerate = 48 > userdb { > driver = passwd > } > userdb { > args = uid=199 gid=199 home=/var/mail/vhosts/%d/%n mail=mbox:/var/mail/vhosts/%d/%n:INBOX=/var/mail/vhosts/%d/%n/mail > driver = static > } Each time a virtual mailbox user logs in, PAM writes a set of Authentication Failure messages to /var/log/secure when it attempts to find the virtual user, which it then successfully authenticates in the passwd-file. Is there a way to prevent PAM from loggin this spurious error and having dovecot log an authentication failure only if BOTH methods fail? -- Jim Garrison (jhg at acm.org) PGP Keys at http://www.jhmg.net RSA 0x04B73B7F DH 0x70738D88 From axel.luttgens at skynet.be Wed Jul 1 22:24:15 2015 From: axel.luttgens at skynet.be (Axel Luttgens) Date: Thu, 2 Jul 2015 00:24:15 +0200 Subject: Dovecot auth username mapping In-Reply-To: References: Message-ID: > Le 1 juil. 2015 ? 04:38, Laz C. Peterson > a ?crit : > > I have an interesting case here ? > > Virtual mailboxes, domain/username/aliases stored in MySQL, authentication done using PAM. PAM authenticates through Kerberos, which are internal realms and not the email domains ? for example, my username would be laz at PARAVIS.LOCAL and my email address would be laz at paravis.net . > > All of this works just fine. But what I want to do is allow the users to log in using their email address and not their full Kerberos name. It is becoming laborious to help the users understand the difference between their username at LOCAL.REALM and username at email.address and why we have to have two separate identities that mean the same thing. > > I have the SQL statements to convert either the Kerberos login or the email address to the actual Kerberos login (so they may use either). But I cannot seem to figure out how to get Dovecot to acknowledge this as the mapped username. > > I?m sure there has to be a way. Any help will be greatly appreciated. Thank you! Hello Laz, I fear you?ll have to resort to CheckPassword (http://wiki2.dovecot.org/AuthDatabase/CheckPassword) or something similar. Indeed, your MySql database may contain everything needed to convert email addresses to kerb login (and vice-versa), but Dovecot?s PAM interface understandably just knows about a (login, password) pair, where the login is the one provided by the user wanting to log in. That said, I hope to be wrong, Axel From shopps at pridetechdesign.com Wed Jul 1 22:24:18 2015 From: shopps at pridetechdesign.com (Steven Hopps) Date: Wed, 01 Jul 2015 18:24:18 -0400 Subject: dovecot-lmtp In-Reply-To: <5593F91D.6030609@pridetechdesign.com> References: <5593F91D.6030609@pridetechdesign.com> Message-ID: <55946892.3020608@pridetechdesign.com> I have solved the issue, I had to add mailbox_transport to main.cf, and I had to add auth_username_format = %Ln to dovecot.conf to fix the "Unrecognized User" errors. It's now working! Steven Hopps || shopps at pridetechdesign.com 424-888-0443 || http://www.pridetechdesign.com = Ask about my Security Tune-Up & 24/7 Server Monitoring! = On 7/1/2015 10:28, Steven Hopps wrote: > Hi, I'm trying to use dovecot-lmtp so that I can filter messages with > sieve, however it doesn't appear to be working. > > I followed the instructions on wiki2.dovecot.org. I'm running Debian > Wheezy. I've got runit configured to execute postfix and dovecot, which > may be the source of the problem (runit executes /usr/sbin/dovecot -F). > I've got mail_debug turned on and there is nothing in the mail log about > lmtp. > > Any help would be appreciated. From jjhoffart at icloud.com Wed Jul 1 22:51:35 2015 From: jjhoffart at icloud.com (jjhoffart) Date: Wed, 01 Jul 2015 16:51:35 -0600 Subject: duplicate namespace prefix Message-ID: Hello, I am in the process of setting up a server that is running to invocations of dovecot. One of the invocations is acting as a backend and the other as a Director. I believe I have most of the configuration complete but I keep running into the following error: Jul 01 14:17:04 lda(postmaster at mydomain.com: Error: user postmaster at mydomain.com: Initialization failed: namespace configuration error: Duplicate namespace prefix: "" Jul 01 14:17:04 lda(postmaster@?mydomain.com: Fatal: Invalid user settings. Refer to server log for more information. Not sure where to go from here and most of my searches on the error have lead me to dead ends hoping someone can help me out. Thanks. From laz at paravis.net Wed Jul 1 23:41:05 2015 From: laz at paravis.net (Laz C. Peterson) Date: Wed, 1 Jul 2015 16:41:05 -0700 Subject: Dovecot auth username mapping In-Reply-To: References: Message-ID: Thank you for the response Axel. I will look into that. I did attempt to switch the PAM/Kerberos authentication to Dovecot LDAP authentication, but now performance is unbelievably slow. For example, with PAM/Kerberos, a user can log into webmail and have all of their emails/folders showing almost immediately. When using Dovecot LDAP, it takes literally 8-10 seconds to see the same thing. I was hoping that was a possible replacement for this, but my goodness it was so incredibly slow! This would definitely be an option though, as it does serve the purpose. I just can?t figure out how to fix the performance issue. Any thoughts to this? ~ Laz Peterson Paravis, LLC Ph: 951.319.3240 x201 > On Jul 1, 2015, at 3:24 PM, Axel Luttgens wrote: > > >> Le 1 juil. 2015 ? 04:38, Laz C. Peterson > >> a ?crit : >> >> I have an interesting case here ? >> >> Virtual mailboxes, domain/username/aliases stored in MySQL, authentication done using PAM. PAM authenticates through Kerberos, which are internal realms and not the email domains ? for example, my username would be laz at PARAVIS.LOCAL and my email address would be laz at paravis.net . >> >> All of this works just fine. But what I want to do is allow the users to log in using their email address and not their full Kerberos name. It is becoming laborious to help the users understand the difference between their username at LOCAL.REALM and username at email.address and why we have to have two separate identities that mean the same thing. >> >> I have the SQL statements to convert either the Kerberos login or the email address to the actual Kerberos login (so they may use either). But I cannot seem to figure out how to get Dovecot to acknowledge this as the mapped username. >> >> I?m sure there has to be a way. Any help will be greatly appreciated. Thank you! > > Hello Laz, > > I fear you?ll have to resort to CheckPassword (http://wiki2.dovecot.org/AuthDatabase/CheckPassword) or something similar. > > Indeed, your MySql database may contain everything needed to convert email addresses to kerb login (and vice-versa), but Dovecot?s PAM interface understandably just knows about a (login, password) pair, where the login is the one provided by the user wanting to log in. > > That said, I hope to be wrong, > Axel From laz at paravis.net Thu Jul 2 00:27:37 2015 From: laz at paravis.net (Laz C. Peterson) Date: Wed, 1 Jul 2015 17:27:37 -0700 Subject: Dovecot auth username mapping In-Reply-To: References: Message-ID: <46F16A06-B952-415D-90B0-353FF3400918@paravis.net> It?s actually unbelievable how much slower LDAP auth is than PAM. Does anyone have any suggestions how I can improve Dovecot LDAP auth? I have tried caching authentications and that doesn?t help either. ~ Laz Peterson Paravis, LLC Ph: 951.319.3240 x201 > On Jul 1, 2015, at 4:41 PM, Laz C. Peterson wrote: > > Thank you for the response Axel. I will look into that. > > I did attempt to switch the PAM/Kerberos authentication to Dovecot LDAP authentication, but now performance is unbelievably slow. For example, with PAM/Kerberos, a user can log into webmail and have all of their emails/folders showing almost immediately. When using Dovecot LDAP, it takes literally 8-10 seconds to see the same thing. > > I was hoping that was a possible replacement for this, but my goodness it was so incredibly slow! This would definitely be an option though, as it does serve the purpose. I just can?t figure out how to fix the performance issue. Any thoughts to this? > > ~ Laz Peterson > Paravis, LLC > Ph: 951.319.3240 x201 > >> On Jul 1, 2015, at 3:24 PM, Axel Luttgens wrote: >> >> >>> Le 1 juil. 2015 ? 04:38, Laz C. Peterson >> >>> a ?crit : >>> >>> I have an interesting case here ? >>> >>> Virtual mailboxes, domain/username/aliases stored in MySQL, authentication done using PAM. PAM authenticates through Kerberos, which are internal realms and not the email domains ? for example, my username would be laz at PARAVIS.LOCAL and my email address would be laz at paravis.net . >>> >>> All of this works just fine. But what I want to do is allow the users to log in using their email address and not their full Kerberos name. It is becoming laborious to help the users understand the difference between their username at LOCAL.REALM and username at email.address and why we have to have two separate identities that mean the same thing. >>> >>> I have the SQL statements to convert either the Kerberos login or the email address to the actual Kerberos login (so they may use either). But I cannot seem to figure out how to get Dovecot to acknowledge this as the mapped username. >>> >>> I?m sure there has to be a way. Any help will be greatly appreciated. Thank you! >> >> Hello Laz, >> >> I fear you?ll have to resort to CheckPassword (http://wiki2.dovecot.org/AuthDatabase/CheckPassword) or something similar. >> >> Indeed, your MySql database may contain everything needed to convert email addresses to kerb login (and vice-versa), but Dovecot?s PAM interface understandably just knows about a (login, password) pair, where the login is the one provided by the user wanting to log in. >> >> That said, I hope to be wrong, >> Axel From skdovecot at smail.inf.fh-brs.de Thu Jul 2 06:28:42 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 2 Jul 2015 08:28:42 +0200 (CEST) Subject: Using PAM and passwdfile together In-Reply-To: <5594582B.50001@jhmg.net> References: <5594582B.50001@jhmg.net> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 1 Jul 2015, Jim Garrison wrote: > I have some local users and some Postfix virtual mailboxes. The config > currently has: > >> # 2.0.9: /etc/dovecot/dovecot.conf >> # OS: Linux 2.6.32-504.12.2.el6.x86_64 x86_64 CentOS release 6.6 (Final) >> passdb { >> driver = pam >> } >> passdb { >> args = scheme=MD5 username_format=%u /etc/dovecot/auth/%d.passwd >> driver = passwd-file >> } > Each time a virtual mailbox user logs in, PAM writes a set of > Authentication Failure messages to /var/log/secure when it attempts > to find the virtual user, which it then successfully authenticates > in the passwd-file. Is there a way to prevent PAM from loggin this > spurious error and having dovecot log an authentication failure only if > BOTH methods fail? Do you have users via PAM and in the passwd-file? If not or if it does not harm, reverse the order of both passdb's . - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVZTaGnz1H7kL/d9rAQLKOAgAoNMgpf5r3E/9QQ3CIqa6gtFQyr3ivWRO j+2JMT63xwJyFNuot3ZRabUr5qNQvQPm+52cZPkX7cBqH+0fB2iiHwIstqaPWHfc M4iVnfohAonO/8thefmjCTbmx086RD3X7EYmTBNrNxw4gp57Lppz6mgsZzKBoeZ8 1H1FDTWxbikQ8ufb8woQgBcXm+LmT0VTpGpMVEndazFhwVqsxV4jHvrVi+OhbTup 0zllqciQZmat06U/hX3F5oK9L6ZXaCpbEVUcj5Zx7QA8CP7gK6ONNmme5noTLAO8 KMTYgYSNACFRWCAjye4I+djkCDJ5EWvf8M/b+czmumzRlRXmuBanFQ== =zuRO -----END PGP SIGNATURE----- From troeder at univention.de Thu Jul 2 06:26:47 2015 From: troeder at univention.de (=?UTF-8?B?RGFuaWVsIFRyw7ZkZXI=?=) Date: Thu, 02 Jul 2015 08:26:47 +0200 Subject: duplicate namespace prefix In-Reply-To: References: Message-ID: <5594D9A7.2030109@univention.de> Am 02.07.2015 um 00:51 schrieb jjhoffart: > Hello, > I am in the process of setting up a server that is running to invocations of dovecot. One of the invocations is acting as a backend and the other as a Director. I believe I have most of the configuration complete but I keep running into the following error: > > Jul 01 14:17:04 lda(postmaster at mydomain.com: Error: user postmaster at mydomain.com: Initialization failed: namespace configuration error: Duplicate namespace prefix: "" > Jul 01 14:17:04 lda(postmaster@?mydomain.com: Fatal: Invalid user settings. Refer to server log for more information. > > Not sure where to go from here and most of my searches on the error have lead me to dead ends hoping someone can help me out. > > Thanks. Each namespace must have a different prefix. The only namespace with an empty prefix is the private one for the users inboxes. Configure a different prefix one for each namespace. http://wiki2.dovecot.org/Namespaces namespace foo { separator = / prefix = foo/ <--- prefix must end in separator symbol list = children location = maildir:/var/spool/... } Daniel -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From pch at myzel.net Thu Jul 2 06:34:35 2015 From: pch at myzel.net (Peter Chiochetti) Date: Thu, 02 Jul 2015 08:34:35 +0200 Subject: Dovecot auth username mapping In-Reply-To: References: Message-ID: <5594DB7B.7070909@myzel.net> Am 2015-07-02 um 01:41 schrieb Laz C. Peterson: > > I did attempt to switch the PAM/Kerberos authentication to Dovecot > LDAP authentication, but now performance is unbelievably slow. > Any thoughts to this? In case you have multiple passdb backends, it could be, that LDAP only gets its chance, after PAM did time out. -- peter From skdovecot at smail.inf.fh-brs.de Thu Jul 2 06:39:20 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 2 Jul 2015 08:39:20 +0200 (CEST) Subject: duplicate namespace prefix In-Reply-To: <5594D9A7.2030109@univention.de> References: <5594D9A7.2030109@univention.de> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 2 Jul 2015, Daniel Tr?der wrote: > Am 02.07.2015 um 00:51 schrieb jjhoffart: >> Hello, >> I am in the process of setting up a server that is running to invocations of dovecot. One of the invocations is acting as a backend and the other as a Director. I believe I have most of the configuration complete but I keep running into the following error: >> >> Jul 01 14:17:04 lda(postmaster at mydomain.com: Error: user postmaster at mydomain.com: Initialization failed: namespace configuration error: Duplicate namespace prefix: "" >> Jul 01 14:17:04 lda(postmaster@?mydomain.com: Fatal: Invalid user settings. Refer to server log for more information. >> >> Not sure where to go from here and most of my searches on the error have lead me to dead ends hoping someone can help me out. >> >> Thanks. > Each namespace must have a different prefix. The only namespace with an > empty prefix is the private one for the users inboxes. Configure a > different prefix one for each namespace. http://wiki2.dovecot.org/Namespaces > > namespace foo { ^^^^ and don't forget to name the other namespaces differently ;-) > separator = / > prefix = foo/ <--- prefix must end in separator symbol > list = children > location = maildir:/var/spool/... > } - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVZTcmHz1H7kL/d9rAQJHAAf/ZscGIsJD71PvDJGuMY/gPvnSb740UMlp OQXFc3Wi1lCmv1s4G25N2S3eQDQE1wGvh4Rd55KAiZrhnSWKcx4oDTeT6zuO0WI3 EX2cg4GuPza4aZaCa+tCngRz6NTlVtES64w8SPiC5uq7kR2Mya9mz+XFtY8DZ8Zc eUeANf3OhiBEmLNOvTQD7qfCMoByCmUNghpw3MZLT5hQyxhfiGcmTGPL0L81Jz6e o9hSLhkKOg2v55QgvarTLwZk3Xaiop5QM/K0+Nx3+5G2ROZoUOaGodI5SneVyeR1 AXiqV1RT/XliK71La6yRgh3e5F2mKEfEL8fvZ+exspVdG5FzGgL96w== =p6w5 -----END PGP SIGNATURE----- From bytesplit at gmail.com Thu Jul 2 06:51:14 2015 From: bytesplit at gmail.com (Philon) Date: Thu, 2 Jul 2015 08:51:14 +0200 Subject: Dovecot auth username mapping In-Reply-To: <46F16A06-B952-415D-90B0-353FF3400918@paravis.net> References: <46F16A06-B952-415D-90B0-353FF3400918@paravis.net> Message-ID: Hi Laz, I?m just wondering? why are you using LDAP and/or PAM to access the MySQL server? If also the password is stored in the db you could use MySQL directly? Because then you could use password_query and user_query to actually split the provided email address into name and domain parts. Then you can lookup each individually or adjust as needed... I have something like this: user_query = SELECT CONCAT('/var/mail/virtual/', SUBSTRING(`mail_addr`, LOCATE('@', `mail_addr`) +1 ), '/', \ SUBSTRING(`mail_addr`, 1, LOCATE('@', `mail_addr`) -1) ) AS 'home', '1000' AS 'uid', \ '8' AS 'gid', CONCAT('*:bytes=', `quota`, 'M') AS 'quota_rule' FROM `mail_users` \ WHERE `mail_addr` = '%u' AND `status` = 'ok' AND `mail_type` LIKE '%%_mail%%? With an SQL statement you could even use sub-selects and whatnot to do complicated things. Perhaps you could do something similar with the LDAP string but I never used LDAP that much? Philon > Am 02.07.2015 um 02:27 schrieb Laz C. Peterson : > > It?s actually unbelievable how much slower LDAP auth is than PAM. Does anyone have any suggestions how I can improve Dovecot LDAP auth? I have tried caching authentications and that doesn?t help either. > > ~ Laz Peterson > Paravis, LLC > Ph: 951.319.3240 x201 > >> On Jul 1, 2015, at 4:41 PM, Laz C. Peterson wrote: >> >> Thank you for the response Axel. I will look into that. >> >> I did attempt to switch the PAM/Kerberos authentication to Dovecot LDAP authentication, but now performance is unbelievably slow. For example, with PAM/Kerberos, a user can log into webmail and have all of their emails/folders showing almost immediately. When using Dovecot LDAP, it takes literally 8-10 seconds to see the same thing. >> >> I was hoping that was a possible replacement for this, but my goodness it was so incredibly slow! This would definitely be an option though, as it does serve the purpose. I just can?t figure out how to fix the performance issue. Any thoughts to this? >> >> ~ Laz Peterson >> Paravis, LLC >> Ph: 951.319.3240 x201 >> >>> On Jul 1, 2015, at 3:24 PM, Axel Luttgens wrote: >>> >>> >>>> Le 1 juil. 2015 ? 04:38, Laz C. Peterson >>> >>>> a ?crit : >>>> >>>> I have an interesting case here ? >>>> >>>> Virtual mailboxes, domain/username/aliases stored in MySQL, authentication done using PAM. PAM authenticates through Kerberos, which are internal realms and not the email domains ? for example, my username would be laz at PARAVIS.LOCAL and my email address would be laz at paravis.net . >>>> >>>> All of this works just fine. But what I want to do is allow the users to log in using their email address and not their full Kerberos name. It is becoming laborious to help the users understand the difference between their username at LOCAL.REALM and username at email.address and why we have to have two separate identities that mean the same thing. >>>> >>>> I have the SQL statements to convert either the Kerberos login or the email address to the actual Kerberos login (so they may use either). But I cannot seem to figure out how to get Dovecot to acknowledge this as the mapped username. >>>> >>>> I?m sure there has to be a way. Any help will be greatly appreciated. Thank you! >>> >>> Hello Laz, >>> >>> I fear you?ll have to resort to CheckPassword (http://wiki2.dovecot.org/AuthDatabase/CheckPassword) or something similar. >>> >>> Indeed, your MySql database may contain everything needed to convert email addresses to kerb login (and vice-versa), but Dovecot?s PAM interface understandably just knows about a (login, password) pair, where the login is the one provided by the user wanting to log in. >>> >>> That said, I hope to be wrong, >>> Axel From liuyingying5496 at 126.com Thu Jul 2 09:02:48 2015 From: liuyingying5496 at 126.com (=?GBK?B?wfXTqNOo?=) Date: Thu, 2 Jul 2015 17:02:48 +0800 (CST) Subject: the file dovecot-uidlist.lock appear then deadlock Message-ID: <471a800f.1f634.14e4e010cb3.Coremail.liuyingying5496@126.com> hi: sometimes i can't use imap command to get mails, when this problem appear i find out the file dovecot-uidlist.lock appear at the same time . I don't know Why is this happening ? can you help me ? thanks ! From skdovecot at smail.inf.fh-brs.de Thu Jul 2 09:36:23 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 2 Jul 2015 11:36:23 +0200 (CEST) Subject: the file dovecot-uidlist.lock appear then deadlock In-Reply-To: <471a800f.1f634.14e4e010cb3.Coremail.liuyingying5496@126.com> References: <471a800f.1f634.14e4e010cb3.Coremail.liuyingying5496@126.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 2 Jul 2015, ??? wrote: > sometimes i can't use imap command to get mails, when this problem appear i find out the file dovecot-uidlist.lock appear at the same time . I don't know Why is this happening ? can you help me ? + post the output of: doveconf -n + post the last entries in the log and + explain what "can't use imap command" means, do you login with a mail client or do you use the command line + when this happens, please run & post: doveadm who - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVZUGGHz1H7kL/d9rAQKeZQf9Gk2yYVgAwsyXTxOww9P6kUA7PgUJpgTQ RQGQtrBokxGXcUzBTVqLoJs1rpI+qsF0AxR2yTKwhTnqbzGnbToxlRddyQVkA+wE 6WGVbrQcX58mXYjRFFyig5HPUPHgmVBDUZudVgVCQIYnDe/zs3kIE3Nh5JLhblMv vNGJeHpzpG1yg/c7gOjhFsqNbaFeXecVTEpRlO+PwnkdogYqfUug0ul9MfHzQRi1 /KM9DO7SkPyYDG6KZGsxKcAOMoGRAmSw9I2taYtsBF3yFFV058y/+vRFHxdHTLkb taust3ggt6UhSPOsmkdO8WD5JwYG7VmZ9XBJaWTaqjHInzcXyUhwIQ== =/hUd -----END PGP SIGNATURE----- From dragos.pacher at apexgroup.ro Thu Jul 2 10:16:06 2015 From: dragos.pacher at apexgroup.ro (Dragos Pacher) Date: Thu, 2 Jul 2015 13:16:06 +0300 Subject: Outlook 2013 not fetching new mail/synchronization issues In-Reply-To: <5592B031.3030208@sys4.de> References: <023801d0b253$960564f0$c2102ed0$@apexgroup.ro> <55918491.3060000@sys4.de> <00e401d0b306$85daa960$918ffc20$@apexgroup.ro> <034501d0b324$dc33ef10$949bcd30$@apexgroup.ro> <5592B031.3030208@sys4.de> Message-ID: <024f01d0b4b0$1c591bb0$550b5310$@apexgroup.ro> Unfortunately disabling antivirus did not help. I also set IMAP on 143 TLS, removed Root folder path and left everything unchecked in outlook delete. Emails are still not fetching. Any other ideas ? Pacher Dragos -----Original Message----- From: dovecot [mailto:dovecot-bounces at dovecot.org] On Behalf Of Robert Schetterer Sent: 30 June 2015 18:05 To: dovecot at dovecot.org Subject: Re: Outlook 2013 not fetching new mail/synchronization issues Am 30.06.2015 um 13:06 schrieb Dragos Pacher: > There is also an antivirus running on client with antispam module. I > will try to disable it and see if there is any change. > > Pacher Dragos yeah most problems are depend to such software Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From jerry at seibercom.net Thu Jul 2 11:26:45 2015 From: jerry at seibercom.net (Jerry) Date: Thu, 2 Jul 2015 07:26:45 -0400 Subject: Outlook 2013 not fetching new mail/synchronization issues In-Reply-To: <024f01d0b4b0$1c591bb0$550b5310$@apexgroup.ro> References: <023801d0b253$960564f0$c2102ed0$@apexgroup.ro> <55918491.3060000@sys4.de> <00e401d0b306$85daa960$918ffc20$@apexgroup.ro> <034501d0b324$dc33ef10$949bcd30$@apexgroup.ro> <5592B031.3030208@sys4.de> <024f01d0b4b0$1c591bb0$550b5310$@apexgroup.ro> Message-ID: <20150702072645.417d7c05@seibercom.net> On Thu, 2 Jul 2015 13:16:06 +0300, Dragos Pacher stated: >I also set IMAP on 143 TLS, removed Root folder path and left everything >unchecked in outlook delete. > >Emails are still not fetching. > >Any other ideas ? Have you use any other MUA to download emails prior to Outlook? Is any other MUA running in the background when attempting to use Outlook? I have no idea at this point what your problem is. I have a basic Dovecot configuration, and it seems to work fine with Outlook 2013. This is the Dovecot config: # 2.2.18: /usr/local/etc/dovecot/dovecot.conf # Pigeonhole version 0.4.8 (0c4ae064f307+) # OS: FreeBSD 10.1-RELEASE-p10 amd64 ufs auth_mechanisms = plain login cram-md5 digest-md5 lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes log_path = /var/log/dovecot.log mail_location = maildir:/var/mail/vmail/%d/gerard managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave duplicate namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = username_format=%u /usr/local/etc/dovecot/user/passwd driver = passwd-file } passdb { args = scheme=CRYPT username_format=%u /usr/local/etc/dovecot/user/passwd driver = passwd-file } passdb { args = scheme=CRYPT username_format=%u /usr/local/etc/dovecot/user/passwd driver = passwd-file } plugin { sieve_global_dir = /usr/local/etc/dovecot/sieve/ sieve_global_path = /usr/local/etc/dovecot/sieve/default.sieve } postmaster_address = postmaster at seibercom.net service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } unix_listener auth-userdb { group = vmail mode = 0666 user = vmail } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } } service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } } ssl_cert = (near the bottom of the list).It requires a restart of Outlook. Have you on the folder name and then "IMAP Folders" and seeing if al of the folders are present? You could try the same thing only check "Update Folder List". Also check "Account Property's" From Hajo.Locke at gmx.de Thu Jul 2 11:52:18 2015 From: Hajo.Locke at gmx.de (Hajo Locke) Date: Thu, 02 Jul 2015 13:52:18 +0200 Subject: autocreating folders with special chars stored in mysql-userdb Message-ID: <559525F2.2060503@gmx.de> Hello, i use dovecot 2.2.18 and do some tests with an utf8 mysqlbackend. I use MySQL to authenticate Users and for retrieving some individual settings like autocreating folders etc. by userdb-settings in user-query. Yet no problems with standard language. Now i try to provide userdb-settings in exotic languages. My MySQL table uses utf8 charset. I store some data in my userdb-column. Here an polish example: "namespace/inbox/mailbox=example namespace/inbox/mailbox/example/name=post?powa? namespace/inbox/mailbox/example/auto=subscribe" Result is a new folder in dovecot, but in client every special char ? and ? is replaced with a "?" I seems that at some point a conversion to latin1 is performed which ruins the utf8 chars. Creating a folder post?powa? by imap-client is no problem. Hmm, what should i do now? I dont know how to influence dovecot to process retrieved utf8 data furthermore as utf8. Which charset is using dovecot when connecting to mysqldb and how to take influence? Thanks, Hajo From laz at paravis.net Thu Jul 2 13:25:42 2015 From: laz at paravis.net (Laz C. Peterson) Date: Thu, 2 Jul 2015 06:25:42 -0700 Subject: Dovecot auth username mapping In-Reply-To: <5594DB7B.7070909@myzel.net> References: <5594DB7B.7070909@myzel.net> Message-ID: Peter, Yes that is a possibility. I will try disabling PAM (or switching the auth order) and see if that makes a difference. Thanks for the suggestion! ~ Laz Peterson Paravis, LLC Ph: 951.319.3240 x201 > On Jul 1, 2015, at 11:34 PM, Peter Chiochetti wrote: > > Am 2015-07-02 um 01:41 schrieb Laz C. Peterson: >> >> I did attempt to switch the PAM/Kerberos authentication to Dovecot >> LDAP authentication, but now performance is unbelievably slow. >> Any thoughts to this? > > In case you have multiple passdb backends, it could be, that LDAP only gets its chance, after PAM did time out. > > > -- > peter From bra at fsn.hu Thu Jul 2 14:22:16 2015 From: bra at fsn.hu (Nagy, Attila) Date: Thu, 02 Jul 2015 16:22:16 +0200 Subject: imapc fetch optimization In-Reply-To: References: <553FF242.80308@fsn.hu> <8D901FAD-3F75-456B-A30D-4385E2235C4C@iki.fi> <55477B26.3090507@fsn.hu> Message-ID: <55954918.6020708@fsn.hu> On 05/04/15 17:45, Timo Sirainen wrote: > On 04 May 2015, at 16:59, Nagy, Attila wrote: >> Hi, >> >> On 05/04/15 10:59, Timo Sirainen wrote: >>> On 28 Apr 2015, at 23:49, Nagy, Attila wrote: >>>> Hi, >>>> >>>> imapc does a lot of UID FETCH $UID (BODY.PEEK[]), which is nice, because it works even with the dumbest IMAP server, altough it really kills performance, especially on high latency lines. >>>> >>>> I wonder: if IMAP servers can effectively handle boundless fetches (like a list with all wanted UIDs, or simply 1:* if all are needed), do you see this as a good addition to develop? >>> Set mail_prefetch_count = 10 or 100 or something and it'll do larger FETCHes. The higher the value, the more memory/disk space is used for storing the received mails. >>> >> I'm aware of that, but it doesn't, or at least not always. >> For example Thunderbird issues this: >> 13 UID fetch 333574:333601,333630:333801 (UID RFC822.SIZE FLAGS BODY.PEEK[HEADER.FIELDS (From To Cc Bcc Subject Date Message-ID Priority X-Priority References Newsgroups In-Reply-To Content-Type Reply-To)]) >> Dovecot does this to the IMAP backend >> 18 UID FETCH 333574 (BODY.PEEK[]) > Oh, there were several bugs related to that. Fixed: > > http://hg.dovecot.org/dovecot-2.2/rev/8f20aa806bcc > http://hg.dovecot.org/dovecot-2.2/rev/d350a23207c2 > http://hg.dovecot.org/dovecot-2.2/rev/8c49fb6d789b I've just tried 2.2.18, which has the above modifications, but the effect is the same. I have these in the config: # doveconf -n | egrep 'prefe|imapc' imapc_features = rfc822.size fetch-headers imapc_host = 10.3.34.12 mail_location = imapc:~/imapc mail_prefetch_count = 100 With an empty imapc directory a POP3 login yields these on the backend IMAP server: 2 LOGIN "user" "pass" 1 LIST "" "" 3 SELECT "INBOX" 4 NOOP 5 UID FETCH 1:* (FLAGS) 6 UID FETCH 2 (RFC822.SIZE) 7 UID FETCH 3 (RFC822.SIZE) 8 UID FETCH 4 (RFC822.SIZE) 9 UID FETCH 5 (RFC822.SIZE) 10 UID FETCH 6 (RFC822.SIZE) 11 UID FETCH 7 (RFC822.SIZE) 12 UID FETCH 8 (RFC822.SIZE) [...] so on, for every message... The response times for each of the FETCHes are around 13-16 ms, so logging into dovecot for the first time takes more than a minute with 5000 mails in the INBOX and a half day with around a million... It would be good to have a: 6 UID FETCH 1:* (RFC822.SIZE) or even a: 5 UID FETCH 1:* (FLAGS RFC822.SIZE) if needed (dovecot first fills up its cache, or other cases when the full list is needed) If dovecot would issue the latter for this 5000-mail inbox, the first fetch (and POP login) would take only 500 ms instead of the 75 seconds that it takes now... Could you please tweak this some more? :) Thanks, From laz at paravis.net Thu Jul 2 15:07:04 2015 From: laz at paravis.net (Laz C. Peterson) Date: Thu, 2 Jul 2015 08:07:04 -0700 Subject: Dovecot auth username mapping In-Reply-To: References: <5594DB7B.7070909@myzel.net> Message-ID: Ahh Peter, good call on this one! So after playing around with the order of authentication in Dovecot, you are correct, the PAM timeout was causing the holdup. I guess since PAM has no way of looking up whether or not a user exists prior to authenticating, this is causing the hiccup, versus LDAP which can search for a user?s existence prior to the auth. Switching these around, I notice almost *no* degradation in performance for PAM authentications, and the LDAP authentications run smooth as I would hope them to. Awesome, so now we have our solution! (I think.) Gotta say, a lot of love goes out to the Dovecot community (especially Timo!) for all the inspiration and help that I?ve received. Dovecot is a great app and this community is the backbone of it all. Cheers to all! Thanks again. ~ Laz Peterson Paravis, LLC Ph: 951.319.3240 x201 > On Jul 2, 2015, at 6:25 AM, Laz C. Peterson wrote: > > Peter, > > Yes that is a possibility. I will try disabling PAM (or switching the auth order) and see if that makes a difference. Thanks for the suggestion! > > ~ Laz Peterson > Paravis, LLC > Ph: 951.319.3240 x201 > >> On Jul 1, 2015, at 11:34 PM, Peter Chiochetti wrote: >> >> Am 2015-07-02 um 01:41 schrieb Laz C. Peterson: >>> >>> I did attempt to switch the PAM/Kerberos authentication to Dovecot >>> LDAP authentication, but now performance is unbelievably slow. >>> Any thoughts to this? >> >> In case you have multiple passdb backends, it could be, that LDAP only gets its chance, after PAM did time out. >> >> >> -- >> peter From liuyingying5496 at 126.com Fri Jul 3 02:40:59 2015 From: liuyingying5496 at 126.com (=?GBK?B?wfXTqNOo?=) Date: Fri, 3 Jul 2015 10:40:59 +0800 (CST) Subject: the file dovecot-uidlist.lock appear then deadlock In-Reply-To: References: <471a800f.1f634.14e4e010cb3.Coremail.liuyingying5496@126.com> Message-ID: <2e2b4193.44e2.14e51c9d96e.Coremail.liuyingying5496@126.com> >dovecot -n log_path: /var/log/maillog protocols: pop3 pop3s imap imaps bport ssl_cert_file: /etc/pki/NSMail/SSL.cert ssl_key_file: /etc/pki/NSMail/SSL.key disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable(default): /usr/libexec/dovecot/imap-login login_executable(imap): /usr/libexec/dovecot/imap-login login_executable(pop3): /usr/libexec/dovecot/pop3-login first_valid_uid: 150 mail_uid: 199 mail_gid: 199 mail_location: maildir:/%Lh/%Ld/%Ln/:INDEX=/%Lh/%Ld/%Ln/ mmap_disable: yes mail_nfs_index: yes mail_drop_priv_before_exec: yes mail_executable(default): /usr/libexec/dovecot/imap mail_executable(imap): /usr/libexec/dovecot/imap mail_executable(pop3): /usr/libexec/dovecot/pop3 mail_plugins(default): quota imap_quota zlib mdec imap_acl acl autocreate expire mail_plugins(imap): quota imap_quota zlib mdec imap_acl acl autocreate expire mail_plugins(pop3): quota zlib mdec expire mail_plugin_dir(default): /usr/lib64/dovecot/imap mail_plugin_dir(imap): /usr/lib64/dovecot/imap mail_plugin_dir(pop3): /usr/lib64/dovecot/pop3 pop3_no_flag_updates(default): no pop3_no_flag_updates(imap): no pop3_no_flag_updates(pop3): yes pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh namespace:.......... >The exceptions log Jun 29 09:44:49 IMAP(public at test.com): Error: *** %n in writable segment detected *** Jun 29 09:44:49 dovecot: Error: child 138430 (imap) killed with signal 6 (core dumped) Jun 29 09:44:50 mail postfix/smtpd[58328]: warning: hostname[127.0.0.1]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 29 09:44:50 mail postfix/smtpd[58328]: lost connection after AUTH from hostname[127.0.0.1] Jun 29 09:44:50 mail postfix/smtpd[58328]: disconnect from hostname[127.0.0.1] Jun 29 09:44:51 mail postfix/smtpd[29019]: connect from hostname[127.0.0.1] >>>>>>>>>>>>>>>>>>>>>>> when there are too many new messages in INBOX (about 4000 new messages) , I can't open INBOX by webmail to check new e-mails . at the same time there is a lock file named dovecot-uidlist.lock still in maildir directory . I have never see this file ,I guess dovecot-uidlist is locked by dovecot-uidlist.lock and no longre unlocked so dovecot-uidlist can't be operation then I unable to access mailbox. this is my guess , dovecot-uidlist.lock appears under what conditions? At 2015-07-02 17:36:23, "Steffen Kaiser" wrote: >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > >On Thu, 2 Jul 2015, ??? wrote: > >> sometimes i can't use imap command to get mails, when this problem appear i find out the file dovecot-uidlist.lock appear at the same time . I don't know Why is this happening ? can you help me ? > >+ post the output of: doveconf -n >+ post the last entries in the log and >+ explain what "can't use imap command" means, do you login with a mail >client or do you use the command line >+ when this happens, please run & post: doveadm who > >- -- >Steffen Kaiser >-----BEGIN PGP SIGNATURE----- >Version: GnuPG v1 > >iQEVAwUBVZUGGHz1H7kL/d9rAQKeZQf9Gk2yYVgAwsyXTxOww9P6kUA7PgUJpgTQ >RQGQtrBokxGXcUzBTVqLoJs1rpI+qsF0AxR2yTKwhTnqbzGnbToxlRddyQVkA+wE >6WGVbrQcX58mXYjRFFyig5HPUPHgmVBDUZudVgVCQIYnDe/zs3kIE3Nh5JLhblMv >vNGJeHpzpG1yg/c7gOjhFsqNbaFeXecVTEpRlO+PwnkdogYqfUug0ul9MfHzQRi1 >/KM9DO7SkPyYDG6KZGsxKcAOMoGRAmSw9I2taYtsBF3yFFV058y/+vRFHxdHTLkb >taust3ggt6UhSPOsmkdO8WD5JwYG7VmZ9XBJaWTaqjHInzcXyUhwIQ== >=/hUd >-----END PGP SIGNATURE----- From chibi at gol.com Fri Jul 3 03:14:52 2015 From: chibi at gol.com (Christian Balzer) Date: Fri, 3 Jul 2015 12:14:52 +0900 Subject: Scalability with high density servers and proxies, TCP port limits Message-ID: <20150703121452.13df7cf7@batzmaru.gol.ad.jp> Hello, first post in 3 years, kinda shows how painless Dovecot is. ^o^ Also this isn't really a dovecot issue, alas it's involved and since there are some large scale implementations of it I hope somebody here has some insights I might have missed. Currently we're running this setup: 1. LVS (DR mode) in a HA configuration (2 node cluster) 2. Dovecot in proxy mode on a 2 node cluster 3. Dovecot on actual mailbox servers (dual node DRBD clusters) There are about 500k users, but most of them use POP3, so there are usually less than 6k IMAP sesions at any given time. This is about to change, I'm looking at potentially millions of users who will have all semi-permanent IMAP sessions. We already have a pure SSD based mailbox cluster and based on the experiences with that another one is on order that will be able to easily handle about 500k users with regards to IOPS and other needs. However there's the issue of having all these concurrent IMAP sessions. Namely, running out of ephemeral ports. Lets assume 2 million users and 50k ports per IP and revisit the setup above. 1. LVS should have no problem, from experience and tests I expect a well tuned and spec'ed machine to handle millions of connections. This is in DR mode, in NAT mode I assume things would run into a wall a lot quicker. But even if LVS should run out of steam, there's a wide selection of high capacity load balancers available. 2. Here is where the fun starts. Each IMAP session that gets proxied to the real mailbox server needs a port for the outgoing connection. So to support 2 million sessions we need 40 IP addresses here. Ouch. And from a brief test having multiple IP addresses per server won't help either (Dovecot unsurprisingly picks the main IP when establishing a proxy session to the real mailbox), at least not with just one default GW. 3. All of this gets repeated on the actual mailbox servers, by either having a lot of low density servers or (preferably) high density servers with multiple IP addresses. Am I on track so far or missing something obvious? How many concurrent connections do you (hello Timo) think dovecot in proxy mode can handle? High performance mode of course in this case. I'm interested in internal limitations, assume that CPU and RAM are amply supplied. Any and all feedback is appreciated. Regards, Christian -- Christian Balzer Network/Systems Engineer chibi at gol.com Global OnLine Japan/Fusion Communications http://www.gol.com/ From bind at enas.net Fri Jul 3 05:05:43 2015 From: bind at enas.net (Urban Loesch) Date: Fri, 03 Jul 2015 07:05:43 +0200 Subject: Scalability with high density servers and proxies, TCP port limits In-Reply-To: <20150703121452.13df7cf7@batzmaru.gol.ad.jp> References: <20150703121452.13df7cf7@batzmaru.gol.ad.jp> Message-ID: <55961827.4030402@enas.net> Hi, Am 03.07.2015 um 05:14 schrieb Christian Balzer: > > 2. Here is where the fun starts. > Each IMAP session that gets proxied to the real mailbox server needs a > port for the outgoing connection. > So to support 2 million sessions we need 40 IP addresses here. Ouch. > And from a brief test having multiple IP addresses per server won't help > either (Dovecot unsurprisingly picks the main IP when establishing a > proxy session to the real mailbox), at least not with just one default GW. > If I remeber correctly there is a config option in dovecot 2.x where you can set the ip addresses which dovecot should use for outgoing proxy connections. Sorry, but I can't remeber the option. Best Urban From chibi at gol.com Fri Jul 3 05:29:55 2015 From: chibi at gol.com (Christian Balzer) Date: Fri, 3 Jul 2015 14:29:55 +0900 Subject: Scalability with high density servers and proxies, TCP port limits In-Reply-To: <55961827.4030402@enas.net> References: <20150703121452.13df7cf7@batzmaru.gol.ad.jp> <55961827.4030402@enas.net> Message-ID: <20150703142955.75dc2187@batzmaru.gol.ad.jp> On Fri, 03 Jul 2015 07:05:43 +0200 Urban Loesch wrote: > Hi, > > Am 03.07.2015 um 05:14 schrieb Christian Balzer: > > > > > 2. Here is where the fun starts. > > Each IMAP session that gets proxied to the real mailbox server needs a > > port for the outgoing connection. > > So to support 2 million sessions we need 40 IP addresses here. Ouch. > > And from a brief test having multiple IP addresses per server won't > > help either (Dovecot unsurprisingly picks the main IP when > > establishing a proxy session to the real mailbox), at least not with > > just one default GW. > > > > If I remeber correctly there is a config option in dovecot 2.x where you > can set the ip addresses which dovecot should use for outgoing proxy > connections. Sorry, but I can't remeber the option. > Looking at the documentation on the Wiki I was going to say "That won't help", as it says address. http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy But since that page is rather terse, I looked up the changelog and found that it indeed was added for use cases like mine: http://www.dovecot.org/list/dovecot-cvs/2014-June/024574.html Unfortunately the latest dovecot version in Debian is 2.2.13... Additionally this still leaves the actual mailbox servers, which in my case will need to be able to handle more than 50k sessions as well. Thanks for the info, Christian -- Christian Balzer Network/Systems Engineer chibi at gol.com Global OnLine Japan/Fusion Communications http://www.gol.com/ From ernest.deak at somi.sk Fri Jul 3 12:12:40 2015 From: ernest.deak at somi.sk (Ernest Deak) Date: Fri, 03 Jul 2015 14:12:40 +0200 Subject: Dovecot LMTP tries to access a directory of a different user, than the one it actually changed to. Message-ID: <55967C38.7040702@somi.sk> Hello, I encountered a problem when trying to send an email to multiple recipients. === LOG === ... cut ... Jul 3 12:34:57 dhcp90 dovecot: lmtp(24106): Debug: none: root=, index=, control=, inbox= Jul 3 12:34:57 dhcp90 dovecot: lmtp(24106): Connect from local Jul 3 12:34:57 dhcp90 dovecot: lmtp(24106): Debug: Loading modules from directory: /usr/lib64/dovecot Jul 3 12:34:57 dhcp90 dovecot: lmtp(24106): Debug: Module loaded: /usr/lib64/dovecot/lib90_sieve_plugin.so Jul 3 12:34:57 dhcp90 dovecot: lmtp(24106): Debug: auth input: han.solo system_groups_user=han.solo uid=805 gid=800 home=/home/han.solo Jul 3 12:34:57 dhcp90 dovecot: lmtp(24106): Debug: auth input: tester system_groups_user=tester uid=802 gid=800 home=/home/tester Jul 3 12:34:57 dhcp90 dovecot: lmtp(24106): Debug: auth input: vader system_groups_user=vader uid=804 gid=800 home=/home/vader Jul 3 12:34:57 dhcp90 dovecot: lmtp(24106, han.solo): Debug: Effective uid=805, gid=800, home=/home/han.solo Jul 3 12:34:57 dhcp90 dovecot: lmtp(24106, han.solo): Debug: fs: root=/home/han.solo/mail, index=, control=, inbox=/var/mail/han.solo Jul 3 12:34:57 dhcp90 dovecot: lmtp(24106, han.solo): Debug: 70NxN1FlllUqXgAA0vrzwA: sieve: user's script path /home/han.solo/.dovecot.sieve doesn't exist (using global script path in stead) Jul 3 12:34:57 dhcp90 dovecot: lmtp(24106, han.solo): Debug: 70NxN1FlllUqXgAA0vrzwA: sieve: user has no valid personal script Jul 3 12:34:57 dhcp90 dovecot: lmtp(24106, han.solo): Debug: 70NxN1FlllUqXgAA0vrzwA: sieve: no scripts to execute: reverting to default delivery. Jul 3 12:34:57 dhcp90 dovecot: lmtp(24106, han.solo): 70NxN1FlllUqXgAA0vrzwA: msgid=<55966551.IfKOMu/T0WTB9M5x%vader at dhcp90.#####>: saved mail to INBOX Jul 3 12:34:57 dhcp90 dovecot: lmtp(24106, tester): Debug: Effective uid=802, gid=800, home=/home/tester Jul 3 12:34:57 dhcp90 dovecot: lmtp(24106, tester): Debug: fs: root=/home/tester/mail, index=, control=, inbox=/var/mail/tester Jul 3 12:34:57 dhcp90 dovecot: lmtp(24106, tester): Debug: 70NxN1FlllUqXgAA0vrzwA: sieve: user's script path /home/tester/.dovecot.sieve doesn't exist (using global script path in stead) Jul 3 12:34:57 dhcp90 dovecot: lmtp(24106, tester): Debug: 70NxN1FlllUqXgAA0vrzwA: sieve: user has no valid personal script Jul 3 12:34:57 dhcp90 dovecot: lmtp(24106, tester): Debug: 70NxN1FlllUqXgAA0vrzwA: sieve: no scripts to execute: reverting to default delivery. Jul 3 12:34:57 dhcp90 dovecot: lmtp(24106, tester): Error: stat(/home/han.solo/mail/.imap/INBOX/dovecot.index.log) failed: Permission denied (euid=802(tester) egid=800(kerber) missing +x perm: /home/han.solo, euid is not dir owner) Jul 3 12:34:57 dhcp90 dovecot: lmtp(24106, tester): Error: open(/home/han.solo/mail/.imap/INBOX/dovecot.index) failed: Permission denied (euid=802(tester) egid=800(kerber) missing +x perm: /home/han.solo, euid is not dir owner) Jul 3 12:34:57 dhcp90 dovecot: lmtp(24106, tester): 70NxN1FlllUqXgAA0vrzwA: msgid=<55966551.IfKOMu/T0WTB9M5x%vader at dhcp90.#####>: save failed to INBOX: BUG: Unknown internal error Jul 3 12:34:57 dhcp90 sendmail[24121]: t63AYvn5024116: to=, ctladdr= (804/800), delay=00:00:00, xdelay=00:00:00, mailer=local, pri=91062, relay=localhost, dsn=4.2.0, stat=Deferred: 451 4.2.0 BUG: Unknown internal error Jul 3 12:34:57 dhcp90 dovecot: lmtp(24106, vader): Debug: Effective uid=804, gid=800, home=/home/vader Jul 3 12:34:57 dhcp90 dovecot: lmtp(24106, vader): Debug: fs: root=/home/vader/mail, index=, control=, inbox=/var/mail/vader Jul 3 12:34:57 dhcp90 dovecot: lmtp(24106, vader): Debug: 70NxN1FlllUqXgAA0vrzwA: sieve: user's script path /home/vader/.dovecot.sieve doesn't exist (using global script path in stead) Jul 3 12:34:57 dhcp90 dovecot: lmtp(24106, vader): Debug: 70NxN1FlllUqXgAA0vrzwA: sieve: user has no valid personal script Jul 3 12:34:57 dhcp90 dovecot: lmtp(24106, vader): Debug: 70NxN1FlllUqXgAA0vrzwA: sieve: no scripts to execute: reverting to default delivery. Jul 3 12:34:57 dhcp90 dovecot: lmtp(24106, vader): Error: stat(/home/han.solo/mail/.imap/INBOX/dovecot.index.log) failed: Permission denied (euid=804(vader) egid=800(kerber) missing +x perm: /home/han.solo, euid is not dir owner) Jul 3 12:34:57 dhcp90 dovecot: lmtp(24106, vader): Error: open(/home/han.solo/mail/.imap/INBOX/dovecot.index) failed: Permission denied (euid=804(vader) egid=800(kerber) missing +x perm: /home/han.solo, euid is not dir owner) Jul 3 12:34:57 dhcp90 dovecot: lmtp(24106, vader): 70NxN1FlllUqXgAA0vrzwA: msgid=<55966551.IfKOMu/T0WTB9M5x%vader at dhcp90.#####>: save failed to INBOX: BUG: Unknown internal error Jul 3 12:34:57 dhcp90 sendmail[24121]: t63AYvn5024116: to=, ctladdr= (804/800), delay=00:00:00, xdelay=00:00:00, mailer=local, pri=91062, relay=localhost, dsn=4.2.0, stat=Deferred: 451 4.2.0 BUG: Unknown internal error Jul 3 12:34:57 dhcp90 sendmail[24121]: t63AYvn5024116: to=, ctladdr= (804/800), delay=00:00:00, xdelay=00:00:00, mailer=local, pri=91062, relay=localhost, dsn=2.0.0, stat=Sent Jul 3 12:34:57 dhcp90 dovecot: lmtp(24106): Disconnect from local: Client quit =========== The setup is as follows: All users have /bin/false instead of a shell. Each user has a unique UID but they all have 1 GID (800) My MTA is sendmail I am using dovecot-lmtp for local delivery Mailbox format is mbox Configured managesieve plugin to listen on 4190. (not sure if this is even related but it might) The problem I see is that lmtp(user1) tries to access the home directory /home/user2 and I cannot figure out the reason why. This only happens when sending mails to multiple recipients. I see the that lmtp complains that it doesn't have execute permissions. But I don't want to place execute permissions for others on the entire /home/* dir structure. Also, 700 are the default creation permissions. So new users would have to be chmod'ed manually. (unless there is a setting in dovecot) I used "mailx" to send a test email to multiple recipients `echo "test message" | mailx -s "subject" -r vader at dhcp90.##### han.solo at dhcp90.##### vader at dhcp90.##### tester at dhcp90.#####` The only one who actually receives the message is han.solo at dhcp90.##### and The same happens with aliases in /etc/aliases. `echo "group test" | mailx -s "subject" -r vader at dhcp90.##### grouplist at dhcp90.#####` "grouplist" is defined in /etc/aliases and contains the same users as in the log Any help with this is greatly appreciated. Here is my dovecot configuration: === `dovecot -n` === # 2.0.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-504.12.2.el6.x86_64 x86_64 CentOS release 6.6 (Final) auth_debug = yes auth_mechanisms = plain login disable_plaintext_auth = no lda_mailbox_autocreate = yes mail_debug = yes mail_full_filesystem_access = yes mail_gid = mail mail_location = mbox:~/mail:INBOX=/var/mail/%u managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mbox_write_locks = fcntl passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 lmtp sieve service lmtp { client_limit = 1 executable = /usr/libexec/dovecot/lmtp -L inet_listener lmtp { address = 127.0.0.1 ::1 port = 24 } process_min_avail = 1 } service managesieve-login { inet_listener sieve { port = 4190 } } ssl_cert = From sb at dod.no Fri Jul 3 12:28:41 2015 From: sb at dod.no (Steinar Bang) Date: Fri, 03 Jul 2015 14:28:41 +0200 Subject: dovecot auth using 100% CPU References: <20150621094148.GA8593@4angle.com> <000301d0ac0c$5dc23ca0$1946b5e0$@jorge@decimal.pt> <20150623124131.GA31703@4angle.com> Message-ID: >>>>> Edward Betts : > Jorge Bastos wrote: >> What do you see in the logs? >> My guess is that someone is trying a brute force auth against you, > Thanks Jorge, I think this is the answer. I'm using dovecot for exim4 SMTP > authentication. The exim4 logs show brute force attacks. A little late response, but since you're using debian you could try pulling in fail2ban: apt-get install fail2ban fail2ban scans the logs of various services for attacks and firewalls out the attacking IP addresses. There are no built-in rules for exim or dovecot in the debian fail2ban package, but there is something here that could possibly be adapted...? http://wiki2.dovecot.org/HowTo/Fail2Ban Here's a filter for exim: https://github.com/fail2ban/fail2ban/blob/master/config/filter.d/exim.conf From Hajo.Locke at gmx.de Fri Jul 3 12:46:38 2015 From: Hajo.Locke at gmx.de (Hajo Locke) Date: Fri, 03 Jul 2015 14:46:38 +0200 Subject: autocreating folders with special chars stored in mysql-userdb In-Reply-To: <559525F2.2060503@gmx.de> References: <559525F2.2060503@gmx.de> Message-ID: <5596842E.3010700@gmx.de> Hello, ok, i solved this. Am 02.07.2015 um 13:52 schrieb Hajo Locke: > Hello, > > i use dovecot 2.2.18 and do some tests with an utf8 mysqlbackend. > I use MySQL to authenticate Users and for retrieving some individual > settings like autocreating folders etc. by userdb-settings in user-query. > Yet no problems with standard language. Now i try to provide > userdb-settings in exotic languages. > > My MySQL table uses utf8 charset. I store some data in my userdb-column. > Here an polish example: "namespace/inbox/mailbox=example > namespace/inbox/mailbox/example/name=post?powa? > namespace/inbox/mailbox/example/auto=subscribe" In dovecot.conf i used an sql-passdb and prefetching for userdb to save a query, but this is the point where dovecot performed a latin1 conversion of retrieved utf8 data. I changed from userdb-prefetch to sql and splitted up into two queries and all is ok. Additional i had to use Parameter option_file for dovecot-sql.conf at connect directive containing "default-character-set=utf8" to make sure dovecot uses utf8 as default charset varying from default my.cnf > > Result is a new folder in dovecot, but in client every special char ? > and ? is replaced with a "?" > I seems that at some point a conversion to latin1 is performed which > ruins the utf8 chars. > Creating a folder post?powa? by imap-client is no problem. > > Hmm, what should i do now? I dont know how to influence dovecot to > process retrieved utf8 data furthermore as utf8. > Which charset is using dovecot when connecting to mysqldb and how to > take influence? > > Thanks, > Hajo > Hajo From skdovecot at smail.inf.fh-brs.de Fri Jul 3 13:09:07 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 3 Jul 2015 15:09:07 +0200 (CEST) Subject: Dovecot LMTP tries to access a directory of a different user, than the one it actually changed to. In-Reply-To: <55967C38.7040702@somi.sk> References: <55967C38.7040702@somi.sk> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 3 Jul 2015, Ernest Deak wrote: > Hello, I encountered a problem when trying to send an email to multiple > recipients. > Jul 3 12:34:57 dhcp90 dovecot: lmtp(24106, tester): Error: > stat(/home/han.solo/mail/.imap/INBOX/dovecot.index.log) failed: Permission > denied (euid=802(tester) egid=800(kerber) missing +x perm: /home/han.solo, > euid is not dir owner) > Jul 3 12:34:57 dhcp90 dovecot: lmtp(24106, tester): Error: > open(/home/han.solo/mail/.imap/INBOX/dovecot.index) failed: Permission denied > (euid=802(tester) egid=800(kerber) missing +x perm: /home/han.solo, euid is > not dir owner) > Jul 3 12:34:57 dhcp90 dovecot: lmtp(24106, tester): 70NxN1FlllUqXgAA0vrzwA: > msgid=<55966551.IfKOMu/T0WTB9M5x%vader at dhcp90.