From gessel at blackrosetech.com Mon Jun 1 12:44:35 2015 From: gessel at blackrosetech.com (David Gessel) Date: Mon, 01 Jun 2015 15:44:35 +0300 Subject: Dovecot 2.2.16: disappearing messages, mismatched summaries, duplicated messages, excessive full re-downloads In-Reply-To: References: <553247D0.1020400@blackrosetech.com> <5532557D.10000@blackrosetech.com> <3C3A4690-1FB3-4972-92E3-B2E1B554ECB6@iki.fi> <55390406.9070701@blackrosetech.com> Message-ID: <556C53B3.6080602@blackrosetech.com> Steffen, I apologize for missing your helpful message - I wasn't intentionally ignoring it. One of the artifacts of my mail issues is that mail disappears, this included. -------- Original Message -------- Subject: Re: Dovecot 2.2.16: disappearing messages, mismatched summaries, duplicated messages, excessive full re-downloads From: Steffen Kaiser To: David Gessel Date: Fri Apr 24 2015 10:29:46 GMT+0300 (Arabic Standard Time) > On Thu, 23 Apr 2015, David Gessel wrote: > >> I'm inclined to believe, as trivial as it may be to enumerate, that: > >> Something is triggering dovecot to believe the indexes need to be rebuilt. >> When checking mail during the rebuild, clients get confused by UIDs in transition. > >> I would think that sdbox would alleviate these issues, no? > > The real problem is that you do not know _why_ "Something is triggering dovecot to believe the indexes need to be rebuilt". I'm not 100% sure that's what is happening. > > This is the same for sdbox and mdbox, IMHO. that would be sad - but I haven't tried that yet. > > That's why I asked about if some external process is trying to change the mail storage. Is there something except Dovecot that changes the mtime of the directories "new", "cur" or Maildir base? Not that I am aware of. this is a jail only running mail. > Do you deliver messages without Dovecot LDA/LMTP? Dovecot LDA only. >Do you store different information in the Maildir? nothing not part of Dovecot's processes - but the full text index files are also stored there. > Do you (not) have separate mail storage and user home directories? Virtual mail configuration - home directories are completely isolated. Nothing happens in /mail that isn't mail related. > Do you run a virus checker on file system level? no, but amavisd calls clamAV on inbound messages. > > Do you run two Dovecot instances on the same server, maybe as left over from some testing or crash? certainly not intentionally and I'm pretty confident not actually; these issues survive many reboots without much variation, so not from testing. > > -- Steffen Kaiser Some updates to the process: I experimented with all variations of Mail processes values with no real improvement - some perhaps but likely as not just observational variations rather than meaningful data. Specifically in 10-mail.conf: mmap_disable = yes mail_fsync = always lock_method = flock I'm probably suffering from confirmation bias, but I think things got a little bit better. However, I still got double messages in TB and K9 on some checks. Then I looked at the IMAP capability string returned from telnet localhost 993. It didn't include NAMESPACE. The post-login enumeration did, but not the pre-login. adding imap_capability = +NAMESPACE to 20-imap.conf seems to have cleared up the appearance of double entries in clients. I had one message's header/display get confused (another symptom of the issues) but given the problems my local client database is pretty scrambled. when I have a decent network connection for a few days, I'll try recreating my client database and see if that helps. From alessio at skye.it Mon Jun 1 13:29:52 2015 From: alessio at skye.it (Alessio Cecchi) Date: Mon, 01 Jun 2015 15:29:52 +0200 Subject: Dovecot 2.2.16: disappearing messages, mismatched summaries, duplicated messages, excessive full re-downloads In-Reply-To: <555C496C.8030809@blackrosetech.com> References: <553247D0.1020400@blackrosetech.com> <5532557D.10000@blackrosetech.com> <3C3A4690-1FB3-4972-92E3-B2E1B554ECB6@iki.fi> <55390406.9070701@blackrosetech.com> <555C496C.8030809@blackrosetech.com> Message-ID: <556C5E50.6060509@skye.it> Il 20/05/2015 10:44, David Gessel ha scritto: > Is there a way to completely disable caching on dovecot? Yes: mail_location = maildir:~/Maildir:INDEX=MEMORY -- Alessio Cecchi http://www.linkedin.com/in/alessice From me at junc.eu Mon Jun 1 13:47:48 2015 From: me at junc.eu (Benny Pedersen) Date: Mon, 01 Jun 2015 15:47:48 +0200 Subject: Dovecot 2.2.16: disappearing messages, mismatched summaries, duplicated messages, excessive full re-downloads In-Reply-To: <556C5E50.6060509@skye.it> References: "\" <553247D0.1020400@blackrosetech.com> <5532557D.10000@blackrosetech.com>" <3C3A4690-1FB3-4972-92E3-B2E1B554ECB6@iki.fi>" <55390406.9070701@blackrosetech.com> <555C496C.8030809@blackrosetech.com> <556C5E50.6060509@skye.it> Message-ID: Alessio Cecchi skrev den 2015-06-01 15:29: > Il 20/05/2015 10:44, David Gessel ha scritto: >> Is there a way to completely disable caching on dovecot? > > Yes: mail_location = maildir:~/Maildir:INDEX=MEMORY dont know if that really solve it, imho it just move the problem from disk cache to memory cache, it does not imho disable it From emailbuilder88 at yahoo.com Mon Jun 1 19:38:00 2015 From: emailbuilder88 at yahoo.com (E.B.) Date: Mon, 1 Jun 2015 12:38:00 -0700 Subject: Sieve extprograms ?not exexuting? In-Reply-To: <1430124474.81085.YahooMailBasic@web142403.mail.bf1.yahoo.com> Message-ID: <1433187480.20481.YahooMailBasic@web142401.mail.bf1.yahoo.com> > Hello, I was testing the extprograms plugin. I think I had it working > in the past, but many things have changed since then, so no use > trying to figure out where it broke - starting over again... > > Debug-enabled log give me: > Apr 27 04:11:36 mail dovecot: lmtp(test at example.com): Debug: > qOGyA0DePHVaOyHEM/SpMA: sieve: action execute: running > program: test.sh > Apr 27 04:11:36 mail dovecot: lmtp(test at example.com): Debug: > waiting for program `/usr/local/etc/dovecot/sieve_globals/test.sh' > to finish after 0 seconds > > So I guess it thinks it is running my script? But simple test script > does nothing. Here it is: > > #!/bin/sh > read INPUT > INPUT="Hello world: $INPUT" > echo "$INPUT" >> /tmp/hello > echo "---------------------------" >> /tmp/hello > > Permissions on this script file for now are rwxrwxrwx > But nothing goes to /tmp/hello at all. Script works when I run it > manually. I also tried without the "read" but I think that's required > isn't it? Anyway, what else can I do to debug this? Turns out this is a problem with systemd. I have PrivateTmp=true in the dovecot.service file so anything written to /tmp goes to lala land (is it anywhere I can see outside of the dovecot process?). Problem solved. From emailbuilder88 at yahoo.com Mon Jun 1 19:49:09 2015 From: emailbuilder88 at yahoo.com (E.B.) Date: Mon, 1 Jun 2015 12:49:09 -0700 Subject: Failed running extprograms execute via socket - fatal recv(MSG_PEEK) failed disconnected In-Reply-To: <1430854134.65699.YahooMailBasic@web142402.mail.bf1.yahoo.com> Message-ID: <1433188149.95779.YahooMailBasic@web142403.mail.bf1.yahoo.com> > Only thing still unsolved is my other thread don't know why the exectued > script has no filesystem access? (like "touch /tmp/test" ignored no error) See my other post. Problem is systemd PrivateTmp=true hides anything you do with /tmp from view by anyone else. Wondering if its in memory or stashed away somewhere i can see it on the CLI From listaccount at starionline.com Mon Jun 1 23:27:54 2015 From: listaccount at starionline.com (SH Development) Date: Mon, 1 Jun 2015 18:27:54 -0500 Subject: Outlook Express with XP... Message-ID: Dovecot 2.0.9 I am able to connect successfully with Thunderbird, Win 8, Apple Mail, iPhone, iPad. Outlook Express on Win XP receives just fine, but will not send. I get a "Client host rejected: Access denied? message. I believe this is simply Postfix telling me the connection isn?t properly authenticated, as setting up the exact same credentials on another client (non OE) works. It is only with OE on XP that I am unable to send/authenticate. I have literally tried every combination of settings in OE and nothing works. What else might I need to enable to get this working? Using SSL, ports 993, 587 PLAINTEXT. dovecot -n as follows: # 2.0.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-504.16.2.el6.x86_64 x86_64 CentOS release 6.6 (Final) ext4 log_timestamp = "%Y-%m-%d %H:%M:%S " mail_location = maildir:/home/vmail/%d/%n/Maildir mail_max_userip_connections = 50 namespace { inbox = yes location = prefix = INBOX. separator = . type = private } passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } protocols = imap pop3 service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-master { mode = 0600 user = vmail } user = root } ssl_ca = References: Message-ID: <9522e2ece7c5720b14251c8b4dbb2f33.squirrel@sbt.net.au> On Tue, June 2, 2015 9:27 am, SH Development wrote: > Dovecot 2.0.9 > > > I am able to connect successfully with Thunderbird, Win 8, Apple Mail, > iPhone, iPad. > > Outlook Express on Win XP receives just fine, but will not send. I get a > "Client host rejected: Access denied? message. I believe this is simply > Postfix telling me the connection isn?t properly authenticated, as > setting up the exact same credentials on another client (non OE) works. > It is only with OE on XP that I am unable to send/authenticate. > > > I have literally tried every combination of settings in OE and nothing > works. What else might I need to enable to get this working? > > Using SSL, ports 993, 587 PLAINTEXT. my OE/XP seems to work OK, set as: server tab: server requires auth YES /logon secure pass NO/ advanced tab: 587 requires secure SSL YES (but it ask to confirm self issued cert every time) From listaccount at starionline.com Tue Jun 2 02:40:23 2015 From: listaccount at starionline.com (SH Development) Date: Mon, 1 Jun 2015 21:40:23 -0500 Subject: Outlook Express with XP... In-Reply-To: <9522e2ece7c5720b14251c8b4dbb2f33.squirrel@sbt.net.au> References: <9522e2ece7c5720b14251c8b4dbb2f33.squirrel@sbt.net.au> Message-ID: <21A6A3EC-1454-43A4-8020-B3E7FFEE2F3E@starionline.com> Yes, I have tried these exact same settings, with the exception that we DO have a certificate so we don?t have to confirm certificate. Jeff > On Jun 1, 2015, at 9:19 PM, voytek at sbt.net.au wrote: > > On Tue, June 2, 2015 9:27 am, SH Development wrote: >> Dovecot 2.0.9 >> >> >> I am able to connect successfully with Thunderbird, Win 8, Apple Mail, >> iPhone, iPad. >> >> Outlook Express on Win XP receives just fine, but will not send. I get a >> "Client host rejected: Access denied? message. I believe this is simply >> Postfix telling me the connection isn?t properly authenticated, as >> setting up the exact same credentials on another client (non OE) works. >> It is only with OE on XP that I am unable to send/authenticate. >> >> >> I have literally tried every combination of settings in OE and nothing >> works. What else might I need to enable to get this working? >> >> Using SSL, ports 993, 587 PLAINTEXT. > > > my OE/XP seems to work OK, set as: > > server tab: > server requires auth YES > /logon secure pass NO/ > > advanced tab: > 587 > requires secure SSL YES > > (but it ask to confirm self issued cert every time) From voytek at sbt.net.au Tue Jun 2 02:49:15 2015 From: voytek at sbt.net.au (voytek at sbt.net.au) Date: Tue, 2 Jun 2015 12:49:15 +1000 Subject: Outlook Express with XP... In-Reply-To: <21A6A3EC-1454-43A4-8020-B3E7FFEE2F3E@starionline.com> References: <9522e2ece7c5720b14251c8b4dbb2f33.squirrel@sbt.net.au> <21A6A3EC-1454-43A4-8020-B3E7FFEE2F3E@starionline.com> Message-ID: On Tue, June 2, 2015 12:40 pm, SH Development wrote: > Yes, I have tried these exact same settings, with the exception that we > DO have a certificate so we don?t have to confirm certificate. Jeff, don't know, sorry.. log says this: Jun 2 12:45:11 emu postfix/smtpd[20565]: E62055E1AE: client=111-111-111-111.aaa.com.au[111.111.111.111], sasl_method=LOGIN, sasl_username=voytek at aaa.com.au Jun 2 12:45:12 emu postfix/qmgr[1694]: E62055E1AE: from=, size=732, nrcpt=1 (queue active) Jun 2 12:45:15 emu postfix/smtp[23539]: E62055E1AE: to=, relay=gmail-smtp-in.l.google.com[64.233.187.27]:25, delay=3.3, delays=0.2/0.02/2.1/1, dsn=2.0.0, status=sent (250 2.0.0 OK 1433213143 nh4si24168293pdb.70 - gsmtp) From noeldude at gmail.com Tue Jun 2 03:05:25 2015 From: noeldude at gmail.com (Noel) Date: Mon, 01 Jun 2015 22:05:25 -0500 Subject: Outlook Express with XP... In-Reply-To: References: Message-ID: <556D1D75.2090703@gmail.com> On 6/1/2015 6:27 PM, SH Development wrote: > Dovecot 2.0.9 > > I am able to connect successfully with Thunderbird, Win 8, Apple Mail, iPhone, iPad. > > Outlook Express on Win XP receives just fine, but will not send. I get a "Client host rejected: Access denied? message. I believe this is simply Postfix telling me the connection isn?t properly authenticated, as setting up the exact same credentials on another client (non OE) works. It is only with OE on XP that I am unable to send/authenticate. > > I have literally tried every combination of settings in OE and nothing works. What else might I need to enable to get this working? > > Using SSL, ports 993, 587 PLAINTEXT. Sounds like a problem with postfix talking to your XP client, not a dovecot problem. If you've changed the tls settings in postfix recently, you likely broke compatibility with older clients. If you need further help, feel free to ask on the postfix-users list. Be sure to include "postconf -nf" and "postconf -Mf" output, along with related log entries demonstrating the problem. http://www.postfix.org/DEBUG_README.html#mail -- Noel Jones > > dovecot -n as follows: > > # 2.0.9: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.32-504.16.2.el6.x86_64 x86_64 CentOS release 6.6 (Final) ext4 > log_timestamp = "%Y-%m-%d %H:%M:%S " > mail_location = maildir:/home/vmail/%d/%n/Maildir > mail_max_userip_connections = 50 > namespace { > inbox = yes > location = > prefix = INBOX. > separator = . > type = private > } > passdb { > args = /etc/dovecot/dovecot-sql.conf > driver = sql > } > protocols = imap pop3 > service auth { > unix_listener /var/spool/postfix/private/auth { > group = postfix > mode = 0660 > user = postfix > } > unix_listener auth-master { > mode = 0600 > user = vmail > } > user = root > } > ssl_ca = ssl_cert = ssl_key = userdb { > args = uid=5000 gid=5000 home=/home/vmail/%d/%n allow_all_users=yes > driver = static > } > protocol lda { > auth_socket_path = /var/run/dovecot/auth-master > log_path = /home/vmail/dovecot-deliver.log > postmaster_address = postmaster at starionhost.net > } > protocol pop3 { > pop3_uidl_format = %08Xu%08Xv > } From listaccount at starionline.com Tue Jun 2 05:38:45 2015 From: listaccount at starionline.com (SH Development) Date: Tue, 2 Jun 2015 00:38:45 -0500 Subject: Outlook Express with XP... In-Reply-To: <556D1D75.2090703@gmail.com> References: <556D1D75.2090703@gmail.com> Message-ID: <4DBE5260-0DDD-4D90-B9EA-DC0DDF410D7A@starionline.com> Correct me if I?m wrong, but I thought Dovecot handled client authentication, and once authenticated handed off to postfix? > On Jun 1, 2015, at 10:05 PM, Noel wrote: > > On 6/1/2015 6:27 PM, SH Development wrote: >> Dovecot 2.0.9 >> >> I am able to connect successfully with Thunderbird, Win 8, Apple Mail, iPhone, iPad. >> >> Outlook Express on Win XP receives just fine, but will not send. I get a "Client host rejected: Access denied? message. I believe this is simply Postfix telling me the connection isn?t properly authenticated, as setting up the exact same credentials on another client (non OE) works. It is only with OE on XP that I am unable to send/authenticate. >> >> I have literally tried every combination of settings in OE and nothing works. What else might I need to enable to get this working? >> >> Using SSL, ports 993, 587 PLAINTEXT. > > Sounds like a problem with postfix talking to your XP client, not a > dovecot problem. > > If you've changed the tls settings in postfix recently, you likely > broke compatibility with older clients. If you need further help, > feel free to ask on the postfix-users list. Be sure to include > "postconf -nf" and "postconf -Mf" output, along with related log > entries demonstrating the problem. > http://www.postfix.org/DEBUG_README.html#mail > > > -- Noel Jones > > > > >> >> dovecot -n as follows: >> >> # 2.0.9: /etc/dovecot/dovecot.conf >> # OS: Linux 2.6.32-504.16.2.el6.x86_64 x86_64 CentOS release 6.6 (Final) ext4 >> log_timestamp = "%Y-%m-%d %H:%M:%S " >> mail_location = maildir:/home/vmail/%d/%n/Maildir >> mail_max_userip_connections = 50 >> namespace { >> inbox = yes >> location = >> prefix = INBOX. >> separator = . >> type = private >> } >> passdb { >> args = /etc/dovecot/dovecot-sql.conf >> driver = sql >> } >> protocols = imap pop3 >> service auth { >> unix_listener /var/spool/postfix/private/auth { >> group = postfix >> mode = 0660 >> user = postfix >> } >> unix_listener auth-master { >> mode = 0600 >> user = vmail >> } >> user = root >> } >> ssl_ca = > ssl_cert = > ssl_key = > userdb { >> args = uid=5000 gid=5000 home=/home/vmail/%d/%n allow_all_users=yes >> driver = static >> } >> protocol lda { >> auth_socket_path = /var/run/dovecot/auth-master >> log_path = /home/vmail/dovecot-deliver.log >> postmaster_address = postmaster at starionhost.net >> } >> protocol pop3 { >> pop3_uidl_format = %08Xu%08Xv >> } From vulcan12x at gmail.com Tue Jun 2 07:35:49 2015 From: vulcan12x at gmail.com (Mike Eriksson) Date: Tue, 2 Jun 2015 09:35:49 +0200 Subject: Pop3 service stops responding Message-ID: Hi! I have problem with the pop3 service stops responding at random intervals on my server. We started to notice this problem as we're running icinga to check the imap & pop3 service. When icinga reports that the service is down. We try to telnet to the server on port 110 but it refuses the connection. I've checked the netstat during this time and it's listens on port 110. My first thought we were hitting the max connections and similar. Changed login_max_connections from 128 to 256. Didnt solve the problem. Started the debug on the dovecot server but could not see anything in the logs. Also the error log or the syslog dosnt report anything that I can see. Best thing would of course be to start and upgrade the software and os(Debian 5) but I'm not comfortable upgrading it at the moment as my knowledge about dovecot / postfix isn't great. Do you have any id?as how to move forward? dovecot -n # 1.0.15: /etc/dovecot/dovecot.conf base_dir: /var/run/dovecot/ log_path: /var/log/dovecot-error.log info_log_path: /var/log/dovecot-info.log log_timestamp: %Y-%m-%d %H:%M:%S protocols: pop3 imap imaps pop3s ssl_cipher_list: ALL:!LOW disable_plaintext_auth: no login_dir: /var/run/dovecot//login login_executable(default): /usr/lib/dovecot/imap-login login_executable(imap): /usr/lib/dovecot/imap-login login_executable(pop3): /usr/lib/dovecot/pop3-login login_max_processes_count: 256 first_valid_uid: 1090 last_valid_uid: 1090 first_valid_gid: 1090 last_valid_gid: 1090 mail_privileged_group: mail mail_location: maildir:~/Maildir mail_executable(default): /usr/lib/dovecot/imap mail_executable(imap): /usr/lib/dovecot/imap mail_executable(pop3): /usr/lib/dovecot/pop3 mail_plugins(default): quota imap_quota mail_plugins(imap): quota imap_quota mail_plugins(pop3): quota mail_plugin_dir(default): /usr/lib/dovecot/modules/imap mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 pop3_uidl_format(default): pop3_uidl_format(imap): pop3_uidl_format(pop3): %08Xu%08Xv auth default: username_chars: abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@% username_translation: %@ username_format: %Lu passdb: driver: sql args: /etc/dovecot/dovecot-sql.conf userdb: driver: passwd userdb: driver: sql args: /etc/dovecot/dovecot-sql.conf socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: postfix master: path: /var/run/dovecot/auth-master mode: 384 user: vmail group: vmail plugin: quota: maildir sieve_global_path: /etc/dovecot/sieve_scripts/spam-sort.sieve login_max_processes_count: 256 login_max_connections: 256 max_mail_processes: 1024 Best Regards Mike From CMarcus at Media-Brokers.com Tue Jun 2 10:30:01 2015 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Tue, 02 Jun 2015 06:30:01 -0400 Subject: Outlook Express with XP... In-Reply-To: References: Message-ID: <556D85A9.9040407@Media-Brokers.com> On 6/1/2015 7:27 PM, SH Development wrote: > Using SSL, ports 993, 587 PLAINTEXT. Outlook Express won't work with the submission port (587) with STARTTLS. You have to use port 465 (SSL/wrappermode) From noeldude at gmail.com Tue Jun 2 15:44:16 2015 From: noeldude at gmail.com (Noel) Date: Tue, 02 Jun 2015 10:44:16 -0500 Subject: Outlook Express with XP... In-Reply-To: <4DBE5260-0DDD-4D90-B9EA-DC0DDF410D7A@starionline.com> References: <556D1D75.2090703@gmail.com> <4DBE5260-0DDD-4D90-B9EA-DC0DDF410D7A@starionline.com> Message-ID: <556DCF50.60802@gmail.com> Yes, dovecot handles the authentication, but the connection is handled by postfix. We already know the authentication work since you can receive mail, so the problem is either postfix or the client. At any rate, this isn't a dovecot problem. -- Noel Jones On 6/2/2015 12:38 AM, SH Development wrote: > Correct me if I?m wrong, but I thought Dovecot handled client authentication, and once authenticated handed off to postfix? > > >> On Jun 1, 2015, at 10:05 PM, Noel wrote: >> >> On 6/1/2015 6:27 PM, SH Development wrote: >>> Dovecot 2.0.9 >>> >>> I am able to connect successfully with Thunderbird, Win 8, Apple Mail, iPhone, iPad. >>> >>> Outlook Express on Win XP receives just fine, but will not send. I get a "Client host rejected: Access denied? message. I believe this is simply Postfix telling me the connection isn?t properly authenticated, as setting up the exact same credentials on another client (non OE) works. It is only with OE on XP that I am unable to send/authenticate. >>> >>> I have literally tried every combination of settings in OE and nothing works. What else might I need to enable to get this working? >>> >>> Using SSL, ports 993, 587 PLAINTEXT. >> Sounds like a problem with postfix talking to your XP client, not a >> dovecot problem. >> >> If you've changed the tls settings in postfix recently, you likely >> broke compatibility with older clients. If you need further help, >> feel free to ask on the postfix-users list. Be sure to include >> "postconf -nf" and "postconf -Mf" output, along with related log >> entries demonstrating the problem. >> http://www.postfix.org/DEBUG_README.html#mail >> >> >> -- Noel Jones >> >> >> >> >>> dovecot -n as follows: >>> >>> # 2.0.9: /etc/dovecot/dovecot.conf >>> # OS: Linux 2.6.32-504.16.2.el6.x86_64 x86_64 CentOS release 6.6 (Final) ext4 >>> log_timestamp = "%Y-%m-%d %H:%M:%S " >>> mail_location = maildir:/home/vmail/%d/%n/Maildir >>> mail_max_userip_connections = 50 >>> namespace { >>> inbox = yes >>> location = >>> prefix = INBOX. >>> separator = . >>> type = private >>> } >>> passdb { >>> args = /etc/dovecot/dovecot-sql.conf >>> driver = sql >>> } >>> protocols = imap pop3 >>> service auth { >>> unix_listener /var/spool/postfix/private/auth { >>> group = postfix >>> mode = 0660 >>> user = postfix >>> } >>> unix_listener auth-master { >>> mode = 0600 >>> user = vmail >>> } >>> user = root >>> } >>> ssl_ca = >> ssl_cert = >> ssl_key = >> userdb { >>> args = uid=5000 gid=5000 home=/home/vmail/%d/%n allow_all_users=yes >>> driver = static >>> } >>> protocol lda { >>> auth_socket_path = /var/run/dovecot/auth-master >>> log_path = /home/vmail/dovecot-deliver.log >>> postmaster_address = postmaster at starionhost.net >>> } >>> protocol pop3 { >>> pop3_uidl_format = %08Xu%08Xv >>> } From racuk12 at gmail.com Tue Jun 2 15:57:16 2015 From: racuk12 at gmail.com (Robert Chalmers) Date: Tue, 2 Jun 2015 16:57:16 +0100 Subject: Outlook Express with XP... In-Reply-To: <4DBE5260-0DDD-4D90-B9EA-DC0DDF410D7A@starionline.com> References: <556D1D75.2090703@gmail.com> <4DBE5260-0DDD-4D90-B9EA-DC0DDF410D7A@starionline.com> Message-ID: <6B05E899-50A4-49F6-AA3C-88896004BEF4@gmail.com> >>> Client host rejected: Access denied? This looks more like a system denial.. or could be a Blacklist denial of the host by spam filters.? > On 2 Jun 2015, at 06:38, SH Development wrote: > > Correct me if I?m wrong, but I thought Dovecot handled client authentication, and once authenticated handed off to postfix? > > >> On Jun 1, 2015, at 10:05 PM, Noel wrote: >> >> On 6/1/2015 6:27 PM, SH Development wrote: >>> Dovecot 2.0.9 >>> >>> I am able to connect successfully with Thunderbird, Win 8, Apple Mail, iPhone, iPad. >>> >>> Outlook Express on Win XP receives just fine, but will not send. I get a "Client host rejected: Access denied? message. I believe this is simply Postfix telling me the connection isn?t properly authenticated, as setting up the exact same credentials on another client (non OE) works. It is only with OE on XP that I am unable to send/authenticate. >>> >>> I have literally tried every combination of settings in OE and nothing works. What else might I need to enable to get this working? >>> >>> Using SSL, ports 993, 587 PLAINTEXT. >> >> Sounds like a problem with postfix talking to your XP client, not a >> dovecot problem. >> >> If you've changed the tls settings in postfix recently, you likely >> broke compatibility with older clients. If you need further help, >> feel free to ask on the postfix-users list. Be sure to include >> "postconf -nf" and "postconf -Mf" output, along with related log >> entries demonstrating the problem. >> http://www.postfix.org/DEBUG_README.html#mail >> >> >> -- Noel Jones >> >> >> >> >>> >>> dovecot -n as follows: >>> >>> # 2.0.9: /etc/dovecot/dovecot.conf >>> # OS: Linux 2.6.32-504.16.2.el6.x86_64 x86_64 CentOS release 6.6 (Final) ext4 >>> log_timestamp = "%Y-%m-%d %H:%M:%S " >>> mail_location = maildir:/home/vmail/%d/%n/Maildir >>> mail_max_userip_connections = 50 >>> namespace { >>> inbox = yes >>> location = >>> prefix = INBOX. >>> separator = . >>> type = private >>> } >>> passdb { >>> args = /etc/dovecot/dovecot-sql.conf >>> driver = sql >>> } >>> protocols = imap pop3 >>> service auth { >>> unix_listener /var/spool/postfix/private/auth { >>> group = postfix >>> mode = 0660 >>> user = postfix >>> } >>> unix_listener auth-master { >>> mode = 0600 >>> user = vmail >>> } >>> user = root >>> } >>> ssl_ca = >> ssl_cert = >> ssl_key = >> userdb { >>> args = uid=5000 gid=5000 home=/home/vmail/%d/%n allow_all_users=yes >>> driver = static >>> } >>> protocol lda { >>> auth_socket_path = /var/run/dovecot/auth-master >>> log_path = /home/vmail/dovecot-deliver.log >>> postmaster_address = postmaster at starionhost.net >>> } >>> protocol pop3 { >>> pop3_uidl_format = %08Xu%08Xv >>> } From racuk12 at gmail.com Tue Jun 2 15:59:19 2015 From: racuk12 at gmail.com (Robert Chalmers) Date: Tue, 2 Jun 2015 16:59:19 +0100 Subject: Outlook Express with XP... In-Reply-To: <556DCF50.60802@gmail.com> References: <556D1D75.2090703@gmail.com> <4DBE5260-0DDD-4D90-B9EA-DC0DDF410D7A@starionline.com> <556DCF50.60802@gmail.com> Message-ID: <29EC3CA4-6F52-4EC9-BEF6-AB2B72B375E1@gmail.com> This is a fairly good explanation on the error http://www.massmailsoftware.com/smtp/554-5-7-1.php > On 2 Jun 2015, at 16:44, Noel wrote: > > Yes, dovecot handles the authentication, but the connection is > handled by postfix. We already know the authentication work since > you can receive mail, so the problem is either postfix or the client. > At any rate, this isn't a dovecot problem. > > > > -- Noel Jones > > > > On 6/2/2015 12:38 AM, SH Development wrote: >> Correct me if I?m wrong, but I thought Dovecot handled client authentication, and once authenticated handed off to postfix? >> >> >>> On Jun 1, 2015, at 10:05 PM, Noel wrote: >>> >>> On 6/1/2015 6:27 PM, SH Development wrote: >>>> Dovecot 2.0.9 >>>> >>>> I am able to connect successfully with Thunderbird, Win 8, Apple Mail, iPhone, iPad. >>>> >>>> Outlook Express on Win XP receives just fine, but will not send. I get a "Client host rejected: Access denied? message. I believe this is simply Postfix telling me the connection isn?t properly authenticated, as setting up the exact same credentials on another client (non OE) works. It is only with OE on XP that I am unable to send/authenticate. >>>> >>>> I have literally tried every combination of settings in OE and nothing works. What else might I need to enable to get this working? >>>> >>>> Using SSL, ports 993, 587 PLAINTEXT. >>> Sounds like a problem with postfix talking to your XP client, not a >>> dovecot problem. >>> >>> If you've changed the tls settings in postfix recently, you likely >>> broke compatibility with older clients. If you need further help, >>> feel free to ask on the postfix-users list. Be sure to include >>> "postconf -nf" and "postconf -Mf" output, along with related log >>> entries demonstrating the problem. >>> http://www.postfix.org/DEBUG_README.html#mail >>> >>> >>> -- Noel Jones >>> >>> >>> >>> >>>> dovecot -n as follows: >>>> >>>> # 2.0.9: /etc/dovecot/dovecot.conf >>>> # OS: Linux 2.6.32-504.16.2.el6.x86_64 x86_64 CentOS release 6.6 (Final) ext4 >>>> log_timestamp = "%Y-%m-%d %H:%M:%S " >>>> mail_location = maildir:/home/vmail/%d/%n/Maildir >>>> mail_max_userip_connections = 50 >>>> namespace { >>>> inbox = yes >>>> location = >>>> prefix = INBOX. >>>> separator = . >>>> type = private >>>> } >>>> passdb { >>>> args = /etc/dovecot/dovecot-sql.conf >>>> driver = sql >>>> } >>>> protocols = imap pop3 >>>> service auth { >>>> unix_listener /var/spool/postfix/private/auth { >>>> group = postfix >>>> mode = 0660 >>>> user = postfix >>>> } >>>> unix_listener auth-master { >>>> mode = 0600 >>>> user = vmail >>>> } >>>> user = root >>>> } >>>> ssl_ca = >>> ssl_cert = >>> ssl_key = >>> userdb { >>>> args = uid=5000 gid=5000 home=/home/vmail/%d/%n allow_all_users=yes >>>> driver = static >>>> } >>>> protocol lda { >>>> auth_socket_path = /var/run/dovecot/auth-master >>>> log_path = /home/vmail/dovecot-deliver.log >>>> postmaster_address = postmaster at starionhost.net >>>> } >>>> protocol pop3 { >>>> pop3_uidl_format = %08Xu%08Xv >>>> } From jjhoffart at icloud.com Tue Jun 2 16:48:36 2015 From: jjhoffart at icloud.com (jjhoffart) Date: Tue, 02 Jun 2015 16:48:36 +0000 (GMT) Subject: director Message-ID: Hello, I am currently trying to setup dovecot with a director instance and have managed to configure to invocations of dovecot on my server but my dovecot log keeps giving me errors about authentication. ?A little background on my config I am running dovecot with postfix and using an LDAP directory. Here are the errors I am seeing in my logs. dovecot.log Jun 02 10:42:59 auth: Fatal: LDAP: ldap_init() failed with hosts: 1.1.1.1:389 Jun 02 10:42:59 master: Error: service(auth): command startup failed, throttling for 60 secs Jun 02 10:42:59 director: Error: Auth server disconnected unexpectedly Jun 02 10:42:59 pop3-login: Info: Disconnected: Auth process broken (disconnected before auth was ready, waited 0 secs): user=<>, rip=1.1.3.4, lip=1.1.1.1, session= Jun 02 10:43:59 auth: Fatal: LDAP: ldap_init() failed with hosts: 1.1.1.1:389 Jun 02 10:43:59 master: Error: service(auth): command startup failed, throttling for 60 secs Jun 02 10:43:59 director: Error: Auth server disconnected unexpectedly Jun 02 10:43:59 pop3-login: Info: Disconnected: Auth process broken (disconnected before auth was ready, waited 0 secs): user=<>, rip=1.1.1.1, lip=1.1.1.2, session= dovecot-seive.log Jun 01 14:39:57 lda: Fatal: Internal error occurred. Refer to server log for more information. Jun 01 14:47:51 lda: Error: userdb lookup(postmaster at mydomain.com): Disconnected unexpectedly Jun 01 14:47:51 lda: Fatal: Internal error occurred. Refer to server log for more information. mail.log Jun? 2 10:41:25 mail1 postfix/smtpd[2932]: name_mask: noanonymous Jun? 2 10:41:25 mail1 postfix/smtpd[2932]: xsasl_dovecot_server_connect: Connecting Jun? 2 10:41:25 mail1 postfix/smtpd[2932]: fatal: no SASL authentication mechanisms Jun? 2 10:41:26 mail1 postfix/master[2068]: warning: process /usr/lib/postfix/smtpd pid 2932 exit status 1 Jun? 2 10:41:26 mail1 postfix/master[2068]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling Jun? 2 10:43:06 mail1 postfix/anvil[2934]: statistics: max connection rate 1/60s for (smtp:0.0.0.0) at Jun? 2 10:41:25 Jun? 2 10:43:06 mail1 postfix/anvil[2934]: statistics: max connection count 1 for (smtp:0.0.0.0) at Jun? 2 10:41:25 Jun? 2 10:43:06 mail1 postfix/anvil[2934]: statistics: max cache size 1 at Jun? 2 10:41:25 From ad+lists at uni-x.org Tue Jun 2 17:58:18 2015 From: ad+lists at uni-x.org (Alexander Dalloz) Date: Tue, 02 Jun 2015 19:58:18 +0200 Subject: Outlook Express with XP... In-Reply-To: References: Message-ID: <556DEEBA.7040200@uni-x.org> Am 02.06.2015 um 01:27 schrieb SH Development: > Outlook Express on Win XP receives just fine, but will not send. I get a "Client host rejected: Access denied? message. I believe this is simply Postfix telling me the connection isn?t properly authenticated, as setting up the exact same credentials on another client (non OE) works. It is only with OE on XP that I am unable to send/authenticate. Do you really think it is wise to run an EOLed OS with an EOLed mail client these days? No, it is absolutely not. Not worse any time to debug and fix this. Alexander From vbenincasa.listas at gmail.com Tue Jun 2 18:46:52 2015 From: vbenincasa.listas at gmail.com (Victor Benincasa) Date: Tue, 02 Jun 2015 15:46:52 -0300 Subject: Pop3 service stops responding In-Reply-To: References: Message-ID: <556DFA1C.7090007@gmail.com> Hello Mike, Same thing here with one of our servers on the last week, but it only affected IMAP service and local connections. The dovecot was not responding about 10% of attempted connections. We could not find any hints in the logs, and the problem was unrelated to connections limit or dovecot configuration (we also tried the default setting). Nothing solved the problem (service restart, default config, etc) only a server reboot. CentOS 6.6 x64 Dovecot 2.2.18 *Victor Benincasa* CIO / CTO :: Networks, Apps, Systems, Security, High-end support On 02/06/2015 04:35, Mike Eriksson wrote: > Hi! > > I have problem with the pop3 service stops responding at random intervals > on my server. We started to notice this problem as we're running icinga to > check the imap & pop3 service. > > When icinga reports that the service is down. We try to telnet to the > server on port 110 but it refuses the connection. > > I've checked the netstat during this time and it's listens on port 110. My > first thought we were hitting the max connections and similar. > > Changed login_max_connections from 128 to 256. Didnt solve the problem. > > Started the debug on the dovecot server but could not see anything in the > logs. Also the error log or the syslog dosnt report anything that I can see. > > Best thing would of course be to start and upgrade the software and > os(Debian 5) but I'm not comfortable upgrading it at the