#####>: save failed to > INBOX: BUG: Unknown internal error > My MTA is sendmail > I am using dovecot-lmtp for local delivery > Mailbox format is mbox > Configured managesieve plugin to listen on 4190. (not sure if this is even > related but it might) > > The problem I see is that lmtp(user1) tries to access the home directory > /home/user2 and I cannot figure out the reason why. > This only happens when sending mails to multiple recipients. > I see the that lmtp complains that it doesn't have execute permissions. But I > don't want to place execute permissions for others on the entire /home/* dir > structure. as far as I remember there had been (or is) a bug in Dovecot, that privilegues are not changed correctly when delivering to another user. If that's the case, limit the number of recipients per LMTP message to 1, see r= field in mailer definition in op.me. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVZaJdHz1H7kL/d9rAQJrBAf/XYV/Pma3MEyZsyk90g/llcRbXK4kn84J IopHII8l82XPGZKBsaaEp3hkNn+hKkNxwPpLXD57Ny5rM9fAZkYrvW/ZPBZ6pFoQ htMF5VXkpZ9i99ftCMGo4KmpbJC1cpmnTluxJvKclgjzwRLWfCdhuRH51YnAhinM 8dItrRyrv/5H0T8HeIQi9QSQPdquCiuY8RVQvos+6dClb3XEKAjyRwmjs0SRgoI2 Zqewwls6UbaXbgDqA+2umySRjHh8lQsIWg4DFcSigH3vE7XuYdruphbsHdY7Ssib nT/l3WhrjjdXEoAzTPZgmorzP7/e/NM9rYZxNxgopht4YDBPX1/CYA== =JYrh -----END PGP SIGNATURE----- From gedalya at gedalya.net Fri Jul 3 14:48:01 2015 From: gedalya at gedalya.net (Gedalya) Date: Fri, 03 Jul 2015 10:48:01 -0400 Subject: How about an option to disbale headers? (was Re: Patch for "doveadm -f table" nit) In-Reply-To: <5561790A.1020607@gedalya.net> References: <78D069B1-3D22-456B-B13E-1FD9AC871157@iki.fi> <550A891D.8040108@gedalya.net> <43DCC0A1-BD9B-4A1E-88EE-51517B3EBBB0@iki.fi> <5561790A.1020607@gedalya.net> Message-ID: <5596A0A1.6030303@gedalya.net> On 05/24/2015 03:08 AM, Gedalya wrote: > On 03/20/2015 02:47 PM, Timo Sirainen wrote: >> Added -h parameter now to hg. > > Using 2.2.18. > With -f table this behaves as expected, however with -t tab the output > seems to include the separating tabs of the header line prepended to > the first line of output. > In other words, the header line is printed partially - only the tabs, > no actual headers and no newline. Timo? From fzielcke at z-51.de Fri Jul 3 16:14:49 2015 From: fzielcke at z-51.de (Felix Zielcke) Date: Fri, 03 Jul 2015 18:14:49 +0200 Subject: dovecot auth using 100% CPU In-Reply-To: References: <20150621094148.GA8593@4angle.com> <000301d0ac0c$5dc23ca0$1946b5e0$@jorge@decimal.pt> <20150623124131.GA31703@4angle.com> Message-ID: <1435940089.3005.1.camel@z-51.de> Am Freitag, den 03.07.2015, 14:28 +0200 schrieb Steinar Bang: > > > fail2ban scans the logs of various services for attacks and firewalls > out the attacking IP addresses. > > There are no built-in rules for exim or dovecot in the debian > fail2ban > package, but there is something here that could possibly be > adapted...? Are you talking about wheezy or jessie? jessie has rules. But they need to be enabled like this: # cat /etc/fail2ban/jail.d/local.conf [exim] enabled = true [exim-spam] enabled = true [dovecot] enabled = true From sb at dod.no Fri Jul 3 19:53:36 2015 From: sb at dod.no (Steinar Bang) Date: Fri, 03 Jul 2015 21:53:36 +0200 Subject: dovecot auth using 100% CPU References: <20150621094148.GA8593@4angle.com> <000301d0ac0c$5dc23ca0$1946b5e0$@jorge@decimal.pt> <20150623124131.GA31703@4angle.com> <1435940089.3005.1.camel@z-51.de> Message-ID: <87wpyh3tmn.fsf@dod.no> >>>>> Felix Zielcke : > Are you talking about wheezy or jessie? Well I looked on a jessie system, but the fail2ban was pulled in when it was wheezy (or maybe even easier). > jessie has rules. But they need to be enabled like this: > # cat /etc/fail2ban/jail.d/local.conf > [exim] > enabled = true > [exim-spam] > enabled = true > [dovecot] > enabled = true Ok, thanks! From fzielcke at z-51.de Fri Jul 3 20:00:29 2015 From: fzielcke at z-51.de (Felix Zielcke) Date: Fri, 03 Jul 2015 22:00:29 +0200 Subject: dovecot auth using 100% CPU In-Reply-To: <87wpyh3tmn.fsf@dod.no> References: <20150621094148.GA8593@4angle.com> <000301d0ac0c$5dc23ca0$1946b5e0$@jorge@decimal.pt> <20150623124131.GA31703@4angle.com> <1435940089.3005.1.camel@z-51.de> <87wpyh3tmn.fsf@dod.no> Message-ID: <1435953629.2031.3.camel@z-51.de> Am Freitag, den 03.07.2015, 21:53 +0200 schrieb Steinar Bang: > > > > > > > > Felix Zielcke : > > > Are you talking about wheezy or jessie? > > Well I looked on a jessie system, but the fail2ban was pulled in when > it > was wheezy (or maybe even easier). > They're in /etc/fail2ban/filter.d And yes I also needed a while to figure this system out. Escpecially that they need to be enabled in a jaild/*.conf file. Though this is a fresh Debian jessie install. And files in /etc are specially handled on upgrades, instead of all the other files in a Debian package. From arekm at maven.pl Fri Jul 3 22:01:41 2015 From: arekm at maven.pl (Arkadiusz =?utf-8?q?Mi=C5=9Bkiewicz?=) Date: Sat, 4 Jul 2015 00:01:41 +0200 Subject: Dovecot LMTP tries to access a directory of a different user, than the one it actually changed to. In-Reply-To: <55967C38.7040702@somi.sk> References: <55967C38.7040702@somi.sk> Message-ID: <201507040001.41908.arekm@maven.pl> On Friday 03 of July 2015, Ernest Deak wrote: > Hello, I encountered a problem when trying to send an email to multiple > recipients. That bug exists for some time http://www.dovecot.org/list/dovecot/2014-September/097688.html but no solution exists and I think no one actually tried to fix it. (no solution beside already mentioned ugly workaround with limiting to 1 recipient per lmtp session) -- Arkadiusz Mi?kiewicz, arekm / ( maven.pl | pld-linux.org ) From 24x7server at 24x7server.net Sat Jul 4 10:25:49 2015 From: 24x7server at 24x7server.net (Rajesh M) Date: Sat, 4 Jul 2015 15:55:49 +0530 Subject: outlook downloading duplicate emails on particular days Message-ID: <281AE80168D74BCEAEF99A6EB057178C.MAI@ns1.24x7server.net> hi centos 6 with qmail toaster and dovecot 2.2.7 for pop3 and imap i have a strange issue which happens on all 4 of my servers for POP3 users -- on any random day ie once in a while users spread across multiple domains will face a problem of outlook re-downloading ALL the emails in the inbox -- not just a few duplicate emails but the entire inbox. This happens for multiple email users spread across multiple domains sitting in different locations. i am searching for a solution for the last several months but nothing yet require help please my dovecot config file # Settings for 'stock' qmail-toaster disable_plaintext_auth = no default_login_user = vpopmail mail_max_userip_connections = 50 service imap-login { service_count = 0 client_limit = 256 process_min_avail = 4 vsz_limit = 384M process_limit = 400 } service pop3-login { service_count = 0 client_limit = 1000 process_min_avail = 12 vsz_limit = 512M process_limit = 400 } auth_cache_size = 0 auth_cache_ttl = 0 auth_cache_negative_ttl = 0 auth_mechanisms = plain login digest-md5 cram-md5 auth_username_format = %Lu first_valid_uid = 89 first_valid_gid = 89 log_path = /var/log/dovecot.log login_greeting = ready. mail_plugins = $mail_plugins quota plugin/quota = maildir protocols = imap pop3 ssl_cert = Hello All, Can anybody help in this please? Thanks and Regards, Sachin Kulkarni -----Original Message----- From: Sachin Kulkarni1 Sent: Tuesday, June 30, 2015 6:13 PM To: dovecot at dovecot.org Cc: 'dovecot-owner at dovecot.org'; 'dovecot-request at dovecot.org' Subject: Help needed to use dovecot from scratch Hello, I need to use Dovecot. So need to install it from scratch on Solaris 10. Please help. Thanks and Regards, Sachin Kulkarni ============================================================================================================================ Disclaimer: This message and the information contained herein is proprietary and confidential and subject to the Tech Mahindra policy statement, you may review the policy at http://www.techmahindra.com/Disclaimer.html externally http://tim.techmahindra.com/tim/disclaimer.html internally within TechMahindra. ============================================================================================================================ From superinterstellar at gmail.com Sun Jul 5 08:48:20 2015 From: superinterstellar at gmail.com (Kevin Laurie) Date: Sun, 5 Jul 2015 14:18:20 +0530 Subject: Google like searches from Roundcube Message-ID: hi, trying to get fast searches on roundcube. would like if it could work like gmail (using multiple keywords to perform search) if not wrong, i think this is called fuzzy search(i do have dovecot_fts running)? please advise if anyone has managed to get this? thanks kevin From daniel.colchete at gmail.com Sun Jul 5 11:24:56 2015 From: daniel.colchete at gmail.com (Daniel van Ham Colchete) Date: Sun, 5 Jul 2015 08:24:56 -0300 Subject: Google like searches from Roundcube In-Reply-To: References: Message-ID: Keven, the best name would be Full Text Search, or FTS. There are many ways of deploying FTS on Dovecot, it really depends on the size of your userbase. All the documentation is here: http://wiki2.dovecot.org/Plugins/FTS . Good luck! Best, Daniel Colchete On Sun, Jul 5, 2015 at 5:48 AM, Kevin Laurie wrote: > hi, > trying to get fast searches on roundcube. > would like if it could work like gmail (using multiple keywords to > perform search) > if not wrong, i think this is called fuzzy search(i do have > dovecot_fts running)? > please advise if anyone has managed to get this? > > > thanks > kevin > From skdovecot at smail.inf.fh-brs.de Mon Jul 6 06:27:52 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Mon, 6 Jul 2015 08:27:52 +0200 (CEST) Subject: FW: Help needed to use dovecot from scratch In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 1 Jul 2015, Sachin Kulkarni1 wrote: > I need to use Dovecot. So need to install it from scratch on Solaris 10. http://wiki2.dovecot.org/FrontPage#Dovecot_installation > Please help. Well, it's hard to know what problems you have from this sparse post. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVZof6Hz1H7kL/d9rAQLXCAgAhfNSn6YuhCXGyJekD6bpD+x0J2L0tRQ7 Mb5NYu8z5TO5wlLbO19Bc0BwwqtY1L62WrPLjadY9gk/dDOrQXQDQnDXjISdXD2f /jCVBUhxBzWGXGjsEbs7mkR4gyu2dry3adHy3rRtwu7/TAsvDIFUmBdYZPMLLkTo LU+YpDR31TaN5xTaiOIbtXPUzgj4phJXLVU3euPq8kr3EFw82ridq+K0bRvxGK8m o4qSPMDmGjrMJjEfVNZEzIFaFZ+leo65onEgaMtofZXBYNbaMxcPpCd0MWzUCv1B PSdgtTXKTpzVKwqGfaGuhPwXuIZAeuBA9h79tnhk55Pg4glBMevK9A== =LuYJ -----END PGP SIGNATURE----- From ernest.deak at somi.sk Mon Jul 6 07:20:24 2015 From: ernest.deak at somi.sk (Ernest Deak) Date: Mon, 06 Jul 2015 09:20:24 +0200 Subject: Dovecot LMTP tries to access a directory of a different user, than the one it actually changed to. In-Reply-To: References: <55967C38.7040702@somi.sk> Message-ID: <559A2C38.90200@somi.sk> Adding r= field into the Mlocal definition of sendmail.cf worked out. However, I dug around the documentation and found a macro one can define to achieve this without having to mess around with the .cf file. I am adding this here for anyone who might encounter the same problem. In an .mc file, you can write: define(`LOCAL_MAILER_MAXRCPTS',`1') To achieve the same effect. Thanks to all for the hints. On 03.07.2015 15:09, Steffen Kaiser wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Fri, 3 Jul 2015, Ernest Deak wrote: > >> Hello, I encountered a problem when trying to send an email to >> multiple recipients. > >> Jul 3 12:34:57 dhcp90 dovecot: lmtp(24106, tester): Error: >> stat(/home/han.solo/mail/.imap/INBOX/dovecot.index.log) failed: >> Permission denied (euid=802(tester) egid=800(kerber) missing +x perm: >> /home/han.solo, euid is not dir owner) >> Jul 3 12:34:57 dhcp90 dovecot: lmtp(24106, tester): Error: >> open(/home/han.solo/mail/.imap/INBOX/dovecot.index) failed: >> Permission denied (euid=802(tester) egid=800(kerber) missing +x perm: >> /home/han.solo, euid is not dir owner) >> Jul 3 12:34:57 dhcp90 dovecot: lmtp(24106, tester): >> 70NxN1FlllUqXgAA0vrzwA: msgid=<55966551.IfKOMu/T0WTB9M5x%vader at >> dhcp90.#####>: save failed to INBOX: BUG: Unknown internal error > >> My MTA is sendmail >> I am using dovecot-lmtp for local delivery >> Mailbox format is mbox >> Configured managesieve plugin to listen on 4190. (not sure if this is >> even related but it might) >> >> The problem I see is that lmtp(user1) tries to access the home >> directory /home/user2 and I cannot figure out the reason why. >> This only happens when sending mails to multiple recipients. > >> I see the that lmtp complains that it doesn't have execute >> permissions. But I don't want to place execute permissions for others >> on the entire /home/* dir structure. > > as far as I remember there had been (or is) a bug in Dovecot, that > privilegues are not changed correctly when delivering to another user. > If that's the case, limit the number of recipients per LMTP message to > 1, see r= field in mailer definition in op.me. > > - -- Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iQEVAwUBVZaJdHz1H7kL/d9rAQJrBAf/XYV/Pma3MEyZsyk90g/llcRbXK4kn84J > IopHII8l82XPGZKBsaaEp3hkNn+hKkNxwPpLXD57Ny5rM9fAZkYrvW/ZPBZ6pFoQ > htMF5VXkpZ9i99ftCMGo4KmpbJC1cpmnTluxJvKclgjzwRLWfCdhuRH51YnAhinM > 8dItrRyrv/5H0T8HeIQi9QSQPdquCiuY8RVQvos+6dClb3XEKAjyRwmjs0SRgoI2 > Zqewwls6UbaXbgDqA+2umySRjHh8lQsIWg4DFcSigH3vE7XuYdruphbsHdY7Ssib > nT/l3WhrjjdXEoAzTPZgmorzP7/e/NM9rYZxNxgopht4YDBPX1/CYA== > =JYrh > -----END PGP SIGNATURE----- -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4249 bytes Desc: S/MIME Cryptographic Signature URL: From SK00335601 at TechMahindra.com Mon Jul 6 14:37:57 2015 From: SK00335601 at TechMahindra.com (Sachin Kulkarni1) Date: Mon, 6 Jul 2015 14:37:57 +0000 Subject: Dovecot - Config file details Message-ID: <6e997ab2c51a4ea5bcf3a661a4393582@PUNEXCHMBX003.TechMahindra.com> Hello All, We want to install / configure and test Dovecot. We are doing it for the first time. After installation we are now looking for configuration file and need to know significance of below params and what values we should provide ? protocols = listen = base_dir = login_greeting = Please help. Thanks and Regards, Sachin Kulkarni ============================================================================================================================ Disclaimer: This message and the information contained herein is proprietary and confidential and subject to the Tech Mahindra policy statement, you may review the policy at http://www.techmahindra.com/Disclaimer.html externally http://tim.techmahindra.com/tim/disclaimer.html internally within TechMahindra. ============================================================================================================================ From g.danti at assyoma.it Mon Jul 6 16:37:51 2015 From: g.danti at assyoma.it (Gionatan Danti) Date: Mon, 06 Jul 2015 18:37:51 +0200 Subject: Questions about hardlinks, alternate storage and compression In-Reply-To: <55910DE2.2050404@assyoma.it> References: <55910DE2.2050404@assyoma.it> Message-ID: Sorry list, anyone with a good idea / suggestion? Thanks. Il 29-06-2015 11:20 Gionatan Danti ha scritto: > Hi all, > any ideas? > > Especially point n.1 (no hardlink when sending the same email to > multiple addresses) confuse me a bit. Searching in old messages I even > stumbled on some users stating that, using Dovecot LMTP server, they > achieved what I want (one messagge, multiple hardlinks), but I am > _already_ using LMTP with no avail... > > Regards. > > On 27/06/15 18:18, Gionatan Danti wrote: >> Hi all, >> I have some questions about hardlinks, alternate storage and >> compression. I already scanned the list for related information and I >> have an idea of how things works, but I would like to have a definite >> answer. >> >> System spec: >> - CentOS 6.6 x64 >> - dovecot-2.0.9-8.el6_6.4.x86_64 RPM package/version >> - sdbox mail store >> >> 1) About hardlinks: when sending the same message to two different >> recipients, I see that the two u.x files are created as two different >> files. Diffing them, I see that the only difference is a single char >> (see [1] for an example). My questions are: >> a) it is possible to tell dovecot to create a single file + a >> single >> hardlink (linkref=2)? As other IMAP servers support that features (eg: >> Cyrus, CommunigatePro, etc) I am wondering if I missed something in >> configuring dovecot... >> b) If it is not possible, can I run a script that compare the >> various >> files and substitute equal ones (minus the changing line) with >> hardlinks, or it will confuse dovecot? As a side note, why the >> changing >> line ever exists? >> >> 2) About alternate storage and compression: actually, I use a single >> mail_location without compression. I would like to have an alternate >> storage and to enable compression on it only, leaving the main >> location >> without compression. I if understand it correctly, it _should_ be done >> using a command similar to "doveadm -Dv -o "plugin/zlib_save=gz" >> altmove >> -uu testuser sentbefore 8d". I'm right thinking that it should work? I >> will really end with a primary uncompressed mail store and an >> alternate, >> zlib-compressed one? >> >> Thank you all and sorry if I did some naive questions. >> >> [1] >> 63c63 >> < G2fd0811c64be8e553d970000eaa8309f >> --- >>> G2ed0811c64be8e553d970000eaa8309f >> >> >> -- Danti Gionatan Supporto Tecnico Assyoma S.r.l. - www.assyoma.it email: g.danti at assyoma.it - info at assyoma.it GPG public key ID: FF5F32A8 From user+dovecot at localhost.localdomain.org Mon Jul 6 21:27:22 2015 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Mon, 6 Jul 2015 21:27:22 +0000 Subject: Dovecot - Config file details In-Reply-To: <6e997ab2c51a4ea5bcf3a661a4393582@PUNEXCHMBX003.TechMahindra.com> References: <6e997ab2c51a4ea5bcf3a661a4393582@PUNEXCHMBX003.TechMahindra.com> Message-ID: <559AF2BA.2060702@localhost.localdomain.org> On 07/06/2015 02:37 PM, Sachin Kulkarni1 wrote: > Hello All, > > We want to install / configure and test Dovecot. > > We are doing it for the first time. > > After installation we are now looking for configuration file and need to know significance of below params and what values we should provide ? > > protocols = > listen = > base_dir = > login_greeting = > > Please help. Did you read the comments in http://hg.dovecot.org/dovecot-2.2/file/tip/doc/example-config/dovecot.conf Any question left? > ============================================================================================================================ > Disclaimer: This message and the information contained herein is proprietary and confidential and subject to the Tech Mahindra policy statement, you may review the policy at http://www.techmahindra.com/Disclaimer.html externally http://tim.techmahindra.com/tim/disclaimer.html internally within TechMahindra. > ============================================================================================================================ O rly? Regards, Pascal -- The trapper recommends today: f007ba11.1518723 at localdomain.org From dovecot-mailing-list at whyaskwhy.org Tue Jul 7 04:46:25 2015 From: dovecot-mailing-list at whyaskwhy.org (deoren) Date: Mon, 6 Jul 2015 23:46:25 -0500 Subject: Are the Dovecot Enterprise Edition Ubuntu 14.04 packages stable? Message-ID: <559B59A1.8060007@whyaskwhy.org> I recently begun to migrate mail services to a new box so I could retrofit an existing box. I took this opportunity to check back on the official Dovecot Enterprise Edition (EE) pages to see if support has been added for Ubuntu 14.04 LTS. I never could find the information on the dovecot.fi website, but taking my existing credentials for Dovecot EE repo access and looking at the root path I see that 14.04 packages are available from the APT repo. Are those stable or experimental? I have an Ubuntu 12.04 box I've kept around just for Dovecot EE that I'd like to move to 14.04 if the packages are stable. p.s. Thank you for continuing to provide access for existing users of the repo, but what would new users need to do to obtain access? Thanks for your time. From pch at myzel.net Tue Jul 7 06:20:42 2015 From: pch at myzel.net (Peter Chiochetti) Date: Tue, 07 Jul 2015 08:20:42 +0200 Subject: ESEARCH multiple folders Message-ID: <559B6FBA.2060801@myzel.net> FTS-Solr is blazingly fast; yet searching e.g. an archive with subfolders still is slow; I learned, that this is a feature/bug of the imap protocol. So I'd like to ask: Does or will dovecot support the "IMAP4 Multimailbox SEARCH Extension" specified in RFC 7377? -- Kind regards Peter From dovecot-m at homeinbox.net Tue Jul 7 07:59:53 2015 From: dovecot-m at homeinbox.net (Mark) Date: Tue, 07 Jul 2015 08:59:53 +0100 Subject: Large jumps in dovecot-uidlist In-Reply-To: <5584543F.508@homeinbox.net> References: <557D4D80.4020501@homeinbox.net> <1434386794.4524.9.camel@z-51.de> <557F05B2.9070303@homeinbox.net> <5584543F.508@homeinbox.net> Message-ID: <559B86F9.1040409@homeinbox.net> On 19/06/2015 18:41, Mark wrote: > On 15/06/2015 18:04, Mark wrote: >> On 15/06/2015 17:46, Felix Zielcke wrote: >>> Am Sonntag, den 14.06.2015, 10:46 +0100 schrieb Mark: >>>> Since upgrading to Debian Wheezy >>> ... >>>> # 2.2.13: /etc/dovecot/dovecot.conf >>>> # OS: Linux 3.2.0-4-kirkwood armv5tel Debian 7.8 >>> >>> So it's dovecot from the backports. >>> Didn't you notice that since about 2 months there's now jessie out? >> >> I did. Based on my previous experience of upgrading Debian as soon as >> the new release was announced and having to roll everything back because >> of this problem I'm taking a more cautious approach this time. >> >>> That has 2.2.13 too but maybe it's an issue outside of dovecot in some >>> library. Or just a bug in the backport. >> >> Possibly. I'm not against doing the full upgrade to Jessie to see what >> effect that has. I've been running the backport for a while and the >> problem certainly hasn't got worse. I'll see if I can find some time in >> the next few days to try the upgrade. > > I haven't found the time to do the upgrade to Jessie yet but I have > tweaked my checking script to run more frequently. That gave me a > narrower window to look at in the logs and these messages appear at the > same time as the jump is introduced into the UID list: > > Jun 19 17:00:57 server02 dovecot: imap(mark): Error: Log synchronization > error at seq=2,offset=152 for > /secure/home/mark/Maildir/.Apache.Misc.committers/dovecot.index: Append > with UID 2427206830, but next_uid = 2685375011 > Jun 19 17:00:57 server02 dovecot: imap(mark): Warning: fscking index > file /secure/home/mark/Maildir/.Apache.Misc.committers/dovecot.index > > I've done some Googling but haven't (yet) found anything that might > match up. > > I'm hoping that the above might provide enough information to someone > more familiar with Dovecot than me to suggest what I might be able to do > to fix this. If not, I'll see what happens post Jessie upgrade. One more information point. I still see the same symptoms after upgrading to Jessie. I haven't been able to see a pattern in the errors yet but I'll keep looking. Spending some time trying to isolate a test case is on my TODO list but until I find the time to do that any other suggestions welcome. Mark From lucabert at lucabert.de Tue Jul 7 08:44:18 2015 From: lucabert at lucabert.de (Luca Bertoncello) Date: Tue, 07 Jul 2015 08:44:18 +0000 Subject: Problem with IMAP-Proxy and M$ Exchange-Server Message-ID: <20150707084418.Horde.sX1PmfQCAXAAF2ugi29b-m_@horde.lucabert.de> Hi List! I **HATE** Exchange-Server. I think it's not able to manage E-Mails, but we have to use it at work... Well, we need to read the E-Mails from outside, so I configured Dovecot with IMAPC to connect to the Exchange-Server. It works, but I have a problem... If I receive an E-Mail, and I read it from my phone (for example), I see in Outlook that the E-Mail as been read. If I move the E-Mail in another folder from my phone, I see in Outlook the E-Mail in the new folder **AND** in the INBOX. If I check my E-Mail from another phone (or Mail-Client), I see the E-Mail just in the new folder, so I think, the Exchange-Server did move it. But Outlook does not get this information... Any idea how can I solve my problem? Thanks Luca Bertoncello (lucabert at lucabert.de) From mysqlstudent at gmail.com Tue Jul 7 15:55:16 2015 From: mysqlstudent at gmail.com (Alex) Date: Tue, 7 Jul 2015 11:55:16 -0400 Subject: IMAP Folder Mail Separator Message-ID: Hi, I have a fedora21 install with dovecot-2.2.18, and when creating a new subfolder with thunderbird, the actual folder name is "Folder1^Folder2" with a carat as a separator, instead of creating Folder2 in the Folder1 directory. Is this a thunderbird problem? I don't recall having this problem prior to upgrading to fedora21, so thought maybe it's a dovecot problem. Maybe the separator character is customizable? Thanks, Alex From filippozeus at yahoo.it Tue Jul 7 16:43:54 2015 From: filippozeus at yahoo.it (Filippo Zeus) Date: Tue, 7 Jul 2015 16:43:54 +0000 (UTC) Subject: HELP: wrinting dovecot-sql.conf to authenticate to an existing database Message-ID: <1138672661.2274495.1436287434167.JavaMail.yahoo@mail.yahoo.com> hi all, can anyone help me with dovecot-sql.conf please ? I'm not a mysql expert and I'am trying to authenticate dovecot2 to an existing database. I have a database "egroupware" with table "egw_accounts". The field "account_lid" is the full email address and "account_pwd" is the password in Blowfish format. Here is my dovecot-sql.conf driver = mysql connect = host=localhost dbname=egroupware user=egroupware password=********* default_pass_scheme = BLF-CRYPT password_query = SELECT account_pwd AS password FROM egw_accounts WHERE account_lid = '%u' when I try to login to POP or IMAP I got this error in mail.log/mail.info Error: sql(hidden at mydomain.com,::1): Invalid password in passdb: crypt() failed: Invalid argument auth: Debug: client passdb out: FAIL#0111#011user=hidden at mydomain.com dovecot: pop3-login: Debug: Ignoring unknown passdb extra field: I think I'm having trouble with the password value that is stored in the account_pwd as: {crypt}$2a$12$XTAolzXgwMC211MuZELQUedPv9tjZNs7Osh97PnZ50pAKuk3WPGmS Reading at http://wiki2.dovecot.org/Authentication/PasswordSchemes I suppose that the heading "{crypt}$2a$" instead of a simple "$2a$" (witch identifies a Blowfish password) is my problem. How can I fix this ? Here is my dovecot -n output: # 2.2.13: /etc/dovecot/dovecot.conf # OS: Linux 3.16.0-4-amd64 x86_64 Debian 8.1 xfs auth_cache_size = 64 M auth_debug = yes auth_mechanisms = plain login lda_mailbox_autocreate = yes log_timestamp = "%Y-%m-%d %H:%M:%S " login_log_format_elements = USER=<%u> METHOD=%m FROM=%r TO=%l %c mail_location = maildir:/var/mail/%d/%n/Maildir mail_plugins = quota mail_privileged_group = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave spamtest spamtestplus imapflags notify namespace inbox { ? inbox = yes ? location = ? mailbox Archive { ??? auto = no ??? special_use = \Archive ? } ? mailbox "Deleted Messages" { ??? auto = no ??? special_use = \Trash ? } ? mailbox Drafts { ??? special_use = \Drafts ? } ? mailbox Sent { ??? special_use = \Sent ? } ? mailbox "Sent Messages" { ??? special_use = \Sent ? } ? mailbox Spam { ??? auto = no ??? special_use = \Junk ? } ? mailbox Trash { ??? auto = no ??? special_use = \Trash ? } ? prefix = ? separator = . } passdb { ? args = /etc/dovecot/dovecot-sql.conf.ext ? driver = sql } plugin { ? quota = maildir:User quota ? quota_exceeded_message = Storage quota for this account has been exceeded, please try again later. ? quota_grace = 10%% ? quota_rule = *:storage=6G ? quota_rule2 = Trash:storage=+100M ? quota_rule3 = spam:ignore ? quota_warning = storage=95%% quota-warning 95 %u ? sieve = ~/dovecot.sieve ? sieve_before = /var/mail/sieve/before.sieve ? sieve_default = /var/mail/sieve/default.sieve ? sieve_dir = ~/sieve.d ? sieve_extensions = +notify +imapflags +spamtest +spamtestplus +relational +comparator-i;ascii-numeric ? sieve_global_dir = /var/mail/sieve/global.d ? sieve_max_script_size = 1M } postmaster_address = postmaster@%d protocols = " imap sieve pop3 sieve" service auth { ? unix_listener /var/spool/postfix/private/auth { ??? group = postfix ??? mode = 0666 ??? user = postfix ? } } service imap-login { ? inet_listener imap { ??? port = 143 ? } ? inet_listener imaps { ??? port = 993 ??? ssl = yes ? } } service managesieve-login { ? inet_listener sieve { ??? port = 4190 ? } ? service_count = 1 ? vsz_limit = 64 M } service managesieve { ? process_limit = 15 } service quota-warning { ? executable = script /usr/local/bin/quota-warning.sh ? unix_listener quota-warning { ??? user = vmail ? } ? user = dovecot } ssl = required ssl_cert = Hi, I have Dovecot 2.1 deployed running about 65k mailboxes. We need to create a specific folder for all users with specific permissions. I mean, the user could not delete or rename the folder. To create the folder automatically I have used the autocreate, but is there any way to set specific permissions on those folders? My best regards. From michael.slusarz at dovecot.fi Tue Jul 7 17:52:25 2015 From: michael.slusarz at dovecot.fi (Michael Slusarz) Date: Tue, 7 Jul 2015 11:52:25 -0600 Subject: ESEARCH multiple folders In-Reply-To: <559B6FBA.2060801@myzel.net> References: <559B6FBA.2060801@myzel.net> Message-ID: <559C11D9.1000601@dovecot.fi> On 7/7/2015 12:20 AM, Peter Chiochetti wrote: > FTS-Solr is blazingly fast; yet searching e.g. an archive with > subfolders still is slow; I learned, that this is a feature/bug of the > imap protocol. So I'd like to ask: > > Does or will dovecot support the "IMAP4 Multimailbox SEARCH Extension" > specified in RFC 7377? The speed (or lack thereof) has very little to do with the IMAP protocol limitations. RFC 7377 is not going to appreciably speed this process up; you'll probably get almost identical results pipelining all the subfolder searches. This sounds more like an indexing issue. michael From skdovecot at smail.inf.fh-brs.de Wed Jul 8 05:33:33 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Wed, 8 Jul 2015 07:33:33 +0200 (CEST) Subject: IMAP Folder Mail Separator In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 7 Jul 2015, Alex wrote: > I have a fedora21 install with dovecot-2.2.18, and when creating a new > subfolder with thunderbird, the actual folder name is > "Folder1^Folder2" with a carat as a separator, instead of creating > Folder2 in the Folder1 directory. > > Is this a thunderbird problem? I don't recall having this problem > prior to upgrading to fedora21, so thought maybe it's a dovecot > problem. > > Maybe the separator character is customizable? please post your old and the current configuration: doveconf -n http://wiki2.dovecot.org/MailboxFormat/Maildir and http://wiki2.dovecot.org/Plugins/Listescape seems to apply in your situation. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVZy2LXz1H7kL/d9rAQLgHwf8D4dUeQnxB7T/lWutDMXp9iKEMtqsdZjD XIF2JkazEEo3CADWB5MAJ2mvBz3ctyIo3XKr/XFKywmNNQTjMiHWrgsv734KadV1 pixWLEvSZeFbOWwOjiTE2+Xxz9vT8U6tlW8ECAWBmiunUR+8hITkwnfgumSXIZ+g ruvzAl+/jOekvdpc19wtaKAA9wIix6OAGdq9UElANCziM+7RylwHvYStTB+fvAfn qYSXapE8+KMion8slH71VBN3xNFPc7y6JUc7Q62EEgedssyPoeEOhCBPY62YFa05 I5Egb1zwVEAOgxPT06K+EJxoApwCeqVZ4PxoFaY46YAvILxOI/KGhw== =/DH5 -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Wed Jul 8 05:43:40 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Wed, 8 Jul 2015 07:43:40 +0200 (CEST) Subject: HELP: wrinting dovecot-sql.conf to authenticate to an existing database In-Reply-To: <1138672661.2274495.1436287434167.JavaMail.yahoo@mail.yahoo.com> References: <1138672661.2274495.1436287434167.JavaMail.yahoo@mail.yahoo.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 7 Jul 2015, Filippo Zeus wrote: > I have a database "egroupware" with table "egw_accounts". The field "account_lid" is the full email address and "account_pwd" is the password in Blowfish format. > > Here is my dovecot-sql.conf > > driver = mysql > connect = host=localhost dbname=egroupware user=egroupware password=********* > default_pass_scheme = BLF-CRYPT > password_query = SELECT account_pwd AS password FROM egw_accounts WHERE account_lid = '%u' > > Error: sql(hidden at mydomain.com,::1): Invalid password in passdb: crypt() failed: Invalid argument > auth: Debug: client passdb out: FAIL#0111#011user=hidden at mydomain.com > dovecot: pop3-login: Debug: Ignoring unknown passdb extra field: > > I think I'm having trouble with the password value that is stored in the account_pwd as: > > {crypt}$2a$12$XTAolzXgwMC211MuZELQUedPv9tjZNs7Osh97PnZ50pAKuk3WPGmS > > Reading at http://wiki2.dovecot.org/Authentication/PasswordSchemes > > I suppose that the heading "{crypt}$2a$" instead of a simple "$2a$" (witch identifies a Blowfish password) is my problem. Hmm, did you tried simple string replacement? password_query = SELECT replace(account_pwd, '{crypt}', '{BLF-CRYPT}') AS password FROM egw_accounts WHERE account_lid = '%u' Also, did you've read: http://wiki2.dovecot.org/Authentication/PasswordSchemes "BLF-CRYPT: This is the Blowfish crypt (bcrypt) scheme. It is generally considered to be very secure. The encrypted password will start with $2a$ (Note: bcrypt is not available on most Linux distributions)" Did you've tried: doveadm pw -s BLF-CRYPT to verify if your system supports Blowfish at all? - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVZy4jHz1H7kL/d9rAQIuGAgApTmCyW2uU16+cDRCHjjqhcUQrPwCSELm Bh9MFs9K5Lsx1JmMYZbwg9kVhnKTiJ1MjUB1oCYTQIN4cJvQv28jpfSseQWGWx7z 4H04Xn5hD6F2U7J69g3IQoaA5XiiJITKrihAfTkFy9QrGQcAc/Mjl2aGMeA6Aghq 0gHiFCmKtFyrp0n8GwDvzGuXdAeY1OeSlM/OSqNkemtaCBJBZ940lOwv7Ldw4xGC rP3fDPnqbh1h5rfDS11XoSvlfXMimTU73s9wkw0Pr0cnSkdE5/95PDJ9SozD/0hu AC2+0LxnV0Jzl2uB9sJ1OuH0/HOezz5U0ba0KuU/qYdg/wFCqD1liQ== =52bK -----END PGP SIGNATURE----- From chibi at gol.com Wed Jul 8 05:52:10 2015 From: chibi at gol.com (Christian Balzer) Date: Wed, 8 Jul 2015 14:52:10 +0900 Subject: Scalability with high density servers and proxies, TCP port limits In-Reply-To: <20150703142955.75dc2187@batzmaru.gol.ad.jp> References: <20150703121452.13df7cf7@batzmaru.gol.ad.jp> <55961827.4030402@enas.net> <20150703142955.75dc2187@batzmaru.gol.ad.jp> Message-ID: <20150708145210.304073d4@batzmaru.gol.ad.jp> On Fri, 3 Jul 2015 14:29:55 +0900 Christian Balzer wrote: > On Fri, 03 Jul 2015 07:05:43 +0200 Urban Loesch wrote: > > > Hi, > > > > Am 03.07.2015 um 05:14 schrieb Christian Balzer: > > > > > > > > 2. Here is where the fun starts. > > > Each IMAP session that gets proxied to the real mailbox server needs > > > a port for the outgoing connection. > > > So to support 2 million sessions we need 40 IP addresses here. Ouch. > > > And from a brief test having multiple IP addresses per server won't > > > help either (Dovecot unsurprisingly picks the main IP when > > > establishing a proxy session to the real mailbox), at least not with > > > just one default GW. > > > > > To follow up on myself, with multiple IPs and appropriate(*) iproute rules this works as well. (*) for each IP in "interfaces" add something like this: --- up ip route add 192.168.1.0/24 dev eth0 src 192.168.1.109 table T2 up ip route add default via 192.168.1.1 table T2 up ip rule add from 192.168.1.109 table T2 --- And the tables in "/etc/iproute/rt_tables". Christian > > If I remeber correctly there is a config option in dovecot 2.x where > > you can set the ip addresses which dovecot should use for outgoing > > proxy connections. Sorry, but I can't remeber the option. > > > Looking at the documentation on the Wiki I was going to say "That won't > help", as it says address. > http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy > > But since that page is rather terse, I looked up the changelog and found > that it indeed was added for use cases like mine: > http://www.dovecot.org/list/dovecot-cvs/2014-June/024574.html > > Unfortunately the latest dovecot version in Debian is 2.2.13... > > Additionally this still leaves the actual mailbox servers, which in my > case will need to be able to handle more than 50k sessions as well. > > Thanks for the info, > > Christian -- Christian Balzer Network/Systems Engineer chibi at gol.com Global OnLine Japan/Fusion Communications http://www.gol.com/ From pch at myzel.net Wed Jul 8 09:26:56 2015 From: pch at myzel.net (Peter Chiochetti) Date: Wed, 08 Jul 2015 11:26:56 +0200 Subject: ESEARCH multiple folders In-Reply-To: <559C11D9.1000601@dovecot.fi> References: <559B6FBA.2060801@myzel.net> <559C11D9.1000601@dovecot.fi> Message-ID: <559CECE0.5090406@myzel.net> Am 2015-07-07 um 19:52 schrieb Michael Slusarz: > On 7/7/2015 12:20 AM, Peter Chiochetti wrote: >> FTS-Solr is blazingly fast; yet searching e.g. an archive with >> subfolders still is slow; I learned, that this is a feature/bug of the >> imap protocol. So I'd like to ask: >> >> Does or will dovecot support the "IMAP4 Multimailbox SEARCH Extension" >> specified in RFC 7377? > > The speed (or lack thereof) has very little to do with the IMAP protocol > limitations. RFC 7377 is not going to appreciably speed this process up; > you'll probably get almost identical results pipelining all the > subfolder searches. Using Mozilla Thunderbird here, which does not do ESEARCH, but has a checkbox in "Find" dialog: search on server, search sub-folders: The IMAP chat looks like: select mailbox, post search terms, read results; select sub-mailbox, post search terms, read results; repeat? and that is slow; never mind everything being indexed. ESEARCH would reduce the number of roundtrips to a single one and that should be a great push in speed. It should not be difficult in dovecot to produce the corresponding SOLR request. Before opening an enhancement issue on their (TB) bugzilla, I'd like to know of a server capable of it, ie. I would love dovecot to be that one. -- peter From e1c1bac6253dc54a1e89ddc046585792 at posteo.net Wed Jul 8 10:04:23 2015 From: e1c1bac6253dc54a1e89ddc046585792 at posteo.net (Philipp) Date: Wed, 08 Jul 2015 12:04:23 +0200 Subject: =?UTF-8?Q?vsz=5Flimit=20of=20service=20doveadm=20=22ignored=22=3F?= Message-ID: Hello, dovecot 2.2.18 on CentOS6.5 Jul 08 11:53:44 dsync-server(system): Fatal: master: service(doveadm): child 32554 returned error 83 (Out of memory (service doveadm { vsz_limit=521 MB }, you may need to increase it) - set CORE_OUTOFMEM=1 environment to get core dump) I tried increasing to 1 G, 1024 M or even disabling via value of zero -- to no change. Every other service has the famous 18446744073709551615 B limit. default_vsz_limit = 2 G The second node with the same setup/config is happily accepting a higher value, since both come from the same provisioning I cannot see (or expect) differences around ulimit and thelike. The configuration comes from a single file, so no include drama or such. Any pointers why the setting is being ignored? From mysqlstudent at gmail.com Wed Jul 8 15:46:20 2015 From: mysqlstudent at gmail.com (Alex) Date: Wed, 8 Jul 2015 11:46:20 -0400 Subject: IMAP Folder Mail Separator In-Reply-To: References: Message-ID: Hi, > please post your old and the current configuration: > > doveconf -n I believe I migrated the config from the old system. I believe the only changes I made were to disable standard imap and pop. I've attached my config. I'd sure appreciate any comments you may have. > http://wiki2.dovecot.org/MailboxFormat/Maildir > and > http://wiki2.dovecot.org/Plugins/Listescape > > seems to apply in your situation. Thanks, I will read them. Thanks, Alex -------------- next part -------------- # 2.2.18: /etc/dovecot/dovecot.conf # OS: Linux 3.19.7-200.fc21.x86_64 x86_64 Fedora release 21 (Twenty One) default_client_limit = 2000 mail_gid = mail mail_location = mbox:~/mail:INBOX=/var/spool/mail/%u mail_privileged_group = mail mbox_write_locks = fcntl namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } passdb { driver = pam } protocols = imap pop3 service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } service imap-login { inet_listener imap { port = 0 } inet_listener imaps { port = 993 } process_min_avail = 20 service_count = 0 } service pop3-login { inet_listener pop3 { port = 0 } inet_listener pop3s { address = 192.168.1.100 port = 995 } } ssl_ca = Hi, in /etc/dovecot/conf.d/10-master.conf I have restricted IMAP to localhost only: service imap-login { inet_listener imap { address = 127.0.0.1 #port = 143 } inet_listener imaps { #port = 993 #ssl = yes } } However, /lib/systemd/system/dovecot.socket make it listen on 0.0.0.0:143 and [::]:143 causing the service being available to the public which it should not. - IMHO this is a security issue. PS: When starting dovecot I got: Jul 6 22:52:14 srv1 dovecot[19921]: Error: systemd listens on port 143, but it's not configured in Dovecot. Closing. Jul 6 22:52:14 srv1 dovecot: master: Error: systemd listens on port 143, but it's not configured in Dovecot. Closing. -- Best regards, Sven Strickroth PGP key id F5A9D4C4 @ any key-server From jtam.home at gmail.com Wed Jul 8 21:56:13 2015 From: jtam.home at gmail.com (Joseph Tam) Date: Wed, 8 Jul 2015 14:56:13 -0700 (PDT) Subject: Systemd and listen restriction to localhost not enforced In-Reply-To: References: Message-ID: Sven Strickroth writes: > in /etc/dovecot/conf.d/10-master.conf I have restricted IMAP to > localhost only: > > service imap-login { > inet_listener imap { > address = 127.0.0.1 > #port = 143 > } > inet_listener imaps { > #port = 993 > #ssl = yes > } > } > > However, /lib/systemd/system/dovecot.socket make it listen on > 0.0.0.0:143 and [::]:143 causing the service being available to > the public which it should not. - IMHO this is a security issue. I don't know much about systemd, but you'll probably need dovecot configuration listen = 127.0.0.1 Joseph Tam From barraudu at tiscali.it Thu Jul 9 15:08:40 2015 From: barraudu at tiscali.it (brd) Date: Thu, 9 Jul 2015 17:08:40 +0200 Subject: NFSv4 delegation In-Reply-To: <557ABEEB.1080402@skye.it> References: <20150611140312.GE21542@tiscali.com> <557AAE1B.2080906@skye.it> <20150612110254.GE21520@tiscali.com> <557ABEEB.1080402@skye.it> Message-ID: <20150709150840.GI22874@tiscali.com> just a quick update: no issues with NFSv4.0 (load is slowly growing, currently ~7k mailboxes) instead, bad news from delegation front, we enabled it for a couple of days but we ran in ugly issues: processes went in "uninterruptible sleep" state, load average gets huge, reboot was the only escape :-( -brd Alessio Cecchi wrote: > Il 12/06/2015 13:02, brd ha scritto: > >Alessio Cecchi wrote: > >[...] > >>Have you already try to run NFSv4? > >it's in place on a (very) small sample of mailboxes in dbox format, no issues > >up to now (Debian Wheezy mainline kernel) > > Good to know, let me know what will be when the load will grow. > > >>When we switch to netapp and nfsv4 we had many problems (lock problems > >>and instability) and we had to go immediately to NFSv3. I don't know if > >>was a netapp problem or nfs client (Debian with 2.6 kernel), now we are > >>using Centos 6 as NFS client and we should re-try to mount mailbox as nfsv4. > > > >when you've had problems, the "delegation feature" was active on Netapp > >filers? (AFAIK it is disabled by default) > > Never enabled "delegation feature" on my netapp. > > Probably my issue was on client side. I had to switch immediately to NFSv3 > without being able to investigate the problem. > > Ciao > -- > Alessio Cecchi > http://www.linkedin.com/in/alessice From alessio at skye.it Thu Jul 9 16:37:26 2015 From: alessio at skye.it (Alessio Cecchi) Date: Thu, 09 Jul 2015 18:37:26 +0200 Subject: NFSv4 delegation In-Reply-To: <20150709150840.GI22874@tiscali.com> References: <20150611140312.GE21542@tiscali.com> <557AAE1B.2080906@skye.it> <20150612110254.GE21520@tiscali.com> <557ABEEB.1080402@skye.it> <20150709150840.GI22874@tiscali.com> Message-ID: <559EA346.8060507@skye.it> Good to know. Please update us during the moving of mailboxes. I'm also interested into know if you have find benefit from switch to NFSv4 from NFSv3 (load on storage, cache benefits or others). Thanks Il 09/07/2015 17:08, brd ha scritto: > just a quick update: > > no issues with NFSv4.0 (load is slowly growing, currently ~7k mailboxes) > > instead, bad news from delegation front, we enabled it for a couple of > days but we ran in ugly issues: processes went in "uninterruptible > sleep" state, load average gets huge, reboot was the only escape :-( > > -brd > > Alessio Cecchi wrote: >> Il 12/06/2015 13:02, brd ha scritto: >>> Alessio Cecchi wrote: >>> [...] >>>> Have you already try to run NFSv4? >>> it's in place on a (very) small sample of mailboxes in dbox format, no issues >>> up to now (Debian Wheezy mainline kernel) >> >> Good to know, let me know what will be when the load will grow. >> >>>> When we switch to netapp and nfsv4 we had many problems (lock problems >>>> and instability) and we had to go immediately to NFSv3. I don't know if >>>> was a netapp problem or nfs client (Debian with 2.6 kernel), now we are >>>> using Centos 6 as NFS client and we should re-try to mount mailbox as nfsv4. >>> >>> when you've had problems, the "delegation feature" was active on Netapp >>> filers? (AFAIK it is disabled by default) >> >> Never enabled "delegation feature" on my netapp. >> >> Probably my issue was on client side. I had to switch immediately to NFSv3 >> without being able to investigate the problem. >> >> Ciao >> -- >> Alessio Cecchi >> http://www.linkedin.com/in/alessice -- Alessio Cecchi http://www.linkedin.com/in/alessice From SK00335601 at TechMahindra.com Fri Jul 10 11:19:38 2015 From: SK00335601 at TechMahindra.com (Sachin Kulkarni1) Date: Fri, 10 Jul 2015 11:19:38 +0000 Subject: Error while executing dovecot Message-ID: Hello All, I am trying to execute dovecot by below command /opt/app/dovecot/latest/sbin/dovecot -c /opt/app/dovecot/latest/etc/dovecot/dovecot.conf I am getting below error doveconf: Fatal: Error in configuration file /opt/app/dovecot/latest/etc/dovecot/dovecot.conf: default_login_user doesn't exist: dovenull please guide me to resolve this. Thanks and Regards, Sachin ============================================================================================================================ Disclaimer: This message and the information contained herein is proprietary and confidential and subject to the Tech Mahindra policy statement, you may review the policy at http://www.techmahindra.com/Disclaimer.html externally http://tim.techmahindra.com/tim/disclaimer.html internally within TechMahindra. ============================================================================================================================ From r at sys4.de Fri Jul 10 11:22:49 2015 From: r at sys4.de (Ralf Hildebrandt) Date: Fri, 10 Jul 2015 13:22:49 +0200 Subject: Error while executing dovecot In-Reply-To: References: Message-ID: <20150710112249.GA4233@sys4.de> * Sachin Kulkarni1 : > Hello All, > > I am trying to execute dovecot by below command > > /opt/app/dovecot/latest/sbin/dovecot -c /opt/app/dovecot/latest/etc/dovecot/dovecot.conf > > I am getting below error > > doveconf: Fatal: Error in configuration file /opt/app/dovecot/latest/etc/dovecot/dovecot.conf: default_login_user doesn't exist: dovenull > > please guide me to resolve this. Create the user dovenull! Dovecot uses two system users for internal purposes now by default: "dovenull" and "dovecot". You need to create the "dovenull" user or change default_login_user setting. "dovenull" user is used by completely untrustworthy processes, while "dovecot" user is used for slightly more trusted processes. If you want to be using something else than "dovecot" as the other user, you need to change default_internal_user setting. Just like with "dovecot" user, "dovenull" doesn't need a password, home directory or anything else (but it's good to give it its own private "dovenull" group). -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From HFlor at gmx.de Sat Jul 11 06:27:39 2015 From: HFlor at gmx.de (Hardy Flor) Date: Sat, 11 Jul 2015 08:27:39 +0200 Subject: doveadm save message ... Message-ID: <55A0B75B.9030906@gmx.de> How can I set the flags for a saved message without search? From fzielcke at z-51.de Sat Jul 11 07:36:54 2015 From: fzielcke at z-51.de (Felix Zielcke) Date: Sat, 11 Jul 2015 09:36:54 +0200 Subject: doveadm save message ... In-Reply-To: <55A0B75B.9030906@gmx.de> References: <55A0B75B.9030906@gmx.de> Message-ID: <1436600214.1171.15.camel@z-51.de> Am Samstag, den 11.07.2015, 08:27 +0200 schrieb Hardy Flor: > How can I set the flags for a saved message without search? By using a Sieve script: http://wiki2.dovecot.org/Pigeonhole/Sieve/Examples From searockcliff at 163.com Mon Jul 13 03:58:53 2015 From: searockcliff at 163.com (boyd) Date: Mon, 13 Jul 2015 11:58:53 +0800 (CST) Subject: does dovecot support aio(asynchronous IO) Message-ID: <35d09c8e.5483.14e8590c0bf.Coremail.searockcliff@163.com> Dear, Does dovecot support aio(asynchronous IO)? Or do we have a plan/need to support it? Thanks! From g.danti at assyoma.it Mon Jul 13 09:48:08 2015 From: g.danti at assyoma.it (Gionatan Danti) Date: Mon, 13 Jul 2015 11:48:08 +0200 Subject: Questions about hardlinks, alternate storage and compression In-Reply-To: <55A3806D.7060307@us.es> References: <55A3806D.7060307@us.es> Message-ID: <55A38958.6020700@assyoma.it> Hi Javier, thanks for your reply. I already checked SIS and, while interesting, is not what I want, because: 1) it can be difficult to restore a single message/attachment from a backup 2) only the attachments, and not the entire messages, are deduped. Message-based hardlinks really exists for a reason. The good news is that I found _why_ they are not working: it depends from how dovecot and its sieve plugin (pigenhole) interact. Basically, if I define anything for the before_sieve and after_sieve variables, dovecot stops creating hardlinks for multiple copies of the same message. On the other hand, private (per-user) sieve file works without interfering with hardlinks. In a similar manner, disabling sieve also permits dovecot to create multiple hardlinks for a single message. Does someone know if newer dovecot versions change anything in this regard? Thank you all. On 13/07/15 11:10, Javier Miguel Rodr?guez wrote: > Search about "single instance storage dovecot". This is what you need. > > Regards > > Javier > > On 27/06/2015 18:18, Gionatan Danti wrote: >> Hi all, >> I have some questions about hardlinks, alternate storage and >> compression. I already scanned the list for related information and I >> have an idea of how things works, but I would like to have a definite >> answer. >> >> System spec: >> - CentOS 6.6 x64 >> - dovecot-2.0.9-8.el6_6.4.x86_64 RPM package/version >> - sdbox mail store >> >> 1) About hardlinks: when sending the same message to two different >> recipients, I see that the two u.x files are created as two different >> files. Diffing them, I see that the only difference is a single char >> (see [1] for an example). My questions are: >> a) it is possible to tell dovecot to create a single file + a single >> hardlink (linkref=2)? As other IMAP servers support that features (eg: >> Cyrus, CommunigatePro, etc) I am wondering if I missed something in >> configuring dovecot... >> b) If it is not possible, can I run a script that compare the >> various files and substitute equal ones (minus the changing line) with >> hardlinks, or it will confuse dovecot? As a side note, why the >> changing line ever exists? >> >> 2) About alternate storage and compression: actually, I use a single >> mail_location without compression. I would like to have an alternate >> storage and to enable compression on it only, leaving the main >> location without compression. I if understand it correctly, it >> _should_ be done using a command similar to "doveadm -Dv -o >> "plugin/zlib_save=gz" altmove -uu testuser sentbefore 8d". I'm right >> thinking that it should work? I will really end with a primary >> uncompressed mail store and an alternate, zlib-compressed one? >> >> Thank you all and sorry if I did some naive questions. >> >> [1] >> 63c63 >> < G2fd0811c64be8e553d970000eaa8309f >> --- >>> G2ed0811c64be8e553d970000eaa8309f >> >> >> > -- Danti Gionatan Supporto Tecnico Assyoma S.r.l. - www.assyoma.it email: g.danti at assyoma.it - info at assyoma.it GPG public key ID: FF5F32A8 From skdovecot at smail.inf.fh-brs.de Tue Jul 14 06:17:03 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Tue, 14 Jul 2015 08:17:03 +0200 (CEST) Subject: Questions about hardlinks, alternate storage and compression In-Reply-To: <55A38958.6020700@assyoma.it> References: <55A3806D.7060307@us.es> <55A38958.6020700@assyoma.it> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 13 Jul 2015, Gionatan Danti wrote: > On the other hand, private (per-user) sieve file works without interfering > with hardlinks. In a similar manner, disabling sieve also permits dovecot to > create multiple hardlinks for a single message. > > Does someone know if newer dovecot versions change anything in this regard? LMTP adds Delivered-To header, so all delivered messages are unique and you cannot hardlink messages regardless of Sieve. If Dovecot LDA adds headers, too, I do not know. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVaSpX3z1H7kL/d9rAQKuPwf/e4GddZvm/qj9sfAnVgV3H5iC62fnS6Ny /TPaXcuLcN5Tx9slhLTwIx8/GRROUVwLVqKYjaXwQciV2yytBu5vkC0+lowIZGq9 kJAAKPp4h3Ia6SDGhI8E5Im9VGGSpbXyLKR+V3rf1G/sOyvJTITliVe4ckf76xrI c1LGYumW0BGZeNZAAA0lYHZGrgy5meCrL20CMupmahoHsOFw5cA3HhJ/dEBRPlOJ y886BScRh7dWJXyS+PUzPFlbFOeULKvh6fVwCK7b4+aFkfjLedDLew5TThWiblK5 c5+rx0pAh8xVdXGZyQXzPjUl22KbQmGfzv78XWlN2WksCnMVaFXe2g== =3iPP -----END PGP SIGNATURE----- From a.helwig at heinlein-support.de Tue Jul 14 08:35:04 2015 From: a.helwig at heinlein-support.de (Andre Helwig) Date: Tue, 14 Jul 2015 10:35:04 +0200 Subject: mailbox deletion is not replicated correctly In-Reply-To: <5530DB62.9010502@heinlein-support.de> References: <552FE1C1.4050804@heinlein-support.de> <4FB37D9A-B0DE-46C8-AC86-461CC5AC24E1@iki.fi> <5530DB62.9010502@heinlein-support.de> Message-ID: <55A4C9B8.7080307@heinlein-support.de> On 04/17/2015 12:07 PM, Dennis Kuhn wrote: > On 16.04.2015 20:32, Timo Sirainen wrote: >> On 16 Apr 2015, at 19:22, Dennis Kuhn wrote: >>> i can't delete several folders at once. I have a folder structure like >>> folder1/folder2/folder3 (we use slash as hierarchy separator). When i >>> delete folder1 server1 executes the command correctly >>> >>> >>> Apr 16 13:44:28 server1 dovecot: imap(d.kuhn at heinlein-support.de): >>> Mailbox deleted: INBOX/Trash/folder1/folder2/folder3 >>> Apr 16 13:44:28 server1 dovecot: imap(d.kuhn at heinlein-support.de): >>> Mailbox deleted: INBOX/Trash/folder1/folder2 >>> Apr 16 13:44:28 server1 dovecot: imap(d.kuhn at heinlein-support.de): >>> Mailbox deleted: INBOX/Trash/folder1 >>> >>> >>> but the replica server2 reverses the order: >>> >>> Apr 16 13:44:29 server2 dovecot: >>> dsync-server(d.kuhn at heinlein-support.de): Mailbox deleted: >>> INBOX/Trash/folder1 >>> Apr 16 13:44:29 server2 dovecot: >>> dsync-server(d.kuhn at heinlein-support.de): Mailbox deleted: >>> INBOX/Trash/folder1/folder2 >>> Apr 16 13:44:29 server2 dovecot: >>> dsync-server(d.kuhn at heinlein-support.de): Mailbox deleted: >>> INBOX/Trash/folder1/folder2/folder3 >>> >>> >>> This creates the folder INBOX/Trash/folder1/folder2 on server2 again >>> which replicates back to server1. >> With what Dovecot version? What mailbox format? >> > The mailbox format is mdbox. Server1 is 2.2.15, server2 2.2.16. Hi Timo, is there any update on this issue? cheers Andre From g.danti at assyoma.it Tue Jul 14 10:17:50 2015 From: g.danti at assyoma.it (Gionatan Danti) Date: Tue, 14 Jul 2015 12:17:50 +0200 Subject: Questions about hardlinks, alternate storage and compression In-Reply-To: References: <55A3806D.7060307@us.es> <55A38958.6020700@assyoma.it> Message-ID: <55A4E1CE.30403@assyoma.it> On 14/07/15 08:17, Steffen Kaiser wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Mon, 13 Jul 2015, Gionatan Danti wrote: > >> On the other hand, private (per-user) sieve file works without >> interfering with hardlinks. In a similar manner, disabling sieve also >> permits dovecot to create multiple hardlinks for a single message. >> >> Does someone know if newer dovecot versions change anything in this >> regard? > > LMTP adds Delivered-To header, so all delivered messages are unique and > you cannot hardlink messages regardless of Sieve. > > If Dovecot LDA adds headers, too, I do not know. > Mmm... I'm using LMTP, but I can't find the "Delivered-To" header. Below you can see an example of successfully hard-linked email [1] I am missing something? [1] Return-Path: Received: from mail.gruppocrimi.it by mail.gruppocrimi.it (Dovecot) with LMTP id VFA8Fj3OmlUStwAA6qgwnw ; Mon, 06 Jul 2015 20:51:41 +0200 Received: from localhost (localhost.localdomain [127.0.0.1]) by mail.gruppocrimi.it (Postfix) with ESMTP id 22AB4A1A85; Mon, 6 Jul 2015 20:51:41 +0200 (CEST) X-Virus-Scanned: amavisd-new at gruppocrimi.it Received: from mail.gruppocrimi.it ([127.0.0.1]) by localhost (mail.gruppocrimi.it [127.0.0.1]) (amavisd-new, port 10024) with LMTP id NC3YcizeDFPO; Mon, 6 Jul 2015 20:51:40 +0200 (CEST) Received: from mr003msb.fastweb.it (mr003msb.fastweb.it [85.18.95.87]) by mail.gruppocrimi.it (Postfix) with ESMTP id 4380DA1A7C; Mon, 6 Jul 2015 20:51:40 +0200 (CEST) Received: from ceres.assyoma.it (93.63.55.57) by mr003msb.fastweb.it (8.5.140.03) id 55501C9F0432631D; Mon, 6 Jul 2015 20:51:40 +0200 Received: by ceres.assyoma.it (Postfix, from userid 48) id B7B912643B4; Mon, 6 Jul 2015 20:51:39 +0200 (CEST) To: gionatan.danti at gruppocrimi.it, g.danti at gruppocrimi.it Subject: test invio X-PHP-Originating-Script: 0:rcube.php MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit Date: Mon, 06 Jul 2015 20:51:39 +0200 From: Gionatan Danti Organization: Assyoma s.r.l. Message-ID: X-Sender: g.danti at assyoma.it User-Agent: Roundcube Webmail/1.0.5 -- Danti Gionatan Supporto Tecnico Assyoma S.r.l. - www.assyoma.it email: g.danti at assyoma.it - info at assyoma.it GPG public key ID: FF5F32A8 From skdovecot at smail.inf.fh-brs.de Tue Jul 14 10:26:21 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Tue, 14 Jul 2015 12:26:21 +0200 (CEST) Subject: Questions about hardlinks, alternate storage and compression In-Reply-To: <55A4E1CE.30403@assyoma.it> References: <55A3806D.7060307@us.es> <55A38958.6020700@assyoma.it> <55A4E1CE.30403@assyoma.it> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 14 Jul 2015, Gionatan Danti wrote: > On 14/07/15 08:17, Steffen Kaiser wrote: >> On Mon, 13 Jul 2015, Gionatan Danti wrote: >> >>> On the other hand, private (per-user) sieve file works without >>> interfering with hardlinks. In a similar manner, disabling sieve also >>> permits dovecot to create multiple hardlinks for a single message. >>> >>> Does someone know if newer dovecot versions change anything in this >>> regard? >> >> LMTP adds Delivered-To header, so all delivered messages are unique and >> you cannot hardlink messages regardless of Sieve. >> >> If Dovecot LDA adds headers, too, I do not know. >> > > Mmm... I'm using LMTP, but I can't find the "Delivered-To" header. > Below you can see an example of successfully hard-linked email [1] You asked about "newer dovecot versions", v2.2 does so. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVaTjzXz1H7kL/d9rAQK1oAf/fdUuBY8kseVEFa5kyXG01cyUjc3RfBNl o0EYm+e2hvoz5B4N96pkbmilYjaCtgUw/qlMnGkzFbmJDwrqOiAhxOG71Aewjvbx q42cXHtw7CsOCr6y+eshNUfU3T20f7wgvyJDqLAOwg/pSP3CjU9m93D2zCqUgDXO MHuDV1zEEljlrxXmtdG8GI5YlwkBqvWXQuPbXr7PhoQ4HTKhvKHWurGvVkfBlg6k cpuy40mSWY3ZXwNDcnHP0o82EezGAdgzDE/EoV4fV0JDvANbTjpwwqE4gMW+wOM+ lUJnMyawkVuvfbB85K/tkK+a0lIVnZOwdUy0RaUcJFeZHXdRsixvIg== =HzBs -----END PGP SIGNATURE----- From g.danti at assyoma.it Tue Jul 14 12:44:03 2015 From: g.danti at assyoma.it (Gionatan Danti) Date: Tue, 14 Jul 2015 14:44:03 +0200 Subject: Questions about hardlinks, alternate storage and compression In-Reply-To: References: <55A3806D.7060307@us.es> <55A38958.6020700@assyoma.it> <55A4E1CE.30403@assyoma.it> Message-ID: <55A50413.7070602@assyoma.it> On 14/07/15 12:26, Steffen Kaiser wrote: > > You asked about "newer dovecot versions", v2.2 does so. > Fair enough :) So, with v2.2+ the hardlink approach is irremediably gone, at least with LMTP (and without relying to SiS)? -- Danti Gionatan Supporto Tecnico Assyoma S.r.l. - www.assyoma.it email: g.danti at assyoma.it - info at assyoma.it GPG public key ID: FF5F32A8 From fzielcke at z-51.de Tue Jul 14 20:20:34 2015 From: fzielcke at z-51.de (Felix Zielcke) Date: Tue, 14 Jul 2015 22:20:34 +0200 Subject: Questions about hardlinks, alternate storage and compression In-Reply-To: References: <55A3806D.7060307@us.es> <55A38958.6020700@assyoma.it> <55A4E1CE.30403@assyoma.it> Message-ID: <1436905234.2144.2.camel@z-51.de> Am Dienstag, den 14.07.2015, 12:26 +0200 schrieb Steffen Kaiser: > On Tue, 14 Jul 2015, Gionatan Danti wrote: > > On 14/07/15 08:17, Steffen Kaiser wrote: > > > On Mon, 13 Jul 2015, Gionatan Danti wrote: > > > > > > > On the other hand, private (per-user) sieve file works without > > > > interfering with hardlinks. In a similar manner, disabling > > > > sieve also > > > > permits dovecot to create multiple hardlinks for a single > > > > message. > > > > > > > > Does someone know if newer dovecot versions change anything in > > > > this > > > > regard? > > > > > > LMTP adds Delivered-To header, so all delivered messages are > > > unique and > > > you cannot hardlink messages regardless of Sieve. > > > > > > If Dovecot LDA adds headers, too, I do not know. > > > > > > > Mmm... I'm using LMTP, but I can't find the "Delivered-To" header. > > Below you can see an example of successfully hard-linked email [1] > > You asked about "newer dovecot versions", v2.2 does so. > I just updated my Dovecot 2.2.13 to the current 2.2.18 This config option was added in the meanwhile: # Which recipient address to use for Delivered-To: header and Received: # header. The default is "final", which is the same as the one given to # RCPT TO command. "original" uses the address given in RCPT TO's ORCPT # parameter, "none" uses nothing. Note that "none" is currently always used # when a mail has multiple recipients. #lmtp_hdr_delivery_address = final Doestn't that mean if you set it to none that no Delived-To: header gets added then? From ct at flyingcircus.io Tue Jul 14 20:44:27 2015 From: ct at flyingcircus.io (Christian Theune) Date: Tue, 14 Jul 2015 22:44:27 +0200 Subject: Admin access to sieve filters with managesieve Message-ID: <65F4C976-4ED4-4C5F-9D4A-EB8805D7DE0D@flyingcircus.io> Hi, I?ve been a long-time user of Cyrus and started using sieve with Dovecot recently. A question that came up is: how do I access a users?s sieve scripts through managesieve without their credentials? Managesieve allows separating authentation and the corresponding mailbox identification, right? That?s what I used with cyrus sieve all the time. :) I didn?t find documentation in the wiki or googling where to configure someone as admin in Dovecot so he can access foreign sieve scripts through managesieve. Pointers? Am I using the right words? Cheers, Christian ? Christian Theune ? ct at flyingcircus.io ? +49 345 219401 0 Flying Circus Internet Operations GmbH ? http://flyingcircus.io Forsterstra?e 29 ? 06112 Halle (Saale) ? Deutschland HR Stendal HRB 21169 ? Gesch?ftsf?hrer: Christian. Theune, Christian. Zagrodnick -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 496 bytes Desc: Message signed with OpenPGP using GPGMail URL: From zhuceyonghu_2013 at 163.com Wed Jul 15 03:07:18 2015 From: zhuceyonghu_2013 at 163.com (=?GBK?B?zuK1zw==?=) Date: Wed, 15 Jul 2015 11:07:18 +0800 (CST) Subject: Null deference pointer in dovecot-2.2.18 Message-ID: <77ff3a4c.601a.14e8fae4212.Coremail.zhuceyonghu_2013@163.com> Dear, use our static analysis tools, I find some bugs (Null deference pointer) for dovecot-2.2.18. Null deference pointer bugs often make program crashes, Please confim them, Thanks! 1. dovecot-2.2.18/src/config/config-request.c 332 'setting_export_section_name(ctx->prefix, def, children[i], i);', pointer 'children' in line 202 assigned NULL and if branch 'case SET_DEFLIST_UNIQUE' not execute, so pointer 'children' is always NULL. It load to a bug of null deference pointer In line 332. The same bugs also appeared in : 1. dovecot-2.2.18/src/lib-index/mail-index-fsck.c line 170 or 174, pointer 'kw_rec ' mybe NULL. 2.dovecot-2.2.18/src/lib-storage/mail-search-args-simplify line 349, pointer 'prev_arg' mybe NULL. best wishes~ Amy From fzielcke at z-51.de Wed Jul 15 05:24:44 2015 From: fzielcke at z-51.de (Felix Zielcke) Date: Wed, 15 Jul 2015 07:24:44 +0200 Subject: Admin access to sieve filters with managesieve In-Reply-To: <65F4C976-4ED4-4C5F-9D4A-EB8805D7DE0D@flyingcircus.io> References: <65F4C976-4ED4-4C5F-9D4A-EB8805D7DE0D@flyingcircus.io> Message-ID: <1436937884.1253.6.camel@z-51.de> Am Dienstag, den 14.07.2015, 22:44 +0200 schrieb Christian Theune: > Hi, > > I?ve been a long-time user of Cyrus and started using sieve with > Dovecot recently. A question that came up is: how do I access a > users?s sieve scripts through managesieve without their credentials? > Managesieve allows separating authentation and the corresponding > mailbox identification, right? That?s what I used with cyrus sieve > all the time. :) > > I didn?t find documentation in the wiki or googling where to > configure someone as admin in Dovecot so he can access foreign sieve > scripts through managesieve. > > Pointers? Am I using the right words? > Hi, Dovecot has Master Users which can login as other users. http://wiki2.dovecot.org/Authentication/MasterUsers But I don't know if this also applies to managesieve and works for you. Cheers, Felix From troeder at univention.de Wed Jul 15 06:44:35 2015 From: troeder at univention.de (=?UTF-8?B?RGFuaWVsIFRyw7ZkZXI=?=) Date: Wed, 15 Jul 2015 08:44:35 +0200 Subject: Admin access to sieve filters with managesieve In-Reply-To: <1436937884.1253.6.camel@z-51.de> References: <65F4C976-4ED4-4C5F-9D4A-EB8805D7DE0D@flyingcircus.io> <1436937884.1253.6.camel@z-51.de> Message-ID: <55A60153.5020000@univention.de> Am 15.07.2015 um 07:24 schrieb Felix Zielcke: > Am Dienstag, den 14.07.2015, 22:44 +0200 schrieb Christian Theune: >> Hi, >> >> I?ve been a long-time user of Cyrus and started using sieve with >> Dovecot recently. A question that came up is: how do I access a >> users?s sieve scripts through managesieve without their credentials? >> Managesieve allows separating authentation and the corresponding >> mailbox identification, right? That?s what I used with cyrus sieve >> all the time. :) >> >> I didn?t find documentation in the wiki or googling where to >> configure someone as admin in Dovecot so he can access foreign sieve >> scripts through managesieve. >> >> Pointers? Am I using the right words? >> > Hi, > > Dovecot has Master Users which can login as other users. > > http://wiki2.dovecot.org/Authentication/MasterUsers > > But I don't know if this also applies to managesieve and works for you. It work for managesieve as well - I use it upon account creation to upload a 1st user script. @Christian: to not get confused: a master user is not a user account. It can only login as someone else! Greetings Daniel -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From skdovecot at smail.inf.fh-brs.de Wed Jul 15 06:51:49 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Wed, 15 Jul 2015 08:51:49 +0200 (CEST) Subject: Null deference pointer in dovecot-2.2.18 In-Reply-To: <77ff3a4c.601a.14e8fae4212.Coremail.zhuceyonghu_2013@163.com> References: <77ff3a4c.601a.14e8fae4212.Coremail.zhuceyonghu_2013@163.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 15 Jul 2015, ?? wrote: > use our static analysis tools, I find some bugs (Null deference > pointer) for dovecot-2.2.18. Null deference pointer bugs often make > program crashes, Please confim them, Thanks! Say, did you checked the code manually yourself, too? Automated checks are hints, if at all. > 1. dovecot-2.2.18/src/config/config-request.c 332 > > 'setting_export_section_name(ctx->prefix, def, children[i], i);', pointer 'children' in line 202 assigned NULL and if branch 'case SET_DEFLIST_UNIQUE' not execute, so pointer 'children' is always NULL. It load to a bug of null deference pointer In line 332. e.g.: line 332 is passed only, if count > 0. count appears just a very few times in this function, easily to be spotted and judged, that count == 0 always, except in cases: case SET_DEFLIST: case SET_DEFLIST_UNIQUE: here your tool also missed the 2nd case. > The same bugs also appeared in : > > > 1. dovecot-2.2.18/src/lib-index/mail-index-fsck.c line 170 or 174, pointer 'kw_rec ' mybe NULL. > > > 2.dovecot-2.2.18/src/lib-storage/mail-search-args-simplify line 349, pointer 'prev_arg' mybe NULL. > > > > > > > best wishes~ > > > Amy > > > > > - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVaYDBXz1H7kL/d9rAQIkMAf/Y1yhstS3ky99WaQpchZ/TU/uwmtqvbdk 8CwmzsxNIsvMzoLqgCI3pCzY/e2zslGhwkDMJ0uncDTSEPuiJXwYWwEyiS0V1Ynl xPk85oOMurkrf9Z53r9QmhHZ4ZyB121q6c4xFxZZPTF3bJrAtocj4g2Ej6l1aw79 RlPiXLBKwxjttujSg73tG1ptDD/Wix/gQslTSm+tTZXGFLfMutM+qu4fKBvVqIBy IrEkyGI6cx5yxfZfgm0ECazL3VgJAqICQsQvPvTS5vwjyphqlLckphXKlIl7dSzH pXK6QKnaWW2AJ3fkZPIPVT8c1Moy0g3Y3ImIFXgzuNafP8k7nPqQhQ== =KRJF -----END PGP SIGNATURE----- From ct at flyingcircus.io Wed Jul 15 08:51:07 2015 From: ct at flyingcircus.io (Christian Theune) Date: Wed, 15 Jul 2015 10:51:07 +0200 Subject: Admin access to sieve filters with managesieve In-Reply-To: <55A60153.5020000@univention.de> References: <65F4C976-4ED4-4C5F-9D4A-EB8805D7DE0D@flyingcircus.io> <1436937884.1253.6.camel@z-51.de> <55A60153.5020000@univention.de> Message-ID: <8134A298-EECD-49E0-AAC7-C218C9EEFA6A@flyingcircus.io> Hi, thanks for the pointer! I?ll get this checked out. Happy if the master user is not a regular account. Thanks for the clarification! :) Christian > On 15 Jul 2015, at 08:44, Daniel Tr?der wrote: > > Am 15.07.2015 um 07:24 schrieb Felix Zielcke: >> Am Dienstag, den 14.07.2015, 22:44 +0200 schrieb Christian Theune: >>> Hi, >>> >>> I?ve been a long-time user of Cyrus and started using sieve with >>> Dovecot recently. A question that came up is: how do I access a >>> users?s sieve scripts through managesieve without their credentials? >>> Managesieve allows separating authentation and the corresponding >>> mailbox identification, right? That?s what I used with cyrus sieve >>> all the time. :) >>> >>> I didn?t find documentation in the wiki or googling where to >>> configure someone as admin in Dovecot so he can access foreign sieve >>> scripts through managesieve. >>> >>> Pointers? Am I using the right words? >>> >> Hi, >> >> Dovecot has Master Users which can login as other users. >> >> http://wiki2.dovecot.org/Authentication/MasterUsers >> >> But I don't know if this also applies to managesieve and works for you. > It work for managesieve as well - I use it upon account creation to > upload a 1st user script. > @Christian: to not get confused: a master user is not a user account. It > can only login as someone else! > > Greetings > Daniel ? Christian Theune ? ct at flyingcircus.io ? +49 345 219401 0 Flying Circus Internet Operations GmbH ? http://flyingcircus.io Forsterstra?e 29 ? 06112 Halle (Saale) ? Deutschland HR Stendal HRB 21169 ? Gesch?ftsf?hrer: Christian. Theune, Christian. Zagrodnick -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 496 bytes Desc: Message signed with OpenPGP using GPGMail URL: From r at sys4.de Thu Jul 16 08:46:28 2015 From: r at sys4.de (Ralf Hildebrandt) Date: Thu, 16 Jul 2015 10:46:28 +0200 Subject: doveadm import - strange warning Message-ID: <20150716084628.GA17953@sys4.de> I'm using the doveadm import command to extract mails from my backup: % doveadm import -u restore at backup.invalid mdbox:/home/copymail/mdbox "" \ mailbox INBOX header Delivered-To backup+$SEARCHPATTERN at backup.invalid This works like a charm, I'm getting all the mails, and I can access the newly generated mailbox. But when executing the command I'm getting an annoying warning: doveadm(restore at backup.invalid): Error: chdir(/root/) failed: Permission denied (euid=1001(copymail) egid=1001(copymail) missing +x perm: /root, dir owned by 0:0 mode=0700) doveadm(restore at backup.invalid): Error: chdir(/root) failed: Permission denied I'm using a file based authentication: # cat passwd restore at backup.invalid:{SHA}+/...the.hash...:1001:1001:(gecos):/home/restore:: So why is "restore at backup.invalid" being associated with /root? I'm using 2:2.2.18-1~auto+91, but the warning has been around for ages :) -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From sebastian.wiedenroth at skylime.net Thu Jul 16 15:03:37 2015 From: sebastian.wiedenroth at skylime.net (Sebastian Wiedenroth) Date: Thu, 16 Jul 2015 17:03:37 +0200 Subject: [Patch] Fix hang in safe_sendfile on SmartOS Message-ID: # HG changeset patch # User Sebastian Wiedenroth # Date 1437050484 -7200 # Thu Jul 16 14:41:24 2015 +0200 # Node ID 7ef3a533b097e8e6590e754dc56ad308ab29233b # Parent e3640ccaa76d77a9658126d1f8f306480dad8af7 Fix hang in safe_sendfile on SmartOS The call to sendfile on SmartOS can fail with EOPNOTSUPP. This is a valid error code and documented in the man page. This error code needs to be handled or else dovecot will retry the sendfile call endlessly and hang. diff -r e3640ccaa76d -r 7ef3a533b097 src/lib/sendfile-util.c --- a/src/lib/sendfile-util.c Sat Jan 10 04:32:42 2015 +0200 +++ b/src/lib/sendfile-util.c Thu Jul 16 14:41:24 2015 +0200 @@ -116,7 +116,7 @@ if (errno == EINVAL) { /* most likely trying to read past EOF */ ret = 0; - } else if (errno == EAFNOSUPPORT) { + } else if (errno == EAFNOSUPPORT || errno == EOPNOTSUPP) { /* not supported, return Linux-like EINVAL so caller sees only consistent errnos. */ errno = EINVAL; From awang at opentext.com Fri Jul 17 00:39:35 2015 From: awang at opentext.com (Arnold Wang) Date: Fri, 17 Jul 2015 00:39:35 +0000 Subject: question on Dovecot replication Message-ID: <9AA036025B539247A654D55060AC806A19D373B2@otwlxg22.opentext.net> I'm running Dovecot 2.2.x and have a question on its replication capability. I plan to run Dovecot in two different sites with two nodes at each site. My question is how many replication partners can each Dovecot node have? Can I define three "mail_replica" entries in every node so any message received by one node will be replicated to three other nodes automatically? Thanks in advance for your help. From james at lottspot.com Fri Jul 17 01:42:50 2015 From: james at lottspot.com (james at lottspot.com) Date: Thu, 16 Jul 2015 18:42:50 -0700 Subject: Quota policy service not rejecting messages when user over quota Message-ID: <3bdc70181f32eac67cb0c4eb0cc3d25b@lottspot.com> For some very odd reason, the quota-status service is failing to enforce quotas. Every other aspect of my configuration is working with absolutely no problems. When I attempt delivery via LTMP, the message is, as expected, rejected due to the user's inbox being full. root at smtp:/usr/local/etc/mail-config # nc -U /var/spool/postfix/private/dovecot-lmtp < 220 mx0.lottspot.com Dovecot ready. > LHLO localhost < 250-mx0.lottspot.com < 250-8BITMIME < 250-ENHANCEDSTATUSCODES < 250 PIPELINING > MAIL FROM: < 250 2.1.0 OK > RCPT TO: < 552 5.2.2 Quota exceeded (mailbox for user is full) The policy service however, just lets everything go right through. I know that accessing the userdb is not an issue, because I passed a bogus user before passing my real user and received the expected response. root at smtp:/usr/local/etc/mail-config # nc -U /var/spool/postfix/private/policy-quota > recipient=noop at fake.tld > < action=551 User not found < > recipient=james at lottspot.vpn > < action=250 Quota status success < I'm using Dovecot 2.2.15, and I have included my quota configuration below. If anyone wants to see full doveconf -n output, I can provide it, but figured it was a bit much for this case. Thanks in advance for any pointers! --> Note: I'm the quota_status_* directives have been set as is for testing purposes only. I'm fully aware not to do that in production. plugin { quota = maildir:User quota quota_rule = *:bytes=1G quota_rule2 = Trash:storage=+10%% quota_status_success = "250 Quota status success" quota_status_nouser = "551 User not found" quota_status_overquota = "552 5.2.2 Recipient mailbox is full" } service quota-status { executable = quota-status -p postfix unix_listener /var/spool/postfix/private/policy-quota { user = postfix group = wheel mode = 0666 } } From james at lottspot.com Fri Jul 17 02:10:50 2015 From: james at lottspot.com (james at lottspot.com) Date: Thu, 16 Jul 2015 19:10:50 -0700 Subject: [Sieve] Unable to fileinto subfolders Message-ID: Hello again list! I am configuring a server running Dovecot 2.2.15 (Pigeonhole 0.4.6), and I am having an issue with Sieve scripts where I cannot sort messages into a subfolder of a mailbox. An email which is matched by the following script: require "fileinto"; if header :contains "Subject" "[SORT ME]" { fileinto "INBOX.Sorted"; } Yields the following error: Jul 16 18:54:46 smtp dovecot: lmtp(james at lottspot.vpn): Error: DiJmNGZgqFWLFAEANWXNPw: sieve: msgid=<4973528.yvy4Yu8Tt4 at arch_project>: failed to store into mailbox 'INBOX.Sorted': Character not allowed in mailbox name: '.' As far as I can tell based on the Sieve usage page in the wiki (http://wiki2.dovecot.org/Pigeonhole/Sieve/Usage), this is *supposed* to work. I have included my namespace configuration below, but if anyone wants the whole doveconf -n, I will gladly provide it. Thanks in advance for any help! namespace inbox { type = private separator = / prefix = inbox = yes mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Sent { auto = subscribe special_use = \Sent } mailbox Spam { auto = subscribe special_use = \Junk } mailbox Trash { auto = subscribe special_use = \Trash } } namespace { type = shared separator = / prefix = shared/%%d/%%n/ location = maildir:/home/%%d/%%n/mail:INDEX=~/indexes/%%d/%%n:INDEXPVT=~/indexes/%%d/%%n subscriptions = no list = children } From ml+dovecot at valo.at Fri Jul 17 04:56:39 2015 From: ml+dovecot at valo.at (Christian Kivalo) Date: Fri, 17 Jul 2015 06:56:39 +0200 Subject: [Sieve] Unable to fileinto subfolders In-Reply-To: References: Message-ID: <17D3BFF2-2630-4B0F-83D4-360126952AB3@valo.at> Am 17. Juli 2015 04:10:50 MESZ, schrieb james at lottspot.com: >Hello again list! > Hello, > >require "fileinto"; >if header :contains "Subject" "[SORT ME]" { fileinto "INBOX.Sorted"; } > >Yields the following error: > >Jul 16 18:54:46 smtp dovecot: lmtp(james at lottspot.vpn): Error: >DiJmNGZgqFWLFAEANWXNPw: sieve: msgid=<4973528.yvy4Yu8Tt4 at arch_project>: > >failed to store into mailbox 'INBOX.Sorted': Character not allowed in >mailbox name: '.' [snip] >namespace inbox { > type = private > separator = / > prefix = > inbox = yes Your path does not exist. You use INBOX.Sorted in your sieve script but have set / as separator in the namespace config. Sieve expects a directory "INBOX.Sorted" in your maildir, the dirctory probably exists as "INBOX" with a subdirectory "Sorted" inside. Changeing the fileinto in the sieve script to "INBOX/Sorted" ahould sort things out. regards - christian From james at lottspot.com Fri Jul 17 05:29:32 2015 From: james at lottspot.com (James Lott) Date: Thu, 16 Jul 2015 22:29:32 -0700 Subject: [Sieve] Unable to fileinto subfolders In-Reply-To: <17D3BFF2-2630-4B0F-83D4-360126952AB3@valo.at> References: <17D3BFF2-2630-4B0F-83D4-360126952AB3@valo.at> Message-ID: <1770712.vgjrnVp7f6@arch_project> Goodness gracious. I have no idea how I overlooked that. You are, of course, correct, and that immediately resolved the issue. Thanks for the help getting that sorted! On Friday, July 17, 2015 06:56:39 Christian Kivalo wrote: > Am 17. Juli 2015 04:10:50 MESZ, schrieb james at lottspot.com: > >Hello again list! > > Hello, > > >require "fileinto"; > >if header :contains "Subject" "[SORT ME]" { fileinto "INBOX.Sorted"; } > > > >Yields the following error: > > > >Jul 16 18:54:46 smtp dovecot: lmtp(james at lottspot.vpn): Error: > >DiJmNGZgqFWLFAEANWXNPw: sieve: msgid=<4973528.yvy4Yu8Tt4 at arch_project>: > > > >failed to store into mailbox 'INBOX.Sorted': Character not allowed in > >mailbox name: '.' > > [snip] > > >namespace inbox { > > > > type = private > > separator = / > > prefix = > > inbox = yes > > Your path does not exist. You use INBOX.Sorted in your sieve script but have > set / as separator in the namespace config. > > Sieve expects a directory "INBOX.Sorted" in your maildir, the dirctory > probably exists as "INBOX" with a subdirectory "Sorted" inside. > > Changeing the fileinto in the sieve script to "INBOX/Sorted" ahould sort > things out. > > > regards > - christian -- James Lott -- James Lott From james at lottspot.com Fri Jul 17 06:22:08 2015 From: james at lottspot.com (James Lott) Date: Thu, 16 Jul 2015 23:22:08 -0700 Subject: Quota policy service not rejecting messages when user over quota In-Reply-To: <3bdc70181f32eac67cb0c4eb0cc3d25b@lottspot.com> References: <3bdc70181f32eac67cb0c4eb0cc3d25b@lottspot.com> Message-ID: <2232414.lSvEL2IBgF@arch_project> This issue was another silly oversight on my part. It turns out I had neglected to include 'quota' in my mail_plugins directive. For shame. On Thursday, July 16, 2015 18:42:50 james at lottspot.com wrote: > For some very odd reason, the quota-status service is failing to enforce > quotas. Every other aspect of my configuration is working with > absolutely no problems. When I attempt delivery via LTMP, the message > is, as expected, rejected due to the user's inbox being full. > > root at smtp:/usr/local/etc/mail-config # nc -U > /var/spool/postfix/private/dovecot-lmtp > < 220 mx0.lottspot.com Dovecot ready. > > > LHLO localhost > > < 250-mx0.lottspot.com > < 250-8BITMIME > < 250-ENHANCEDSTATUSCODES > < 250 PIPELINING > > > MAIL FROM: > > < 250 2.1.0 OK > > > RCPT TO: > > < 552 5.2.2 Quota exceeded (mailbox for user is > full) > > The policy service however, just lets everything go right through. I > know that accessing the userdb is not an issue, because I passed a bogus > user before passing my real user and received the expected response. > > root at smtp:/usr/local/etc/mail-config # nc -U > /var/spool/postfix/private/policy-quota > > > recipient=noop at fake.tld > > < action=551 User not found > < > > > recipient=james at lottspot.vpn > > < action=250 Quota status success > < > > I'm using Dovecot 2.2.15, and I have included my quota configuration > below. If anyone wants to see full doveconf -n output, I can provide it, > but figured it was a bit much for this case. Thanks in advance for any > pointers! > > --> Note: I'm the quota_status_* directives have been set as is for > testing purposes only. I'm fully aware not to do that in production. > > plugin { > quota = maildir:User quota > quota_rule = *:bytes=1G > quota_rule2 = Trash:storage=+10%% > quota_status_success = "250 Quota status success" > quota_status_nouser = "551 User not found" > quota_status_overquota = "552 5.2.2 Recipient mailbox is full" > } > service quota-status { > executable = quota-status -p postfix > unix_listener /var/spool/postfix/private/policy-quota { > user = postfix > group = wheel > mode = 0666 > } > } -- James Lott From wuweiwwd at sina.com Fri Jul 17 07:09:26 2015 From: wuweiwwd at sina.com (wuwei) Date: Fri, 17 Jul 2015 00:09:26 -0700 (PDT) Subject: migrate via dsync error Panic: file mail-transaction-log.c: line 271 (mail_transaction_log_rotate): assertion failed: (file->locked) Message-ID: <1437116966401-53328.post@n4.nabble.com> hi all when I use dsync migrate users from dovecot2.0.14(maildir Solaris10) to dovecot2.2.15(mdbox debian7) , most of the users migrated well, only one user has a error. migrate cmd: "$dovecotHome"bin/doveadm -Dv -o mail_fsync=never -o imapc_host=$ip backup -R -u $user imapc: dovecot2.2.15 log: doveadm(root): Debug: Loading modules from directory: /home/mail/dovecot/lib/dovecot doveadm(root): Debug: Module loaded: /home/mail/dovecot/lib/dovecot/lib10_quota_plugin.so doveadm(root): Debug: Module loaded: /home/mail/dovecot/lib/dovecot/lib15_notify_plugin.so doveadm(root): Debug: Module loaded: /home/mail/dovecot/lib/dovecot/lib20_fts_plugin.so doveadm(root): Debug: Module loaded: /home/mail/dovecot/lib/dovecot/lib20_mail_log_plugin.so doveadm(root): Debug: Module loaded: /home/mail/dovecot/lib/dovecot/lib20_zlib_plugin.so doveadm(root): Debug: Module loaded: /home/mail/dovecot/lib/dovecot/lib21_fts_lucene_plugin.so doveadm(root): Debug: Loading modules from directory: /home/mail/dovecot/lib/dovecot/doveadm doveadm(root): Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: /home/mail/dovecot/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so: undefined symbol: acl_user_module (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /home/mail/dovecot/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so: undefined s ymbol: expire_set_deinit (this is usually intentional, so just ignore this message) doveadm(root): Debug: Module loaded: /home/mail/dovecot/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so doveadm(root): Debug: Module loaded: /home/mail/dovecot/lib/dovecot/doveadm/lib10_doveadm_sieve_plugin.so doveadm(root): Debug: Module loaded: /home/mail/dovecot/lib/dovecot/doveadm/lib20_doveadm_fts_lucene_plugin.so doveadm(root): Debug: Module loaded: /home/mail/dovecot/lib/dovecot/doveadm/lib20_doveadm_fts_plugin.so doveadm(chenwenguang at eachnet.com): Debug: auth input: chenwenguang at eachnet.com home=/data/02/eachnet.com/281/721/chenwenguang at eachnet.com uid=1010 gid=1010 mail=mdbox:/ data/02/eachnet.com/281/721/chenwenguang at eachnet.com quota_rule=*:storage=1024MB sieve_dir=/data/02/eachnet.com/281/721/chenwenguang at eachnet.com sieve=/data/02/eachnet. com/281/721/chenwenguang at eachnet.com/dovecot.sieve doveadm(chenwenguang at eachnet.com): Debug: Added userdb setting: mail=mdbox:/data/02/eachnet.com/281/721/chenwenguang at eachnet.com doveadm(chenwenguang at eachnet.com): Debug: Added userdb setting: plugin/quota_rule=*:storage=1024MB doveadm(chenwenguang at eachnet.com): Debug: Added userdb setting: plugin/sieve=/data/02/eachnet.com/281/721/chenwenguang at eachnet.com/dovecot.sieve doveadm(chenwenguang at eachnet.com): Debug: Added userdb setting: plugin/sieve_dir=/data/02/eachnet.com/281/721/chenwenguang at eachnet.com doveadm(chenwenguang at eachnet.com): Debug: Effective uid=1010, gid=1010, home=/data/02/eachnet.com/281/721/chenwenguang at eachnet.com doveadm(chenwenguang at eachnet.com): Debug: Quota root: name=chenwenguang at eachnet.com backend=dict args=:redis:host=172.24.202.60:prefix=user_quota/ doveadm(chenwenguang at eachnet.com): Debug: Quota rule: root=chenwenguang at eachnet.com mailbox=* bytes=1073741824 messages=0 doveadm(chenwenguang at eachnet.com): Debug: Quota rule: root=chenwenguang at eachnet.com mailbox=Trash bytes=+858993459 (80%) messages=0 doveadm(chenwenguang at eachnet.com): Debug: Quota warning: bytes=966367641 (90%) messages=0 reverse=no command=quota-warning 90 chenwenguang at eachnet.com doveadm(chenwenguang at eachnet.com): Debug: Quota warning: bytes=858993459 (80%) messages=0 reverse=no command=quota-warning 80 chenwenguang at eachnet.com doveadm(chenwenguang at eachnet.com): Debug: Quota warning: bytes=751619276 (70%) messages=0 reverse=no command=quota-warning 70 chenwenguang at eachnet.com doveadm(chenwenguang at eachnet.com): Debug: Quota warning: bytes=644245094 (60%) messages=0 reverse=no command=quota-warning 60 chenwenguang at eachnet.com doveadm(chenwenguang at eachnet.com): Debug: Quota grace: root=chenwenguang at eachnet.com bytes=107374182 (10%) doveadm(chenwenguang at eachnet.com): Debug: dict quota: user=chenwenguang at eachnet.com, uri=redis:host=172.24.202.60:prefix=user_quota/, noenforcing=0 doveadm(chenwenguang at eachnet.com): Debug: Namespace inbox: type=private, prefix=, sep=., inbox=yes, hidden=no, list=yes, subscriptions=yes location=mdbox:/data/02/eachn et.com/281/721/chenwenguang at eachnet.com doveadm(chenwenguang at eachnet.com): Debug: fs: root=/data/02/eachnet.com/281/721/chenwenguang at eachnet.com, index=, indexpvt=, control=, inbox=, alt= doveadm(chenwenguang at eachnet.com): Debug: Namespace : Using permissions from /data/02/eachnet.com/281/721/chenwenguang at eachnet.com: mode=0700 gid=default dsync(chenwenguang at eachnet.com): Debug: Effective uid=1010, gid=1010, home=/data/02/eachnet.com/281/721/chenwenguang at eachnet.com dsync(chenwenguang at eachnet.com): Debug: Quota root: name=chenwenguang at eachnet.com backend=dict args=:redis:host=172.24.202.60:prefix=user_quota/ dsync(chenwenguang at eachnet.com): Debug: Quota rule: root=chenwenguang at eachnet.com mailbox=* bytes=1073741824 messages=0 dsync(chenwenguang at eachnet.com): Debug: Quota rule: root=chenwenguang at eachnet.com mailbox=Trash bytes=+858993459 (80%) messages=0 dsync(chenwenguang at eachnet.com): Debug: Quota warning: bytes=966367641 (90%) messages=0 reverse=no command=quota-warning 90 chenwenguang at eachnet.com dsync(chenwenguang at eachnet.com): Debug: Quota warning: bytes=858993459 (80%) messages=0 reverse=no command=quota-warning 80 chenwenguang at eachnet.com dsync(chenwenguang at eachnet.com): Debug: Quota warning: bytes=751619276 (70%) messages=0 reverse=no command=quota-warning 70 chenwenguang at eachnet.com dsync(chenwenguang at eachnet.com): Debug: Quota warning: bytes=644245094 (60%) messages=0 reverse=no command=quota-warning 60 chenwenguang at eachnet.com dsync(chenwenguang at eachnet.com): Debug: Quota grace: root=chenwenguang at eachnet.com bytes=107374182 (10%) dsync(chenwenguang at eachnet.com): Debug: dict quota: user=chenwenguang at eachnet.com, uri=redis:host=172.24.202.60:prefix=user_quota/, noenforcing=0 dsync(chenwenguang at eachnet.com): Debug: Namespace inbox: type=private, prefix=, sep=., inbox=yes, hidden=no, list=yes, subscriptions=yes location=imapc: dsync(chenwenguang at eachnet.com): Debug: imapc(172.24.202.201:143): Looking up IP address dsync(chenwenguang at eachnet.com): Debug: imapc(172.24.202.201:143): Connecting to 172.24.202.201:143 dsync(chenwenguang at eachnet.com): Debug: imapc(172.24.202.201:143): Server capabilities: IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN dsync(chenwenguang at eachnet.com): Debug: imapc(172.24.202.201:143): Authenticating as chenwenguang at eachnet.com dsync(chenwenguang at eachnet.com): Debug: imapc(172.24.202.201:143): Server capabilities: IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THRE AD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST -STATUS QUOTA dsync(chenwenguang at eachnet.com): Debug: imapc(172.24.202.201:143): Authenticated successfully dsync(chenwenguang at eachnet.com): Debug: imapc: root=, index=, indexpvt=, control=, inbox=, alt= dsync(chenwenguang at eachnet.com): Debug: fts: Indexes disabled for namespace '' dsync(chenwenguang at eachnet.com): Debug: brain M: Local mailbox tree: Drafts guid=e0187b65e763143666d22094cedfe6a4 uid_validity=1279693072 uid_next=1 subs=no last_change =0 last_subs=0 dsync(chenwenguang at eachnet.com): Debug: brain S: Local mailbox tree: INBOX guid=c92f64f79f0d1ed01e6d5b314f04886c uid_validity=1279693068 uid_next=134807 subs=no last_ch ange=0 last_subs=0 dsync(chenwenguang at eachnet.com): Debug: brain M: Local mailbox tree: Trash guid=7f5af7ba291b2df1a11d573bdb55d7e9 uid_validity=1279693071 uid_next=1 subs=no last_change= 0 last_subs=0 dsync(chenwenguang at eachnet.com): Debug: brain S: Local mailbox tree: Drafts guid=e0187b65e763143666d22094cedfe6a4 uid_validity=1279693072 uid_next=1 subs=no last_change =0 last_subs=0 dsync(chenwenguang at eachnet.com): Debug: brain M: Local mailbox tree: Sent Items guid=34b8141947b9372e94589bd35a54dac5 uid_validity=1279693070 uid_next=1 subs=no last_ch ange=0 last_subs=0 dsync(chenwenguang at eachnet.com): Debug: brain S: Local mailbox tree: Trash guid=7f5af7ba291b2df1a11d573bdb55d7e9 uid_validity=1279693071 uid_next=1 subs=no last_change= 0 last_subs=0 dsync(chenwenguang at eachnet.com): Debug: brain M: Local mailbox tree: INBOX guid=c92f64f79f0d1ed01e6d5b314f04886c uid_validity=1279693068 uid_next=1 subs=no last_change= 0 last_subs=0 dsync(chenwenguang at eachnet.com): Debug: brain S: Local mailbox tree: Sent Items guid=34b8141947b9372e94589bd35a54dac5 uid_validity=1279693070 uid_next=1 subs=no last_ch ange=0 last_subs=0 dsync(chenwenguang at eachnet.com): Debug: brain M: Local mailbox tree: Junk E-mail guid=9e1a7b3d0b113405571152c94fcf1154 uid_validity=1279693069 uid_next=1 subs=no last_c hange=0 last_subs=0 dsync(chenwenguang at eachnet.com): Debug: brain S: Local mailbox tree: Junk E-mail guid=9e1a7b3d0b113405571152c94fcf1154 uid_validity=1279693069 uid_next=1 subs=no last_c hange=0 last_subs=0 dsync(chenwenguang at eachnet.com): Debug: brain M: Remote mailbox tree: INBOX guid=c92f64f79f0d1ed01e6d5b314f04886c uid_validity=1279693068 uid_next=134807 subs=no last_c hange=0 last_subs=0 dsync(chenwenguang at eachnet.com): Debug: brain M: Remote mailbox tree: Drafts guid=e0187b65e763143666d22094cedfe6a4 uid_validity=1279693072 uid_next=1 subs=no last_chang e=0 last_subs=0 dsync(chenwenguang at eachnet.com): Debug: brain M: Remote mailbox tree: Trash guid=7f5af7ba291b2df1a11d573bdb55d7e9 uid_validity=1279693071 uid_next=1 subs=no last_change =0 last_subs=0 dsync(chenwenguang at eachnet.com): Debug: brain M: Remote mailbox tree: Sent Items guid=34b8141947b9372e94589bd35a54dac5 uid_validity=1279693070 uid_next=1 subs=no last_c hange=0 last_subs=0 dsync(chenwenguang at eachnet.com): Debug: brain M: Remote mailbox tree: Junk E-mail guid=9e1a7b3d0b113405571152c94fcf1154 uid_validity=1279693069 uid_next=1 subs=no last_ change=0 last_subs=0 dsync(chenwenguang at eachnet.com): Debug: brain S: Remote mailbox tree: Drafts guid=e0187b65e763143666d22094cedfe6a4 uid_validity=1279693072 uid_next=1 subs=no last_chang e=0 last_subs=0 dsync(chenwenguang at eachnet.com): Debug: brain S: Remote mailbox tree: Trash guid=7f5af7ba291b2df1a11d573bdb55d7e9 uid_validity=1279693071 uid_next=1 subs=no last_change =0 last_subs=0 dsync(chenwenguang at eachnet.com): Debug: brain S: Remote mailbox tree: Sent Items guid=34b8141947b9372e94589bd35a54dac5 uid_validity=1279693070 uid_next=1 subs=no last_c hange=0 last_subs=0 dsync(chenwenguang at eachnet.com): Debug: brain S: Remote mailbox tree: INBOX guid=c92f64f79f0d1ed01e6d5b314f04886c uid_validity=1279693068 uid_next=1 subs=no last_change =0 last_subs=0 dsync(chenwenguang at eachnet.com): Debug: brain S: Remote mailbox tree: Junk E-mail guid=9e1a7b3d0b113405571152c94fcf1154 uid_validity=1279693069 uid_next=1 subs=no last_ change=0 last_subs=0 dsync(chenwenguang at eachnet.com): Debug: brain S: Skipping unchanged mailbox e0187b65e763143666d22094cedfe6a4 dsync(chenwenguang at eachnet.com): Panic: file mail-transaction-log.c: line 271 (mail_transaction_log_rotate): assertion failed: (file->locked) dsync(chenwenguang at eachnet.com): Error: Raw backtrace: /home/mail/dovecot/lib/dovecot/libdovecot.so.0(+0x750bf) [0x7fe817a980bf] -> /home/mail/dovecot/lib/dovecot/libdo vecot.so.0(default_fatal_handler+0x2a) [0x7fe817a9819a] -> /home/mail/dovecot/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7fe817a4a335] -> /home/mail/dovecot/lib/dovecot/ libdovecot-storage.so.0(+0xd499f) [0x7fe817ddb99f] -> /home/mail/dovecot/lib/dovecot/libdovecot-storage.so.0(mail_index_write+0x1e6) [0x7fe817ddac46] -> /home/mail/dove cot/lib/dovecot/libdovecot-storage.so.0(mail_index_sync_commit+0x2db) [0x7fe817dd2f2b] -> /home/mail/dovecot/lib/dovecot/libdovecot-storage.so.0(imapc_mailbox_sync_init +0x20d) [0x7fe817d7690d] -> /home/mail/dovecot/lib/dovecot/libdovecot-storage.so.0(mailbox_sync_init+0x35) [0x7fe817d89e05] -> /home/mail/dovecot/lib/dovecot/libdovecot -storage.so.0(mailbox_sync+0x27) [0x7fe817d89f27] -> /home/mail/dovecot/bin/doveadm(dsync_brain_slave_recv_mailbox+0x7b) [0x430aeb] -> /home/mail/dovecot/bin/doveadm(ds ync_brain_run+0x256) [0x42e726] -> /home/mail/dovecot/bin/doveadm() [0x414ec0] -> /home/mail/dovecot/bin/doveadm() [0x416a7d] -> /home/mail/dovecot/bin/doveadm(doveadm_ mail_try_run+0x231) [0x417721] -> /home/mail/dovecot/bin/doveadm(main+0x3a8) [0x413bf8] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xfd) [0x7fe8176b5ead] -> / home/mail/dovecot/bin/doveadm() [0x413e11] dovecot2.2.15 conf # 2.2.15: /home/mail/dovecot/etc/dovecot/dovecot.conf doveconf: Warning: service auth { client_limit=80960 } is lower than required under max. load (300000) doveconf: Warning: service anvil { client_limit=60000 } is lower than required under max. load (240003) # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.4 auth_cache_negative_ttl = 1 days auth_cache_size = 1000 k auth_cache_ttl = 1 days auth_debug = yes auth_debug_passwords = yes auth_master_user_separator = * auth_mechanisms = plain login debug_log_path = /data/logs/dovecot/logs/dovecot.log default_client_limit = 60000 default_internal_user = vmail default_login_user = dovecotauth default_process_limit = 60000 disable_plaintext_auth = no first_valid_gid = 1007 first_valid_uid = 1007 imapc_features = rfc822.size fetch-headers imapc_host = 172.24.173.212 imapc_password = 111111 imapc_user = %u info_log_path = /data/logs/dovecot/logs/dovecot.log log_path = /data/logs/dovecot/logs/dovecot.log mail_debug = yes mail_fsync = never mail_plugins = fts fts_lucene mail_log notify quota zlib mail_prefetch_count = 1 maildir_very_dirty_syncs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace inbox { inbox = yes location = mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox "Junk E-mail" { auto = subscribe special_use = \Junk } mailbox "Sent Items" { auto = subscribe special_use = \Sent } mailbox Trash { auto = subscribe special_use = \Trash } prefix = separator = . } passdb { args = /home/mail/dovecot/etc/dovecot/passwd.masterusers driver = passwd-file master = yes } passdb { args = /home/mail/dovecot/bin/CheckPassword driver = checkpassword } plugin { fts = lucene fts_lucene = whitespace_chars=@. mail_debug = yes mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename append mail_log_fields = uid box msgid size quota = dict:%u::redis:host=172.24.202.60:prefix=user_quota/ quota_rule2 = Trash:storage=+80%% quota_warning = storage=90%% quota-warning 90 %u quota_warning2 = storage=80%% quota-warning 80 %u quota_warning3 = storage=70%% quota-warning 70 %u quota_warning4 = storage=60%% quota-warning 60 %u sieve = ~/.dovecot.sieve sieve_dir = ~/sieve welcome_letter_path = /home/mail/dovecot/etc/welcome welcome_letter_url = http://202.108.252.162:8080/domainmail zlib_save = gz zlib_save_level = 6 } pop3_fast_size_lookups = yes pop3_no_flag_updates = yes postmaster_address = postmastar@%d protocols = imap pop3 sieve lmtp service auth-worker { user = dovecotauth } service auth { client_limit = 80960 unix_listener /home/mail/postfix/var/spool/postfix/private/auth-client { group = postfix mode = 0660 user = postfix } } service imap-login { inet_listener imap { port = 143 } service_count = 0 vsz_limit = 2 G } service imap { process_limit = 60240 } service lmtp { inet_listener { port = 11000 } } service managesieve-login { inet_listener sieve { port = 4190 } service_count = 0 vsz_limit = 2 G } service managesieve { process_limit = 80960 } service pop3-login { inet_listener pop3 { port = 110 } service_count = 0 vsz_limit = 2 G } service quota-warning { executable = script /home/mail/dovecot/bin/quota-warning.sh unix_listener quota-warning { user = vmail } user = vmail } ssl = no submission_host = 172.24.203.8:25 userdb { driver = prefetch } userdb { args = /home/mail/dovecot/etc/dovecot/dovecot-dict-auth.conf.ext driver = dict } protocol imap { imap_logout_format = bytes=%i/%o mail_plugins = fts fts_lucene mail_log notify quota zlib imap_quota imap_zlib } protocol pop3 { pop3_logout_format = bytes=%i/%o, top=%t/%p, retr=%r/%b, del=%d/%m, size=%s } protocol sieve { mail_max_userip_connections = 1000 mail_plugins = fts fts_lucene mail_log notify quota zlib quota managesieve_implementation_string = Dovecot Pigeonhole managesieve_logout_format = bytes=%i/%o managesieve_max_compile_errors = 10 managesieve_max_line_length = 65536 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave } need you help!thank you! -- View this message in context: http://dovecot.2317879.n4.nabble.com/migrate-via-dsync-error-Panic-file-mail-transaction-log-c-line-271-mail-transaction-log-rotate-asser-tp53328.html Sent from the Dovecot mailing list archive at Nabble.com. From berni at birkenwald.de Fri Jul 17 10:19:57 2015 From: berni at birkenwald.de (Bernhard Schmidt) Date: Fri, 17 Jul 2015 10:19:57 +0000 (UTC) Subject: Dovecot-EE repository for Debian 8 (Jessie/stable) Message-ID: Hi, are there plans to support Debian 8 (alias stable, alias jessie) in the dovecot-ee repository? Currently there are only squeeze and wheezy repos. The wheezy repo is uninstallable due to an unsatisfyable dependency on libicu48. Of course you can install libicu48 from Wheezy on a Jessie system, but this will break security updates and might not be the best idea for a library like that. Bernhard From berni at birkenwald.de Fri Jul 17 10:52:25 2015 From: berni at birkenwald.de (Bernhard Schmidt) Date: Fri, 17 Jul 2015 10:52:25 +0000 (UTC) Subject: quota_full_tempfail = yes broken with lmtp_rcpt_check_quota (was: Re: lmtp_rcpt_check_quota not working) References: <7DE209CE-2F9D-404C-8215-A705ACCC84A0@swing.be> Message-ID: Bernhard Schmidt wrote: *bump* this is still an issue with Dovecot 2.2.18.2 from the dovecot-ee repository > With 2.2.15 from dovecot-ee it is different. The quota is now checked at > RCPT stage > > # 2.2.15.8 (912dd04d7a14+): /etc/dovecot/dovecot.conf > # Pigeonhole version 0.4.6 (4b9b9a88ac9b) > # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.8 > > -> MAIL FROM: ><- 250 2.1.0 OK > -> RCPT TO: ><** 552 5.2.2 Quota exceeded (mailbox for user is full) > > But as you can see, the setting for quota_full_tempfail is now ignored. > It should be deferring the message, not rejecting it. When I disable > lmtp_rcpt_check_quota it behaves like 2.2.13. > > Summary: > - In 2.2.9 and 2.2.13 lmtp_rcpt_check_quota is ignored > - In 2.2.15 lmtp_rcpt_check_quota works, but quota_full_tempfail is > ignored at the RCPT TO stage. It still works at the DATA stage, so > disabling lmtp_rcpt_check_quota is a workaround falling back to 2.2.13 > behaviour > > Bernhard > From ms at ddnetservice.net Fri Jul 17 13:52:55 2015 From: ms at ddnetservice.net (Michael) Date: Fri, 17 Jul 2015 15:52:55 +0200 Subject: Getting duplicated mails while using imapc and dsync Message-ID: <55A908B7.3020300@ddnetservice.net> Hello list, currently I'm migrating our old mailserver to a new mail architecture that is based on a master-master dovecot setup (two machines). The replication actually works but I'm also syncing our mails from the current mailserver via imapc on a regular schedule. For some reason I've in most (but not all) imapc-synced mailboxes duplicated emails that I also can't deduplicate with doveadm. I've also set up test-mailboxes that I don't sync with imapc and in those I don't have any duplicated mails. My command to sync the mails from the old host to the master-master system looks as follows: doveadm -o imapc_user=$i*dovemig -o imapc_password= -o imapc_host= -o imapc_features="rfc822.size fetch-headers" -o mail_prefetch_count=20 -v -D sync -R -u$EMAIL imapc: &> $LOGS/$i.log So, is this actually the wrong approach to sync mails from the old host to the new one or is it just not recommended to sync them over-and-over again in such a setup via imapc or is it better to sync them only once? Any hint/pointing me to the right solution is greatly appreciated. Michael From SK00335601 at TechMahindra.com Fri Jul 17 15:43:33 2015 From: SK00335601 at TechMahindra.com (Sachin Kulkarni1) Date: Fri, 17 Jul 2015 15:43:33 +0000 Subject: Dovecot - Telnet error Message-ID: Hello All, I have installed dovecot and started it. However when I try to telnet getting below error means dovecot starting is not successful. telnet localhost 10110 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. Connection to localhost closed by foreign host. Please advise. Thanks and Regards, Sachin Kulkarni ============================================================================================================================ Disclaimer: This message and the information contained herein is proprietary and confidential and subject to the Tech Mahindra policy statement, you may review the policy at http://www.techmahindra.com/Disclaimer.html externally http://tim.techmahindra.com/tim/disclaimer.html internally within TechMahindra. ============================================================================================================================ From shane at phpboy.co.za Fri Jul 17 17:01:00 2015 From: shane at phpboy.co.za (Shane James) Date: Fri, 17 Jul 2015 19:01:00 +0200 Subject: Dovecot - Telnet error In-Reply-To: References: Message-ID: <795BEC44-A345-44AD-A841-D901A08D798E@phpboy.co.za> Port 110 is what you want > On 17 Jul 2015, at 17:43, Sachin Kulkarni1 wrote: > > Hello All, > > I have installed dovecot and started it. > > However when I try to telnet getting below error means dovecot starting is not successful. > > telnet localhost 10110 > Trying 127.0.0.1... > Connected to localhost. > Escape character is '^]'. > Connection to localhost closed by foreign host. > > Please advise. > > Thanks and Regards, > Sachin Kulkarni > > > ============================================================================================================================ > Disclaimer: This message and the information contained herein is proprietary and confidential and subject to the Tech Mahindra policy statement, you may review the policy at http://www.techmahindra.com/Disclaimer.html externally http://tim.techmahindra.com/tim/disclaimer.html internally within TechMahindra. > ============================================================================================================================ > From chrjae at gmail.com Fri Jul 17 21:12:11 2015 From: chrjae at gmail.com (Christian Jaeger) Date: Fri, 17 Jul 2015 22:12:11 +0100 Subject: Helper to open "/doc/wiki/.." paths; suggestions Message-ID: I wrote this script to have an easier time looking at the doc paths referenced from the default configuration files (currently using dovecot in Debian oldstable). Feel free to include in the distribution or wherever. Probably a better solution would be to publish the config files with the paths already expanded to the online URL, or a local filesystem path that works (in the latter case, I'd wish the docs would be bundled in html format). I wonder whether to approach the debian maintainer about this or the Dovecot team? Definitely something for the maintainer is to put the bundled docs in a place where I would have expected it (/usr/share/docs/dovecot/wiki/ instead of /usr/share/docs/dovecot-core/dovecot/wiki/, or a dovecot-doc package, also, links or mentions from the doc dirs of all dovecot packages to the docs). Also, I think there should be a README document that serves as the first introduction of the user to how to configure the system: how are the config files split up, what does "!include" mean (why the "!"