moment as my > knowledge about dovecot / postfix isn't great. > > Do you have any id?as how to move forward? > > dovecot -n > # 1.0.15: /etc/dovecot/dovecot.conf > base_dir: /var/run/dovecot/ > log_path: /var/log/dovecot-error.log > info_log_path: /var/log/dovecot-info.log > log_timestamp: %Y-%m-%d %H:%M:%S > protocols: pop3 imap imaps pop3s > ssl_cipher_list: ALL:!LOW > disable_plaintext_auth: no > login_dir: /var/run/dovecot//login > login_executable(default): /usr/lib/dovecot/imap-login > login_executable(imap): /usr/lib/dovecot/imap-login > login_executable(pop3): /usr/lib/dovecot/pop3-login > login_max_processes_count: 256 > first_valid_uid: 1090 > last_valid_uid: 1090 > first_valid_gid: 1090 > last_valid_gid: 1090 > mail_privileged_group: mail > mail_location: maildir:~/Maildir > mail_executable(default): /usr/lib/dovecot/imap > mail_executable(imap): /usr/lib/dovecot/imap > mail_executable(pop3): /usr/lib/dovecot/pop3 > mail_plugins(default): quota imap_quota > mail_plugins(imap): quota imap_quota > mail_plugins(pop3): quota > mail_plugin_dir(default): /usr/lib/dovecot/modules/imap > mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap > mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 > pop3_uidl_format(default): > pop3_uidl_format(imap): > pop3_uidl_format(pop3): %08Xu%08Xv > auth default: > username_chars: > abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@% > username_translation: %@ > username_format: %Lu > passdb: > driver: sql > args: /etc/dovecot/dovecot-sql.conf > userdb: > driver: passwd > userdb: > driver: sql > args: /etc/dovecot/dovecot-sql.conf > socket: > type: listen > client: > path: /var/spool/postfix/private/auth > mode: 432 > user: postfix > group: postfix > master: > path: /var/run/dovecot/auth-master > mode: 384 > user: vmail > group: vmail > plugin: > quota: maildir > sieve_global_path: /etc/dovecot/sieve_scripts/spam-sort.sieve > > login_max_processes_count: 256 > login_max_connections: 256 > max_mail_processes: 1024 > > Best Regards > Mike From jtam.home at gmail.com Tue Jun 2 21:09:46 2015 From: jtam.home at gmail.com (Joseph Tam) Date: Tue, 2 Jun 2015 14:09:46 -0700 (PDT) Subject: Outlook Express with XP... In-Reply-To: References: Message-ID: SH Development writes: > I have literally tried every combination of settings in OE and nothing > works. What else might I need to enable to get this working? > > Using SSL, ports 993, 587 PLAINTEXT. As others have noted, your MTA handles the connection. I believe Windows XP needs to be updated to the latest service patch to handle SSLv3 disabled sites. Try checking to make sure your Postfix SSL security settings and your WinXP SSL capabilities are compatible. Joseph Tam From kremels at kreme.com Wed Jun 3 02:30:26 2015 From: kremels at kreme.com (@lbutlr) Date: Tue, 2 Jun 2015 20:30:26 -0600 Subject: Outlook Express with XP... In-Reply-To: References: Message-ID: On 1 Jun 2015, at 17:27, SH Development wrote: > Outlook Express on Win XP receives just fine, but will not send. Outlook Express hasn?t been supported in.. What, 5 years? Before that, it barely worked for ? I dunno, the previous 5 years? It?s never played well with secure servers. > Using SSL, ports 993, 587 PLAINTEXT As best I can recall, OE never supported authentication on port 587 and instead had its own bastard setting. I dropped suport for OE clients when Microsoft did, and barely supported OE before that. There are literally hundreds of more capable clients, including webmail. -- I know that you believe you understand what you think I said but I am not sure you realize that what you heard is not what I meant. From reuben-dovecot at reub.net Wed Jun 3 03:07:33 2015 From: reuben-dovecot at reub.net (Reuben Farrelly) Date: Wed, 03 Jun 2015 13:07:33 +1000 Subject: multi sync (>2 servers) + selective sync + trigger In-Reply-To: <20150531092330.GB29029@mx.grmbl.net> References: <20150529192539.GC14288@mx.grmbl.net> <20150531092330.GB29029@mx.grmbl.net> Message-ID: <556E6F75.1040601@reub.net> On 31/05/2015 7:23 PM, b-dovecot.org at grmbl.net wrote: >> ? - If you really use DHT-like algorithms, rebalancing your cluster will require mininum data movement and you add or remove nodes. It will require a small change on the SQL queries above so that the new node also recognizes the new user, but it is easy to do.? >> Let me know what you think! > > I'm wonder why Timo didn't expand mail_replica to be a list of servers rather than just accepting one. > That would sort out a lot of this already. > mail_replica = 'server1,server2, .. serverN' > > Am I missing something? > > Cheers! > B I thought space separated values would work so I have had this running for a while - but after a closer examination just now I've just realised that space separated is accepted without error but -doesn't- actually work. In other words, the latest define of mail_replica silently overwrites the previous definitions. This is probably desirable as it allows per-user settings to override global ones, however it means that yes, there appears to be no way to configure multiple mail_replica values and have them work... Reuben From juancarlos.sanchez at upm.es Wed Jun 3 15:29:30 2015 From: juancarlos.sanchez at upm.es (Juan Carlos Sanchez) Date: Wed, 03 Jun 2015 17:29:30 +0200 Subject: SIS attachments compressed Message-ID: <556F1D5A.70506@upm.es> Hello: In case it is defined to use zlib compression, does SIS save attachments compressed? I have found this question replied in the past (2012) and the answer was NO. I ask again just to know if there have been changes or if it is in the roadmap to add compression. I have been testing to migrate from maildir+zlib to mdbox+zlib+sis and the results, in terms of space used, and worst than using just mdbox+zlib (without SIS), and suppose the reason in the lack of compression in attachments. Thanks in advance. -- ------------------------------------------------------ Juan Carlos Sanchez Hernandez Responsable de Seguridad y Correo Electronico Servicio de Planificacion Informatica y Comunicaciones Universidad Politecnica de Madrid Rectorado Avda. Ramiro de Maeztu 7 28040 Madrid ------------------------------------------------------ From itsec at bomze.de Wed Jun 3 15:43:31 2015 From: itsec at bomze.de (Robinson Bomze) Date: Wed, 03 Jun 2015 17:43:31 +0200 Subject: indexer-worker crashes handling mails with big attachments (dovecot 2.2.16/2.2.18 + FTS Apache Solr + Tika) Message-ID: <556F20A3.7040704@bomze.de> Hi, yesterday i tried to setup Dovecot with Solr (3.6.2) + Tika (1.8) for FTS. i used a fresh Debian 8.0 system in the beginning with Dovecot 2.2.13 from the Debian repository. After i got some issues with Tika/Dovecot and i read on the mailinglist that these problems where fixed in 2.2.14+, so i tried 2.2.18. With 2.2.18 i get panics with big (ok... huge) attachments. Most mailboxes (and their attachments) get index fine, but on some i got panics from the indexer-worker. i was able to isolate the problem. It seems that when Tika (which works flawless) sends a big reply to Dovecot and Dovecot sends this data to Solr, communication crashes between Dovecot and Solr. Eg. indexing an email with a 200k char wordfile results in a panic of the indexer-worker: Jun 02 23:50:57 indexer-worker(username): Warning: I/O leak: 0x7ff65f39f540 (line 120, fd 20) Jun 02 23:50:57 indexer-worker(username): Warning: Timeout leak: 0x7ff65f39f2e0 (line 325) Jun 02 23:50:57 indexer: Error: Indexer worker disconnected, discarding 1 requests for username Jun 02 23:50:57 imap(username): Error: indexer failed to index mailbox INBOX.username Jun 02 23:50:57 indexer-worker(username): Fatal: master: service(indexer-worker): child 11429 killed with signal 11 (core dumped) I got similar issues results with 2.2.16: Jun 02 23:21:12 indexer-worker(username): Warning: I/O leak: 0x7ffff7811cc0 (line 127, fd 20) Jun 02 23:21:12 indexer-worker(username): Panic: file ioloop.c: line 39 (io_add_file): assertion failed: (callback != NULL) Jun 02 23:21:12 indexer-worker(username): Error: Raw backtrace: /usr/local/lib/dovecot/libdovecot.so.0(+0x77130) [0x7ffff7842130] -> /usr/local/lib/dovecot/libdovecot.so.0(+0x7 Jun 02 23:21:12 indexer: Error: Indexer worker disconnected, discarding 1 requests for username Jun 02 23:21:12 imap(username): Error: indexer failed to index mailbox INBOX.username Jun 02 23:21:12 indexer-worker(username): Fatal: master: service(indexer-worker): child 7909 killed with signal 6 (core dumps disabled) The problem was already posted: http://dovecot.org/pipermail/dovecot/2015-May/100901.html I could trigger the same panic running the indexer via 'doveadm index -u username MAILBOX'. Here is a backtrace (bt) of the 2.2.18-crash (on line #8 you see a fragement of the text sent to solr): #0 array_count_i (array=0x8) at array.h:155 #1 array_get_modifiable_i (count_r=, array=0x8) at array.h:228 #2 priorityq_remove_idx (pq=0x0, idx=0) at priorityq.c:121 #3 0x00007ff65f3ef5eb in priorityq_remove (pq=, item=item at entry=0xa26920) at priorityq.c:138 #4 0x00007ff65f3e1e70 in timeout_remove (_timeout=) at ioloop.c:288 #5 0x00007ff65f3e2781 in io_loop_move_timeout (_timeout=_timeout at entry=0xa27f98) at ioloop.c:861 #6 0x00007ff65f39ff37 in http_client_connection_switch_ioloop (conn=conn at entry=0xa27ea0) at http-client-connection.c:1357 #7 0x00007ff65f3a3d68 in http_client_switch_ioloop (client=client at entry=0xa0bf20) at http-client.c:211 #8 0x00007ff65f39c005 in http_client_request_continue_payload (_req=_req at entry=0xa0ee88, data=0xa42fa0 "k for evidence of fluid spill.\nIf the device is mounted on a stand, examine the condition of the mount.\nIf the device moves on casters, check the condition of the casters. Check operation of brakes, i"..., size=55453) at http-client-request.c:566 #9 0x00007ff65f39c22a in http_client_request_send_payload (_req=_req at entry=0xa0ee88, data=, size=) at http-client-request.c:625 #10 0x00007ff65e972429 in solr_connection_post_more (post=0xa0ee80, data=, size=size at entry=55453) at solr-connection.c:504 #11 0x00007ff65e96ea09 in fts_backed_solr_build_commit (ctx=0xa1a880) at fts-backend-solr.c:341 #12 0x00007ff65e96eaad in fts_backend_solr_update_set_mailbox (_ctx=0xa1a880, box=0x0) at fts-backend-solr.c:407 #13 0x00007ff65eb7cfac in fts_backend_set_cur_mailbox (ctx=ctx at entry=0xa1a880) at fts-api.c:129 #14 0x00007ff65eb7cfe3 in fts_backend_update_deinit (_ctx=) at fts-api.c:143 #15 0x00007ff65eb8303c in fts_transaction_end (t=t at entry=0xa11ed0) at fts-storage.c:550 #16 0x00007ff65eb83e91 in fts_transaction_commit (t=0xa11ed0, changes_r=0x7ffdcdca5e30) at fts-storage.c:615 #17 0x00007ff65f688a82 in mailbox_transaction_commit_get_changes (_t=_t at entry=0x7ffdcdca5ee0, changes_r=changes_r at entry=0x7ffdcdca5e30) at mail-storage.c:1837 #18 0x00007ff65f688b2e in mailbox_transaction_commit (t=t at entry=0x7ffdcdca5ee0) at mail-storage.c:1818 "bt full" looks like this: #0 array_count_i (array=0x8) at array.h:155 No locals. #1 array_get_modifiable_i (count_r=, array=0x8) at array.h:228 No locals. #2 priorityq_remove_idx (pq=0x0, idx=0) at priorityq.c:121 count = #3 0x00007ff65f3ef5eb in priorityq_remove (pq=, item=item at entry=0xa26920) at priorityq.c:138 No locals. #4 0x00007ff65f3e1e70 in timeout_remove (_timeout=) at ioloop.c:288 timeout = 0xa26920 #5 0x00007ff65f3e2781 in io_loop_move_timeout (_timeout=_timeout at entry=0xa27f98) at ioloop.c:861 new_to = 0xa1adf0 old_to = #6 0x00007ff65f39ff37 in http_client_connection_switch_ioloop (conn=conn at entry=0xa27ea0) at http-client-connection.c:1357 No locals. #7 0x00007ff65f3a3d68 in http_client_switch_ioloop (client=client at entry=0xa0bf20) at http-client.c:211 conn = 0xa27ea0 _conn = 0xa27ea0 host = peer = #8 0x00007ff65f39c005 in http_client_request_continue_payload (_req=_req at entry=0xa0ee88, data=0xa42fa0 "k for evidence of fluid spill.\nIf the device is mounted on a stand, examine the condition of the mount.\nIf the device moves on casters, check the condition of the casters. Check operation of brakes, i"..., size=55453) at http-client-request.c:566 prev_ioloop = 0x9f4730 req = 0xa36970 conn = 0xa27ea0 client = 0xa0bf20 ret = __FUNCTION__ = "http_client_request_continue_payload" #9 0x00007ff65f39c22a in http_client_request_send_payload (_req=_req at entry=0xa0ee88, data=, size=) at http-client-request.c:625 __FUNCTION__ = "http_client_request_send_payload" #10 0x00007ff65e972429 in solr_connection_post_more (post=0xa0ee80, data=, size=size at entry=55453) at solr-connection.c:504 conn = 0xa0be50 __FUNCTION__ = "solr_connection_post_more" Hope anyone fixes the code... i need this feature :) Thanks a lot in advance! From davide.marchi at mail.cgilfe.it Wed Jun 3 16:08:04 2015 From: davide.marchi at mail.cgilfe.it (Davide) Date: Wed, 03 Jun 2015 18:08:04 +0200 Subject: indexer-worker crashes handling mails with big attachments (dovecot 2.2.16/2.2.18 + FTS Apache Solr + Tika) In-Reply-To: <556F20A3.7040704@bomze.de> (sfid-20150603_174433_380992_B9CAA3C3) References: <556F20A3.7040704@bomze.de> (sfid-20150603_174433_380992_B9CAA3C3) Message-ID: <556F2664.2000600@mail.cgilfe.it> Same problem and same structure Mr Bomze exept for Solr that mine is at the 4.10.3 and tika server at 1.8 version Il 03/06/2015 17:43, Robinson Bomze ha scritto: > Hi, > > yesterday i tried to setup Dovecot with Solr (3.6.2) + Tika (1.8) for > FTS. i used a fresh Debian 8.0 system in the beginning with Dovecot > 2.2.13 from the Debian repository. After i got some issues with > Tika/Dovecot and i read on the mailinglist that these problems where > fixed in 2.2.14+, so i tried 2.2.18. > > With 2.2.18 i get panics with big (ok... huge) attachments. Most > mailboxes (and their attachments) get index fine, but on some i got > panics from the indexer-worker. i was able to isolate the problem. > It seems that when Tika (which works flawless) sends a big reply to > Dovecot and Dovecot sends this data to Solr, communication crashes > between Dovecot and Solr. > > Eg. indexing an email with a 200k char wordfile results in a panic of > the indexer-worker: > > Jun 02 23:50:57 indexer-worker(username): Warning: I/O leak: > 0x7ff65f39f540 (line 120, fd 20) > Jun 02 23:50:57 indexer-worker(username): Warning: Timeout leak: > 0x7ff65f39f2e0 (line 325) > Jun 02 23:50:57 indexer: Error: Indexer worker disconnected, discarding > 1 requests for username > Jun 02 23:50:57 imap(username): Error: indexer failed to index mailbox > INBOX.username > Jun 02 23:50:57 indexer-worker(username): Fatal: master: > service(indexer-worker): child 11429 killed with signal 11 (core dumped) > > I got similar issues results with 2.2.16: > Jun 02 23:21:12 indexer-worker(username): Warning: I/O leak: > 0x7ffff7811cc0 (line 127, fd 20) > Jun 02 23:21:12 indexer-worker(username): Panic: file ioloop.c: line 39 > (io_add_file): assertion failed: (callback != NULL) > Jun 02 23:21:12 indexer-worker(username): Error: Raw backtrace: > /usr/local/lib/dovecot/libdovecot.so.0(+0x77130) [0x7ffff7842130] -> > /usr/local/lib/dovecot/libdovecot.so.0(+0x7 > Jun 02 23:21:12 indexer: Error: Indexer worker disconnected, discarding > 1 requests for username > Jun 02 23:21:12 imap(username): Error: indexer failed to index mailbox > INBOX.username > Jun 02 23:21:12 indexer-worker(username): Fatal: master: > service(indexer-worker): child 7909 killed with signal 6 (core dumps > disabled) > > The problem was already posted: > http://dovecot.org/pipermail/dovecot/2015-May/100901.html > I could trigger the same panic running the indexer via 'doveadm index -u > username MAILBOX'. > > Here is a backtrace (bt) of the 2.2.18-crash (on line #8 you see a > fragement of the text sent to solr): > > #0 array_count_i (array=0x8) at array.h:155 > #1 array_get_modifiable_i (count_r=, array=0x8) at > array.h:228 > #2 priorityq_remove_idx (pq=0x0, idx=0) at priorityq.c:121 > #3 0x00007ff65f3ef5eb in priorityq_remove (pq=, > item=item at entry=0xa26920) at priorityq.c:138 > #4 0x00007ff65f3e1e70 in timeout_remove (_timeout=) at > ioloop.c:288 > #5 0x00007ff65f3e2781 in io_loop_move_timeout > (_timeout=_timeout at entry=0xa27f98) at ioloop.c:861 > #6 0x00007ff65f39ff37 in http_client_connection_switch_ioloop > (conn=conn at entry=0xa27ea0) at http-client-connection.c:1357 > #7 0x00007ff65f3a3d68 in http_client_switch_ioloop > (client=client at entry=0xa0bf20) at http-client.c:211 > #8 0x00007ff65f39c005 in http_client_request_continue_payload > (_req=_req at entry=0xa0ee88, > data=0xa42fa0 "k for evidence of fluid spill.\nIf the device is > mounted on a stand, examine the condition of the mount.\nIf the device > moves on casters, check the condition of the casters. Check operation of > brakes, i"..., size=55453) at http-client-request.c:566 > #9 0x00007ff65f39c22a in http_client_request_send_payload > (_req=_req at entry=0xa0ee88, data=, size=) > at http-client-request.c:625 > #10 0x00007ff65e972429 in solr_connection_post_more (post=0xa0ee80, > data=, size=size at entry=55453) at solr-connection.c:504 > #11 0x00007ff65e96ea09 in fts_backed_solr_build_commit (ctx=0xa1a880) at > fts-backend-solr.c:341 > #12 0x00007ff65e96eaad in fts_backend_solr_update_set_mailbox > (_ctx=0xa1a880, box=0x0) at fts-backend-solr.c:407 > #13 0x00007ff65eb7cfac in fts_backend_set_cur_mailbox > (ctx=ctx at entry=0xa1a880) at fts-api.c:129 > #14 0x00007ff65eb7cfe3 in fts_backend_update_deinit (_ctx= out>) at fts-api.c:143 > #15 0x00007ff65eb8303c in fts_transaction_end (t=t at entry=0xa11ed0) at > fts-storage.c:550 > #16 0x00007ff65eb83e91 in fts_transaction_commit (t=0xa11ed0, > changes_r=0x7ffdcdca5e30) at fts-storage.c:615 > #17 0x00007ff65f688a82 in mailbox_transaction_commit_get_changes > (_t=_t at entry=0x7ffdcdca5ee0, changes_r=changes_r at entry=0x7ffdcdca5e30) > at mail-storage.c:1837 > #18 0x00007ff65f688b2e in mailbox_transaction_commit > (t=t at entry=0x7ffdcdca5ee0) at mail-storage.c:1818 > > "bt full" looks like this: > #0 array_count_i (array=0x8) at array.h:155 > No locals. > #1 array_get_modifiable_i (count_r=, array=0x8) at > array.h:228 > No locals. > #2 priorityq_remove_idx (pq=0x0, idx=0) at priorityq.c:121 > count = > #3 0x00007ff65f3ef5eb in priorityq_remove (pq=, > item=item at entry=0xa26920) at priorityq.c:138 > No locals. > #4 0x00007ff65f3e1e70 in timeout_remove (_timeout=) at > ioloop.c:288 > timeout = 0xa26920 > #5 0x00007ff65f3e2781 in io_loop_move_timeout > (_timeout=_timeout at entry=0xa27f98) at ioloop.c:861 > new_to = 0xa1adf0 > old_to = > #6 0x00007ff65f39ff37 in http_client_connection_switch_ioloop > (conn=conn at entry=0xa27ea0) at http-client-connection.c:1357 > No locals. > #7 0x00007ff65f3a3d68 in http_client_switch_ioloop > (client=client at entry=0xa0bf20) at http-client.c:211 > conn = 0xa27ea0 > _conn = 0xa27ea0 > host = > peer = > #8 0x00007ff65f39c005 in http_client_request_continue_payload > (_req=_req at entry=0xa0ee88, > data=0xa42fa0 "k for evidence of fluid spill.\nIf the device is > mounted on a stand, examine the condition of the mount.\nIf the device > moves on casters, check the condition of the casters. Check operation of > brakes, i"..., size=55453) at http-client-request.c:566 > prev_ioloop = 0x9f4730 > req = 0xa36970 > conn = 0xa27ea0 > client = 0xa0bf20 > ret = > __FUNCTION__ = "http_client_request_continue_payload" > #9 0x00007ff65f39c22a in http_client_request_send_payload > (_req=_req at entry=0xa0ee88, data=, size=) > at http-client-request.c:625 > __FUNCTION__ = "http_client_request_send_payload" > #10 0x00007ff65e972429 in solr_connection_post_more (post=0xa0ee80, > data=, size=size at entry=55453) at solr-connection.c:504 > conn = 0xa0be50 > __FUNCTION__ = "solr_connection_post_more" > > Hope anyone fixes the code... i need this feature :) > Thanks a lot in advance! > > From yahooguntu at gmail.com Wed Jun 3 20:05:59 2015 From: yahooguntu at gmail.com (Yahooguntu) Date: Wed, 03 Jun 2015 20:05:59 +0000 Subject: Misleading SSL/TLS Log Messages Message-ID: Hi all, I think I've found a small bug in how Dovecot logs SSL/TLS info. Basically, if I connect to the server using TLS, the logs have a lot of entries saying I used SSLv3 (which is not allowed). Here's my system info: OSX Yosemite (x86_64, HFS+) Dovecot 2.2.15 (via Homebrew) OpenSSL 0.9.8zd The configuration (see below) disallows SSLv3, and if I try and connect with OpenSSL to test that ("openssl s_client -connect localhost:993 -ssl3") it fails as expected. If I do the same command, but with "-tls1" instead of "-ssl3", I can connect and run IMAP commands. The problem is, if I open up the Dovecot logs and look at the SSL log messages, they all say I used SSLv3. As an example, this is a truncated log from when I connected to the server and immediately did a LOGOUT: 14:50:59 : master: Warning: Killed with signal 15 (by pid=1 uid=0 code=unknown 0) 14:51:03 : master: Dovecot v2.2.15 starting up for imap, lmtp (core dumps disabled) 14:51:13 : imap-login: Debug: SSL: elliptic curve secp384r1 will be used for ECDH and ECDHE key exchanges 14:51:13 --- last message repeated 1 time --- 14:51:13 : imap-login: Debug: SSL: where=0x10, ret=1: before/accept initialization [127.0.0.1] 14:51:13 : imap-login: Debug: SSL: where=0x2001, ret=1: before/accept initialization [127.0.0.1] 14:51:13 : imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client hello A [127.0.0.1] 14:51:13 : imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write server hello A [127.0.0.1] 14:51:13 : imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write certificate A [127.0.0.1] 14:51:13 : imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write key exchange A [127.0.0.1] 14:51:13 : imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write server done A [127.0.0.1] 14:51:13 : imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 flush data [127.0.0.1] 14:51:13 : imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client certificate A [127.0.0.1] 14:51:13 : imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client key exchange A [127.0.0.1] 14:51:13 --- last message repeated 1 time --- 14:51:13 : imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client key exchange A [127.0.0.1] 14:51:13 : imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read finished A [127.0.0.1] 14:51:13 : imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write session ticket A [127.0.0.1] 14:51:13 : imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write change cipher spec A [127.0.0.1] 14:51:13 : imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write finished A [127.0.0.1] 14:51:13 : imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 flush data [127.0.0.1] 14:51:13 : imap-login: Debug: SSL: where=0x20, ret=1: SSL negotiation finished successfully [127.0.0.1] 14:51:13 : imap-login: Debug: SSL: where=0x2002, ret=1: SSL negotiation finished successfully [127.0.0.1] 14:51:19 : imap-login: Aborted login (no auth attempts in 6 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, TLS, session= 14:51:19 : imap-login: Debug: SSL alert: close notify [127.0.0.1] The second to last line, which indicates I never tried to log in, correctly states that I used TLS. All the lines for SSL debugging, though, state I used SSL or SSLv3. This is a test setup, so it accepts any mail from @example.com addresses over LMTP and allows any user to connect with the password "staticpassword". Here's the output of "dovecot -n": # 2.2.15: /usr/local/etc/dovecot/dovecot.conf # OS: Darwin 14.3.0 x86_64 hfs default_client_limit = 50 default_internal_user = _dovecot default_login_user = _dovenull default_process_limit = 10 listen = 127.0.0.1 mail_gid = admin mail_location = mbox:/usr/local/etc/dovecot/mailboxes/%n mail_uid = [my username] namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = password=staticpassword driver = static } postmaster_address = postmaster at example.com protocols = imap lmtp service lmtp { inet_listener lmtp { address = 127.0.0.1 ::1 port = 24 } } ssl = required ssl_cert = Message-ID: <20150603224132.Horde.STTs2vRRk-KAzHjv2W745Bz@andreasschulze.de> Yahooguntu: > 14:51:13 : imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read > client hello A [127.0.0.1] not a bug. sslv3 and tlsv1.0 are not very different. programmers usually shared large portions of code. Remember: sslv3 and tls1.0 are 15 years old... it's common not only to dovecot that debug logs say ssl3 where tls1 is talked. But: only for debug messages. From fzielcke at z-51.de Thu Jun 4 03:29:54 2015 From: fzielcke at z-51.de (Felix Zielcke) Date: Thu, 04 Jun 2015 05:29:54 +0200 Subject: Testing SHA512-CRYPT password hashes with doveadm pw -t fails Message-ID: <1433388594.1692.13.camel@z-51.de> Hi, I use Debian jessie with Dovecot 2.2.13-11. While writing a script for Horde to change the passwords in my passwd file I noticed doveadm pw -t fails for SHA512-CRYPT: # doveadm pw -s SHA1 -p test {SHA1}qUqP5cyxm6YcTAhz05Hph5gvu9M= # doveadm pw -t {SHA1}qUqP5cyxm6YcTAhz05Hph5gvu9M= -p test {SHA1}qUqP5cyxm6YcTAhz05Hph5gvu9M= (verified) # doveadm pw -s SHA512-CRYPT -p test {SHA512-CRYPT}$6$8FfoioQWQDR/Vuzu$ynKiO/E6Xf4dMvfx2LsP9KQotqy5cEOEppnEh5Hqe1UpCYAgOwSIJlNb0O65fxdYcRZH3gNFQ7ZOM/2kD/R811 doveadm pw -t {SHA512-CRYPT}$6$8FfoioQWQDR/Vuzu$ynKiO/E6Xf4dMvfx2LsP9KQotqy5cEOEppnEh5Hqe1UpCYAgOwSIJlNb0O65fxdYcRZH3gNFQ7ZOM/2kD/R811 -p test doveadm(root): Fatal: reverse password verification check failed: Password mismatch If this can't work for SHA512-CRYPT then at least the error message should be more helpful. Or am I understanding the -t option wrongly? Then this sohuld be maybe somewhere clarified. I just use now doveadm auth test which works fine. Regards, Felix Zielcke From HFlor at gmx.de Thu Jun 4 06:15:57 2015 From: HFlor at gmx.de (Hardy Flor) Date: Thu, 04 Jun 2015 08:15:57 +0200 Subject: Testing SHA512-CRYPT password hashes with doveadm pw -t fails In-Reply-To: <1433388594.1692.13.camel@z-51.de> References: <1433388594.1692.13.camel@z-51.de> Message-ID: <556FED1D.4080203@gmx.de> doveadm pw -t '{SHA512-CRYPT}$6$8FfoioQWQDR/Vuzu$ynKiO/E6Xf4dMvfx2LsP9KQotqy5cEOEppnEh5Hqe1UpCYAgOwSIJlNb0O65fxdYcRZH3gNFQ7ZOM/2kD/R811' -p test You have $ in the password, see man-page of shell ... Am 04.06.2015 um 05:29 schrieb Felix Zielcke: > oveadm pw -t {SHA512-CRYPT}$6$8FfoioQWQDR/Vuzu$ynKiO/E6Xf4dMvfx2LsP9KQotqy5cEOEppnEh5Hqe1UpCYAgOwSIJlNb0O65fxdYcRZH3gNFQ7ZOM/2kD/R811 -p test From fzielcke at z-51.de Thu Jun 4 07:32:07 2015 From: fzielcke at z-51.de (Felix Zielcke) Date: Thu, 04 Jun 2015 09:32:07 +0200 Subject: Testing SHA512-CRYPT password hashes with doveadm pw -t fails In-Reply-To: <556FED1D.4080203@gmx.de> References: <1433388594.1692.13.camel@z-51.de> <556FED1D.4080203@gmx.de> Message-ID: <1433403127.1730.1.camel@z-51.de> Am Donnerstag, den 04.06.2015, 08:15 +0200 schrieb Hardy Flor: > doveadm pw -t > '{SHA512-CRYPT}$6$8FfoioQWQDR/Vuzu$ynKiO/E6Xf4dMvfx2LsP9KQotqy5cEOEppnEh5Hqe1UpCYAgOwSIJlNb0O65fxdYcRZH3gNFQ7ZOM/2kD/R811' > -p test > > You have $ in the password, see man-page of shell ... Args right. This Escaping problem bite me already with my backup script. Now it works. Anyway. This mail got me to subscribing the dovecot list. Now that I have again my own mail server it's good to keep a bit updated :) From sjh_dovecot at shic.co.uk Thu Jun 4 12:40:57 2015 From: sjh_dovecot at shic.co.uk (Steve) Date: Thu, 04 Jun 2015 13:40:57 +0100 Subject: Does Dovecot allow different clients to subscribe different subsets of IMAP folders? Message-ID: <55704759.9010205@shic.co.uk> I have a working Dovecot IMAP server (v. 2.2.9) where I have a single user but a lot of folders (over 800 in total, hierarchically arranged, about 50 of which are in active use.) I have multiple clients (including k9Mail on Android and Thunderbird on Linux and Windows). These clients all present a consistent subscription to a single subset of the available folders . What I'd like to be able to do is (somehow) allow different devices (different email clients) to subscribe to a different subset of folders. For example, I may want K9mail on my phone to be subscribed only to my "main Inbox" - but for Thunderbird on Windows to also be subscribed to active mailing-list folders. Does Dovecot support such a mode of operation? If so, how do I configure it? If not, what options are there to achieve the desired end result - i.e. different devices/IMAP clients subscribed to different subsets of the universe of folders available to a single user. Mandatory details: Version : 2.2.9 Configuration: See http://paste.ubuntu.com/11564807/ From b-dovecot.org at grmbl.net Thu Jun 4 14:09:20 2015 From: b-dovecot.org at grmbl.net (b-dovecot.org at grmbl.net) Date: Thu, 4 Jun 2015 16:09:20 +0200 Subject: Does Dovecot allow different clients to subscribe different subsets of IMAP folders? In-Reply-To: <55704759.9010205@shic.co.uk> References: <55704759.9010205@shic.co.uk> Message-ID: <20150604140920.GF4032@mx.grmbl.net> Hi Steve, I don't know if dovecot can use different 'subscriptions' but you can create different accounts and then link (ln -s) the relevant folders in each respective maildir. Cheers, B On Thu, Jun 04, 2015 at 01:40:57PM +0100, Steve wrote: > I have a working Dovecot IMAP server (v. 2.2.9) where I have a single > user but a lot of folders (over 800 in total, hierarchically > arranged, about 50 of which are in active use.) > > I have multiple clients (including k9Mail on Android and Thunderbird > on Linux and Windows). These clients all present a consistent > subscription to a single subset of the available folders . > > What I'd like to be able to do is (somehow) allow different devices > (different email clients) to subscribe to a different subset of > folders. For example, I may want K9mail on my phone to be subscribed > only to my "main Inbox" - but for Thunderbird on Windows to also be > subscribed to active mailing-list folders. > > Does Dovecot support such a mode of operation? If so, how do I > configure it? If not, what options are there to achieve the desired > end result - i.e. different devices/IMAP clients subscribed to > different subsets of the universe of folders available to a single > user. > > Mandatory details: > Version : 2.2.9 > Configuration: See http://paste.ubuntu.com/11564807/ From troeder at univention.de Thu Jun 4 14:24:46 2015 From: troeder at univention.de (=?UTF-8?B?RGFuaWVsIFRyw7ZkZXI=?=) Date: Thu, 04 Jun 2015 16:24:46 +0200 Subject: Does Dovecot allow different clients to subscribe different subsets of IMAP folders? In-Reply-To: <55704759.9010205@shic.co.uk> References: <55704759.9010205@shic.co.uk> Message-ID: <55705FAE.5070703@univention.de> Hi Steve, I don't think the IMAP protocol has the concept of a "user agent". So there is no way for an IMAP server to distinguish between client programs. You could use POP and poll different mailboxes - but your clients probably don't support that. So you'll have to use different users. But that give you a cool solution: Use shared mailboxes. You could share all mailboxes of you main user to all the "device-users" and then use the clients to subscribe only to those mailboxes that are of interest. That way you can change what a client sees using the client program, without logging into the server as root. Especially nice, when you are traveling and decide you need to read a mailbox with your mobile you hadn't though about before. Greetings Daniel Am 04.06.2015 um 14:40 schrieb Steve: > I have a working Dovecot IMAP server (v. 2.2.9) where I have a single > user but a lot of folders (over 800 in total, hierarchically arranged, > about 50 of which are in active use.) > > I have multiple clients (including k9Mail on Android and Thunderbird on > Linux and Windows). These clients all present a consistent subscription > to a single subset of the available folders . > > What I'd like to be able to do is (somehow) allow different devices > (different email clients) to subscribe to a different subset of folders. > For example, I may want K9mail on my phone to be subscribed only to my > "main Inbox" - but for Thunderbird on Windows to also be subscribed to > active mailing-list folders. > > Does Dovecot support such a mode of operation? If so, how do I configure > it? If not, what options are there to achieve the desired end result - > i.e. different devices/IMAP clients subscribed to different subsets of > the universe of folders available to a single user. > > Mandatory details: > Version : 2.2.9 > Configuration: See http://paste.ubuntu.com/11564807/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From sjh_dovecot at shic.co.uk Thu Jun 4 14:43:28 2015 From: sjh_dovecot at shic.co.uk (Steve) Date: Thu, 04 Jun 2015 15:43:28 +0100 Subject: Does Dovecot allow different clients to subscribe different subsets of IMAP folders? In-Reply-To: <55705FAE.5070703@univention.de> References: <55704759.9010205@shic.co.uk> <55705FAE.5070703@univention.de> Message-ID: <55706410.7060700@shic.co.uk> Hi Daniel, Hmm - I'm happy to use different 'user names' to log into Dovecot... as long as each of these logins can still subscribe to the same universe of folders I have available at present. I can envision using steve_mobile and steve_desktop as logins, as long as these still provide access to the same mailboxes as I have in steve's Maildir folder. I'm guessing that this would mean I can't/shouldn't use PAM for Dovecot authentication? I don't really want to create 'dummy' (shell-account) "users" on my server... but, I guess, it would be OK if I were to use some other authentication mechanism, and pointed all these Dovecot-only logins to the same Maildir folder. By any chance, is there a 'howto' detailing a suitable sample configuration for such a setup? BTW - I would definitely want to be able to change subscriptions from any device... I just want independent subscriptions for my tablet/phone/desktop/VM clients - as I use email in different ways from these different environments. On 04/06/2015 15:24, Daniel Tr?der wrote: > Hi Steve, > > I don't think the IMAP protocol has the concept of a "user agent". So > there is no way for an IMAP server to distinguish between client programs. > > You could use POP and poll different mailboxes - but your clients > probably don't support that. So you'll have to use different users. > > But that give you a cool solution: Use shared mailboxes. > > You could share all mailboxes of you main user to all the "device-users" > and then use the clients to subscribe only to those mailboxes that are > of interest. > > That way you can change what a client sees using the client program, > without logging into the server as root. Especially nice, when you are > traveling and decide you need to read a mailbox with your mobile you > hadn't though about before. > > Greetings > Daniel > From troeder at univention.de Thu Jun 4 15:26:30 2015 From: troeder at univention.de (=?UTF-8?B?RGFuaWVsIFRyw7ZkZXI=?