? Is it a comment char?), other rules on the config file format. I.e. the basics to enable the new user to go about reading the current config and where to find further docs/help. Thanks & Cheers, Christian. -------------- next part -------------- A non-text attachment was scrubbed... Name: dovecot-doc-open Type: application/octet-stream Size: 839 bytes Desc: not available URL: From chrjae at gmail.com Fri Jul 17 21:49:19 2015 From: chrjae at gmail.com (Christian Jaeger) Date: Fri, 17 Jul 2015 22:49:19 +0100 Subject: Helper to open "/doc/wiki/.." paths; suggestions In-Reply-To: References: Message-ID: 2015-07-17 22:12 GMT+01:00 Christian Jaeger : > (why the "!"? Is it a comment char?) To be clear, I got that explained to me on IRC; I was writing from the perspective of the newcomer. From tolga at ozses.net Sat Jul 18 05:28:56 2015 From: tolga at ozses.net (Muzaffer Tolga Ozses) Date: Sat, 18 Jul 2015 08:28:56 +0300 Subject: Dovecot - Telnet error In-Reply-To: <795BEC44-A345-44AD-A841-D901A08D798E@phpboy.co.za> References: <795BEC44-A345-44AD-A841-D901A08D798E@phpboy.co.za> Message-ID: It was indeed successful. You should be worried if you don't get the message. On 17 Jul 2015 20:01, "Shane James" wrote: > Port 110 is what you want > > > On 17 Jul 2015, at 17:43, Sachin Kulkarni1 > wrote: > > > > Hello All, > > > > I have installed dovecot and started it. > > > > However when I try to telnet getting below error means dovecot starting > is not successful. > > > > telnet localhost 10110 > > Trying 127.0.0.1... > > Connected to localhost. > > Escape character is '^]'. > > Connection to localhost closed by foreign host. > > > > Please advise. > > > > Thanks and Regards, > > Sachin Kulkarni > > > > > > > ============================================================================================================================ > > Disclaimer: This message and the information contained herein is > proprietary and confidential and subject to the Tech Mahindra policy > statement, you may review the policy at > http://www.techmahindra.com/Disclaimer.html externally > http://tim.techmahindra.com/tim/disclaimer.html internally within > TechMahindra. > > > ============================================================================================================================ > > > From edgar at pettijohn-web.com Sat Jul 18 11:18:14 2015 From: edgar at pettijohn-web.com (Edgar Pettijohn) Date: Sat, 18 Jul 2015 06:18:14 -0500 Subject: Dovecot - Telnet error In-Reply-To: References: <795BEC44-A345-44AD-A841-D901A08D798E@phpboy.co.za> Message-ID: <55AA35F6.6040400@pettijohn-web.com> try: $ telnet localhost imap On 07/18/15 00:28, Muzaffer Tolga Ozses wrote: > It was indeed successful. You should be worried if you don't get the > message. > On 17 Jul 2015 20:01, "Shane James" wrote: > >> Port 110 is what you want >> >>> On 17 Jul 2015, at 17:43, Sachin Kulkarni1 >> wrote: >>> Hello All, >>> >>> I have installed dovecot and started it. >>> >>> However when I try to telnet getting below error means dovecot starting >> is not successful. >>> telnet localhost 10110 >>> Trying 127.0.0.1... >>> Connected to localhost. >>> Escape character is '^]'. >>> Connection to localhost closed by foreign host. >>> >>> Please advise. >>> >>> Thanks and Regards, >>> Sachin Kulkarni >>> >>> >>> >> ============================================================================================================================ >>> Disclaimer: This message and the information contained herein is >> proprietary and confidential and subject to the Tech Mahindra policy >> statement, you may review the policy at >> http://www.techmahindra.com/Disclaimer.html externally >> http://tim.techmahindra.com/tim/disclaimer.html internally within >> TechMahindra. >> ============================================================================================================================ From krzf83 at gmail.com Sat Jul 18 23:10:17 2015 From: krzf83 at gmail.com (krzf83@gmail.com ) Date: Sun, 19 Jul 2015 01:10:17 +0200 Subject: bug in group permission check Message-ID: Jul 19 01:05:27 sv1 dovecot: auth: Error: passwd-file(aa at ddd,89...24,<>): stat(/usr/dovecot-cfg/dom-home/ddd/etc/ddd/shadow) failed: Permission denied (euid=33454(dovecot) egid=33454(dovecot) missing +x perm: /usr/dovecot-cfg/dom-home/ddd, we're not in group 33795(sysgroup), dir owned by 32072:33795 mode=0710) root at sv1 [~]# sudo -u dovecot groups dovecot sysgroup root at sv1 [~]# sudo -u dovecot cat /usr/dovecot-cfg/dom-home/ddd/etc/ddd/shadow It seems that dovecot incorecly checks for group permissions not even trying to access file - probably cant handle that dovecot is part of more than 1 group. When its part of single group problem is not occuring. From mysqlstudent at gmail.com Sun Jul 19 01:41:39 2015 From: mysqlstudent at gmail.com (Alex) Date: Sat, 18 Jul 2015 21:41:39 -0400 Subject: IMAP Folder Mail Separator In-Reply-To: References: Message-ID: Hi, >> I have a fedora21 install with dovecot-2.2.18, and when creating a new >> subfolder with thunderbird, the actual folder name is >> "Folder1^Folder2" with a carat as a separator, instead of creating >> Folder2 in the Folder1 directory. >> >> Is this a thunderbird problem? I don't recall having this problem >> prior to upgrading to fedora21, so thought maybe it's a dovecot >> problem. >> >> Maybe the separator character is customizable? > > > please post your old and the current configuration: > > doveconf -n > > http://wiki2.dovecot.org/MailboxFormat/Maildir > and > http://wiki2.dovecot.org/Plugins/Listescape > > seems to apply in your situation. Perhaps I'm just not understanding, but I've spent the last few days reading through those links, and I just don't understand. I'm really hoping my doveconf output will help. I've also understand this may be a long-standing thunderbird bug, but it worked up until a few months ago after a dovecot/fedora upgrade. # 2.2.18: /etc/dovecot/dovecot.conf # OS: Linux 4.0.7-300.fc22.x86_64 x86_64 Fedora release 22 (Twenty Two) default_client_limit = 2000 mail_gid = mail mail_location = mbox:~/mail:INBOX=/var/spool/mail/%u mail_privileged_group = mail mbox_write_locks = fcntl namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } passdb { driver = pam } protocols = imap pop3 service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } service imap-login { inet_listener imap { port = 0 } inet_listener imaps { port = 993 } process_min_avail = 20 service_count = 0 } service pop3-login { inet_listener pop3 { port = 0 } inet_listener pop3s { address = 192.168.1.100 port = 995 } } ssl_ca = Hello list, I'm hoping there is a user of the antispam plugin out there who might be able to lend a pointer or two. I am running dovecot 2.2.18 on FreeBSD 10 (doveconf -n attached), where I have installed the binary dovecot2-antispam-plugin package. I have put together what should, in my estimation, be a working configuration for the plugin. I have reviewed the man page and the online documentation, and I think at the *very least* I should be seeing errors for something not working correctly. However, what I have is a great deal more troubling. There is no sign on the plugin even attempting to load. No log entries, no errors, nothing. The plugin is definitely in the right place with the right name, since I let the package manager handle all of that for me root at zerolag:~ # ls -l /usr/local/lib/dovecot/lib90_antispam_plugin.so -rwxr-xr-x 1 root wheel 32488 Jul 2 09:41 /usr/local/lib/dovecot/lib90_antispam_plugin.so I am unable to make any sense of this. Thanks in advance for any pointers :) -- James Lott -------------- next part -------------- # 2.2.18: /usr/local/etc/dovecot/dovecot.conf # Pigeonhole version 0.4.8 (0c4ae064f307+) # OS: FreeBSD 10.1-RELEASE-p10 amd64 lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes lda_original_recipient_header = X-Original-To mail_location = maildir:~/mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate namespace inbox { inbox = yes location = mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Sent { auto = subscribe special_use = \Sent } mailbox Spam { auto = subscribe special_use = \Junk } mailbox Trash { auto = subscribe special_use = \Trash } prefix = separator = / } passdb { args = %s driver = pam } plugin { antispam_backend = crm114 antispam_crm_args = --fileprefix=/home/%u/spamdb/ antispam_crm_binary = /usr/local/etc/dovecot/filter/mailreaver.crm antispam_debug_target = syslog antispam_signature = X-CRM114-CacheID antispam_spam = Spam antispam_trash = Trash antispam_unsure = INBOX/Suspect recipient_delimiter = + sieve = file:~/filters;active=~/.main.sieve sieve_after = %h/.after.sieve sieve_before = %h/.before.sieve sieve_max_actions = 0 sieve_max_script_size = 0 } postmaster_address = mailstore at zerolag.lottspot.com protocols = imap sieve service auth { unix_listener auth-userdb { group = nobody mode = 0666 user = nobody } } service imap-login { service_count = 0 } service managesieve-login { inet_listener sieve { port = 4190 } service_count = 0 } userdb { driver = passwd } protocol lda { mail_plugins = " sieve" } protocol imap { mail_plugins = " antispam" ssl_cert = feature suggestion: wildcard in userdb aa:x:32009:32012::/home/usr/mail/bb::userdb_quota_rule=*:bytes=700M *:x:32009:32012::/home/usr/mail/bb: That would be usefull in many situation, for example to set default values per domain (userdb per domain) userdb { driver = passwd-file args = /usr/dovecot-cfg/userdb/%d } From guilhem at fripost.org Sun Jul 19 17:21:16 2015 From: guilhem at fripost.org (Guilhem Moulin) Date: Sun, 19 Jul 2015 19:21:16 +0200 Subject: "NOTIFY SET (mailboxes INBOX (...))" crashes the IMAP client Message-ID: <20150719172116.GA9515@localhost> Hi list, The NOTIFY extension (RFC 5465) works fine for mailboxes in the "virtual/" namespace, but it crashes the IMAP client when used with a mailbox in the empty "" namespace: ~$ /usr/lib/dovecot/imap * PREAUTH [CAPABILITY IMAP4rev1 ? NOTIFY SPECIAL-USE] Logged in as guilhem a NAMESPACE * NAMESPACE (("" "/")("virtual/" "/")) NIL NIL a OK Namespace completed. b NOTIFY SET (mailboxes virtual/all (MessageNew MessageExpunge)) b OK NOTIFY completed (0.001 secs). c NOTIFY SET (mailboxes INBOX (MessageNew MessageExpunge)) imap(guilhem): Panic: file mail-namespace.c: line 679 (mail_namespace_find): assertion failed: (ns != NULL) imap(guilhem): Error: Raw backtrace: ? Aborted The "subtree" mailbox filter has the same problem, but the non-parameterized ones ("inboxes", "personal" and "subscribed") work fine. You'll find the output of ?dovecot -n? enclosed. Cheers, -- Guilhem. -------------- next part -------------- # 2.2.18: /etc/dovecot/dovecot.conf # OS: Linux 4.0.0-2-686-pae i686 Debian stretch/sid listen = 127.0.0.1, ::1 mail_location = maildir:~/mail mail_plugins = virtual mailbox_list_index = yes namespace inbox { inbox = yes location = mailbox DRAFTS { auto = create special_use = \Drafts } mailbox SENT { auto = subscribe special_use = \Sent } mailbox SPAM { auto = create special_use = \Junk } mailbox TRASH { auto = create special_use = \Trash } mailbox virtual/all { special_use = \All } mailbox virtual/flagged { special_use = \Flagged } prefix = separator = / } namespace virtual { hidden = no list = no location = virtual:~/mail/virtual prefix = virtual/ separator = / } passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = " imap" service imap-login { inet_listener imap { port = 0 } inet_listener imaps { port = 0 } } ssl = no userdb { driver = passwd } -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: Digital signature URL: From guilhem at fripost.org Sun Jul 19 17:40:14 2015 From: guilhem at fripost.org (Guilhem Moulin) Date: Sun, 19 Jul 2015 19:40:14 +0200 Subject: RFC 5465 (NOTIFY) violation: missing HIGHESTMODSEQ in initial STATUS responses Message-ID: <20150719174014.GA30172@localhost> Quoting RFC 5465 (NOTIFY): ?If the NOTIFY command enables MessageNew, MessageExpunge, AnnotationChange, or FlagChange notifications for a mailbox other than the currently selected mailbox, and the client has specified the STATUS indicator parameter, then the server MUST send a STATUS response for that mailbox before NOTIFY's tagged OK. [?] If either AnnotationChange or FlagChange are included and the server also supports the CONDSTORE [RFC4551] and/or QRESYNC [RFC5162] extensions, the STATUS response MUST contain UIDVALIDITY and HIGHESTMODSEQ.? ? https://tools.ietf.org/html/rfc5465#section-3.1 While unsolicited STATUS responses include HIGHESTMODSEQ indeed, the initial STATUS responses (caused by the presence of the STATUS indicator) do not: ~$ /usr/lib/dovecot/imap * PREAUTH [CAPABILITY IMAP4rev1 ? CONDSTORE QRESYNC ? NOTIFY SPECIAL-USE] Logged in as guilhem a ENABLE QRESYNC * ENABLED QRESYNC a OK Enabled (0.000 secs). b NOTIFY SET STATUS (SUBSCRIBED (MessageNew MessageExpunge FlagChange)) * STATUS INBOX (MESSAGES 9069 UIDNEXT 109398 UIDVALIDITY 1312585007 UNSEEN 0) [?] b OK NOTIFY completed (0.008 secs). [time passes? a new message is delivered to INBOX] * STATUS INBOX (MESSAGES 9070 UIDNEXT 109399 UNSEEN 1 HIGHESTMODSEQ 22216) This defeats the purpose of the STATUS indicator for disconnected clients since they have to issue separate STATUS commands (or a LIST command if LIST-{EXTENDED,STATUS} have been advertized) to find out which mailboxes have got a new HIGHESTMODSEQ. Cheers, -- Guilhem. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: Digital signature URL: From edgar at pettijohn-web.com Sun Jul 19 18:16:33 2015 From: edgar at pettijohn-web.com (Edgar Pettijohn) Date: Sun, 19 Jul 2015 13:16:33 -0500 Subject: IMAP Folder Mail Separator In-Reply-To: References: Message-ID: <55ABE981.3050506@pettijohn-web.com> On 07/18/15 20:41, Alex wrote: > Hi, > >>> I have a fedora21 install with dovecot-2.2.18, and when creating a new >>> subfolder with thunderbird, the actual folder name is >>> "Folder1^Folder2" with a carat as a separator, instead of creating >>> Folder2 in the Folder1 directory. >>> >>> Is this a thunderbird problem? I don't recall having this problem >>> prior to upgrading to fedora21, so thought maybe it's a dovecot >>> problem. >>> >>> Maybe the separator character is customizable? >> >> please post your old and the current configuration: >> >> doveconf -n >> >> http://wiki2.dovecot.org/MailboxFormat/Maildir >> and >> http://wiki2.dovecot.org/Plugins/Listescape >> >> seems to apply in your situation. > Perhaps I'm just not understanding, but I've spent the last few days > reading through those links, and I just don't understand. I'm really > hoping my doveconf output will help. I've also understand this may be > a long-standing thunderbird bug, but it worked up until a few months > ago after a dovecot/fedora upgrade. > > # 2.2.18: /etc/dovecot/dovecot.conf > # OS: Linux 4.0.7-300.fc22.x86_64 x86_64 Fedora release 22 (Twenty Two) > default_client_limit = 2000 > mail_gid = mail > mail_location = mbox:~/mail:INBOX=/var/spool/mail/%u > mail_privileged_group = mail > mbox_write_locks = fcntl > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = > } > passdb { > driver = pam > } > passdb { > driver = pam > } > protocols = imap pop3 > service auth { > unix_listener /var/spool/postfix/private/auth { > group = postfix > mode = 0660 > user = postfix > } > } > service imap-login { > inet_listener imap { > port = 0 > } > inet_listener imaps { > port = 993 > } > process_min_avail = 20 > service_count = 0 > } > service pop3-login { > inet_listener pop3 { > port = 0 > } > inet_listener pop3s { > address = 192.168.1.100 > port = 995 > } > } > ssl_ca = ssl_cert = ssl_key = userdb { > driver = passwd > } > userdb { > driver = passwd > } > > Please let me know what other information I can provide to help > troubleshoot this. > > Thanks, > Alex I think this link will prove useful. http://wiki2.dovecot.org/MboxChildFolders From skdovecot at smail.inf.fh-brs.de Sun Jul 19 20:16:25 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen) Date: Sun, 19 Jul 2015 22:16:25 +0200 Subject: [Dovecot Antispam] Can't seem to load plugin In-Reply-To: <8713160.7DlvTLSdiB@arch_project> References: <8713160.7DlvTLSdiB@arch_project> Message-ID: <55AC0599.1050809@smail.inf.fh-brs.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 James Lott wrote: > > There is no sign on the plugin even attempting to load. No log > entries, no errors, nothing. The plugin is definitely in the right > place with the right name, since I let the package manager handle > all of that for me first, enabled logging: http://wiki2.dovecot.org/Logging mail_debug=yes - -- Steffen -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (Darwin) iQEVAwUBVawFmHz1H7kL/d9rAQLKBAgAmELgzEkoejk3myXxpW7DQIBroRI05lSo RtL/MWm2rMtSuY+97cVgnX/8c6V/m6Ea5KgGyhMm4I/ZBfEHW2RsEeLQ4qEUzs+m d8dESDFjyB/3ILmTctjaVecHBAn0UXZOHouiCuq7lROKwT4/XVZ7kO+Sjm30mtlw yxw0+E41RDbS3pzDjrrKpkE968DtqWo3wM7mCq49zqcyEZClF/EIwmqRVEVAD7BT ZspsI74iU0ZdDQiAMi26boc96Gz1IJRFl0g2TxVtKard02p1fNkGxm6JER5onxgz 2VgTP7hUJy54PFhyxQQ4Mmo+gXwxokmJ+icFVsBFv7Rqsf93ps/ZXQ== =tpQW -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Sun Jul 19 20:35:47 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen) Date: Sun, 19 Jul 2015 22:35:47 +0200 Subject: bug in group permission check In-Reply-To: References: Message-ID: <55AC0A23.7090703@smail.inf.fh-brs.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 krzf83 at gmail.com wrote: > Jul 19 01:05:27 sv1 dovecot: auth: Error: > passwd-file(aa at ddd,89...24,<>): > stat(/usr/dovecot-cfg/dom-home/ddd/etc/ddd/shadow) failed: > Permission denied (euid=33454(dovecot) egid=33454(dovecot) missing > +x perm: /usr/dovecot-cfg/dom-home/ddd, we're not in group > 33795(sysgroup), dir owned by 32072:33795 mode=0710) > > root at sv1 [~]# sudo -u dovecot groups dovecot sysgroup :-) You probably didn't read for what this user is used: http://wiki2.dovecot.org/UserIds See Authentication process user Do you run SELinux? > > root at sv1 [~]# sudo -u dovecot cat > /usr/dovecot-cfg/dom-home/ddd/etc/ddd/shadow file> > > It seems that dovecot incorecly checks for group permissions not > even trying to access file - probably cant handle that dovecot is > part of more than 1 group. When its part of single group problem is > not occuring. > - -- Steffen -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (Darwin) iQEVAwUBVawKI3z1H7kL/d9rAQIbAQgAthF1D2WS6Q8g3/sgkURG9KWoqCKlmcC2 M3oaKupQb9qniu6IaN7j44jhEgHx9sz8sVI0OYAPI6lIGZH/jBGXCE0CRg0ydGpJ ORJbmKbsZwxpA5R7tE/B0z9Aji1DNI89Em4MxaBZxtWApxwNtrVYfGWHgQotuzKp J5wTKSm9L06lcy6XU08VUzDzd12ch+zznqhf44EpbjEO9gfMkpMX9i6oRGaMc+pu e7pbbM51G3+fEZ3YaueQjvcjIcteb8COisI0bHvTeX8wd6Z7X6nmGpcQWcpp85xA 1pD9XtohxNrWERDJ7MmkpToNLJ7F27KgncW9Mha8T8u5LUeT2GNeDg== =gdG6 -----END PGP SIGNATURE----- From sebastian.kricner at tuxwave.net Tue Jul 14 03:53:18 2015 From: sebastian.kricner at tuxwave.net (Sebastian Kricner) Date: Tue, 14 Jul 2015 05:53:18 +0200 Subject: doveadm search -A problem with dropped privileges Message-ID: <20150714035317.GA6292@cluster-node1.tuxwave.net> Hello, if you want to answer to this mail, please send it directly to me. I have found a big issue with the following command "doveadm -search -A". It whatsoever works by setting doveadm_worker_count = 0 in the dovecot.conf configuration file. The problem is that doveadm-server or something similar uses privileges of "nobody" and so it fails searching e-mails. Instead also the process tries to create a maildir for "nobody": Debug: Namespace : /var/mail/nobody doesn't exist yet, using default permissions Debug: Namespace : Using permissions from /var/mail/nobody: mode=0700 gid=default Error: User initialization failed: Namespace '': mkdir(/var/mail/nobody) failed: Permission denied (euid=65534(nobody) egid=65534(nobody) missing +w perm: /var/mail, we're not in group 12(mail), dir owned by 0:12 mode=0775) Error: search: User init failed Error: userdb lookup: connect(/var/run/dovecot//auth-userdb) failed: Permission denied (euid=65534(nobody) egid=65534(nobody) missing +r perm: /var/run/dovecot//auth-userdb, we're not in group 12(mail), dir owned by 0:0 mode=0755) Error: search: User lookup failed: Internal error occurred. Refer to server log for more information. Even after setting permissions, so that the process can create a maildir for "nobody" in the /var/mail location, it fails to "setresgid" to the particular user to be scanned. It can?t work because it is not possible to gain other user privileges from another user. # 2.2.16: /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.7 # OS: Linux Gentoo Base System release 2.2 auth_cache_negative_ttl = xx mins auth_cache_size = xx M auth_cache_ttl = xx mins auth_mechanisms = xx xx auth_worker_max_count = xx base_dir = /var/run/dovecot/ default_process_limit = xx dict { expire = sqlite:/xx } doveadm_worker_count = 1 first_valid_gid = xx first_valid_uid = xx login_greeting = xx.xx mail_location = maildir:/xx/xx/%u mail_privileged_group = xx managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate passdb { args = scheme=SHA512 /xx/xx/xx.xx driver = passwd-file } plugin { expire = xx expire2 = xx expire_dict = proxy::expire sieve = ~/.xx.xx sieve_dir = ~/.xx } protocols = imap sieve service auth { unix_listener auth-client { group = xx mode = 0660 } unix_listener auth-userdb { group = xx mode = 0660 } } service dict { unix_listener dict { mode = 0666 } } service imap-login { inet_listener imap { port = 0 } process_limit = 6 service_count = 1 } ssl_cert = From james at lottspot.com Mon Jul 20 03:33:08 2015 From: james at lottspot.com (James Lott) Date: Sun, 19 Jul 2015 20:33:08 -0700 Subject: [Dovecot Antispam] Can't seem to load plugin In-Reply-To: <55AC0599.1050809@smail.inf.fh-brs.de> References: <8713160.7DlvTLSdiB@arch_project> <55AC0599.1050809@smail.inf.fh-brs.de> Message-ID: <1520587.R0zqMdLBSh@arch_project> Thanks for the pointer! Thanks to the enabled debug logging, I can now see that the plugin is at least loading root at zerolag:/usr/local/etc/dovecot # grep antispam /var/log/debug.log Jul 19 20:02:30 zerolag dovecot: imap(james.lott): Debug: Module loaded: /usr/local/lib/dovecot/lib90_antispam_plugin.so Jul 19 20:02:35 zerolag dovecot: imap(james.lott): Debug: Module loaded: /usr/local/lib/dovecot/lib90_antispam_plugin.so Jul 19 20:02:46 zerolag dovecot: imap(james.lott): Debug: Module loaded: /usr/local/lib/dovecot/lib90_antispam_plugin.so Jul 19 20:04:20 zerolag dovecot: imap(james.lott): Debug: Module loaded: /usr/local/lib/dovecot/lib90_antispam_plugin.so That seems to be about all I get though. Still nothing to indicate errors, and nothing to indicate that anything is being done when I move messages into spam. I suppose that probably means I've configured the folder paths incorrectly. I'll have to keep beating my head against it and see where it takes me. On Sunday, July 19, 2015 22:16:25 Steffen wrote: > James Lott wrote: > > There is no sign on the plugin even attempting to load. No log > > entries, no errors, nothing. The plugin is definitely in the right > > place with the right name, since I let the package manager handle > > all of that for me > > first, enabled logging: > http://wiki2.dovecot.org/Logging > > mail_debug=yes > > > -- > Steffen -- James Lott From ml+dovecot at valo.at Mon Jul 20 06:20:02 2015 From: ml+dovecot at valo.at (Christian Kivalo) Date: Mon, 20 Jul 2015 08:20:02 +0200 Subject: [Dovecot Antispam] Can't seem to load plugin In-Reply-To: <1520587.R0zqMdLBSh@arch_project> References: <8713160.7DlvTLSdiB@arch_project> <55AC0599.1050809@smail.inf.fh-brs.de> <1520587.R0zqMdLBSh@arch_project> Message-ID: > > That seems to be about all I get though. Still nothing to indicate > errors, and > nothing to indicate that anything is being done when I move messages > into > spam. I suppose that probably means I've configured the folder paths > incorrectly. I'll have to keep beating my head against it and see where > it > takes me. > it would help to see your dovecot -n output here. - christian From ml+dovecot at valo.at Mon Jul 20 06:39:54 2015 From: ml+dovecot at valo.at (Christian Kivalo) Date: Mon, 20 Jul 2015 08:39:54 +0200 Subject: [Dovecot Antispam] Can't seem to load plugin In-Reply-To: References: <8713160.7DlvTLSdiB@arch_project> <55AC0599.1050809@smail.inf.fh-brs.de> <1520587.R0zqMdLBSh@arch_project> Message-ID: <7dfa5031b88f8604c3e17b91321bbc57@valo.at> On 2015-07-20 08:20, Christian Kivalo wrote: >> >> That seems to be about all I get though. Still nothing to indicate >> errors, and >> nothing to indicate that anything is being done when I move messages >> into >> spam. I suppose that probably means I've configured the folder paths >> incorrectly. I'll have to keep beating my head against it and see >> where it >> takes me. >> > > it would help to see your dovecot -n output here. > Ok, found it in the first mail... Do these folders exist in the filesystem? The case matches? I use antispam_{spam,trash}_pattern_ignorecase and don't care about the case of the folders... plugin { antispam_backend = crm114 antispam_crm_args = --fileprefix=/home/%u/spamdb/ antispam_crm_binary = /usr/local/etc/dovecot/filter/mailreaver.crm antispam_debug_target = syslog antispam_signature = X-CRM114-CacheID antispam_spam = Spam antispam_trash = Trash antispam_unsure = INBOX/Suspect i don't know crm114 but this looks ok to me. you could try antispam_verbose_debug = 1 to get more verbose logging from the antispam plugin regards - christian From james at lottspot.com Mon Jul 20 12:59:55 2015 From: james at lottspot.com (James Lott) Date: Mon, 20 Jul 2015 05:59:55 -0700 Subject: [Dovecot Antispam] Can't seem to load plugin In-Reply-To: <7dfa5031b88f8604c3e17b91321bbc57@valo.at> References: <8713160.7DlvTLSdiB@arch_project> <7dfa5031b88f8604c3e17b91321bbc57@valo.at> Message-ID: <3186979.3bs3uli4SQ@arch_project> So I modified my configuration a couple times just to try and get any results from the plugin. I commented out my backend configuration, and finally got the plugin to log something. root at zerolag:/usr/local/etc/dovecot # grep antispam /var/log/maillog Jul 20 05:27:50 zerolag dovecot: imap(james.lott): Error: antispam plugin backend is not selected for this user At this point, I'll take it. After that I modified my antispam configuration and changed up my directory hierarchy a bit root at zerolag:/home/james.lott/mail # ls -1 .Archive .Drafts .Notes .Sent .Spam .Suspect .Trash cur dovecot-uidlist dovecot-uidvalidity dovecot-uidvalidity.55a4236f dovecot.index dovecot.index.cache dovecot.index.log dovecot.index.log.2 dovecot.index.thread dovecot.mailbox.log new subscriptions tmp plugin { antispam_debug_target = syslog antispam_verbose_debug = 1 antispam_trash_pattern_ignorecase = Trash antispam_spam_pattern_ignorecase = Spam antispam_unsure_pattern_ignorecase = Suspect antispam_backend = spool2dir antispam_spool2dir_spam = /home/%u/unprocessed/spam-%%lu-%%lu antispam_spool2dir_notspam = /home/%u/unprocessed/ham-%%lu-%%lu } After reloading with this configuration and moving a piece of spam into the spam folder... root at zerolag:/home/james.lott/mail # ls -lah ../unprocessed/ total 12 drwxr-xr-x 2 james.lott mail 512B Jul 20 05:50 . drwxr-xr-x 9 james.lott mail 1.0K Jul 20 05:44 .. -rw------- 1 james.lott mail 2.1K Jul 20 05:50 spam-1437396653-1 Success! Unfortunately, though, I also noticed that action was not logged. So it seems that logging in this plugin is just completely bunk. Still no dice after switching to the crm backend though, so something about the way I've set that up must not be working. This is mega progress though. Thanks for the tips everyone! On Monday, July 20, 2015 08:39:54 Christian Kivalo wrote: > On 2015-07-20 08:20, Christian Kivalo wrote: > >> That seems to be about all I get though. Still nothing to indicate > >> errors, and > >> nothing to indicate that anything is being done when I move messages > >> into > >> spam. I suppose that probably means I've configured the folder paths > >> incorrectly. I'll have to keep beating my head against it and see > >> where it > >> takes me. > > > > it would help to see your dovecot -n output here. > > Ok, found it in the first mail... > > Do these folders exist in the filesystem? The case matches? > I use antispam_{spam,trash}_pattern_ignorecase and don't care about the > case of the folders... > > plugin { > antispam_backend = crm114 > antispam_crm_args = --fileprefix=/home/%u/spamdb/ > antispam_crm_binary = /usr/local/etc/dovecot/filter/mailreaver.crm > antispam_debug_target = syslog > antispam_signature = X-CRM114-CacheID > antispam_spam = Spam > antispam_trash = Trash > antispam_unsure = INBOX/Suspect > > i don't know crm114 but this looks ok to me. > > you could try > > antispam_verbose_debug = 1 > > to get more verbose logging from the antispam plugin > > regards > - christian -- James Lott From dominik at zwackl.de Mon Jul 20 15:06:44 2015 From: dominik at zwackl.de (dominik) Date: Mon, 20 Jul 2015 17:06:44 +0200 Subject: Problems with IMAP/POP and dovecot director on backend =?UTF-8?Q?=28director=5Fproxy=5Fmaybe=29?= Message-ID: Hello dovecot community, first of all: dovecot ist great! ;) ...nevertheless I?ve got some problems to get my director scenario running as needed/expected :( My scenario: I?d like to configure two dovecot backends, without the need for multiple dovecot instances. Both backend servers are active/active and act on top of a glusterfs storage, which implies the need for dovecot director. As described in release notes (v2.2.17) this should be possible by setting the extra field "director_proxy_maybe=yes".: "+ director: Implemented director_proxy_maybe passdb extra field to be able to run director and backend in the same Dovecot instance. (LMTP doesn't support mixed proxy/non-proxy destinations currently.)" My setup: * 1 LMTP client (SLES11p3 with postfix) * 1 IMAP/POP3 client (Debian8 with thunderbird 31.6.0): 10.0.0.26. The client connects through a dovecot mailproxy or direct. * 1 dovecot mailproxy: 10.0.1.151 * 2 mailbox backends running dovecot v2.2.18 on SLES11p3 with mail_location pointing to a glusterfs-mountpoint (GlusterFS: v3.6.3) * mailbox01.example.de: 10.0.2.21 * mailbox02.example.de: 10.0.2.22 * mailbox-gluster.example.de points as an A-RR to 10.0.2.21 and 10.0.2.22. My problem: With LMTP everything works fine (thanks for this!). The director sets the "host" field correctly and all delivery attempts work fine to the estimated backend servers. But when I try to connect via IMAP-/POP3-client (through proxy or direct) it fails with following log messages. It seems, that the director doesn?t set the host field within IMAP/POP sessions before proxying!? auth: Debug: auth client connected (pid=46359) imap-login: ID sent: x-session-id=V3iJmU4biAAK/BAa, x-originating-ip=10.0.0.26, x-originating-port=54408, x-connected-ip=10.0.1.151, x-connected-port=143, x-proxy-ttl=4: user=<>, rip=10.0.1.151, lip=10.0.2.21, session= auth: Debug: client in: AUTH 1 PLAIN service=imap session=RVnAm04bzwAK/FCX lip=10.0.2.21 rip=10.0.1.151 lport=143 rport=54735 resp= auth: Debug: ldap(tester at example.de,10.0.1.151,): bind search: base=o=example,c=de filter=(&(|(uid=tester at example.de)(mail=tester at example.de))(!()) [...] auth: Debug: client passdb out: OK 1 user=tester at example.de director_proxy_maybe=yes lip=10.0.2.21 lport=143 proxy pass= imap-login: Debug: Ignoring unknown passdb extra field: director_proxy_maybe imap-login: Debug: Ignoring unknown passdb extra field: lip imap-login: Debug: Ignoring unknown passdb extra field: lport imap-login: Error: proxy: host not given: user=, method=PLAIN, rip=10.0.2.151, lip=10.0.2.21, session= imap-login: Disconnected (internal failure, 1 successful auths): user=, method=PLAIN, rip=10.0.2.151, lip=10.0.2.21, session= Finally the output of "doveadm proxy list" is empty! "doveadm director map" output after a successfull LMTP delivery attempt (before: doveadm director flush all): user hash mail server ip expire time tester at example.de 856838019 10.0.2.21 2015-07-20 15:49:18 "doveadm director map" output after a failed IMAP session attempt (before: doveadm director flush all): user hash mail server ip expire time tester at example.de 856838019 10.0.2.21 2015-07-20 15:50:02 So, director seems to work in this constellation, but only for LMTP and not for IMAP/POP Proxy :( Has anybody configured this before? Thanks in advance and a lot of greetings from Germany, Dominik ############ My config (mailbox01.example.de. mailbox02.example.de is identical, except the hostname): # doveconf -n # 2.2.18: /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.8 (0c4ae064f307+) # OS: Linux 3.0.101-0.46-default x86_64 SUSE Linux Enterprise Server 11 (x86_64) auth_cache_negative_ttl = 0 auth_cache_ttl = 5 mins auth_debug = yes auth_master_user_separator = "#" auth_mechanisms = plain login auth_verbose = yes auth_verbose_passwords = sha1 director_consistent_hashing = yes director_mail_servers = mailbox-gluster.example.de director_servers = 10.0.2.21:9090 10.0.2.22:9090 disable_plaintext_auth = no imap_metadata = yes listen = mailbox01.example.de lmtp_proxy = yes lmtp_save_to_detail_mailbox = yes lock_method = dotlock login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c session=<%{session}> %k login_trusted_networks = 10.0.2.0/24 mail_access_groups = dovecot mail_attribute_dict = file:Maildir/dovecot-metadata mail_debug = yes mail_fsync = always mail_location = maildir:~/Maildir/ mail_plugins = quota acl managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mmap_disable = yes namespace { inbox = yes location = mailbox Archiv { special_use = \Archive } mailbox Entw?rfe { special_use = \Drafts } mailbox "Gel?schte Objekte" { special_use = \Trash } mailbox "Gesendete Objekte" { special_use = \Sent } mailbox Sent { special_use = \Sent } mailbox Trash { special_use = \Trash } mailbox unerw?nscht { special_use = \Junk } prefix = INBOX/ separator = / } namespace { disabled = yes list = children location = maildir:%%h/:INDEXPVT=~/dovecot.index.shared/%%u/ prefix = SHARED/%%u/ separator = / type = shared } passdb { args = /***********/passwd.masterusers driver = passwd-file master = yes } passdb { args = /etc/dovecot/ldap.conf driver = ldap } plugin { acl = vfile acl_shared_dict = file:/var/lib/dovecot/db/shared-mailboxes.db } postmaster_address = postmaster@%d protocols = " imap lmtp pop3" service auth-worker { user = $default_internal_user } service auth { unix_listener /var/spool/postfix/private/saslauth_via_dovecot { group = postfix mode = 0660 user = postfix } unix_listener auth-userdb { mode = 0666 user = dovecot } } service director { fifo_listener login/proxy-notify { mode = 0600 user = $default_login_user } inet_listener { port = 9090 } unix_listener director-userdb { mode = 0666 } unix_listener login/director { mode = 0666 } } service doveadm { inet_listener { port = 24245 } } service imap-login { executable = imap-login director inet_listener imaps { port = 0 } } service ipc { unix_listener ipc { user = dovecot } } service lmtp { inet_listener lmtp { port = 24 } } service managesieve-login { inet_listener sieve { address = mailbox01.example.de } } service pop3-login { executable = pop3-login director } ssl = no ssl_cipher_list = kEECDH+aRSA+AES256:kEDH+aRSA+AES256:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA ssl_dh_parameters_length = 4096 ssl_options = no_compression ssl_prefer_server_ciphers = yes ssl_protocols = !SSLv2 !SSLv3 !TLSv1.1 userdb { args = /etc/dovecot/ldap.conf driver = ldap } verbose_proctitle = yes protocol lmtp { auth_socket_path = director-userdb mail_plugins = quota notify mail_log } protocol imap { imap_id_log = * mail_plugins = quota fts fts_squat imap_quota mail_log notify acl imap_acl } protocol pop3 { mail_plugins = quota acl pop3_uidl_format = %fan } ################ My /etc/dovecot/ldap.conf: uris = ldap://ldap.example.de pass_filter = (&(|(uid=%u)(mail=%u))(!())) pass_attrs = =proxy_maybe=yes, \ =director_proxy_maybe=yes user_filter = (&(|(uid=%u)(mail=%u)(mailAlternateAddress=%u))(!())) user_attrs = =master_user=%u, \ =uid=%{ldap:qmailUID:12345}, \ =gid=%{ldap:qmailGID:12345}, \ =home=/mnt/testvol2/%{ldap:mailMessageStore}/%1{ldap:mail}/%{ldap:mail}/, \ =quota_rule=*:bytes=%{ldap:mailQuotaSize:128M} iterate_attrs = mail=user iterate_filter = (objectClass=qmailuser) From cms at balius.com Mon Jul 20 17:29:22 2015 From: cms at balius.com (Chad M Stewart) Date: Mon, 20 Jul 2015 12:29:22 -0500 Subject: dovecot proxy/director and high availability design Message-ID: I'm trying to determine which dovecot components to use and how to order them in the network path from client to mail store. If I have say 1,000 users, all stored in MySQL (or LDAP) and have 4 mail stores, configured into 2, 2 node pods. MS1 and MS2 are pod1 and are configured with replication (dsync) and host users 0-500. MS3 and MS4 are pod2 and are configured with replication between them and host users 501-1000. Ideally the active connections in pod1 would be split 50/50 between MS1 and MS2. When maintenance is performed obviously all active connections/users would be moved to the other node in the pod and then rebalanced once maintenance is completed. I'm not sure if I need to use both the proxy and director, or just one or the other? If both then what is the proper path, from a network perspective? I like the functionality director provides, being able to add/remove servers on the fly and adjust connections, etc.. But from what I've read director needs to know about all mail servers. The problem is that not all servers host all users. User100 could be serviced by ms1 or ms2, but not by ms3 or ms4. I'm trying to design a system that should provide as close to 99.999% service availability as possible. Thank you, Chad From laz at paravis.net Mon Jul 20 18:04:47 2015 From: laz at paravis.net (Laz C. Peterson) Date: Mon, 20 Jul 2015 11:04:47 -0700 Subject: dovecot proxy/director and high availability design In-Reply-To: References: Message-ID: I?m trying to do this too. But the goal would be simply for automatic failover to the other datacenter. Everything is working if the server?s unique hostname is entered, but I want to do something like round robin DNS that mail clients will automatically attempt to connect to the other IP if they cannot get to the first address. Unfortunately mail applications don?t really do this like web browsers do ? ~ Laz Peterson Paravis, LLC > On Jul 20, 2015, at 10:29 AM, Chad M Stewart wrote: > > > I'm trying to determine which dovecot components to use and how to order them in the network path from client to mail store. > > > If I have say 1,000 users, all stored in MySQL (or LDAP) and have 4 mail stores, configured into 2, 2 node pods. > > > MS1 and MS2 are pod1 and are configured with replication (dsync) and host users 0-500. MS3 and MS4 are pod2 and are configured with replication between them and host users 501-1000. Ideally the active connections in pod1 would be split 50/50 between MS1 and MS2. When maintenance is performed obviously all active connections/users would be moved to the other node in the pod and then rebalanced once maintenance is completed. > > I'm not sure if I need to use both the proxy and director, or just one or the other? If both then what is the proper path, from a network perspective? I like the functionality director provides, being able to add/remove servers on the fly and adjust connections, etc.. But from what I've read director needs to know about all mail servers. The problem is that not all servers host all users. User100 could be serviced by ms1 or ms2, but not by ms3 or ms4. > > I'm trying to design a system that should provide as close to 99.999% service availability as possible. > > > > Thank you, > Chad From rs at sys4.de Mon Jul 20 18:30:10 2015 From: rs at sys4.de (Robert Schetterer) Date: Mon, 20 Jul 2015 20:30:10 +0200 Subject: dovecot proxy/director and high availability design In-Reply-To: References: Message-ID: <55AD3E32.8070203@sys4.de> Am 20.07.2015 um 20:04 schrieb Laz C. Peterson: > I?m trying to do this too. But the goal would be simply for automatic failover to the other datacenter. Everything is working if the server?s unique hostname is entered, but I want to do something like round robin DNS that mail clients will automatically attempt to connect to the other IP if they cannot get to the first address. Unfortunately mail applications don?t really do this like web browsers do ? think about using loadbalancers before directors/proxies with checks, i dont think you will goal with round robin dns etc for real world setups > > ~ Laz Peterson > Paravis, LLC > >> On Jul 20, 2015, at 10:29 AM, Chad M Stewart wrote: >> >> >> I'm trying to determine which dovecot components to use and how to order them in the network path from client to mail store. >> >> >> If I have say 1,000 users, all stored in MySQL (or LDAP) and have 4 mail stores, configured into 2, 2 node pods. >> >> >> MS1 and MS2 are pod1 and are configured with replication (dsync) and host users 0-500. MS3 and MS4 are pod2 and are configured with replication between them and host users 501-1000. Ideally the active connections in pod1 would be split 50/50 between MS1 and MS2. When maintenance is performed obviously all active connections/users would be moved to the other node in the pod and then rebalanced once maintenance is completed. >> >> I'm not sure if I need to use both the proxy and director, or just one or the other? If both then what is the proper path, from a network perspective? I like the functionality director provides, being able to add/remove servers on the fly and adjust connections, etc.. But from what I've read director needs to know about all mail servers. The problem is that not all servers host all users. User100 could be serviced by ms1 or ms2, but not by ms3 or ms4. >> >> I'm trying to design a system that should provide as close to 99.999% service availability as possible. >> >> >> >> Thank you, >> Chad Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From cms at balius.com Tue Jul 21 00:32:49 2015 From: cms at balius.com (Chad M Stewart) Date: Mon, 20 Jul 2015 19:32:49 -0500 Subject: dovecot proxy/director and high availability design In-Reply-To: References: Message-ID: <532072C4-09C5-44C1-B3D4-8969278FE7FA@balius.com> Round-robin DNS last I checked can be fraught with issues. While doing something else I came up with this idea: Clients --> Load Balancer(HAProxy) --> Dovecot Proxy(DP) --> Dovecot Director(DD) --> MS1 / MS2. When DP checks say user100 it'll find a host=DD-POD1 that returns two IPs, those of the two DD that sit in front of POD1. This DD pair is the only pair in the ring and only responsible for POD1. Another pair will handle POD2. When DD looks up the host value for a user it'll find the same name, but the IPs returned will be different. Instead have both IPs of the mail stores returned. I believe this will achieve what I'm after. HAProxy will do the load balancing of the DP instances. DP will balance the DDs, and DDs will do its job well and ensure that say user300 has all of their connections sent to MS1. When I need to do maintenance on MS1 I can use the DD pair for POD1 to gently move the connections to MS2, etc.. I could also make each POD a 2+1 cluster, so a silent but up-to-date and replicated store sits there waiting should it be needed, or even a 2+2 cluster. After all "two is one, and one is none". Not sure when I'll get time to implement/test this out, but in theory it sounds reasonable. I admit its a fair amount of moving parts and areas for failure but I think it maybe the balance needed to achieve the service level availability I'm after while still allowing for maintenance on the systems w/o clients noticing. -Chad On Jul 20, 2015, at 1:04 PM, Laz C. Peterson wrote: > I?m trying to do this too. But the goal would be simply for automatic failover to the other datacenter. Everything is working if the server?s unique hostname is entered, but I want to do something like round robin DNS that mail clients will automatically attempt to connect to the other IP if they cannot get to the first address. Unfortunately mail applications don?t really do this like web browsers do ? > > ~ Laz Peterson > Paravis, LLC > >> On Jul 20, 2015, at 10:29 AM, Chad M Stewart wrote: >> >> >> I'm trying to determine which dovecot components to use and how to order them in the network path from client to mail store. >> >> >> If I have say 1,000 users, all stored in MySQL (or LDAP) and have 4 mail stores, configured into 2, 2 node pods. >> >> >> MS1 and MS2 are pod1 and are configured with replication (dsync) and host users 0-500. MS3 and MS4 are pod2 and are configured with replication between them and host users 501-1000. Ideally the active connections in pod1 would be split 50/50 between MS1 and MS2. When maintenance is performed obviously all active connections/users would be moved to the other node in the pod and then rebalanced once maintenance is completed. >> >> I'm not sure if I need to use both the proxy and director, or just one or the other? If both then what is the proper path, from a network perspective? I like the functionality director provides, being able to add/remove servers on the fly and adjust connections, etc.. But from what I've read director needs to know about all mail servers. The problem is that not all servers host all users. User100 could be serviced by ms1 or ms2, but not by ms3 or ms4. >> >> I'm trying to design a system that should provide as close to 99.999% service availability as possible. >> >> >> >> Thank you, >> Chad From james at lottspot.com Tue Jul 21 03:53:10 2015 From: james at lottspot.com (james at lottspot.com) Date: Mon, 20 Jul 2015 20:53:10 -0700 Subject: [Dovecot Antispam] Can't seem to load plugin In-Reply-To: <3186979.3bs3uli4SQ@arch_project> References: <8713160.7DlvTLSdiB@arch_project> <7dfa5031b88f8604c3e17b91321bbc57@valo.at> <3186979.3bs3uli4SQ@arch_project> Message-ID: So after being totally dumbfounded by what the hell could possibly be happening in the CRM114 backend that would just produce silent failure, I decided to go for a wrapper script using the mailtrain backend. Here's what I drummed up plugin { antispam_trash_pattern_ignorecase = Trash antispam_spam_pattern_ignorecase = Spam antispam_unsure_pattern_ignorecase = Suspect antispam_backend = mailtrain antispam_mail_sendmail = /usr/local/etc/dovecot/filter/mailreaver.sh antispam_mail_sendmail_args = %h antispam_mail_spam = --spam antispam_mail_notspam = --good } Where mailreaver.sh is: #!/bin/sh #DEBUG=1 TARGET='mailreaver.crm' USRHOME=$1 ACTION=$2 SPAMDB="$USRHOME/spamdb" LOGFILE="$USRHOME/logs/antispam" DEBUGLOG='/dev/null' test $DEBUG && DEBUGLOG="$LOGFILE" STAMP=$(date +'[%Y %b %d %H:%M:%S]') exec 1>>$DEBUGLOG exec 2>>$LOGFILE cd $SPAMDB printf '%s In %s: Executing: %s\n' "$STAMP" "$PWD" "./$TARGET $ACTION" >> $LOGFILE exec ./$TARGET $ACTION Using this method I figured out that the problem was I had neglected to set mailtrainer.crm as executable. A very simple oversight, but one that was insanely frustrating to figure out since it wasn't producing any log messages. I think I'll continue to use this backend so that I can log each action, and would personally recommend that anyone using CRM do something similar rather than using the builtin CRM backend. Hopefully this is helpful to someone, someday :) On 2015-07-20 05:59, James Lott wrote: > So I modified my configuration a couple times just to try and get any > results > from the plugin. I commented out my backend configuration, and finally > got the > plugin to log something. > > root at zerolag:/usr/local/etc/dovecot # grep antispam /var/log/maillog > Jul 20 05:27:50 zerolag dovecot: imap(james.lott): Error: antispam > plugin > backend is not selected for this user > > At this point, I'll take it. > > After that I modified my antispam configuration and changed up my > directory > hierarchy a bit > > root at zerolag:/home/james.lott/mail # ls -1 > .Archive > .Drafts > .Notes > .Sent > .Spam > .Suspect > .Trash > cur > dovecot-uidlist > dovecot-uidvalidity > dovecot-uidvalidity.55a4236f > dovecot.index > dovecot.index.cache > dovecot.index.log > dovecot.index.log.2 > dovecot.index.thread > dovecot.mailbox.log > new > subscriptions > tmp > > plugin { > antispam_debug_target = syslog > antispam_verbose_debug = 1 > antispam_trash_pattern_ignorecase = Trash > antispam_spam_pattern_ignorecase = Spam > antispam_unsure_pattern_ignorecase = Suspect > antispam_backend = spool2dir > antispam_spool2dir_spam = /home/%u/unprocessed/spam-%%lu-%%lu > antispam_spool2dir_notspam = /home/%u/unprocessed/ham-%%lu-%%lu > } > > After reloading with this configuration and moving a piece of spam into > the > spam folder... > > root at zerolag:/home/james.lott/mail # ls -lah ../unprocessed/ > total 12 > drwxr-xr-x 2 james.lott mail 512B Jul 20 05:50 . > drwxr-xr-x 9 james.lott mail 1.0K Jul 20 05:44 .. > -rw------- 1 james.lott mail 2.1K Jul 20 05:50 spam-1437396653-1 > > Success! Unfortunately, though, I also noticed that action was not > logged. So > it seems that logging in this plugin is just completely bunk. > > Still no dice after switching to the crm backend though, so something > about > the way I've set that up must not be working. This is mega progress > though. > Thanks for the tips everyone! > > On Monday, July 20, 2015 08:39:54 Christian Kivalo wrote: >> On 2015-07-20 08:20, Christian Kivalo wrote: >> >> That seems to be about all I get though. Still nothing to indicate >> >> errors, and >> >> nothing to indicate that anything is being done when I move messages >> >> into >> >> spam. I suppose that probably means I've configured the folder paths >> >> incorrectly. I'll have to keep beating my head against it and see >> >> where it >> >> takes me. >> > >> > it would help to see your dovecot -n output here. >> >> Ok, found it in the first mail... >> >> Do these folders exist in the filesystem? The case matches? >> I use antispam_{spam,trash}_pattern_ignorecase and don't care about >> the >> case of the folders... >> >> plugin { >> antispam_backend = crm114 >> antispam_crm_args = --fileprefix=/home/%u/spamdb/ >> antispam_crm_binary = /usr/local/etc/dovecot/filter/mailreaver.crm >> antispam_debug_target = syslog >> antispam_signature = X-CRM114-CacheID >> antispam_spam = Spam >> antispam_trash = Trash >> antispam_unsure = INBOX/Suspect >> >> i don't know crm114 but this looks ok to me. >> >> you could try >> >> antispam_verbose_debug = 1 >> >> to get more verbose logging from the antispam plugin >> >> regards >> - christian From tech2mani at gmail.com Tue Jul 21 08:35:35 2015 From: tech2mani at gmail.com (Chandran Manikandan) Date: Tue, 21 Jul 2015 16:35:35 +0800 Subject: Client Limit reached in Dovecot Message-ID: Dear Friends, I have faced below issues since two weeks to till now. Could anyone help me to rectify this issue. Below message retrieve from logs and getting disconnection from Outlook and other email clients. Error Message Jul 20 10:33:35 master: Warning: service(imap-login): process_limit (100) reached, client connections are being dropped My local.conf from dovecot folder protocol imap { imap_client_workarounds = "delay-newmail" mail_max_userip_connections = 20 default_process_limit = 300 } 10-master.conf default_process_limit = 300 default_client_limit = 1000 service imap-login { inet_listener imap { # process_limit = 15 # client_limit = 300 #port = 143 } -- *Thanks,* *Manikandan.C* *System Administrator* From troeder at univention.de Tue Jul 21 08:56:42 2015 From: troeder at univention.de (=?UTF-8?B?RGFuaWVsIFRyw7ZkZXI=?=) Date: Tue, 21 Jul 2015 10:56:42 +0200 Subject: Client Limit reached in Dovecot In-Reply-To: References: Message-ID: <55AE094A.1030508@univention.de> Am 21.07.2015 um 10:35 schrieb Chandran Manikandan: > Dear Friends, > I have faced below issues since two weeks to till now. Could anyone help me > to rectify this issue. > > Below message retrieve from logs and getting disconnection from Outlook and > other email clients. > > Error Message > > Jul 20 10:33:35 master: Warning: service(imap-login): process_limit (100) > reached, client connections are being dropped > > My local.conf from dovecot folder > > protocol imap { > imap_client_workarounds = "delay-newmail" > mail_max_userip_connections = 20 > default_process_limit = 300 > } This should be just "process_limit" without "default". But it's unnecessary, as you set globally default_process_limit. > 10-master.conf > > default_process_limit = 300 > default_client_limit = 1000 > > service imap-login { > inet_listener imap { > # process_limit = 15 > # client_limit = 300 > #port = 143 > } It is the "imap-login" process_limit that is reached. With the set default_process_limit=300 this shouldn't happen. So maybe there is some setting somewhere else, that is not shown. Please supply the output of: doveconf -S | egrep '(default|imap/|imap-login).*(limit|service_count)' Greetings Daniel Tr?der -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From troeder at univention.de Tue Jul 21 09:23:40 2015 From: troeder at univention.de (=?UTF-8?B?RGFuaWVsIFRyw7ZkZXI=?=) Date: Tue, 21 Jul 2015 11:23:40 +0200 Subject: Dovecot in UCS Message-ID: <55AE0F9C.5080109@univention.de> Hello :) I hope you can forgive me a little advertisement: The English translation of my blog post on the Dovecot integration I did for the Univention Corporate Server (UCS) is online: https://www.univention.com/2015/07/dovecot-is-the-default-imappop3-mail-server-in-ucs/ UCS is a Debian based Linux Distribution, everything - incl. management bits - is OSS. There is a "Core Edition" that you can download and use (also commercially) for free, that is - despite its name - feature complete: https://www.univention.com/downloads/ucs-download A lot of interesting Dovecot features can be changed without breaking things, so this blog post may be interesting to everyone. The German version can be found here: https://www.univention.de/2015/07/mailserver-dovecot-als-standard-imappop3-server-in-ucs/ Greetings Daniel Tr?der -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From troeder at univention.de Tue Jul 21 09:35:18 2015 From: troeder at univention.de (=?UTF-8?B?RGFuaWVsIFRyw7ZkZXI=?=) Date: Tue, 21 Jul 2015 11:35:18 +0200 Subject: Client Limit reached in Dovecot In-Reply-To: References: <55AE094A.1030508@univention.de> Message-ID: <55AE1256.7020809@univention.de> Hallo :) On mailinglists please reply below the previous post. It's easier to read this way. Am 21.07.2015 um 11:26 schrieb Chandran Manikandan: > Dear Daniel, > Thanks for your kind response. As per your above command got below > result. but i couldn't see below settings are local.conf,10-master.conf > or toaster.conf. Where it's retrieved. > default_process_limit=100 > default_client_limit=1000 > default_vsz_limit=256 M > service/imap/process_limit=1024 > service/imap/client_limit=1 > service/imap/service_count=1 > service/imap/vsz_limit=18446744073709551615 B > service/imap-login/process_limit=0 > service/imap-login/client_limit=0 > service/imap-login/service_count=1 > service/imap-login/vsz_limit=18446744073709551615 B My guess is, that service/imap-login/process_limit=0 disables the setting and then default_process_limit=100 applies. As to where default_process_limit=100 comes from? try: grep -r default_process_limit /etc/dovecot Greeting Daniel > > > > On Tue, Jul 21, 2015 at 4:56 PM, Daniel Tr?der > wrote: > > Am 21.07.2015 um 10:35 schrieb Chandran Manikandan: > > Dear Friends, > > I have faced below issues since two weeks to till now. Could anyone help me > > to rectify this issue. > > > > Below message retrieve from logs and getting disconnection from Outlook and > > other email clients. > > > > Error Message > > > > Jul 20 10:33:35 master: Warning: service(imap-login): process_limit (100) > > reached, client connections are being dropped > > > > My local.conf from dovecot folder > > > > protocol imap { > > imap_client_workarounds = "delay-newmail" > > mail_max_userip_connections = 20 > > default_process_limit = 300 > > } > This should be just "process_limit" without "default". But it's > unnecessary, as you set globally default_process_limit. > > > 10-master.conf > > > > default_process_limit = 300 > > default_client_limit = 1000 > > > > service imap-login { > > inet_listener imap { > > # process_limit = 15 > > # client_limit = 300 > > #port = 143 > > } > It is the "imap-login" process_limit that is reached. With the set > default_process_limit=300 this shouldn't happen. So maybe there is some > setting somewhere else, that is not shown. Please supply the output of: > > doveconf -S | egrep '(default|imap/|imap-login).*(limit|service_count)' > > Greetings > Daniel Tr?der > > > > > -- > *Thanks,* > *Manikandan.C* > *System Administrator* -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From jjhoffart at icloud.com Tue Jul 21 14:08:40 2015 From: jjhoffart at icloud.com (jjhoffart) Date: Tue, 21 Jul 2015 14:08:40 +0000 (GMT) Subject: SSL accept error Message-ID: <7dfc1c58-8ea4-466c-b503-f0391d429468@me.com> Hello, ?I am having some trouble isolating an issue with my mail server. In my mail log ?I keep receiving the following errors: SSL_accept:failed in SSLv3 read client certificate A SSL_accept: error form client at mydomain.com: lost connection SSL_accept:SSLv3 flush data I have look through both my dovecot and postfix configs but have not been able to isolate the issue yet, hoping someone might be able to help. From troeder at univention.de Tue Jul 21 14:53:53 2015 From: troeder at univention.de (=?UTF-8?B?RGFuaWVsIFRyw7ZkZXI=?=) Date: Tue, 21 Jul 2015 16:53:53 +0200 Subject: SSL accept error In-Reply-To: <7dfc1c58-8ea4-466c-b503-f0391d429468@me.com> References: <7dfc1c58-8ea4-466c-b503-f0391d429468@me.com> Message-ID: <55AE5D01.6090801@univention.de> Am 21.07.2015 um 16:08 schrieb jjhoffart: > Hello, > I am having some trouble isolating an issue with my mail server. In my > mail log I keep receiving the following errors: > > SSL_accept:failed in SSLv3 read client certificate A > > SSL_accept: error form client at mydomain.com: lost connection > > SSL_accept:SSLv3 flush data > > I have look through both my dovecot and postfix configs but have not > been able to isolate the issue yet, hoping someone might be able to help. Maybe your client is trying to connect with a SSL version you have disabled (SSLv2?). Or did you enable client certificates? You can make Dovecot log more SSL related stuff in 10-logging.conf. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From jost+lists at dimejo.at Tue Jul 21 16:34:17 2015 From: jost+lists at dimejo.at (Alex JOST) Date: Tue, 21 Jul 2015 18:34:17 +0200 Subject: SSL accept error In-Reply-To: <7dfc1c58-8ea4-466c-b503-f0391d429468@me.com> References: <7dfc1c58-8ea4-466c-b503-f0391d429468@me.com> Message-ID: <55AE7489.80304@dimejo.at> Am 21.07.2015 um 16:08 schrieb jjhoffart: > Hello, > I am having some trouble isolating an issue with my mail server. In my > mail log I keep receiving the following errors: > > SSL_accept:failed in SSLv3 read client certificate A > > SSL_accept: error form client at mydomain.com: lost connection > > SSL_accept:SSLv3 flush data > > I have look through both my dovecot and postfix configs but have not > been able to isolate the issue yet, hoping someone might be able to help. What are the permissions for your certificates? -- Alex JOST From laz at paravis.net Tue Jul 21 18:54:45 2015 From: laz at paravis.net (Laz C. Peterson) Date: Tue, 21 Jul 2015 11:54:45 -0700 Subject: dovecot proxy/director and high availability design In-Reply-To: <532072C4-09C5-44C1-B3D4-8969278FE7FA@balius.com> References: <532072C4-09C5-44C1-B3D4-8969278FE7FA@balius.com> Message-ID: <2F40FD45-D18E-4833-9A32-51A168561778@paravis.net> The consensus seems to say no to RR DNS ? I am going to take that into serious consideration. With this proxy setup you describe, what would happen if HAProxy or Dovecot Proxy were to fail? I think there is no problem with many moving parts, as long as there is a backup plan in case something goes awry. My goal is slightly different, as I want to have HA available across datacenters without using BGP or having control over the IP space (so, no anycast). Just a simple way to get the clients redirected to the other Dovecot server when I lose an entire datacenter network for whatever reason. ~ Laz Peterson Paravis, LLC > On Jul 20, 2015, at 5:32 PM, Chad M Stewart wrote: > > > Round-robin DNS last I checked can be fraught with issues. > > While doing something else I came up with this idea: Clients --> Load Balancer(HAProxy) --> Dovecot Proxy(DP) --> Dovecot Director(DD) --> MS1 / MS2. > > > When DP checks say user100 it'll find a host=DD-POD1 that returns two IPs, those of the two DD that sit in front of POD1. This DD pair is the only pair in the ring and only responsible for POD1. Another pair will handle POD2. When DD looks up the host value for a user it'll find the same name, but the IPs returned will be different. Instead have both IPs of the mail stores returned. > > I believe this will achieve what I'm after. HAProxy will do the load balancing of the DP instances. DP will balance the DDs, and DDs will do its job well and ensure that say user300 has all of their connections sent to MS1. When I need to do maintenance on MS1 I can use the DD pair for POD1 to gently move the connections to MS2, etc.. I could also make each POD a 2+1 cluster, so a silent but up-to-date and replicated store sits there waiting should it be needed, or even a 2+2 cluster. After all "two is one, and one is none". > > Not sure when I'll get time to implement/test this out, but in theory it sounds reasonable. I admit its a fair amount of moving parts and areas for failure but I think it maybe the balance needed to achieve the service level availability I'm after while still allowing for maintenance on the systems w/o clients noticing. > > -Chad > > > On Jul 20, 2015, at 1:04 PM, Laz C. Peterson wrote: > >> I?m trying to do this too. But the goal would be simply for automatic failover to the other datacenter. Everything is working if the server?s unique hostname is entered, but I want to do something like round robin DNS that mail clients will automatically attempt to connect to the other IP if they cannot get to the first address. Unfortunately mail applications don?t really do this like web browsers do ? >> >> ~ Laz Peterson >> Paravis, LLC >> >>> On Jul 20, 2015, at 10:29 AM, Chad M Stewart wrote: >>> >>> >>> I'm trying to determine which dovecot components to use and how to order them in the network path from client to mail store. >>> >>> >>> If I have say 1,000 users, all stored in MySQL (or LDAP) and have 4 mail stores, configured into 2, 2 node pods. >>> >>> >>> MS1 and MS2 are pod1 and are configured with replication (dsync) and host users 0-500. MS3 and MS4 are pod2 and are configured with replication between them and host users 501-1000. Ideally the active connections in pod1 would be split 50/50 between MS1 and MS2. When maintenance is performed obviously all active connections/users would be moved to the other node in the pod and then rebalanced once maintenance is completed. >>> >>> I'm not sure if I need to use both the proxy and director, or just one or the other? If both then what is the proper path, from a network perspective? I like the functionality director provides, being able to add/remove servers on the fly and adjust connections, etc.. But from what I've read director needs to know about all mail servers. The problem is that not all servers host all users. User100 could be serviced by ms1 or ms2, but not by ms3 or ms4. >>> >>> I'm trying to design a system that should provide as close to 99.999% service availability as possible. >>> >>> >>> >>> Thank you, >>> Chad From james at lottspot.com Tue Jul 21 19:00:39 2015 From: james at lottspot.com (James Lott) Date: Tue, 21 Jul 2015 12:00:39 -0700 Subject: dovecot proxy/director and high availability design In-Reply-To: <2F40FD45-D18E-4833-9A32-51A168561778@paravis.net> References: <532072C4-09C5-44C1-B3D4-8969278FE7FA@balius.com> <2F40FD45-D18E-4833-9A32-51A168561778@paravis.net> Message-ID: <55AE96D7.8030501@lottspot.com> I think RR DNS is the only viable solution under these circumstances. If you can cope with the fact that failovers won't be seamless, I don't think there's anything wrong with that though. On 07/21/2015 11:54 AM, Laz C. Peterson wrote: > The consensus seems to say no to RR DNS ? I am going to take that into serious consideration. > > With this proxy setup you describe, what would happen if HAProxy or Dovecot Proxy were to fail? > > I think there is no problem with many moving parts, as long as there is a backup plan in case something goes awry. My goal is slightly different, as I want to have HA available across datacenters without using BGP or having control over the IP space (so, no anycast). Just a simple way to get the clients redirected to the other Dovecot server when I lose an entire datacenter network for whatever reason. > > ~ Laz Peterson > Paravis, LLC > >> On Jul 20, 2015, at 5:32 PM, Chad M Stewart wrote: >> >> >> Round-robin DNS last I checked can be fraught with issues. >> >> While doing something else I came up with this idea: Clients --> Load Balancer(HAProxy) --> Dovecot Proxy(DP) --> Dovecot Director(DD) --> MS1 / MS2. >> >> >> When DP checks say user100 it'll find a host=DD-POD1 that returns two IPs, those of the two DD that sit in front of POD1. This DD pair is the only pair in the ring and only responsible for POD1. Another pair will handle POD2. When DD looks up the host value for a user it'll find the same name, but the IPs returned will be different. Instead have both IPs of the mail stores returned. >> >> I believe this will achieve what I'm after. HAProxy will do the load balancing of the DP instances. DP will balance the DDs, and DDs will do its job well and ensure that say user300 has all of their connections sent to MS1. When I need to do maintenance on MS1 I can use the DD pair for POD1 to gently move the connections to MS2, etc.. I could also make each POD a 2+1 cluster, so a silent but up-to-date and replicated store sits there waiting should it be needed, or even a 2+2 cluster. After all "two is one, and one is none". >> >> Not sure when I'll get time to implement/test this out, but in theory it sounds reasonable. I admit its a fair amount of moving parts and areas for failure but I think it maybe the balance needed to achieve the service level availability I'm after while still allowing for maintenance on the systems w/o clients noticing. >> >> -Chad >> >> >> On Jul 20, 2015, at 1:04 PM, Laz C. Peterson wrote: >> >>> I?m trying to do this too. But the goal would be simply for automatic failover to the other datacenter. Everything is working if the server?s unique hostname is entered, but I want to do something like round robin DNS that mail clients will automatically attempt to connect to the other IP if they cannot get to the first address. Unfortunately mail applications don?t really do this like web browsers do ? >>> >>> ~ Laz Peterson >>> Paravis, LLC >>> >>>> On Jul 20, 2015, at 10:29 AM, Chad M Stewart wrote: >>>> >>>> >>>> I'm trying to determine which dovecot components to use and how to order them in the network path from client to mail store. >>>> >>>> >>>> If I have say 1,000 users, all stored in MySQL (or LDAP) and have 4 mail stores, configured into 2, 2 node pods. >>>> >>>> >>>> MS1 and MS2 are pod1 and are configured with replication (dsync) and host users 0-500. MS3 and MS4 are pod2 and are configured with replication between them and host users 501-1000. Ideally the active connections in pod1 would be split 50/50 between MS1 and MS2. When maintenance is performed obviously all active connections/users would be moved to the other node in the pod and then rebalanced once maintenance is completed. >>>> >>>> I'm not sure if I need to use both the proxy and director, or just one or the other? If both then what is the proper path, from a network perspective? I like the functionality director provides, being able to add/remove servers on the fly and adjust connections, etc.. But from what I've read director needs to know about all mail servers. The problem is that not all servers host all users. User100 could be serviced by ms1 or ms2, but not by ms3 or ms4. >>>> >>>> I'm trying to design a system that should provide as close to 99.999% service availability as possible. >>>> >>>> >>>> >>>> Thank you, >>>> Chad From cms at balius.com Tue Jul 21 19:35:35 2015 From: cms at balius.com (Chad M Stewart) Date: Tue, 21 Jul 2015 15:35:35 -0400 Subject: dovecot proxy/director and high availability design In-Reply-To: <2F40FD45-D18E-4833-9A32-51A168561778@paravis.net> References: <532072C4-09C5-44C1-B3D4-8969278FE7FA@balius.com> <2F40FD45-D18E-4833-9A32-51A168561778@paravis.net> Message-ID: <568d8a0bb0fd5ffbe11b8057608912e6@balius.com> On 2015-07-21 02:54 PM, Laz C. Peterson wrote: > The consensus seems to say no to RR DNS ? I am going to take that into > serious consideration. > > With this proxy setup you describe, what would happen if HAProxy or > Dovecot Proxy were to fail? Multiple instances of each. I'll be using SmartOS as the base for my systems, so I'll be using ucarp, combined with haproxy should achieve what I'm after. Given two client facing IPs, I'm thinking two instances of HAProxy+ucarp, each handling one IP. Giving me active/active. HAProxy can hand off the connections to N+1 DP, the number of those would be based on redundancy plus load, thus my minimum would be 3. Brainstorming your situation.... Install HAProxy (or similar) in each data center. Then use dovecot director to route users to the store they happen to be using. In other words if the first connection from userA comes into data center 1 then it gets sent to MS1 in the same data center. Their next connection comes into data center 2 (thinking mobile device vs their desktop), the dovecot director there would route the connection over to ms1 in data center 1. Not that network efficient, but it might achieve what you want given your constraints too. -Chad From darix at opensu.se Tue Jul 21 19:37:55 2015 From: darix at opensu.se (Marcus Rueckert) Date: Tue, 21 Jul 2015 21:37:55 +0200 Subject: dovecot proxy/director and high availability design In-Reply-To: <55AE96D7.8030501@lottspot.com> References: <532072C4-09C5-44C1-B3D4-8969278FE7FA@balius.com> <2F40FD45-D18E-4833-9A32-51A168561778@paravis.net> <55AE96D7.8030501@lottspot.com> Message-ID: <20150721213755.050cec58@pixie.lan> On Tue, 21 Jul 2015 12:00:39 -0700 James Lott wrote: > I think RR DNS is the only viable solution under these circumstances. > If you can cope with the fact that failovers won't be seamless, I > don't think there's anything wrong with that though. > > On 07/21/2015 11:54 AM, Laz C. Peterson wrote: > > The consensus seems to say no to RR DNS ? I am going to take that > > into serious consideration. > > > > With this proxy setup you describe, what would happen if HAProxy or > > Dovecot Proxy were to fail? > > > > I think there is no problem with many moving parts, as long as > > there is a backup plan in case something goes awry. My goal is > > slightly different, as I want to have HA available across > > datacenters without using BGP or having control over the IP space > > (so, no anycast). Just a simple way to get the clients redirected > > to the other Dovecot server when I lose an entire datacenter > > network for whatever reason. you dont need DNS RR for that. just plain DNS entries with a very short TTL. darix -- openSUSE - SUSE Linux is my linux openSUSE is good for you www.opensuse.org From james at lottspot.com Tue Jul 21 19:42:46 2015 From: james at lottspot.com (James Lott) Date: Tue, 21 Jul 2015 12:42:46 -0700 Subject: dovecot proxy/director and high availability design In-Reply-To: <20150721213755.050cec58@pixie.lan> References: <532072C4-09C5-44C1-B3D4-8969278FE7FA@balius.com> <2F40FD45-D18E-4833-9A32-51A168561778@paravis.net> <55AE96D7.8030501@lottspot.com> <20150721213755.050cec58@pixie.lan> Message-ID: <55AEA0B6.5090308@lottspot.com> Right.. I stand corrected On 07/21/2015 12:37 PM, Marcus Rueckert wrote: > On Tue, 21 Jul 2015 12:00:39 -0700 > James Lott wrote: > >> I think RR DNS is the only viable solution under these circumstances. >> If you can cope with the fact that failovers won't be seamless, I >> don't think there's anything wrong with that though. >> >> On 07/21/2015 11:54 AM, Laz C. Peterson wrote: >>> The consensus seems to say no to RR DNS ? I am going to take that >>> into serious consideration. >>> >>> With this proxy setup you describe, what would happen if HAProxy or >>> Dovecot Proxy were to fail? >>> >>> I think there is no problem with many moving parts, as long as >>> there is a backup plan in case something goes awry. My goal is >>> slightly different, as I want to have HA available across >>> datacenters without using BGP or having control over the IP space >>> (so, no anycast). Just a simple way to get the clients redirected >>> to the other Dovecot server when I lose an entire datacenter >>> network for whatever reason. > you dont need DNS RR for that. just plain DNS entries with a very short > TTL. > > darix > From sergey.schwartz at bgoperator.com Wed Jul 22 08:14:19 2015 From: sergey.schwartz at bgoperator.com (Sergey Schwartz) Date: Wed, 22 Jul 2015 11:14:19 +0300 Subject: internal server error Message-ID: <55AF50DB.40001@bgoperator.com> Hi! Today I've got a client unable to open a mailbox with Thunderbird - constantly drops connection. On the server side I can see an error message in the log Jul 22 11:07:29 mx10 dovecot: imap(oleg.vasilyev at bgoperator.com): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x7c96f) [0x7fd52575b96f] -> /usr/lib/dovecot/libdovecot.so.0(+0x7c9ce) [0x7fd52575b9ce] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7fd525709875] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_index_uint32_to_offset+0x74) [0x7fd525aa72d4] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_cache_add+0x561) [0x7fd525a91cf1] -> /usr/lib/dovecot/libdovecot-storage.so.0(index_mail_parse_header+0x2b1) [0x7fd525a79241] -> /usr/lib/dovecot/libdovecot.so.0(+0x66e47) [0x7fd525745e47] -> /usr/lib/dovecot/libdovecot.so.0(i_stream_read+0x68) [0x7fd5257657a8] -> /usr/lib/dovecot/libdovecot.so.0(i_stream_read_data+0x3d) [0x7fd52576614d] -> /usr/lib/dovecot/libdovecot.so.0(message_parse_header_next+0x62) [0x7fd52574af02] -> /usr/lib/dovecot/libdovecot.so.0(+0x667ff) [0x7fd5257457ff] -> /usr/lib/dovecot/libdovecot.so.0(i_stream_read+0x68) [0x7fd5257657a8] -> /usr/lib/dovecot/libdovecot.so.0(i_stream_read_data+0x3d) [0x7fd52576614d] -> /usr/lib/dovecot/libdovecot.so.0(message_get_header_size+0x53) [0x7fd52574e4b3] -> /usr/lib/dovecot/libdovecot-storage.so.0(imap_msgpart_open+0x257) [0x7fd525ab4527] -> dovecot/imap(+0x1da42) [0x7fd525f3ca42] -> dovecot/imap(+0x1be3f) [0x7fd525f3ae3f] -> dovecot/imap(imap_fetch_more+0x37) [0x7fd525f3be97] -> dovecot/imap(cmd_fetch+0x316) [0x7fd525f2f946] -> dovecot/imap(command_exec+0x4c) [0x7fd525f398cc] -> dovecot/imap(+0x19830) [0x7fd525f38830] -> dovecot/imap(+0x198c4) [0x7fd525f388c4] -> dovecot/imap(client_handle_input+0x115) [0x7fd525f38bc5] -> dovecot/imap(client_input+0x75) [0x7fd525f38fa5] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x5b) [0x7fd52576e54b] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0xbb) [0x7fd52576f5cb] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x9) [0x7fd52576e5d9] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x38) [0x7fd52576e658] Jul 22 11:07:29 mx10 dovecot: imap(oleg.vasilyev at bgoperator.com): Fatal: master: service(imap): child 17109 killed with signal 6 (core dumped) Should I report a bug or there is a workaround for this issue? -- Best regards, Sergey Schwartz Senior System Administrator Biblio Globus Tour Operator www.bgoperator.ru T: +7 495 5042500 ext 1532 E: sergey.schwartz at bgoperator.com From troeder at univention.de Wed Jul 22 08:26:28 2015 From: troeder at univention.de (=?UTF-8?B?RGFuaWVsIFRyw7ZkZXI=?=) Date: Wed, 22 Jul 2015 10:26:28 +0200 Subject: Client Limit reached in Dovecot In-Reply-To: References: Message-ID: <55AF53B4.7060908@univention.de> Hello Chandran, The configuration you sent me doesn't match the problem or previous reports. It seems to qmail toaster distribution is doing something strange with dovecot. I found an old mailinglist entry with your exact problem: https://www.mail-archive.com/qmailtoaster-list at qmailtoaster.com/msg35587.html It seems to be particular to their configuration. Please write about your problem to the qmailtoaster-list: https://www.mail-archive.com/qmailtoaster-list at qmailtoaster.com/info.html Greetings Daniel Am 22.07.2015 um 09:53 schrieb Chandran Manikandan:> Dear Daniel, > Please see the package details with qmailtoaster on our server. > dovecot-2.2.7-0.qt.el6.i686 > > On Wed, Jul 22, 2015 at 3:44 PM, Daniel Tr?der > wrote: > > Hi Chandran, > > your copy of the dovecot output was cut short. You can run > > doveconf -n > /tmp/doveconf-n.conf > > And send me the file /tmp/doveconf-n.conf , then it will be complete. > > Greetings > Daniel -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From skdovecot at smail.inf.fh-brs.de Wed Jul 22 09:16:30 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Wed, 22 Jul 2015 11:16:30 +0200 (CEST) Subject: internal server error In-Reply-To: <55AF50DB.40001@bgoperator.com> References: <55AF50DB.40001@bgoperator.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 22 Jul 2015, Sergey Schwartz wrote: > Should I report a bug or there is a workaround for this issue? which version of Dovecot do you run? If it is less than v2.2.18, you should try the most current one before reporting any bugs. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVa9fbnz1H7kL/d9rAQJffgf/WQMGN4wI2+/Fi6TFom3/X4TMH+2STg9f G+RX7r0jwK5EmpvcHGHH2Xfh7l6xdpmJSgUp9mR0JEJpbb63IltjQcVvRSHlS2Yy Mr0PshtnBfNsNfnqQumBx47IGFZGGeUtWvez3P/whz4R1RhPQsVg+f8pbggMNYwl QrsAO/i9jCyWY2Q3m+juXkrZftmaSwesRgNwuEL56LhCgdn2JekC6yCg1LW8zaxJ lCd7smxDoYubLD/AvzKm3QB3PyN9Zx07jqsNjyHWUVpT+CjvsdcmneH1XIhRBVr8 2U7wPTNr5VhdxPVgOLU5aDiL8rYdx+qgLOzgZLQ2Zrk3eiQZ5pkBkw== =Pkwb -----END PGP SIGNATURE----- From nutschi at talach.at Wed Jul 22 09:27:33 2015 From: nutschi at talach.at (Nutsch) Date: Wed, 22 Jul 2015 11:27:33 +0200 Subject: sieve vacation In-Reply-To: References: <55AF50DB.40001@bgoperator.com> Message-ID: <55AF6205.7010202@talach.at> Hi, it is 2.1.7. My Problem is the sieve vacation script. require "vacation"; vacation :days 17 :addresses ["aa at aa.at"] :subject " text text text. text, text text, text br aa"; If someone is sending an email to aa at aa.at he gets the vacation message, but if some is sendig an email to bb at aa.at he also gets the vacation message. And even if someone is sending to bbb at bbb.at (second domain on server) he also gets this message. Any idea? br. noctua On 2015-07-22 11:16, Steffen Kaiser wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Wed, 22 Jul 2015, Sergey Schwartz wrote: > >> Should I report a bug or there is a workaround for this issue? > > which version of Dovecot do you run? If it is less than v2.2.18, you > should try the most current one before reporting any bugs. > > - -- Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iQEVAwUBVa9fbnz1H7kL/d9rAQJffgf/WQMGN4wI2+/Fi6TFom3/X4TMH+2STg9f > G+RX7r0jwK5EmpvcHGHH2Xfh7l6xdpmJSgUp9mR0JEJpbb63IltjQcVvRSHlS2Yy > Mr0PshtnBfNsNfnqQumBx47IGFZGGeUtWvez3P/whz4R1RhPQsVg+f8pbggMNYwl > QrsAO/i9jCyWY2Q3m+juXkrZftmaSwesRgNwuEL56LhCgdn2JekC6yCg1LW8zaxJ > lCd7smxDoYubLD/AvzKm3QB3PyN9Zx07jqsNjyHWUVpT+CjvsdcmneH1XIhRBVr8 > 2U7wPTNr5VhdxPVgOLU5aDiL8rYdx+qgLOzgZLQ2Zrk3eiQZ5pkBkw== > =Pkwb > -----END PGP SIGNATURE----- From sergey.schwartz at bgoperator.com Wed Jul 22 10:48:12 2015 From: sergey.schwartz at bgoperator.com (Sergey Schwartz) Date: Wed, 22 Jul 2015 13:48:12 +0300 Subject: internal server error In-Reply-To: References: <55AF50DB.40001@bgoperator.com> Message-ID: <55AF74EC.3090704@bgoperator.com> Steffen, 2.2.18 (2de3c7248922) Best regards, Sergey Schwartz Senior System Administrator Biblio Globus Tour Operator www.bgoperator.ru T: +7 495 5042500 ext 1532 E: sergey.schwartz at bgoperator.com 22.07.2015 12:16, Steffen Kaiser ?????: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Wed, 22 Jul 2015, Sergey Schwartz wrote: > >> Should I report a bug or there is a workaround for this issue? > > which version of Dovecot do you run? If it is less than v2.2.18, you > should try the most current one before reporting any bugs. > > - -- Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iQEVAwUBVa9fbnz1H7kL/d9rAQJffgf/WQMGN4wI2+/Fi6TFom3/X4TMH+2STg9f > G+RX7r0jwK5EmpvcHGHH2Xfh7l6xdpmJSgUp9mR0JEJpbb63IltjQcVvRSHlS2Yy > Mr0PshtnBfNsNfnqQumBx47IGFZGGeUtWvez3P/whz4R1RhPQsVg+f8pbggMNYwl > QrsAO/i9jCyWY2Q3m+juXkrZftmaSwesRgNwuEL56LhCgdn2JekC6yCg1LW8zaxJ > lCd7smxDoYubLD/AvzKm3QB3PyN9Zx07jqsNjyHWUVpT+CjvsdcmneH1XIhRBVr8 > 2U7wPTNr5VhdxPVgOLU5aDiL8rYdx+qgLOzgZLQ2Zrk3eiQZ5pkBkw== > =Pkwb > -----END PGP SIGNATURE----- From dovecotG1Z0 at acarver.net Wed Jul 22 20:38:01 2015 From: dovecotG1Z0 at acarver.net (AC) Date: Wed, 22 Jul 2015 13:38:01 -0700 Subject: Authenticate system user with alternate password Message-ID: <55AFFF29.3080900@acarver.net> Is there a way to configure Dovecot to authenticate a system user against a different password list? I want to give my own personal account on my machine a password for IMAP and have that be different from the password I use to log into the system for maintenance purposes. I currently do this for outbound email by having the MTA authenticate against a SASL database during the initial SMTP connection (STARTTLS). From sca at andreasschulze.de Wed Jul 22 21:27:15 2015 From: sca at andreasschulze.de (A. Schulze) Date: Wed, 22 Jul 2015 23:27:15 +0200 Subject: Authenticate system user with alternate password In-Reply-To: <55AFFF29.3080900@acarver.net> Message-ID: <20150722232715.Horde.CRpqHKxo97w3LnS_eAALuzU@andreasschulze.de> AC: > Is there a way to configure Dovecot to authenticate a system user > against a different password list? sure! > I want to give my own personal > account on my machine a password for IMAP and have that be different > from the password I use to log into the system for maintenance purposes. configure dovecot to use a separate passwd-file and simply use the same usernames. http://wiki2.dovecot.org/AuthDatabase/PasswdFile username synchronisation may be the challenge... Andreas From skdovecot at smail.inf.fh-brs.de Fri Jul 24 08:02:45 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 24 Jul 2015 10:02:45 +0200 (CEST) Subject: possible patch for ACL SQL ERROR: duplicate key value violates unique constraint "user_shares_pkey" Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I'm using Postgres as dict backend now and then I get this error, when someone changed ACLs, actually for some reason some users, who get permission from other users, get this error quite often: dict: Error: sql dict: commit failed: ERROR: duplicate key value violates unique constraint "user_shares_pkey" (query: INSERT INTO user_shares (dummy,to_user,from_user) VALUES ('1','user1','user2')) It looks like that this error is triggered, when a MUA is connecting to Dovecot after ACLs had been changed and opens several mailboxes at once. So two or parallel Dovecot instances try to insert the record simultaneously. With a similiar technique to the quota problem, I added a trigger. The idea is to use the condition dummy ISNULL to detect, that the function was triggered from the INSERT of the function itself, hence, breaking the recursive triggers. This assumes that dummy is never NULL from Dovecot. The same applies to anyone_shares, just remove the to_user field from the function. Does somebody see something wrong with my hack? ============= CREATE FUNCTION insert_sharing() RETURNS trigger LANGUAGE plpgsql AS $$ BEGIN IF NEW.dummy IS NULL THEN -- ugly kludge: we came here from this function, really do try to insert return NEW; END IF; LOOP UPDATE user_shares SET dummy = NEW.dummy WHERE from_user = NEW.from_user AND to_user = NEW.to_user; IF found THEN -- updated and inserted RETURN NULL; END IF; BEGIN INSERT INTO user_shares (from_user,to_user,dummy) VALUES (NEW.from_user,NEW.to_user,NULL); --- return NULL; EXCEPTION WHEN unique_violation THEN -- someone just inserted the record, update it END; -- Update dummy after INSERT END LOOP; END; $$; CREATE TRIGGER insertsharing BEFORE INSERT ON user_shares FOR EACH ROW EXECUTE PROCEDURE insert_sharing(); - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVbHxJXz1H7kL/d9rAQIn5gf/dNMQKmmigGrbccGQQrsGU66B6OHvTY7L 1vyh8hgr985KNk2/Ws/usLnAqpl5jhpo8kVPLI8TqcGYLAS/67TOIFrwLKAEBU96 e+QpbqqiSm66mZwWOQZgCI63+Fh7fdBUMREL6UqGleFF1GrzNnjmX4MGecbpu/L9 gQMAGUG++/S+ka9S6B275RXIj9DvWzq/oYqJ1M1grGckUxXfDk5szLyvuIJ981At 20qaCHEIlIOlkQ0ttE4W+RWkkYS2rMJvCzQelF4pcm6vaxhXxvqUryzmy9pv+UUT osqS6igWt7BPXF7ku8+rKYVp/qPZrh9IWXMsajr/2nI+V5gRb6u2ow== =gb1P -----END PGP SIGNATURE----- From jas.reehal at zuken.co.uk Fri Jul 24 09:37:55 2015 From: jas.reehal at zuken.co.uk (Jas Reehal) Date: Fri, 24 Jul 2015 10:37:55 +0100 Subject: POP3 getting previously delivered messages. Message-ID: <55B20773.9010006@zuken.co.uk> Hi All, This is my first post to this list. I have recently upgraded to dovecot version 2.2.10. 1. I have one POP3 user who does not want to delete his email on the server. 2. He has accumulated over 19000 messages, and the 'dovecot.uidlist' file has more than 19000 lines! 3. Occasionally now when he has received one or more new emails, and his email client does a 'get new mail' operation (POP3) he begins to receive email he has already received previously. last time this happened all 19000+ messages were delivered again, leaning to duplicate entries in all his mailboxes. I have reproduced this issue with a dummy email account with a POP3 client, leaving all messages on the server. I have delivered 20000 messages to this email account, each about 1.3k ins size and each with .... Subject: Message number Body containing "Message number " where is 1 to 20000 now occasionally if I send another message to this email account, and then check for new messages using a POP3 client I get more messages downloaded than I expect! The 'dovecot.uidlist' file is not corrupt, but I beleive due ti it's size (number of lines) the is an issue on compiling a ' POP3 drop-list'. I have attached a file 'dovecot-a.txt' which shows the 'dovecot -a' output from my server. Based on what I have investigated I believe that this issue may not be correlated with a migration to version 2.2.10, but more to do with the number of messages retained on the server. Is there anyone who has any insight into what is happening and if there is any remedy, perhaps a "pop3_client_workarounds =" or other POP3 or UIDL directive in the conf files? The user is stubbornly resisting migration to IMAP, because of the time and effort he says will be required to replicate his organised filing/storage of messages on the server. Kind Regards Jas Reehal -- Jas Reehal | IT & Networks Consultant *Zuken Limited - /The Partner for Success/* 1500 Aztec West, Almondsbury, Bristol, BS32 4RF, United Kingdom T: +44 1454 207824 | F: +44 1454 207803 E: jas.reehal at zuken.co.uk | W: www.zuken.com Connect with Zuken: blog | youtube | linkedin | twitter | facebook Zuken Ltd // Registered office: Bristol // Registered No. 956340 // Directors: Jinya Katsube, Kazuhiro Kariya, S Yukawa This e-mail message from Zuken including any attachments is intended only for the individual or entity to which it is addressed. This e-mail may contain privileged, proprietary, or otherwise private information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you received this e-mail by accident, please notify the sender immediately and destroy this e-mail and all copies of it. -------------- next part -------------- # 2.2.10: /etc/dovecot/dovecot.conf # OS: Linux 3.10.0-229.1.2.el7.x86_64 x86_64 Red Hat Enterprise Linux Server release 7.1 (Maipo) # NOTE: Send doveconf -n output instead when asking for help. auth_anonymous_username = anonymous auth_cache_negative_ttl = 1 hours auth_cache_size = 0 auth_cache_ttl = 1 hours auth_debug = no auth_debug_passwords = no auth_default_realm = auth_failure_delay = 2 secs auth_gssapi_hostname = auth_krb5_keytab = auth_master_user_separator = auth_mechanisms = plain auth_proxy_self = auth_realms = auth_socket_path = auth-userdb auth_ssl_require_client_cert = no auth_ssl_username_from_cert = no auth_use_winbind = no auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ auth_username_format = %Lu auth_username_translation = auth_verbose = no auth_verbose_passwords = no auth_winbind_helper_path = /usr/bin/ntlm_auth auth_worker_max_count = 30 base_dir = /var/run/dovecot config_cache_size = 1 M debug_log_path = default_client_limit = 1000 default_idle_kill = 1 mins default_internal_user = dovecot default_login_user = dovenull default_process_limit = 200 default_vsz_limit = 256 M deliver_log_format = msgid=%m: %$ dict_db_config = director_doveadm_port = 0 director_mail_servers = director_servers = director_user_expire = 15 mins director_username_hash = %Lu disable_plaintext_auth = yes dotlock_use_excl = yes doveadm_allowed_commands = doveadm_password = doveadm_port = 0 doveadm_socket_path = doveadm-server doveadm_worker_count = 0 dsync_alt_char = _ dsync_remote_cmd = ssh -l%{login} %{host} doveadm dsync-server -u%u -U first_valid_gid = 1 first_valid_uid = 100 hostname = imap_capability = imap_client_workarounds = imap_id_log = imap_id_send = name * imap_idle_notify_interval = 2 mins imap_logout_format = in=%i out=%o imap_max_line_length = 64 k imap_metadata = no imap_urlauth_host = imap_urlauth_logout_format = in=%i out=%o imap_urlauth_port = 143 imapc_features = imapc_host = imapc_list_prefix = imapc_master_user = imapc_max_idle_time = 29 mins imapc_password = imapc_port = 143 imapc_rawlog_dir = imapc_ssl = no imapc_ssl_verify = yes imapc_user = import_environment = TZ CORE_OUTOFMEM CORE_ERROR LISTEN_PID LISTEN_FDS info_log_path = /var/log/dovecot.log instance_name = dovecot last_valid_gid = 0 last_valid_uid = 0 lda_mailbox_autocreate = no lda_mailbox_autosubscribe = no lda_original_recipient_header = libexec_dir = /usr/libexec/dovecot listen = *, :: lmtp_address_translate = lmtp_proxy = no lmtp_rcpt_check_quota = no lmtp_save_to_detail_mailbox = no lock_method = fcntl log_path = syslog log_timestamp = "%b %d %H:%M:%S " login_access_sockets = login_greeting = Dovecot ready. login_log_format = %$: %s login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c session=<%{session}> login_trusted_networks = mail_access_groups = mail_always_cache_fields = mail_attachment_dir = mail_attachment_fs = sis posix mail_attachment_hash = %{sha1} mail_attachment_min_size = 128 k mail_attribute_dict = mail_cache_fields = flags mail_cache_min_mail_count = 0 mail_chroot = mail_debug = no mail_fsync = optimized mail_full_filesystem_access = no mail_gid = mail_home = mail_location = mail_log_prefix = "%s(%u): " mail_max_keyword_length = 50 mail_max_lock_timeout = 0 mail_max_userip_connections = 10 mail_never_cache_fields = imap.envelope mail_nfs_index = no mail_nfs_storage = no mail_plugin_dir = /usr/lib64/dovecot mail_plugins = mail_prefetch_count = 0 mail_privileged_group = mail_save_crlf = no mail_shared_explicit_inbox = no mail_temp_dir = /tmp mail_temp_scan_interval = 1 weeks mail_uid = mailbox_idle_check_interval = 30 secs mailbox_list_index = no maildir_broken_filename_sizes = no maildir_copy_with_hardlinks = yes maildir_stat_dirs = no maildir_very_dirty_syncs = no master_user_separator = mbox_dirty_syncs = yes mbox_dotlock_change_timeout = 2 mins mbox_lazy_writes = yes mbox_lock_timeout = 5 mins mbox_md5 = apop3d mbox_min_index_size = 0 mbox_read_locks = fcntl mbox_very_dirty_syncs = no mbox_write_locks = fcntl mdbox_preallocate_space = no mdbox_rotate_interval = 0 mdbox_rotate_size = 2 M mmap_disable = no namespace inbox { disabled = no hidden = no ignore_on_failure = no inbox = yes list = yes location = mailbox Drafts { auto = no driver = special_use = \Drafts } mailbox Junk { auto = no driver = special_use = \Junk } mailbox Sent { auto = no driver = special_use = \Sent } mailbox "Sent Messages" { auto = no driver = special_use = \Sent } mailbox Trash { auto = no driver = special_use = \Trash } prefix = separator = subscriptions = yes type = private } passdb { args = default_fields = deny = no driver = pam master = no override_fields = pass = no result_failure = continue result_internalfail = continue result_success = return-ok skip = never } pop3_client_workarounds = pop3_deleted_flag = pop3_enable_last = no pop3_fast_size_lookups = no pop3_lock_session = no pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s pop3_no_flag_updates = no pop3_reuse_xuidl = no pop3_save_uidl = no pop3_uidl_duplicates = allow pop3_uidl_format = %08Xu%08Xv pop3c_host = pop3c_master_user = pop3c_password = pop3c_port = 110 pop3c_quick_received_date = no pop3c_rawlog_dir = pop3c_ssl = no pop3c_ssl_verify = yes pop3c_user = %u postmaster_address = protocols = imap pop3 lmtp quota_full_tempfail = no recipient_delimiter = + rejection_reason = Your message to <%t> was automatically rejected:%n%r rejection_subject = Rejected: %s replication_dsync_parameters = -d -N -l 30 -U replication_full_sync_interval = 1 days replication_max_conns = 10 replicator_host = replicator replicator_port = 0 sendmail_path = /usr/sbin/sendmail service aggregator { chroot = . client_limit = 0 drop_priv_before_exec = no executable = aggregator extra_groups = fifo_listener replication-notify-fifo { group = mode = 0600 user = } group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener replication-notify { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service anvil { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = anvil extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 1 protocol = service_count = 0 type = anvil unix_listener anvil-auth-penalty { group = mode = 0600 user = } unix_listener anvil { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service auth-worker { chroot = client_limit = 1 drop_priv_before_exec = no executable = auth -w extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 1 type = unix_listener auth-worker { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service auth { chroot = client_limit = 0 drop_priv_before_exec = no executable = auth extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener auth-client { group = mode = 0600 user = $default_internal_user } unix_listener auth-login { group = mode = 0600 user = $default_internal_user } unix_listener auth-master { group = mode = 0600 user = } unix_listener auth-userdb { group = mode = 0666 user = $default_internal_user } unix_listener login/login { group = mode = 0666 user = } unix_listener token-login/tokenlogin { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service config { chroot = client_limit = 0 drop_priv_before_exec = no executable = config extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = config unix_listener config { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service dict { chroot = client_limit = 1 drop_priv_before_exec = no executable = dict extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dict { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service director { chroot = . client_limit = 0 drop_priv_before_exec = no executable = director extra_groups = fifo_listener login/proxy-notify { group = mode = 00 user = } group = idle_kill = 4294967295 secs inet_listener { address = port = 0 reuse_port = no ssl = no } privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener director-admin { group = mode = 0600 user = } unix_listener director-userdb { group = mode = 0600 user = } unix_listener login/director { group = mode = 00 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service dns_client { chroot = client_limit = 1 drop_priv_before_exec = no executable = dns-client extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dns-client { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service doveadm { chroot = client_limit = 1 drop_priv_before_exec = no executable = doveadm-server extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 1 type = unix_listener doveadm-server { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service imap-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = imap-login extra_groups = group = idle_kill = 0 inet_listener imap { address = port = 143 reuse_port = no ssl = no } inet_listener imaps { address = port = 993 reuse_port = no ssl = yes } privileged_group = process_limit = 0 process_min_avail = 0 protocol = imap service_count = 1 type = login user = $default_login_user vsz_limit = 18446744073709551615 B } service imap-urlauth-login { chroot = token-login client_limit = 0 drop_priv_before_exec = no executable = imap-urlauth-login extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = imap service_count = 1 type = login unix_listener imap-urlauth { group = mode = 0666 user = } user = $default_login_user vsz_limit = 18446744073709551615 B } service imap-urlauth-worker { chroot = client_limit = 1 drop_priv_before_exec = no executable = imap-urlauth-worker extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1024 process_min_avail = 0 protocol = imap service_count = 1 type = unix_listener imap-urlauth-worker { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service imap-urlauth { chroot = client_limit = 1 drop_priv_before_exec = no executable = imap-urlauth extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1024 process_min_avail = 0 protocol = imap service_count = 1 type = unix_listener token-login/imap-urlauth { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service imap { chroot = client_limit = 1 drop_priv_before_exec = no executable = imap extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1024 process_min_avail = 0 protocol = imap service_count = 1 type = unix_listener login/imap { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service indexer-worker { chroot = client_limit = 1 drop_priv_before_exec = no executable = indexer-worker extra_groups = group = idle_kill = 0 privileged_group = process_limit = 10 process_min_avail = 0 protocol = service_count = 0 type = unix_listener indexer-worker { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service