=) Date: Thu, 04 Jun 2015 17:26:30 +0200 Subject: Does Dovecot allow different clients to subscribe different subsets of IMAP folders? In-Reply-To: <55706410.7060700@shic.co.uk> References: <55704759.9010205@shic.co.uk> <55705FAE.5070703@univention.de> <55706410.7060700@shic.co.uk> Message-ID: <55706E26.4000604@univention.de> Hi Steve, for some reason I didn't get you message though the mailing list (my ml settings?), but only directly. For the sake of completeness I'm replying here - I hope that's OK. Shared mailboxes are really easy to implement. Just enable the namespace (type = shared) in /etc/dovecot/conf.d/10-mail.conf http://wiki2.dovecot.org/Namespaces http://wiki2.dovecot.org/SharedMailboxes/Shared You may want to share index files, so you'll have the same [un]read flags on all devices. Simply do _not_ configure INDEXPVT, or configure it to a common directory. If you wish to share keywords so you'll have the same "important"/"red"/"star" flags on all accounts, do _not_ configure pre-user CONTROL, or configure it to a common directory. I think this should work: namespace { type = shared separator = / prefix = shared/%%u/ location = maildir:%%h/Maildir subscriptions = no list = children } You'll have to configure ACLs too. http://wiki2.dovecot.org/ACL /etc/dovecot/conf.d/90-acl.conf plugin { acl_shared_dict = file:/var/lib/dovecot/shared-mailboxes } plugin { # Without global ACLs: acl = vfile } 10-mail.conf: mail_plugins = $mail_plugins acl quota 20-imap.conf: mail_plugins = $mail_plugins imap_acl imap_quota Then you can get/set ACLs with: doveadm acl get -u mobile at mail.com shared/main at mail.com <--- INBOX doveadm acl set -A shared/main at mail.com mobile at mail.com lookup read ... doveadm acl get -u mobile at mail.com shared/main at mail.com doveadm acl set -A shared/main at mail.com mobile at mail.com/Spam lookup read ... You'll have to find a way to do this for all your mailboxes in some shell script or with python or whatever. Good luck Daniel Am 04.06.2015 um 16:43 schrieb Steve: > Hi Daniel, > > Hmm - I'm happy to use different 'user names' to log into Dovecot... as > long as each of these logins can still subscribe to the same universe of > folders I have available at present. I can envision using steve_mobile > and steve_desktop as logins, as long as these still provide access to > the same mailboxes as I have in steve's Maildir folder. > > I'm guessing that this would mean I can't/shouldn't use PAM for Dovecot > authentication? I don't really want to create 'dummy' (shell-account) > "users" on my server... but, I guess, it would be OK if I were to use > some other authentication mechanism, and pointed all these Dovecot-only > logins to the same Maildir folder. > > By any chance, is there a 'howto' detailing a suitable sample > configuration for such a setup? > > BTW - I would definitely want to be able to change subscriptions from > any device... I just want independent subscriptions for my > tablet/phone/desktop/VM clients - as I use email in different ways from > these different environments. > > On 04/06/2015 15:24, Daniel Tr?der wrote: >> Hi Steve, >> >> I don't think the IMAP protocol has the concept of a "user agent". So >> there is no way for an IMAP server to distinguish between client >> programs. >> >> You could use POP and poll different mailboxes - but your clients >> probably don't support that. So you'll have to use different users. >> >> But that give you a cool solution: Use shared mailboxes. >> >> You could share all mailboxes of you main user to all the "device-users" >> and then use the clients to subscribe only to those mailboxes that are >> of interest. >> >> That way you can change what a client sees using the client program, >> without logging into the server as root. Especially nice, when you are >> traveling and decide you need to read a mailbox with your mobile you >> hadn't though about before. >> >> Greetings >> Daniel >> > -- Daniel Tr?der Open Source Software Engineer Univention GmbH be open Mary-Somerville-Str.1 28359 Bremen Tel.: +49 421 22232-91 Fax : +49 421 22232-99 troeder at univention.de http://www.univention.de Gesch?ftsf?hrer: Peter H. Ganten HRB 20755 Amtsgericht Bremen Steuer-Nr.: 71-597-02876 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From pw at wk-serv.de Fri Jun 5 19:00:53 2015 From: pw at wk-serv.de (Patrick Westenberg) Date: Fri, 05 Jun 2015 21:00:53 +0200 Subject: LMTPs between proxy and backend Message-ID: <5571F1E5.1090508@wk-serv.de> Hi @all, I have a 3 server setup (MX ==LMTP==> Proxy ==LMTP==> Backend). After upgrading to 2.2.18 I was able to use LMTPs from MX to the proxy but not from the proxy to the backend: Received: from mf01.example.net ([172.17.1.5]) by mb01.example.net (Dovecot) with LMTP id T+LnDWrvcVWDSwAAJnBBGg for ; Fri, 05 Jun 2015 20:50:58 +0200 Received: from mx01.example.net ([172.17.1.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits) zlib compression) by mf01.example.net (Dovecot) with LMTP id 8uuXJ13vcVW2fgAATr09kg Can anyone help or is Dovecot not able to use LMTPs as client? Regards Patrick Proxy: # 2.2.18: /usr/local/etc/dovecot/dovecot.conf # Pigeonhole version 0.4.8 (0c4ae064f307+) # OS: Linux 3.16.0-0.bpo.4-amd64 x86_64 Debian 7.8 auth_mechanisms = plain login director_mail_servers = 172.17.1.1 172.17.1.2 director_servers = 172.17.1.3 172.17.1.4 director_user_expire = 5 mins lmtp_proxy = yes log_path = /var/log/dovecot.log managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate protocols = imap pop3 lmtp sieve service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } unix_listener auth-userdb { user = dovecot } } service director { fifo_listener login/proxy-notify { mode = 0666 } inet_listener { address = 172.17.1.3 port = 9090 } unix_listener director-userdb { mode = 0600 } unix_listener login/director { mode = 0666 } } service imap-login { executable = imap-login director process_min_avail = 1 service_count = 0 } service lmtp { inet_listener lmtp { address = 172.17.1.3 port = 24 } process_min_avail = 20 } service managesieve-login { executable = managesieve-login director inet_listener sieve { port = 4190 } } service pop3-login { executable = pop3-login director } ssl_cert = ssl_dh_parameters_length = 2048 ssl_key = Hello, I want to use dovecot as imap server with mbox storage format (described at [1]) but I also want to access (and modify!) those mbox files which are stored on server (and used by dovecot). What is correct way to read those mboxes? From wiki page [1] I read that I should ignore first message in mbox (which contains X-IMAPbase header) and mbox file is in mboxcl2 format. And what is correct way to modify that mbox file (which is used by dovecot imap)? I would like to configure mutt on server to directly access those mbox mailboxes without need to use imap protocol (over localhost). It is possible without any data/message damage? [1] - http://wiki2.dovecot.org/MailboxFormat/mbox -- Pali Roh?r pali.rohar at gmail.com -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: This is a digitally signed message part. URL: From darix at opensu.se Mon Jun 8 00:45:52 2015 From: darix at opensu.se (Marcus Rueckert) Date: Mon, 8 Jun 2015 02:45:52 +0200 Subject: Dovecot mbox & other programs In-Reply-To: <201506061901.29188@pali> References: <201506061901.29188@pali> Message-ID: <20150608004552.GF2722@nordisch.org> On 2015-06-06 19:01:29 +0200, Pali Roh?r wrote: > I want to use dovecot as imap server with mbox storage format (described > at [1]) but I also want to access (and modify!) those mbox files which > are stored on server (and used by dovecot). > > What is correct way to read those mboxes? From wiki page [1] I read that > I should ignore first message in mbox (which contains X-IMAPbase header) > and mbox file is in mboxcl2 format. > > And what is correct way to modify that mbox file (which is used by > dovecot imap)? I would like to configure mutt on server to directly > access those mbox mailboxes without need to use imap protocol (over > localhost). It is possible without any data/message damage? IMHO ... If you start a new mail server now ... Maildir is a better format. darix -- openSUSE - SUSE Linux is my linux openSUSE is good for you www.opensuse.org From tom at whyscream.net Mon Jun 8 11:42:53 2015 From: tom at whyscream.net (Tom Hendrikx) Date: Mon, 08 Jun 2015 13:42:53 +0200 Subject: Dovecot mbox & other programs In-Reply-To: <201506061901.29188@pali> References: <201506061901.29188@pali> Message-ID: <55757FBD.2050900@whyscream.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 06-06-15 19:01, Pali Roh?r wrote: > Hello, > > I want to use dovecot as imap server with mbox storage format > (described at [1]) but I also want to access (and modify!) those > mbox files which are stored on server (and used by dovecot). > > What is correct way to read those mboxes? From wiki page [1] I read > that I should ignore first message in mbox (which contains > X-IMAPbase header) and mbox file is in mboxcl2 format. > > And what is correct way to modify that mbox file (which is used by > dovecot imap)? I would like to configure mutt on server to > directly access those mbox mailboxes without need to use imap > protocol (over localhost). It is possible without any data/message > damage? Just out of curiosity: why are you interested in handling the files manually when dovecot and IMAP protocol can already do that for you? Even when accessing the files directly from the server, dovecot will handle possible file correction, access control, file permissions etc all for you. Using IMAP to localhost with mutt still gives you all of the above, maybe including other nice IMAP-related benefits such as FTS etc. Tom -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJVdX+9AAoJEJPfMZ19VO/1yqsP/3ZHyKwJJ9IAmeMTaT/W2wHM gLhXAJj3ZYO2s1gp5b2Swyq/ta4KUDEwgdWQQaDK2YVdyTTu9f/6TgMubPNcuYV9 ogfqyGunPpVk3ZVSf9U2EviU2SXvjzUDuZ1bI80IxQYVXYOidzAZw4wBN+IXjFss giLKaI+T6YOU2+nFrCkavjMXuwbPhjo84Xe2KPvB0mcGy31HQoHq/ChOYHVzYUkH 1qYVWOE5bjUMHZFwExsR84vhjIBTAqwqKP0Hf5JdZRIafsrysY0gqSOWcrTeu7HH e2MLQvtLr3vAWoi319AQ03vz//ESOKBfZl/tv2ZuVzh8o9l0zkDtm0FxMlj+rrmQ /O/1kV4jJGjcCYfL61hZPkHHcI8sJq81Dz0CX5xbisYCLkk+EpWHjQC9ILgcl6vQ FBBOqvCfgmyCgYHi/3PbIZ5Hd4gmzIG2Du+59Webv/dIigeNv5dW5gbqx7kLYP1A ltBYQYtK+/tSVOZKjvcfNoT6BQcSn90VGNC2QzO8FcDkTzu/ihiY4DuE9bpCDgAs uebcRa55DOhL3EFeEy85fczCuac1TM8uaO+la9Xdokj4lWl20j6HlGQPlykRlMx0 Kyw6Z42SIR9lFa+Q+KsvBDY94rfwj5sgmo5oelndno/l1bHx1h8BGesbzKyS53r1 Jl57kyy3lePwcQ+dbGYm =lrws -----END PGP SIGNATURE----- From pali.rohar at gmail.com Mon Jun 8 12:48:12 2015 From: pali.rohar at gmail.com (Pali =?utf-8?B?Um9ow6Fy?=) Date: Mon, 8 Jun 2015 14:48:12 +0200 Subject: Dovecot mbox & other programs In-Reply-To: <20150608004552.GF2722@nordisch.org> References: <201506061901.29188@pali> <20150608004552.GF2722@nordisch.org> Message-ID: <20150608124812.GH12078@pali> On Monday 08 June 2015 02:45:52 Marcus Rueckert wrote: > IMHO ... Maildir is a better format. Really? I do not think so! Having half of million (small) files in one directory is killer... which eats caches and slow down access time. Even listing such directory (without reading file contents) consume lot of CPU cycles... PS: I'm not subscribed to this list, so please CC me! -- Pali Roh?r pali.rohar at gmail.com From pali.rohar at gmail.com Mon Jun 8 12:57:33 2015 From: pali.rohar at gmail.com (Pali =?utf-8?B?Um9ow6Fy?=) Date: Mon, 8 Jun 2015 14:57:33 +0200 Subject: Dovecot mbox & other programs In-Reply-To: <55757FBD.2050900@whyscream.net> References: <201506061901.29188@pali> <55757FBD.2050900@whyscream.net> Message-ID: <20150608125733.GI12078@pali> On Monday 08 June 2015 13:42:53 Tom Hendrikx wrote: > On 06-06-15 19:01, Pali Roh?r wrote: > > Hello, > > > > I want to use dovecot as imap server with mbox storage format > > (described at [1]) but I also want to access (and modify!) those > > mbox files which are stored on server (and used by dovecot). > > > > What is correct way to read those mboxes? From wiki page [1] I read > > that I should ignore first message in mbox (which contains > > X-IMAPbase header) and mbox file is in mboxcl2 format. > > > > And what is correct way to modify that mbox file (which is used by > > dovecot imap)? I would like to configure mutt on server to > > directly access those mbox mailboxes without need to use imap > > protocol (over localhost). It is possible without any data/message > > damage? > > Just out of curiosity: why are you interested in handling the files > manually when dovecot and IMAP protocol can already do that for you? > Because I have direct access to files and so I would not use another indirect and slower access to them if I'm not forced. And also IMAP protocol is not implemented properly in any application and direct file access via open/read/write/... unix calls is easier as implementing and using too complicated IMAP protocol. If I want to download all emails as fast as possible I just rsync those mboxes. Using IMAP connection for this operation is slow, hard and I think also stupid. > Even when accessing the files directly from the server, dovecot will > handle possible file correction, access control, file permissions etc > all for you. Using IMAP to localhost with mutt still gives you all of > the above, maybe including other nice IMAP-related benefits such as > FTS etc. > > Tom I do not want to have one message stored N times, just because every IMAP client store message locally and message is stored also on IMAP server. If I use IMAP over localhost it means that I have to wait for IMAP protocol until client download all headers/body/etc... then do magic and show me emails. But I do not want to spend lot of time with writing philosophical problems of IMAP and their clients... I just want to know: How to correctly read dovecot mboxes and how to correctly write to them. Thats all. In your email I did not find this information :-( PS: I'm not subscribed to this list, so please CC me! -- Pali Roh?r pali.rohar at gmail.com From darix at opensu.se Mon Jun 8 21:06:26 2015 From: darix at opensu.se (Marcus Rueckert) Date: Mon, 8 Jun 2015 23:06:26 +0200 Subject: Dovecot mbox & other programs In-Reply-To: <20150608124812.GH12078@pali> References: <201506061901.29188@pali> <20150608004552.GF2722@nordisch.org> <20150608124812.GH12078@pali> Message-ID: <20150608210626.GI2722@nordisch.org> On 2015-06-08 14:48:12 +0200, Pali Roh?r wrote: > On Monday 08 June 2015 02:45:52 Marcus Rueckert wrote: > > IMHO ... Maildir is a better format. > > Really? I do not think so! Having half of million (small) files in one > directory is killer... which eats caches and slow down access time. > Even listing such directory (without reading file contents) consume lot > of CPU cycles... so what? 1. modern filesystems 2. dovecot's caching 313k mails in single mailbox and no problems at all. > PS: I'm not subscribed to this list, so please CC me! you should change that. it isnt that high traffic. or use the imap access provided here: http://www.dovecot.org/mailinglists.html -- openSUSE - SUSE Linux is my linux openSUSE is good for you www.opensuse.org From pali.rohar at gmail.com Mon Jun 8 21:11:09 2015 From: pali.rohar at gmail.com (Pali =?utf-8?q?Roh=C3=A1r?=) Date: Mon, 8 Jun 2015 23:11:09 +0200 Subject: Dovecot mbox & other programs In-Reply-To: <20150608210626.GI2722@nordisch.org> References: <201506061901.29188@pali> <20150608124812.GH12078@pali> <20150608210626.GI2722@nordisch.org> Message-ID: <201506082311.09349@pali> On Monday 08 June 2015 23:06:26 Marcus Rueckert wrote: > On 2015-06-08 14:48:12 +0200, Pali Roh?r wrote: > > On Monday 08 June 2015 02:45:52 Marcus Rueckert wrote: > > > IMHO ... Maildir is a better format. > > > > Really? I do not think so! Having half of million (small) files in > > one directory is killer... which eats caches and slow down access > > time. Even listing such directory (without reading file contents) > > consume lot of CPU cycles... > > so what? > > 1. modern filesystems > 2. dovecot's caching > > 313k mails in single mailbox and no problems at all. > Still I want read/write access to storage and want to use mbox as storage (also for easier backup and copy)... And my question was how to properly read and write from/to mbox files which are used by dovecot. -- Pali Roh?r pali.rohar at gmail.com -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: This is a digitally signed message part. URL: From darix at opensu.se Mon Jun 8 21:17:50 2015 From: darix at opensu.se (Marcus Rueckert) Date: Mon, 8 Jun 2015 23:17:50 +0200 Subject: Dovecot mbox & other programs In-Reply-To: <201506082311.09349@pali> References: <201506061901.29188@pali> <20150608124812.GH12078@pali> <20150608210626.GI2722@nordisch.org> <201506082311.09349@pali> Message-ID: <20150608211750.GK2722@nordisch.org> On 2015-06-08 23:11:09 +0200, Pali Roh?r wrote: > Still I want read/write access to storage and want to use mbox as > storage (also for easier backup and copy)... 1. backup is actually much easier for maildir. 2. especially when you want to deleting mails in the mbox file it is a lot of rewriting data. compared to just unlinking the files. > And my question was how to properly read and write from/to mbox files > which are used by dovecot. Through the imap protocol or at least the same locking mechanism configured in dovecot. darix -- openSUSE - SUSE Linux is my linux openSUSE is good for you www.opensuse.org From pali.rohar at gmail.com Mon Jun 8 21:21:44 2015 From: pali.rohar at gmail.com (Pali =?utf-8?q?Roh=C3=A1r?=) Date: Mon, 8 Jun 2015 23:21:44 +0200 Subject: Dovecot mbox & other programs In-Reply-To: <20150608211750.GK2722@nordisch.org> References: <201506061901.29188@pali> <201506082311.09349@pali> <20150608211750.GK2722@nordisch.org> Message-ID: <201506082321.44278@pali> On Monday 08 June 2015 23:17:50 Marcus Rueckert wrote: > Through the imap protocol or at least the same locking mechanism > configured in dovecot. > It is which locking mechanism? It is really ok for dovecot to: 1) append (new) emails into mbox file? 2) edit mbox file? (e.g. change some header/body) -- Pali Roh?r pali.rohar at gmail.com -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: This is a digitally signed message part. URL: From gfinch at ldmltd.ca Mon Jun 8 21:31:53 2015 From: gfinch at ldmltd.ca (Gregory Finch) Date: Mon, 08 Jun 2015 14:31:53 -0700 Subject: Dovecot mbox & other programs In-Reply-To: <201506082321.44278@pali> References: <201506061901.29188@pali> <201506082311.09349@pali> <20150608211750.GK2722@nordisch.org> <201506082321.44278@pali> Message-ID: <557609C9.3000805@ldmltd.ca> On 2015-06-08 2:21 PM, Pali Roh?r wrote: > On Monday 08 June 2015 23:17:50 Marcus Rueckert wrote: >> Through the imap protocol or at least the same locking mechanism >> configured in dovecot. >> > It is which locking mechanism? > > It is really ok for dovecot to: > 1) append (new) emails into mbox file? > 2) edit mbox file? (e.g. change some header/body) > http://wiki2.dovecot.org/MailboxFormat/mbox#Locking -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From jtam.home at gmail.com Mon Jun 8 21:35:08 2015 From: jtam.home at gmail.com (Joseph Tam) Date: Mon, 8 Jun 2015 14:35:08 -0700 (PDT) Subject: Dovecot mbox & other programs In-Reply-To: References: Message-ID: Pali Roh?r writes: > Still I want read/write access to storage and want to use mbox as > storage (also for easier backup and copy)... Backup performance may be another big win for Maildir, especially for incremental backups. Be that as it may ... > And my question was how to properly read and write from/to mbox files > which are used by dovecot. Dovecot mailbox indices are self-healing: indices should be rengenerated automatically when the mailbox is out of sync with regards to the indices. There may be a few complaints in the mail logs about it (e.g. UIDVALIDITY changes), but they are mostly harmless. Joseph Tam From troeder at univention.de Tue Jun 9 07:55:40 2015 From: troeder at univention.de (=?UTF-8?B?RGFuaWVsIFRyw7ZkZXI=?=) Date: Tue, 09 Jun 2015 09:55:40 +0200 Subject: Dovecot mbox & other programs In-Reply-To: <201506061901.29188@pali> References: <201506061901.29188@pali> Message-ID: <55769BFC.5040800@univention.de> Pretty sure [s]he's a troll: Every assumption [s]he's written until now has been wrong and there was not even the attempt to show data/information that supports the claims. That communication form is usually intentional to provoke discussion. Further CCing to his/her email should stop, s/he can just subscribe. Am 06.06.2015 um 19:01 schrieb Pali Roh?r: > What is correct way to read those mboxes? > And what is correct way to modify that mbox file Really simple - just 9 pages: http://tools.ietf.org/html/rfc4155 > I would like to configure mutt on server to directly > access those mbox mailboxes without need to use imap protocol (over > localhost). It is possible without any data/message damage? # man mutt # mutt -f /var/mail/... Greetings Daniel -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From pali.rohar at gmail.com Tue Jun 9 08:17:23 2015 From: pali.rohar at gmail.com (Pali =?utf-8?B?Um9ow6Fy?=) Date: Tue, 9 Jun 2015 10:17:23 +0200 Subject: Dovecot mbox & other programs In-Reply-To: <55769BFC.5040800@univention.de> References: <201506061901.29188@pali> <55769BFC.5040800@univention.de> Message-ID: <20150609081723.GA31071@pali> Excuse me... But I start thinking rude behaviour and trolling from you side. On Tuesday 09 June 2015 09:55:40 Daniel Tr?der wrote: > Pretty sure [s]he's a troll: Every assumption [s]he's written until now > has been wrong and there was not even the attempt to show > data/information that supports the claims. > That communication form is usually intentional to provoke discussion. > > Further CCing to his/her email should stop, s/he can just subscribe. > > Am 06.06.2015 um 19:01 schrieb Pali Roh?r: > > What is correct way to read those mboxes? > > And what is correct way to modify that mbox file > Really simple - just 9 pages: http://tools.ietf.org/html/rfc4155 > > > I would like to configure mutt on server to directly > > access those mbox mailboxes without need to use imap protocol (over > > localhost). It is possible without any data/message damage? > # man mutt > # mutt -f /var/mail/... > > Greetings > Daniel > I already read dovecot mailing list page [1] and there is written that I can post messages to list even without subscribing. And all well behaved mailing list send response also to original sender. Otherwise such mailing list is useless for people who are not subscribed (it is just /dev/null). I though that ML used by people who understand emails very well do not do such useless things for senders... I'm really disappointed about you -- dovecot people on ML -- I have just asked clear question about mbox storage format because I did not find everything on dovecot wiki page [2] and I wanted to be sure how it is working... And I thought that dovecot mailing list is good place where people could answer my question how is dovecot using mbox storage. And every response was either not to my question or your which just marked me as troll who should not even post messages to this list. I do not want to continue this discussion about trolling... as there is no value from it. I really do not understand what do you have against me. Thanks. [1] - http://www.dovecot.org/mailinglists.html [2] - http://wiki2.dovecot.org/MailboxFormat/mbox -- Pali Roh?r pali.rohar at gmail.com From Hajo.Locke at gmx.de Tue Jun 9 12:32:51 2015 From: Hajo.Locke at gmx.de (Hajo Locke) Date: Tue, 09 Jun 2015 14:32:51 +0200 Subject: special_use \Archive not working with some foldernames Message-ID: <5576DCF3.501@gmx.de> Hello list, i use dovecot 2.2.18 compiled on my own and want to report an odd behaviour when using a folder for special_use \Archive. In my case it is not working when using some special foldernames (mbox). I compared to version 2.2.15 which i found pre-packaged on launchpad.net, same behaviour. All other special_use Folder work like expected. My situation: We authenticate users using mysql-db. also we allow users to store individuell special_use settings in db. this is a way which was recommended by this mailinglist some years ago. we use a password_query like this: password_query = SELECT `inbox` as `user`, `password`, `home` as userdb_home, `uid` AS userdb_uid, `gid` AS userdb_gid, `userdb_import` AS userdb_userdb_import FROM `mail_users` WHERE `login` = '%u' AND `active`='Y' typical column in db looks like this: | username | cryptedpass | path | inboxname | uid | gid | Y | namespace/inbox/mailbox=Sent namespace/inbox/mailbox/Sent/name=Gesendet namespace/inbox/mailbox/Sent/auto=subscribe namespace/inbox/mailbox/Sent/special_use=\Sent namespace/inbox/mailbox=Drafts namespace/inbox/mailbox/Drafts/name=Entw??rfe namespace/inbox/mailbox/Drafts/auto=subscribe namespace/inbox/mailbox/Drafts/special_use=\Drafts namespace/inbox/mailbox=Trash namespace/inbox/mailbox/Trash/name=Papierkorb namespace/inbox/mailbox/Trash/auto=subscribe namespace/inbox/mailbox/Trash/special_use=\Trash namespace/inbox/mailbox=Junk namespace/inbox/mailbox/Junk/name=Spam namespace/inbox/mailbox/Junk/auto=subscribe namespace/inbox/mailbox/Junk/special_use=\Junk namespace/inbox/mailbox=Archives namespace/inbox/mailbox/Archives/name=Archiv namespace/inbox/mailbox/Archives/auto=subscribe namespace/inbox/mailbox/Archives/special_use=\Archive | Now i noticed that in this case the folder Archiv was not binded to special_use \Archive: * LIST (\NoInferiors \UnMarked \Junk) "/" Spam * LIST (\NoInferiors \UnMarked \Drafts) "/" Entw&APw-rfe * LIST (\NoInferiors \UnMarked \Sent) "/" Gesendet * LIST (\NoInferiors \UnMarked \Trash) "/" Papierkorb * LIST (\NoInferiors \UnMarked) "/" Archiv * LIST (\HasNoChildren) "/" INBOX If i change the name of folder which is binded to special_use \Archive its working again, no other changes: * LIST (\NoInferiors \UnMarked \Archive) "/" Archiviu or a shorter one: * LIST (\HasNoChildren \Archive) "/" Arc It works in most cases, it is not working if i have chosen name "Archiv". It seems also that autocreating of folder is not working if name is "Archiv". I activated the debug settings but was not helpful. Looks the same in all cases: Debug: Added userdb setting: namespace/inbox/mailbox=Archives Debug: Added userdb setting: namespace/inbox/mailbox/Archives/auto=subscribe Debug: Added userdb setting: namespace/inbox/mailbox/Archives/name=Arc Debug: Added userdb setting: namespace/inbox/mailbox/Archives/special_use=\Archive or: Debug: Added userdb setting: namespace/inbox/mailbox=Archives Debug: Added userdb setting: namespace/inbox/mailbox/Archives/auto=subscribe Debug: Added userdb setting: namespace/inbox/mailbox/Archives/name=Archiviu Debug: Added userdb setting: namespace/inbox/mailbox/Archives/special_use=\Archive or the not working one: Debug: Added userdb setting: namespace/inbox/mailbox=Archives Debug: Added userdb setting: namespace/inbox/mailbox/Archives/auto=subscribe Debug: Added userdb setting: namespace/inbox/mailbox/Archives/name=Archiv Debug: Added userdb setting: namespace/inbox/mailbox/Archives/special_use=\Archive I have no idea what is going wrong here. I have no further hints in my logs. What to do now? Any ideas? Thanks, Hajo From CMarcus at Media-Brokers.com Tue Jun 9 12:36:48 2015 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Tue, 09 Jun 2015 08:36:48 -0400 Subject: Dovecot mbox & other programs In-Reply-To: <201506082311.09349@pali> References: <201506061901.29188@pali> <20150608124812.GH12078@pali> <20150608210626.GI2722@nordisch.org> <201506082311.09349@pali> Message-ID: <5576DDE0.5090801@Media-Brokers.com> On 6/8/2015 5:11 PM, Pali Roh?r wrote: > Still I want read/write access to storage and want to use mbox as > storage (also for easier backup and copy)... > > And my question was how to properly read and write from/to mbox files > which are used by dovecot. There is no method for doing this. Any manual/direct manipulation of the files risks serious problems. Fyi, your 'fears' regarding using the IMAP protocol on localhost are seriously unfounded. Just use IMAP, and move on with your life. From CMarcus at Media-Brokers.com Tue Jun 9 12:44:06 2015 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Tue, 09 Jun 2015 08:44:06 -0400 Subject: Dovecot mbox & other programs In-Reply-To: <5576DDE0.5090801@Media-Brokers.com> References: <201506061901.29188@pali> <20150608124812.GH12078@pali> <20150608210626.GI2722@nordisch.org> <201506082311.09349@pali> <5576DDE0.5090801@Media-Brokers.com> Message-ID: <5576DF96.3040203@Media-Brokers.com> On 6/9/2015 8:36 AM, Charles Marcus wrote: > On 6/8/2015 5:11 PM, Pali Roh?r wrote: >> Still I want read/write access to storage and want to use mbox as >> storage (also for easier backup and copy)... >> >> And my question was how to properly read and write from/to mbox files >> which are used by dovecot. > There is no method for doing this. Guess that should have read: There is no 'proper' or safe way for doing this. From pali.rohar at gmail.com Tue Jun 9 13:05:25 2015 From: pali.rohar at gmail.com (Pali =?utf-8?B?Um9ow6Fy?=) Date: Tue, 9 Jun 2015 15:05:25 +0200 Subject: Dovecot mbox & other programs In-Reply-To: <5576DF96.3040203@Media-Brokers.com> References: <201506061901.29188@pali> <20150608124812.GH12078@pali> <20150608210626.GI2722@nordisch.org> <201506082311.09349@pali> <5576DDE0.5090801@Media-Brokers.com> <5576DF96.3040203@Media-Brokers.com> Message-ID: <20150609130525.GE31071@pali> On Tuesday 09 June 2015 08:44:06 Charles Marcus wrote: > On 6/9/2015 8:36 AM, Charles Marcus wrote: > > On 6/8/2015 5:11 PM, Pali Roh??r wrote: > >> Still I want read/write access to storage and want to use mbox as > >> storage (also for easier backup and copy)... > >> > >> And my question was how to properly read and write from/to mbox files > >> which are used by dovecot. > > There is no method for doing this. > > Guess that should have read: > > There is no 'proper' or safe way for doing this. > Ok, thanks for information! Anyway I think that for atomic/snapshot read of mbox file should be ok (when lock is not acquired by dovecot). Or not? And which emails in mbox are used only internally by dovecot? Only those which have X-IMAPbase header? Or are there any other emails which should I ignore when I parse mbox file (for read access)? -- Pali Roh?r pali.rohar at gmail.com From tom at whyscream.net Tue Jun 9 16:16:43 2015 From: tom at whyscream.net (Tom Hendrikx) Date: Tue, 09 Jun 2015 18:16:43 +0200 Subject: Dovecot mbox & other programs In-Reply-To: <20150609130525.GE31071@pali> References: <201506061901.29188@pali> <20150608124812.GH12078@pali> <20150608210626.GI2722@nordisch.org> <201506082311.09349@pali> <5576DDE0.5090801@Media-Brokers.com> <5576DF96.3040203@Media-Brokers.com> <20150609130525.GE31071@pali> Message-ID: <5577116B.8020500@whyscream.