indexer { chroot = client_limit = 0 drop_priv_before_exec = no executable = indexer extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener indexer { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service ipc { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = ipc extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener ipc { group = mode = 0600 user = } unix_listener login/ipc-proxy { group = mode = 0600 user = $default_login_user } user = $default_internal_user vsz_limit = 18446744073709551615 B } service lmtp { chroot = client_limit = 1 drop_priv_before_exec = no executable = lmtp extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = lmtp service_count = 0 type = unix_listener lmtp { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service log { chroot = client_limit = 0 drop_priv_before_exec = no executable = log extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = log unix_listener log-errors { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service pop3-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = pop3-login extra_groups = group = idle_kill = 0 inet_listener pop3 { address = port = 110 reuse_port = no ssl = no } inet_listener pop3s { address = port = 995 reuse_port = no ssl = yes } privileged_group = process_limit = 0 process_min_avail = 0 protocol = pop3 service_count = 1 type = login user = $default_login_user vsz_limit = 18446744073709551615 B } service pop3 { chroot = client_limit = 1 drop_priv_before_exec = no executable = pop3 extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1024 process_min_avail = 0 protocol = pop3 service_count = 1 type = unix_listener login/pop3 { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service replicator { chroot = client_limit = 0 drop_priv_before_exec = no executable = replicator extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener replicator-doveadm { group = mode = 00 user = $default_internal_user } unix_listener replicator { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service ssl-params { chroot = client_limit = 0 drop_priv_before_exec = no executable = ssl-params extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = startup unix_listener login/ssl-params { group = mode = 0666 user = } unix_listener ssl-params { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service stats { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = stats extra_groups = fifo_listener stats-mail { group = mode = 0600 user = } group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener stats { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } shutdown_clients = yes ssl = required ssl_ca = ssl_cert = References: <55AF50DB.40001@bgoperator.com> <55AF74EC.3090704@bgoperator.com> Message-ID: <55B20C47.60809@bgoperator.com> I've got a bit more details Jul 24 10:21:50 mx10 dovecot: imap(oleg.vasilyev at bgoperator.com): *Panic: file mail-index-util.c: line 37 (mail_index_uint32_to_offset): assertion failed: (offset < 0x40000000)* Jul 24 10:21:50 mx10 dovecot: imap(oleg.vasilyev at bgoperator.com): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x7c96f) [0x7fe4a719d96f] -> /usr/lib/dovecot/libdovecot.so.0(+0x7c9ce) [0x7fe4a719d9ce] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7fe4a714b875] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_index_uint32_to_offset+0x74) [0x7fe4a74e92d4] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_cache_add+0x561) [0x7fe4a74d3cf1] -> /usr/lib/dovecot/libdovecot-storage.so.0(index_mail_parse_header+0x2b1) [0x7fe4a74bb241] -> /usr/lib/dovecot/libdovecot.so.0(+0x66e47) [0x7fe4a7187e47] -> /usr/lib/dovecot/libdovecot.so.0(i_stream_read+0x68) [0x7fe4a71a77a8] -> /usr/lib/dovecot/libdovecot.so.0(i_stream_read_data+0x3d) [0x7fe4a71a814d] -> /usr/lib/dovecot/libdovecot.so.0(message_parse_header_next+0x62) [0x7fe4a718cf02] -> /usr/lib/dovecot/libdovecot.so.0(+0x667ff) [0x7fe4a71877ff] -> /usr/lib/dovecot/libdovecot.so.0(i_stream_read+0x68) [0x7fe4a71a77a8] -> /usr/lib/dovecot/libdovecot.so.0(i_stream_read_data+0x3d) [0x7fe4a71a814d] -> /usr/lib/dovecot/libdovecot.so.0(message_get_header_size+0x53) [0x7fe4a71904b3] -> /usr/lib/dovecot/libdovecot-storage.so.0(imap_msgpart_open+0x257) [0x7fe4a74f6527] -> dovecot/imap(+0x1da42) [0x7fe4a797ea42] -> dovecot/imap(+0x1be3f) [0x7fe4a797ce3f] -> dovecot/imap(imap_fetch_more+0x37) [0x7fe4a797de97] -> dovecot/imap(cmd_fetch+0x316) [0x7fe4a7971946] -> dovecot/imap(command_exec+0x4c) [0x7fe4a797b8cc] -> dovecot/imap(+0x19830) [0x7fe4a797a830] -> dovecot/imap(+0x198c4) [0x7fe4a797a8c4] -> dovecot/imap(client_handle_input+0x115) [0x7fe4a797abc5] -> dovecot/imap(client_input+0x75) [0x7fe4a797afa5] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x5b) [0x7fe4a71b054b] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0xbb) [0x7fe4a71b15cb] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x9) [0x7fe4a71b05d9] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x38) [0x7fe4a71b0658] Jul 24 10:21:50 mx10 dovecot: imap(oleg.vasilyev at bgoperator.com): Fatal: master: service(imap): child 12820 killed with signal 6 (core dumped) Best regards, Sergey Schwartz Senior System Administrator Biblio Globus Tour Operator www.bgoperator.ru T: +7 495 5042500 ext 1532 E: sergey.schwartz at bgoperator.com 22.07.2015 13:48, Sergey Schwartz ?????: > Steffen, > > 2.2.18 (2de3c7248922) > > Best regards, > Sergey Schwartz > > Senior System Administrator > Biblio Globus Tour Operator > www.bgoperator.ru > > T: +7 495 5042500 ext 1532 > E: sergey.schwartz at bgoperator.com > > 22.07.2015 12:16, Steffen Kaiser ?????: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> On Wed, 22 Jul 2015, Sergey Schwartz wrote: >> >>> Should I report a bug or there is a workaround for this issue? >> >> which version of Dovecot do you run? If it is less than v2.2.18, you >> should try the most current one before reporting any bugs. >> >> - -- Steffen Kaiser >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1 >> >> iQEVAwUBVa9fbnz1H7kL/d9rAQJffgf/WQMGN4wI2+/Fi6TFom3/X4TMH+2STg9f >> G+RX7r0jwK5EmpvcHGHH2Xfh7l6xdpmJSgUp9mR0JEJpbb63IltjQcVvRSHlS2Yy >> Mr0PshtnBfNsNfnqQumBx47IGFZGGeUtWvez3P/whz4R1RhPQsVg+f8pbggMNYwl >> QrsAO/i9jCyWY2Q3m+juXkrZftmaSwesRgNwuEL56LhCgdn2JekC6yCg1LW8zaxJ >> lCd7smxDoYubLD/AvzKm3QB3PyN9Zx07jqsNjyHWUVpT+CjvsdcmneH1XIhRBVr8 >> 2U7wPTNr5VhdxPVgOLU5aDiL8rYdx+qgLOzgZLQ2Zrk3eiQZ5pkBkw== >> =Pkwb >> -----END PGP SIGNATURE----- > From tim at tree-of-life.co.uk Fri Jul 24 10:13:02 2015 From: tim at tree-of-life.co.uk (Tim Dickson) Date: Fri, 24 Jul 2015 11:13:02 +0100 Subject: POP3 getting previously delivered messages. In-Reply-To: <55B20773.9010006@zuken.co.uk> References: <55B20773.9010006@zuken.co.uk> Message-ID: <55B20FAE.7090208@tree-of-life.co.uk> On 24/07/2015 10:37, Jas Reehal wrote: > Hi All, > > This is my first post to this list. I have recently upgraded to > dovecot version 2.2.10. > > 1. I have one POP3 user who does not want to delete his email on the > server. > 2. He has accumulated over 19000 messages, and the 'dovecot.uidlist' > file has more than 19000 lines! > 3. Occasionally now when he has received one or more new emails, and > his email client does a 'get new mail' operation (POP3) > he begins to receive email he has already received previously. > > last time this happened all 19000+ messages were delivered again, > leaning to duplicate entries in all his mailboxes. > > I have reproduced this issue with a dummy email account with a POP3 > client, leaving all messages on the server. I have delivered 20000 > messages to this email account, each about 1.3k ins size and each > with .... > > Subject: Message number > Body containing "Message number " > where is 1 to 20000 > > now occasionally if I send another message to this email account, and > then check for new messages using a POP3 client I get more messages > downloaded than I expect! > > The 'dovecot.uidlist' file is not corrupt, but I beleive due ti it's > size (number of lines) the is an issue on compiling a > ' POP3 drop-list'. I have attached a file 'dovecot-a.txt' which shows > the 'dovecot -a' output from my server. > > Based on what I have investigated I believe that this issue may not be > correlated with a migration to version 2.2.10, but more to do with the > number of messages retained on the server. > > Is there anyone who has any insight into what is happening and if > there is any remedy, perhaps a "pop3_client_workarounds =" or other > POP3 or UIDL directive in the conf files? > > The user is stubbornly resisting migration to IMAP, because of the > time and effort he says will be required to replicate his organised > filing/storage of messages on the server. > not a fix for the technical issue, but it is very easy to delete the messages on the server, create an imap account on the same mua (email client) and then drag the emails/email folders from the pop account to the imap account. This will take a little while as the client instructs the imap server to recreate the structure server side. if you are using maildir format it is easy enough to check that the structure has been created properly. Then the pop account can be removed from the client, and his/her email directory structure has been preserved. I used this method when migrating users to dovecot using imap from their isp using pop, when using thunderbird email client, and one of those users has over 24000 emails. if using a different email client it is worth experimenting on a test account first. It is also a good idea to backup the emails first "just in case". regards, Tim > Kind Regards Jas Reehal > > From tim at timg.ws Tue Jul 21 06:25:37 2015 From: tim at timg.ws (Tim Groeneveld) Date: Tue, 21 Jul 2015 16:25:37 +1000 Subject: [Dovecot] Dovecot FTS using ElasticSearch In-Reply-To: References: <3995313.2035.1372306451028.JavaMail.root@timgws.com.au> Message-ID: <14eaf49f798.d8d59ec3889526.7932297373799289418@timg.ws> Hey James, I did make progress, however, I have dropped the code that I was working on in favor of Joshua Atkins' work on fts-elasticsearch. Check it out here: https://github.com/ascendantcom/fts-elasticsearch/ Regards, Tim ---- On Tue, 26 Aug 2014 03:09:12 +1000 James Devine wrote ---- > Tim, > > Had you made any progress on this? We've been using elasticsearch to index > our mail backup for a while now and I am interested in possibly using it to > index our live mail as well. > > > On Wed, Jun 26, 2013 at 11:14 PM, Tim Groeneveld wrote: > > > > > ----- Original Message ----- > > > I would like to know if is possible to use ElasticSearch instead of > > > Solr for FTS. > > > > I have started work on an ElasticSearch implementation based on fts-solr. > > > > There is still around 20-30 hours more work for me to do until it is > > complete > > (and I need to hunt down the reason for a random crash that happens every > > now and then) but I would be more then happy to share the code with you > > when I am done if you are interested? > > > > Regards, > > Tim > > > From andy at andybev.com Fri Jul 24 23:32:54 2015 From: andy at andybev.com (Andrew Beverley) Date: Sat, 25 Jul 2015 00:32:54 +0100 Subject: Segfaults after upgrade to Debian Jessie Message-ID: <1437780774.7496.7.camel@andybev.com> Hi, I've just upgrade from Debian Wheezy to Debian Jessie and am getting: Fatal: master: service(lmtp): child 6761 killed with signal 11 (core dumped) It seems to be something to do with sieve. When I disable that from lmtp then everything works fine. OS: Debian Jessie Dovecot version: 2.2.13 CPU: x86 This is the gdb output: Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". Core was generated by `dovecot/lmtp'. Program terminated with signal SIGSEGV, Segmentation fault. #0 0x00007f8e4c94f626 in sieve_validator_register_command () from /usr/lib/dovecot/libdovecot-sieve.so.0 And dovecot -n # 2.2.13: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-4-amd64 x86_64 Debian 8.1 ext3 auth_mechanisms = plain login dict { sieve = mysql:/etc/dovecot/pigeonhole-sieve.dict } mail_location = maildir:/var/mail/vhosts/%d/%n mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave vnd.dovecot.extdata namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { sieve = dict:proxy::sieve;name=active sieve_dir = ~/sieve sieve_extdata_dict_uri = proxy::sieve sieve_plugins = sieve_extdata } protocols = " imap lmtp sieve" service auth-worker { user = vmail } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } unix_listener auth-userdb { mode = 0600 user = vmail } user = dovecot } service dict { unix_listener dict { mode = 0600 user = vmail } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } ssl = required ssl_cert = Here is an example with APPEND $ /usr/lib/dovecot/imap S1: * PREAUTH [CAPABILITY IMAP4rev1 ? MOVE NOTIFY SPECIAL-USE] Logged in as guilhem C1: a1 NOTIFY SET (INBOXES (MessageNew MessageExpunge FlagChange)) S1: a1 OK NOTIFY completed (0.000 secs) $ /usr/lib/dovecot/imap S2: * PREAUTH [CAPABILITY IMAP4rev1 ? MOVE NOTIFY SPECIAL-USE] Logged in as guilhem C2: a2 APPEND INBOX {1+} C2: x S2: a2 OK [APPENDUID 1384472528 26085] Append completed (0.229 secs). With 2.13 from Debian Jessie, S1 sends a notification for the new message in INBOX, as expected: S1: * STATUS INBOX (MESSAGES 4333 UIDNEXT 26086 UNSEEN 1) However it doesn't with 2.18 from Debian Sid, as if ?INBOX? was excluded from the mailbox filter ?INBOXES?. It does send a notification for ?virtual/unseen? instead (as expected), but nothing for ?INBOX?. S1: * STATUS virtual/unseen (MESSAGES 3 UIDNEXT 15186 UNSEEN 3) This is INBOX-specific because APPENDING the message to another mailbox triggers the notification on both 2.13 and 2.18 as expected: S1: * STATUS test (MESSAGES 2 UIDNEXT 3 UNSEEN 2) S1: * STATUS virtual/unseen (MESSAGES 2 UIDNEXT 15195 UNSEEN 2) I attach the ?dovecot -n? output for both 2.13 and 2.18. -- Guilhem. -------------- next part -------------- # 2.2.13: /etc/dovecot/dovecot.conf # OS: Linux 3.16.0-4-amd64 x86_64 Debian 8.1 log_timestamp = "%Y-%m-%d %H:%M:%S " mail_location = mdbox:%h/mail mailbox_list_index = yes namespace inbox { inbox = yes location = mailbox DRAFTS { auto = create special_use = \Drafts } mailbox SENT { auto = subscribe special_use = \Sent } mailbox SPAM { auto = create special_use = \Junk } mailbox TRASH { auto = create special_use = \Trash } mailbox virtual/All { special_use = \All } mailbox virtual/Flagged { special_use = \Flagged } prefix = separator = / } passdb { args = scheme=SHA512-CRYPT username_format=%Ln /etc/dovecot/users driver = passwd-file } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = " imap lmtp" service auth-worker { user = $default_internal_user } service auth { unix_listener /var/spool/postfix/private/dovecot-auth { group = postfix mode = 0600 user = postfix } user = $default_internal_user } service imap-login { inet_listener imap { address = 127.0.0.1, ::1 port = 143 } inet_listener imaps { port = 993 ssl = yes } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } ssl = required ssl_ca = From guilhem at fripost.org Sun Jul 26 16:00:17 2015 From: guilhem at fripost.org (Guilhem Moulin) Date: Sun, 26 Jul 2015 18:00:17 +0200 Subject: "NOTIFY SET (mailboxes INBOX (...))" crashes the IMAP client In-Reply-To: <20150719172116.GA9515@localhost> References: <20150719172116.GA9515@localhost> Message-ID: <20150726160017.GA7065@localhost> On Sun, 19 Jul 2015 at 19:21:16 +0200, Guilhem Moulin wrote: > The "subtree" mailbox filter has the same problem, but the > non-parameterized ones ("inboxes", "personal" and "subscribed") work > fine. Actually there are further problem with the INBOX namespace, to which I'm subscribed: $ /usr/lib/dovecot/imap S1: * PREAUTH [CAPABILITY IMAP4rev1 ? MOVE NOTIFY SPECIAL-USE] Logged in as guilhem C1: a1 LIST "" (INBOX TRASH) RETURN (SUBSCRIBED) S1 * LIST (\Subscribed \UnMarked) "/" TRASH S1 * LIST (\Subscribed) "/" INBOX S1: a1 OK List completed (0.003 secs). C1: b1 NOTIFY SET (SUBSCRIBED (MessageNew MessageExpunge FlagChange)) S1: b1 OK NOTIFY completed (0.002 secs). $ /usr/lib/dovecot/imap S2: * PREAUTH [CAPABILITY IMAP4rev1 ? MOVE NOTIFY SPECIAL-USE] Logged in as guilhem C2: a2 APPEND INBOX {1+} C2: x S2: a2 OK [APPENDUID 1384472528 26087] Append completed (0.008 secs). This crashes S1 as well: S1: imap(guilhem): Panic: file mail-storage.c: line 1511 (mailbox_is_subscribed): assertion failed: (box->list->subscriptions != NULL) S1: imap(guilhem): Error: Raw backtrace: [?] S1: Aborted This might be related to [0] as it is INBOX-specific as well: APPENDing a message to TRASH (to which I'm also subscribed) triggers the MessageNew notification as expected. S1: * STATUS TRASH (MESSAGES 3407 UIDNEXT 113820 UNSEEN 1) -- Guilhem. [0] http://dovecot.org/pipermail/dovecot/2015-July/101514.html -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: Digital signature URL: From phoffman at proper.com Mon Jul 27 01:23:17 2015 From: phoffman at proper.com (Paul Hoffman) Date: Sun, 26 Jul 2015 18:23:17 -0700 Subject: Importing mbox archives into a inbox? Message-ID: <4FD20427-ECF1-4E6B-B6CF-833951B12744@proper.com> Greetings from a dovecot newbie. I have a bunch of mailing list archives (in mbox) format that I want to dump into the inbox for a particular account on the system. I want them to retain all of their information, particularly the date. I'm not seeing how to do this, but I could be missing it. Is this LDA or LMTP with some command-line options I'm not seeing? --Paul Hoffman From sca at andreasschulze.de Mon Jul 27 07:42:13 2015 From: sca at andreasschulze.de (A. Schulze) Date: Mon, 27 Jul 2015 09:42:13 +0200 Subject: Importing mbox archives into a inbox? In-Reply-To: <4FD20427-ECF1-4E6B-B6CF-833951B12744@proper.com> Message-ID: <20150727094213.Horde.2StVrU_dsNf_QeZdpAcHmTS@andreasschulze.de> Paul Hoffman: > Greetings from a dovecot newbie. I have a bunch of mailing list > archives (in mbox) format that I want to dump into the inbox for a > particular account on the system. I want them to retain all of their > information, particularly the date. I'm not seeing how to do this, > but I could be missing it. If you use Maildir at the destination I suggest http://www.dovecot.org/tools/mb2md.pl Andreas From r at sys4.de Mon Jul 27 08:51:16 2015 From: r at sys4.de (Ralf Hildebrandt) Date: Mon, 27 Jul 2015 10:51:16 +0200 Subject: doveadm import - strange warning In-Reply-To: <20150716084628.GA17953@sys4.de> References: <20150716084628.GA17953@sys4.de> Message-ID: <20150727085115.GB20452@sys4.de> Anybody seen this before? Seems easy to reproduce... * Ralf Hildebrandt : > I'm using the doveadm import command to extract mails from my backup: > > % doveadm import -u restore at backup.invalid mdbox:/home/copymail/mdbox "" \ > mailbox INBOX header Delivered-To backup+$SEARCHPATTERN at backup.invalid > > This works like a charm, I'm getting all the mails, and I can access > the newly generated mailbox. > > But when executing the command I'm getting an annoying warning: > > doveadm(restore at backup.invalid): Error: chdir(/root/) failed: Permission denied (euid=1001(copymail) egid=1001(copymail) missing +x perm: /root, dir owned by 0:0 mode=0700) > doveadm(restore at backup.invalid): Error: chdir(/root) failed: Permission denied -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From troeder at univention.de Mon Jul 27 09:19:52 2015 From: troeder at univention.de (=?UTF-8?B?RGFuaWVsIFRyw7ZkZXI=?=) Date: Mon, 27 Jul 2015 11:19:52 +0200 Subject: doveadm import - strange warning In-Reply-To: <20150727085115.GB20452@sys4.de> References: <20150716084628.GA17953@sys4.de> <20150727085115.GB20452@sys4.de> Message-ID: <55B5F7B8.8090209@univention.de> Am 27.07.2015 um 10:51 schrieb Ralf Hildebrandt: > Anybody seen this before? > Seems easy to reproduce... > > * Ralf Hildebrandt : >> I'm using the doveadm import command to extract mails from my backup: >> >> % doveadm import -u restore at backup.invalid mdbox:/home/copymail/mdbox "" \ >> mailbox INBOX header Delivered-To backup+$SEARCHPATTERN at backup.invalid >> >> This works like a charm, I'm getting all the mails, and I can access >> the newly generated mailbox. >> >> But when executing the command I'm getting an annoying warning: >> >> doveadm(restore at backup.invalid): Error: chdir(/root/) failed: Permission denied (euid=1001(copymail) egid=1001(copymail) missing +x perm: /root, dir owned by 0:0 mode=0700) >> doveadm(restore at backup.invalid): Error: chdir(/root) failed: Permission denied > Just guessing? The signature of the command is: doveadm [-Dv] import [-S socket_path] [-s] -u user source_location dest_parent search_query You supply "" as dest_parent which I guess could mean ".", and that may be "/root" when run as root. Try "INBOX" or "restore_folder" and see if the error vanishes. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From r at sys4.de Mon Jul 27 09:41:14 2015 From: r at sys4.de (Ralf Hildebrandt) Date: Mon, 27 Jul 2015 11:41:14 +0200 Subject: doveadm import - strange warning In-Reply-To: <55B5F7B8.8090209@univention.de> References: <20150716084628.GA17953@sys4.de> <20150727085115.GB20452@sys4.de> <55B5F7B8.8090209@univention.de> Message-ID: <20150727094113.GD20452@sys4.de> * Daniel Tr?der : > Just guessing? > > The signature of the command is: > doveadm [-Dv] import [-S socket_path] [-s] -u user source_location > dest_parent search_query > > You supply "" as dest_parent which I guess could mean ".", and that may > be "/root" when run as root. Try "INBOX" or "restore_folder" and see if > the error vanishes. With "INBOX", nothing changes on the output (although the script doesn't restore properly anymore) With ".", I get: doveadm(restore at backup.invalid): Error: chdir(/root/) failed: Permission denied (euid=1001(theid) egid=1001(theid) missing +x perm: /root, dir owned by 0:0 mode=0700) doveadm(restore at backup.invalid): Error: chdir(/root) failed: Permission denied doveadm(restore at backup.invalid): Error: Couldn't create mailbox ./INBOX: Invalid mailbox name: Contains '.' part I still think this is an obscure bug :) -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From piotr.rotter at active24.pl Mon Jul 27 11:50:51 2015 From: piotr.rotter at active24.pl (Piotr Rotter) Date: Mon, 27 Jul 2015 13:50:51 +0200 Subject: LMPT SSL Message-ID: <55B61B1B.7020709@active24.pl> Hello, I tryed to eneble TLS connection from postfix to dovecot lmtp. Unfortunely I have problem with certificate, postfix shows, 2015-07-27T12:51:15.025333+02:00 k30 postfix/lmtp[4572]: Untrusted TLS connection established to 192.168.67.30[192.168.67.30]:24: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits) I checked certs by openssl s_client: #openssl s_client -connect localhost:24 -showcerts -starttls smtp -CApath /etc/ssl/certs/ And I gets didn't found starttls in server response, try anyway... depth=0 OU = GT46258006, OU = See www.rapidssl.com/resources/cps (c)15, OU = Domain Control Validated - RapidSSL(R), CN = mail.active24.pl verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 OU = GT46258006, OU = See www.rapidssl.com/resources/cps (c)15, OU = Domain Control Validated - RapidSSL(R), CN = mail.active24.pl verify error:num=27:certificate not trusted verify return:1 depth=0 OU = GT46258006, OU = See www.rapidssl.com/resources/cps (c)15, OU = Domain Control Validated - RapidSSL(R), CN = mail.active24.pl verify error:num=21:unable to verify the first certificate verify return:1 It look likes dovecot lmtp send 3 times the same certificate. I made the same test for imap in the same dovecot instance: #openssl s_client -connect localhost:143 -showcerts -starttls imap -CApath /etc/ssl/certs/ CONNECTED(00000003) depth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CA verify return:1 depth=1 C = US, O = GeoTrust Inc., CN = RapidSSL SHA256 CA - G3 verify return:1 depth=0 OU = GT46258006, OU = See www.rapidssl.com/resources/cps (c)15, OU = Domain Control Validated - RapidSSL(R), CN = mail.active24.pl verify return:1 For imap it looks ok. Why lmtp shows wrong certs list # dovecot --version 2.2.16 -- Pozdrawiam! / Best regards! ------------------ Piotr Rotter Konsultant IT / IT Consultant =========================================== http://www.ACTIVE24.pl - Powerful hosting - surprisingly easy =========================================== ul. Barkoci?ska 6, 03-543 Warszawa PL Email: bok at active24.pl Tel: +48 222 950 446 From skdovecot at smail.inf.fh-brs.de Mon Jul 27 13:03:29 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Mon, 27 Jul 2015 15:03:29 +0200 (CEST) Subject: LMPT SSL In-Reply-To: <55B61B1B.7020709@active24.pl> References: <55B61B1B.7020709@active24.pl> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 27 Jul 2015, Piotr Rotter wrote: > I tryed to eneble TLS connection from postfix to dovecot lmtp. Unfortunely I > have problem with certificate, postfix shows, post the output of doveconf -n > > 2015-07-27T12:51:15.025333+02:00 k30 postfix/lmtp[4572]: Untrusted TLS > connection established to 192.168.67.30[192.168.67.30]:24: TLSv1.2 with > cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits) > > I checked certs by openssl s_client: > #openssl s_client -connect localhost:24 -showcerts -starttls smtp -CApath > /etc/ssl/certs/ > > And I gets > > didn't found starttls in server response, try anyway... > depth=0 OU = GT46258006, OU = See www.rapidssl.com/resources/cps (c)15, OU = > Domain Control Validated - RapidSSL(R), CN = mail.active24.pl > verify error:num=20:unable to get local issuer certificate > verify return:1 > depth=0 OU = GT46258006, OU = See www.rapidssl.com/resources/cps (c)15, OU = > Domain Control Validated - RapidSSL(R), CN = mail.active24.pl > verify error:num=27:certificate not trusted > verify return:1 > depth=0 OU = GT46258006, OU = See www.rapidssl.com/resources/cps (c)15, OU = > Domain Control Validated - RapidSSL(R), CN = mail.active24.pl > verify error:num=21:unable to verify the first certificate > verify return:1 > > It look likes dovecot lmtp send 3 times the same certificate. > I made the same test for imap in the same dovecot instance: > > #openssl s_client -connect localhost:143 -showcerts -starttls imap -CApath > /etc/ssl/certs/ > CONNECTED(00000003) > depth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CA > verify return:1 > depth=1 C = US, O = GeoTrust Inc., CN = RapidSSL SHA256 CA - G3 > verify return:1 > depth=0 OU = GT46258006, OU = See www.rapidssl.com/resources/cps (c)15, OU = > Domain Control Validated - RapidSSL(R), CN = mail.active24.pl > verify return:1 > > For imap it looks ok. Why lmtp shows wrong certs list > > # dovecot --version > 2.2.16 > > - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVbYsIXz1H7kL/d9rAQIDbgf/UTzRhj6ZiiuknCHjmmFRwdbTk+qclXbo vo2XtuH6V3WcuBoHwRedOiTuGH5g8WO2A+tl9wSSSvtw9TWurt2lLMfUsemWO4r4 zv7SwkTn2CVCIbZmC/3D1kqXHm08fuSo9Vn5/tgfgdOFwt5r4VfNkkp+zm72wFWT o6uzL+EXSGEqnm/R1hFdC9cDZqKuzQ3MK+8qasoCPgMAr4svN0lwdi+yATaxzjgj MviyKpdtQmA9gKRfLhptVcIP17rRNkoZKCS/Eboy6g/Rjf8c4C4Hn7lUbnx+kCVe Xk4Z2cmlPhl17iyvzo8Tvyeuu/gxDEXfa/xgwRGhp0xx3c+WBOrJSg== =a+SK -----END PGP SIGNATURE----- From piotr.rotter at active24.pl Mon Jul 27 15:13:54 2015 From: piotr.rotter at active24.pl (Piotr Rotter) Date: Mon, 27 Jul 2015 17:13:54 +0200 Subject: LMPT SSL In-Reply-To: References: <55B61B1B.7020709@active24.pl> Message-ID: <55B64AB2.3090603@active24.pl> # 2.2.16: /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.7 # OS: Linux 3.18.9-hardened x86_64 Gentoo Base System release 2.2 auth_mechanisms = plain login digest-md5 cram-md5 ntlm apop auth_verbose = yes default_client_limit = 10000 default_process_limit = 1000 default_vsz_limit = 512 M deliver_log_format = from=%f, msgid=%m, psize=%p: %$ disable_plaintext_auth = no dotlock_use_excl = no doveadm_password = yjH5KiEpCWAVLHtt lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes login_greeting = Active24 Sp. z o.o. login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %k session=<%{session}> login_trusted_networks = 192.168.67.0/27 mail_access_groups = vmail mail_fsync = always mail_gid = 502 mail_location = maildir:~/ mail_log_prefix = "%s(%u) session=<%{session}>: " mail_plugins = mail_log notify quota mail_uid = 502 maildir_very_dirty_syncs = yes mmap_disable = yes namespace inbox { inbox = yes location = mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Sent { auto = subscribe special_use = \Sent } mailbox Spam { auto = subscribe special_use = \Junk } mailbox Trash { auto = subscribe special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { autosubscribe = Trash autosubscribe2 = Spam autosubscribe3 = Sent autosubscribe4 = Drafts mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename append append mail_log_fields = box msgid from size quota = maildir quota2 = maildir:user quota quota_rule = *:storage=10GB quota_rule2 = *:messages=10000 quota_rule3 = Trash:storage=+10M quota_rule4 = Trash:messages=+100 quota_warning = storage=80%% quota-warning 80 %u quota_warning2 = storage=90%% quota-warning 90 %u quota_warning3 = storage=100%% quota-warning 100 %u sieve_global_path = /etc/dovecot/sieve/default.sieve } sendmail_path = /usr/sbin/postfix service auth { client_limit = 20000 unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } unix_listener auth-userdb { group = vmail mode = 0600 user = vmail } } service doveadm { unix_listener doveadm-server { mode = 0666 } } service imap-login { process_limit = 4096 process_min_avail = 6 service_count = 1000 } service imap { process_limit = 4096 process_min_avail = 6 service_count = 100 } service lmtp { inet_listener lmtp { address = 0.0.0.0 port = 24 ssl = yes } process_limit = 100 process_min_avail = 5 user = vmail } service pop3-login { process_limit = 4096 process_min_avail = 6 service_count = 1000 } service pop3 { process_limit = 4096 process_min_avail = 6 service_count = 100 } service quota-warning { executable = script /opt/bin/quota-warning unix_listener quota-warning { mode = 0600 user = vmail } user = vmail } ssl_ca = -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Mon, 27 Jul 2015, Piotr Rotter wrote: > >> I tryed to eneble TLS connection from postfix to dovecot lmtp. >> Unfortunely I have problem with certificate, postfix shows, > > post the output of doveconf -n > >> >> 2015-07-27T12:51:15.025333+02:00 k30 postfix/lmtp[4572]: Untrusted TLS >> connection established to 192.168.67.30[192.168.67.30]:24: TLSv1.2 >> with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits) >> >> I checked certs by openssl s_client: >> #openssl s_client -connect localhost:24 -showcerts -starttls smtp >> -CApath /etc/ssl/certs/ >> >> And I gets >> >> didn't found starttls in server response, try anyway... >> depth=0 OU = GT46258006, OU = See www.rapidssl.com/resources/cps >> (c)15, OU = Domain Control Validated - RapidSSL(R), CN = mail.active24.pl >> verify error:num=20:unable to get local issuer certificate >> verify return:1 >> depth=0 OU = GT46258006, OU = See www.rapidssl.com/resources/cps >> (c)15, OU = Domain Control Validated - RapidSSL(R), CN = mail.active24.pl >> verify error:num=27:certificate not trusted >> verify return:1 >> depth=0 OU = GT46258006, OU = See www.rapidssl.com/resources/cps >> (c)15, OU = Domain Control Validated - RapidSSL(R), CN = mail.active24.pl >> verify error:num=21:unable to verify the first certificate >> verify return:1 >> >> It look likes dovecot lmtp send 3 times the same certificate. >> I made the same test for imap in the same dovecot instance: >> >> #openssl s_client -connect localhost:143 -showcerts -starttls imap >> -CApath /etc/ssl/certs/ >> CONNECTED(00000003) >> depth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CA >> verify return:1 >> depth=1 C = US, O = GeoTrust Inc., CN = RapidSSL SHA256 CA - G3 >> verify return:1 >> depth=0 OU = GT46258006, OU = See www.rapidssl.com/resources/cps >> (c)15, OU = Domain Control Validated - RapidSSL(R), CN = mail.active24.pl >> verify return:1 >> >> For imap it looks ok. Why lmtp shows wrong certs list >> >> # dovecot --version >> 2.2.16 >> >> > > - -- Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iQEVAwUBVbYsIXz1H7kL/d9rAQIDbgf/UTzRhj6ZiiuknCHjmmFRwdbTk+qclXbo > vo2XtuH6V3WcuBoHwRedOiTuGH5g8WO2A+tl9wSSSvtw9TWurt2lLMfUsemWO4r4 > zv7SwkTn2CVCIbZmC/3D1kqXHm08fuSo9Vn5/tgfgdOFwt5r4VfNkkp+zm72wFWT > o6uzL+EXSGEqnm/R1hFdC9cDZqKuzQ3MK+8qasoCPgMAr4svN0lwdi+yATaxzjgj > MviyKpdtQmA9gKRfLhptVcIP17rRNkoZKCS/Eboy6g/Rjf8c4C4Hn7lUbnx+kCVe > Xk4Z2cmlPhl17iyvzo8Tvyeuu/gxDEXfa/xgwRGhp0xx3c+WBOrJSg== > =a+SK > -----END PGP SIGNATURE----- -- Best regards! Piotr Rotter From mindlessghost at live.com Mon Jul 27 21:21:31 2015 From: mindlessghost at live.com (josh schooler) Date: Mon, 27 Jul 2015 14:21:31 -0700 Subject: help, permissions issues Message-ID: Hey everyone I've tried changing the permissions with the file it is telling me is giving me the issue, restarted exim and the computer, but still can't get dovecot to start. 2.2.13 > dovecot -F doveconf: Fatal: Error in configuration file /etc/dovecot/conf.d/10-ssl.conf line 14: ssl_cert: Can't open file /etc/exim/openssl/exim.crt: Permission denied > dovecot -n # 2.2.13: /etc/dovecot/dovecot.conf # OS: Linux 3.16.7-21-desktop x86_64 openSUSE 13.2 (x86_64) auth_verbose = yes base_dir = /var/run/dovecot/ debug_log_path = /var/log/dovecot/debug doveadm_worker_count = 10 first_valid_uid = 1000 info_log_path = /var/log/dovecot/dovecot.info login_trusted_networks = 127.0.0.1 192.168.1.0/24 174.75.35.100 174.75.35.98 mail_location = mbox:~/mail:INBOX=/var/spool/mail/%u managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace inbox { inbox = yes location = prefix = } passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } pop3_uidl_format = %v-%u protocols = pop3 service pop3-login { inet_listener pop3s { port = 995 ssl = yes } } ssl_cert = Message-ID: <201507272147.t6RLlFeU010936@Mail.Linux-Consulting.com> hi > Hey everyone I've tried changing the permissions with the file it is telling me is giving me the issue, restarted exim and the computer, but still can't get dovecot to start. > > 2.2.13 > > dovecot -F > doveconf: Fatal: Error in configuration file /etc/dovecot/conf.d/10-ssl.conf line 14: ssl_cert: Can't open file /etc/exim/openssl/exim.crt: Permission denied wag ... chown root.root /etc/exim/openssl chmod 750 /etc/exim/openssl chown root.root /etc/exim/openssl/exim.* chmod 400 /etc/exim/openssl/exim.* OpenSSL certs should always be read only by root you might want to check the docs regarding uid/gid running dovecot and uid/gid of dovenull and permissions for the dovecot dir tree /etc/dovecot* wag ... i think it should not be owned by exim ... > ssl_cert = ssl_key = both of my other servers its owned by exim, the permissions in the other two servers are 644, and dovecot starts just fine on those, I don't know what happened I updated my server from opensuse 12.1 to 13.2 and now dovecot is refusing to start.> From: alvin.sm at Mail.Linux-Consulting.com> Subject: Re: help, permissions issues> To: dovecot at dovecot.org> Date: Mon, 27 Jul 2015 14:47:14 -0700> CC: alvin.sm at Mail.Linux-Consulting.com> > > hi> > > Hey everyone I've tried changing the permissions with the file it is telling me is giving me the issue, restarted exim and the computer, but still can't get dovecot to start.> > > > 2.2.13> > > dovecot -F> > doveconf: Fatal: Error in configuration file /etc/dovecot/conf.d/10-ssl.conf line 14: ssl_cert: Can't open file /etc/exim/openssl/exim.crt: Permission denied> > wag ...> > chown root.root /etc/exim/openssl> chmod 750 /etc/exim/openssl> > chown root.root /etc/exim/openssl/exim.*> chmod 400 /etc/exim/openssl/exim.*> > OpenSSL certs should always be read only by root> > you might want to check the docs regarding uid/gid running dovecot > and uid/gid of dovenull> and permissions for the dovecot dir tree /etc/dovecot*> > wag ... i think it should not be owned by exim> > ...> > > ssl_cert = > ssl_key = > pixie dust> alvin> - http://NetworkNightmare.net/OpenSSL> - http://DDos-Mitigator.net From tmorehen at ajmconsulting.ca Tue Jul 28 02:23:42 2015 From: tmorehen at ajmconsulting.ca (Tony Morehen) Date: Mon, 27 Jul 2015 22:23:42 -0400 Subject: \ help, permissions =?windows-1256?Q?issues=FE?= In-Reply-To: References: Message-ID: <55B6E7AE.7020207@ajmconsulting.ca> Try turning off Apparmor. When I did the same OpenSuSE upgrade, Apparmor messed up my dovecot installation with similar errors. I disabled Apparmor and the permissions issues disappeared. BTW, I gave up trying to re-configure Apparmor and have left it disabled with no issues. On 27/07/2015 9:32 PM, josh schooler wrote: > both of my other servers its owned by exim, the permissions in the other two servers are 644, and dovecot starts just fine on those, I don't know what happened I updated my server from opensuse 12.1 to 13.2 and now dovecot is refusing to start.> From: alvin.sm at Mail.Linux-Consulting.com> Subject: Re: help, permissions issues> To: dovecot at dovecot.org> Date: Mon, 27 Jul 2015 14:47:14 -0700> CC: alvin.sm at Mail.Linux-Consulting.com> > > hi> > > Hey everyone I've tried changing the permissions with the file it is telling me is giving me the issue, restarted exim and the computer, but still can't get dovecot to start.> > > > 2.2.13> > > dovecot -F> > doveconf: Fatal: Error in configuration file /etc/dovecot/conf.d/10-ssl.conf line 14: ssl_cert: Can't open file /etc/exim/openssl/exim.crt: Permission denied> > wag ...> > chown root.root /etc/exim/openssl> chmod 750 /etc/exim/openssl> > chown root.root /etc/exim/openssl/exim.*> chmod 400 /etc/exim/openssl/exim.*> > OpenSSL certs should always be read only by root> > you might want to check the docs regarding uid/gid running dovecot > and uid/gid of dovenull> and permissions for the dovecot dir tree /etc/dovecot*> > wag ... i think it should not be owned by exim> > ...> > > ssl_cert = > ssl_key = > pixie dust> alvin> - http://NetworkNightmare.net/OpenSSL> - http://DDos-Mitigator.net From mindlessghost at live.com Tue Jul 28 03:40:29 2015 From: mindlessghost at live.com (josh schooler) Date: Mon, 27 Jul 2015 20:40:29 -0700 Subject: =?windows-1256?Q?RE:_\_help?= =?windows-1256?Q?=2C_permissi?= =?windows-1256?Q?ons_issues?= =?windows-1256?Q?=FE?= In-Reply-To: <55B6E7AE.7020207@ajmconsulting.ca> References: , <55B6E7AE.7020207@ajmconsulting.ca> Message-ID: Tried disabling apparmor still a no go. > Date: Mon, 27 Jul 2015 22:23:42 -0400 > From: tmorehen at ajmconsulting.ca > To: dovecot at dovecot.org > Subject: Re: \ help, permissions issues? > > Try turning off Apparmor. When I did the same OpenSuSE upgrade, > Apparmor messed up my dovecot installation with similar errors. I > disabled Apparmor and the permissions issues disappeared. BTW, I gave > up trying to re-configure Apparmor and have left it disabled with no > issues. > > On 27/07/2015 9:32 PM, josh schooler wrote: > > both of my other servers its owned by exim, the permissions in the other two servers are 644, and dovecot starts just fine on those, I don't know what happened I updated my server from opensuse 12.1 to 13.2 and now dovecot is refusing to start.> From: alvin.sm at Mail.Linux-Consulting.com> Subject: Re: help, permissions issues> To: dovecot at dovecot.org> Date: Mon, 27 Jul 2015 14:47:14 -0700> CC: alvin.sm at Mail.Linux-Consulting.com> > > hi> > > Hey everyone I've tried changing the permissions with the file it is telling me is giving me the issue, restarted exim and the computer, but still can't get dovecot to start.> > > > 2.2.13> > > dovecot -F> > doveconf: Fatal: Error in configuration file /etc/dovecot/conf.d/10-ssl.conf line 14: ssl_cert: Can't open file /etc/exim/openssl/exim.crt: Permission denied> > wag ...> > chown root.root /etc/exim/openssl> chmod 750 /etc/exim/openssl> > chown root.root /etc/exim/openssl/exim.*> chmod 400 /etc/exim/openssl/exim.*> > OpenSSL certs should always be read only by root> > you might want to check the docs regarding uid/gid running dovecot > and uid/gid of dovenull> and permissions for the dovecot dir tree /etc/dovecot*> > wag ... i think it should not be owned by exim> > ...> > > ssl_cert = > ssl_key = > pixie dust> alvin> - http://NetworkNightmare.net/OpenSSL> - http://DDos-Mitigator.net From mborgelt at borgelt.org Tue Jul 28 07:12:15 2015 From: mborgelt at borgelt.org (Michael Borgelt) Date: Tue, 28 Jul 2015 09:12:15 +0200 Subject: Dovecot 2.2.18 Panic: file index-mail-binary.c Message-ID: <20150728091215.Horde.gmc7i3jGADyFKBjMowoMTOj@hermes.dg4yfa.org> Hi, I got the following in my dovecot log's on an particular email message with dovecot-imap. ---snip--- Jul 28 08:42:11 hermes dovecot: imap(mborgelt): Panic: file index-mail-binary.c: line 354 (blocks_count_lines): assertion failed: (ret == -1) Jul 28 08:42:11 hermes dovecot: imap(mborgelt): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x740f2) [0xb75780f2] -> /usr/lib/dovecot/libdovecot.so.0(+0x74212) [0xb7578212] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0xb7520484] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x99bbb) [0xb76abbbb] -> /usr/lib/dovecot/libdovecot-storage.so.0(index_mail_get_binary_stream+0x92) [0xb76ac122] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_get_binary_stream+0x72) [0xb7639172] -> /usr/lib/dovecot/libdovecot-storage.so.0(imap_msgpart_open+0x183) [0xb76ed323] -> dovecot/imap(+0x1a2b4) [0x800c32b4] -> dovecot/imap(+0x18907) [0x800c1907] -> dovecot/imap(imap_fetch_more+0x3d) [0x800c2aad] -> dovecot/imap(cmd_fetch+0x359) [0x800b5299] -> dovecot/imap(command_exec+0x4f) [0x800bff1f] -> dovecot/imap(+0x15c3b) [0x800bec3b] -> dovecot/imap(+0x15cc9) [0x800becc9] -> dovecot/imap(client_handle_input+0x13d) [0x800bf03d] -> dovecot/imap(client_input+0x95) [0x800bf445] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x5e) [0xb758c2fe] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0xe2) [0xb758d522] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x1a) [0xb758c38a] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x49) [0xb758c419] -> /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x25) [0xb75261a5] -> dovecot/imap(main+0x384) [0x800b1f54] -> /lib/i386-linux-gnu/i686/cmov/libc.so.6(__libc_start_main+0xf3) [0xb735ea63] -> dovecot/imap(+0x913a) [0x800b213a] Jul 28 08:42:11 hermes dovecot: imap(mborgelt): Fatal: master: service(imap): child 30866 killed with signal 6 (core dumped) ---snip--- The dovecot -n output. ---snip--- # 2.2.18: /etc/dovecot/dovecot.conf # OS: Linux 4.1.3 i686 Debian stretch/sid lda_mailbox_autocreate = yes login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c %k mail_location = maildir:~/Maildir mailbox_list_index = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } plugin { antispam_allow_append_to_spam = no antispam_backend = pipe antispam_debug_target = syslog antispam_pipe_program = /usr/local/bin/sa-learn.sh antispam_pipe_program_notspam_arg = --ham antispam_pipe_program_spam_arg = --spam antispam_spam = Junk antispam_trash = Trash antispam_verbose_debug = 1 sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_vacation_send_from_recipient = yes } protocols = " imap sieve" ssl_cert = This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "i586-linux-gnu". Type "show configuration" for configuration details. For bug reporting instructions, please see: . Find the GDB manual and other documentation resources online at: . For help, type "help". Type "apropos word" to search for commands related to "word"... Reading symbols from /usr/lib/dovecot/imap...(no debugging symbols found)...done. [New LWP 30866] Core was generated by `dovecot/imap'. Program terminated with signal SIGABRT, Aborted. #0 0xb7764b60 in __kernel_vsyscall () ---snip--- And this is the offending email: ---snip--- Return-Path: X-Original-To: mborgelt at localhost Delivered-To: mborgelt at localhost Received: from localhost (localhost [127.0.0.1]) by hermes.dg4yfa.org (Postfix) with ESMTP id 9B7E6520BAD for ; Tue, 28 Jul 2015 04:38:45 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at hermes.dg4yfa.org Received: from hermes.dg4yfa.org ([127.0.0.1]) by localhost (hermes.dg4yfa.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PUqAdlewtXE3 for ; Tue, 28 Jul 2015 04:38:43 +0200 (CEST) Received: from pop3.1blu.de (localhost [127.0.0.1]) by hermes.dg4yfa.org (Postfix) with ESMTP id 4EC74520A86 for ; Tue, 28 Jul 2015 04:38:43 +0200 (CEST) Delivered-To: Received: from ms-10.1blu.de ([178.254.4.101]) by mb-17.1blu.de (Dovecot) with LMTP id KpihOJzptlWyFgAAZwzaeA for ; Tue, 28 Jul 2015 04:31:56 +0200 Received: from [209.132.180.67] (helo=vger.kernel.org) by ms-10.1blu.de with esmtp (Exim 4.76) (envelope-from ) id 1ZJugO-0003Zs-BC for michael at borgelt.org; Tue, 28 Jul 2015 04:31:56 +0200 Received: (majordomo at vger.kernel.org) by vger.kernel.org via listexpand id S1754900AbbG1Cbl (ORCPT ); Mon, 27 Jul 2015 22:31:41 -0400 Received: from smtp74.iad3a.emailsrvr.com ([173.203.187.74]:59595 "EHLO smtp74.iad3a.emailsrvr.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754333AbbG1Cbk (ORCPT ); Mon, 27 Jul 2015 22:31:40 -0400 X-Greylist: delayed 541 seconds by postgrey-1.27 at vger.kernel.org; Mon, 27 Jul 2015 22:31:40 EDT Received: from smtp26.relay.iad3a.emailsrvr.com (localhost.localdomain [127.0.0.1]) by smtp26.relay.iad3a.emailsrvr.com (SMTP Server) with ESMTP id 54B4C801BA; Mon, 27 Jul 2015 22:22:38 -0400 (EDT) Received: from smtp192.mex08.mlsrvr.com (unknown [74.205.9.160]) by smtp26.relay.iad3a.emailsrvr.com (SMTP Server) with ESMTPS id 1D84C8018F; Mon, 27 Jul 2015 22:22:38 -0400 (EDT) X-Sender-Id: xiaoquan.li at vivantecorp.com Received: from smtp192.mex08.mlsrvr.com ([UNAVAILABLE]. [74.205.9.160]) (using TLSv1 with cipher AES256-SHA) by 0.0.0.0:25 (trex/5.4.2); Tue, 28 Jul 2015 02:22:38 GMT Received: from MBX05B-IAD3.mex08.mlsrvr.com (172.29.17.24) by MBX05A-IAD3.mex08.mlsrvr.com (172.29.17.23) with Microsoft SMTP Server (TLS) id 15.0.1044.25; Mon, 27 Jul 2015 22:22:37 -0400 Received: from MBX05B-IAD3.mex08.mlsrvr.com ([fe80::7d8e:af8c:8538:7e20]) by MBX05B-IAD3.mex08.mlsrvr.com ([fe80::7d8e:af8c:8538:7e20%21]) with mapi id 15.00.1044.021; Mon, 27 Jul 2015 22:22:37 -0400 From: Xiaoquan Li To: Benjamin Gaignard , "linux-media at vger.kernel.org" , "Linux Kernel Mailing List" , "dri-devel at lists.freedesktop.org" , "Hans Verkuil" , Laurent Pinchart , Daniel Vetter , Rob Clark , Thierry Reding , "Sumit Semwal" , Tom Cooksey , "Daniel Stone" CC: Linaro MM SIG Mailman List Subject: RE: [Linaro-mm-sig] [PATCH v3 0/2] RFC: Secure Memory Allocation Framework Thread-Topic: [Linaro-mm-sig] [PATCH v3 0/2] RFC: Secure Memory Allocation Framework Thread-Index: AQHQuwv8BuA+2hTILk+/oDnwCSiUlp3vdmmAgADK2CA= Date: Tue, 28 Jul 2015 02:22:37 +0000 Message-ID: References: <1436531290-23191-1-git-send-email-benjamin.gaignard at linaro.org> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-exchange-transport-fromentityheader: Hosted x-originating-ip: [172.29.9.17] Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 MIME-Version: 1.0 Sender: linux-media-owner at vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-media at vger.kernel.org X-Envelope-To: michael at borgelt.org SGkgQmVuamFtaW4sDQoNCkl0IGxvb2tzIGxpa2UgdGhpcyBmcmFtZXdvcmsgb25seSBhbGxvd3Mg dXNlciBzcGFjZSBjbGllbnQgdG8gdGFsayB3aXRoIHRydXN0IGFwcGxpY2F0aW9uLCBpdCB0aGVy ZSBhIHBsYW4gdG8gcHJvdmlkZSBrZXJuZWwgc2lkZSBBUElzIGZvciBrZXJuZWwgc3BhY2UgY2xp ZW50Pw0KDQpQbGVhc2UgY29ycmVjdCBtZSBpZiBteSB1bmRlcnN0YW5kaW5nIGlzIHdyb25nLg0K DQpUaGFua3MNCg0KWGlhb3F1YW4NCg0KLS0tLS1PcmlnaW5hbCBNZXNzYWdlLS0tLS0NCkZyb206 IExpbmFyby1tbS1zaWcgW21haWx0bzpsaW5hcm8tbW0tc2lnLWJvdW5jZXNAbGlzdHMubGluYXJv Lm9yZ10gT24gQmVoYWxmIE9mIEJlbmphbWluIEdhaWduYXJkDQpTZW50OiBNb25kYXksIEp1bHkg MjcsIDIwMTUgNjoxMiBQTQ0KVG86IGxpbnV4LW1lZGlhQHZnZXIua2VybmVsLm9yZzsgTGludXgg S2VybmVsIE1haWxpbmcgTGlzdDsgZHJpLWRldmVsQGxpc3RzLmZyZWVkZXNrdG9wLm9yZzsgSGFu cyBWZXJrdWlsOyBMYXVyZW50IFBpbmNoYXJ0OyBEYW5pZWwgVmV0dGVyOyBSb2IgQ2xhcms7IFRo aWVycnkgUmVkaW5nOyBTdW1pdCBTZW13YWw7IFRvbSBDb29rc2V5OyBEYW5pZWwgU3RvbmUNCkNj OiBMaW5hcm8gTU0gU0lHIE1haWxtYW4gTGlzdA0KU3ViamVjdDogUmU6IFtMaW5hcm8tbW0tc2ln XSBbUEFUQ0ggdjMgMC8yXSBSRkM6IFNlY3VyZSBNZW1vcnkgQWxsb2NhdGlvbiBGcmFtZXdvcmsN Cg0KSGkgYWxsLA0KDQpUaGlzIHRocmVhZCBkb2Vzbid0IGdldCBhbnkgZmVlZGJhY2suLi4NCg0K V2hhdCB3b3VsZCBiZSBncmVhdCBpcyB0byBrbm93IGlmIHRoaXMgZnJhbWV3b3JrIHByb3Bvc2Fs IGZpciB3aXRoDQp5b3VyIHBsYXRmb3JtIG5lZWRzLg0KDQpNYXliZSBJIGhhdmVuJ3QgY29weSB0 aGUgZ29vZCBtYWlsaW5nIGxpc3RzIHNvIGlmIHlvdSB0aGluayB0aGVyZSBpcw0KYmV0dGVyIG9u ZXMgZG8gbm90IGhlc2l0YXRlIHRvIGZvcndhcmQuDQoNClJlZ2FyZHMsDQpCZW5qYW1pbg0KDQoN CjIwMTUtMDctMTAgMTQ6MjggR01UKzAyOjAwIEJlbmphbWluIEdhaWduYXJkIDxiZW5qYW1pbi5n YWlnbmFyZEBsaW5hcm8ub3JnPjoNCj4gdmVyc2lvbiAzIGNoYW5nZXM6DQo+ICAtIFJlbW92ZSBp b2N0bCBmb3IgYWxsb2NhdG9yIHNlbGVjdGlvbiBpbnN0ZWFkIHByb3ZpZGUgdGhlIG5hbWUgb2YN Cj4gICAgdGhlIHRhcmdldGVkIGFsbG9jYXRvciB3aXRoIGFsbG9jYXRpb24gcmVxdWVzdC4NCj4g ICAgU2VsZWN0aW5nIGFsbG9jYXRvciBmcm9tIHVzZXJsYW5kIGlzbid0IHRoZSBwcmVmZXJlZCB3 YXkgb2Ygd29ya2luZw0KPiAgICBidXQgaXMgbmVlZGVkIHdoZW4gdGhlIGZpcnN0IHVzZXIgb2Yg dGhlIGJ1ZmZlciBpcyBhIHNvZnR3YXJlIGNvbXBvbmVudC4NCj4gIC0gRml4IGlzc3VlcyBpbiBj YXNlIG9mIGVycm9yIHdoaWxlIGNyZWF0aW5nIHNtYWYgaGFuZGxlLg0KPiAgLSBGaXggbW9kdWxl IGxpY2Vuc2UuDQo+ICAtIFVwZGF0ZSBsaWJzbWFmIGFuZCB0ZXN0cyB0byBjYXJlIG9mIHRoZSBT TUFGIEFQSSBldm9sdXRpb24NCj4gICAgaHR0cHM6Ly9naXQubGluYXJvLm9yZy9wZW9wbGUvYmVu amFtaW4uZ2FpZ25hcmQvbGlic21hZi5naXQNCj4NCj4gdmVyc2lvbiAyIGNoYW5nZXM6DQo+ICAt IEFkZCBvbmUgaW9jdGwgdG8gYWxsb3cgYWxsb2NhdG9yIHNlbGVjdGlvbiBmcm9tIHVzZXJzcGFj ZS4NCj4gICAgVGhpcyBpcyByZXF1aXJlZCBmb3IgdGhlIHVzZXMgY2FzZSB3aGVyZSB0aGUgZmly c3QgdXNlciBvZg0KPiAgICB0aGUgYnVmZmVyIGlzIGEgc29mdHdhcmUgSVAgd2hpY2ggY2FuJ3Qg cGVyZm9ybSBkbWFfYnVmIGF0dGFjaGVtZW50Lg0KPiAgLSBBZGQgbmFtZSBhbmQgcmFua2luZyB0 byBhbGxvY2F0b3Igc3RydWN0dXJlIHRvIGJlIGFibGUgdG8gc29ydCB0aGVtLg0KPiAgLSBDcmVh dGUgYSB0aW55IGxpYnJhcnkgdG8gdGVzdCBTTUFGOg0KPiAgICBodHRwczovL2dpdC5saW5hcm8u b3JnL3Blb3BsZS9iZW5qYW1pbi5nYWlnbmFyZC9saWJzbWFmLmdpdA0KPiAgLSBGaXggb25lIGlz c3VlIHdoZW4gdHJ5IHRvIHNlY3VyZSBidWZmZXIgd2l0aG91dCBzZWN1cmUgbW9kdWxlIHJlZ2lz dGVyZWQNCj4NCj4gVGhlIG91dGNvbWUgb2YgdGhlIHByZXZpb3VzIFJGQyBhYm91dCBob3cgZG8g c2VjdXJlIGRhdGEgcGF0aCB3YXMgdGhlIG5lZWQNCj4gb2YgYSBzZWN1cmUgbWVtb3J5IGFsbG9j YXRvciAoaHR0cHM6Ly9sa21sLm9yZy9sa21sLzIwMTUvNS81LzU1MSkNCj4NCj4gU01BRiBnb2Fs IGlzIHRvIHByb3ZpZGUgYSBmcmFtZXdvcmsgdGhhdCBhbGxvdyBhbGxvY2F0aW5nIGFuZCBzZWN1 cmluZw0KPiBtZW1vcnkgYnkgdXNpbmcgZG1hX2J1Zi4gRWFjaCBwbGF0Zm9ybSBoYXZlIGl0IG93 biB3YXkgdG8gcGVyZm9ybSB0aG9zZSB0d28NCj4gZmVhdHVyZXMgc28gU01BRiBkZXNpZ24gYWxs b3cgdG8gcmVnaXN0ZXIgaGVscGVyIG1vZHVsZXMgdG8gcGVyZm9ybSB0aGVtLg0KPg0KPiBUbyBi ZSBzdXJlIHRvIHNlbGVjdCB0aGUgYmVzdCBhbGxvY2F0aW9uIG1ldGhvZCBmb3IgZGV2aWNlcyBT TUFGIGltcGxlbWVudA0KPiBkZWZlcnJlZCBhbGxvY2F0aW9uIG1lY2hhbmlzbTogbWVtb3J5IGFs bG9jYXRpb24gaXMgb25seSBkb25lIHdoZW4gdGhlIGZpcnN0DQo+IGRldmljZSBlZmZlY3RpdmVs eSByZXF1aXJlZCBpdC4NCj4gQWxsb2NhdG9yIG1vZHVsZXMgaGF2ZSB0byBpbXBsZW1lbnQgYSBt YXRjaCgpIHRvIGxldCBTTUFGIGtub3cgaWYgdGhleSBhcmUNCj4gY29tcGF0aWJsZXMgd2l0aCBk ZXZpY2VzIG5lZWRzLg0KPiBUaGlzIHBhdGNoIHNldCBwcm92aWRlIGFuIGV4YW1wbGUgb2YgYWxs b2NhdG9yIG1vZHVsZSB3aGljaCB1c2UNCj4gZG1hX3thbGxvYy9mcmVlL21tYXB9X2F0dHJzKCkg YW5kIGNoZWNrIGlmIGF0IGxlYXN0IG9uZSBkZXZpY2UgaGF2ZQ0KPiBjb2hlcmVudF9kbWFfbWFz ayBzZXQgdG8gRE1BX0JJVF9NQVNLKDMyKSBpbiBtYXRjaCBmdW5jdGlvbi4NCj4gSSBoYXZlIG5h bWVkIHNtYWYtY21hLmMgbGlrZSBpdCBpcyBkb25lIGZvciBkcm1fZ2VtX2NtYV9oZWxwZXIuYyBl dmVuIGlmDQo+IGEgYmV0dGVyIG5hbWUgY291bGQgYmUgZm91bmQgZm9yIHRoaXMgZmlsZS4NCj4N Cj4gU2VjdXJlIG1vZHVsZXMgYXJlIHJlc3BvbnNpYmxlcyBvZiBncmFudGluZyBhbmQgcmV2b2tp bmcgZGV2aWNlcyBhY2Nlc3MgcmlnaHRzDQo+IG9uIHRoZSBtZW1vcnkuIFNlY3VyZSBtb2R1bGUg aXMgYWxzbyBjYWxsZWQgdG8gY2hlY2sgaWYgQ1BVIG1hcCBtZW1vcnkgaW50bw0KPiBrZXJuZWwg YW5kIHVzZXIgYWRkcmVzcyBzcGFjZXMuDQo+IEFuIGV4YW1wbGUgb2Ygc2VjdXJlIG1vZHVsZSBp bXBsZW1lbnRhdGlvbiBjYW4gYmUgZm91bmQgaGVyZToNCj4gaHR0cDovL2dpdC5saW5hcm8ub3Jn L3Blb3BsZS9iZW5qYW1pbi5nYWlnbmFyZC9vcHRlZS1zZHAuZ2l0DQo+IFRoaXMgY29kZSBpc24n dCB5ZXQgcGFydCBvZiB0aGUgcGF0Y2ggc2V0IGJlY2F1c2UgaXQgZGVwZW5kcyBvbiBnZW5lcmlj IFRFRQ0KPiB3aGljaCBpcyBzdGlsbCB1bmRlciBkaXNjdXNzaW9uIChodHRwczovL2x3bi5uZXQv QXJ0aWNsZXMvNjQ0NjQ2LykNCj4NCj4gRm9yIGFsbG9jYXRpb24gcGFydCBvZiBTTUFGIGNvZGUg SSBnZXQgaW5zcGlyYXRlZCBieSBTdW1pdCBTZW13YWwgd29yayBhYm91dA0KPiBjb25zdHJhaW50 IGF3YXJlIGFsbG9jYXRvci4NCj4NCj4gQmVuamFtaW4gR2FpZ25hcmQgKDIpOg0KPiAgIGNyZWF0 ZSBTTUFGIG1vZHVsZQ0KPiAgIFNNQUY6IGFkZCBDTUEgYWxsb2NhdG9yDQo+DQo+ICBkcml2ZXJz L0tjb25maWcgICAgICAgICAgICAgICAgfCAgIDIgKw0KPiAgZHJpdmVycy9NYWtlZmlsZSAgICAg ICAgICAgICAgIHwgICAxICsNCj4gIGRyaXZlcnMvc21hZi9LY29uZmlnICAgICAgICAgICB8ICAx MSArDQo+ICBkcml2ZXJzL3NtYWYvTWFrZWZpbGUgICAgICAgICAgfCAgIDIgKw0KPiAgZHJpdmVy cy9zbWFmL3NtYWYtY21hLmMgICAgICAgIHwgMjAwICsrKysrKysrKysrDQo+ICBkcml2ZXJzL3Nt YWYvc21hZi1jb3JlLmMgICAgICAgfCA3MzUgKysrKysrKysrKysrKysrKysrKysrKysrKysrKysr KysrKysrKysrKysNCj4gIGluY2x1ZGUvbGludXgvc21hZi1hbGxvY2F0b3IuaCB8ICA1NCArKysN Cj4gIGluY2x1ZGUvbGludXgvc21hZi1zZWN1cmUuaCAgICB8ICA2MiArKysrDQo+ICBpbmNsdWRl L3VhcGkvbGludXgvc21hZi5oICAgICAgfCAgNTIgKysrDQo+ICA5IGZpbGVzIGNoYW5nZWQsIDEx MTkgaW5zZXJ0aW9ucygrKQ0KPiAgY3JlYXRlIG1vZGUgMTAwNjQ0IGRyaXZlcnMvc21hZi9LY29u ZmlnDQo+ICBjcmVhdGUgbW9kZSAxMDA2NDQgZHJpdmVycy9zbWFmL01ha2VmaWxlDQo+ICBjcmVh dGUgbW9kZSAxMDA2NDQgZHJpdmVycy9zbWFmL3NtYWYtY21hLmMNCj4gIGNyZWF0ZSBtb2RlIDEw MDY0NCBkcml2ZXJzL3NtYWYvc21hZi1jb3JlLmMNCj4gIGNyZWF0ZSBtb2RlIDEwMDY0NCBpbmNs dWRlL2xpbnV4L3NtYWYtYWxsb2NhdG9yLmgNCj4gIGNyZWF0ZSBtb2RlIDEwMDY0NCBpbmNsdWRl L2xpbnV4L3NtYWYtc2VjdXJlLmgNCj4gIGNyZWF0ZSBtb2RlIDEwMDY0NCBpbmNsdWRlL3VhcGkv bGludXgvc21hZi5oDQo+DQo+IC0tDQo+IDEuOS4xDQo+DQoNCg0KDQotLSANCkJlbmphbWluIEdh aWduYXJkDQoNCkdyYXBoaWMgV29ya2luZyBHcm91cA0KDQpMaW5hcm8ub3JnIOKUgiBPcGVuIHNv dXJjZSBzb2Z0d2FyZSBmb3IgQVJNIFNvQ3MNCg0KRm9sbG93IExpbmFybzogRmFjZWJvb2sgfCBU d2l0dGVyIHwgQmxvZw0KX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX18NCkxpbmFyby1tbS1zaWcgbWFpbGluZyBsaXN0DQpMaW5hcm8tbW0tc2lnQGxpc3RzLmxp bmFyby5vcmcNCmh0dHBzOi8vbGlzdHMubGluYXJvLm9yZy9tYWlsbWFuL2xpc3RpbmZvL2xpbmFy by1tbS1zaWcNCg== -- To unsubscribe from this list: send the line "unsubscribe linux-media" in the body of a message to majordomo at vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html ---snip--- Ask if you need the complete core dump. Regards, Michael. -- Michael Borgelt e-mail: mborgelt at borgelt.org -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2640 bytes Desc: S/MIME-Signatur URL: From giunta at sissa.it Tue Jul 28 09:13:34 2015 From: giunta at sissa.it (Marco Giunta) Date: Tue, 28 Jul 2015 11:13:34 +0200 Subject: sharing INBOX with ACL -> share all folders Message-ID: <55B747BE.7010500@sissa.it> Hi at all, I have a problem with ACL; I want to share INBOX and Sent folder to an other user, but when I configure ACL on INBOX, all folders are shared (Sent, Junk, Draft, Trash, etc) # doveadm acl get -u janedoe INBOX ID Global Rights user=johndoe expunge insert lookup post read write write-deleted write-seen # doveadm acl get -u janedoe Sent ID Global Rights user=johndoe expunge insert lookup post read write write-deleted write-seen # doveadm acl get -u janedoe Trash ID Global Rights # doveadm acl get -u janedoe Drafts ID Global Rights # doveadm acl get -u janedoe Junk ID Global Rights # doveadm mailbox list -u johndoe Trash Junk Drafts Sent Archives Archives.2015 Other Users Other Users.janedoe Other Users.janedoe.Junk Other Users.janedoe.Drafts Other Users.janedoe.Sent Other Users.janedoe.Trash Other Users.janedoe.INBOX INBOX If I remove the INBOX ACL, only 'Sent' folder is shared, as expected: # doveadm acl delete -u janedoe INBOX johndoe # doveadm mailbox list -u provahe Trash Trash.saved-messages Junk Drafts Sent INBOX_spam Archives Archives.2015 Archives.2015.INBOX_spam Other Users Other Users.janedoe Other Users.janedoe.Sent INBOX My Dovecot instance use a single user, and all my mailboxes use standard maildir files: drwx------ 9 vmail mail 0 Jul 28 10:59 . drwx------ 12 vmail mail 3864 Jul 28 09:39 .. drwx------ 2 vmail mail 0 Jul 28 09:51 cur -rw------- 1 vmail mail 0 Jul 28 10:59 dovecot-acl -rw------- 1 vmail mail 16 Jul 28 10:59 dovecot-acl-list -rw------- 1 vmail mail 1448 Jul 28 09:51 dovecot.index.cache -rw------- 1 vmail mail 1016 Jul 28 09:52 dovecot.index.log -rw------- 1 vmail mail 113 Jul 28 09:51 dovecot-uidlist -rw------- 1 vmail mail 8 Jul 28 09:39 dovecot-uidvalidity -r--r--r-- 1 vmail mail 0 Jul 28 09:39 dovecot-uidvalidity.55b731ac drwx------ 5 vmail mail 0 Jul 28 09:39 .Drafts lrwxrwxrwx 1 vmail mail 5 Jul 28 09:39 .INBOX_spam -> .Junk drwx------ 5 vmail mail 0 Jul 28 09:39 .Junk -rw------- 1 vmail mail 16 Jul 28 09:39 maildirsize drwx------ 2 vmail mail 0 Jul 28 09:51 new drwx------ 5 vmail mail 0 Jul 28 09:50 .Sent -rw------- 1 vmail mail 37 Jul 28 09:39 subscriptions drwx------ 2 vmail mail 0 Jul 28 09:51 tmp drwx------ 5 vmail mail 0 Jul 28 09:39 .Trash any clue to solve my problem ?? I've already try to play with 'acl_defaults_from_inbox' setting, but no way .. Thank you, Marco # 2.2.15: /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.6 (3e924b1b6c5c+) # OS: Linux 2.6.18-400.1.1.el5 x86_64 Red Hat Enterprise Linux Server auth_master_user_separator = * auth_mechanisms = plain login disable_plaintext_auth = no doveadm_password = XXXXXXXXXXXXXXXXXXXXXXXX doveadm_port = 12345 first_valid_uid = 200 hostname = xxxxxxx.sissa.it imap_client_workarounds = delay-newmail lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes lda_original_recipient_header = X-Original-To listen = * login_log_format_elements = user=<%u> PID=%p method=%m rip=%r lip=%l %c login_trusted_networks = XXX.XXX.1.172/30 XXX.XXX.24.0/23 mail_gid = mail mail_home = /var/spool/mail/%1n/%n mail_location = maildir:/var/spool/mail/%1n/%n:INDEX=/var/shared/indexes/%1n/%n mail_plugins = acl fts fts_solr mailbox_alias quota mail_shared_explicit_inbox = yes mail_uid = vmail maildir_very_dirty_syncs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave duplicate imapflags notify mbox_write_locks = fcntl mmap_disable = yes namespace archives { hidden = no inbox = no list = children location = maildir:/var/spool/archives/%1n/%n:INDEX=/var/shared/indexes/%1n/%n/archives mailbox 2015 { auto = subscribe special_use = \Archive } prefix = Archives. separator = . subscriptions = no type = private } namespace inbox { inbox = yes location = mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox INBOX_spam { auto = subscribe special_use = \Junk } mailbox Junk { auto = subscribe special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox Trash { auto = subscribe special_use = \Trash } prefix = separator = . } namespace others { list = children location = maildir:/var/spool/mail/%%1n/%%n:INDEXPVT=/var/shared/indexes/%1n/%n/shared/%%n prefix = Other Users.