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 09-06-15 15:05, Pali Roh?r wrote: > On Tuesday 09 June 2015 08:44:06 Charles Marcus wrote: >> On 6/9/2015 8:36 AM, Charles Marcus >> wrote: >>> On 6/8/2015 5:11 PM, Pali Roh??r wrote: >>>> Still I want read/write access to storage and want to use >>>> mbox as storage (also for easier backup and copy)... >>>> >>>> And my question was how to properly read and write from/to >>>> mbox files which are used by dovecot. >>> There is no method for doing this. >> >> Guess that should have read: >> >> There is no 'proper' or safe way for doing this. >> > > Ok, thanks for information! > > Anyway I think that for atomic/snapshot read of mbox file should be > ok (when lock is not acquired by dovecot). Or not? > > And which emails in mbox are used only internally by dovecot? Only > those which have X-IMAPbase header? Or are there any other emails > which should I ignore when I parse mbox file (for read access)? > It's a standard, so you can read up on it: http://lmgtfy.com/?q=mbox+format+standard -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJVdxFqAAoJEJPfMZ19VO/1+mcQAIOPXatJ5GiyET5MtrMfjf9m TiDL7LeddP8/ALfUogMS0HjlB35rRYsXPm7t+l8pCoconVPz2y1R8nNV1PxZj3H0 zfuX/UqskbEsRgQUlV7mrnqZllI3HdaEMuoFqEzI4rpA06PgTFC3yM/2gzVB3Vuq 0miPMy7GokaaaEb62vG7gUbdpAxGYcvuzcRpRIayx/VGuCJT6H3ZCcOSo3vINArR ZBKC7hzFsp5mu+mEdR3cl3+7tmCV/pxgbxvZEB93hOFZOdNdZaVGH4oSeLjcxULa S9kNQFVq9qH4EsOL6M1r2I9GFLTJtVxCRVlb5ay56QW8tzeVUCHRY+f/zfpIaCub 3aOc09/BRQKmRaL6iftzK34rI65HjVync/6Iq2OpTxolK1Ftr9Q8595UPxjmVfXC SHG5NsjhkN1ZYZID/j0EAtCBXd876cqjVhWD5xCEu2Ot+9SDZBTzOc6IHU00uy/U 0h6kMry0lkW+YncsKDJXQiqzhkD0wiMxV9PaH8Q0QzA3hV4eMRRqXWKSOODHmWbZ m+/S81ehnXuzlR1jzGcJ/6FddXr47DsIZYxrjrbIIHg5gNqPct9AH4rzyVRb2IPt s9YXJPUFlDjRiYxb8RE5x7339KhCYpllZ4kNdTvh9GlIrcHqXI/mYjOE8uR7cr7H axHx+tjYyD6YjlkFLei0 =9jDh -----END PGP SIGNATURE----- From mihai at badici.ro Wed Jun 10 06:46:35 2015 From: mihai at badici.ro (Mihai Badici) Date: Wed, 10 Jun 2015 09:46:35 +0300 Subject: can't enable sieve on ubuntu trusty Message-ID: <2403555.Sc0iW4SXU6@hpdesktop> I try to create a sieve rule on a Ubuntu server ( managed by i-mscp) For this rule i need the editheader extension. I edited /etc/dovecot/conf.d/90-sieve.conf and added the following: plugin { #sieve_extensions = +notify +imapflags sieve_extensions = +editheader .... Restarted dovecot and didn't work Looks like the content of 90-sieve.conf is ignored. dovecot -n show no rule activated: dovecot -n # 2.2.9: /etc/dovecot/dovecot.conf # OS: Linux 3.13.0-53-generic x86_64 Ubuntu 14.04.2 LTS auth_mechanisms = plain login cram-md5 digest-md5 disable_plaintext_auth = no mail_location = maildir:~/ mail_plugins = quota managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace inbox { inbox = yes location = prefix = INBOX. separator = . type = private } passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } plugin { autocreate = Trash autocreate2 = Spam autocreate3 = Deffered autocreate4 = Whatever autosubscribe = Trash autosubscribe2 = Spam autosubscribe3 = Deffered quota = maildir:User quota quota_rule = *:storage=1GB quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u } protocols = " imap lmtp sieve pop3" service auth { unix_listener auth-master { mode = 0600 user = vmail } } service quota-warning { executable = script /var/www/imscp/engine/quota/imscp-dovecot-quota.sh group = imscp unix_listener quota-warning { mode = 0600 user = vmail } } ssl_cert = I hope I'm asking this on the right list, in the right place. I go through this every three years and for whatever reason keep forgetting to record how this works! In the Dovecot config, there are two places to define SSL certificates--ssl_cert_file and ssl_key_file. My question is this: Which two of the three files--the certifying authority, the signed certificate for the specific system, and the private certificate file--are combined to create the file that goes with ssl_cert_file? Since there are six possible permutations to answer this question (because order of files matters), which two go with ssl_crt_file and in what order? I have a private certificate file, the certifying authority's .CRT file, and the certifying authority's signed .PEM file which contains the system's certified certificate. Thanks in advance. From jost+lists at dimejo.at Wed Jun 10 13:04:52 2015 From: jost+lists at dimejo.at (Alex JOST) Date: Wed, 10 Jun 2015 15:04:52 +0200 Subject: Order of keys In-Reply-To: References: Message-ID: <557835F4.3070300@dimejo.at> Am 10.06.2015 um 13:53 schrieb Steve Matzura: > I hope I'm asking this on the right list, in the right place. I go > through this every three years and for whatever reason keep forgetting > to record how this works! > > In the Dovecot config, there are two places to define SSL > certificates--ssl_cert_file and ssl_key_file. My question is this: > Which two of the three files--the certifying authority, the signed > certificate for the specific system, and the private certificate > file--are combined to create the file that goes with ssl_cert_file? > Since there are six possible permutations to answer this question > (because order of files matters), which two go with ssl_crt_file and > in what order? I have a private certificate file, the certifying > authority's .CRT file, and the certifying authority's signed .PEM file > which contains the system's certified certificate. > > Thanks in advance. > The private certificate is separate and defined by "ssl_key". The signed certificate for your domain and the CA's intermediate certificate are combined in 1 file and defined by "ssl_cert". The signed certificate is placed at top and the intermediate certificate next. -- Alex JOST From sca at andreasschulze.de Wed Jun 10 13:48:29 2015 From: sca at andreasschulze.de (A. Schulze) Date: Wed, 10 Jun 2015 15:48:29 +0200 Subject: suggestion: avoid help keeping XP alive Message-ID: <20150610154829.Horde.7YdJxG5cHWINr-IYLHcqBTX@andreasschulze.de> Hello, if possible encourage people to update then helping them keeping horribly outdated XP + OE still alive... Thanks Andreas From number6 at noisynotes.com Wed Jun 10 16:22:45 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Wed, 10 Jun 2015 12:22:45 -0400 Subject: Error starting 1.0.15 with SSL_DISABLE=No Message-ID: <3lognaleqpbpg7mhar7msulifpke48qk1n@4ax.com> When starting Dovecot 1.0.15 after building it from source using the standard procedure, I receive the following message when starting, even though SLL_DISABLE=No: Error: SSL support not compiled in but ssl_disable=no Fatal: Invalid configuration in /usr/local/etc/dovecot.conf How is SSL support configured and built in? I know it has something to do with the --SSL_CFLAGS flag. From darix at opensu.se Wed Jun 10 16:38:11 2015 From: darix at opensu.se (Marcus Rueckert) Date: Wed, 10 Jun 2015 18:38:11 +0200 Subject: Error starting 1.0.15 with SSL_DISABLE=No In-Reply-To: <3lognaleqpbpg7mhar7msulifpke48qk1n@4ax.com> References: <3lognaleqpbpg7mhar7msulifpke48qk1n@4ax.com> Message-ID: <20150610163811.GL2722@nordisch.org> On 2015-06-10 12:22:45 -0400, Steve Matzura wrote: > When starting Dovecot 1.0.15 after building it from source using the > standard procedure, I receive the following message when starting, > even though SLL_DISABLE=No: > > Error: SSL support not compiled in but ssl_disable=no > Fatal: Invalid configuration in /usr/local/etc/dovecot.conf > > How is SSL support configured and built in? I know it has something to > do with the --SSL_CFLAGS flag. it is a build time thing. also 1.0.15?! you know latest is 2.2.18. just saying -- openSUSE - SUSE Linux is my linux openSUSE is good for you www.opensuse.org From number6 at noisynotes.com Thu Jun 11 12:24:47 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Thu, 11 Jun 2015 08:24:47 -0400 Subject: Error starting 1.0.15 with SSL_DISABLE=No In-Reply-To: <20150610163811.GL2722@nordisch.org> References: <3lognaleqpbpg7mhar7msulifpke48qk1n@4ax.com> <20150610163811.GL2722@nordisch.org> Message-ID: <7dvinap5v3nf7dqcduvtedrjmmqm7hqj69@4ax.com> Mark: On Wed, 10 Jun 2015 18:38:11 +0200, you wrote: >On 2015-06-10 12:22:45 -0400, Steve Matzura wrote: >> When starting Dovecot 1.0.15 after building it from source using the >> standard procedure, I receive the following message when starting, >> even though SLL_DISABLE=No: >> >> Error: SSL support not compiled in but ssl_disable=no >> Fatal: Invalid configuration in /usr/local/etc/dovecot.conf >> >> How is SSL support configured and built in? I know it has something to >> do with the --SSL_CFLAGS flag. > >it is a build time thing. also 1.0.15?! you know latest is 2.2.18. Yes, and it's quite likely that I'll wind up going there anyway, but I thought to put 1.0.15 in because it's what we already have running on the old system. I think I'm going to trash that idea and go for the current version. Which then begs the question, how are manually installed (i.e., configured and built from source) versions removed correctly? From number6 at noisynotes.com Thu Jun 11 14:03:06 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Thu, 11 Jun 2015 10:03:06 -0400 Subject: What became of dovecot.passwd? Message-ID: Since I've decided to go to version 2, which is a lot more difficult to set up because I have to look in a lot more places than I did with version 1.0.15, what do I do with the old dovecot/passwd or its contents? I see no references to it in any of the stuff in conf.d or doc/dovecot/wiki. As always, thanks in advance. From barraudu at tiscali.it Thu Jun 11 14:03:12 2015 From: barraudu at tiscali.it (brd) Date: Thu, 11 Jun 2015 16:03:12 +0200 Subject: NFSv4 delegation Message-ID: <20150611140312.GE21542@tiscali.com> hi all, i'm managing a large installation of a dovecot cluster in director + NFS backend architecture and we are moving from NFSv3 to NFSv4. Our NFS server is a Netapp in clustered mode and reading technical specs of NFSv4 delegation feature it seems that enabling delegation in this type of dovecot architecture should bring great benefits: only one backend server access a specific mailbox at a time (even deliveries are managed by director hashing via LMTP) so the getattr rpc calls should decrease significantly while the risk of conflicting delegations is very low (impacting negatively on the benefits obtainable). Can anyone confirm this hypothesis? I've heard that the linux implementation of NFSv4 delegation is mature only for read delegation (and not yet for write delegation): is this true? And, if true, could this fact limit the benefits of activating NFS delegation feature? Best regards -brd From andre at digirati.com.br Thu Jun 11 14:19:45 2015 From: andre at digirati.com.br (Andre Nathan) Date: Thu, 11 Jun 2015 11:19:45 -0300 Subject: Replication: "cross-updates" of mail meta-data Message-ID: <55799901.1090206@digirati.com.br> Hello I have a two-server dovecot setup using replication. Each server runs two dovecot instances, one for director and another for the backend. Initially I set up a single server, got it all working, then rsync'd the data and index partitions to the new one and started the clusters (I used rsync as a way to speed-up dovecot's initial replication). Both servers listen on a virtual IP addresses load-balanced by IPVS as well as their own IP addresses. When I started dovecot in the second server, users started reporting that some of their messages were missing. I noticed that while the mail data seemed to be up to date in server1, it wasn't in server2; however, the indexes were being updated in server2 but not in server1. For example, "doveadm quota get -u some-user" would report the wrong value in server1 and the right value in server2, while a "du" would show that only server1 actually had the most up-to-date data. At the moment I had to take down server2, because as soon as dovecot is running in it, users start reporting missing messages again. To solve that problem, a "doveadm force-resync" in server1 isn't enough. I either rsync the index files from server2 or remove the indexes in server1 before the force-resync, which then works. Has anyone ever saw anything similar to this? Any help would be much appreciated. I'm running Ubuntu 14.04 with dovecot 2.2.15 with the configurations below: === Backend instance === # dovecot -n # 2.2.15: /etc/dovecot/dovecot.conf # OS: Linux 3.16.0-37-generic x86_64 Ubuntu 14.04.2 LTS auth_master_user_separator = * auth_mechanisms = plain login auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@= auth_worker_max_count = 10 disable_plaintext_auth = no doveadm_password = secret doveadm_port = 12345 listen = server1.mydomain.com mail_fsync = never mail_gid = dovemail mail_plugins = " notify replication quota" mail_uid = dovemail managesieve_sieve_capability = fileinto reject envelope vacation subaddress comparator-i;ascii-numeric relational regex copy include vacation-seconds imapflags notify namespace { inbox = yes location = mailbox SPAM { auto = subscribe } prefix = separator = / type = private } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } passdb { args = /etc/dovecot/dovecot-sql-master.conf.ext driver = sql master = yes pass = yes } plugin { mail_replica = tcp:192.168.0.2:12345 # server2's replication IP quota = dict:User quota::file:/var/lib/imap/user/%2.256RHn/%n/dovecot-quota quota_rule = *:storage=1GB sieve = /var/lib/imap/sieve/%2.256RHn/%n/dovecot.sieve sieve_dir = /var/lib/imap/sieve/%2.256RHn/%n sieve_extensions = comparator-i;ascii-numeric copy envelope fileinto imapflags include notify regex reject relational subaddress vacation-seconds sieve_max_redirects = 20 sieve_max_script_size = 512KB sieve_quota_max_scripts = 2 sieve_vacation_min_period = 1 sieve_vacation_send_from_recipient = yes } protocols = imap pop3 lmtp sieve replication_dsync_parameters = -f -d -N -l 30 -U service aggregator { fifo_listener replication-notify-fifo { group = dovemail mode = 0666 user = dovemail } unix_listener replication-notify { group = dovemail mode = 0666 user = dovemail } } service auth-worker { user = $default_internal_user } service auth { client_limit = 10240 process_limit = 1 process_min_avail = 1 } service doveadm { inet_listener { address = 192.168.0.1 port = 12345 } vsz_limit = 1 G } service imap { process_limit = 8192 process_min_avail = 10 } service lmtp { inet_listener { address = lmtpcluster.internal.mydomain.com, server1.internal.mydomain.com port = 1124 } process_limit = 512 process_min_avail = 10 } service managesieve-login { inet_listener sieve { address = lmtpcluster.internal.mydomain.com, server1.internal.mydomain.com port = 4190 } } service managesieve { process_limit = 20 process_min_avail = 10 } service pop3 { process_limit = 512 process_min_avail = 10 } service replicator { process_min_avail = 1 unix_listener replicator-doveadm { group = dovemail mode = 0666 user = dovemail } } ssl_cert = From number6 at noisynotes.com Thu Jun 11 15:09:20 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Thu, 11 Jun 2015 11:09:20 -0400 Subject: What became of dovecot.passwd? In-Reply-To: References: Message-ID: passwd solved. From daniel at dhag.net Thu Jun 11 15:17:24 2015 From: daniel at dhag.net (Daniel Funke) Date: Thu, 11 Jun 2015 17:17:24 +0200 Subject: how to doveadm search from "<>" (null sender)? Message-ID: <5579A684.3020909@dhag.net> Hi, I tried to search for mailer daemon messages but can't find a syntax for the null sender. all these does not work: doveadm -u xxx from "<>" doveadm -u xxx from <> doveadm -u xxx from "" any ideas? Thank you Daniel From number6 at noisynotes.com Thu Jun 11 16:03:55 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Thu, 11 Jun 2015 12:03:55 -0400 Subject: LDA versus LMTP Message-ID: <9ebjnatscesm96edb3vmmgfrcg400nl1pk@4ax.com> My system has a great big four users. The Dovecot wiki says LMTP is more efficient, and someone on IRC told me I'd need it if I were ever to use sieve, which at this time I have no intention of doing. Should I stick with LDA, or just implement LMTP so I'm ready if ever I need it in the future? The bottom line is, it's unclear from the wiki how to explicitly specify use of one or the other, so that's my question. From symbiat at gmail.com Thu Jun 11 19:14:31 2015 From: symbiat at gmail.com (Ajai Khattri) Date: Thu, 11 Jun 2015 15:14:31 -0400 Subject: LDA versus LMTP In-Reply-To: <9ebjnatscesm96edb3vmmgfrcg400nl1pk@4ax.com> References: <9ebjnatscesm96edb3vmmgfrcg400nl1pk@4ax.com> Message-ID: Im using Dovecot for LMTP for all my mail users, since this way they are completely virtual (i.e. dont need to have a local account at all), all mail gets delivered to Maildirs owned by dovecot. Also LMTP makes it easier to insert scripts and do any custom processing which presumably is where Sieve comes in. Its also pretty easy to setup. On Thu, Jun 11, 2015 at 12:03 PM, Steve Matzura wrote: > My system has a great big four users. The Dovecot wiki says LMTP is > more efficient, and someone on IRC told me I'd need it if I were ever > to use sieve, which at this time I have no intention of doing. Should > I stick with LDA, or just implement LMTP so I'm ready if ever I need > it in the future? The bottom line is, it's unclear from the wiki how > to explicitly specify use of one or the other, so that's my question. > -- Aj. Facebook Enoland From number6 at noisynotes.com Fri Jun 12 01:51:49 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Thu, 11 Jun 2015 21:51:49 -0400 Subject: LDA versus LMTP In-Reply-To: References: <9ebjnatscesm96edb3vmmgfrcg400nl1pk@4ax.com> Message-ID: On Thu, 11 Jun 2015 15:14:31 -0400, Ajai Khattri wrote: >Im using Dovecot for LMTP for all my mail users, since this way they are >completely virtual (i.e. dont need to have a local account at all), all >mail gets delivered to Maildirs owned by dovecot. Also LMTP makes it easier >to insert scripts and do any custom processing which presumably is where >Sieve comes in. Its also pretty easy to setup. Sounds like that's what I should be doing. OK, so how is Dovecot told to use LMTP instead of LDA? I must not be understanding something about what's in either 15-lda.conf or 20-lmtp.conf. From edgar at pettijohn-web.com Fri Jun 12 03:27:43 2015 From: edgar at pettijohn-web.com (Edgar Pettijohn III) Date: Thu, 11 Jun 2015 22:27:43 -0500 Subject: LDA versus LMTP In-Reply-To: References: <9ebjnatscesm96edb3vmmgfrcg400nl1pk@4ax.com> Message-ID: <2A5C55DE-A0D6-47CD-A276-049CB8382868@pettijohn-web.com> On Jun 11, 2015, at 8:51 PM, Steve Matzura wrote: > On Thu, 11 Jun 2015 15:14:31 -0400, Ajai Khattri > wrote: > >> Im using Dovecot for LMTP for all my mail users, since this way they are >> completely virtual (i.e. dont need to have a local account at all), all >> mail gets delivered to Maildirs owned by dovecot. Also LMTP makes it easier >> to insert scripts and do any custom processing which presumably is where >> Sieve comes in. Its also pretty easy to setup. > > Sounds like that's what I should be doing. OK, so how is Dovecot told > to use LMTP instead of LDA? I must not be understanding something > about what's in either 15-lda.conf or 20-lmtp.conf. You have to configure your mta to deliver to lmtp instead of lda. From troeder at univention.de Fri Jun 12 07:24:40 2015 From: troeder at univention.de (=?windows-1252?Q?Daniel_Tr=F6der?=) Date: Fri, 12 Jun 2015 09:24:40 +0200 Subject: LDA versus LMTP In-Reply-To: <2A5C55DE-A0D6-47CD-A276-049CB8382868@pettijohn-web.com> References: <9ebjnatscesm96edb3vmmgfrcg400nl1pk@4ax.com> <2A5C55DE-A0D6-47CD-A276-049CB8382868@pettijohn-web.com> Message-ID: <557A8938.6010504@univention.de> Am 12.06.2015 um 05:27 schrieb Edgar Pettijohn III: > > On Jun 11, 2015, at 8:51 PM, Steve Matzura wrote: > >> On Thu, 11 Jun 2015 15:14:31 -0400, Ajai Khattri >> wrote: >> >>> Im using Dovecot for LMTP for all my mail users, since this way they are >>> completely virtual (i.e. dont need to have a local account at all), all >>> mail gets delivered to Maildirs owned by dovecot. Also LMTP makes it easier >>> to insert scripts and do any custom processing which presumably is where >>> Sieve comes in. Its also pretty easy to setup. >> >> Sounds like that's what I should be doing. OK, so how is Dovecot told >> to use LMTP instead of LDA? I must not be understanding something >> about what's in either 15-lda.conf or 20-lmtp.conf. > > You have to configure your mta to deliver to lmtp instead of lda. Just follow the instructions in http://wiki2.dovecot.org/HowTo/PostfixDovecotLMTP and it should just work(TM). In case you want to use the Dovecots SASL implementation instead of Cyrus' (http://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL), I did additionally add this to my Postfix main.cf ---- smtp_sasl_type = dovecot lmtp_sasl_type = dovecot smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth ---- Greetings Daniel -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From Philipp.Faeustlin at uni-hohenheim.de Fri Jun 12 07:54:49 2015 From: Philipp.Faeustlin at uni-hohenheim.de (Philipp Faeustlin) Date: Fri, 12 Jun 2015 09:54:49 +0200 Subject: how to doveadm search from "<>" (null sender)? In-Reply-To: <5579A684.3020909@dhag.net> References: <5579A684.3020909@dhag.net> Message-ID: <557A9049.7040208@uni-hohenheim.de> Hi, search for null sender in INBOX for me is: doveadm search -u USER mailbox INBOX HEADER Return-Path '<>' because in my received mails the Header field "Return-Path" contains the envelop sender. Other way is to search for MAILER-DAEMON in from field: doveadm search -u USER mailbox INBOX from 'MAILER-DAEMON at DOMAIN' Philipp Am 11.06.2015 um 17:17 schrieb Daniel Funke: > Hi, > > I tried to search for mailer daemon messages but can't find a syntax for > the null sender. > > all these does not work: > doveadm -u xxx from "<>" > doveadm -u xxx from <> > doveadm -u xxx from "" > > any ideas? > > Thank you > Daniel -- Philipp F?ustlin Universit?t Hohenheim Kommunikations-, Informations- und Medienzentrum (630) IT-Dienste | Abt. Kommunikation, E-Learning u. Print | Mail Schloss, Westhof S?d | 70599 Stuttgart Tel.: +49 711 459-22838 | Fax: +49 711 459-23449 https://kim.uni-hohenheim.de/ From nick+dovecot at bunbun.be Fri Jun 12 09:19:59 2015 From: nick+dovecot at bunbun.be (Nick Rosier) Date: Fri, 12 Jun 2015 11:19:59 +0200 Subject: fts_solr Bad Request / BUG: Unknown internal error Message-ID: <916338ff45f3ef202b7b4509756940e8@bunbun.be> Hi, yesterday I created a new mailbox; ever since (and only for the new mailbox) I am getting these errors: 2015-06-12T00:00:29.808526+02:00 mail dovecot: indexer-worker(xxx at example.com): Error: fts_solr: Lookup failed: Bad Request 2015-06-12T00:00:29.808560+02:00 mail dovecot: indexer-worker(xxx at example.com): Error: Mailbox INBOX: Status lookup failed: BUG: Unknown internal error Is this a known issue? Rgds, N. From alessio at skye.it Fri Jun 12 10:02:03 2015 From: alessio at skye.it (Alessio Cecchi) Date: Fri, 12 Jun 2015 12:02:03 +0200 Subject: NFSv4 delegation In-Reply-To: <20150611140312.GE21542@tiscali.com> References: <20150611140312.GE21542@tiscali.com> Message-ID: <557AAE1B.2080906@skye.it> Il 11/06/2015 16:03, brd ha scritto: > hi all, > i'm managing a large installation of a dovecot cluster in director + NFS > backend architecture and we are moving from NFSv3 to NFSv4. Our NFS > server is a Netapp Hi, I'm running a similar configuration, expect for the size (medium), with Dovecot/Director and NetApp (but without clustered mode), mailbox are in Maildir format. Have you already try to run NFSv4? When we switch to netapp and nfsv4 we had many problems (lock problems and instability) and we had to go immediately to NFSv3. I don't know if was a netapp problem or nfs client (Debian with 2.6 kernel), now we are using Centos 6 as NFS client and we should re-try to mount mailbox as nfsv4. Let me know if nfsv4 works fine for you. Ciao -- Alessio Cecchi http://www.linkedin.com/in/alessice From barraudu at tiscali.it Fri Jun 12 11:02:54 2015 From: barraudu at tiscali.it (brd) Date: Fri, 12 Jun 2015 13:02:54 +0200 Subject: NFSv4 delegation In-Reply-To: <557AAE1B.2080906@skye.it> References: <20150611140312.GE21542@tiscali.com> <557AAE1B.2080906@skye.it> Message-ID: <20150612110254.GE21520@tiscali.com> Alessio Cecchi wrote: [...] > Have you already try to run NFSv4? it's in place on a (very) small sample of mailboxes in dbox format, no issues up to now (Debian Wheezy mainline kernel) > When we switch to netapp and nfsv4 we had many problems (lock problems > and instability) and we had to go immediately to NFSv3. I don't know if > was a netapp problem or nfs client (Debian with 2.6 kernel), now we are > using Centos 6 as NFS client and we should re-try to mount mailbox as nfsv4. when you've had problems, the "delegation feature" was active on Netapp filers? (AFAIK it is disabled by default) you had a look here for known bugs? https://kb.netapp.com/support/index?id=3014338&page=content ciao -brd From number6 at noisynotes.com Fri Jun 12 11:04:09 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Fri, 12 Jun 2015 07:04:09 -0400 Subject: LDA versus LMTP In-Reply-To: <2A5C55DE-A0D6-47CD-A276-049CB8382868@pettijohn-web.com> References: <9ebjnatscesm96edb3vmmgfrcg400nl1pk@4ax.com> <2A5C55DE-A0D6-47CD-A276-049CB8382868@pettijohn-web.com> Message-ID: On Thu, 11 Jun 2015 22:27:43 -0500, you wrote: > >On Jun 11, 2015, at 8:51 PM, Steve Matzura wrote: > >> On Thu, 11 Jun 2015 15:14:31 -0400, Ajai Khattri >> wrote: >> >>> Im using Dovecot for LMTP for all my mail users, since this way they are >>> completely virtual (i.e. dont need to have a local account at all), all >>> mail gets delivered to Maildirs owned by dovecot. Also LMTP makes it easier >>> to insert scripts and do any custom processing which presumably is where >>> Sieve comes in. Its also pretty easy to setup. >> >> Sounds like that's what I should be doing. OK, so how is Dovecot told >> to use LMTP instead of LDA? I must not be understanding something >> about what's in either 15-lda.conf or 20-lmtp.conf. > >You have to configure your mta to deliver to lmtp instead of lda. So this gets done in Postfix then? From alessio at skye.it Fri Jun 12 11:13:47 2015 From: alessio at skye.it (Alessio Cecchi) Date: Fri, 12 Jun 2015 13:13:47 +0200 Subject: NFSv4 delegation In-Reply-To: <20150612110254.GE21520@tiscali.com> References: <20150611140312.GE21542@tiscali.com> <557AAE1B.2080906@skye.it> <20150612110254.GE21520@tiscali.com> Message-ID: <557ABEEB.1080402@skye.it> Il 12/06/2015 13:02, brd ha scritto: > Alessio Cecchi wrote: > [...] >> Have you already try to run NFSv4? > it's in place on a (very) small sample of mailboxes in dbox format, no issues > up to now (Debian Wheezy mainline kernel) Good to know, let me know what will be when the load will grow. >> When we switch to netapp and nfsv4 we had many problems (lock problems >> and instability) and we had to go immediately to NFSv3. I don't know if >> was a netapp problem or nfs client (Debian with 2.6 kernel), now we are >> using Centos 6 as NFS client and we should re-try to mount mailbox as nfsv4. > > when you've had problems, the "delegation feature" was active on Netapp > filers? (AFAIK it is disabled by default) Never enabled "delegation feature" on my netapp. Probably my issue was on client side. I had to switch immediately to NFSv3 without being able to investigate the problem. Ciao -- Alessio Cecchi http://www.linkedin.com/in/alessice From shieldfire at gmail.com Fri Jun 12 11:37:19 2015 From: shieldfire at gmail.com (Martin S) Date: Fri, 12 Jun 2015 13:37:19 +0200 Subject: Sorry, another faq Message-ID: I've installed a mailserver according to these instructions: http://www.server-world.info/en/note?os=CentOS_7&p=httpd&f=13 When I try to login to the server through Roundcube webmail I get Connection to storage server failed. So checking on this [12-Jun-2015 11:28:53 +0000]: <6jap13r2> IMAP Error: Login failed for martin from 83.251.209.249. Could not connect to ssl://myserver:993: Permission denied in /usr/share/roundcubemail/program/lib/Roundcube/rcube_imap.php on line 198 (POST /roundcubemail/?.... /etc/roundcubemail/config.inc.php Has the following: $config['default_host'] = 'ssl://mail.myserver.tld'; [address obfuscated] $config['default_port'] = 993; as I understand should be correct. I've been looking at various posts on the net that says the problem is a permission on dovecot, but I fail to find anything to how to fix this as it looks right to me. Any suggestions? /Martin S -- Regards, Martin S From b-dovecot.org at grmbl.net Fri Jun 12 11:46:54 2015 From: b-dovecot.org at grmbl.net (b-dovecot.org at grmbl.net) Date: Fri, 12 Jun 2015 13:46:54 +0200 Subject: Sorry, another faq In-Reply-To: References: Message-ID: <20150612114654.GF52924@mx.grmbl.net> On Fri, Jun 12, 2015 at 01:37:19PM +0200, Martin S wrote: > I've installed a mailserver according to these instructions: > http://www.server-world.info/en/note?os=CentOS_7&p=httpd&f=13 > When I try to login to the server through Roundcube webmail I get > Connection to storage server failed. > > So checking on this > > [12-Jun-2015 11:28:53 +0000]: <6jap13r2> IMAP Error: Login failed for > martin from 83.251.209.249. Could not connect to ssl://myserver:993: > Permission denied in > /usr/share/roundcubemail/program/lib/Roundcube/rcube_imap.php on line > 198 (POST /roundcubemail/?.... > > /etc/roundcubemail/config.inc.php > > Has the following: > $config['default_host'] = 'ssl://mail.myserver.tld'; [address obfuscated] > $config['default_port'] = 993; > > as I understand should be correct. > > I've been looking at various posts on the net that says the problem is > a permission on dovecot, but I fail to find anything to how to fix > this as it looks right to me. > > Any suggestions? What do the dovecot logs say? Can you connect from the roundcube system (via nc/telnet) to mail.myserver.tld port 993? Did you use the right roundcube settings for IMAP login? $rcmail_config['imap_auth_type'] Is your certificate valid? B From number6 at noisynotes.com Fri Jun 12 12:10:17 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Fri, 12 Jun 2015 08:10:17 -0400 Subject: 1.0.15 gone, can't start version 2 Message-ID: On advice/recommendation received on this list, I removed version 1.0.15 with: rm -rf /usr/local/dovecot However, now that I have version 2 properly installed, configured, and ready to start testing with Postfix, it appears the old version is still in /usr/local/sbin, /usr/local/include, /usr/local/libexec, /usr/local/lib and /usr/local/shared/doc. Thinking that anything in /usr/local is something that was installed s a result of having built it from source (which 1.0.15 definitely was), should these also be removed? From tolga at ozses.net Fri Jun 12 12:13:18 2015 From: tolga at ozses.net (Muzaffer Tolga Ozses) Date: Fri, 12 Jun 2015 15:13:18 +0300 Subject: 1.0.15 gone, can't start version 2 In-Reply-To: References: Message-ID: Have you done *make distclean* in prior? That should remove all things dovecot. On 12 June 2015 at 15:10, Steve Matzura wrote: > On advice/recommendation received on this list, I removed version > 1.0.15 with: > > rm -rf /usr/local/dovecot > > However, now that I have version 2 properly installed, configured, and > ready to start testing with Postfix, it appears the old version is > still in /usr/local/sbin, /usr/local/include, /usr/local/libexec, > /usr/local/lib and /usr/local/shared/doc. Thinking that anything in > /usr/local is something that was installed s a result of having built > it from source (which 1.0.15 definitely was), should these also be > removed? > From tolga at ozses.net Fri Jun 12 12:14:03 2015 From: tolga at ozses.net (Muzaffer Tolga Ozses) Date: Fri, 12 Jun 2015 15:14:03 +0300 Subject: 1.0.15 gone, can't start version 2 In-Reply-To: References: Message-ID: I mean, in the source directory. On 12 June 2015 at 15:13, Muzaffer Tolga Ozses wrote: > Have you done *make distclean* in prior? That should remove all things > dovecot. > > On 12 June 2015 at 15:10, Steve Matzura wrote: > >> On advice/recommendation received on this list, I removed version >> 1.0.15 with: >> >> rm -rf /usr/local/dovecot >> >> However, now that I have version 2 properly installed, configured, and >> ready to start testing with Postfix, it appears the old version is >> still in /usr/local/sbin, /usr/local/include, /usr/local/libexec, >> /usr/local/lib and /usr/local/shared/doc. Thinking that anything in >> /usr/local is something that was installed s a result of having built >> it from source (which 1.0.15 definitely was), should these also be >> removed? >> > > From tolga at ozses.net Fri Jun 12 12:53:52 2015 From: tolga at ozses.net (Muzaffer Tolga Ozses) Date: Fri, 12 Jun 2015 15:53:52 +0300 Subject: 1.0.15 gone, can't start version 2 In-Reply-To: <5dllna95qbqht6rviqct7nellpnj5f3so1@4ax.com> References: <5dllna95qbqht6rviqct7nellpnj5f3so1@4ax.com> Message-ID: *make clean* then? On 12 June 2015 at 15:52, Steve Matzura wrote: > On Fri, 12 Jun 2015 15:13:18 +0300, you wrote: > > >Have you done *make distclean* in prior? That should remove all things > >dovecot. > > I tried, but got: > > make: *** No target to make `distclean'. Stop. > From troeder at univention.de Fri Jun 12 13:01:17 2015 From: troeder at univention.de (=?UTF-8?B?RGFuaWVsIFRyw7ZkZXI=?=) Date: Fri, 12 Jun 2015 15:01:17 +0200 Subject: Sorry, another faq In-Reply-To: References: Message-ID: <557AD81D.4080509@univention.de> Am 12.06.2015 um 13:37 schrieb Martin S: > I've installed a mailserver according to these instructions: > http://www.server-world.info/en/note?os=CentOS_7&p=httpd&f=13 > When I try to login to the server through Roundcube webmail I get > Connection to storage server failed. > > So checking on this > > [12-Jun-2015 11:28:53 +0000]: <6jap13r2> IMAP Error: Login failed for > martin from 83.251.209.249. Could not connect to ssl://myserver:993: > Permission denied in > /usr/share/roundcubemail/program/lib/Roundcube/rcube_imap.php on line > 198 (POST /roundcubemail/?.... > > /etc/roundcubemail/config.inc.php > > Has the following: > $config['default_host'] = 'ssl://mail.myserver.tld'; [address obfuscated] > $config['default_port'] = 993; > > as I understand should be correct. > > I've been looking at various posts on the net that says the problem is > a permission on dovecot, but I fail to find anything to how to fix > this as it looks right to me. > > Any suggestions? > > /Martin S > * Test to connect to the IMAP server with telnet first: # telnet mail.myserver.tld 993 If you cannot connect there is a network/firewall problem. If you can connect ? * Switch on all logging options in /etc/dovecot/conf.d/10.-logging.conf and follow the logfiles while trying with thunderbird/fetchmail/roundcube. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From mailinglist at darac.org.uk Fri Jun 12 13:11:21 2015 From: mailinglist at darac.org.uk (Darac Marjal) Date: Fri, 12 Jun 2015 14:11:21 +0100 Subject: Sorry, another faq In-Reply-To: <557AD81D.4080509@univention.de> References: <557AD81D.4080509@univention.de> Message-ID: <20150612131121.GA9703@darac.org.uk> On Fri, Jun 12, 2015 at 03:01:17PM +0200, Daniel Tr?der wrote: > Am 12.06.2015 um 13:37 schrieb Martin S: > > I've installed a mailserver according to these instructions: > > http://www.server-world.info/en/note?os=CentOS_7&p=httpd&f=13 > > When I try to login to the server through Roundcube webmail I get > > Connection to storage server failed. > > > > So checking on this > > > > [12-Jun-2015 11:28:53 +0000]: <6jap13r2> IMAP Error: Login failed for > > martin from 83.251.209.249. Could not connect to ssl://myserver:993: > > Permission denied in > > /usr/share/roundcubemail/program/lib/Roundcube/rcube_imap.php on line > > 198 (POST /roundcubemail/?.... > > > > /etc/roundcubemail/config.inc.php > > > > Has the following: > > $config['default_host'] = 'ssl://mail.myserver.tld'; [address obfuscated] > > $config['default_port'] = 993; > > > > as I understand should be correct. > > > > I've been looking at various posts on the net that says the problem is > > a permission on dovecot, but I fail to find anything to how to fix > > this as it looks right to me. > > > > Any suggestions? > > > > /Martin S > > > * Test to connect to the IMAP server with telnet first: > # telnet mail.myserver.tld 993 > If you cannot connect there is a network/firewall problem. That won't work, as port 993 is IMAPS. "openssl s_client -connect mail.myserver.tld:993" should be considered an equivalent command. > > If you can connect ? > * Switch on all logging options in /etc/dovecot/conf.d/10.-logging.conf > and follow the logfiles while trying with thunderbird/fetchmail/roundcube. > -- For more information, please reread. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 801 bytes Desc: Digital signature URL: From b-dovecot.org at grmbl.net Fri Jun 12 13:15:07 2015 From: b-dovecot.org at grmbl.net (b-dovecot.org at grmbl.net) Date: Fri, 12 Jun 2015 15:15:07 +0200 Subject: Sorry, another faq In-Reply-To: <20150612131121.GA9703@darac.org.uk> References: <557AD81D.4080509@univention.de> <20150612131121.GA9703@darac.org.uk> Message-ID: <20150612131507.GB11975@mx.grmbl.net> On Fri, Jun 12, 2015 at 02:11:21PM +0100, Darac Marjal wrote: > On Fri, Jun 12, 2015 at 03:01:17PM +0200, Daniel Tr?der wrote: > > Am 12.06.2015 um 13:37 schrieb Martin S: > > > > > * Test to connect to the IMAP server with telnet first: > > # telnet mail.myserver.tld 993 > > If you cannot connect there is a network/firewall problem. > > That won't work, as port 993 is IMAPS. "openssl s_client -connect > mail.myserver.tld:993" should be considered an equivalent command. This was meant as a simple check to see if the service was running/firewalled. Not a full login routine. B From number6 at noisynotes.com Fri Jun 12 13:15:24 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Fri, 12 Jun 2015 09:15:24 -0400 Subject: 1.0.15 gone, can't start version 2 In-Reply-To: References: Message-ID: On Fri, 12 Jun 2015 15:13:18 +0300, you wrote: >Have you done *make distclean* in prior? That should remove all things >dovecot. No, because I didn't know about that one. I'll do that forthwith, and thanks. >On 12 June 2015 at 15:10, Steve Matzura wrote: > >> On advice/recommendation received on this list, I removed version >> 1.0.15 with: >> >> rm -rf /usr/local/dovecot >> >> However, now that I have version 2 properly installed, configured, and >> ready to start testing with Postfix, it appears the old version is >> still in /usr/local/sbin, /usr/local/include, /usr/local/libexec, >> /usr/local/lib and /usr/local/shared/doc. Thinking that anything in >> /usr/local is something that was installed s a result of having built >> it from source (which 1.0.15 definitely was), should these also be >> removed? >> From number6 at noisynotes.com Fri Jun 12 13:15:25 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Fri, 12 Jun 2015 09:15:25 -0400 Subject: 1.0.15 gone, can't start version 2 In-Reply-To: References: Message-ID: <9illnadaa9eo4dqevcc4m5079sbn1fg997@4ax.com> On Fri, 12 Jun 2015 15:14:03 +0300, you wrote: >I mean, in the source directory. You mean in the directory where files from the tar were placed? I've unfortunately removed those manually, but then I put them back and tried the make again, still same error. "make: *** No rule to make target `distclean'. Stop. >On 12 June 2015 at 15:13, Muzaffer Tolga Ozses wrote: > >> Have you done *make distclean* in prior? That should remove all things >> dovecot. >> >> On 12 June 2015 at 15:10, Steve Matzura wrote: >> >>> On advice/recommendation received on this list, I removed version >>> 1.0.15 with: >>> >>> rm -rf /usr/local/dovecot >>> >>> However, now that I have version 2 properly installed, configured, and >>> ready to start testing with Postfix, it appears the old version is >>> still in /usr/local/sbin, /usr/local/include, /usr/local/libexec, >>> /usr/local/lib and /usr/local/shared/doc. Thinking that anything in >>> /usr/local is something that was installed s a result of having built >>> it from source (which 1.0.15 definitely was), should these also be >>> removed? >>> >> >> From b-dovecot.org at grmbl.net Fri Jun 12 13:33:49 2015 From: b-dovecot.org at grmbl.net (b-dovecot.org at grmbl.net) Date: Fri, 12 Jun 2015 15:33:49 +0200 Subject: Sorry, another faq In-Reply-To: References: <557AD81D.4080509@univention.de> <20150612131121.GA9703@darac.org.uk> <20150612131507.GB11975@mx.grmbl.net> Message-ID: <20150612133349.GC11975@mx.grmbl.net> On Fri, Jun 12, 2015 at 03:24:32PM +0200, Martin S wrote: > I get > > openssl s_client -connect mail.myserver.tld:993 > connect: Connection refused > connect:errno=111 > > Both from a client laptop and on the roundcube server. > Both roundcube and dovecot are installed on the same server. That should give you a good idea about what's wrong with your setup. http://lmgtfy.com/?q=dovecot+ssl+setup# B From number6 at noisynotes.com Fri Jun 12 15:24:39 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Fri, 12 Jun 2015 11:24:39 -0400 Subject: Error when starting Dovecot Message-ID: After applying some changes to 10-master.conf as detailed at http://wiki2.dovecot.org/HowTo/PostfixDovecotLMTP I receive the following when trying to start: doveconf: Fatal: Error in configuration file /etc/dovecot/conf.d/10-master.conf line 49: Expecting '{' I'm trying to enable LMTP. The instructions say: Socket configuration The actual socket is configured in /etc/dovecot/conf.d/10-master.conf. The LMTP service can be bound to both INET or Unix sockets. In this example a Unix socket is placed inside the Postfix spool with appropriate permissions set: service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } I copied this block and placed it in my copy of 10-master.conf. Line 49 is the first line of this block, and there's clearly a left-brace there. The braces match, too. Thoughts? From fzielcke at z-51.de Fri Jun 12 16:29:00 2015 From: fzielcke at z-51.de (Felix Zielcke) Date: Fri, 12 Jun 2015 18:29:00 +0200 Subject: 1.0.15 gone, can't start version 2 In-Reply-To: <9illnadaa9eo4dqevcc4m5079sbn1fg997@4ax.com> References: <9illnadaa9eo4dqevcc4m5079sbn1fg997@4ax.com> Message-ID: <1434126540.22443.1.camel@z-51.de> Am Freitag, den 12.06.2015, 09:15 -0400 schrieb Steve Matzura: > On Fri, 12 Jun 2015 15:14:03 +0300, you wrote: > > > I mean, in the source directory. > > You mean in the directory where files from the tar were placed? I've > unfortunately removed those manually, but then I put them back and > tried the make again, still same error. "make: *** No rule to make > target `distclean'. Stop. > I haven't yet compiled dovecot by myself but with wine it's 'make uninstall' clean and distclean only apply to the build source tree itself but aren't the reverse of 'make install' That's at least how it should be From tolga at ozses.net Fri Jun 12 16:50:43 2015 From: tolga at ozses.net (Muzaffer Tolga Ozses) Date: Fri, 12 Jun 2015 19:50:43 +0300 Subject: 1.0.15 gone, can't start version 2 In-Reply-To: <1434126540.22443.1.camel@z-51.de> References: <9illnadaa9eo4dqevcc4m5079sbn1fg997@4ax.com> <1434126540.22443.1.camel@z-51.de> Message-ID: I would install again, then run a make distclean. On 12 Jun 2015 19:29, "Felix Zielcke" wrote: > Am Freitag, den 12.06.2015, 09:15 -0400 schrieb Steve Matzura: > > On Fri, 12 Jun 2015 15:14:03 +0300, you wrote: > > > > > I mean, in the source directory. > > > > You mean in the directory where files from the tar were placed? I've > > unfortunately removed those manually, but then I put them back and > > tried the make again, still same error. "make: *** No rule to make > > target `distclean'. Stop. > > > > I haven't yet compiled dovecot by myself but with wine it's 'make > uninstall' > clean and distclean only apply to the build source tree itself but > aren't the reverse of 'make install' > That's at least how it should be > From number6 at noisynotes.com Fri Jun 12 17:05:47 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Fri, 12 Jun 2015 13:05:47 -0400 Subject: 1.0.15 gone, can't start version 2 In-Reply-To: <1434126540.22443.1.camel@z-51.de> References: <9illnadaa9eo4dqevcc4m5079sbn1fg997@4ax.com> <1434126540.22443.1.camel@z-51.de> Message-ID: <884mna9aqh33pufujua54unmfeuu8v7lds@4ax.com> I still haven't gotten any make commands to work, but I did successfully rename the four directories to something else I could easily find, and the new version does attempt to start. On Fri, 12 Jun 2015 18:29:00 +0200, you wrote: >Am Freitag, den 12.06.2015, 09:15 -0400 schrieb Steve Matzura: >> On Fri, 12 Jun 2015 15:14:03 +0300, you wrote: >> >> > I mean, in the source directory. >> >> You mean in the directory where files from the tar were placed? I've >> unfortunately removed those manually, but then I put them back and >> tried the make again, still same error. "make: *** No rule to make >> target `distclean'. Stop. >> > >I haven't yet compiled dovecot by myself but with wine it's 'make >uninstall' >clean and distclean only apply to the build source tree itself but >aren't the reverse of 'make install' >That's at least how it should be From tmorehen at ajmconsulting.ca Fri Jun 12 19:38:02 2015 From: tmorehen at ajmconsulting.ca (Tony Morehen) Date: Fri, 12 Jun 2015 15:38:02 -0400 Subject: Imap Notify Message-ID: <557B351A.7020901@ajmconsulting.ca> I'm trying to enable Imap Notify in Dovecot 2.2.13. I know that's a bit out of date, but that's what's provided with openSuSe 13.2. The first thing I did was add mailbox_list_index=yes to /etc/dovecot/dovecot.conf. Both doveadm -n and dovecot -n show the change. I then used doveadm reload to force dovecot to reread its config file. Despite this, NOTIFY did not show up it Dovecot's capabilities: * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot ready. I then did a systemctl restart dovecot.service and still no luck: * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot ready. I also have noticed that the Maildirs of my various accounts include a dovecot.list.index file with a current timestamp, but no dovecot.list.index. So, where do I go for here? The output of doveadm -n: # 2.2.13: /etc/dovecot/dovecot.conf # OS: Linux 3.16.7-21-desktop x86_64 openSUSE 13.2 (x86_64) disable_plaintext_auth = no log_path = /var/log/dovecot/dovecot.log mail_location = maildir:~/Maildir mail_max_userip_connections = 50 mailbox_list_index = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave passdb { args = /etc/dovecot/passwd.dovecot driver = passwd-file } postmaster_address = Tony at localhost protocols = imap lmtp service auth { unix_listener auth-master { group = mailgrp mode = 0660 user = mailuser } } service lmtp { executable = lmtp -L inet_listener lmtp { address = 127.0.0.1 port = 2525 } user = mailuser } ssl = no userdb { args = /etc/dovecot/passwd.dovecot driver = passwd-file } protocol imap { imap_client_workarounds = tb-extra-mailbox-sep } protocol pop3 { mail_plugin_dir = /usr/lib/dovecot/modules/pop3 } protocol lda { log_path = /var/log/dovecot/deliver.log mail_plugin_dir = /usr/lib64/dovecot/modules mail_plugins = sieve } protocol lmtp { log_path = /var/log/dovecot/deliver.log mail_plugin_dir = /usr/lib64/dovecot/modules mail_plugins = sieve } From tmorehen at ajmconsulting.ca Fri Jun 12 19:45:45 2015 From: tmorehen at ajmconsulting.ca (Tony Morehen) Date: Fri, 12 Jun 2015 15:45:45 -0400 Subject: Imap Notify In-Reply-To: <557B351A.7020901@ajmconsulting.ca> References: <557B351A.7020901@ajmconsulting.ca> Message-ID: <557B36E9.3050104@ajmconsulting.ca> Sorry, I have a dovecot.list.index.log file in Maildir, but no dovecot.list.index. Obviously, my brain is faster than my typing. On 12/06/2015 3:38 PM, Tony Morehen wrote: > I'm trying to enable Imap Notify in Dovecot 2.2.13. I know that's a > bit out of date, but that's what's provided with openSuSe 13.2. > > The first thing I did was add mailbox_list_index=yes to > /etc/dovecot/dovecot.conf. > Both doveadm -n and dovecot -n show the change. I then used doveadm > reload to force dovecot to reread its config file. > > Despite this, NOTIFY did not show up it Dovecot's capabilities: > > * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE > IDLE AUTH=PLAIN] Dovecot ready. > > I then did a systemctl restart dovecot.service and still no luck: > * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE > IDLE AUTH=PLAIN] Dovecot ready. > > I also have noticed that the Maildirs of my various accounts include a > dovecot.list.index file with a current timestamp, but no > dovecot.list.index. > > So, where do I go for here? > > The output of doveadm -n: > > # 2.2.13: /etc/dovecot/dovecot.conf > # OS: Linux 3.16.7-21-desktop x86_64 openSUSE 13.2 (x86_64) > disable_plaintext_auth = no > log_path = /var/log/dovecot/dovecot.log > mail_location = maildir:~/Maildir > mail_max_userip_connections = 50 > mailbox_list_index = yes > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope > encoded-character vacation subaddress comparator-i;ascii-numeric > relational regex imap4flags copy include variables body enotify > environment mailbox date ihave > passdb { > args = /etc/dovecot/passwd.dovecot > driver = passwd-file > } > postmaster_address = Tony at localhost > protocols = imap lmtp > service auth { > unix_listener auth-master { > group = mailgrp > mode = 0660 > user = mailuser > } > } > service lmtp { > executable = lmtp -L > inet_listener lmtp { > address = 127.0.0.1 > port = 2525 > } > user = mailuser > } > ssl = no > userdb { > args = /etc/dovecot/passwd.dovecot > driver = passwd-file > } > protocol imap { > imap_client_workarounds = tb-extra-mailbox-sep > } > protocol pop3 { > mail_plugin_dir = /usr/lib/dovecot/modules/pop3 > } > protocol lda { > log_path = /var/log/dovecot/deliver.log > mail_plugin_dir = /usr/lib64/dovecot/modules > mail_plugins = sieve > } > protocol lmtp { > log_path = /var/log/dovecot/deliver.log > mail_plugin_dir = /usr/lib64/dovecot/modules > mail_plugins = sieve > } From gedalya at gedalya.net Fri Jun 12 20:12:49 2015 From: gedalya at gedalya.net (Gedalya) Date: Fri, 12 Jun 2015 16:12:49 -0400 Subject: Imap Notify In-Reply-To: <557B351A.7020901@ajmconsulting.ca> References: <557B351A.7020901@ajmconsulting.ca> Message-ID: <557B3D41.8040303@gedalya.net> On 06/12/2015 03:38 PM, Tony Morehen wrote: > Despite this, NOTIFY did not show up it Dovecot's capabilities: > > * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE > IDLE AUTH=PLAIN] Dovecot ready. It should show up in the post-login capabilities. Do a login first, then you get a second, much longer capability string From listaccount at starionline.com Fri Jun 12 20:57:07 2015 From: listaccount at starionline.com (SH Development) Date: Fri, 12 Jun 2015 15:57:07 -0500 Subject: Orphaned email boxes... Message-ID: <3D6AF6EC-6781-4E45-A037-CEBA59BBA48B@starionline.com> What is the correct way to delete mailboxes that no longer have a database entry? Jeff From admin at awib.it Sat Jun 13 00:02:45 2015 From: admin at awib.it (admin) Date: Sat, 13 Jun 2015 02:02:45 +0200 Subject: Orphaned email boxes... In-Reply-To: <3D6AF6EC-6781-4E45-A037-CEBA59BBA48B@starionline.com> References: <3D6AF6EC-6781-4E45-A037-CEBA59BBA48B@starionline.com> Message-ID: <1434153765.10706.49.camel@z51.office.awib.it> Am Freitag, den 12.06.2015, 15:57 -0500 schrieb SH Development: > What is the correct way to delete mailboxes that no longer have a database entry? > > Jeff What format are you using to store mails? Are you using Maildir? Then it should just be as easy as to simply rm the user's folder - in my case '/var/mail/domain.xy/user', which always worked out for me. -M From listaccount at starionline.com Sat Jun 13 04:04:59 2015 From: listaccount at starionline.com (SH Development) Date: Fri, 12 Jun 2015 23:04:59 -0500 Subject: Orphaned email boxes... In-Reply-To: <1434153765.10706.49.camel@z51.office.awib.it> References: <3D6AF6EC-6781-4E45-A037-CEBA59BBA48B@starionline.com> <1434153765.10706.49.camel@z51.office.awib.it> Message-ID: Yes, that is the format I?m using. Just didn?t know if there was a dovecot command that should be used. Just making sure before I start rm?ing stuff. Jeff > On Jun 12, 2015, at 7:02 PM, admin wrote: > > Am Freitag, den 12.06.2015, 15:57 -0500 schrieb SH Development: >> What is the correct way to delete mailboxes that no longer have a database entry? >> >> Jeff > > What format are you using to store mails? Are you using Maildir? > Then it should just be as easy as to simply rm the user's folder - in my > case '/var/mail/domain.xy/user', which always worked out for me. > > -M From tolga at ozses.net Sat Jun 13 05:05:57 2015 From: tolga at ozses.net (Muzaffer Tolga Ozses) Date: Sat, 13 Jun 2015 08:05:57 +0300 Subject: Error when starting Dovecot In-Reply-To: References: Message-ID: There might be a whitespace. Try pasting what you copied to notepad or gedit (depending on your OS) then copy/pasting here again. On 12 Jun 2015 18:25, "Steve Matzura" wrote: > After applying some changes to 10-master.conf as detailed at > http://wiki2.dovecot.org/HowTo/PostfixDovecotLMTP I receive the > following when trying to start: > > doveconf: Fatal: Error in configuration file > /etc/dovecot/conf.d/10-master.conf > line 49: Expecting '{' > > I'm trying to enable LMTP. The instructions say: > > Socket configuration > > The actual socket is configured in /etc/dovecot/conf.d/10-master.conf. > The LMTP service can be bound to both INET or Unix sockets. In this > example a Unix socket is placed inside the Postfix spool with > appropriate permissions set: > > service lmtp { > unix_listener /var/spool/postfix/private/dovecot-lmtp { > group = postfix > mode = 0600 > user = postfix > } > } > > I copied this block and placed it in my copy of 10-master.conf. Line > 49 is the first line of this block, and there's clearly a left-brace > there. The braces match, too. Thoughts? > From tolga at ozses.net Sat Jun 13 05:12:38 2015 From: tolga at ozses.net (Muzaffer Tolga Ozses) Date: Sat, 13 Jun 2015 08:12:38 +0300 Subject: Error when starting Dovecot In-Reply-To: References: Message-ID: By the way, I looked at my own file, and it doesn't give full path of lmtp. On 13 Jun 2015 08:05, "Muzaffer Tolga Ozses" wrote: > There might be a whitespace. Try pasting what you copied to notepad or > gedit (depending on your OS) then copy/pasting here again. > On 12 Jun 2015 18:25, "Steve Matzura" wrote: > >> After applying some changes to 10-master.conf as detailed at >> http://wiki2.dovecot.org/HowTo/PostfixDovecotLMTP I receive the >> following when trying to start: >> >> doveconf: Fatal: Error in configuration file >> /etc/dovecot/conf.d/10-master.conf >> line 49: Expecting '{' >> >> I'm trying to enable LMTP. The instructions say: >> >> Socket configuration >> >> The actual socket is configured in /etc/dovecot/conf.d/10-master.conf. >> The LMTP service can be bound to both INET or Unix sockets. In this >> example a Unix socket is placed inside the Postfix spool with >> appropriate permissions set: >> >> service lmtp { >> unix_listener /var/spool/postfix/private/dovecot-lmtp { >> group = postfix >> mode = 0600 >> user = postfix >> } >> } >> >> I copied this block and placed it in my copy of 10-master.conf. Line >> 49 is the first line of this block, and there's clearly a left-brace >> there. The braces match, too. Thoughts? >> > From admin at awib.it Sat Jun 13 09:05:53 2015 From: admin at awib.it (admin) Date: Sat, 13 Jun 2015 11:05:53 +0200 Subject: Orphaned email boxes... In-Reply-To: References: <3D6AF6EC-6781-4E45-A037-CEBA59BBA48B@starionline.com> <1434153765.10706.49.camel@z51.office.awib.it> Message-ID: <1434186353.10706.57.camel@z51.office.awib.it> Am Freitag, den 12.06.2015, 23:04 -0500 schrieb SH Development: > Yes, that is the format I?m using. Just didn?t know if there was a dovecot command that should be used. Just making sure before I start rm?ing stuff. > > Jeff > > > > On Jun 12, 2015, at 7:02 PM, admin wrote: > > > > Am Freitag, den 12.06.2015, 15:57 -0500 schrieb SH Development: > >> What is the correct way to delete mailboxes that no longer have a database entry? > >> > >> Jeff > > > > What format are you using to store mails? Are you using Maildir? > > Then it should just be as easy as to simply rm the user's folder - in my > > case '/var/mail/domain.xy/user', which always worked out for me. > > > > -M Actually there is something that might be what you are looking for: Mailbox Delete doveadm mailbox delete [-A|-u user|-F file] [-S socket_path] [-s] mailbox ... This command deletes a mailbox and expunges all the messages it contains. If the mailbox has any children, they won't be deleted. When the -s option is present, the deleted mailboxes will be also unsubscribed. (http://wiki2.dovecot.org/Tools/Doveadm/Mailbox) But I never used it. Actually tried once but if I remember correctly it did not work for some reason - could have been related to the inability to find the mailbox in the DB, as I - like you already did - removed the mailbox from the DB. But I think the above command is meant to be used for active, non-orphaned mailboxes. However I still have 7z'ed backups of my deleted mailboxes that I store for some months until I have the feeling that also their time has come. From number6 at noisynotes.com Sat Jun 13 09:37:50 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Sat, 13 Jun 2015 05:37:50 -0400 Subject: Error when starting Dovecot In-Reply-To: References: Message-ID: On Sat, 13 Jun 2015 08:12:38 +0300, you wrote: >By the way, I looked at my own file, and it doesn't give full path of lmtp. Yes, that confused me as well. I just copied it directly from the wiki which I cited. Interesting. I have removed that bit and corrected another error--an extra right-brace--and Dovecot is now *RUNNING*! Lots of testing begins now. From number6 at noisynotes.com Sat Jun 13 12:00:27 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Sat, 13 Jun 2015 08:00:27 -0400 Subject: Testin new installation Message-ID: The first place I went to for test advice and planning recommendations was http://wiki2.dovecot.org/TestInstallation - The very first test failed. Doc says: Next check that Dovecot is listening for connections: # telnet localhost 143 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE STARTTLS AUTH=PLAIN] Dovecot ready. If you got "connection refused", make sure that Dovecot is configured to serve the imap protocol and listening on the expected interfaces/addresses. The simplest way to do that would be using doveconf(1): # doveconf protocols listen protocols = imap pop3 lmtp sieve listen = *, :: If the protocols setting shouldn't contain imap so add it. Also make sure, that relevant !include or !try_include configuration lines are not commented. *** End doc extract *** All of the above specified settings are correct. Yet, when I telnet localhost 143, I get: Trying ::1... # this is certainly suspect Escape character is '^['. Connection closed by foreign host. From number6 at noisynotes.com Sat Jun 13 12:00:30 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Sat, 13 Jun 2015 08:00:30 -0400 Subject: Non-Existent Log File Message-ID: My /var/log/maillog was getting pretty big because of lots of testing and re-configuring I've been doing lately with both Dovecot and Postfix. I figured just remove /var/log/maillog and it would be re-created. It wasn't--not by Dovecot, not by Postfix. I had to manually create a new one, put one character in it, save it, properly secure it with chmod, and then Dovecot (and postfix) messages got written to it. This can't possibly be the proper procedure to clear maillog messages ... can it? From tolga at ozses.net Sat Jun 13 12:15:07 2015 From: tolga at ozses.net (Muzaffer Tolga Ozses) Date: Sat, 13 Jun 2015 15:15:07 +0300 Subject: Non-Existent Log File In-Reply-To: References: Message-ID: Look into logrotate, and turn off your debugging stuff. On 13 Jun 2015 15:02, "Steve Matzura" wrote: > My /var/log/maillog was getting pretty big because of lots of testing > and re-configuring I've been doing lately with both Dovecot and > Postfix. I figured just remove /var/log/maillog and it would be > re-created. It wasn't--not by Dovecot, not by Postfix. I had to > manually create a new one, put one character in it, save it, properly > secure it with chmod, and then Dovecot (and postfix) messages got > written to it. This can't possibly be the proper procedure to clear > maillog messages ... can it? > From fzielcke at z-51.de Sat Jun 13 12:16:30 2015 From: fzielcke at z-51.de (Felix Zielcke) Date: Sat, 13 Jun 2015 14:16:30 +0200 Subject: Testin new installation In-Reply-To: References: Message-ID: <1434197790.6886.1.camel@z-51.de> Am Samstag, den 13.06.2015, 08:00 -0400 schrieb Steve Matzura: > > All of the above specified settings are correct. Yet, when I telnet > localhost 143, I get: > > Trying ::1... # this is certainly suspect > Escape character is '^['. > Connection closed by foreign host. What does 'netstat -l46np' say? dovecot process should appear with :143 From ml+dovecot at valo.at Sat Jun 13 12:20:06 2015 From: ml+dovecot at valo.at (Christian Kivalo) Date: Sat, 13 Jun 2015 14:20:06 +0200 Subject: Non-Existent Log File In-Reply-To: References: Message-ID: On 2015-06-13 14:00, Steve Matzura wrote: > My /var/log/maillog was getting pretty big because of lots of testing > and re-configuring I've been doing lately with both Dovecot and > Postfix. Logrotate is your friend for this task. > I figured just remove /var/log/maillog and it would be > re-created. It wasn't--not by Dovecot, not by Postfix. I had to > manually create a new one, put one character in it, save it, properly > secure it with chmod, and then Dovecot (and postfix) messages got > written to it. This can't possibly be the proper procedure to clear > maillog messages ... can it? touch $logfile and chmod would have been enough, i think. The other way would be to restart your syslog daemon to let it recreate the missing logfile, thats what my logrotate does after rotating the logfile. - christian From number6 at noisynotes.com Sat Jun 13 12:31:00 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Sat, 13 Jun 2015 08:31:00 -0400 Subject: Non-Existent Log File In-Reply-To: References: Message-ID: On Sat, 13 Jun 2015 15:15:07 +0300, you wrote: >Look into logrotate, and turn off your debugging stuff. I actually did look at logrotate, but since I'm nobody's big understander of what's in there, I didn't change anything until I learn more about what's in logrotate.d/syslog and other things. >On 13 Jun 2015 15:02, "Steve Matzura" wrote: > >> My /var/log/maillog was getting pretty big because of lots of testing >> and re-configuring I've been doing lately with both Dovecot and >> Postfix. I figured just remove /var/log/maillog and it would be >> re-created. It wasn't--not by Dovecot, not by Postfix. I had to >> manually create a new one, put one character in it, save it, properly >> secure it with chmod, and then Dovecot (and postfix) messages got >> written to it. This can't possibly be the proper procedure to clear >> maillog messages ... can it? >> From bertrand.caplet at chunkz.net Sat Jun 13 14:10:09 2015 From: bertrand.caplet at chunkz.net (Bertrand Caplet) Date: Sat, 13 Jun 2015 16:10:09 +0200 Subject: LDA versus LMTP In-Reply-To: References: <9ebjnatscesm96edb3vmmgfrcg400nl1pk@4ax.com> <2A5C55DE-A0D6-47CD-A276-049CB8382868@pettijohn-web.com> Message-ID: <557C39C1.1070702@chunkz.net> >>> On Thu, 11 Jun 2015 15:14:31 -0400, Ajai Khattri >>> wrote: >>> >>>> Im using Dovecot for LMTP for all my mail users, since this way they are >>>> completely virtual (i.e. dont need to have a local account at all), all >>>> mail gets delivered to Maildirs owned by dovecot. Also LMTP makes it easier >>>> to insert scripts and do any custom processing which presumably is where >>>> Sieve comes in. Its also pretty easy to setup. >>> >>> Sounds like that's what I should be doing. OK, so how is Dovecot told >>> to use LMTP instead of LDA? I must not be understanding something >>> about what's in either 15-lda.conf or 20-lmtp.conf. >> >> You have to configure your mta to deliver to lmtp instead of lda. > > So this gets done in Postfix then? Hi, the main differences LDA can be used thru unix socket or TCP socket. TCP socket can be used for multiple smtp servers deliver to an unique dovecot server. And LMTP is easier to debug and put info in headers like this : Received: from mx02.chunkz.net by lmtp02.chunkz.net (Dovecot) with LMTP id JoInCcG8elUUUgAAt5Imuw for ; Fri, 12 Jun 2015 13:04:34 +0200 This also been answered on Postfix ml see here : http://postfix.1071664.n5.nabble.com/Dovecot-LDA-vs-LMTP-td53411.html Regards, -- CHUNKZ.NET - script kiddie and computer technician Bertrand Caplet, Flers (FR) Feel free to send encrypted/signed messages Key ID: 37F70C30 GPG FP: 134A 4027 518B 5F4D D409 558D BA9B 7BF0 37F7 0C30 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: OpenPGP digital signature URL: From bertrand.caplet at chunkz.net Sat Jun 13 14:11:54 2015 From: bertrand.caplet at chunkz.net (Bertrand Caplet) Date: Sat, 13 Jun 2015 16:11:54 +0200 Subject: LDA versus LMTP In-Reply-To: <557C39C1.1070702@chunkz.net> References: <9ebjnatscesm96edb3vmmgfrcg400nl1pk@4ax.com> <2A5C55DE-A0D6-47CD-A276-049CB8382868@pettijohn-web.com> <557C39C1.1070702@chunkz.net> Message-ID: <557C3A2A.8040702@chunkz.net> > Hi, > the main differences LDA can be used thru unix socket or TCP socket. > TCP socket can be used for multiple smtp servers deliver to an unique > dovecot server. Erratum: I wanted to say : "LMTP can be used thruu unix socket or TCP socket. -- CHUNKZ.NET - script kiddie and computer technician Bertrand Caplet, Flers (FR) Feel free to send encrypted/signed messages Key ID: 37F70C30 GPG FP: 134A 4027 518B 5F4D D409 558D BA9B 7BF0 37F7 0C30 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: OpenPGP digital signature URL: From edgar at pettijohn-web.com Sat Jun 13 16:36:21 2015 From: edgar at pettijohn-web.com (edgar) Date: Sat, 13 Jun 2015 10:36:21 -0600 Subject: Testin new installation Message-ID: <12be209dd8t68cbj6ofwepph.1434213236733@email.android.com> Look at /etc/hosts ::1 is the ipv6 version of localhost.? Sent from Samsung tablet -------- Original message -------- From Steve Matzura Date: 06/13/2015 6:00 AM (GMT-06:00) To dovecot Subject Testin new installation The first place I went to for test advice and planning recommendations was http://wiki2.dovecot.org/TestInstallation - The very first test failed. Doc says: Next check that Dovecot is listening for connections: # telnet localhost 143 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE STARTTLS AUTH=PLAIN] Dovecot ready. If you got "connection refused", make sure that Dovecot is configured to serve the imap protocol and listening on the expected interfaces/addresses. The simplest way to do that would be using doveconf(1): # doveconf protocols listen protocols = imap pop3 lmtp sieve listen = *, :: If the protocols setting shouldn't contain imap so add it. Also make sure, that relevant !include or !try_include configuration lines are not commented. *** End doc extract *** All of the above specified settings are correct. Yet, when I telnet localhost 143, I get: Trying ::1... # this is certainly suspect Escape character is '^['. Connection closed by foreign host. From klrumpf at gmail.com Sat Jun 13 16:57:45 2015 From: klrumpf at gmail.com (klrumpf) Date: Sat, 13 Jun 2015 18:57:45 +0200 Subject: postfix/dovecot on debian jessie (url config at OVH) Message-ID: <557C6109.8010705@gmail.com> Hi list, could use some help with a pasword issue or ovh dns zone problem, dovecot newbie I have gone thru setting up a mailserver using the below http://www.binarytides.com/install-postfix-dovecot-debian/ when I try to set up an account from my laptop (iceweasel/t-bird) I get password problems. mail.log says Jun 13 18:36:04 www postfix/smtpd[701]: connect from unknown[xx.xx.214.75] Jun 13 18:36:04 www postfix/smtpd[688]: disconnect from unknown[xx.xx.214.75] Jun 13 18:36:04 www postfix/submission/smtpd[687]: disconnect from unknown[xx.xx.214.75] Jun 13 18:36:04 www postfix/submission/smtpd[694]: disconnect from unknown[xx.xx.214.75] Jun 13 18:36:04 www postfix/smtpd[693]: disconnect from unknown[xx.xx.214.75] Jun 13 18:36:04 www postfix/submission/smtpd[698]: disconnect from unknown[.... nstat also looks ok BWE1# netstat -lntp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.1:12301 0.0.0.0:* LISTEN 492/opendkim tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN 504/dovecot tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN 504/dovecot tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 486/nginx -g daemon tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN 617/master tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 449/sshd tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 617/master tcp 0 0 127.0.0.1:4000 0.0.0.0:* LISTEN 653/ssh tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN 504/dovecot tcp 0 0 0.0.0.0:995 0.0.0.0:* LISTEN 504/dovecot tcp 0 0 0.0.0.0:587 0.0.0.0:* LISTEN 617/master tcp 0 0 127.0.0.1:6379 0.0.0.0:* LISTEN 455/redis-server 12 tcp6 0 0 :::110 :::* LISTEN 504/dovecot tcp6 0 0 :::143 :::* LISTEN 504/dovecot tcp6 0 0 :::80 :::* LISTEN 486/nginx -g daemon tcp6 0 0 :::465 :::* LISTEN 617/master tcp6 0 0 :::21 :::* LISTEN 485/vsftpd tcp6 0 0 :::22 :::* LISTEN 449/sshd tcp6 0 0 :::25 :::* LISTEN 617/master tcp6 0 0 ::1:4000 :::* LISTEN 653/ssh tcp6 0 0 :::993 :::* LISTEN 504/dovecot tcp6 0 0 :::995 :::* LISTEN 504/dovecot tcp6 0 0 :::587 :::* LISTEN 617/master maybe someone has done it before, thanks From number6 at noisynotes.com Sat Jun 13 17:40:28 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Sat, 13 Jun 2015 13:40:28 -0400 Subject: Testin new installation In-Reply-To: <1434197790.6886.1.camel@z-51.de> References: <1434197790.6886.1.camel@z-51.de> Message-ID: <17qona185pa3mep66uod7ogabgtsv1ltjk@4ax.com> On Sat, 13 Jun 2015 14:16:30 +0200, you wrote: >Am Samstag, den 13.06.2015, 08:00 -0400 schrieb Steve Matzura: >> >> All of the above specified settings are correct. Yet, when I telnet >> localhost 143, I get: >> >> Trying ::1... # this is certainly suspect >> Escape character is '^['. >> Connection closed by foreign host. > >What does 'netstat -l46np' say? It doesn't look good. Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:995 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN tcp 0 0 :53 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:8000 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:8001 0.0.0.0:* LISTEN tcp6 0 0 :::995 :::* LISTEN tcp6 0 0 :::110 :::* LISTEN tcp6 0 0 :::143 :::* LISTEN tcp6 0 0 :::80 :::* LISTEN tcp6 0 0 :::21 :::* LISTEN tcp6 0 0 :::53 :::* LISTEN tcp6 0 0 :::22 :::* LISTEN tcp6 0 0 ::1:953 :::* LISTEN tcp6 0 0 :::993 :::* LISTEN >dovecot process should appear with :143 From number6 at noisynotes.com Sat Jun 13 17:41:31 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Sat, 13 Jun 2015 13:41:31 -0400 Subject: Testin new installation In-Reply-To: <12be209dd8t68cbj6ofwepph.1434213236733@email.android.com> References: <12be209dd8t68cbj6ofwepph.1434213236733@email.android.com> Message-ID: <2pqonalso8kcs994821nqdvpho8ig2r02b@4ax.com> On Sat, 13 Jun 2015 10:36:21 -0600, you wrote: >Look at /etc/hosts ::1 is the ipv6 version of localhost.? Right. I actually knew that. So why does that take precedence for the definition of localhost even though it's not the first line in the file? From gedalya at gedalya.net Sat Jun 13 17:59:25 2015 From: gedalya at gedalya.net (Gedalya) Date: Sat, 13 Jun 2015 13:59:25 -0400 Subject: Testin new installation In-Reply-To: <2pqonalso8kcs994821nqdvpho8ig2r02b@4ax.com> References: <12be209dd8t68cbj6ofwepph.1434213236733@email.android.com> <2pqonalso8kcs994821nqdvpho8ig2r02b@4ax.com> Message-ID: <557C6F7D.9020403@gedalya.net> On 06/13/2015 01:41 PM, Steve Matzura wrote: > On Sat, 13 Jun 2015 10:36:21 -0600, you wrote: > >> Look at /etc/hosts ::1 is the ipv6 version of localhost. > Right. I actually knew that. So why does that take precedence for the > definition of localhost even though it's not the first line in the > file? IPv6 is preferred when available. See man 5 gai.conf From number6 at noisynotes.com Sat Jun 13 18:22:04 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Sat, 13 Jun 2015 14:22:04 -0400 Subject: Testin new installation In-Reply-To: <557C6F7D.9020403@gedalya.net> References: <12be209dd8t68cbj6ofwepph.1434213236733@email.android.com> <2pqonalso8kcs994821nqdvpho8ig2r02b@4ax.com> <557C6F7D.9020403@gedalya.net> Message-ID: On Sat, 13 Jun 2015 13:59:25 -0400, you wrote: >On 06/13/2015 01:41 PM, Steve Matzura wrote: >> On Sat, 13 Jun 2015 10:36:21 -0600, you wrote: >> >>> Look at /etc/hosts ::1 is the ipv6 version of localhost. >> Right. I actually knew that. So why does that take precedence for the >> definition of localhost even though it's not the first line in the >> file? >IPv6 is preferred when available. >See man 5 gai.conf /etc/gai.conf does not exist. Further, on the system which I am trying to duplicate by upgrading to the latest version of o/s and layered products, their copy of /etc/gai.conf is nothing but comments and 'netstat -l46nbt' shows the same output, plus or minus a port or two. From edgar at pettijohn-web.com Sat Jun 13 18:28:53 2015 From: edgar at pettijohn-web.com (Edgar Pettijohn III) Date: Sat, 13 Jun 2015 13:28:53 -0500 Subject: Testin new installation In-Reply-To: <1434197790.6886.1.camel@z-51.de> References: <1434197790.6886.1.camel@z-51.de> Message-ID: <60B18E94-80FB-4CE8-BDA1-26207A8E3611@pettijohn-web.com> On Jun 13, 2015, at 7:16 AM, Felix Zielcke wrote: > Am Samstag, den 13.06.2015, 08:00 -0400 schrieb Steve Matzura: >> >> All of the above specified settings are correct. Yet, when I telnet >> localhost 143, I get: >> >> Trying ::1... # this is certainly suspect >> Escape character is '^['. >> Connection closed by foreign host. > > What does 'netstat -l46np' say? > dovecot process should appear with :143 Looking back I have not seen your posting of doveconf -n or what o/s you are using. This may be helpful. From fzielcke at z-51.de Sat Jun 13 18:41:01 2015 From: fzielcke at z-51.de (Felix Zielcke) Date: Sat, 13 Jun 2015 20:41:01 +0200 Subject: Testin new installation In-Reply-To: <17qona185pa3mep66uod7ogabgtsv1ltjk@4ax.com> References: <1434197790.6886.1.camel@z-51.de> <17qona185pa3mep66uod7ogabgtsv1ltjk@4ax.com> Message-ID: <1434220861.2834.1.camel@z-51.de> Am Samstag, den 13.06.2015, 13:40 -0400 schrieb Steve Matzura: > On Sat, 13 Jun 2015 14:16:30 +0200, you wrote: > > > Am Samstag, den 13.06.2015, 08:00 -0400 schrieb Steve Matzura: > > > > > > All of the above specified settings are correct. Yet, when I > > > telnet > > > localhost 143, I get: > > > > > > Trying ::1... # this is certainly suspect > > > Escape character is '^['. > > > Connection closed by foreign host. > > > > What does 'netstat -l46np' say? > > It doesn't look good. > Active Internet connections (only servers) > Proto Recv-Q Send-Q Local Address Foreign Address State > tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN > > > > dovecot process should appear with :143 Did you specify the p option? Then dovecot process name should appear. Try telnet 127.0.0.1 143 instead of localhost telnet localhost seems to use the IPv6 localhost adress which isn't used on dovecot side. I assume you don't use much IPv6 on this system, so this is no problem at all. From tony at lavanauts.org Sat Jun 13 18:58:42 2015 From: tony at lavanauts.org (Antonio Querubin) Date: Sat, 13 Jun 2015 08:58:42 -1000 (HST) Subject: Testin new installation In-Reply-To: <17qona185pa3mep66uod7ogabgtsv1ltjk@4ax.com> References: <1434197790.6886.1.camel@z-51.de> <17qona185pa3mep66uod7ogabgtsv1ltjk@4ax.com> Message-ID: On Sat, 13 Jun 2015, Steve Matzura wrote: > On Sat, 13 Jun 2015 14:16:30 +0200, you wrote: >> Am Samstag, den 13.06.2015, 08:00 -0400 schrieb Steve Matzura: >>> All of the above specified settings are correct. Yet, when I telnet >>> localhost 143, I get: >>> >>> Trying ::1... # this is certainly suspect >>> Escape character is '^['. >>> Connection closed by foreign host. This is normal. >> What does 'netstat -l46np' say? > > It doesn't look good. > Active Internet connections (only servers) > Proto Recv-Q Send-Q Local Address Foreign Address State > tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN > tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN > tcp6 0 0 :::143 :::* LISTEN > tcp6 0 0 :::993 :::* LISTEN This is also normal. If you want to do a complete check of a service on a dual-stack host you really do need to explicitly specify the host by every IP address you intend it to be listening on since the client's ultimate choice of which address to choose, if you simply leave it up to DNS and the client, is variable. Antonio Querubin e-mail: tony at lavanauts.org xmpp: antonioquerubin at gmail.com From number6 at noisynotes.com Sat Jun 13 19:28:38 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Sat, 13 Jun 2015 15:28:38 -0400 Subject: Testin new installation In-Reply-To: <60B18E94-80FB-4CE8-BDA1-26207A8E3611@pettijohn-web.com> References: <1434197790.6886.1.camel@z-51.de> <60B18E94-80FB-4CE8-BDA1-26207A8E3611@pettijohn-web.com> Message-ID: On Sat, 13 Jun 2015 13:28:53 -0500, you wrote: > >On Jun 13, 2015, at 7:16 AM, Felix Zielcke wrote: > >> Am Samstag, den 13.06.2015, 08:00 -0400 schrieb Steve Matzura: >>> >>> All of the above specified settings are correct. Yet, when I telnet >>> localhost 143, I get: >>> >>> Trying ::1... # this is certainly suspect >>> Escape character is '^['. >>> Connection closed by foreign host. >> >> What does 'netstat -l46np' say? >> dovecot process should appear with :143 > >Looking back I have not seen your posting of doveconf -n or what o/s you are using. This may be helpful. Apologies for not posting that. # 2.2.18: /etc/dovecot/dovecot.conf # OS: Linux 3.2.65-xenU-19-0e6777a-x86_64 x86_64 Fedora release 20 (Heisenbug) mbox_write_locks = fcntl namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } service lmtp { unix_listener lmtp { group = postfix mode = 0600 user = postfix } } ssl = required ssl_cert = /etc/pki/dovecot/certs/tbv2015.crt ssl_key = References: <1434197790.6886.1.camel@z-51.de> <17qona185pa3mep66uod7ogabgtsv1ltjk@4ax.com> <1434220861.2834.1.camel@z-51.de> Message-ID: On Sat, 13 Jun 2015 20:41:01 +0200, you wrote: >Am Samstag, den 13.06.2015, 13:40 -0400 schrieb Steve Matzura: >> On Sat, 13 Jun 2015 14:16:30 +0200, you wrote: >> >> > Am Samstag, den 13.06.2015, 08:00 -0400 schrieb Steve Matzura: >> > > >> > > All of the above specified settings are correct. Yet, when I >> > > telnet >> > > localhost 143, I get: >> > > >> > > Trying ::1... # this is certainly suspect >> > > Escape character is '^['. >> > > Connection closed by foreign host. >> > >> > What does 'netstat -l46np' say? >> >> It doesn't look good. >> Active Internet connections (only servers) >> Proto Recv-Q Send-Q Local Address Foreign Address State > >> tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN >> >> >> > dovecot process should appear with :143 > >Did you specify the p option? Then dovecot process name should appear. Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:995 0.0.0.0:* LISTEN 25239/dovecot tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN 25239/dovecot tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN 25239/dovecot tcp 0 0 :53 0.0.0.0:* LISTEN 1111/named tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 1111/named tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 11686/sshd tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 1111/named tcp 0 0 0.0.0.0:8000 0.0.0.0:* LISTEN 31857/icecast tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN 25239/dovecot tcp 0 0 0.0.0.0:8001 0.0.0.0:* LISTEN 31857/icecast I eliminated the IPv6 lines for brevity. >Try telnet 127.0.0.1 143 instead of localhost When I telnet 127.0.0.1 143 from a non-root account, I get "Connection closed by foreign host." When I do it from root, it connects but I get no other response and have to ^] to disconnect. >telnet localhost seems to use the IPv6 localhost adress which isn't >used on dovecot side. >I assume you don't use much IPv6 on this system, so this is no problem >at all. That's right. IN fact, the only v6 used at all is for our audio streaming services. From b-dovecot.org at grmbl.net Sat Jun 13 19:57:06 2015 From: b-dovecot.org at grmbl.net (b-dovecot.org at grmbl.net) Date: Sat, 13 Jun 2015 21:57:06 +0200 Subject: Testin new installation In-Reply-To: References: <1434197790.6886.1.camel@z-51.de> <17qona185pa3mep66uod7ogabgtsv1ltjk@4ax.com> <1434220861.2834.1.camel@z-51.de> Message-ID: <20150613195706.GL15209@mx.grmbl.net> On Sat, Jun 13, 2015 at 03:41:26PM -0400, Steve Matzura wrote: > >> > > Trying ::1... # this is certainly suspect > >> > > Escape character is '^['. > >> > > Connection closed by foreign host. This means the daemon is listening but errors out before able to process. Check the logs. Might be a dependency not starting, wrong permissions, certificate wrong/expired, etc.. B From number6 at noisynotes.com Sat Jun 13 20:11:38 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Sat, 13 Jun 2015 16:11:38 -0400 Subject: Testin new installation In-Reply-To: <20150613195706.GL15209@mx.grmbl.net> References: <1434197790.6886.1.camel@z-51.de> <17qona185pa3mep66uod7ogabgtsv1ltjk@4ax.com> <1434220861.2834.1.camel@z-51.de> <20150613195706.GL15209@mx.grmbl.net> Message-ID: <493pna1oq60in3tkkmlc00el6g21o4lt9p@4ax.com> On Sat, 13 Jun 2015 21:57:06 +0200, you wrote: >On Sat, Jun 13, 2015 at 03:41:26PM -0400, Steve Matzura wrote: >> >> > > Trying ::1... # this is certainly suspect >> >> > > Escape character is '^['. >> >> > > Connection closed by foreign host. > >This means the daemon is listening but errors out before able to process. >Check the logs. >Might be a dependency not starting, wrong permissions, certificate wrong/expired, etc.. Oh yes! Sorry for not having checked this before. Jun 13 18:50:56 dovecot: master: Error: service(pop3-login): command startup failed, throttling for 2 secs Jun 13 19:30:26 dovecot: imap-login: Error: SSL: Stacked error: error:0608308E:digital envelope routines:EVP_PKEY_get1_EC_KEY:expecting a ec key Jun 13 19:30:26 dovecot: imap-login: Fatal: Can't load ssl_cert: error:0906D06C:PEM routines:PEM_read_bio:no start line Jun 13 19:30:26 dovecot: master: Error: service(imap-login): command startup failed, throttling for 60 secs Jun 13 19:31:27 dovecot: imap-login: Error: SSL: Stacked error: error:0608308E:digital envelope routines:EVP_PKEY_get1_EC_KEY:expecting a ec key Jun 13 19:31:27 dovecot: imap-login: Fatal: Can't load ssl_cert: error:0906D06C:PEM routines:PEM_read_bio:no start line Jun 13 19:31:27 dovecot: master: Error: service(imap-login): command startup failed, throttling for 60 secs Jun 13 19:33:04 dovecot: imap-login: Error: SSL: Stacked error: error:0608308E:digital envelope routines:EVP_PKEY_get1_EC_KEY:expecting a ec key Jun 13 19:33:04 dovecot: imap-login: Fatal: Can't load ssl_cert: error:0906D06C:PEM routines:PEM_read_bio:no start line Jun 13 19:33:04 dovecot: master: Error: service(imap-login): command startup failed, throttling for 60 secs I thought this was a possibility. It probably means I have concatenated incorrect elements to form the certificate files. From dovecot-m at homeinbox.net Sun Jun 14 09:46:40 2015 From: dovecot-m at homeinbox.net (Mark) Date: Sun, 14 Jun 2015 10:46:40 +0100 Subject: Large jumps in dovecot-uidlist Message-ID: <557D4D80.4020501@homeinbox.net> Since upgrading to Debian Wheezy I have been observing large jumps in the value stored in dovecot-uidlist. The effect of these jumps is to confuse some mail clients (Thunderbird, Opera Mail) causing them not to display messages from a (random?) point in time onwards in the affected folder. I have been unable to determine the root cause of these jumps. What I do know: 1. I never observed the problem while running Debian Squeeze. 2. The only way I have found to fix the issue is to remove all the dovecot* files from the affected folder and restart dovecot. I have tried removing various subsets of the dovecot* files but haven't yet found a subset that works. 3. I first tried upgrading from Squeeze to Wheezy within a few weeks of the Wheezy release. At that point the problem occurred so frequently that I couldn't sync my mail client with my mail box. Multiple folders exhibited this problem and while I was fixing them the problem appeared in other folders. I was unable to reach a point where the system was stable so I reverted back to Squeeze. 4. Some time later (I think a year but I am not sure) I tried the upgrade to Wheezy again. This time the system was stable. After a few days I noticed that the problem was still occurring but less frequently. Since then I have been fixing the problem as I notice it and experimenting with various settings (mainly locking related) without success. I now have a cron job that looks for problematic folders and fixes them when found. 5. I have updated Dovecot packages to those from Jessie via wheezy-backports and the problem still occurs. 6. Dovecot is installed along with postfix, amavisd-new, clamav-daemon, procmail and fetchmail. 7. The mail server is running on a eSATA SheevaPlug that boots of an external USB drive. All user home dirs (and associated mailboxes) are located on a LUKS/ext3 encrypted partition. 8. The output of dovecot -n may be found at the end of this mail. 9. Uid values for the three most recent instances of this problem are: 3801596527, 3371927249, 3443181615 10. Some folders seem more susceptible to this problem but I have not been able to identify any common factors/triggers. 11. The problem occurs - on average - once a day. I am happy to provide any further information, configure any debug logging and/or test suggested configuration settings that may help track down the root cause of this problem. Any help gratefully appreciated. Mark # 2.2.13: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-4-kirkwood armv5tel Debian 7.8 mail_debug = yes mail_location = maildir:~/Maildir mail_max_userip_connections = 100 namespace { inbox = yes location = mailbox { special_use = \Drafts name = Drafts } mailbox { special_use = \Junk name = Junk } mailbox { special_use = \Sent name = Sent } mailbox { special_use = \Sent name = Sent Messages } mailbox { special_use = \Trash name = Trash } prefix = name = inbox } passdb { driver = pam } protocols = " imap" service replication-notify-fifo { name = aggregator } service anvil-auth-penalty { name = anvil } service auth-worker { name = auth-worker } service { unix_listener { group = postfix mode = 0666 user = postfix path = /var/spool/postfix/private/auth-client } name = auth } service config { name = config } service dict { name = dict } service login/proxy-notify { name = director } service dns-client { name = dns_client } service doveadm-server { name = doveadm } service { inet_listener { port = 0 name = imap } inet_listener { port = 993 ssl = yes name = imaps } process_min_avail = 5 name = imap-login } service imap-urlauth { name = imap-urlauth-login } service imap-urlauth-worker { name = imap-urlauth-worker } service token-login/imap-urlauth { name = imap-urlauth } service { executable = imap postlogin name = imap } service indexer-worker { name = indexer-worker } service indexer { name = indexer } service ipc { name = ipc } service lmtp { name = lmtp } service log-errors { name = log } service pop3 { name = pop3-login } service login/pop3 { name = pop3 } service { executable = script-login -d rawlog name = postlogin } service replicator-doveadm { name = replicator } service login/ssl-params { name = ssl-params } service stats-mail { name = stats } ssl_cert = References: <1434197790.6886.1.camel@z-51.de> <60B18E94-80FB-4CE8-BDA1-26207A8E3611@pettijohn-web.com> Message-ID: <557D5061.5020501@enas.net> Hi, > ssl_cert = /etc/pki/dovecot/certs/tbv2015.crt This is not correct. It should be: ssl_cert = References: <1434197790.6886.1.camel@z-51.de> <60B18E94-80FB-4CE8-BDA1-26207A8E3611@pettijohn-web.com> <557D5061.5020501@enas.net> Message-ID: Urban: On Sun, 14 Jun 2015 11:58:57 +0200, you wrote: > >> ssl_cert = /etc/pki/dovecot/certs/tbv2015.crt >This is not correct. It should be: > >ssl_cert = That one was my fault. That's what it is inside 10-ssl.conf, but because I typed the mail message manually, I forgot the `<'. It appears, however, that I may have solved the problem with the certificates. I happened to look at the file size of tgv2015.crt and noticed it was incorrect, which meant I created it incorrectly. I recreated it, restarted DOvecot, and have not seen the file open errors. I'll continue with testing. From infoomatic at gmx.at Sun Jun 14 11:09:18 2015 From: infoomatic at gmx.at (Infoomatic) Date: Sun, 14 Jun 2015 13:09:18 +0200 Subject: Aw: fts_solr Bad Request / BUG: Unknown internal error In-Reply-To: <916338ff45f3ef202b7b4509756940e8@bunbun.be> References: <916338ff45f3ef202b7b4509756940e8@bunbun.be> Message-ID: Hi, I had the same experience. I used the current dovecot and SOLR 5.2. It works with 4.10, so my first wild guess would be that there is a bug in dovecots url encoding sending to solr (they possibly updated some stuff in url handling? - don't know). In SOLR 5.2 i created a core "mail3" and copied the config from my working 4.10 installation. Indexing new messages seem to work, but searching gives a http 400 error. Firing up the query in solrs web interface works ... one of my test cases was select?fl=uid,score&rows=3&sort=uid+asc&q=subject:%22blubb%22&fq=%2Bbox:b624920e60057c554e4a0000df211752+%2Buser:%22user%22 For further reference see http://mail-archives.apache.org/mod_mbox/lucene-solr-user/201506.mbox/browser Could the devs please have a look at this, it might hopefully be just a small change. regards, infoomatic > Gesendet: Freitag, 12. Juni 2015 um 11:19 Uhr > Von: "Nick Rosier" > An: dovecot at dovecot.org > Betreff: fts_solr Bad Request / BUG: Unknown internal error > > Hi, > > yesterday I created a new mailbox; ever since (and only for the new > mailbox) I am getting these errors: > > 2015-06-12T00:00:29.808526+02:00 mail dovecot: > indexer-worker(xxx at example.com): Error: fts_solr: Lookup failed: Bad > Request > 2015-06-12T00:00:29.808560+02:00 mail dovecot: > indexer-worker(xxx at example.com): Error: Mailbox INBOX: Status lookup > failed: BUG: Unknown internal error > > Is this a known issue? > Rgds, > N. > From infoomatic at gmx.at Sun Jun 14 11:14:28 2015 From: infoomatic at gmx.at (Infoomatic) Date: Sun, 14 Jun 2015 13:14:28 +0200 Subject: Aw: fts_solr Bad Request / BUG: Unknown internal error In-Reply-To: References: <916338ff45f3ef202b7b4509756940e8@bunbun.be>, Message-ID: oops, sorry, the reference is http://mail-archives.apache.org/mod_mbox/lucene-solr-user/201506.mbox/%3Ctrinity-f5cc6586-2f21-4028-a5f6-a0e523d7129a-1434194382936%403capp-gmx-bs50%3E > Gesendet: Sonntag, 14. Juni 2015 um 13:09 Uhr > Von: Infoomatic > An: "Dovecot ML" > Betreff: Aw: fts_solr Bad Request / BUG: Unknown internal error > > Hi, > I had the same experience. I used the current dovecot and SOLR 5.2. It works with 4.10, so my first wild guess would be that there is a bug in dovecots url encoding sending to solr (they possibly updated some stuff in url handling? - don't know). > > In SOLR 5.2 i created a core "mail3" and copied the config from my working 4.10 installation. Indexing new messages seem to work, but searching gives a http 400 error. > > Firing up the query in solrs web interface works ... one of my test cases was select?fl=uid,score&rows=3&sort=uid+asc&q=subject:%22blubb%22&fq=%2Bbox:b624920e60057c554e4a0000df211752+%2Buser:%22user%22 > > For further reference see http://mail-archives.apache.org/mod_mbox/lucene-solr-user/201506.mbox/browser > > Could the devs please have a look at this, it might hopefully be just a small change. > > regards, > infoomatic > > > Gesendet: Freitag, 12. Juni 2015 um 11:19 Uhr > > Von: "Nick Rosier" > > An: dovecot at dovecot.org > > Betreff: fts_solr Bad Request / BUG: Unknown internal error > > > > Hi, > > > > yesterday I created a new mailbox; ever since (and only for the new > > mailbox) I am getting these errors: > > > > 2015-06-12T00:00:29.808526+02:00 mail dovecot: > > indexer-worker(xxx at example.com): Error: fts_solr: Lookup failed: Bad > > Request > > 2015-06-12T00:00:29.808560+02:00 mail dovecot: > > indexer-worker(xxx at example.com): Error: Mailbox INBOX: Status lookup > > failed: BUG: Unknown internal error > > > > Is this a known issue? > > Rgds, > > N. > > > From number6 at noisynotes.com Sun Jun 14 12:03:28 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Sun, 14 Jun 2015 08:03:28 -0400 Subject: Testin new installation In-Reply-To: References: <1434197790.6886.1.camel@z-51.de> <60B18E94-80FB-4CE8-BDA1-26207A8E3611@pettijohn-web.com> <557D5061.5020501@enas.net> Message-ID: Alex, et al., I spoke too soon. Upon close examination of /var/log/maillog, the errors previously reported via the maillog extracts only happen when I attempt to test the imap connection. Everything appears correctly set up, defined, etc. It's now down to the certificates themselves I think. I have the following files: . A file containing the certificate as issued by the certifying uthority that sold it to me. This file has a .CRT extension. . The certifying authority's standard (or intermediate) certificate. This file has a .PEM extension. . The private key file I generated when I created the CSR which was submitted to the certifying authority to create the signed certificate for my domain. This file has a .KEY extension. I created the certificate file by opening a new text buffer in the editor of my choice and reading in the first and second of the above three files, then saving the concatenated buffer as /etc/pki/dovecot/certs/tgv2015.crt From jost+lists at dimejo.at Sun Jun 14 13:54:23 2015 From: jost+lists at dimejo.at (Alex JOST) Date: Sun, 14 Jun 2015 15:54:23 +0200 Subject: Testin new installation In-Reply-To: <493pna1oq60in3tkkmlc00el6g21o4lt9p@4ax.com> References: <1434197790.6886.1.camel@z-51.de> <17qona185pa3mep66uod7ogabgtsv1ltjk@4ax.com> <1434220861.2834.1.camel@z-51.de> <20150613195706.GL15209@mx.grmbl.net> <493pna1oq60in3tkkmlc00el6g21o4lt9p@4ax.com> Message-ID: <557D878F.5000404@dimejo.at> Am 13.06.2015 um 22:11 schrieb Steve Matzura: > On Sat, 13 Jun 2015 21:57:06 +0200, you wrote: > >> On Sat, Jun 13, 2015 at 03:41:26PM -0400, Steve Matzura wrote: >>>>>>> Trying ::1... # this is certainly suspect >>>>>>> Escape character is '^['. >>>>>>> Connection closed by foreign host. >> >> This means the daemon is listening but errors out before able to process. >> Check the logs. >> Might be a dependency not starting, wrong permissions, certificate wrong/expired, etc.. > > Oh yes! Sorry for not having checked this before. > > Jun 13 18:50:56 dovecot: master: Error: service(pop3-login): > command startup failed, throttling for 2 secs > Jun 13 19:30:26 dovecot: imap-login: Error: SSL: Stacked > error: error:0608308E:digital envelope > routines:EVP_PKEY_get1_EC_KEY:expecting a ec key > Jun 13 19:30:26 dovecot: imap-login: Fatal: Can't load > ssl_cert: error:0906D06C:PEM routines:PEM_read_bio:no start line > Jun 13 19:30:26 dovecot: master: Error: service(imap-login): > command startup failed, throttling for 60 secs > Jun 13 19:31:27 dovecot: imap-login: Error: SSL: Stacked > error: error:0608308E:digital envelope > routines:EVP_PKEY_get1_EC_KEY:expecting a ec key > Jun 13 19:31:27 dovecot: imap-login: Fatal: Can't load > ssl_cert: error:0906D06C:PEM routines:PEM_read_bio:no start line > Jun 13 19:31:27 dovecot: master: Error: service(imap-login): > command startup failed, throttling for 60 secs > Jun 13 19:33:04 dovecot: imap-login: Error: SSL: Stacked > error: error:0608308E:digital envelope > routines:EVP_PKEY_get1_EC_KEY:expecting a ec key > Jun 13 19:33:04 dovecot: imap-login: Fatal: Can't load > ssl_cert: error:0906D06C:PEM routines:PEM_read_bio:no start line > Jun 13 19:33:04 dovecot: master: Error: service(imap-login): > command startup failed, throttling for 60 secs > > I thought this was a possibility. It probably means I have > concatenated incorrect elements to form the certificate files. > Looks like there is something wrong with the format of your certificates. Do your files contain the start and end lines? The private key file should look like this: -----BEGIN RSA PRIVATE KEY----- cWgpJPyTE7yxI7cqREE8ULqn4eVJ85YckBNooOXGiumSkoTske7XIGNvRQWkpFUN [...] 4LMADvl806xkVkoWDGqJvN2MrN4qeRWuiTQ4tqmi0xp8wfoKWD0q4A== -----END RSA PRIVATE KEY----- The public certificates file should look like this: -----BEGIN CERTIFICATE----- DwAwggEKAoIBAQCxpX2YsLeMT3GIMDtdJIoVkT+qe5PrpPL3omglJ+sKXnulM8JP [... more stuff from your domains cert ...] VmXZvW8oF1yaSQ/lSXZZ5Cg7mFZqqGrO5Sr15ZrduPlgdQ== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MDBaFw0yNDAyMjAxMDAwMDBaMEwxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i [... more stuff from your intermediate cert ...] AQAwHQYDVR0OBBYEFPXN1TwIUPlqTzq3l9pWg+Zp0mj3MEUGA1UdIAQ+MDwwOg== -----END CERTIFICATE----- -- Alex JOST From jost+lists at dimejo.at Sun Jun 14 13:56:37 2015 From: jost+lists at dimejo.at (Alex JOST) Date: Sun, 14 Jun 2015 15:56:37 +0200 Subject: Testin new installation In-Reply-To: References: <1434197790.6886.1.camel@z-51.de> <60B18E94-80FB-4CE8-BDA1-26207A8E3611@pettijohn-web.com> <557D5061.5020501@enas.net> Message-ID: <557D8815.1080903@dimejo.at> Am 14.06.2015 um 14:03 schrieb Steve Matzura: > Alex, et al., > > I spoke too soon. Upon close examination of /var/log/maillog, the > errors previously reported via the maillog extracts only happen when I > attempt to test the imap connection. Everything appears correctly set > up, defined, etc. It's now down to the certificates themselves I > think. I have the following files: > > . A file containing the certificate as issued by the certifying > uthority that sold it to me. This file has a .CRT extension. > > . The certifying authority's standard (or intermediate) certificate. > This file has a .PEM extension. > > . The private key file I generated when I created the CSR which was > submitted to the certifying authority to create the signed certificate > for my domain. This file has a .KEY extension. > > I created the certificate file by opening a new text buffer in the > editor of my choice and reading in the first and second of the above > three files, then saving the concatenated buffer as > /etc/pki/dovecot/certs/tgv2015.crt > IMHO the easiest way to do this: cat mydomain_cert.pem intermediate_cert.pem > new_cert_bunddle.pem -- Alex JOST From infoomatic at gmx.at Sun Jun 14 15:20:01 2015 From: infoomatic at gmx.at (Infoomatic) Date: Sun, 14 Jun 2015 17:20:01 +0200 Subject: dovecot only partially indexing ... fts Message-ID: hi, I have a setup using solr as fts, however it seems that when I move messages it does not automatically index the stuff. Also, when using sieve scripts to store messages in different folders I get: dovecot: indexer-worker(user): Indexed 0 messages in testfolder If I get a mail to normal INBOX I get dovecot: indexer-worker(user): Indexed 1 messages in INBOX doveadm index -u user '*' does the trick, however, I have set "fts_autoindex = yes" ... the relevant part of doveconf -n: mail_plugins = fts fts_solr zlib acl quota zlib fts fts_solr acl plugin { fts = solr fts_autoindex = yes fts_solr = url=http://localhost:8983/solr/ break-imap-search sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = +notify +imapflags } protocol lda { mail_plugins = fts fts_solr zlib sieve acl } protocol imap { mail_plugins = fts fts_solr zlib acl quota imap_acl imap_quota } is this normal behaviour or did I screw something up? TIA, infoomatic From number6 at noisynotes.com Sun Jun 14 17:10:38 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Sun, 14 Jun 2015 13:10:38 -0400 Subject: Testin new installation In-Reply-To: <557D878F.5000404@dimejo.at> References: <1434197790.6886.1.camel@z-51.de> <17qona185pa3mep66uod7ogabgtsv1ltjk@4ax.com> <1434220861.2834.1.camel@z-51.de> <20150613195706.GL15209@mx.grmbl.net> <493pna1oq60in3tkkmlc00el6g21o4lt9p@4ax.com> <557D878F.5000404@dimejo.at> Message-ID: The public cert part is good, but the private one begins with "Begin private key", not "RSA key." On Sun, 14 Jun 2015 15:54:23 +0200, you wrote: >Am 13.06.2015 um 22:11 schrieb Steve Matzura: >> On Sat, 13 Jun 2015 21:57:06 +0200, you wrote: >> >>> On Sat, Jun 13, 2015 at 03:41:26PM -0400, Steve Matzura wrote: >>>>>>>> Trying ::1... # this is certainly suspect >>>>>>>> Escape character is '^['. >>>>>>>> Connection closed by foreign host. >>> >>> This means the daemon is listening but errors out before able to process. >>> Check the logs. >>> Might be a dependency not starting, wrong permissions, certificate wrong/expired, etc.. >> >> Oh yes! Sorry for not having checked this before. >> >> Jun 13 18:50:56 dovecot: master: Error: service(pop3-login): >> command startup failed, throttling for 2 secs >> Jun 13 19:30:26 dovecot: imap-login: Error: SSL: Stacked >> error: error:0608308E:digital envelope >> routines:EVP_PKEY_get1_EC_KEY:expecting a ec key >> Jun 13 19:30:26 dovecot: imap-login: Fatal: Can't load >> ssl_cert: error:0906D06C:PEM routines:PEM_read_bio:no start line >> Jun 13 19:30:26 dovecot: master: Error: service(imap-login): >> command startup failed, throttling for 60 secs >> Jun 13 19:31:27 dovecot: imap-login: Error: SSL: Stacked >> error: error:0608308E:digital envelope >> routines:EVP_PKEY_get1_EC_KEY:expecting a ec key >> Jun 13 19:31:27 dovecot: imap-login: Fatal: Can't load >> ssl_cert: error:0906D06C:PEM routines:PEM_read_bio:no start line >> Jun 13 19:31:27 dovecot: master: Error: service(imap-login): >> command startup failed, throttling for 60 secs >> Jun 13 19:33:04 dovecot: imap-login: Error: SSL: Stacked >> error: error:0608308E:digital envelope >> routines:EVP_PKEY_get1_EC_KEY:expecting a ec key >> Jun 13 19:33:04 dovecot: imap-login: Fatal: Can't load >> ssl_cert: error:0906D06C:PEM routines:PEM_read_bio:no start line >> Jun 13 19:33:04 dovecot: master: Error: service(imap-login): >> command startup failed, throttling for 60 secs >> >> I thought this was a possibility. It probably means I have >> concatenated incorrect elements to form the certificate files. >> > >Looks like there is something wrong with the format of your >certificates. Do your files contain the start and end lines? > > >The private key file should look like this: >-----BEGIN RSA PRIVATE KEY----- >cWgpJPyTE7yxI7cqREE8ULqn4eVJ85YckBNooOXGiumSkoTske7XIGNvRQWkpFUN >[...] >4LMADvl806xkVkoWDGqJvN2MrN4qeRWuiTQ4tqmi0xp8wfoKWD0q4A== >-----END RSA PRIVATE KEY----- > > >The public certificates file should look like this: >-----BEGIN CERTIFICATE----- >DwAwggEKAoIBAQCxpX2YsLeMT3GIMDtdJIoVkT+qe5PrpPL3omglJ+sKXnulM8JP >[... more stuff from your domains cert ...] >VmXZvW8oF1yaSQ/lSXZZ5Cg7mFZqqGrO5Sr15ZrduPlgdQ== >-----END CERTIFICATE----- >-----BEGIN CERTIFICATE----- >MDBaFw0yNDAyMjAxMDAwMDBaMEwxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i >[... more stuff from your intermediate cert ...] >AQAwHQYDVR0OBBYEFPXN1TwIUPlqTzq3l9pWg+Zp0mj3MEUGA1UdIAQ+MDwwOg== >-----END CERTIFICATE----- From number6 at noisynotes.com Sun Jun 14 17:12:24 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Sun, 14 Jun 2015 13:12:24 -0400 Subject: Testin new installation In-Reply-To: <557D8815.1080903@dimejo.at> References: <1434197790.6886.1.camel@z-51.de> <60B18E94-80FB-4CE8-BDA1-26207A8E3611@pettijohn-web.com> <557D5061.5020501@enas.net> <557D8815.1080903@dimejo.at> Message-ID: On Sun, 14 Jun 2015 15:56:37 +0200, you wrote: >IMHO the easiest way to do this: >cat mydomain_cert.pem intermediate_cert.pem > new_cert_bunddle.pem OK, but only one of my files is in .PEM format. I'll do this and get back to you in about 45 minutes. From number6 at noisynotes.com Sun Jun 14 17:16:47 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Sun, 14 Jun 2015 13:16:47 -0400 Subject: Testin new installation In-Reply-To: <557D8815.1080903@dimejo.at> References: <1434197790.6886.1.camel@z-51.de> <60B18E94-80FB-4CE8-BDA1-26207A8E3611@pettijohn-web.com> <557D5061.5020501@enas.net> <557D8815.1080903@dimejo.at> Message-ID: On Sun, 14 Jun 2015 15:56:37 +0200, you wrote: >IMHO the easiest way to do this: >cat mydomain_cert.pem intermediate_cert.pem > new_cert_bunddle.pem OK, just tried it. The resultant catted file is identical to the one I created with a text editor. From edgar at pettijohn-web.com Sun Jun 14 17:30:40 2015 From: edgar at pettijohn-web.com (Edgar Pettijohn III) Date: Sun, 14 Jun 2015 12:30:40 -0500 Subject: Testin new installation In-Reply-To: References: <1434197790.6886.1.camel@z-51.de> <17qona185pa3mep66uod7ogabgtsv1ltjk@4ax.com> <1434220861.2834.1.camel@z-51.de> <20150613195706.GL15209@mx.grmbl.net> <493pna1oq60in3tkkmlc00el6g21o4lt9p@4ax.com> <557D878F.5000404@dimejo.at> Message-ID: <8DA85EC2-7EBE-4855-A7A9-E211B655E32F@pettijohn-web.com> I think I saw mention of "notepad" previously. If this is the case there may be some "dos" formatting that is messing things up. On Jun 14, 2015, at 12:10 PM, Steve Matzura wrote: > The public cert part is good, but the private one begins with "Begin > private key", not "RSA key." > > On Sun, 14 Jun 2015 15:54:23 +0200, you wrote: > >> Am 13.06.2015 um 22:11 schrieb Steve Matzura: >>> On Sat, 13 Jun 2015 21:57:06 +0200, you wrote: >>> >>>> On Sat, Jun 13, 2015 at 03:41:26PM -0400, Steve Matzura wrote: >>>>>>>>> Trying ::1... # this is certainly suspect >>>>>>>>> Escape character is '^['. >>>>>>>>> Connection closed by foreign host. >>>> >>>> This means the daemon is listening but errors out before able to process. >>>> Check the logs. >>>> Might be a dependency not starting, wrong permissions, certificate wrong/expired, etc.. >>> >>> Oh yes! Sorry for not having checked this before. >>> >>> Jun 13 18:50:56 dovecot: master: Error: service(pop3-login): >>> command startup failed, throttling for 2 secs >>> Jun 13 19:30:26 dovecot: imap-login: Error: SSL: Stacked >>> error: error:0608308E:digital envelope >>> routines:EVP_PKEY_get1_EC_KEY:expecting a ec key >>> Jun 13 19:30:26 dovecot: imap-login: Fatal: Can't load >>> ssl_cert: error:0906D06C:PEM routines:PEM_read_bio:no start line >>> Jun 13 19:30:26 dovecot: master: Error: service(imap-login): >>> command startup failed, throttling for 60 secs >>> Jun 13 19:31:27 dovecot: imap-login: Error: SSL: Stacked >>> error: error:0608308E:digital envelope >>> routines:EVP_PKEY_get1_EC_KEY:expecting a ec key >>> Jun 13 19:31:27 dovecot: imap-login: Fatal: Can't load >>> ssl_cert: error:0906D06C:PEM routines:PEM_read_bio:no start line >>> Jun 13 19:31:27 dovecot: master: Error: service(imap-login): >>> command startup failed, throttling for 60 secs >>> Jun 13 19:33:04 dovecot: imap-login: Error: SSL: Stacked >>> error: error:0608308E:digital envelope >>> routines:EVP_PKEY_get1_EC_KEY:expecting a ec key >>> Jun 13 19:33:04 dovecot: imap-login: Fatal: Can't load >>> ssl_cert: error:0906D06C:PEM routines:PEM_read_bio:no start line >>> Jun 13 19:33:04 dovecot: master: Error: service(imap-login): >>> command startup failed, throttling for 60 secs >>> >>> I thought this was a possibility. It probably means I have >>> concatenated incorrect elements to form the certificate files. >>> >> >> Looks like there is something wrong with the format of your >> certificates. Do your files contain the start and end lines? >> >> >> The private key file should look like this: >> -----BEGIN RSA PRIVATE KEY----- >> cWgpJPyTE7yxI7cqREE8ULqn4eVJ85YckBNooOXGiumSkoTske7XIGNvRQWkpFUN >> [...] >> 4LMADvl806xkVkoWDGqJvN2MrN4qeRWuiTQ4tqmi0xp8wfoKWD0q4A== >> -----END RSA PRIVATE KEY----- >> >> >> The public certificates file should look like this: >> -----BEGIN CERTIFICATE----- >> DwAwggEKAoIBAQCxpX2YsLeMT3GIMDtdJIoVkT+qe5PrpPL3omglJ+sKXnulM8JP >> [... more stuff from your domains cert ...] >> VmXZvW8oF1yaSQ/lSXZZ5Cg7mFZqqGrO5Sr15ZrduPlgdQ== >> -----END CERTIFICATE----- >> -----BEGIN CERTIFICATE----- >> MDBaFw0yNDAyMjAxMDAwMDBaMEwxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i >> [... more stuff from your intermediate cert ...] >> AQAwHQYDVR0OBBYEFPXN1TwIUPlqTzq3l9pWg+Zp0mj3MEUGA1UdIAQ+MDwwOg== >> -----END CERTIFICATE----- From tom at whyscream.net Sun Jun 14 17:58:14 2015 From: tom at whyscream.net (Tom Hendrikx) Date: Sun, 14 Jun 2015 19:58:14 +0200 Subject: Sorry, another faq In-Reply-To: References: Message-ID: <557DC0B6.8020109@whyscream.