%%n. separator = . subscriptions = no type = shared } passdb { args = /etc/dovecot/passwd.masterusers driver = passwd-file master = yes pass = yes } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { acl = vfile:/etc/dovecot/global-acls:cache_secs=300 acl_defaults_from_inbox = no acl_shared_dict = file:/var/shared/dovecot/shared-mailboxes.dict fts = solr fts_autoindex = yes fts_autoindex_max_recent_msgs = 20 fts_solr = url=http://solr.localdomain:8080/solr/ mailbox_alias_new = INBOX_spam mailbox_alias_old = Junk quota = maildir:User quota:ns= quota2 = maildir:Archive quota:ns=Archives. quota2_rule = *:storage=20GB quota2_warning = storage=95%% quota2-warning 95 %u quota2_warning2 = storage=90%% quota2-warning 90 %u quota2_warning3 = storage=80%% quota2-warning 80 %u quota_rule = *:storage=5GB quota_rule2 = Trash:storage=+20%% quota_status_nouser = DUNNO quota_status_overquota = 552 5.2.2 Quota exceeded (mailbox for user is full) quota_status_success = DUNNO quota_warning = storage=100%% quota-warning 100 %u quota_warning2 = storage=95%% quota-warning 95 %u quota_warning3 = storage=90%% quota-warning 90 %u quota_warning4 = storage=80%% quota-warning 80 %u sieve = file:~/sieve;active=~/sieve/.dovecot.sieve sieve_default = /etc/dovecot/sieve/dovecot.sieve sieve_extensions = +notify +imapflags sieve_max_redirects = 16 } pop3_client_workarounds = outlook-no-nuls oe-ns-eoh postmaster_address = postmaster at sissa.it protocols = imap pop3 lmtp sieve rejection_reason = Your message to <%t> was automatically rejected for the following reason: %n%n%r service auth { inet_listener { port = 49494 } unix_listener auth-userdb { user = vmail } } service dict { unix_listener dict { user = vmail } } service doveadm { inet_listener { port = 26001 } } service imap-login { process_min_avail = 16 service_count = 0 } service imap { process_limit = 2048 } service lmtp { inet_listener lmtp { port = 24 } process_min_avail = 5 } service managesieve-login { inet_listener sieve { port = 4190 } inet_listener sieve_deprecated { port = 2000 } process_min_avail = 16 service_count = 0 vsz_limit = 256 M } service quota-status { client_limit = 1 executable = /usr/libexec/dovecot/quota-status -p postfix inet_listener { port = 25001 } } service quota-warning { executable = script /usr/local/bin/dovecot-quota-warning.sh unix_listener quota-warning { user = vmail } user = vmail } service quota2-warning { executable = script /usr/local/bin/dovecot-quota2-warning.sh unix_listener quota2-warning { user = vmail } user = vmail } ssl_cert = share all folders In-Reply-To: <029D7232-069A-4761-B5D4-9A5EF0813182@distal.com> References: <55B747BE.7010500@sissa.it> <029D7232-069A-4761-B5D4-9A5EF0813182@distal.com> Message-ID: <55B79972.8050805@sissa.it> Hi Chris, fortunately I've solved the problem with INBOX sharing: there is a bug with option 'acl_defaults_from_inbox'. When you define it with ANY value ('yes', 'no', 'whatyouwant', 'xxx') it acts like the value is ALWAYS 'yes', the only way to disable it, is comment it or delete from configuration file. > My Maildir directories and files are all owned by the UNIX user that owns the file. to avoid problems with acl, mailbox sharing and so on, I've changed my configuration from different UNIX users to a single virtual user some years ago > Is having it all running as one [UNIX] user a typical configuration for dovecot2? Or just typical of installations using ACLs? I don't know if is typical or not, but it is very simple, and till now I didn't seen any particular problem My configuration is attached in the first email; if you need some explanation, let me know. Marco On 2015-07-28 16:38, Chris Ross wrote: > >> On Jul 28, 2015, at 05:13, Marco Giunta wrote: >> >> Hi at all, >> I have a problem with ACL; I want to share INBOX and Sent folder to an other user, but when I configure ACL on INBOX, all folders are shared (Sent, Junk, Draft, Trash, etc) > > Hello, Marco. Unfortunately I don?t know why you are seeing the behavior you are, and hope that someone else will be able to help. > > However, you seem to have accomplished something I?m wanting to do, and have as yet been unable to get working. I have a Users INBOX that I want to share to other users, but something is wrong with the way I?ve configured ACLs and sharing. > > Perhaps we could discuss off-list more of what your configuration looks like, and how you got there? I?m running on FreeBSD with the ports system version of dovecot2 2.2.16, currently, although I think I?m due an upgrade. > > You say you?re have "My Dovecot instance use a single user?, and I think that?s different than I. My Maildir directories and files are all owned by the UNIX user that owns the file. Maybe this is causing me the permissions problems I?m seeing. Is having it all running as one [UNIX] user a typical configuration for dovecot2? Or just typical of installations using ACLs? > > Thank you. > > - Chris > -- ----------------------------------- |Marco Giunta - SISSA Computer Staff| |Via Bonomea, 265 | |34136 - Trieste, Italy | |Tel: +39-40-3787-503 | |Fax: +39-040-3787-244 | |e-mail: giunta at sissa.it | ----------------------------------- From giunta at sissa.it Tue Jul 28 15:13:02 2015 From: giunta at sissa.it (Marco Giunta) Date: Tue, 28 Jul 2015 17:13:02 +0200 Subject: bug in acl_defaults_from_inbox option Message-ID: <55B79BFE.3020406@sissa.it> Hi at all, there is a bug in in acl_defaults_from_inbox option: if you define it with ANY value ('yes', 'no', 'whatyouwant', 'xxx') it acts like the value is ALWAYS 'yes', and Dovecot enable it; the only way to disable it, is comment it or delete from configuration file. With 'acl_defaults_from_inbox = no', or 'acl_defaults_from_inbox = whatyouwant', all my folders get ACLs from INBOX; in my case I want to only share INBOX, but also all other folders were shared. When you comment 'acl_defaults_from_inbox', Dovecot works like expected. Marco # 2.2.15: /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.6 (3e924b1b6c5c+) # OS: Linux 2.6.18-400.1.1.el5 x86_64 Red Hat Enterprise Linux Server auth_master_user_separator = * auth_mechanisms = plain login disable_plaintext_auth = no doveadm_password = XXXXXXXXXXXXXXXXXXXXXXXX doveadm_port = 12345 first_valid_uid = 200 hostname = xxxxxxx.sissa.it imap_client_workarounds = delay-newmail lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes lda_original_recipient_header = X-Original-To listen = * login_log_format_elements = user=<%u> PID=%p method=%m rip=%r lip=%l %c login_trusted_networks = XXX.XXX.1.172/30 XXX.XXX.24.0/23 mail_gid = mail mail_home = /var/spool/mail/%1n/%n mail_location = maildir:/var/spool/mail/%1n/%n:INDEX=/var/shared/indexes/%1n/%n mail_plugins = acl fts fts_solr mailbox_alias quota mail_shared_explicit_inbox = yes mail_uid = vmail maildir_very_dirty_syncs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave duplicate imapflags notify mbox_write_locks = fcntl mmap_disable = yes namespace archives { hidden = no inbox = no list = children location = maildir:/var/spool/archives/%1n/%n:INDEX=/var/shared/indexes/%1n/%n/archives mailbox 2015 { auto = subscribe special_use = \Archive } prefix = Archives. separator = . subscriptions = no type = private } namespace inbox { inbox = yes location = mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox INBOX_spam { auto = subscribe special_use = \Junk } mailbox Junk { auto = subscribe special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox Trash { auto = subscribe special_use = \Trash } prefix = separator = . } namespace others { list = children location = maildir:/var/spool/mail/%%1n/%%n:INDEXPVT=/var/shared/indexes/%1n/%n/shared/%%n prefix = Other Users.%%n. separator = . subscriptions = no type = shared } passdb { args = /etc/dovecot/passwd.masterusers driver = passwd-file master = yes pass = yes } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { acl = vfile:/etc/dovecot/global-acls:cache_secs=300 acl_defaults_from_inbox = no acl_shared_dict = file:/var/shared/dovecot/shared-mailboxes.dict fts = solr fts_autoindex = yes fts_autoindex_max_recent_msgs = 20 fts_solr = url=http://solr.localdomain:8080/solr/ mailbox_alias_new = INBOX_spam mailbox_alias_old = Junk quota = maildir:User quota:ns= quota2 = maildir:Archive quota:ns=Archives. quota2_rule = *:storage=20GB quota2_warning = storage=95%% quota2-warning 95 %u quota2_warning2 = storage=90%% quota2-warning 90 %u quota2_warning3 = storage=80%% quota2-warning 80 %u quota_rule = *:storage=5GB quota_rule2 = Trash:storage=+20%% quota_status_nouser = DUNNO quota_status_overquota = 552 5.2.2 Quota exceeded (mailbox for user is full) quota_status_success = DUNNO quota_warning = storage=100%% quota-warning 100 %u quota_warning2 = storage=95%% quota-warning 95 %u quota_warning3 = storage=90%% quota-warning 90 %u quota_warning4 = storage=80%% quota-warning 80 %u sieve = file:~/sieve;active=~/sieve/.dovecot.sieve sieve_default = /etc/dovecot/sieve/dovecot.sieve sieve_extensions = +notify +imapflags sieve_max_redirects = 16 } pop3_client_workarounds = outlook-no-nuls oe-ns-eoh postmaster_address = postmaster at sissa.it protocols = imap pop3 lmtp sieve rejection_reason = Your message to <%t> was automatically rejected for the following reason: %n%n%r service auth { inet_listener { port = 49494 } unix_listener auth-userdb { user = vmail } } service dict { unix_listener dict { user = vmail } } service doveadm { inet_listener { port = 26001 } } service imap-login { process_min_avail = 16 service_count = 0 } service imap { process_limit = 2048 } service lmtp { inet_listener lmtp { port = 24 } process_min_avail = 5 } service managesieve-login { inet_listener sieve { port = 4190 } inet_listener sieve_deprecated { port = 2000 } process_min_avail = 16 service_count = 0 vsz_limit = 256 M } service quota-status { client_limit = 1 executable = /usr/libexec/dovecot/quota-status -p postfix inet_listener { port = 25001 } } service quota-warning { executable = script /usr/local/bin/dovecot-quota-warning.sh unix_listener quota-warning { user = vmail } user = vmail } service quota2-warning { executable = script /usr/local/bin/dovecot-quota2-warning.sh unix_listener quota2-warning { user = vmail } user = vmail } ssl_cert = hi all, I encountered some problem with lowercasing chars like an "?" with user_attrs like this: user_attrs = uid=home=/mail/%Lu, =myvar=%L{ldap:uid} the ? doesnt get lower cased in both cases # doveadm user BL?TULA field value user bl?tula uid vmail gid vmail home /mail/bl?tula mail maildir:~/Maildir:LAYOUT=fs:INBOX=~/Maildir/INBOX myvar bl?tula somebody knows if there a fix for that? Greetz Matze From steffan at hldns.com Tue Jul 28 17:07:44 2015 From: steffan at hldns.com (Steffan Cline) Date: Tue, 28 Jul 2015 10:07:44 -0700 Subject: Deafness Message-ID: <89102DBE-9798-4651-8770-6E9F9690B8A8@hldns.com> I?ve started in the last day or so having issues where users get a timeout when connecting to dovecot. The iPhone interprets this as an auth issue but re-entering the password makes no change. Outlook will either just not connect to it at all or it gives an error to re-enter the password also with no change. This happens within an hour of a "service dovecot restart". I?m using CentOS 6 with dovecot 2.0.9 from the centos repos. There?s nothing visible in the logs. Suggestions of what to check for? Thanks, Steffan From mpn at icabs.co.zw Tue Jul 28 18:53:18 2015 From: mpn at icabs.co.zw (Managed Pvt nets) Date: Tue, 28 Jul 2015 18:53:18 +0000 Subject: Deafness In-Reply-To: <89102DBE-9798-4651-8770-6E9F9690B8A8@hldns.com> Message-ID: On 28/07/2015 7:07:44 PM, "Steffan Cline" wrote: > >There?s nothing visible in the logs. You need to check the permissions for your logs. Increase debug level > >Suggestions of what to check for? The logs. Do command line tests, share what you are getting. M. From cross+dovecot at distal.com Tue Jul 28 18:55:45 2015 From: cross+dovecot at distal.com (Chris Ross) Date: Tue, 28 Jul 2015 14:55:45 -0400 Subject: sharing INBOX with ACL -> share all folders In-Reply-To: <55B747BE.7010500@sissa.it> References: <55B747BE.7010500@sissa.it> Message-ID: [- resend to the list from my list address -] > On Jul 28, 2015, at 05:13, Marco Giunta wrote: > > Hi at all, > I have a problem with ACL; I want to share INBOX and Sent folder to an other user, but when I configure ACL on INBOX, all folders are shared (Sent, Junk, Draft, Trash, etc) Hello, Marco. Unfortunately I don?t know why you are seeing the behavior you are, and hope that someone else will be able to help. However, you seem to have accomplished something I?m wanting to do, and have as yet been unable to get working. I have a Users INBOX that I want to share to other users, but something is wrong with the way I?ve configured ACLs and sharing. Perhaps we could discuss off-list more of what your configuration looks like, and how you got there? I?m running on FreeBSD with the ports system version of dovecot2 2.2.16, currently, although I think I?m due an upgrade. You say you?re have "My Dovecot instance use a single user?, and I think that?s different than I. My Maildir directories and files are all owned by the UNIX user that owns the file. Maybe this is causing me the permissions problems I?m seeing. Is having it all running as one [UNIX] user a typical configuration for dovecot2? Or just typical of installations using ACLs? Thank you. - Chris From alvin.sm at Mail.Linux-Consulting.com Tue Jul 28 21:28:37 2015 From: alvin.sm at Mail.Linux-Consulting.com (alvin) Date: Tue, 28 Jul 2015 14:28:37 -0700 (PDT) Subject: \ help, permissions = In-Reply-To: <55B6E7AE.7020207@ajmconsulting.ca> Message-ID: <201507282128.t6SLSbQ1013942@Mail.Linux-Consulting.com> hi josh > Try turning off Apparmor. When I did the same OpenSuSE upgrade, > Apparmor messed up my dovecot installation with similar errors. I > disabled Apparmor and the permissions issues disappeared. BTW, I gave > up trying to re-configure Apparmor and have left it disabled with no > issues. i also do periodic rolling updates from suse-11.x to 12.x to 13.x on the same server and now just run suse-factory and need to tweek some apps/settings in your case, i'd also check suse iptables rules and also maybe it's an issue with /etc/init.d vs systemctl systemctl enable dovecot && systemctl restart dovecot ---> what is the output of systemctl status doveoct pixie dust alvin - http://IPtables-BlackList.net > On 27/07/2015 9:32 PM, josh schooler wrote: > > both of my other servers its owned by exim, the permissions in the other two servers are 644, and dovecot starts just fine on those, I don't know what happened I updated my server from opensuse 12.1 to 13.2 and now dovecot is refusing to start. From steffan at hldns.com Tue Jul 28 22:21:27 2015 From: steffan at hldns.com (Steffan Cline) Date: Tue, 28 Jul 2015 15:21:27 -0700 Subject: Deafness In-Reply-To: References: <89102DBE-9798-4651-8770-6E9F9690B8A8@hldns.com> Message-ID: <6BA87656-D763-4F8A-9F01-971FC0910233@hldns.com> Permissions to the logs are fine. In /var/log/maillog I do see dovecot logging in there but nothing that indicates why there?s a failure. The one thing I thought of is if there?s too many connections but I am using a firewall that blocks excessive attempts but that?s fine. Netstat shows a bunch of CLOSE_WAIT though. I?ll try the debug level and see what I find. Thanks, Steffan Cline steffan at hldns.com 602-793?0014 On 7/28/15, 11:53 AM, "Managed Pvt nets" wrote: > > >On 28/07/2015 7:07:44 PM, "Steffan Cline" wrote: > >> >>There?s nothing visible in the logs. >You need to check the permissions for your logs. Increase debug level >> >>Suggestions of what to check for? >The logs. Do command line tests, share what you are getting. > >M. > From steffan at hldns.com Wed Jul 29 01:52:10 2015 From: steffan at hldns.com (Steffan Cline) Date: Tue, 28 Jul 2015 18:52:10 -0700 Subject: Deafness In-Reply-To: <6BA87656-D763-4F8A-9F01-971FC0910233@hldns.com> References: <89102DBE-9798-4651-8770-6E9F9690B8A8@hldns.com> <6BA87656-D763-4F8A-9F01-971FC0910233@hldns.com> Message-ID: <01584C24-3C13-4373-99CC-14D043E22E80@hldns.com> Ok, I think I have come a little further. When dovecot stops accepting connections, I checked netstat and found this: [root at hosting1 ~]# netstat -an | grep 993 tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN tcp 0 0 65.39.x.x:993 184.101.x.x:36351 SYN_RECV tcp 0 0 65.39.x.x:993 107.212.x.x:51487 SYN_RECV tcp 0 0 65.39.x.x:993 107.212.x.x:51488 SYN_RECV tcp 0 0 65.39.x.x:993 184.101.x.x:44650 SYN_RECV This told me it wasn?t too many connections causing dovecot to be unresponsive. So then I tried via telnet. Dovecot seems to accept connections but then just sits there and does nothing. I used the appropriate commands to try and initiate a login but nothing happens. Typing any commands at all produce no response from dovecot. I then do a ?service dovecot restart? and then telnet again and get this: * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready. To me this suggests that dovecot is jammed up somehow. I then check in /var/log/maillog and it shows no dovecot entries to indicate a connection. I look in /etc/dovecot and see a dozen conf file. Without reading all the docs, is there any one in particular I can find the verbose logging? What else can I check? Everything was fine until just a couple days ago. This is a SERIOUS issue as I discovered it can be the root cause of a server going down. In my config I use z-push with apache to do active sync with my iPhone. The iPhone connects via z-push/apache and then to dovecot. The connection is stale so eventually with the phone continuously trying to connect and z-push can?t connect to dovecot, the apache processes eat all the RAM until processes crash from no memory. Any help at this point is appreciated. Thanks, Steffan Cline steffan at hldns.com 602-793?0014 On 7/28/15, 3:21 PM, "dovecot on behalf of Steffan Cline" wrote: >Permissions to the logs are fine. In /var/log/maillog I do see dovecot logging in there but nothing that indicates why there?s a failure. > >The one thing I thought of is if there?s too many connections but I am using a firewall that blocks excessive attempts but that?s fine. Netstat shows a bunch of CLOSE_WAIT though. > >I?ll try the debug level and see what I find. > >Thanks, >Steffan Cline >steffan at hldns.com >602-793?0014 > > > > > > > >On 7/28/15, 11:53 AM, "Managed Pvt nets" wrote: > >> >> >>On 28/07/2015 7:07:44 PM, "Steffan Cline" wrote: >> >>> >>>There?s nothing visible in the logs. >>You need to check the permissions for your logs. Increase debug level >>> >>>Suggestions of what to check for? >>The logs. Do command line tests, share what you are getting. >> >>M. >> > From cross+dovecot at distal.com Wed Jul 29 03:35:31 2015 From: cross+dovecot at distal.com (Chris Ross) Date: Tue, 28 Jul 2015 23:35:31 -0400 Subject: Deafness In-Reply-To: <01584C24-3C13-4373-99CC-14D043E22E80@hldns.com> References: <89102DBE-9798-4651-8770-6E9F9690B8A8@hldns.com> <6BA87656-D763-4F8A-9F01-971FC0910233@hldns.com> <01584C24-3C13-4373-99CC-14D043E22E80@hldns.com> Message-ID: <30CA35A6-8AC8-4E9F-881A-886AACFBE5CA@distal.com> > On Jul 28, 2015, at 21:52 , Steffan Cline wrote: > > Ok, I think I have come a little further. > > When dovecot stops accepting connections, I checked netstat and found this: > > [root at hosting1 ~]# netstat -an | grep 993 > tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN > tcp 0 0 65.39.x.x:993 184.101.x.x:36351 SYN_RECV > tcp 0 0 65.39.x.x:993 107.212.x.x:51487 SYN_RECV > tcp 0 0 65.39.x.x:993 107.212.x.x:51488 SYN_RECV > tcp 0 0 65.39.x.x:993 184.101.x.x:44650 SYN_RECV > > This told me it wasn?t too many connections causing dovecot to be unresponsive. So then I tried via telnet. > > Dovecot seems to accept connections but then just sits there and does nothing. I used the appropriate commands to try and initiate a login but nothing happens. Typing any commands at all produce no response from dovecot. Actually, I think the above shows that it?s not a dovecot problem. A socket in a SYN_RECV state means that a connection request has been merely been received from the network. That means your kernel has not finished establishing the TCP connection, so dovecot (or the application level in general) is likely not even involved yet. I would suspect some sort of firewall config on your host, or perhaps some sort of overload at the network stack level. But, the latter only if the server were very heavily loaded. I hope this feedback is helpful. - Chris From skdovecot at smail.inf.fh-brs.de Wed Jul 29 05:53:32 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Wed, 29 Jul 2015 07:53:32 +0200 (CEST) Subject: Deafness In-Reply-To: <01584C24-3C13-4373-99CC-14D043E22E80@hldns.com> References: <89102DBE-9798-4651-8770-6E9F9690B8A8@hldns.com> <6BA87656-D763-4F8A-9F01-971FC0910233@hldns.com> <01584C24-3C13-4373-99CC-14D043E22E80@hldns.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 28 Jul 2015, Steffan Cline wrote: > When dovecot stops accepting connections, I checked netstat and found this: > > [root at hosting1 ~]# netstat -an | grep 993 > tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN > tcp 0 0 65.39.x.x:993 184.101.x.x:36351 SYN_RECV > tcp 0 0 65.39.x.x:993 107.212.x.x:51487 SYN_RECV > tcp 0 0 65.39.x.x:993 107.212.x.x:51488 SYN_RECV > tcp 0 0 65.39.x.x:993 184.101.x.x:44650 SYN_RECV > > This told me it wasn?t too many connections causing dovecot to be unresponsive. So then I tried via telnet. > > Dovecot seems to accept connections but then just sits there and does > nothing. I used the appropriate commands to try and initiate a login but > nothing happens. Typing any commands at all produce no response from > dovecot. > > I then do a ?service dovecot restart? and then telnet again and get this: > > * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready. from which host do you telnet to Dovecot and to which port? Do you get the greeting (last line of your quote), if you telnet? You show port 993 in above listing, which is the IMAP-over-SSL port, you should not see the greeting with telnet on this port at all. In which state are the various dovecot processes in? Do they wait in non-interruptable sleep? ps -eopid,user,fname,state,wchan,args Do all Dovecot processes hang or just new ones, that try to connect and auth? - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVbhqXHz1H7kL/d9rAQJbKQgAlzwvfDNSlP2oliX1SaCFqeiE+mhcZCz/ XUe2ffnw5AYH0hW7jcur7BHpGZM7ajK1drcGy5OGPYTGEknaMRMnaiBza726Qyjc sDoVZD+YR25gtjNAGrqNYyMxNBLyx3JB3CeG0ljcqmxZ4BC1mOAdwjOSUaJsUqPX EOBC+PXE51GWxnPq7XwcEZ36mXAEmaLnyKWhA9CZuwfB9Q9yxJahc3u2yEnAVh+Y kFF/TJksmYQ+GfKAtTEi+S/e2+3xCq6XgS2daEjwr7SDrhV/0Lvz5PW18MqQtUjU IcF72VzJ1/BruU+eawL2G+JUJ1wdmmFBszPyjJtRTB2sMHk/KDXroQ== =7wRT -----END PGP SIGNATURE----- From steffan at hldns.com Wed Jul 29 06:03:16 2015 From: steffan at hldns.com (Steffan Cline) Date: Tue, 28 Jul 2015 23:03:16 -0700 Subject: Deafness In-Reply-To: References: <89102DBE-9798-4651-8770-6E9F9690B8A8@hldns.com> <6BA87656-D763-4F8A-9F01-971FC0910233@hldns.com> <01584C24-3C13-4373-99CC-14D043E22E80@hldns.com> Message-ID: <55A8CDD4-EF1E-4B1D-80B4-39AE6F80A34C@hldns.com> Steffen, I checked 993 since I was using SSL for sending/receiving but imagine it?ll look the same if I check any of the other ports. When I tested via telnet, I checked from my home, not on the server to itself. ?telnet host.com imap? I don?t have an answer for you on the state yet since it?s working at the moment. As far as which processes, I try to connect and no matter what, I don?t get the greeting in this state. I?ll check again in the morning to see if it has changed. That should give it ample time to either just work now or fail then I can do the additional checks. Thanks, Steffan Cline steffan at hldns.com 602-793?0014 On 7/28/15, 10:53 PM, "dovecot on behalf of Steffen Kaiser" wrote: >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > >On Tue, 28 Jul 2015, Steffan Cline wrote: > >> When dovecot stops accepting connections, I checked netstat and found this: >> >> [root at hosting1 ~]# netstat -an | grep 993 >> tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN >> tcp 0 0 65.39.x.x:993 184.101.x.x:36351 SYN_RECV >> tcp 0 0 65.39.x.x:993 107.212.x.x:51487 SYN_RECV >> tcp 0 0 65.39.x.x:993 107.212.x.x:51488 SYN_RECV >> tcp 0 0 65.39.x.x:993 184.101.x.x:44650 SYN_RECV >> >> This told me it wasn?t too many connections causing dovecot to be unresponsive. So then I tried via telnet. >> >> Dovecot seems to accept connections but then just sits there and does >> nothing. I used the appropriate commands to try and initiate a login but >> nothing happens. Typing any commands at all produce no response from >> dovecot. >> >> I then do a ?service dovecot restart? and then telnet again and get this: >> >> * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready. > >from which host do you telnet to Dovecot and to which port? >Do you get the greeting (last line of your quote), if you telnet? >You show port 993 in above listing, which is the IMAP-over-SSL port, you >should not see the greeting with telnet on this port at all. > >In which state are the various dovecot processes in? Do they wait in >non-interruptable sleep? ps -eopid,user,fname,state,wchan,args > >Do all Dovecot processes hang or just new ones, that try to connect and >auth? > >- -- >Steffen Kaiser >-----BEGIN PGP SIGNATURE----- >Version: GnuPG v1 > >iQEVAwUBVbhqXHz1H7kL/d9rAQJbKQgAlzwvfDNSlP2oliX1SaCFqeiE+mhcZCz/ >XUe2ffnw5AYH0hW7jcur7BHpGZM7ajK1drcGy5OGPYTGEknaMRMnaiBza726Qyjc >sDoVZD+YR25gtjNAGrqNYyMxNBLyx3JB3CeG0ljcqmxZ4BC1mOAdwjOSUaJsUqPX >EOBC+PXE51GWxnPq7XwcEZ36mXAEmaLnyKWhA9CZuwfB9Q9yxJahc3u2yEnAVh+Y >kFF/TJksmYQ+GfKAtTEi+S/e2+3xCq6XgS2daEjwr7SDrhV/0Lvz5PW18MqQtUjU >IcF72VzJ1/BruU+eawL2G+JUJ1wdmmFBszPyjJtRTB2sMHk/KDXroQ== >=7wRT >-----END PGP SIGNATURE----- > From skdovecot at smail.inf.fh-brs.de Wed Jul 29 06:22:32 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Wed, 29 Jul 2015 08:22:32 +0200 (CEST) Subject: Deafness In-Reply-To: <55A8CDD4-EF1E-4B1D-80B4-39AE6F80A34C@hldns.com> References: <89102DBE-9798-4651-8770-6E9F9690B8A8@hldns.com> <6BA87656-D763-4F8A-9F01-971FC0910233@hldns.com> <01584C24-3C13-4373-99CC-14D043E22E80@hldns.com> <55A8CDD4-EF1E-4B1D-80B4-39AE6F80A34C@hldns.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 28 Jul 2015, Steffan Cline wrote: please, don't top post. > I checked 993 since I was using SSL for sending/receiving but imagine it?ll look the same if I check any of the other ports. > > When I tested via telnet, I checked from my home, not on the server to itself. ?telnet host.com imap? Then take Chris's suggestion into account and re-try from localhost in order to rule out network problems. > I don?t have an answer for you on the state yet since it?s working at the moment. > > As far as which processes, I try to connect and no matter what, I don?t get the greeting in this state. Can you connect to other ports of the machine? Or perhaps ping? If the network simply drops all packets, you would get your described problem easily, incl. the SYN_RECV connections. > > On 7/28/15, 10:53 PM, "dovecot on behalf of Steffen Kaiser" wrote: > >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> On Tue, 28 Jul 2015, Steffan Cline wrote: >> >>> When dovecot stops accepting connections, I checked netstat and found this: >>> >>> [root at hosting1 ~]# netstat -an | grep 993 >>> tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN >>> tcp 0 0 65.39.x.x:993 184.101.x.x:36351 SYN_RECV >>> tcp 0 0 65.39.x.x:993 107.212.x.x:51487 SYN_RECV >>> tcp 0 0 65.39.x.x:993 107.212.x.x:51488 SYN_RECV >>> tcp 0 0 65.39.x.x:993 184.101.x.x:44650 SYN_RECV >>> >>> This told me it wasn?t too many connections causing dovecot to be unresponsive. So then I tried via telnet. >>> >>> Dovecot seems to accept connections but then just sits there and does >>> nothing. I used the appropriate commands to try and initiate a login but >>> nothing happens. Typing any commands at all produce no response from >>> dovecot. >>> >>> I then do a ?service dovecot restart? and then telnet again and get this: >>> >>> * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready. >> >> from which host do you telnet to Dovecot and to which port? >> Do you get the greeting (last line of your quote), if you telnet? >> You show port 993 in above listing, which is the IMAP-over-SSL port, you >> should not see the greeting with telnet on this port at all. >> >> In which state are the various dovecot processes in? Do they wait in >> non-interruptable sleep? ps -eopid,user,fname,state,wchan,args >> >> Do all Dovecot processes hang or just new ones, that try to connect and >> auth? >> >> - -- >> Steffen Kaiser >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1 >> >> iQEVAwUBVbhqXHz1H7kL/d9rAQJbKQgAlzwvfDNSlP2oliX1SaCFqeiE+mhcZCz/ >> XUe2ffnw5AYH0hW7jcur7BHpGZM7ajK1drcGy5OGPYTGEknaMRMnaiBza726Qyjc >> sDoVZD+YR25gtjNAGrqNYyMxNBLyx3JB3CeG0ljcqmxZ4BC1mOAdwjOSUaJsUqPX >> EOBC+PXE51GWxnPq7XwcEZ36mXAEmaLnyKWhA9CZuwfB9Q9yxJahc3u2yEnAVh+Y >> kFF/TJksmYQ+GfKAtTEi+S/e2+3xCq6XgS2daEjwr7SDrhV/0Lvz5PW18MqQtUjU >> IcF72VzJ1/BruU+eawL2G+JUJ1wdmmFBszPyjJtRTB2sMHk/KDXroQ== >> =7wRT >> -----END PGP SIGNATURE----- >> > > - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVbhxKHz1H7kL/d9rAQKsyQf/fHF2Avp2F7eD4h5n0cmdzLMTjolFeW28 tsw81m6o+cs5Vl6cqIzzDIDhC1zRjCOqZWQjv8TNx4S0EKIKscXvurvD2A2WdAOz yeYvQpc5sCABSKMLuUQ5wAR4Hv3pcnpJRN3c9pYRQ48Yxd3ORK8r4BzJ3Ol0RK0H Vn5C05pVYWo+Eh4vLWlWSOTgqaJBwQK9DjfhYZOUdzdx5cMKICn1IHQ9GUBSf6YR TwZMfbYfJYUcq/0s3c6POd9hCEOyQjk7SAhgiXL/LSJtXN39U+Ea2pYD+4/VIPHi FR6Pcb71kqNJmTdEvdPADeKT89l1o5yYju5MU+QKzh23iJ0oiUzPvw== =Lgkl -----END PGP SIGNATURE----- From mihaiush at gmail.com Wed Jul 29 13:02:55 2015 From: mihaiush at gmail.com (mihaiush) Date: Wed, 29 Jul 2015 16:02:55 +0300 Subject: charset-iconv.c panic Message-ID: Hi, I have a mailbox where indexing fails with the following error: # /opt/dovecot2/bin/doveadm -c /tmp/dovecot.conf -o mail_location=/tmp/skesselring index '*' doveadm(root): Panic: file charset-iconv.c: line 132 (charset_to_utf8): assertion failed: (*src_size - pos <= CHARSET_MAX_PENDING_BUF_SIZE) doveadm(root): Error: Raw backtrace: /opt/dovecot2/lib/dovecot/libdovecot.so.0(+0x7c13f) [0x7f1b7376f13f] -> /opt/dovecot2/lib/dovecot/libdovecot.so.0(default_fatal_handler+0x2a) [0x7f1b7376f21a] -> /opt/dovecot2/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f1b7371d555] -> /opt/dovecot2/lib/dovecot/libdovecot.so.0(+0x754a7) [0x7f1b737684a7] -> /opt/dovecot2/lib/dovecot/libdovecot.so.0(message_decoder_decode_next_block+0x528) [0x7f1b7375d8d8] -> /opt/dovecot2/lib/dovecot/lib20_fts_plugin.so(fts_build_mail+0x19e) [0x7f1b726fbe3e] -> /opt/dovecot2/lib/dovecot/lib20_fts_plugin.so(+0xfa20) [0x7f1b72701a20] -> /opt/dovecot2/lib/dovecot/libdovecot-storage.so.0(mail_precache+0x19) [0x7f1b73a1fad9] -> /opt/dovecot2/bin/doveadm() [0x4246b1] -> /opt/dovecot2/bin/doveadm() [0x4201d0] -> /opt/dovecot2/bin/doveadm(doveadm_mail_try_run+0x261) [0x421131] -> /opt/dovecot2/bin/doveadm(main+0x34f) [0x41413f] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xfd) [0x7f1b73386ead] -> /opt/dovecot2/bin/doveadm() [0x414235] Aborted (core dumped) Dovecot 2.2.18 build from sources ./configure --prefix=/opt/dovecot2 --with-mysql --with-sqlite --with-solr --with-ssl --disable-rpath --disable-static. Filesystem is ext4 # /opt/dovecot2/bin/doveadm -c /tmp/dovecot.conf config -n # 2.2.18: /tmp/dovecot.conf # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.8 auth_master_user_separator = * auth_mechanisms = plain login base_dir = /services/dovecot1/var/run default_client_limit = 10240 default_login_user = dovecot dict { quotadict = mysql:/services/dovecot1/etc/quota.conf } disable_plaintext_auth = no log_path = login_log_format_elements = user=%u session=%{session} mpid=%e rip=%r rrip=%{real_rip} mail_location = mdbox:~/mails mail_log_prefix = "store107: %s(%u): %{session}: " mail_max_userip_connections = 0 mail_plugins = quota virtual fts fts_solr notify mail_log mailbox_list_index = yes mdbox_rotate_size = 256 k mmap_disable = yes namespace inbox { inbox = yes location = mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Junk { auto = subscribe special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox Trash { auto = subscribe special_use = \Trash } prefix = separator = / } namespace virtual { hidden = yes list = no location = virtual:/services/dovecot1/etc/virtual:INDEX=~/mails/virtual mailbox all { auto = create special_use = \All } mailbox unseen { auto = create } prefix = virtual/ separator = / } passdb { args = /services/dovecot1/etc/passwd.masterusers driver = passwd-file master = yes pass = yes } passdb { args = /services/dovecot1/etc/mysql.conf driver = sql } plugin { fts = solr fts_solr = break-imap-search url=http://10.78.18.127:8080/solr/ mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename flag_change save mailbox_create mail_log_fields = uid box msgid flags quota = dict:user::proxy::quotadict quota_rule = *:storage=1GB quota_rule2 = Trash:storage=+152M quota_rule3 = Trash:messages=+5 } protocols = imap service auth { unix_listener auth-client { mode = 0666 } unix_listener auth-master { group = nogroup mode = 0660 } } service dict { process_limit = 400 unix_listener dict { mode = 0600 user = nobody } } service imap-login { chroot = login client_limit = 2048 inet_listener imap { address = 10.78.18.127 port = 143 } process_limit = 1024 service_count = 0 } service imap { process_limit = 10240 vsz_limit = 320 M } service indexer-worker { process_limit = 4 process_min_avail = 2 service_count = 1 vsz_limit = 1 G } shutdown_clients = no ssl = no syslog_facility = local3 userdb { args = /services/dovecot1/etc/mysql.conf driver = sql } protocol imap { mail_plugins = quota virtual fts fts_solr notify mail_log imap_quota } protocol lda { auth_socket_path = /services/dovecot1/var/run/auth-master mail_plugins = quota virtual fts fts_solr notify mail_log sieve event_broker submission_host = osmtp:8090 } # gdb /opt/dovecot2/bin/doveadm core GNU gdb (GDB) 7.4.1-debian Copyright (C) 2012 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-linux-gnu". For bug reporting instructions, please see: ... Reading symbols from /opt/dovecot2_clean/bin/doveadm...done. [New LWP 4172] warning: Can't read pathname for load map: Input/output error. [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". Core was generated by `/opt/dovecot2/bin/doveadm -c /tmp/dovecot.conf -o mail_location=/tmp/skesselrin'. Program terminated with signal 6, Aborted. #0 0x00007f1b7339a165 in raise () from /lib/x86_64-linux-gnu/libc.so.6 (gdb) (gdb) (gdb) bt full #0 0x00007f1b7339a165 in raise () from /lib/x86_64-linux-gnu/libc.so.6 No symbol table info available. #1 0x00007f1b7339d3e0 in abort () from /lib/x86_64-linux-gnu/libc.so.6 No symbol table info available. #2 0x00007f1b7376f135 in default_fatal_finish (type=, status=status at entry=0) at failures.c:202 backtrace = 0x2304560 "/opt/dovecot2/lib/dovecot/libdovecot.so.0(+0x7c13f) [0x7f1b7376f13f] -> /opt/dovecot2/lib/dovecot/libdovecot.so.0(default_fatal_handler+0x2a) [0x7f1b7376f21a] -> /opt/dovecot2/lib/dovecot/libdovecot.s"... #3 0x00007f1b7376f21a in default_fatal_handler (ctx=0x7fff678c4510, format=, args=) at failures.c:216 status = 0 #4 0x00007f1b7371d555 in i_panic (format=format at entry=0x7f1b73799298 "file %s: line %d (%s): assertion failed: (%s)") at failures.c:276 ctx = {type = LOG_TYPE_PANIC, exit_status = 0, timestamp = 0x0, timestamp_usecs = 0} args = {{gp_offset = 40, fp_offset = 48, overflow_arg_area = 0x7fff678c4600, reg_save_area = 0x7fff678c4540}} #5 0x00007f1b737684a7 in charset_to_utf8 (t=0x2371a50, src=src at entry=0x23845e0 "\213h\201\347/\364\322*\303\307YpG\a\207\002\222\276\364z\301\350\201\227\335\360<\016(20~\365\254A\373?\326\070ir\364S\270-\006\245\360\237\250\242}iz]ph`<\026T9H\325F\033\301\354\333K\270|\353\345rF3-\277\211\003XOT\375\347\241\273\256\360<\330cy0\327", src_size=src_size at entry=0x7fff678c4668, dest=0x2369320) at charset-iconv.c:132 result = CHARSET_RET_INVALID_INPUT pos = 8226 size = 2183 prev_invalid_pos = 9595 ret = __FUNCTION__ = "charset_to_utf8" #6 0x00007f1b7375d8d8 in message_decode_body (output=0x7fff678c4780, ctx=0x2370b60, input=) at message-decoder.c:342 data = 0x23845e0 "\213h\201\347/\364\322*\303\307YpG\a\207\002\222\276\364z\301\350\201\227\335\360<\016(20~\365\254A\373?\326\070ir\364S\270-\006\245\360\237\250\242}iz]ph`<\026T9H\325F\033\301\354\333K\270|\353\345rF3-\277\211\003XOT\375\347\241\273\256\360<\330cy0\327" ret = pos = 6042 size = 6042 error = 0x7fff678c4760 "\020B0\002" #7 message_decoder_decode_next_block (ctx=0x2370b60, input=input at entry=0x7fff678c4760, output=output at entry=0x7fff678c4780) at message-decoder.c:375 No locals. #8 0x00007f1b726fbe3e in fts_build_mail_real (mail=0x23639b0, update_ctx=0x2355980) at fts-build-mail.c:543 ctx = {mail = 0x23639b0, update_ctx = 0x2355980, content_type = 0x2371540 "text/*", content_disposition = 0x2371fa0 "attachment; filename=\"PTT-20141109-WA0001.amr\"", body_parser = 0x23832a0, word_buf = 0x0, pending_input = 0x0, cur_user_lang = 0x0} parser = 0x2371130 decoder = 0x0 raw_block = {part = 0x2304210, hdr = 0x0, data = 0x236eb50 "\ni2iB5y/00irDx1lwRweHApK+9HrB6IGX3fA8DigyMH71rEH7P9Y4aXL0U7gtBqXwn6iifWl6XXBo\nYDwWVDlI1UYbwezbS7h86+VyRjMtv4kDWE9U/eehu67wPNhjeTDXABPB8tdUnMju+InvVF0WrHjV\ns4DPnnWsU/A8QHFtQIZOQyH2OXXwA/i5uBFaqadFhd/L4"..., size = 8162} prev_part = 0x2304210 skip_body = false block = {part = 0x2304210, hdr = 0x0, data = 0x2391a60 "", size = 0} binary_body = ret = input = 0x2370fa0 parts = 0x7f1b73ab63c1 body_part = true body_added = true #9 fts_build_mail (update_ctx=0x2355980, mail=mail at entry=0x23639b0) at fts-build-mail.c:592 _data_stack_cur_id = 5 ret = 1 #10 0x00007f1b72701a20 in fts_mail_index (_mail=0x23639b0) at fts-storage.c:484 ft = 0x235bdf0 flist = 0x2326868 #11 fts_mail_precache (_mail=0x23639b0) at fts-storage.c:501 _data_stack_cur_id = 4 mail = 0x23639b0 fmail = ft = #12 0x00007f1b73a1fad9 in mail_precache (mail=0x23639b0) at mail.c:401 _data_stack_cur_id = 3 p = 0x23639b0 #13 0x00000000004246b1 in cmd_index_box_precache (box=0x233a360) at doveadm-mail-index.c:75 ctx = 0x235ca40 metadata = {guid = '\000' , virtual_size = 0, cache_fields = 0x0, precache_fields = 2359788, backend_ns_prefix = 0x0, backend_ns_type = 0} counter = 0 max = 1574 status = {messages = 13892, recent = 0, unseen = 0, uidvalidity = 1426760059, uidnext = 20447, first_unseen_seq = 0, first_recent_uid = 1, last_cached_seq = 12318, highest_modseq = 0, highest_pvt_modseq = 0, keywords = 0x0, permanent_flags = 0, permanent_keywords = 0, allow_new_keywords = 0, nonpermanent_modseqs = 0, no_modseq_tracking = 0, have_guids = 1, have_save_guids = 1, have_only_guid128 = 0} mail = 0x23639b0 ret = 0 trans = 0x23536d0 search_args = 0x0 seq = #14 cmd_index_box (ctx=0x2318910, info=) at doveadm-mail-index.c:130 box = 0x233a360 status = {messages = 36801008, recent = 0, unseen = 36838224, uidvalidity = 0, uidnext = 1, first_unseen_seq = 0, first_recent_uid = 36805392, last_cached_seq = 0, highest_modseq = 36801016, highest_pvt_modseq = 0, keywords = 0x0, permanent_flags = 1939790736, permanent_keywords = 1, allow_new_keywords = 1, nonpermanent_modseqs = 0, no_modseq_tracking = 1, have_guids = 1, have_save_guids = 0, have_only_guid128 = 0} ret = 0 ---Type to continue, or q to quit--- #15 cmd_index_run (user=0x2321b50, _ctx=0x2318910) at doveadm-mail-index.c:201 _data_stack_cur_id = 2 iter = 0x2332360 info = ret = 0 #16 cmd_index_run (_ctx=0x2318910, user=0x2321b50) at doveadm-mail-index.c:173 ctx = 0x2318910 i = #17 0x00000000004201d0 in doveadm_mail_next_user (error_r=0x7fff678c4aa8, input=, ctx=0x2318910) at doveadm-mail.c:380 error = ret = 0 #18 doveadm_mail_next_user (ctx=0x2318910, input=, error_r=0x7fff678c4aa8) at doveadm-mail.c:333 ip = ret = #19 0x0000000000421131 in doveadm_mail_cmd (argv=0x23093c0, argc=2, cmd=0x2317b90) at doveadm-mail.c:608 input = {module = 0x0, service = 0x44f7aa "doveadm", username = 0x2309600 "root", session_id = 0x0, local_ip = {family = 0, u = {ip6 = {__in6_u = {__u6_addr8 = '\000' , __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = {s_addr = 0}}}, remote_ip = {family = 0, u = {ip6 = {__in6_u = {__u6_addr8 = '\000' , __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = {s_addr = 0}}}, local_port = 0, remote_port = 0, userdb_fields = 0x0, flags_override_add = 0, flags_override_remove = 0, no_userdb_lookup = 0} ctx = 0x2318910 getopt_args = 0x2301688 "qn:AF:S:u:" ret = c = wildcard_user = 0x0 error = #20 doveadm_mail_try_run (cmd_name=cmd_name at entry=0x2309421 "index", argc=2, argv=0x23093b8) at doveadm-mail.c:704 cmd = 0x2317b90 #21 0x000000000041413f in main (argc=2, argv=0x23093b8) at doveadm.c:346 cmd_name = 0x2309421 "index" quick_init = false c = (gdb) From mailinglists at easy-mail.it Wed Jul 29 14:25:25 2015 From: mailinglists at easy-mail.it (Francesco) Date: Wed, 29 Jul 2015 16:25:25 +0200 Subject: dbox: message internal date Message-ID: <1438179925.4447.25.camel@secoges-laptop> Hello everyone and thanks in advance for the help :) I'm trying to figure out where does dovecot store the message internal date when using single dbox storage format. In Maildir format, the internal date is determined by the actual date of the file on the filesystem, but in dbox it doesn't seem to be the case. I'm looking forward for a way to modify a message internal date when on a dovecot instance running dbox storage engine, maybe anyone knows if it's possible and how to accomplish this? Again, thank you for the help Sincerely Francesco From alvin.sm at Mail.Linux-Consulting.com Wed Jul 29 15:12:26 2015 From: alvin.sm at Mail.Linux-Consulting.com (alvin) Date: Wed, 29 Jul 2015 08:12:26 -0700 Subject: Deafness In-Reply-To: <30CA35A6-8AC8-4E9F-881A-886AACFBE5CA@distal.com> References: <89102DBE-9798-4651-8770-6E9F9690B8A8@hldns.com> <6BA87656-D763-4F8A-9F01-971FC0910233@hldns.com> <01584C24-3C13-4373-99CC-14D043E22E80@hldns.com> <30CA35A6-8AC8-4E9F-881A-886AACFBE5CA@distal.com> Message-ID: <20150729151225.GA15738@Mail.Linux-Consulting.com> hi ya On Tue, Jul 28, 2015 at 11:35:31PM -0400, Chris Ross wrote: > > > On Jul 28, 2015, at 21:52 , Steffan Cline wrote: > > > > Ok, I think I have come a little further. > > > > When dovecot stops accepting connections, I checked netstat and found this: > > > > [root at hosting1 ~]# netstat -an | grep 993 > > tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN > > tcp 0 0 65.39.x.x:993 184.101.x.x:36351 SYN_RECV > > tcp 0 0 65.39.x.x:993 107.212.x.x:51487 SYN_RECV > > tcp 0 0 65.39.x.x:993 107.212.x.x:51488 SYN_RECV > > tcp 0 0 65.39.x.x:993 184.101.x.x:44650 SYN_RECV are you sure thee are legitimate incoming imaps connections from those 107.212.x.x IP# address ?? they could just be probing your server for vulnerability before attacking what ports are used or not ... etc etc.. the fact that doveocot replies to telnet localhost 993 is a good thing, that imaps "should work" ... you can also go one step further and check the certs belong to you: outsidePC# openssl s_client -connect imaps.your-domain.com:993 if it is your own real connnections attempts from your customers/employee, you might have a problem, that requires more info ... if you do NOT receognized those IP#, don't worry, except that you do need to add imaps and pop3s into /etc/hosts.allow to allow legit connectons and all other script kiddies should be dropped. similarly, your firewall should be configured to tarpit un-authorized new tcp connections to port 993 > > This told me it wasn???t too many connections causing dovecot to be unresponsive. So then I tried via telnet. > > > > Dovecot seems to accept connections but then just sits there and does nothing. I used the appropriate commands to try and initiate a login but nothing happens. Typing any commands at all produce no response from dovecot. > > Actually, I think the above shows that it???s not a dovecot problem. A socket in a SYN_RECV state means that a connection request has been merely been received from the network. That means your kernel has not finished establishing the TCP connection, so dovecot (or the application level in general) is likely not even involved yet. I would suspect some sort of firewall config on your host, or perhaps some sort of overload at the network stack level. But, the latter only if the server were very heavily loaded. ditto > I hope this feedback is helpful. pixie dust alvin - http://NetworkNightmare.net/OpenSSL From darix at opensu.se Wed Jul 29 15:17:52 2015 From: darix at opensu.se (Marcus =?UTF-8?B?UsO8Y2tlcnQ=?