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 12-06-15 13:37, Martin S wrote: > I've installed a mailserver according to these instructions: > http://www.server-world.info/en/note?os=CentOS_7&p=httpd&f=13 When > I try to login to the server through Roundcube webmail I get > Connection to storage server failed. > > So checking on this > > [12-Jun-2015 11:28:53 +0000]: <6jap13r2> IMAP Error: Login failed > for martin from 83.251.209.249. Could not connect to > ssl://myserver:993: Permission denied in > /usr/share/roundcubemail/program/lib/Roundcube/rcube_imap.php on > line 198 (POST /roundcubemail/?.... > If this actually is Centos 7, selinux may also be the culprit. Keep an eye on audit logging when testing too. > /etc/roundcubemail/config.inc.php > > Has the following: $config['default_host'] = > 'ssl://mail.myserver.tld'; [address obfuscated] > $config['default_port'] = 993; > > as I understand should be correct. > > I've been looking at various posts on the net that says the problem > is a permission on dovecot, but I fail to find anything to how to > fix this as it looks right to me. > > Any suggestions? > > /Martin S > -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJVfcC2AAoJEJPfMZ19VO/1dIgP/iSaRHDt/lPaEh0YG1m/gj5k a6PGbXR+3XM+8KPBw6bLqYFleGEDNVv0D3fbdBeJ5NvDQ1fxFx8xyHsFk4iY8PAK 1xU0A3h3BgnPzTvNT51mlC8eOel7gCZZZcDXFzPEVQ02v61ypTLmcxdc3ThH7A2X luqfLvTCKt4FY5T5vsc/zBSbzvBgl9T+9oqL2Ei3s5qL5PrFAx74lyzFW+HDbEP1 0/yIsJvb36n3Yyj07+6pXqhhCbQDy6ZBYSOPJ7rX+uoD/AMCoTi8iIEprnDa77RN RU1K5bO0sj4AGbIR0cPPbbxaLTtlvfXnH8G5G8Ur/6XRUY6rtytTVjR4P/7jGVlV TDOToF2ju9YIn5lEdEw8Wck8J1SDgDbnkOxPazikxH3h9zs4tejlQjzePnmmywZf EmpYFsYNuCDdoAJWD6hNXD61MgQRNBZKIU42VcjJ/LiwMMRHc5uEVNBdCOupQRJ3 YVSSzydO7wN4yqly7OI4PqtCgRtqMp8JqPhlxS8Ks29Gqr1CXMMG20WLB1t0SaIe CPzcJMH+UYFgg0vNQcozCB8NrmgPwcJpwdFRki35bZvVhcAkZBfE48bBsmv9cmbH cXt3lV6mvC3oloiGTclvpRESgLN5h2vPtRNNO/Kfsj4SRt5RBfjSt/SlhWAEBkFv VfrOxi3oku4vtic7gnoH =z2oM -----END PGP SIGNATURE----- From number6 at noisynotes.com Sun Jun 14 19:17:02 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Sun, 14 Jun 2015 15:17:02 -0400 Subject: Testin new installation In-Reply-To: <8DA85EC2-7EBE-4855-A7A9-E211B655E32F@pettijohn-web.com> References: <1434197790.6886.1.camel@z-51.de> <17qona185pa3mep66uod7ogabgtsv1ltjk@4ax.com> <1434220861.2834.1.camel@z-51.de> <20150613195706.GL15209@mx.grmbl.net> <493pna1oq60in3tkkmlc00el6g21o4lt9p@4ax.com> <557D878F.5000404@dimejo.at> <8DA85EC2-7EBE-4855-A7A9-E211B655E32F@pettijohn-web.com> Message-ID: On Sun, 14 Jun 2015 12:30:40 -0500, you wrote: >I think I saw mention of "notepad" previously. If this is the case there may be some "dos" formatting that is messing things up. I didn't do it with Notepad. In fact, I did it on the Linux system in question using nano. From number6 at noisynotes.com Sun Jun 14 19:22:43 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Sun, 14 Jun 2015 15:22:43 -0400 Subject: Testin new installation In-Reply-To: <8DA85EC2-7EBE-4855-A7A9-E211B655E32F@pettijohn-web.com> References: <1434197790.6886.1.camel@z-51.de> <17qona185pa3mep66uod7ogabgtsv1ltjk@4ax.com> <1434220861.2834.1.camel@z-51.de> <20150613195706.GL15209@mx.grmbl.net> <493pna1oq60in3tkkmlc00el6g21o4lt9p@4ax.com> <557D878F.5000404@dimejo.at> <8DA85EC2-7EBE-4855-A7A9-E211B655E32F@pettijohn-web.com> Message-ID: Gere's the command I used to generate the CSR. It is really one line, even though your message display program may cause it to wrap midway: openssl req -nodes -newkey rsa:2048 -sha1 -keyout myserver.key -out server.csr From number6 at noisynotes.com Mon Jun 15 11:24:22 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Mon, 15 Jun 2015 07:24:22 -0400 Subject: More about my SSL certificate problem Message-ID: Someone, I don't remember whether it was Alex or Urban, asked me to check on my private keyfile to see if it began with "Begin RSA private key". I reported that it does not. Now here's where things get strange: When I ran the command: $ openssl req -nodes -newkey rsa:2048 -sha1 -keyout myserver.key -out server.csr on an old Ubuntu system, `myserver.key' does begin with "Begin RSA private key". But when I run that same command on a Fedora 20 system, the word "RSA" isn't there. Could this have anything to do with my 0906D06C error? From number6 at noisynotes.com Mon Jun 15 11:38:26 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Mon, 15 Jun 2015 07:38:26 -0400 Subject: More about my SSL certificate problem In-Reply-To: References: Message-ID: If I could remove this message from this list, I would! I just figured out what my problem was, and it's something I thought *FOR SURE* I had fixed. I've looked at this thing so many times, I fell into the trap of not seeing the forest for the trees. I had inadvertently omitted the '<' before the first certificate definition. I guess there really is something to the technique of walking away from a problem for a while--in this case, overnight--and then coming tack to it and seeing it as if for the first time. I am able to successfully connect via Telnet and will carry on with my testing and integration with Postfix. Thanks to all for their help. From b-dovecot.org at grmbl.net Mon Jun 15 11:44:39 2015 From: b-dovecot.org at grmbl.net (B) Date: Mon, 15 Jun 2015 13:44:39 +0200 Subject: More about my SSL certificate problem In-Reply-To: References: Message-ID: <20150615114439.GA37701@mx.grmbl.net> On Mon, Jun 15, 2015 at 07:38:26AM -0400, Steve Matzura wrote: > If I could remove this message from this list, I would! I just figured > out what my problem was, and it's something I thought *FOR SURE* I had > fixed. I've looked at this thing so many times, I fell into the trap > of not seeing the forest for the trees. I had inadvertently omitted > the '<' before the first certificate definition. I guess there really > is something to the technique of walking away from a problem for a > while--in this case, overnight--and then coming tack to it and seeing > it as if for the first time. I am able to successfully connect via > Telnet and will carry on with my testing and integration with Postfix. > Thanks to all for their help. Suspense.. What was it (for future reference)? B From number6 at noisynotes.com Mon Jun 15 13:19:50 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Mon, 15 Jun 2015 09:19:50 -0400 Subject: Problem logging in during testing Message-ID: Instructions at http://wiki2.dovecot.org/BasicConfiguration say the next thing to test after getting IMAP and Telnet working is to create a dummy user file with the following command: echo "$USER:{PLAIN}password:$UID:$GID::$HOME" > users And place it in /etc/dovecot and protect it appropriately. It was also edited to change the plain-text password from `password' to what it really is. The next section describes changes to 10-auth.conf and other things: If you used the example configuration files, switch to passwd-file by modifying conf.d/10-auth.conf: # Add '#' to comment out the system user login for now: #!include auth-system.conf.ext # Remove '#' to use passwd-file: !include auth-passwdfile.conf.ext In conf.d/auth-passwdfile.conf.ext you should have: passdb { driver = passwd-file args = scheme=CRYPT username_format=%u /etc/dovecot/users } userdb { driver = passwd-file args = username_format=%u /etc/dovecot/users } Verify with doveconf?-n?passdb?userdb that the output looks like above (and there are no other passdbs or userdbs). All done successfully. Now, when I telnet 127.0.0.1 143 and attempt to log in with the string: a login whether it's one in my users file or not, I get: a NO [AUTHENTICATIONFAILED] Authentication failed. From admin at awib.it Mon Jun 15 13:20:25 2015 From: admin at awib.it (admin) Date: Mon, 15 Jun 2015 15:20:25 +0200 Subject: More about my SSL certificate problem In-Reply-To: References: Message-ID: <1434374425.10707.14.camel@z51.office.awib.it> Am Montag, den 15.06.2015, 07:38 -0400 schrieb Steve Matzura: > If I could remove this message from this list, I would! I just figured > out what my problem was, and it's something I thought *FOR SURE* I had > fixed. I've looked at this thing so many times, I fell into the trap > of not seeing the forest for the trees. I had inadvertently omitted > the '<' before the first certificate definition. I guess there really > is something to the technique of walking away from a problem for a > while--in this case, overnight--and then coming tack to it and seeing > it as if for the first time. I am able to successfully connect via > Telnet and will carry on with my testing and integration with Postfix. > Thanks to all for their help. No need to. I'ts just another addition addition to a "knowledge" base, which might be helpful for someone else sometimes else. Congrats for your problem being solved and thanks for sharing it for further references. Regards, -M From number6 at noisynotes.com Mon Jun 15 13:28:29 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Mon, 15 Jun 2015 09:28:29 -0400 Subject: More about my SSL certificate problem In-Reply-To: <20150615114439.GA37701@mx.grmbl.net> References: <20150615114439.GA37701@mx.grmbl.net> Message-ID: <5nktnapd1kj64od6no2amed2osdph4giro@4ax.com> I wrote that. A missing `<' in front of the path to the main certificate file. On Mon, 15 Jun 2015 13:44:39 +0200, you wrote: >On Mon, Jun 15, 2015 at 07:38:26AM -0400, Steve Matzura wrote: >> If I could remove this message from this list, I would! I just figured >> out what my problem was, and it's something I thought *FOR SURE* I had >> fixed. I've looked at this thing so many times, I fell into the trap >> of not seeing the forest for the trees. I had inadvertently omitted >> the '<' before the first certificate definition. I guess there really >> is something to the technique of walking away from a problem for a >> while--in this case, overnight--and then coming tack to it and seeing >> it as if for the first time. I am able to successfully connect via >> Telnet and will carry on with my testing and integration with Postfix. >> Thanks to all for their help. > >Suspense.. > >What was it (for future reference)? > >B From number6 at noisynotes.com Mon Jun 15 13:32:39 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Mon, 15 Jun 2015 09:32:39 -0400 Subject: More about my SSL certificate problem In-Reply-To: <1434374425.10707.14.camel@z51.office.awib.it> References: <1434374425.10707.14.camel@z51.office.awib.it> Message-ID: What is the reasoning behind that `<' anyway? It just appears so odd that a path should have that at its front. On Mon, 15 Jun 2015 15:20:25 +0200, you wrote: >Am Montag, den 15.06.2015, 07:38 -0400 schrieb Steve Matzura: >> If I could remove this message from this list, I would! I just figured >> out what my problem was, and it's something I thought *FOR SURE* I had >> fixed. I've looked at this thing so many times, I fell into the trap >> of not seeing the forest for the trees. I had inadvertently omitted >> the '<' before the first certificate definition. I guess there really >> is something to the technique of walking away from a problem for a >> while--in this case, overnight--and then coming tack to it and seeing >> it as if for the first time. I am able to successfully connect via >> Telnet and will carry on with my testing and integration with Postfix. >> Thanks to all for their help. > >No need to. I'ts just another addition addition to a "knowledge" base, >which might be helpful for someone else sometimes else. > >Congrats for your problem being solved and thanks for sharing it for >further references. > >Regards, >-M From b-dovecot.org at grmbl.net Mon Jun 15 13:34:09 2015 From: b-dovecot.org at grmbl.net (B) Date: Mon, 15 Jun 2015 15:34:09 +0200 Subject: More about my SSL certificate problem In-Reply-To: <5nktnapd1kj64od6no2amed2osdph4giro@4ax.com> References: <20150615114439.GA37701@mx.grmbl.net> <5nktnapd1kj64od6no2amed2osdph4giro@4ax.com> Message-ID: <20150615133409.GC37701@mx.grmbl.net> On Mon, Jun 15, 2015 at 09:28:29AM -0400, Steve Matzura wrote: > I wrote that. A missing `<' in front of the path to the main > certificate file. Ironically I overlooked that. B From b-dovecot.org at grmbl.net Mon Jun 15 13:36:26 2015 From: b-dovecot.org at grmbl.net (B) Date: Mon, 15 Jun 2015 15:36:26 +0200 Subject: More about my SSL certificate problem In-Reply-To: References: <1434374425.10707.14.camel@z51.office.awib.it> Message-ID: <20150615133626.GD37701@mx.grmbl.net> On Mon, Jun 15, 2015 at 09:32:39AM -0400, Steve Matzura wrote: > What is the reasoning behind that `<' anyway? It just appears so odd > that a path should have that at its front. I would guess: - make it clearer it's a file and not a string - follow similar syntax as input redirection in sh/perl/.. B From sergey.schwartz at bgoperator.com Mon Jun 15 14:00:08 2015 From: sergey.schwartz at bgoperator.com (Sergey Schwartz) Date: Mon, 15 Jun 2015 17:00:08 +0300 Subject: dsync replication issues with shared mailboxes Message-ID: <557EDA68.4010108@bgoperator.com> Gentlemen, I've setup 2 servers with dsync replication and hit a serious issue - some messages got duplicated thousands times in some shared mailboxes(~5). There is actually no reason to replicate anything from shared name space and I've tried to limit replication scope with just 'inbox' name space but it didn't help. dovecot version ||2.2.18 (2de3c7248922) errors in the logs May 26 13:23:38 mx10 dovecot: doveadm: Error: dsync-remote(korobova at mydomain): Error: Mailbox turkey: Save commit failed: Message has been copied too many times (24498 + 8270) May 26 13:25:16 mx10 dovecot: doveadm: Error: dsync-remote(korobova at mydomain): Error: Mailbox turkey: Save commit failed: Message has been copied too many times (24498 + 8270) May 26 13:26:40 mx10 dovecot: dsync-local(zhelonkina at mydomain): Error: Mailbox booking: Save commit failed: Message has been copied too many times (0 + 32768) May 26 13:30:01 mx10 dovecot: dsync-local(kashchits at mydomain): Error: Mailbox shared/davydjanc at mydomain/russia: Save commit failed: Message has been copied too many times (17139 + 15629) May 26 13:30:01 mx10 dovecot: dsync-local(davydjanc at mydomain): Error: Mailbox russia: Save commit failed: Message has been copied too many times (17139 + 15629) May 26 13:30:01 mx10 dovecot: dsync-local(kapitanova at mydomain): Error: Mailbox shared/davydjanc at mydomain/russia: Save commit failed: Message has been copied too many times (17139 + 15629) May 26 13:30:03 mx10 dovecot: dsync-local(grinenko at mydomain): Error: Mailbox shared/davydjanc at mydomain/russia: Save commit failed: Message has been copied too many times (17139 + 15629) May 26 13:30:03 mx10 dovecot: dsync-local(maslova at mydomain): Error: Mailbox shared/davydjanc at mydomain/russia: Save commit failed: Message has been copied too many times (17139 + 15629) Data was not lost and I've been able to run deduplicate for most of mailboxes, but one mailbox got broken and I had to manually move message to another mailbox force-resync failed fot that mailbox doveadm(l.davydjanc at mydomain): Error: mdbox map /srv/vmail/current/mydomain/davydjanc/storage/dovecot.map.index corrupted: map_uid=361735 refcount too low Hope you guys have an idea how to work it around :) replication.conf dsync_remote_cmd = /usr/bin/ssh -i /home/vmail/.ssh/id_rsa -l %{login} %{host} doveadm dsync-server -u %u service aggregator { fifo_listener replication-notify-fifo { user = vmail mode = 0600 } unix_listener replication-notify { user = vmail mode = 0600 } process_min_avail = 1 } service replicator { unix_listener replicator-doveadm { user = vmail mode = 0600 } process_min_avail = 1 } service doveadm { user = vmail process_min_avail = 1 } service config { unix_listener config { user = vmail } process_min_avail = 1 } replication_max_conns = 50 replication_dsync_parameters = -d -n inbox -l 30 -U plugin { mail_replica = remote:vmail at mx20 } doveconf -n # 2.2.18 (2de3c7248922): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.8 # OS: Linux 3.13.0-34-generic x86_64 Ubuntu 14.04.2 LTS xfs auth_cache_negative_ttl = 0 auth_cache_size = 512 M auth_default_realm = mydomain auth_failure_delay = 5 secs auth_worker_max_count = 4096 default_client_limit = 40960 default_process_limit = 8192 default_vsz_limit = 2 G disable_plaintext_auth = no first_valid_gid = 500 mail_location = mdbox:/srv/vmail/current/%d/%n mail_plugins = acl zlib notify replication mail_shared_explicit_inbox = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mdbox_rotate_size = 32 M namespace { list = yes location = mdbox:/srv/vmail/current/%%d/%%n prefix = shared/%%u/ separator = / subscriptions = no type = shared } namespace inbox { inbox = yes location = mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Junk { auto = subscribe special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox Trash { auto = subscribe special_use = \Trash } prefix = separator = / } passdb { args = /etc/dovecot/virtual/base.conf.ext driver = sql } passdb { args = /etc/dovecot/virtual/master.conf.ext driver = sql } plugin { acl = vfile acl_shared_dict = file:/srv/vmail/current/shared.db/000-shared-mailboxes.db sieve = file:/srv/vmail/current/%d/%n/sieve;active=/srv/vmail/current/%d/%n/active.sieve sieve_max_redirects = 0 zlib_save = xz zlib_save_level = 6 } protocols = " imap lmtp sieve" service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } } service imap-login { process_min_avail = 24 } service imap { process_limit = 4096 } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } ssl_cert = References: Message-ID: <557EEDA5.2070607@dimejo.at> Am 15.06.2015 um 15:19 schrieb Steve Matzura: > Instructions at http://wiki2.dovecot.org/BasicConfiguration say the > next thing to test after getting IMAP and Telnet working is to create > a dummy user file with the following command: > > echo "$USER:{PLAIN}password:$UID:$GID::$HOME" > users > > And place it in /etc/dovecot and protect it appropriately. It was also > edited to change the plain-text password from `password' to what it > really is. > > The next section describes changes to 10-auth.conf and other things: > > If you used the example configuration files, switch to passwd-file by > modifying conf.d/10-auth.conf: > > # Add '#' to comment out the system user login for now: > #!include auth-system.conf.ext > # Remove '#' to use passwd-file: > !include auth-passwdfile.conf.ext > > In conf.d/auth-passwdfile.conf.ext you should have: > > passdb { > driver = passwd-file > args = scheme=CRYPT username_format=%u /etc/dovecot/users > } > userdb { > driver = passwd-file > args = username_format=%u /etc/dovecot/users > } > > Verify with doveconf -n passdb userdb that the output looks like above > (and there are no other passdbs or userdbs). > > All done successfully. > > Now, when I telnet 127.0.0.1 143 and attempt to log in with the > string: > > a login > > whether it's one in my users file or not, I get: > > a NO [AUTHENTICATIONFAILED] Authentication failed. > Logs might give you a clue what exactly doesn't work. -- Alex JOST From ml+dovecot at valo.at Mon Jun 15 15:42:47 2015 From: ml+dovecot at valo.at (Christian Kivalo) Date: Mon, 15 Jun 2015 17:42:47 +0200 Subject: Problem logging in during testing In-Reply-To: <557EEDA5.2070607@dimejo.at> References: <557EEDA5.2070607@dimejo.at> Message-ID: <73EFD049-0B91-4EF3-8A35-E2D8398906E4@valo.at> >> passdb { >> driver = passwd-file >> args = scheme=CRYPT username_format=%u /etc/dovecot/users >> } have you created/generated a password to be used with the crypt scheme? you can use doveadm pw for this. - christian From fzielcke at z-51.de Mon Jun 15 16:20:07 2015 From: fzielcke at z-51.de (Felix Zielcke) Date: Mon, 15 Jun 2015 18:20:07 +0200 Subject: Testin new installation In-Reply-To: References: <1434197790.6886.1.camel@z-51.de> <17qona185pa3mep66uod7ogabgtsv1ltjk@4ax.com> <1434220861.2834.1.camel@z-51.de> <20150613195706.GL15209@mx.grmbl.net> <493pna1oq60in3tkkmlc00el6g21o4lt9p@4ax.com> <557D878F.5000404@dimejo.at> Message-ID: <1434385207.4524.4.camel@z-51.de> Am Sonntag, den 14.06.2015, 13:10 -0400 schrieb Steve Matzura: > The public cert part is good, but the private one begins with "Begin > private key", not "RSA key." > I generated my own dovecot CSR with certtool from gnutls-bin which indeed adds 'RSA Private Key' But that openssl command you used does it without the RSA If the Key and Certificate has been correctly generated can be checked with the gnutls certtool: 1 certtool -k < myserver.key | less certtool -i < cert.pem | less (or whatever you called the signed certificate) It outputs the key with the RSA line added. Maybe just try that out From fzielcke at z-51.de Mon Jun 15 16:46:34 2015 From: fzielcke at z-51.de (Felix Zielcke) Date: Mon, 15 Jun 2015 18:46:34 +0200 Subject: Large jumps in dovecot-uidlist In-Reply-To: <557D4D80.4020501@homeinbox.net> References: <557D4D80.4020501@homeinbox.net> Message-ID: <1434386794.4524.9.camel@z-51.de> Am Sonntag, den 14.06.2015, 10:46 +0100 schrieb Mark: > Since upgrading to Debian Wheezy ... > # 2.2.13: /etc/dovecot/dovecot.conf > # OS: Linux 3.2.0-4-kirkwood armv5tel Debian 7.8 So it's dovecot from the backports. Didn't you notice that since about 2 months there's now jessie out? That has 2.2.13 too but maybe it's an issue outside of dovecot in some library. Or just a bug in the backport. I have no problem at all with my dovecot under jessie. But it's currently only responsible for my own private mails. So it hasn't much to do. Oh and now by looking again at your full mail: I mainly use IMAP + Evolution or on my Android Smartphone K-9 Mail to access them. From symbiat at gmail.com Mon Jun 15 16:47:03 2015 From: symbiat at gmail.com (Ajai Khattri) Date: Mon, 15 Jun 2015 12:47:03 -0400 Subject: What became of dovecot.passwd? In-Reply-To: References: Message-ID: Im assuming you found "doveadm" ? On Thu, Jun 11, 2015 at 11:09 AM, Steve Matzura wrote: > passwd solved. > -- Aj. Facebook Enoland From fzielcke at z-51.de Mon Jun 15 16:49:14 2015 From: fzielcke at z-51.de (Felix Zielcke) Date: Mon, 15 Jun 2015 18:49:14 +0200 Subject: More about my SSL certificate problem In-Reply-To: <20150615133626.GD37701@mx.grmbl.net> References: <1434374425.10707.14.camel@z51.office.awib.it> <20150615133626.GD37701@mx.grmbl.net> Message-ID: <1434386954.4524.11.camel@z-51.de> Am Montag, den 15.06.2015, 15:36 +0200 schrieb B: > On Mon, Jun 15, 2015 at 09:32:39AM -0400, Steve Matzura wrote: > > What is the reasoning behind that `<' anyway? It just appears so > > odd > > that a path should have that at its front. > > > I would guess: > - make it clearer it's a file and not a string > - follow similar syntax as input redirection in sh/perl/.. > > B I think it's just to make the code of the config parser more simple. So these 2 variables don't need special handling, because the most users want to directly specify a file in there. Where all other stuff in the config doestn't by default specify a file. From fzielcke at z-51.de Mon Jun 15 16:53:15 2015 From: fzielcke at z-51.de (Felix Zielcke) Date: Mon, 15 Jun 2015 18:53:15 +0200 Subject: Problem logging in during testing In-Reply-To: <73EFD049-0B91-4EF3-8A35-E2D8398906E4@valo.at> References: <557EEDA5.2070607@dimejo.at> <73EFD049-0B91-4EF3-8A35-E2D8398906E4@valo.at> Message-ID: <1434387195.4524.13.camel@z-51.de> Am Montag, den 15.06.2015, 17:42 +0200 schrieb Christian Kivalo: > > > > > passdb { > > > driver = passwd-file > > > args = scheme=CRYPT username_format=%u /etc/dovecot/users > > > } > > have you created/generated a password to be used with the crypt > scheme? > > you can use doveadm pw for this. > > - christian That shouldn't matter as long as the {PLAIN} really is there. The scheme arg should only specify the default if the {} prefix isn't there before the password. But did you restart dovecot after changing your config? From number6 at noisynotes.com Mon Jun 15 16:59:18 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Mon, 15 Jun 2015 12:59:18 -0400 Subject: Problem logging in during testing In-Reply-To: <557EEDA5.2070607@dimejo.at> References: <557EEDA5.2070607@dimejo.at> Message-ID: On Mon, 15 Jun 2015 17:22:13 +0200, you wrote: >> Now, when I telnet 127.0.0.1 143 and attempt to log in with the >> string: >> >> a login >> >> whether it's one in my users file or not, I get: >> >> a NO [AUTHENTICATIONFAILED] Authentication failed. >> > >Logs might give you a clue what exactly doesn't work. Found one problem in maillog. mail_uid and mail_gid weren't defined. I didn't define them manually because I thought they defaulted to vmail. Now they are defined that way. These are a mystery: Jun 15 16:45:15 dovecot: imap-login: Login: user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=1428, secured, session= Jun 15 16:45:15 dovecot: imap(admin): Error: User initialization failed: Namespace '': Mail storage autodetection failed with home=/home/admin Jun 15 16:45:15 dovecot: imap(admin): Error: Invalid user settings. Refer to server log for more information. ~doveadm log find' says everything goes to /var/log/maillog, so that's all I have. From number6 at noisynotes.com Mon Jun 15 17:00:40 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Mon, 15 Jun 2015 13:00:40 -0400 Subject: Problem logging in during testing In-Reply-To: <73EFD049-0B91-4EF3-8A35-E2D8398906E4@valo.at> References: <557EEDA5.2070607@dimejo.at> <73EFD049-0B91-4EF3-8A35-E2D8398906E4@valo.at> Message-ID: On Mon, 15 Jun 2015 17:42:47 +0200, you wrote: > > > >>> passdb { >>> driver = passwd-file >>> args = scheme=CRYPT username_format=%u /etc/dovecot/users >>> } > >have you created/generated a password to be used with the crypt scheme? > >you can use doveadm pw for this. No. I should try that. From dovecot-m at homeinbox.net Mon Jun 15 17:04:50 2015 From: dovecot-m at homeinbox.net (Mark) Date: Mon, 15 Jun 2015 18:04:50 +0100 Subject: Large jumps in dovecot-uidlist In-Reply-To: <1434386794.4524.9.camel@z-51.de> References: <557D4D80.4020501@homeinbox.net> <1434386794.4524.9.camel@z-51.de> Message-ID: <557F05B2.9070303@homeinbox.net> On 15/06/2015 17:46, Felix Zielcke wrote: > Am Sonntag, den 14.06.2015, 10:46 +0100 schrieb Mark: >> Since upgrading to Debian Wheezy > ... >> # 2.2.13: /etc/dovecot/dovecot.conf >> # OS: Linux 3.2.0-4-kirkwood armv5tel Debian 7.8 > > So it's dovecot from the backports. > Didn't you notice that since about 2 months there's now jessie out? I did. Based on my previous experience of upgrading Debian as soon as the new release was announced and having to roll everything back because of this problem I'm taking a more cautious approach this time. > That has 2.2.13 too but maybe it's an issue outside of dovecot in some > library. Or just a bug in the backport. Possibly. I'm not against doing the full upgrade to Jessie to see what effect that has. I've been running the backport for a while and the problem certainly hasn't got worse. I'll see if I can find some time in the next few days to try the upgrade. > I have no problem at all with my dovecot under jessie. But it's > currently only responsible for my own private mails. So it hasn't much > to do. This install supports three users who access via IMAP using various combinations of Thunderbird, Opera Mail, native iPhone client, native Android client and K9. It seems to be the case that the mobile clients handle the UID jump gracefully whereas the desktop clients can't handle the larger UIDs. > Oh and now by looking again at your full mail: I mainly use IMAP + > Evolution or on my Android Smartphone K-9 Mail to access them. Thanks, Mark From number6 at noisynotes.com Mon Jun 15 17:11:09 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Mon, 15 Jun 2015 13:11:09 -0400 Subject: What became of dovecot.passwd? In-Reply-To: References: Message-ID: On Mon, 15 Jun 2015 12:47:03 -0400, you wrote: >Im assuming you found "doveadm" ? I did. From number6 at noisynotes.com Mon Jun 15 17:33:11 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Mon, 15 Jun 2015 13:33:11 -0400 Subject: Problem logging in during testing In-Reply-To: References: <557EEDA5.2070607@dimejo.at> Message-ID: I think I have it now! Found info about *correctly* defining namespaces. I now get the following when telnetting in, and it all looks valid. Trying 127.0.0.1... Connected to 127.0.0.1. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN] Dovecot ready. a login a OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS BINARY MOVE SPECIAL-USE] Logged in a logout * BYE Logging out a OK Logout completed. Connection closed by foreign host. If this is correct, then I'm off to add Postfix and get my mailing lists back online. From jost+lists at dimejo.at Mon Jun 15 17:35:49 2015 From: jost+lists at dimejo.at (Alex JOST) Date: Mon, 15 Jun 2015 19:35:49 +0200 Subject: Problem logging in during testing In-Reply-To: References: <557EEDA5.2070607@dimejo.at> Message-ID: <557F0CF5.7040804@dimejo.at> Am 15.06.2015 um 18:59 schrieb Steve Matzura: > On Mon, 15 Jun 2015 17:22:13 +0200, you wrote: > >>> Now, when I telnet 127.0.0.1 143 and attempt to log in with the >>> string: >>> >>> a login >>> >>> whether it's one in my users file or not, I get: >>> >>> a NO [AUTHENTICATIONFAILED] Authentication failed. >>> >> >> Logs might give you a clue what exactly doesn't work. > > Found one problem in maillog. mail_uid and mail_gid weren't defined. I > didn't define them manually because I thought they defaulted to vmail. > Now they are defined that way. > > These are a mystery: > > Jun 15 16:45:15 dovecot: imap-login: Login: user=, > method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=1428, secured, > session= > Jun 15 16:45:15 dovecot: imap(admin): Error: User > initialization failed: Namespace '': Mail storage autodetection failed > with home=/home/admin > Jun 15 16:45:15 dovecot: imap(admin): Error: Invalid user > settings. Refer to server log for more information. > > ~doveadm log find' says everything goes to /var/log/maillog, so that's > all I have. > Try adding a default mail_location. userdb { driver = passwd-file args = username_format=%u /etc/dovecot/users default_fields = mail=maildir:~/Maildir } -- Alex JOST From fzielcke at z-51.de Mon Jun 15 18:22:31 2015 From: fzielcke at z-51.de (Felix Zielcke) Date: Mon, 15 Jun 2015 20:22:31 +0200 Subject: FTS lucene and english + german mails Message-ID: <1434392551.8047.2.camel@z-51.de> Hi, I'm currently looking over the FTS pages to enable it in my dovecot. But I'm unsure what the best settings of the lucene plugin are, if you receive german and english mails. Wiki says: textcat_conf= textcat_dir=: If specified, enable guessing the stemming language for emails and search keywords. This is a little bit problematic in practice, since indexing and searching languages may differ and may not find even exact words because they stem differently. On Debian libstemmer is included in the debian-lucene package. So what settings are the best to have not the problem that exact words can't be found? From fzielcke at z-51.de Mon Jun 15 18:26:28 2015 From: fzielcke at z-51.de (Felix Zielcke) Date: Mon, 15 Jun 2015 20:26:28 +0200 Subject: Problem logging in during testing In-Reply-To: References: <557EEDA5.2070607@dimejo.at> Message-ID: <1434392788.8047.5.camel@z-51.de> Am Montag, den 15.06.2015, 13:33 -0400 schrieb Steve Matzura: > I think I have it now! Found info about *correctly* defining > namespaces. I now get the following when telnetting in, and it all > looks valid. > > Trying 127.0.0.1... > Connected to 127.0.0.1. > Escape character is '^]'. > * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE > IDLE STARTTLS AUTH=PLAIN] Dovecot ready. > a login > a OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE > IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS > THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT > CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE > QRESYNC > ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS BINARY MOVE > SPECIAL-USE] Logged in > a logout > * BYE Logging out > a OK Logout completed. > Connection closed by foreign host. > > If this is correct, then I'm off to add Postfix and get my mailing > lists back online. It looks like you don't enforce SSL/TLS. If you don't have any clients which are many years old you should do that. But of course it'S your own decision if you want your users passwords (and everything else) sent to your server in clear text over the wire From jost+lists at dimejo.at Mon Jun 15 19:11:39 2015 From: jost+lists at dimejo.at (Alex JOST) Date: Mon, 15 Jun 2015 21:11:39 +0200 Subject: Problem logging in during testing In-Reply-To: <1434392788.8047.5.camel@z-51.de> References: <557EEDA5.2070607@dimejo.at> <1434392788.8047.5.camel@z-51.de> Message-ID: <557F236B.3020508@dimejo.at> Am 15.06.2015 um 20:26 schrieb Felix Zielcke: > Am Montag, den 15.06.2015, 13:33 -0400 schrieb Steve Matzura: >> I think I have it now! Found info about *correctly* defining >> namespaces. I now get the following when telnetting in, and it all >> looks valid. >> >> Trying 127.0.0.1... >> Connected to 127.0.0.1. >> Escape character is '^]'. >> * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE >> IDLE STARTTLS AUTH=PLAIN] Dovecot ready. >> a login >> a OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE >> IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS >> THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT >> CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE >> QRESYNC >> ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS BINARY MOVE >> SPECIAL-USE] Logged in >> a logout >> * BYE Logging out >> a OK Logout completed. >> Connection closed by foreign host. >> >> If this is correct, then I'm off to add Postfix and get my mailing >> lists back online. > > It looks like you don't enforce SSL/TLS. > If you don't have any clients which are many years old you should do > that. > But of course it'S your own decision if you want your users passwords > (and everything else) sent to your server in clear text over the wire > SSL is not enforced on localhost even when specifying ssl=required. Take a look at the comment in /etc/dovecot/conf.d/10-ssl.conf: # SSL/TLS support: yes, no, required. # disable plain pop3 and imap, allowed are only pop3+TLS, # pop3s, imap+TLS and imaps # plain imap and pop3 are still allowed for local connections -- Alex JOST From jtam.home at gmail.com Mon Jun 15 22:31:40 2015 From: jtam.home at gmail.com (Joseph Tam) Date: Mon, 15 Jun 2015 15:31:40 -0700 (PDT) Subject: More about my SSL certificate problem In-Reply-To: References: Message-ID: Steve Matzura writes: > What is the reasoning behind that `<' anyway? It just appears so odd > that a path should have that at its front. I think this was a special syntax-hack that Timo used to mean "read into a buffer", or some different way to handle file data, probably for security reasons. Joseph Tam From number6 at noisynotes.com Mon Jun 15 23:29:16 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Mon, 15 Jun 2015 19:29:16 -0400 Subject: Problem logging in during testing In-Reply-To: <1434392788.8047.5.camel@z-51.de> References: <557EEDA5.2070607@dimejo.at> <1434392788.8047.5.camel@z-51.de> Message-ID: <9nnunatnfdikpuasnsrl8670saf6g6uq5o@4ax.com> On Mon, 15 Jun 2015 20:26:28 +0200, I wrote: >> Trying 127.0.0.1... >> Connected to 127.0.0.1. >> Escape character is '^]'. >> * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE >> IDLE STARTTLS AUTH=PLAIN] Dovecot ready. >> a login >> a OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE >> IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS >> THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT >> CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE >> QRESYNC >> ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS BINARY MOVE >> SPECIAL-USE] Logged in >> a logout >> * BYE Logging out >> a OK Logout completed. >> Connection closed by foreign host. Then Alex wrote: >It looks like you don't enforce SSL/TLS. >If you don't have any clients which are many years old you should do >that. >But of course it'S your own decision if you want your users passwords >(and everything else) sent to your server in clear text over the wire Not sure about the age of my clients' mail programs, but I have ssl=required in 10-ssl.conf. Need more to lock it down? From number6 at noisynotes.com Mon Jun 15 23:30:59 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Mon, 15 Jun 2015 19:30:59 -0400 Subject: Problem logging in during testing In-Reply-To: <557F236B.3020508@dimejo.at> References: <557EEDA5.2070607@dimejo.at> <1434392788.8047.5.camel@z-51.de> <557F236B.3020508@dimejo.at> Message-ID: <40ouna1hs8p26idqcpacrnnu1enpe33pus@4ax.com> On Mon, 15 Jun 2015 21:11:39 +0200, you wrote: >Am 15.06.2015 um 20:26 schrieb Felix Zielcke: >> Am Montag, den 15.06.2015, 13:33 -0400 schrieb Steve Matzura: >>> I think I have it now! Found info about *correctly* defining >>> namespaces. I now get the following when telnetting in, and it all >>> looks valid. >>> >>> Trying 127.0.0.1... >>> Connected to 127.0.0.1. >>> Escape character is '^]'. >>> * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE >>> IDLE STARTTLS AUTH=PLAIN] Dovecot ready. >>> a login >>> a OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE >>> IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS >>> THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT >>> CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE >>> QRESYNC >>> ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS BINARY MOVE >>> SPECIAL-USE] Logged in >>> a logout >>> * BYE Logging out >>> a OK Logout completed. >>> Connection closed by foreign host. >>> >>> If this is correct, then I'm off to add Postfix and get my mailing >>> lists back online. >> >> It looks like you don't enforce SSL/TLS. >> If you don't have any clients which are many years old you should do >> that. >> But of course it'S your own decision if you want your users passwords >> (and everything else) sent to your server in clear text over the wire >> > >SSL is not enforced on localhost even when specifying ssl=required. > >Take a look at the comment in /etc/dovecot/conf.d/10-ssl.conf: > # SSL/TLS support: yes, no, required. > # disable plain pop3 and imap, allowed are only pop3+TLS, > # pop3s, imap+TLS and imaps > # plain imap and pop3 are still allowed for local connections That's what I thought. I have not had the opportunity to test this from another system yet. From gessel at blackrosetech.com Tue Jun 16 00:50:11 2015 From: gessel at blackrosetech.com (David Gessel) Date: Tue, 16 Jun 2015 03:50:11 +0300 Subject: Dovecot 2.2.16: disappearing messages, mismatched summaries, duplicated messages, excessive full re-downloads In-Reply-To: References: "\" <553247D0.1020400@blackrosetech.com> <5532557D.10000@blackrosetech.com>" <3C3A4690-1FB3-4972-92E3-B2E1B554ECB6@iki.fi>" <55390406.9070701@blackrosetech.com> <555C496C.8030809@blackrosetech.com> <556C5E50.6060509@skye.it> Message-ID: <557F72C3.9050102@blackrosetech.com> -------- Original Message -------- Subject: Re: Dovecot 2.2.16: disappearing messages, mismatched summaries, duplicated messages, excessive full re-downloads From: Benny Pedersen To: dovecot at dovecot.org Date: Mon Jun 01 2015 16:47:48 GMT+0300 (Arabic Standard Time) > Alessio Cecchi skrev den 2015-06-01 15:29: >> Il 20/05/2015 10:44, David Gessel ha scritto: >>> Is there a way to completely disable caching on dovecot? >> >> Yes: mail_location = maildir:~/Maildir:INDEX=MEMORY > > dont know if that really solve it, imho it just move the problem from disk cache to memory cache, it does not imho disable it It seemed to do the trick. Behavior finally seems normal. The best evidence: At 10:00:00-ish I made the change in the config file and at 10:02:29 I restarted the server. It is now after 17:14 in Oakland and the logs are quiet. 09:00:06 host newsyslog[55292]: logfile turned over due to size>1000K 09:00:08 imap(user1): Warning: Maildir /mail/dom1.com/user1/: Expunged message reappeared, giving a new UID (old uid=3558585, file=1434383291.M430136P55004.host,S=2380,W=2423:2,) 09:00:08 imap(user1): Warning: Maildir /mail/dom1.com/user1/: Expunged message reappeared, giving a new UID (old uid=3558586, file=1434383253.M121801P54997.host,S=27419,W=28395:2,) 09:01:28 indexer-worker(user1): Warning: Maildir /mail/dom1.com/user1/: Expunged message reappeared, giving a new UID (old uid=3558587, file=1434383997.M731644P55286.host,S=7334,W=7513:2,) 09:07:49 indexer-worker(user1): Warning: Maildir /mail/dom1.com/user1/: Expunged message reappeared, giving a new UID (old uid=3561318, file=1434383997.M731644P55286.host,S=7334,W=7513:2,) 09:08:49 imap(user2): Warning: Maildir /mail/dom2/dmag/: Expunged message reappeared, giving a new UID (old uid=1846654, file=1434381278.M451318P54372.host,S=5013,W=5116:2,) 09:09:48 imap(user1): Warning: Maildir /mail/dom1.com/user1/: Expunged message reappeared, giving a new UID (old uid=3561319, file=1405470941.M117568P19536.host.dom1.com,S=8266,W=8382:2,) 09:21:02 imap(user1): Warning: Maildir /mail/dom1.com/user1/: Expunged message reappeared, giving a new UID (old uid=3564050, file=1434384469.M876726P55434.host,S=7297,W=7418:2,) 09:24:49 imap(user2): Warning: Maildir /mail/dom2/dmag/: Expunged message reappeared, giving a new UID (old uid=1847030, file=1434383414.M615990P55039.host,S=9890,W=10269:2,) 09:24:49 imap(user2): Warning: Maildir /mail/dom2/dmag/: Expunged message reappeared, giving a new UID (old uid=1847031, file=1434384445.M934994P55428.host,S=3405,W=3487:2,) 09:24:49 imap(user2): Warning: Maildir /mail/dom2/dmag/: Expunged message reappeared, giving a new UID (old uid=1847032, file=1434381278.M451318P54372.host,S=5013,W=5116:2,) 09:27:18 indexer-worker(user2): Warning: Maildir /mail/dom2/dmag/: Expunged message reappeared, giving a new UID (old uid=1847033, file=1434384562.M535709P55456.host,S=3403,W=3485:2,) 09:42:41 indexer-worker(user1): Warning: Maildir /mail/dom1.com/user1/: Expunged message reappeared, giving a new UID (old uid=3565416, file=1434385257.M437928P55657.host,S=176241,W=178722:2,) 09:47:18 indexer-worker(user1): Warning: Maildir /mail/dom1.com/user1/: Expunged message reappeared, giving a new UID (old uid=3568150, file=1434386561.M197796P56113.host,S=905854,W=917647:2,) 09:47:18 indexer-worker(user1): Warning: Maildir /mail/dom1.com/user1/: Expunged message reappeared, giving a new UID (old uid=3568151, file=1434385257.M437928P55657.host,S=176241,W=178722:2,) 09:47:23 imap(user1): Warning: Maildir /mail/dom1.com/user1/: Expunged message reappeared, giving a new UID (old uid=3568152, file=1434386561.M197796P56113.host,S=905854,W=917647:2,) 09:53:34 imap(user2): Warning: Maildir /mail/dom2/dmag/: Expunged message reappeared, giving a new UID (old uid=1847228, file=1434384562.M535709P55456.host,S=3403,W=3485:2,) 09:59:22 master: Warning: Killed with signal 15 (by pid=56486 uid=0 code=kill) 10:00:57 lda(user3): Warning: Maildir /mail/dom1.com/user3/: UIDVALIDITY changed (1404858902 -> 1433446125) 10:00:57 indexer-worker(user3): Warning: fts-lucene: Settings have changed, rebuilding index for mailbox 10:00:57 indexer-worker(user1): Warning: Maildir /mail/dom1.com/user1/: Expunged message reappeared, giving a new UID (old uid=3569520, file=1434386838.M74634P56231.host,S=905827,W=917620:2,) 10:02:29 master: Warning: Killed with signal 15 (by pid=66696 uid=0 code=kill) 10:05:13 indexer-worker(user1): Warning: fts-lucene: Settings have changed, rebuilding index for mailbox 10:05:13 indexer-worker(user1): Error: stat(/mail/dom1.com/user1//.dovecot.sieve/tmp) failed: Not a directory 10:08:09 indexer-worker(user3): Warning: fts-lucene: Settings have changed, rebuilding index for mailbox 10:17:00 indexer-worker(user2): Warning: fts-lucene: Settings have changed, rebuilding index for mailbox 15:24:16 imap(user1): Error: stat(/mail/dom1.com/user1//.dovecot.sieve/tmp) failed: Not a directory The last log file was turned over when it got greater than 1000K. It covered 1312 minutes and 3726 "expunged Message" warnings or one every 21 seconds. There hasn't been a single one in the 7+ hours since I moved the index to MEMORY. Whatever is confusing the index state on disk, it is not happening in RAM. From azurit at pobox.sk Tue Jun 16 08:37:41 2015 From: azurit at pobox.sk (azurIt) Date: Tue, 16 Jun 2015 10:37:41 +0200 Subject: =?utf-8?q?Mailbox_aliases_problem?= Message-ID: <20150616103741.9F4D64A0@pobox.sk> Hi, i'm trying to implement malbox aliases but it's not fully working as i expected. This is my configuration: mail_plugins = acl mailbox_alias plugin { mailbox_alias_old = INBOX/Odoslane mailbox_alias_new = INBOX/SentTest } That 'INBOX/' must be there because of this (we were moving from Courier IMAP): namespace inbox { type = private prefix = INBOX/ separator = / inbox = yes list = yes } All of this is working fine, if i create folder SentTest, the link to folder Odoslane is correctly created on filesystem. The problem is that folder SentTest is invisible even after creation: 1 CREATE "INBOX/SentTest" 1 OK Create completed. 2 LIST "" "*" 2 OK List completed. 3 LIST "INBOX/SentTest" "*" 3 OK List completed. 4 LIST "INBOX/Odoslane" "*" 4 LIST (\HasNoChildren \Sent) "/" INBOX/Odoslane 4 OK List completed. 5 CREATE "INBOX/SentTest" 5 NO [ALREADYEXISTS] Mailbox already exists 6 DELETE "INBOX/SentTest" 6 OK Delete completed. None of the e-mail clients i tried can see the folder. I'm using Dovecot 2.2.13 from Debian Wheezy (wheezy-backports). Any hints? azur From myworking82 at gmail.com Tue Jun 16 11:09:57 2015 From: myworking82 at gmail.com (My Work) Date: Tue, 16 Jun 2015 14:09:57 +0300 Subject: get failed auth Message-ID: <55800405.3070402@gmail.com> Hi, how i can write all users to my db (mysql example) if it is possible that get "unknown user", "auth failed" e.g.? dovecot 2.2.13 root at dev0:/home/fov# dovecot -n # 2.2.13: /etc/dovecot/dovecot.conf # OS: Linux 3.16.0-4-amd64 x86_64 Debian 8.0 ext4 auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain login auth_socket_path = /var/run/dovecot/auth-master base_dir = /var/run/dovecot/ disable_plaintext_auth = no first_valid_gid = 103 first_valid_uid = 101 listen = * mail_access_groups = mail,Debian-exim,dovecot mail_debug = yes mail_full_filesystem_access = yes mail_gid = 103 mail_location = maildir:/var/vmail/%d/%n mail_uid = 101 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date namespace inbox { inbox = yes location = prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } plugin { autocreate = Trash autocreate2 = Sent autocreate3 = Drafts autocreate4 = Junk autosubscribe = Trash autosubscribe2 = Sent autosubscribe3 = Drafts autosubscribe4 = Junk sieve = /var/vmail/%d/%n/currently-active-script.sieve sieve_dir = /var/vmail/%d/%n/sieve } protocols = imap sieve service auth { unix_listener auth-client { group = Debian-exim mode = 0666 user = Debian-exim } unix_listener auth-master { group = Debian-exim mode = 0666 user = Debian-exim } user = root } service imap-login { inet_listener imap { port = 143 } } service managesieve-login { executable = /usr/lib/dovecot/managesieve-login inet_listener sieve { port = 2074 } process_min_avail = 1 service_count = 1 vsz_limit = 64 M } service managesieve { executable = /usr/lib/dovecot/managesieve process_limit = 10 } ssl = no userdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } protocol lda { auth_socket_path = /var/run/dovecot/auth-master info_log_path = /tmp/dovecot-deliver.log log_path = /tmp/dovecot-deliver.log mail_plugins = sieve postmaster_address = postmaster at horsetele.com.ua sendmail_path = /usr/sbin/exim4 } protocol imap { imap_client_workarounds = tb-extra-mailbox-sep mail_plugins = autocreate } protocol sieve { managesieve_implementation_string = dovecot managesieve_max_line_length = 65536 } From infoomatic at gmx.at Tue Jun 16 12:07:26 2015 From: infoomatic at gmx.at (Infoomatic) Date: Tue, 16 Jun 2015 14:07:26 +0200 Subject: bug in indexer/indexer-worker Message-ID: Hi, I have already mentioned this in http://www.dovecot.org/pipermail/dovecot/2014-November/098592.html I could reproduce the errors above in a self-compiled v2.2.18 and the prebuilt packages from xi.rename-it.nl (in addition to version 2.2.15 mentioned in the link) The problem occurs when enabling fts_tika in the plugins (tried tika 1.6, 1.7 and 1.8). I tried to move a folder of my mailbox with about 2000 mails to my server (no users, modern hardware). At some point I get an error and from this time on dovecot keeps repeating the last lines with every mail that comes in ... see [1] I then get kernel syslog messages like in [2]. when I try to index all users (had another testuser) mailboxes with "doveadm index" I get the errors of [3]. The mailfolder does contain mails with attachments of all sorts, videos, office documents etc. When disabling fts_tika it works. dovecot -n output is [4] Could someone of the devs please have a look? best regards, infoomatic [1] Then comes the panic which produces loads of errormessages below the "Raw backtrace" part: Jun 16 10:11:08 testhost dovecot: indexer-worker(user1): Warning: I/O leak: 0x7f40b55c39d0 (line 411, fd 20) Jun 16 10:11:08 testhost dovecot: indexer-worker(user1): Warning: Timeout leak: 0x7f40b55c3780 (line 325) Jun 16 10:11:08 testhost dovecot: indexer-worker(user1): Panic: file ioloop.c: line 39 (io_add_file): assertion failed: (callback != NULL) Jun 16 10:11:08 testhost dovecot: indexer-worker(user1): Error: Raw backtrace: /opt/dovecot/lib/dovecot/libdovecot.so.0(+0x78320) [0x7f40b55f4320] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(+0x783fe) [0x7f40b55f43fe] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f40b55a3b25] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(+0x897d0) [0x7f40b56057d0] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(io_loop_move_io+0x3e) [0x7f40b560643e] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(connection_switch_ioloop+0x14) [0x7f40b55f21d4] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(http_client_switch_ioloop+0x28) [0x7f40b55c8148] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(+0x44536) [0x7f40b55c0536] -> /opt/dovecot/lib/dovecot/lib21_fts_solr_plugin.so(solr_connection_post_more+0x49) [0x7f40b108d469] -> /opt/dovecot/lib/dovecot/lib21_fts_solr_plugin.so(+0x3ac9) [0x7f40b1089ac9] -> /opt/dovecot/lib/dovecot/lib21_fts_solr_plugin.so(+0x3b6d) [0x7f40b1089b6d] -> /opt/dovecot/lib/dovecot/lib20_fts_plugin.so(+0x86ec) [0x7f40b495c6ec] -> /opt/dovecot/lib/dovecot/lib20_fts_plugin.so(fts_backend_update_deinit+0x23) [0x7f40b495c723] -> /opt/dovecot/lib/dovecot/lib20_fts_plugin.so(+0xe5cc) [0x7f40b49625cc] -> /opt/dovecot/lib/dovecot/lib20_fts_plugin.so(+0xf451) [0x7f40b4963451] -> /opt/dovecot/lib/dovecot/lib10_quota_plugin.so(+0xb454) [0x7f40b4b97454] -> /opt/dovecot/lib/dovecot/lib01_acl_plugin.so(+0xcfea) [0x7f40b4daafea] -> /opt/dovecot/lib/dovecot/libdovecot-storage.so.0(mailbox_transaction_commit_get_changes+0x41) [0x7f40b58a64f1] -> /opt/dovecot/lib/dovecot/libdovecot-storage.so.0(mailbox_transaction_commit+0xe) [0x7f40b58a658e] -> dovecot/indexer-worker() [0x40250c] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x4c) [0x7f40b560615c] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0xbb) [0x7f40b56070ab] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x9) [0x7f40b56061c9] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(io_loop_run+0x38) [0x7f40b5606248] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f40b55a9093] -> dovecot/indexer-worker(main+0xe3) [0x401f03] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5) [0x7f40b51d8ec5] -> dovecot/indexer-worker() [0x401fc2] Jun 16 10:11:08 testhost dovecot: indexer: Error: Indexer worker disconnected, discarding 2 requests for user1 Jun 16 10:11:08 testhost dovecot: indexer-worker(user1): Fatal: master: service(indexer-worker): child 2066 killed with signal 6 (core dumped) Jun 16 10:11:09 testhost dovecot: indexer-worker(user1): Warning: I/O leak: 0x7f25bc1689d0 (line 120, fd 23) Jun 16 10:11:09 testhost dovecot: indexer-worker(user1): Warning: Timeout leak: 0x7f25bc168780 (line 325) Jun 16 10:11:09 testhost dovecot: indexer: Error: Indexer worker disconnected, discarding 2 requests for user1 Jun 16 10:11:09 testhost dovecot: indexer-worker(user1): Fatal: master: service(indexer-worker): child 2124 killed with signal 11 (core dumped) Jun 16 10:11:09 testhost dovecot: indexer-worker(user1): Warning: I/O leak: 0x7f6cabb149d0 (line 120, fd 23) Jun 16 10:11:09 testhost dovecot: indexer-worker(user1): Warning: Timeout leak: 0x7f6cabb14780 (line 325) Jun 16 10:11:09 testhost dovecot: indexer: Error: Indexer worker disconnected, discarding 2 requests for user1 Jun 16 10:11:09 testhost dovecot: indexer-worker(user1): Fatal: master: service(indexer-worker): child 2125 killed with signal 11 (core dumped) [2] kernel syslog: [Tue Jun 16 09:51:15 2015] indexer-worker[7592]: segfault at 8 ip 00007f066e8c8c27 sp 00007fff36a038b0 error 4 in libdovecot.so.0.0.0[7f066e832000+e7000] [Tue Jun 16 09:51:16 2015] indexer-worker[7594]: segfault at 8 ip 00007f702671ac27 sp 00007ffc6e134840 error 4 in libdovecot.so.0.0.0[7f7026684000+e7000] [Tue Jun 16 09:51:16 2015] indexer-worker[7596]: segfault at 20 ip 00007fb8a5af2c47 sp 00007fff0a344780 error 4 in libdovecot.so.0.0.0[7fb8a5a69000+e7000] [Tue Jun 16 09:51:17 2015] indexer-worker[7598]: segfault at 20 ip 00007f5834b6ac47 sp 00007ffd54f35c00 error 4 in libdovecot.so.0.0.0[7f5834ae1000+e7000] [Tue Jun 16 09:51:18 2015] indexer-worker[7600]: segfault at 20 ip 00007f5b2f6fac47 sp 00007fff1a697690 error 4 in libdovecot.so.0.0.0[7f5b2f671000+e7000] [Tue Jun 16 09:51:19 2015] indexer-worker[7602]: segfault at 20 ip 00007fd6084ddc47 sp 00007ffdb4495af0 error 4 in libdovecot.so.0.0.0[7fd608454000+e7000] [Tue Jun 16 09:51:20 2015] indexer-worker[7604]: segfault at 20 ip 00007f7049789c47 sp 00007ffe71e4bdd0 error 4 in libdovecot.so.0.0.0[7f7049700000+e7000] [Tue Jun 16 09:51:20 2015] indexer-worker[7606]: segfault at 20 ip 00007f771d54dc47 sp 00007ffe01c6ff80 error 4 in libdovecot.so.0.0.0[7f771d4c4000+e7000] [Tue Jun 16 09:51:21 2015] indexer-worker[7608]: segfault at 20 ip 00007fc19d482c47 sp 00007ffc9a0b0280 error 4 in libdovecot.so.0.0.0[7fc19d3f9000+e7000] [Tue Jun 16 09:51:22 2015] indexer-worker[7610]: segfault at 29 ip 00007fa14df25c2b sp 00007ffeb246e5f0 error 4 in libdovecot.so.0.0.0[7fa14de8f000+e7000] [Tue Jun 16 09:51:23 2015] indexer-worker[7612]: segfault at 8 ip 00007fe8e41f2c27 sp 00007ffc700e2170 error 4 in libdovecot.so.0.0.0[7fe8e415c000+e7000] [Tue Jun 16 09:51:24 2015] indexer-worker[7614]: segfault at 8 ip 00007ff9a0c76c27 sp 00007fffecd44c90 error 4 in libdovecot.so.0.0.0[7ff9a0be0000+e7000] [Tue Jun 16 09:51:25 2015] indexer-worker[7616]: segfault at 8 ip 00007fd27867dc27 sp 00007ffedd8407f0 error 4 in libdovecot.so.0.0.0[7fd2785e7000+e7000] [Tue Jun 16 09:51:25 2015] indexer-worker[7618]: segfault at 8 ip 00007f94f8753c27 sp 00007fff56cc5ea0 error 4 in libdovecot.so.0.0.0[7f94f86bd000+e7000] [3] errors from "doveadm index": /opt/dovecot/bin/doveadm index -A '*' doveadm(user1): Warning: I/O leak: 0x7f0e072519d0 (line 120, fd 27) doveadm(user1): Warning: Timeout leak: 0x7f0e07251780 (line 325) Segmentation fault (core dumped) /opt/dovecot/bin/doveadm index -u user1 '*' doveadm(user1): Warning: I/O leak: 0x7f99b4fba9d0 (line 411, fd 14) doveadm(user1): Warning: Timeout leak: 0x7f99b4fba780 (line 325) doveadm(user1): Fatal: pool_system_realloc(17179869184): Out of memory doveadm(user1): Error: Raw backtrace: /opt/dovecot/lib/dovecot/libdovecot.so.0(+0x78320) [0x7f99b4feb320] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(default_fatal_handler+0x2a) [0x7f99b4feb38a] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(i_error+0) [0x7f99b4f9ac7f] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(+0x8f3a3) [0x7f99b50023a3] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(+0x7472d) [0x7f99b4fe772d] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(buffer_get_space_unsafe+0x5f) [0x7f99b4fe7f5f] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(io_loop_handle_add+0x24) [0x7f99b4ffdd94] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(+0x89761) [0x7f99b4ffc761] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(io_loop_move_io+0x3e) [0x7f99b4ffd43e] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(connection_switch_ioloop+0x14) [0x7f99b4fe91d4] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(http_client_switch_ioloop+0x28) [0x7f99b4fbf148] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(+0x44536) [0x7f99b4fb7536] -> /opt/dovecot/lib/dovecot/lib21_fts_solr_plugin.so(solr_connection_post_more+0x49) [0x7f99b0c9d469] -> /opt/dovecot/lib/dovecot/lib21_fts_solr_plugin.so(+0x373f) [0x7f99b0c9973f] -> /opt/dovecot/lib/dovecot/lib20_fts_plugin.so(+0x91e8) [0x7f99b43541e8] -> /opt/dovecot/lib/dovecot/lib20_fts_plugin.so(+0x95f0) [0x7f99b43545f0] -> /opt/dovecot/lib/dovecot/lib20_fts_plugin.so(fts_build_mail+0x714) [0x7f99b4354d34] -> /opt/dovecot/lib/dovecot/lib20_fts_plugin.so(+0xf17e) [0x7f99b435a17e] -> /opt/dovecot/lib/dovecot/libdovecot-storage.so.0(mail_precache+0x19) [0x7f99b5294e89] -> /opt/dovecot/bin/doveadm() [0x423211] -> /opt/dovecot/bin/doveadm() [0x41ecc6] -> /opt/dovecot/bin/doveadm(doveadm_mail_try_run+0x27f) [0x41fb8f] -> /opt/dovecot/bin/doveadm(main+0x38f) [0x412a9f] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5) [0x7f99b4bcfec5] -> /opt/dovecot/bin/doveadm() [0x412b99] [4] dovecot -n # 2.2.18: /opt/dovecot/etc/dovecot/dovecot.conf # Pigeonhole version 0.4.8 (0c4ae064f307+) # OS: Linux 3.13.0-52-generic x86_64 Ubuntu 14.04.2 LTS ext4 auth_username_format = %n auth_verbose = yes disable_plaintext_auth = no imap_idle_notify_interval = 5 mins mail_gid = vmail mail_home = /var/lib/vmail/home/%d/%u mail_location = mdbox:/var/lib/vmail/mail/%d/%u mail_plugins = fts fts_solr zlib acl quota zlib fts fts_solr acl mail_uid = vmail mailbox_idle_check_interval = 1 mins managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate imapflags notify mdbox_rotate_size = 32 M namespace { list = children location = mdbox:/var/lib/vmail/mail/%d/%%u prefix = shared/%%u/ separator = / subscriptions = no type = shared } namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / type = private } passdb { args = /opt/dovecot/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { acl = vfile acl_defaults_from_inbox = yes acl_shared_dict = file:/var/lib/vmail/shared-mailboxes fts = solr fts_autoindex = yes fts_solr = url=http://localhost:8983/solr/ break-imap-search fts_tika = http://localhost:8081/tika quota = dict:Quota::file:%h/dovecot-quota quota_rule = *:storage=1G quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = +notify +imapflags zlib_save = gz zlib_save_level = 9 } protocols = imap sieve service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } unix_listener auth-userdb { group = vmail user = vmail } } service imap-login { inet_listener imaps { port = 0 } } service managesieve-login { inet_listener sieve_deprecated { port = 2000 } } service pop3-login { inet_listener pop3 { port = 0 } inet_listener pop3s { port = 0 } } ssl = required ssl_cert = hi everybody I've barely started reading on dsync and I wonder.. would you know if it is possible to sync/replicate only specific domain(users)? or it's always the whole lot? many thanks P. From b-dovecot.org at grmbl.net Tue Jun 16 12:14:38 2015 From: b-dovecot.org at grmbl.net (B) Date: Tue, 16 Jun 2015 14:14:38 +0200 Subject: dsync selectively In-Reply-To: <55801198.8040600@yahoo.co.uk> References: <55801198.8040600@yahoo.co.uk> Message-ID: <20150616121438.GC32014@mx.grmbl.net> P, On Tue, Jun 16, 2015 at 01:07:52PM +0100, lejeczek wrote: > I've barely started reading on dsync and I wonder.. > would you know if it is possible to sync/replicate only specific > domain(users)? or it's always the whole lot? See http://blog.dovecot.org/2012/02/dovecot-clustering-with-dsync-based.html basically set 'mail_replica' to 'remote:server3' in your userdb B From mihaiush at gmail.com Tue Jun 16 12:17:02 2015 From: mihaiush at gmail.com (mihaiush) Date: Tue, 16 Jun 2015 15:17:02 +0300 Subject: Imap process crashes when search in virtual mailbox Message-ID: Hi, When searching in a virtual mailbox imap process crashes if the virtual mailbox has a lot of physical mailboxes behind (more than 80 - 100 mailboxes). Dovecot 2.2.18 build from sources ./configure --prefix=/opt/dovecot2 --with-mysql --with-sqlite --with-solr --with-ssl --disable-rpath --disable-static. Debian Wheezy 3.2.63-2 x86_64. Filesystem is ZFS. docecot -n : # 2.2.18: /services/dovecot1/etc/dovecot.conf # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.7 auth_master_user_separator = * auth_mechanisms = plain login base_dir = /services/dovecot1/var/run default_client_limit = 10240 default_login_user = dovecot dict { quotadict = mysql:/services/dovecot1/etc/quota.conf } disable_plaintext_auth = no log_path = login_log_format_elements = user=%u session=%{session} mpid=%e rip=%r rrip=%{real_rip} mail_location = mdbox:~/mails mail_log_prefix = "store107: %s(%u): %{session}: " mail_max_userip_connections = 0 mail_plugins = quota virtual fts fts_solr notify mail_log mailbox_list_index = yes mdbox_rotate_size = 256 k mmap_disable = yes namespace inbox { inbox = yes location = mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Junk { auto = subscribe special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox Trash { auto = subscribe special_use = \Trash } prefix = separator = / } namespace virtual { hidden = yes list = no location = virtual:/services/dovecot1/etc/virtual:INDEX=~/mails/virtual mailbox all { auto = create special_use = \All } mailbox unseen { auto = create } prefix = virtual/ separator = / } passdb { args = /services/dovecot1/etc/passwd.masterusers driver = passwd-file master = yes pass = yes } passdb { args = /services/dovecot1/etc/mysql.conf driver = sql } plugin { fts = solr fts_solr = break-imap-search url=http://10.78.18.127:8080/solr/ mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename flag_change save mailbox_create mail_log_fields = uid box msgid flags quota = dict:user::proxy::quotadict quota_rule = *:storage=1GB quota_rule2 = Trash:storage=+152M quota_rule3 = Trash:messages=+5 } protocols = imap service auth { unix_listener auth-client { mode = 0666 } unix_listener auth-master { group = nogroup mode = 0660 } } service dict { process_limit = 400 unix_listener dict { mode = 0600 user = nobody } } service imap-login { chroot = login client_limit = 2048 inet_listener imap { address = 10.78.18.127 port = 143 } process_limit = 1024 service_count = 0 } service imap { process_limit = 10240 vsz_limit = 320 M } service indexer-worker { process_limit = 4 process_min_avail = 2 service_count = 1 vsz_limit = 1 G } shutdown_clients = no ssl = no syslog_facility = local3 userdb { args = /services/dovecot1/etc/mysql.conf driver = sql } protocol imap { mail_plugins = quota virtual fts fts_solr notify mail_log imap_quota } protocol lda { auth_socket_path = /services/dovecot1/var/run/auth-master mail_plugins = quota virtual fts fts_solr notify mail_log sieve event_broker submission_host = osmtp:8090 } /services/dovecot1/etc/virtual/all/dovecot-virtual : * -Trash -Junk all Error log: 2015-06-16T12:49:25.502864+02:00 sr-be-store07 dovecot: store107: imap( mihaiush at sunrise.ch): hCdxU6AY/wAKThJr: Panic: file mail-index-map.c: line 547 (mail_index_map_lookup_seq_range): assertion failed: (first_uid > 0) 2015-06-16T12:49:25.503429+02:00 sr-be-store07 dovecot: store107: imap( mihaiush at sunrise.ch): hCdxU6AY/wAKThJr: Error: Raw backtrace: /opt/dovecot2/lib/dovecot/libdovecot.so.0(+0x7c13f) [0x7fe2e433713f] -> /opt/dovecot2/lib/dovecot/libdovecot.so.0(+0x7c19e) [0x7fe2e433719e] -> /opt/dovecot2/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7fe2e42e5555] -> /opt/dovecot2/lib/dovecot/libdovecot-storage.so.0(+0xc4d32) [0x7fe2e466fd32] -> /opt/dovecot2/lib/dovecot/libdovecot-storage.so.0(mail_index_lookup_seq_range+0xa) [0x7fe2e46817fa] -> /opt/dovecot2/lib/dovecot/lib20_fts_plugin.so(+0xd0b1) [0x7fe2e30c40b1] -> /opt/dovecot2/lib/dovecot/lib20_fts_plugin.so(+0xd963) [0x7fe2e30c4963] -> /opt/dovecot2/lib/dovecot/lib20_fts_plugin.so(fts_search_lookup+0xa6) [0x7fe2e30c4c36] -> /opt/dovecot2/lib/dovecot/lib20_fts_plugin.so(+0xfdef) [0x7fe2e30c6def] -> dovecot/imap(imap_search_start+0x70) [0x41dec0] -> dovecot/imap(cmd_sort+0x205) [0x414565] -> dovecot/imap(command_exec+0x4c) [0x418aec] -> dovecot/imap() [0x417ad0] -> dovecot/imap() [0x417b64] -> dovecot/imap(client_handle_input+0x115) [0x417e45] -> dovecot/imap(client_input+0x72) [0x418212] -> /opt/dovecot2/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x5b) [0x7fe2e43494fb] -> /opt/dovecot2/lib/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0xbb) [0x7fe2e434a54b] -> /opt/dovecot2/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x9) [0x7fe2e4349589] -> /opt/dovecot2/lib/dovecot/libdovecot.so.0(io_loop_run+0x38) [0x7fe2e4349608] -> /opt/dovecot2/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7fe2e42eabc3] -> dovecot/imap(main+0x27b) [0x40c60b] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xfd) [0x7fe2e3f4eead] -> dovecot/imap() [0x40c769] 2015-06-16T12:49:25.552150+02:00 sr-be-store07 dovecot: store107: imap( mihaiush at sunrise.ch): hCdxU6AY/wAKThJr: Fatal: master: service(imap): child 3923 killed with signal 6 (core dumped) IMAP session: # telnet store107 143 Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready. x login mihaiush at sunrise.ch XXX x OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS BINARY MOVE SEARCH=FUZZY NOTIFY SPECIAL-USE QUOTA] Logged in x select virtual/all * FLAGS (\Answered \Flagged \Deleted \Seen \Draft $Label3 $Label2 $Label5 $Label1 $Label4 parsed attachment) * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft $Label3 $Label2 $Label5 $Label1 $Label4 parsed attachment \*)] Flags permitted. * 1963 EXISTS * 1256 RECENT * OK [UNSEEN 2] First unseen. * OK [UIDVALIDITY 1434024437] UIDs valid * OK [UIDNEXT 2677] Predicted next UID * OK [HIGHESTMODSEQ 76] Highest x OK [READ-WRITE] Select completed (0.087 secs). x sort (reverse arrival) utf-8 text vpopmail Connection closed by foreign host. GDB: # gdb /opt/dovecot2/libexec/dovecot/imap /services/dovecot1/var/data/ sunrise.ch/m/mihaiush/core GNU gdb (GDB) 7.4.1-debian Copyright (C) 2012 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-linux-gnu". For bug reporting instructions, please see: ... Reading symbols from /opt/dovecot2/libexec/dovecot/imap...done. [New LWP 3923] warning: Can't read pathname for load map: Input/output error. [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". Core was generated by `dovecot/imap'. Program terminated with signal 6, Aborted. #0 0x00007fe2e3f62165 in raise () from /lib/x86_64-linux-gnu/libc.so.6 (gdb) (gdb) bt full #0 0x00007fe2e3f62165 in raise () from /lib/x86_64-linux-gnu/libc.so.6 No symbol table info available. #1 0x00007fe2e3f653e0 in abort () from /lib/x86_64-linux-gnu/libc.so.6 No symbol table info available. #2 0x00007fe2e4337135 in default_fatal_finish (type=, status=status at entry=0) at failures.c:202 backtrace = 0x2166c38 "/opt/dovecot2/lib/dovecot/libdovecot.so.0(+0x7c13f) [0x7fe2e433713f] -> /opt/dovecot2/lib/dovecot/libdovecot.so.0(+0x7c19e) [0x7fe2e433719e] -> /opt/dovecot2/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x"... #3 0x00007fe2e433719e in i_internal_fatal_handler (ctx=0x7fffa5660ea0, format=, args=) at failures.c:671 status = 0 #4 0x00007fe2e42e5555 in i_panic (format=format at entry=0x7fe2e468d068 "file %s: line %d (%s): assertion failed: (%s)") at failures.c:276 ctx = {type = LOG_TYPE_PANIC, exit_status = 0, timestamp = 0x0, timestamp_usecs = 0} args = {{gp_offset = 40, fp_offset = 48, overflow_arg_area = 0x7fffa5660f90, reg_save_area = 0x7fffa5660ed0}} #5 0x00007fe2e466fd32 in mail_index_map_lookup_seq_range (map=, first_uid=0, last_uid=, first_seq_r=, last_seq_r=) at mail-index-map.c:547 __FUNCTION__ = "mail_index_map_lookup_seq_range" #6 0x00007fe2e46817fa in mail_index_lookup_seq_range (view=, first_uid=, last_uid=, first_seq_r=first_seq_r at entry=0x7fffa5660fe8, last_seq_r=last_seq_r at entry =0x7fffa5660fec) at mail-index-view.c:513 No locals. #7 0x00007fe2e45f819c in mailbox_get_seq_range (box=, uid1=, uid2=, seq1_r=seq1_r at entry=0x7fffa5660fe8, seq2_r=seq2_r at entry=0x7fffa5660fec) at mailbox-get.c:11 No locals. #8 0x00007fe2e30c40b1 in uid_range_to_seqs (uid_range=uid_range at entry=0x7fffa56610b0, seq_range=seq_range at entry=0x25e4840, fctx=, fctx=) at fts-search.c:28 range = 0x2166738 i = count = seq1 = 41023456 seq2 = 0 #9 0x00007fe2e30c4963 in multi_add_lookup_result (args=0x2363d50, level=0x25e4840, fctx=0x23637e0, result=) at fts-search.c:138 br = 0x271f7e0 vuids = {arr = {buffer = 0x2166700, element_size = 8}, v = 0x2166700, v_modifiable = 0x2166700} orig_size = i = vbox = 0x2197c70 #10 fts_search_lookup_level_multi (and_args=, args=0x2363d50, fctx=0x23637e0) at fts-search.c:198 flags = FTS_LOOKUP_FLAG_AND_ARGS mailboxes_arr = {arr = {buffer = 0x2717670, element_size = 8}, v = 0x2717670, v_modifiable = 0x2717670} backend = j = 69 vbox = mailboxes = 0x27176a8 level = 0x25e4840 result = {pool = 0x2717650, box_results = 0x271f7a0} i = mailbox_count = 69 #11 fts_search_lookup_level (fctx=fctx at entry=0x23637e0, args=0x2363d50, and_args=and_args at entry=true) at fts-search.c:212 _data_stack_cur_id = 4 ret = #12 0x00007fe2e30c4c36 in fts_search_lookup (fctx=fctx at entry=0x23637e0) at fts-search.c:358 last_uid = 2676 seq1 = 0 seq2 = 0 __FUNCTION__ = "fts_search_lookup" #13 0x00007fe2e30c6def in fts_mailbox_search_init (t=, args=0x2363c90, sort_program=0x7fffa5661250, wanted_fields=, wanted_headers=) at fts-storage.c:240 ft = 0x23908a0 fbox = flist = ctx = 0x2695dc0 fctx = 0x23637e0 #14 0x000000000041dec0 in imap_search_start (ctx=ctx at entry=0x2195590, sargs=0x2363c90, sort_program=sort_program at entry=0x7fffa5661250) at imap-search.c:587 cmd = 0x2195450 __FUNCTION__ = "imap_search_start" #15 0x0000000000414565 in cmd_sort (cmd=0x2195450) at cmd-sort.c:141 ctx = 0x2195590 sargs = 0x2363c90 sort_program = {4097, MAIL_SORT_END, 56, MAIL_SORT_END, 3831136736, 32738, 35045104, MAIL_SORT_END, MAIL_SORT_ARRIVAL, MAIL_SORT_END, MAIL_SORT_ARRIVAL, MAIL_SORT_END} args = 0x216cb98 list_args = 0x216ccd0 charset = 0x216ce30 "utf-8" ret = #16 0x0000000000418aec in command_exec (cmd=cmd at entry=0x2195450) at imap-commands.c:167 hook = 0x216a120 diff = ---Type to continue, or q to quit--- finished = #17 0x0000000000417ad0 in client_command_input (cmd=cmd at entry=0x2195450) at imap-client.c:814 client = 0x2194850 command = __FUNCTION__ = "client_command_input" #18 0x0000000000417b64 in client_command_input (cmd=0x2195450) at imap-client.c:874 client = 0x2194850 command = __FUNCTION__ = "client_command_input" #19 0x0000000000417e45 in client_handle_next_command (remove_io_r=, client=0x2194850) at imap-client.c:912 No locals. #20 client_handle_input (client=client at entry=0x2194850) at imap-client.c:924 _data_stack_cur_id = 3 ret = 2 remove_io = false handled_commands = false __FUNCTION__ = "client_handle_input" #21 0x0000000000418212 in client_input (client=0x2194850) at imap-client.c:966 cmd = output = 0x2195270 bytes = 46 __FUNCTION__ = "client_input" #22 0x00007fe2e43494fb in io_loop_call_io (io=0x2195360) at ioloop.c:501 ioloop = 0x2169760 t_id = 2 __FUNCTION__ = "io_loop_call_io" #23 0x00007fe2e434a54b in io_loop_handler_run_internal (ioloop=ioloop at entry=0x2169760) at ioloop-epoll.c:220 ctx = 0x216a490 events = 0xf53 event = 0x216b300 list = 0x216bef0 io = tv = {tv_sec = 1799, tv_usec = 999663} events_count = msecs = ret = 1 i = call = __FUNCTION__ = "io_loop_handler_run_internal" #24 0x00007fe2e4349589 in io_loop_handler_run (ioloop=