=) Date: Wed, 29 Jul 2015 17:17:52 +0200 Subject: Deafness In-Reply-To: <20150729151225.GA15738@Mail.Linux-Consulting.com> References: <89102DBE-9798-4651-8770-6E9F9690B8A8@hldns.com> <6BA87656-D763-4F8A-9F01-971FC0910233@hldns.com> <01584C24-3C13-4373-99CC-14D043E22E80@hldns.com> <30CA35A6-8AC8-4E9F-881A-886AACFBE5CA@distal.com> <20150729151225.GA15738@Mail.Linux-Consulting.com> Message-ID: <20150729171752.1ed0543f@tengu.suse.de> On Wed, 29 Jul 2015 08:12:26 -0700 alvin wrote: > > hi ya > > On Tue, Jul 28, 2015 at 11:35:31PM -0400, Chris Ross wrote: > > > > > On Jul 28, 2015, at 21:52 , Steffan Cline > > > wrote: > > > > > > Ok, I think I have come a little further. > > > > > > When dovecot stops accepting connections, I checked netstat and > > > found this: > > > > > > [root at hosting1 ~]# netstat -an | grep 993 > > > tcp 0 0 0.0.0.0:993 > > > 0.0.0.0:* LISTEN tcp 0 0 > > > 65.39.x.x:993 184.101.x.x:36351 SYN_RECV > > > tcp 0 0 65.39.x.x:993 > > > 107.212.x.x:51487 SYN_RECV tcp 0 0 > > > 65.39.x.x:993 107.212.x.x:51488 SYN_RECV > > > tcp 0 0 65.39.x.x:993 > > > 184.101.x.x:44650 SYN_RECV Are all the users with problems behind NAT e.g? https://www.youtube.com/watch?v=gfYYggNkM20 -- openSUSE - SUSE Linux is my linux openSUSE is good for you www.opensuse.org From mindlessghost at live.com Wed Jul 29 17:35:19 2015 From: mindlessghost at live.com (josh schooler) Date: Wed, 29 Jul 2015 10:35:19 -0700 Subject: \ help, permissions = In-Reply-To: <201507282128.t6SLSbQ1013942@Mail.Linux-Consulting.com> References: <201507282128.t6SLSbQ1013942@Mail.Linux-Consulting.com> Message-ID: Alright I've finally gotten passed the permission issues, apparmor was the issue, I guess I wasn't fully killing the stupid thing, but now I'm having another issue trying to start dovecot writing the configuration failed: Could not enable dovecot. Dovecot.service dovecot IMAP server Loaded: loaded (lib/systemd/system/dovecot.service; enabled) Activate: inactive (dead) since Wed 2015-07-28- 09:45:16 PDT: 39min ago Main PID 570 (code=exited status=0/SUCCESS) July 29 9:45:15 hosting dovecot[611]: master: dovecot v2.2.12 starting up for pop3 (core dumps disabled) July 29 10:22:33 hosting systemd[1] [/lib/systemd/system/dovecot.service:6] executable path is not absolute, ignoring kill ?cat /car/run/dovecot/Master.pid? > On Jul 28, 2015, at 2:28 PM, alvin wrote: > > > hi josh > >> Try turning off Apparmor. When I did the same OpenSuSE upgrade, >> Apparmor messed up my dovecot installation with similar errors. I >> disabled Apparmor and the permissions issues disappeared. BTW, I gave >> up trying to re-configure Apparmor and have left it disabled with no >> issues. > > i also do periodic rolling updates from suse-11.x to 12.x to 13.x > on the same server and now just run suse-factory and need to > tweek some apps/settings > > in your case, i'd also check suse iptables rules and also maybe > it's an issue with /etc/init.d vs systemctl > > systemctl enable dovecot && systemctl restart dovecot > > ---> what is the output of systemctl status doveoct > > pixie dust > alvin > - http://IPtables-BlackList.net > >>> On 27/07/2015 9:32 PM, josh schooler wrote: >>> both of my other servers its owned by exim, the permissions in the other two servers are 644, and dovecot starts just fine on those, I don't know what happened I updated my server from opensuse 12.1 to 13.2 and now dovecot is refusing to start. From sascha+dovecot at valckenier-kips.de Wed Jul 29 20:42:32 2015 From: sascha+dovecot at valckenier-kips.de (Sascha) Date: Wed, 29 Jul 2015 22:42:32 +0200 Subject: Dovecot under Linux with mail-extension and case insesitiv Message-ID: <55B93AB8.5030603@valckenier-kips.de> Hello, i use doevecot 2.2.18 current. My Problem is with email-extension and case sensitiv folders. Example: user+extenstion will be delivered to the user and subfolder extenstion so this is okay. but user+extenstion will not be delivert to the user and exiting subfolder Extenstion so that is not okay. The mail will be also delivered in the subfolder extension. The exiting Folder Extension will not used. Give's a way to tell dovecot, use the extension as a Folder, if a exiting folder with Upper/Lower Cases will be detect and use the right folder to delivery? -- Regards Sascha --- Diese E-Mail wurde von Avast Antivirus-Software auf Viren gepr?ft. https://www.avast.com/antivirus From pch at myzel.net Wed Jul 29 22:08:32 2015 From: pch at myzel.net (Peter Chiochetti) Date: Thu, 30 Jul 2015 00:08:32 +0200 Subject: Dovecot under Linux with mail-extension and case insesitiv In-Reply-To: <55B93AB8.5030603@valckenier-kips.de> References: <55B93AB8.5030603@valckenier-kips.de> Message-ID: <55B94EE0.8000103@myzel.net> Am 2015-07-29 um 22:42 schrieb Sascha: > Hello, > > i use doevecot 2.2.18 current. My Problem is with email-extension and > case sensitiv folders. > > Example: > user+extenstion will be delivered to the user and subfolder extenstion > so this is okay. > but user+extenstion will not be delivert to the user and exiting > subfolder Extenstion so that is not okay. > The mail will be also delivered in the subfolder extension. The exiting > Folder Extension will not used. > > Give's a way to tell dovecot, use the extension as a Folder, if a > exiting folder with Upper/Lower Cases will be detect and use the right > folder to delivery? Speaking German natively, I think I have an advantage of understanding against native English speakers, still I have a hard time making sense of your mail. That said: I successfully use sieve to deliver/sort addresses with a "detail", (the part after the plus (+) sign) into different folders. Maybe that helps you, or others? -- peter From skdovecot at smail.inf.fh-brs.de Thu Jul 30 06:37:51 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 30 Jul 2015 08:37:51 +0200 (CEST) Subject: Dovecot under Linux with mail-extension and case insesitiv In-Reply-To: <55B93AB8.5030603@valckenier-kips.de> References: <55B93AB8.5030603@valckenier-kips.de> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 29 Jul 2015, Sascha wrote: > Example: > user+extenstion will be delivered to the user and subfolder extenstion > so this is okay. > but user+extenstion will not be delivert to the user and exiting > subfolder Extenstion so that is not okay. > The mail will be also delivered in the subfolder extension. The exiting > Folder Extension will not used. > > Give's a way to tell dovecot, use the extension as a Folder, if a > exiting folder with Upper/Lower Cases will be detect and use the right > folder to delivery? you want: user+extension & user+Extension & user+eXtension & user+eXtENSioN a.s.o to be filed into the existing extension folder of the user, or into Extension, if that one exists already, or ... . No, there is not natively (currently). However, there might be tricks with Sieve and external programs, so that you can use "fileinto". I guess you need to reprase your subject line, in order to trigger Stephan's interest. :-) - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVbnGP3z1H7kL/d9rAQLaEwf8D2fb9wi15i3RaDhm5/eJ6Q/tpPCKZR0l IKCh3YtBR2mrsYHBhgpC1glLk0hR+wyCod8ESYlcUkAio/HdHUN9dGxJ+0EkaJ9q /I8Ay+CjTsvAtt9aTDoxpmLVsZTJY6ZJ0Wuly9UcE2H6QtRsxoPvVl15LuSQybNp NlyrPoEeu90R/9eCxoBSwIu/qGx3f7pTMnH7oLpN46YEqbjDUewH5IF2naqeFIx3 luEk5yFiKRZz8zJBBWdJ0sHnDoO0qjnJ9du5V+oD4MTx2xb25c3ZEGcp9WliFsY2 rFia2ll3LN9REIXSeLcJV9vztr3UDDbUUzj7mtPPAg4KURgG7Qzi8A== =XkXl -----END PGP SIGNATURE----- From Jost.Krieger+dovecot at rub.de Mon Jul 27 09:05:16 2015 From: Jost.Krieger+dovecot at rub.de (Jost Krieger) Date: Mon, 27 Jul 2015 11:05:16 +0200 Subject: doveadm import - strange warning In-Reply-To: <20150727085115.GB20452@sys4.de> References: <20150716084628.GA17953@sys4.de> <20150727085115.GB20452@sys4.de> Message-ID: <20150727090515.GU96624@ruhr-uni-bochum.de> On Mon Jul 27 10:51:16 2015, Ralf Hildebrandt wrote: > Anybody seen this before? > Seems easy to reproduce... > > * Ralf Hildebrandt : > > I'm using the doveadm import command to extract mails from my backup: > > > > % doveadm import -u restore at backup.invalid mdbox:/home/copymail/mdbox "" \ > > mailbox INBOX header Delivered-To backup+$SEARCHPATTERN at backup.invalid > > > > This works like a charm, I'm getting all the mails, and I can access > > the newly generated mailbox. > > > > But when executing the command I'm getting an annoying warning: > > > > doveadm(restore at backup.invalid): Error: chdir(/root/) failed: Permission denied (euid=1001(copymail) egid=1001(copymail) missing +x perm: /root, dir owned by 0:0 mode=0700) > > doveadm(restore at backup.invalid): Error: chdir(/root) failed: Permission denied Same happened to me. It seems doveadm is changing uids and then chdirs to the original home directory. I made it go away by using "sudo". This will not fit all situations. Yours Jost Krieger -- | Jost.Krieger+sig at ruhr-uni-bochum.de Please help stamp out spam! | | Postmaster, JAPH, resident answer machine at RUB Comp. Center | | Sincere words are not sweet, sweet words are not sincere. | | Lao Tse, Tao Te King 81 | -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4784 bytes Desc: not available URL: From Jost.Krieger+dovecot at rub.de Thu Jul 30 06:52:18 2015 From: Jost.Krieger+dovecot at rub.de (Jost Krieger) Date: Thu, 30 Jul 2015 08:52:18 +0200 Subject: Dovecot under Linux with mail-extension and case insesitiv In-Reply-To: <55B93AB8.5030603@valckenier-kips.de> References: <55B93AB8.5030603@valckenier-kips.de> Message-ID: <20150730065218.GW96624@ruhr-uni-bochum.de> On Wed Jul 29 22:42:32 2015, Sascha wrote: > i use doevecot 2.2.18 current. My Problem is with email-extension and > case sensitiv folders. > > Example: > user+extenstion will be delivered to the user and subfolder extenstion > so this is okay. > but user+extenstion will not be delivert to the user and exiting > subfolder Extenstion so that is not okay. > The mail will be also delivered in the subfolder extension. The exiting > Folder Extension will not used. > > Give's a way to tell dovecot, use the extension as a Folder, if a > exiting folder with Upper/Lower Cases will be detect and use the right > folder to delivery? Unfortunately you didn't tell us which part of dovecot is doing the delivery and which structure your folders are. That could be lda, lmtp or even your MTA. But I am quite sure that you can't match existing folders case-insensistively, except if you are working on a case-insensitive filesystem *and* not using dbox. In this case it shouldn't depend on the delivery method. Yours Jost Krieger -- | Jost.Krieger+sig at ruhr-uni-bochum.de Please help stamp out spam! | | Postmaster, JAPH, resident answer machine at RUB Comp. Center | | Sincere words are not sweet, sweet words are not sincere. | | Lao Tse, Tao Te King 81 | -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4784 bytes Desc: not available URL: From pch at myzel.net Thu Jul 30 07:43:20 2015 From: pch at myzel.net (Peter Chiochetti) Date: Thu, 30 Jul 2015 09:43:20 +0200 Subject: Sieve case insensitive detail part In-Reply-To: <55B95CB8.90000@valckenier-kips.de> References: <55B93AB8.5030603@valckenier-kips.de> <55B94EE0.8000103@myzel.net> <55B95CB8.90000@valckenier-kips.de> Message-ID: <55B9D598.9070502@myzel.net> Am 2015-07-30 um 01:07 schrieb Sascha: > Ich hab mehr als 30-40 Ordner, die ich per + Zeichen direkt adressiere. > [?] Adressen gezielt zu filtern, ohne Sieve zu konfigurieren, hab nicht > immer gleich zugriff ein Sieve Client (bei Neuvergabe, wurden die Ordner > angelegt, wenn auch erst mal in der Schreibweise der Adresserweiterung. > Ich habe das ganze schon bef?rchtet und muss wohl doch ?ber sieve > nachdenken, um mein Problem zu l?sen. Hello Sascha, sieve scripts are quite easy, see Steffen's example. I think what you want your script to do is: With any detail part, lowercase it, file message into detail folder, create as necessary. Something like auto-variables in Makfiles, where the rule gets its value from the target, e.g. -- peter From jc at info-systems.de Thu Jul 30 13:52:05 2015 From: jc at info-systems.de (Jakob Curdes) Date: Thu, 30 Jul 2015 15:52:05 +0200 Subject: Question RE listescape and separators Message-ID: <55BA2C05.10109@info-systems.de> Hello, we just start moving a large number of mailboxes to a new dovecot server with dovecot 2.0.9 (from CentOS) and sdbox as mailbox type. We use imapsync so there is no issue with mailbox type conversion. However, in test runs I noted that some mail folders,e.g. with dots in them, could not be transferred; dovecot says Couldn't create folder [7.8) Personnel] from [7.8) Personnel]: 106 NO Character not allowed in mailbox name: '.' We have the separator "/" defined for our only namespace so the dot should not be an issue!? I tried to use listescape but either the plugin is not loading (how can I verify this?) or it does not escape the dot in the mailbox name. The listescape settings are the defaults: namespace { separator = / (...) } mail_plugins = $mail_plugins listescape plugin { listescape_char = "\\" } What am I doing wrong? How can I make dots in mailboxes possible? Best regards, Jakob Curdes From Philipp.Faeustlin at uni-hohenheim.de Thu Jul 30 15:39:42 2015 From: Philipp.Faeustlin at uni-hohenheim.de (Philipp Faeustlin) Date: Thu, 30 Jul 2015 17:39:42 +0200 Subject: doveadm import - strange warning In-Reply-To: <20150727094113.GD20452@sys4.de> References: <20150716084628.GA17953@sys4.de> <20150727085115.GB20452@sys4.de> <55B5F7B8.8090209@univention.de> <20150727094113.GD20452@sys4.de> Message-ID: <55BA453E.3010900@uni-hohenheim.de> Am 27.07.2015 um 11:41 schrieb Ralf Hildebrandt: > * Daniel Tr?der : > >> Just guessing? >> >> The signature of the command is: >> doveadm [-Dv] import [-S socket_path] [-s] -u user source_location >> dest_parent search_query >> >> You supply "" as dest_parent which I guess could mean ".", and that may >> be "/root" when run as root. Try "INBOX" or "restore_folder" and see if >> the error vanishes. > > With "INBOX", nothing changes on the output (although the script > doesn't restore properly anymore) > > With ".", I get: > I think there are two independent errors. First: > doveadm(restore at backup.invalid): Error: chdir(/root/) failed: Permission denied (euid=1001(theid) egid=1001(theid) missing +x perm: /root, dir owned by 0:0 mode=0700) > doveadm(restore at backup.invalid): Error: chdir(/root) failed: Permission denied Here I think doveadm import tries to do a chdir to the users HOME Directory and does it wrong. It uses the bash environment variable $HOME instead of the users home information as shown by doveadm user. Why do I think so, because if I manually export the bash environment HOME to the Home Directory of the user I want to import to I don't receive this error anymore. Example: export HOME="/mailhome/userA" doveadm import -u userA maildir:/backup/userA Backup ALL; -> No Error export HOME="/root" doveadm import -u userA maildir:/backup/userA Backup ALL; -> Error as seen above. Second: > doveadm(restore at backup.invalid): Error: Couldn't create mailbox ./INBOX: Invalid mailbox name: Contains '.' part This error is dependent on your namespace. If using standard maildir with "/" as separator then "./INBOX" isn't a correct Mailbox name, because dot is not allowed. In this case it should only be "INBOX". But as I said before this depends on your configuration. If I'm not sure, I check the notation by using doveadm mailbox list -u userA. > > I still think this is an obscure bug :) > If the first error is a bug or a feature I don't know, but doveadm import works correct with or without this error shown. At least for the things I have done. From sascha+dovecot at valckenier-kips.de Thu Jul 30 18:13:54 2015 From: sascha+dovecot at valckenier-kips.de (Sascha) Date: Thu, 30 Jul 2015 20:13:54 +0200 Subject: Dovecot under Linux with mail-extension and case insesitiv In-Reply-To: <20150730065218.GW96624@ruhr-uni-bochum.de> References: <55B93AB8.5030603@valckenier-kips.de> <20150730065218.GW96624@ruhr-uni-bochum.de> Message-ID: <55BA6962.3040507@valckenier-kips.de> Am 30.07.2015 um 08:52 schrieb Jost Krieger: > On Wed Jul 29 22:42:32 2015, Sascha wrote: > >> i use doevecot 2.2.18 current. My Problem is with email-extension and >> case sensitiv folders. >> >> Example: >> user+extenstion will be delivered to the user and subfolder extenstion >> so this is okay. >> but user+extenstion will not be delivert to the user and exiting >> subfolder Extenstion so that is not okay. >> The mail will be also delivered in the subfolder extension. The exiting >> Folder Extension will not used. >> >> Give's a way to tell dovecot, use the extension as a Folder, if a >> exiting folder with Upper/Lower Cases will be detect and use the right >> folder to delivery? > > Unfortunately you didn't tell us which part of dovecot is doing the > delivery and which structure your folders are. That could be lda, lmtp > or even your MTA. But I am quite sure that you can't match existing > folders case-insensistively, except if you are working on a > case-insensitive filesystem *and* not using dbox. In this case it > shouldn't depend on the delivery method. > > Yours > Jost Krieger Current the delivery will be made with lda from postfix. With a case-insensitive filesystem i would try but my vserver installation has a kernel without fuse modul and ciopfs need this. This is also not possible for me. Another idea was to change the dovecot code to detect the right upper/lower Case names from folder, but on update this will be override, so i'dont wont it. I will use the MailDir format not dbox. Thanks, Regards Sascha -- -- Regards Sascha --- Diese E-Mail wurde von Avast Antivirus-Software auf Viren gepr?ft. https://www.avast.com/antivirus From sascha+dovecot at valckenier-kips.de Thu Jul 30 18:24:30 2015 From: sascha+dovecot at valckenier-kips.de (Sascha) Date: Thu, 30 Jul 2015 20:24:30 +0200 Subject: Dovecot under Linux with mail-extension and case insesitiv In-Reply-To: References: <55B93AB8.5030603@valckenier-kips.de> Message-ID: <55BA6BDE.3060000@valckenier-kips.de> Am 30.07.2015 um 08:37 schrieb Steffen Kaiser: > On Wed, 29 Jul 2015, Sascha wrote: > > > Example: > > user+extenstion will be delivered to the user and subfolder extenstion > > so this is okay. > > but user+extenstion will not be delivert to the user and exiting > > subfolder Extenstion so that is not okay. > > The mail will be also delivered in the subfolder extension. The exiting > > Folder Extension will not used. > > > Give's a way to tell dovecot, use the extension as a Folder, if a > > exiting folder with Upper/Lower Cases will be detect and use the right > > folder to delivery? > > you want: > > user+extension & > user+Extension & > user+eXtension & > user+eXtENSioN a.s.o > > to be filed into the existing extension folder of the user, or into > Extension, if that one exists already, or ... . > > No, there is not natively (currently). > > However, there might be tricks with Sieve and external programs, so > that you can use "fileinto". I guess you need to reprase your subject > line, in order to trigger Stephan's interest. :-) > > -- Steffen Kaiser Hello Steffen, yes, this is was i mean and my hope was, i need no sieve Script. My current mailserver dbmail can this but has 2 bugs without fixes as the last year. One horde with activesync give me on move/delete message an error in ios client and the second is 7bit encoded mails will me show in horde an mobile devices as attachment. On mobile devices i can't read the message. Now i will convert to other mailserver and i have tryed dovecot. At the moment everything shows good for me but this one are current stop me to convert the server at the moment. If you have a good solution, with possible autodetect exiting folder, i will be very happy. Thanks, Regards Sascha > > --- > Diese E-Mail wurde von Avast Antivirus-Software auf Viren gepr?ft. > https://www.avast.com/antivirus > -- -- Regards Sascha --- Diese E-Mail wurde von Avast Antivirus-Software auf Viren gepr?ft. https://www.avast.com/antivirus From skdovecot at smail.inf.fh-brs.de Thu Jul 30 19:53:42 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen) Date: Thu, 30 Jul 2015 21:53:42 +0200 Subject: Dovecot under Linux with mail-extension and case insesitiv In-Reply-To: <55BA6962.3040507@valckenier-kips.de> References: <55B93AB8.5030603@valckenier-kips.de> <20150730065218.GW96624@ruhr-uni-bochum.de> <55BA6962.3040507@valckenier-kips.de> Message-ID: <55BA80C6.9050005@smail.inf.fh-brs.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sascha wrote: > Am 30.07.2015 um 08:52 schrieb Jost Krieger: >> On Wed Jul 29 22:42:32 2015, Sascha wrote: >> >>> i use doevecot 2.2.18 current. My Problem is with >>> email-extension and case sensitiv folders. >>> >>> Example: user+extenstion will be delivered to the user and >>> subfolder extenstion so this is okay. but user+extenstion will >>> not be delivert to the user and exiting subfolder Extenstion so >>> that is not okay. The mail will be also delivered in the >>> subfolder extension. The exiting Folder Extension will not >>> used. >>> >>> Give's a way to tell dovecot, use the extension as a Folder, if >>> a exiting folder with Upper/Lower Cases will be detect and use >>> the right folder to delivery? >> >> Unfortunately you didn't tell us which part of dovecot is doing >> the delivery and which structure your folders are. That could be >> lda, lmtp or even your MTA. But I am quite sure that you can't >> match existing folders case-insensistively, except if you are >> working on a case-insensitive filesystem *and* not using dbox. In >> this case it shouldn't depend on the delivery method. >> >> Yours Jost Krieger > Current the delivery will be made with lda from postfix. Do you use the -m option of the Dovecot LDA? http://wiki2.dovecot.org/LDA/Postfix you could lower-case (or mangle the case) of its argument. I guess to detect the case of an already existing foldern would be a real work, but you could lower case it. - -- Steffen -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (Darwin) iQEVAwUBVbqAxXz1H7kL/d9rAQLsPAf/TksyXg7xcd/dfs2vvyYLOpEdstDPFP8/ apJ3GsZ24XO0Waw+VqPH/v3JDQVV4Z4pXqArag8w6Xql2Afy9+wilkl24VKYKJLH 9MEnK224b/FUjFZDD/+9wnxfhHzMf0C1y+ml20+Wp4Syhg8A0NeF8fow1DBGHLfT IX+NYA7KhSCk4I3WpAY7b9gs40uP6+49e18xTe/z7906JnM+2TaOnZaMc4+32915 knMaRVx+3o39X0cr9WMAki+wGtXmWEfb0u3no8HDEGjP3HIii7WqUI7OL5E1YvPb rFn/L3DWXZ3IILYCbkAwVeFnkEHZDIrNGLGtYriMFWs740RYYqrupw== =naMD -----END PGP SIGNATURE----- From Ralf.Hildebrandt at charite.de Fri Jul 31 09:18:06 2015 From: Ralf.Hildebrandt at charite.de (Ralf Hildebrandt) Date: Fri, 31 Jul 2015 11:18:06 +0200 Subject: doveadm import - strange warning In-Reply-To: <55BA453E.3010900@uni-hohenheim.de> References: <20150716084628.GA17953@sys4.de> <20150727085115.GB20452@sys4.de> <55B5F7B8.8090209@univention.de> <20150727094113.GD20452@sys4.de> <55BA453E.3010900@uni-hohenheim.de> Message-ID: <20150731091806.GF27398@charite.de> > I think there are two independent errors. > First: > >doveadm(restore at backup.invalid): Error: chdir(/root/) failed: Permission denied (euid=1001(theid) egid=1001(theid) missing +x perm: /root, dir owned by 0:0 mode=0700) > >doveadm(restore at backup.invalid): Error: chdir(/root) failed: Permission denied > Here I think doveadm import tries to do a chdir to the users HOME Directory > and does it wrong. It uses the bash environment variable $HOME instead of > the users home information as shown by doveadm user. > > Why do I think so, because if I manually export the bash environment HOME to > the Home Directory of the user I want to import to I don't receive this > error anymore. > > Example: > export HOME="/mailhome/userA" > doveadm import -u userA maildir:/backup/userA Backup ALL; > -> No Error > export HOME="/root" > doveadm import -u userA maildir:/backup/userA Backup ALL; > -> Error as seen above. Yes, this was my actual problem. So doveadm is really doing something wrong. > Second: That was not my original problem :) > If the first error is a bug or a feature I don't know, but doveadm import > works correct with or without this error shown. At least for the things I > have done. Yes, it works. But personally I think it shouldn't emit errors if everything works as expected... I'll just work around it. -- Ralf Hildebrandt Gesch?ftsbereich IT | Abteilung Netzwerk Charit? - Universit?tsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt at charite.de | http://www.charite.de From wgrcunha at gmail.com Fri Jul 31 12:41:10 2015 From: wgrcunha at gmail.com (Francisco Wagner C. Freire) Date: Fri, 31 Jul 2015 09:41:10 -0300 Subject: FTS not indexing new folders (mailboxes) Message-ID: Hello, Im getting problem on FTS on new created folders (mailboxes). How to simulate: - Enable FTS (solr on our case) - Create a new folder (mailbox) - Move some message to that mailbox - Try to search for the message contents *doveadm search -u user at domain text sometext* # Found nothing, but if i move the message to another mailbox, the search catch the message. # I tried doveadm index command but no response as well # This works only after a full fts rescan *doveadm fts rescan -u user at domain* # And now, works *doveadm search -u user at domain text sometext3c7b60241443ba55af680000cc4d0d4b 1* # My dovecot version = 2.2.18 (EE) # My fts config: fts = solr fts_autoindex = yes fts_autoindex_max_recent_msgs = 50 fts_solr = url=http://127.0.0.1:8080/solr/ Anyone got this problem? From grover at sitepark.com Fri Jul 31 14:01:15 2015 From: grover at sitepark.com (Christoph =?ISO-8859-1?Q?Gr=F6ver?=) Date: Fri, 31 Jul 2015 16:01:15 +0200 Subject: Dovecot/Pigeonhole Issue (UTC modtime instead of localtime) Message-ID: <20150731160115.2df2f412@aeshna> Hi List, We are using the following setup: Dovecot-2.2.18 Pigeonhole-0.4.8 (for Dovecot-2.2) After the mail is finally delivered via a fileinto by the Sieve filter it gets an updated timestamp (modification time). The server has localtime setup correctly IMO (UTC +0200), but still the delivered mail is setup as being two hours old. I think I found out that the function sieve_file_storage_update_mtime() is the cause of this problem. But perhaps there has to be some kind of setup, that tells pigeonhole to use the 2 hour offset of CEST. I think to reset the mtime by utime(s) is a bit strange. It already gets the correct modtime just by storing it in the filesystem. Last version we used (0.2.5) did not have this poblem. So it must be there for some reason? Perhaps you can enlighten me. Thanks for your time. Greetings -- Sitepark Gesellschaft f?r Informationsmanagement mbH Rothenburg 14-16, 48143 M?nster Telefon: +49 251 482655-0, Telefax: +49 251 482655-55 http://www.sitepark.com http://www.facebook.com/sitepark Gesch?ftsf?hrer: Thorsten Liebold Amtsgericht M?nster, HRB 5017 From stephan at rename-it.nl Fri Jul 31 14:57:31 2015 From: stephan at rename-it.nl (Stephan Bosch) Date: Fri, 31 Jul 2015 16:57:31 +0200 Subject: Dovecot/Pigeonhole Issue (UTC modtime instead of localtime) In-Reply-To: <20150731160115.2df2f412@aeshna> References: <20150731160115.2df2f412@aeshna> Message-ID: <55BB8CDB.6010809@rename-it.nl> Christoph Gr?ver schreef op 31-7-2015 om 16:01: > We are using the following setup: > > Dovecot-2.2.18 > Pigeonhole-0.4.8 (for Dovecot-2.2) > > After the mail is finally delivered via a fileinto by the Sieve filter > it gets an updated timestamp (modification time). > The server has localtime setup correctly IMO (UTC +0200), but still the > delivered mail is setup as being two hours old. Hmm. Probably, the timezone configuration (i.e. the contents of TZ timezone environment variable) somehow doesn't reach the final stages of e-mail delivery. > I think I found out that the function sieve_file_storage_update_mtime() > is the cause of this problem. No. That is for the storage of the Sieve scripts and not the delivered e-mail. That part is handled by Dovecot lib-storage. > But perhaps there has to be some kind of > setup, that tells pigeonhole to use the 2 hour offset of CEST. > I think to reset the mtime by utime(s) is a bit strange. It already gets > the correct modtime just by storing it in the filesystem. > > Last version we used (0.2.5) did not have this poblem. So it must be > there for some reason? That is very old. Many things have changed in the mean time, so this is not very helpful in pinpointing what could cause this. I haven't tried this at my end yet, but - to make sure we have all the information we may need - could you enlighten us a bit about your configuration? So, what output is produced by `dovecot -n`? How is final delivery performed (using LDA or LMTP)? Regards, Stephan. From grover at sitepark.com Fri Jul 31 20:20:49 2015 From: grover at sitepark.com (Christoph =?ISO-8859-1?Q?Gr=F6ver?=) Date: Fri, 31 Jul 2015 22:20:49 +0200 Subject: Dovecot/Pigeonhole Issue (UTC modtime instead of localtime) In-Reply-To: <55BB8CDB.6010809@rename-it.nl> References: <20150731160115.2df2f412@aeshna> <55BB8CDB.6010809@rename-it.nl> Message-ID: <20150731222049.4e31d52c@anax.odonata.de> Thanks Stephan for your answer. > > Hmm. Probably, the timezone configuration (i.e. the contents of TZ > timezone environment variable) somehow doesn't reach the final stages of > e-mail delivery. Sorry, I just found out we had pigeonhole-0.4.3 running on the old server. The sources of 0.2.5 were also lying around, but were not used anymore. On the old and the new server there's no TZ or TIMEZONE variable. Still the version 0.4.3 together with System V on Mandriva 2010.2 worked and the systemd version on CentOS 7.1.x sets up the past (2h back) as the modtime > > > I think I found out that the function sieve_file_storage_update_mtime() > > is the cause of this problem. > > No. That is for the storage of the Sieve scripts and not the delivered > e-mail. That part is handled by Dovecot lib-storage. I see. Made some assumptions which were wrong. > > I haven't tried this at my end yet, but - to make sure we have all the > information we may need - could you enlighten us a bit about your > configuration? So, what output is produced by `dovecot -n`? How is final > delivery performed (using LDA or LMTP)? We are delivering mail via Dovecot-LDA, which calls pigeonhole ... This is the (relevant) part of 'doveconf -': ------------------------------------- # 2.2.18: /srv/dovecot-2.2.18/etc/dovecot/dovecot.conf # Pigeonhole version 0.4.8 (0c4ae064f307+) # OS: Linux 3.10.0-229.7.2.el7.x86_64 x86_64 CentOS Linux release 7.1.1503 (Core) auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain login cram-md5 auth_verbose = yes auth_verbose_passwords = plain base_dir = /var/run/dovecot-22/ debug_log_path = /var/log/dovecot/dovecot.debug default_internal_user = someuser default_login_user = someuser disable_plaintext_auth = no info_log_path = /var/log/dovecot/dovecot.log log_path = /var/log/dovecot/dovecot.err mail_location = maildir:~/Maildir:INBOX=~/Maildir mail_plugins = acl managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate [...] plugin { acl = vfile mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid size sieve = /srv/mail/sieve/%n.sieve sieve_before = /srv/mail/sieve/spam-filter/%n.sieve sieve_dir = ~/sieve sieve_global_dir = /srv/mail/sieve/global/ sieve_global_path = /srv/mail/sieve/default.sieve } protocols = imap sieve service auth { unix_listener auth-userdb { group = vmail mode = 0600 user = someuser } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } process_limit = 400 process_min_avail = 2 } service imap { executable = imap postlogin process_limit = 350 } service postlogin { executable = script-login rawlog user = someuser } [..] userdb { args = uid=someuser gid=vmail home=/srv/mail/someuser/%u driver = static } userdb { args = username_format=%n /etc/dovecot/users driver = passwd-file } protocol imap { mail_max_userip_connections = 30 mail_plugins = acl imap_acl mail_log notify } protocol lda { info_log_path = /var/log/dovecot/deliver.log log_path = /var/log/dovecot/deliver.err mail_plugins = sieve } ------------------------------- I had a look at lib-storage of dovecot, which also has calls for utime in it. Well, I yet fail to understand why this could be useful or necessary. After I write the file it already has the correct modtime. Absolutely no need to fiddle around with utime - IMHO. If I create a file by just touching it like 'touch SOMEFILE' it has the correct current localtime as modtime. Why should I change this to two hours in the past? I still can't see the reason for this behaviour. Perhaps some IMAP requirement I don't know of? Hope you can elighten me and/or help me. Thank you for your time. -- Christoph Gr?ver From foss-ml at c-14.de Fri Jul 31 20:37:49 2015 From: foss-ml at c-14.de (Simon Thelen) Date: Fri, 31 Jul 2015 22:37:49 +0200 Subject: Dovecot sends "OK Logged in" with empty tag Message-ID: <20150731203749.GB2027@anonymous> Hello, I'm currently writing my own IMAP client and testing it against Dovecot, and when doing PLAIN AUTH Dovecot sends the "OK Logged in" with an empty tag at the start. I tried reproducing the conversation with netcat, but Dovecot sends a correctly tagged OK at the end of the AUTH so I assume it's timing related. I've attached pcap dumps of the TCP conversation in both situations as well as the output of dovecot -n. Side Note: Why does Dovecot send the updated capabilities before OK'ing the authentication? Seems strange to me as the client can't assume that the authentication proceeded successfully until it actually receives the OK so it has to assume that those capabilities are pre login. -- Simon Thelen -------------- next part -------------- # 20150721 (32d72cb26f9e+): /home/dovecot/etc/dovecot/dovecot.conf # OS: Linux 4.1.3-gentoo x86_64 Gentoo Base System release 2.2 auth_debug = yes auth_verbose = yes base_dir = /home/dovecot/var/run/dovecot/ mail_debug = yes mail_location = maildir:~/vmail namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = scheme=CRYPT username_format=%u /home/dovecot/etc/dovecot/users driver = passwd-file } protocols = imap ssl_cert = -------------- next part -------------- A non-text attachment was scrubbed... Name: custom_imap_tcp_empty_tag Type: application/octet-stream Size: 1969 bytes Desc: not available URL: From michael at borgelt.org Tue Jul 28 09:53:44 2015 From: michael at borgelt.org (Michael Borgelt) Date: Tue, 28 Jul 2015 11:53:44 +0200 Subject: Dovecot 2.2.18 Panic: file index-mail-binary.c In-Reply-To: <20150728091215.Horde.gmc7i3jGADyFKBjMowoMTOj@hermes.dg4yfa.org> References: <20150728091215.Horde.gmc7i3jGADyFKBjMowoMTOj@hermes.dg4yfa.org> Message-ID: <55B75128.6070207@borgelt.org> Hi. I have tried this email also with thunderbird imap which works. So this is as special Problem with the imap-module of the Horde framework. I will do some more debugging this evening. My Horde framework has the following Versions: Horde Groupware Webmail Edition 5.2.7 Horde (horde) 5.2.6 Horde_Imap_Client 2.29.1 Regards, Michael. Am 28.07.2015 um 09:12 schrieb Michael Borgelt: > Hi, > I got the following in my dovecot log's on an particular email message > with dovecot-imap. > > ---snip--- > Jul 28 08:42:11 hermes dovecot: imap(mborgelt): Panic: file > index-mail-binary.c: line 354 (blocks_count_lines): assertion failed: > (ret == -1) > Jul 28 08:42:11 hermes dovecot: imap(mborgelt): Error: Raw backtrace: > /usr/lib/dovecot/libdovecot.so.0(+0x740f2) [0xb75780f2] -> > /usr/lib/dovecot/libdovecot.so.0(+0x74212) [0xb7578212] -> > /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0xb7520484] -> > /usr/lib/dovecot/libdovecot-storage.so.0(+0x99bbb) [0xb76abbbb] -> > /usr/lib/dovecot/libdovecot-storage.so.0(index_mail_get_binary_stream+0x92) > [0xb76ac122] -> > /usr/lib/dovecot/libdovecot-storage.so.0(mail_get_binary_stream+0x72) > [0xb7639172] -> > /usr/lib/dovecot/libdovecot-storage.so.0(imap_msgpart_open+0x183) > [0xb76ed323] -> dovecot/imap(+0x1a2b4) [0x800c32b4] -> > dovecot/imap(+0x18907) [0x800c1907] -> > dovecot/imap(imap_fetch_more+0x3d) [0x800c2aad] -> > dovecot/imap(cmd_fetch+0x359) [0x800b5299] -> > dovecot/imap(command_exec+0x4f) [0x800bff1f] -> dovecot/imap(+0x15c3b) > [0x800bec3b] -> dovecot/imap(+0x15cc9) [0x800becc9] -> > dovecot/imap(client_handle_input+0x13d) [0x800bf03d] -> > dovecot/imap(client_input+0x95) [0x800bf445] -> > /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x5e) [0xb758c2fe] -> > /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0xe2) > [0xb758d522] -> > /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x1a) > [0xb758c38a] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x49) > [0xb758c419] -> > /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x25) [0xb75261a5] > -> dovecot/imap(main+0x384) [0x800b1f54] -> > /lib/i386-linux-gnu/i686/cmov/libc.so.6(__libc_start_main+0xf3) > [0xb735ea63] -> dovecot/imap(+0x913a) [0x800b213a] > Jul 28 08:42:11 hermes dovecot: imap(mborgelt): Fatal: master: > service(imap): child 30866 killed with signal 6 (core dumped) > ---snip--- > > The dovecot -n output. > ---snip--- > # 2.2.18: /etc/dovecot/dovecot.conf > # OS: Linux 4.1.3 i686 Debian stretch/sid > lda_mailbox_autocreate = yes > login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e > %c %k > mail_location = maildir:~/Maildir > mailbox_list_index = yes > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope > encoded-character vacation subaddress comparator-i;ascii-numeric > relational regex imap4flags copy include variables body enotify > environment mailbox date ihave > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = > } > passdb { > driver = pam > } > plugin { > antispam_allow_append_to_spam = no > antispam_backend = pipe > antispam_debug_target = syslog > antispam_pipe_program = /usr/local/bin/sa-learn.sh > antispam_pipe_program_notspam_arg = --ham > antispam_pipe_program_spam_arg = --spam > antispam_spam = Junk > antispam_trash = Trash > antispam_verbose_debug = 1 > sieve = ~/.dovecot.sieve > sieve_dir = ~/sieve > sieve_vacation_send_from_recipient = yes > } > protocols = " imap sieve" > ssl_cert = ssl_cipher_list = > ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA > ssl_dh_parameters_length = 2048 > ssl_key = ssl_prefer_server_ciphers = yes > ssl_protocols = !SSLv3 !SSLv2 > userdb { > driver = passwd > } > protocol lda { > log_path = /var/log/dovecot_deliver.log > mail_plugins = sieve > } > protocol imap { > mail_plugins = antispam > } > ---snip--- > > gdb output: > GNU gdb (Debian 7.7.1+dfsg-5) 7.7.1 > Copyright (C) 2014 Free Software Foundation, Inc. > License GPLv3+: GNU GPL version 3 or later > > This is free software: you are free to change and redistribute it. > There is NO WARRANTY, to the extent permitted by law. Type "show > copying" > and "show warranty" for details. > This GDB was configured as "i586-linux-gnu". > Type "show configuration" for configuration details. > For bug reporting instructions, please see: > . > Find the GDB manual and other documentation resources online at: > . > For help, type "help". > Type "apropos word" to search for commands related to "word"... > Reading symbols from /usr/lib/dovecot/imap...(no debugging symbols > found)...done. > [New LWP 30866] > Core was generated by `dovecot/imap'. > Program terminated with signal SIGABRT, Aborted. > #0 0xb7764b60 in __kernel_vsyscall () > ---snip--- > > And this is the offending email: > ---snip--- > Return-Path: > X-Original-To: mborgelt at localhost > Delivered-To: mborgelt at localhost > Received: from localhost (localhost [127.0.0.1]) > by hermes.dg4yfa.org (Postfix) with ESMTP id 9B7E6520BAD > for ; Tue, 28 Jul 2015 04:38:45 +0200 (CEST) > X-Virus-Scanned: Debian amavisd-new at hermes.dg4yfa.org > Received: from hermes.dg4yfa.org ([127.0.0.1]) > by localhost (hermes.dg4yfa.org [127.0.0.1]) (amavisd-new, > port 10024) > with ESMTP id PUqAdlewtXE3 for ; > Tue, 28 Jul 2015 04:38:43 +0200 (CEST) > Received: from pop3.1blu.de (localhost [127.0.0.1]) > by hermes.dg4yfa.org (Postfix) with ESMTP id 4EC74520A86 > for ; Tue, 28 Jul 2015 04:38:43 +0200 (CEST) > Delivered-To: > Received: from ms-10.1blu.de ([178.254.4.101]) > by mb-17.1blu.de (Dovecot) with LMTP id KpihOJzptlWyFgAAZwzaeA > for ; Tue, 28 Jul 2015 04:31:56 +0200 > Received: from [209.132.180.67] (helo=vger.kernel.org) > by ms-10.1blu.de with esmtp (Exim 4.76) > (envelope-from ) > id 1ZJugO-0003Zs-BC > for michael at borgelt.org; Tue, 28 Jul 2015 04:31:56 +0200 > Received: (majordomo at vger.kernel.org) by vger.kernel.org via listexpand > id S1754900AbbG1Cbl (ORCPT ); > Mon, 27 Jul 2015 22:31:41 -0400 > Received: from smtp74.iad3a.emailsrvr.com ([173.203.187.74]:59595 "EHLO > smtp74.iad3a.emailsrvr.com" rhost-flags-OK-OK-OK-OK) > by vger.kernel.org with ESMTP id S1754333AbbG1Cbk (ORCPT > ); > Mon, 27 Jul 2015 22:31:40 -0400 > X-Greylist: delayed 541 seconds by postgrey-1.27 at vger.kernel.org; > Mon, 27 Jul 2015 22:31:40 EDT > Received: from smtp26.relay.iad3a.emailsrvr.com (localhost.localdomain > [127.0.0.1]) > by smtp26.relay.iad3a.emailsrvr.com (SMTP Server) with ESMTP > id 54B4C801BA; > Mon, 27 Jul 2015 22:22:38 -0400 (EDT) > Received: from smtp192.mex08.mlsrvr.com (unknown [74.205.9.160]) > by smtp26.relay.iad3a.emailsrvr.com (SMTP Server) with ESMTPS > id 1D84C8018F; > Mon, 27 Jul 2015 22:22:38 -0400 (EDT) > X-Sender-Id: xiaoquan.li at vivantecorp.com > Received: from smtp192.mex08.mlsrvr.com ([UNAVAILABLE]. [74.205.9.160]) > (using TLSv1 with cipher AES256-SHA) > by 0.0.0.0:25 (trex/5.4.2); > Tue, 28 Jul 2015 02:22:38 GMT > Received: from MBX05B-IAD3.mex08.mlsrvr.com (172.29.17.24) by > MBX05A-IAD3.mex08.mlsrvr.com (172.29.17.23) with Microsoft SMTP > Server (TLS) > id 15.0.1044.25; Mon, 27 Jul 2015 22:22:37 -0400 > Received: from MBX05B-IAD3.mex08.mlsrvr.com > ([fe80::7d8e:af8c:8538:7e20]) by > MBX05B-IAD3.mex08.mlsrvr.com ([fe80::7d8e:af8c:8538:7e20%21]) with > mapi id > 15.00.1044.021; Mon, 27 Jul 2015 22:22:37 -0400 > From: Xiaoquan Li > To: Benjamin Gaignard , > "linux-media at vger.kernel.org" , > "Linux Kernel Mailing List" , > "dri-devel at lists.freedesktop.org" > , > "Hans Verkuil" , > Laurent Pinchart , > Daniel Vetter , > Rob Clark , > Thierry Reding , > "Sumit Semwal" , > Tom Cooksey , > "Daniel Stone" > CC: Linaro MM SIG Mailman List > Subject: RE: [Linaro-mm-sig] [PATCH v3 0/2] RFC: Secure Memory Allocation > Framework > Thread-Topic: [Linaro-mm-sig] [PATCH v3 0/2] RFC: Secure Memory > Allocation > Framework > Thread-Index: AQHQuwv8BuA+2hTILk+/oDnwCSiUlp3vdmmAgADK2CA= > Date: Tue, 28 Jul 2015 02:22:37 +0000 > Message-ID: > > References: > <1436531290-23191-1-git-send-email-benjamin.gaignard at linaro.org> > > In-Reply-To: > > Accept-Language: en-US > Content-Language: en-US > X-MS-Has-Attach: > X-MS-TNEF-Correlator: > x-ms-exchange-transport-fromentityheader: Hosted > x-originating-ip: [172.29.9.17] > Content-Type: text/plain; charset="utf-8" > Content-Transfer-Encoding: base64 > MIME-Version: 1.0 > Sender: linux-media-owner at vger.kernel.org > Precedence: bulk > List-ID: > X-Mailing-List: linux-media at vger.kernel.org > X-Envelope-To: michael at borgelt.org > > SGkgQmVuamFtaW4sDQoNCkl0IGxvb2tzIGxpa2UgdGhpcyBmcmFtZXdvcmsgb25seSBhbGxvd3Mg > > dXNlciBzcGFjZSBjbGllbnQgdG8gdGFsayB3aXRoIHRydXN0IGFwcGxpY2F0aW9uLCBpdCB0aGVy > > ZSBhIHBsYW4gdG8gcHJvdmlkZSBrZXJuZWwgc2lkZSBBUElzIGZvciBrZXJuZWwgc3BhY2UgY2xp > > ZW50Pw0KDQpQbGVhc2UgY29ycmVjdCBtZSBpZiBteSB1bmRlcnN0YW5kaW5nIGlzIHdyb25nLg0K > > DQpUaGFua3MNCg0KWGlhb3F1YW4NCg0KLS0tLS1PcmlnaW5hbCBNZXNzYWdlLS0tLS0NCkZyb206 > > IExpbmFyby1tbS1zaWcgW21haWx0bzpsaW5hcm8tbW0tc2lnLWJvdW5jZXNAbGlzdHMubGluYXJv > > Lm9yZ10gT24gQmVoYWxmIE9mIEJlbmphbWluIEdhaWduYXJkDQpTZW50OiBNb25kYXksIEp1bHkg > > MjcsIDIwMTUgNjoxMiBQTQ0KVG86IGxpbnV4LW1lZGlhQHZnZXIua2VybmVsLm9yZzsgTGludXgg > > S2VybmVsIE1haWxpbmcgTGlzdDsgZHJpLWRldmVsQGxpc3RzLmZyZWVkZXNrdG9wLm9yZzsgSGFu > > cyBWZXJrdWlsOyBMYXVyZW50IFBpbmNoYXJ0OyBEYW5pZWwgVmV0dGVyOyBSb2IgQ2xhcms7IFRo > > aWVycnkgUmVkaW5nOyBTdW1pdCBTZW13YWw7IFRvbSBDb29rc2V5OyBEYW5pZWwgU3RvbmUNCkNj > > OiBMaW5hcm8gTU0gU0lHIE1haWxtYW4gTGlzdA0KU3ViamVjdDogUmU6IFtMaW5hcm8tbW0tc2ln > > XSBbUEFUQ0ggdjMgMC8yXSBSRkM6IFNlY3VyZSBNZW1vcnkgQWxsb2NhdGlvbiBGcmFtZXdvcmsN > > Cg0KSGkgYWxsLA0KDQpUaGlzIHRocmVhZCBkb2Vzbid0IGdldCBhbnkgZmVlZGJhY2suLi4NCg0K > > V2hhdCB3b3VsZCBiZSBncmVhdCBpcyB0byBrbm93IGlmIHRoaXMgZnJhbWV3b3JrIHByb3Bvc2Fs > > IGZpciB3aXRoDQp5b3VyIHBsYXRmb3JtIG5lZWRzLg0KDQpNYXliZSBJIGhhdmVuJ3QgY29weSB0 > > aGUgZ29vZCBtYWlsaW5nIGxpc3RzIHNvIGlmIHlvdSB0aGluayB0aGVyZSBpcw0KYmV0dGVyIG9u > > ZXMgZG8gbm90IGhlc2l0YXRlIHRvIGZvcndhcmQuDQoNClJlZ2FyZHMsDQpCZW5qYW1pbg0KDQoN > > CjIwMTUtMDctMTAgMTQ6MjggR01UKzAyOjAwIEJlbmphbWluIEdhaWduYXJkIDxiZW5qYW1pbi5n > > YWlnbmFyZEBsaW5hcm8ub3JnPjoNCj4gdmVyc2lvbiAzIGNoYW5nZXM6DQo+ICAtIFJlbW92ZSBp > > b2N0bCBmb3IgYWxsb2NhdG9yIHNlbGVjdGlvbiBpbnN0ZWFkIHByb3ZpZGUgdGhlIG5hbWUgb2YN > > Cj4gICAgdGhlIHRhcmdldGVkIGFsbG9jYXRvciB3aXRoIGFsbG9jYXRpb24gcmVxdWVzdC4NCj4g > > ICAgU2VsZWN0aW5nIGFsbG9jYXRvciBmcm9tIHVzZXJsYW5kIGlzbid0IHRoZSBwcmVmZXJlZCB3 > > YXkgb2Ygd29ya2luZw0KPiAgICBidXQgaXMgbmVlZGVkIHdoZW4gdGhlIGZpcnN0IHVzZXIgb2Yg > > dGhlIGJ1ZmZlciBpcyBhIHNvZnR3YXJlIGNvbXBvbmVudC4NCj4gIC0gRml4IGlzc3VlcyBpbiBj > > YXNlIG9mIGVycm9yIHdoaWxlIGNyZWF0aW5nIHNtYWYgaGFuZGxlLg0KPiAgLSBGaXggbW9kdWxl > > IGxpY2Vuc2UuDQo+ICAtIFVwZGF0ZSBsaWJzbWFmIGFuZCB0ZXN0cyB0byBjYXJlIG9mIHRoZSBT > > TUFGIEFQSSBldm9sdXRpb24NCj4gICAgaHR0cHM6Ly9naXQubGluYXJvLm9yZy9wZW9wbGUvYmVu > > amFtaW4uZ2FpZ25hcmQvbGlic21hZi5naXQNCj4NCj4gdmVyc2lvbiAyIGNoYW5nZXM6DQo+ICAt > > IEFkZCBvbmUgaW9jdGwgdG8gYWxsb3cgYWxsb2NhdG9yIHNlbGVjdGlvbiBmcm9tIHVzZXJzcGFj > > ZS4NCj4gICAgVGhpcyBpcyByZXF1aXJlZCBmb3IgdGhlIHVzZXMgY2FzZSB3aGVyZSB0aGUgZmly > > c3QgdXNlciBvZg0KPiAgICB0aGUgYnVmZmVyIGlzIGEgc29mdHdhcmUgSVAgd2hpY2ggY2FuJ3Qg > > cGVyZm9ybSBkbWFfYnVmIGF0dGFjaGVtZW50Lg0KPiAgLSBBZGQgbmFtZSBhbmQgcmFua2luZyB0 > > byBhbGxvY2F0b3Igc3RydWN0dXJlIHRvIGJlIGFibGUgdG8gc29ydCB0aGVtLg0KPiAgLSBDcmVh > > dGUgYSB0aW55IGxpYnJhcnkgdG8gdGVzdCBTTUFGOg0KPiAgICBodHRwczovL2dpdC5saW5hcm8u > > b3JnL3Blb3BsZS9iZW5qYW1pbi5nYWlnbmFyZC9saWJzbWFmLmdpdA0KPiAgLSBGaXggb25lIGlz > > c3VlIHdoZW4gdHJ5IHRvIHNlY3VyZSBidWZmZXIgd2l0aG91dCBzZWN1cmUgbW9kdWxlIHJlZ2lz > > dGVyZWQNCj4NCj4gVGhlIG91dGNvbWUgb2YgdGhlIHByZXZpb3VzIFJGQyBhYm91dCBob3cgZG8g > > c2VjdXJlIGRhdGEgcGF0aCB3YXMgdGhlIG5lZWQNCj4gb2YgYSBzZWN1cmUgbWVtb3J5IGFsbG9j > > YXRvciAoaHR0cHM6Ly9sa21sLm9yZy9sa21sLzIwMTUvNS81LzU1MSkNCj4NCj4gU01BRiBnb2Fs > > IGlzIHRvIHByb3ZpZGUgYSBmcmFtZXdvcmsgdGhhdCBhbGxvdyBhbGxvY2F0aW5nIGFuZCBzZWN1 > > cmluZw0KPiBtZW1vcnkgYnkgdXNpbmcgZG1hX2J1Zi4gRWFjaCBwbGF0Zm9ybSBoYXZlIGl0IG93 > > biB3YXkgdG8gcGVyZm9ybSB0aG9zZSB0d28NCj4gZmVhdHVyZXMgc28gU01BRiBkZXNpZ24gYWxs > > b3cgdG8gcmVnaXN0ZXIgaGVscGVyIG1vZHVsZXMgdG8gcGVyZm9ybSB0aGVtLg0KPg0KPiBUbyBi > > ZSBzdXJlIHRvIHNlbGVjdCB0aGUgYmVzdCBhbGxvY2F0aW9uIG1ldGhvZCBmb3IgZGV2aWNlcyBT > > TUFGIGltcGxlbWVudA0KPiBkZWZlcnJlZCBhbGxvY2F0aW9uIG1lY2hhbmlzbTogbWVtb3J5IGFs > > bG9jYXRpb24gaXMgb25seSBkb25lIHdoZW4gdGhlIGZpcnN0DQo+IGRldmljZSBlZmZlY3RpdmVs > > eSByZXF1aXJlZCBpdC4NCj4gQWxsb2NhdG9yIG1vZHVsZXMgaGF2ZSB0byBpbXBsZW1lbnQgYSBt > > YXRjaCgpIHRvIGxldCBTTUFGIGtub3cgaWYgdGhleSBhcmUNCj4gY29tcGF0aWJsZXMgd2l0aCBk > > ZXZpY2VzIG5lZWRzLg0KPiBUaGlzIHBhdGNoIHNldCBwcm92aWRlIGFuIGV4YW1wbGUgb2YgYWxs > > b2NhdG9yIG1vZHVsZSB3aGljaCB1c2UNCj4gZG1hX3thbGxvYy9mcmVlL21tYXB9X2F0dHJzKCkg > > YW5kIGNoZWNrIGlmIGF0IGxlYXN0IG9uZSBkZXZpY2UgaGF2ZQ0KPiBjb2hlcmVudF9kbWFfbWFz > > ayBzZXQgdG8gRE1BX0JJVF9NQVNLKDMyKSBpbiBtYXRjaCBmdW5jdGlvbi4NCj4gSSBoYXZlIG5h > > bWVkIHNtYWYtY21hLmMgbGlrZSBpdCBpcyBkb25lIGZvciBkcm1fZ2VtX2NtYV9oZWxwZXIuYyBl > > dmVuIGlmDQo+IGEgYmV0dGVyIG5hbWUgY291bGQgYmUgZm91bmQgZm9yIHRoaXMgZmlsZS4NCj4N > > Cj4gU2VjdXJlIG1vZHVsZXMgYXJlIHJlc3BvbnNpYmxlcyBvZiBncmFudGluZyBhbmQgcmV2b2tp > > bmcgZGV2aWNlcyBhY2Nlc3MgcmlnaHRzDQo+IG9uIHRoZSBtZW1vcnkuIFNlY3VyZSBtb2R1bGUg > > aXMgYWxzbyBjYWxsZWQgdG8gY2hlY2sgaWYgQ1BVIG1hcCBtZW1vcnkgaW50bw0KPiBrZXJuZWwg > > YW5kIHVzZXIgYWRkcmVzcyBzcGFjZXMuDQo+IEFuIGV4YW1wbGUgb2Ygc2VjdXJlIG1vZHVsZSBp > > bXBsZW1lbnRhdGlvbiBjYW4gYmUgZm91bmQgaGVyZToNCj4gaHR0cDovL2dpdC5saW5hcm8ub3Jn > > L3Blb3BsZS9iZW5qYW1pbi5nYWlnbmFyZC9vcHRlZS1zZHAuZ2l0DQo+IFRoaXMgY29kZSBpc24n > > dCB5ZXQgcGFydCBvZiB0aGUgcGF0Y2ggc2V0IGJlY2F1c2UgaXQgZGVwZW5kcyBvbiBnZW5lcmlj > > IFRFRQ0KPiB3aGljaCBpcyBzdGlsbCB1bmRlciBkaXNjdXNzaW9uIChodHRwczovL2x3bi5uZXQv > > QXJ0aWNsZXMvNjQ0NjQ2LykNCj4NCj4gRm9yIGFsbG9jYXRpb24gcGFydCBvZiBTTUFGIGNvZGUg > > SSBnZXQgaW5zcGlyYXRlZCBieSBTdW1pdCBTZW13YWwgd29yayBhYm91dA0KPiBjb25zdHJhaW50 > > IGF3YXJlIGFsbG9jYXRvci4NCj4NCj4gQmVuamFtaW4gR2FpZ25hcmQgKDIpOg0KPiAgIGNyZWF0 > > ZSBTTUFGIG1vZHVsZQ0KPiAgIFNNQUY6IGFkZCBDTUEgYWxsb2NhdG9yDQo+DQo+ICBkcml2ZXJz > > L0tjb25maWcgICAgICAgICAgICAgICAgfCAgIDIgKw0KPiAgZHJpdmVycy9NYWtlZmlsZSAgICAg > > ICAgICAgICAgIHwgICAxICsNCj4gIGRyaXZlcnMvc21hZi9LY29uZmlnICAgICAgICAgICB8ICAx > > MSArDQo+ICBkcml2ZXJzL3NtYWYvTWFrZWZpbGUgICAgICAgICAgfCAgIDIgKw0KPiAgZHJpdmVy > > cy9zbWFmL3NtYWYtY21hLmMgICAgICAgIHwgMjAwICsrKysrKysrKysrDQo+ICBkcml2ZXJzL3Nt > > YWYvc21hZi1jb3JlLmMgICAgICAgfCA3MzUgKysrKysrKysrKysrKysrKysrKysrKysrKysrKysr > > KysrKysrKysrKysNCj4gIGluY2x1ZGUvbGludXgvc21hZi1hbGxvY2F0b3IuaCB8ICA1NCArKysN > > Cj4gIGluY2x1ZGUvbGludXgvc21hZi1zZWN1cmUuaCAgICB8ICA2MiArKysrDQo+ICBpbmNsdWRl > > L3VhcGkvbGludXgvc21hZi5oICAgICAgfCAgNTIgKysrDQo+ICA5IGZpbGVzIGNoYW5nZWQsIDEx > > MTkgaW5zZXJ0aW9ucygrKQ0KPiAgY3JlYXRlIG1vZGUgMTAwNjQ0IGRyaXZlcnMvc21hZi9LY29u > > ZmlnDQo+ICBjcmVhdGUgbW9kZSAxMDA2NDQgZHJpdmVycy9zbWFmL01ha2VmaWxlDQo+ICBjcmVh > > dGUgbW9kZSAxMDA2NDQgZHJpdmVycy9zbWFmL3NtYWYtY21hLmMNCj4gIGNyZWF0ZSBtb2RlIDEw > > MDY0NCBkcml2ZXJzL3NtYWYvc21hZi1jb3JlLmMNCj4gIGNyZWF0ZSBtb2RlIDEwMDY0NCBpbmNs > > dWRlL2xpbnV4L3NtYWYtYWxsb2NhdG9yLmgNCj4gIGNyZWF0ZSBtb2RlIDEwMDY0NCBpbmNsdWRl > > L2xpbnV4L3NtYWYtc2VjdXJlLmgNCj4gIGNyZWF0ZSBtb2RlIDEwMDY0NCBpbmNsdWRlL3VhcGkv > > bGludXgvc21hZi5oDQo+DQo+IC0tDQo+IDEuOS4xDQo+DQoNCg0KDQotLSANCkJlbmphbWluIEdh > > aWduYXJkDQoNCkdyYXBoaWMgV29ya2luZyBHcm91cA0KDQpMaW5hcm8ub3JnIOKUgiBPcGVuIHNv > > dXJjZSBzb2Z0d2FyZSBmb3IgQVJNIFNvQ3MNCg0KRm9sbG93IExpbmFybzogRmFjZWJvb2sgfCBU > > d2l0dGVyIHwgQmxvZw0KX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f > > X19fX18NCkxpbmFyby1tbS1zaWcgbWFpbGluZyBsaXN0DQpMaW5hcm8tbW0tc2lnQGxpc3RzLmxp > > bmFyby5vcmcNCmh0dHBzOi8vbGlzdHMubGluYXJvLm9yZy9tYWlsbWFuL2xpc3RpbmZvL2xpbmFy > > by1tbS1zaWcNCg== > -- > To unsubscribe from this list: send the line "unsubscribe linux-media" in > the body of a message to majordomo at vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html > ---snip--- > > Ask if you need the complete core dump. > > Regards, Michael. > > > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2908 bytes Desc: S/MIME Cryptographic Signature URL: From cross at distal.com Tue Jul 28 14:38:37 2015 From: cross at distal.com (Chris Ross) Date: Tue, 28 Jul 2015 10:38:37 -0400 Subject: sharing INBOX with ACL -> share all folders In-Reply-To: <55B747BE.7010500@sissa.it> References: <55B747BE.7010500@sissa.it> Message-ID: <029D7232-069A-4761-B5D4-9A5EF0813182@distal.com> > On Jul 28, 2015, at 05:13, Marco Giunta wrote: > > Hi at all, > I have a problem with ACL; I want to share INBOX and Sent folder to an other user, but when I configure ACL on INBOX, all folders are shared (Sent, Junk, Draft, Trash, etc) Hello, Marco. Unfortunately I don?t know why you are seeing the behavior you are, and hope that someone else will be able to help. However, you seem to have accomplished something I?m wanting to do, and have as yet been unable to get working. I have a Users INBOX that I want to share to other users, but something is wrong with the way I?ve configured ACLs and sharing. Perhaps we could discuss off-list more of what your configuration looks like, and how you got there? I?m running on FreeBSD with the ports system version of dovecot2 2.2.16, currently, although I think I?m due an upgrade. You say you?re have "My Dovecot instance use a single user?, and I think that?s different than I. My Maildir directories and files are all owned by the UNIX user that owns the file. Maybe this is causing me the permissions problems I?m seeing. Is having it all running as one [UNIX] user a typical configuration for dovecot2? Or just typical of installations using ACLs? Thank you. - Chris -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 842 bytes Desc: Message signed with OpenPGP using GPGMail URL: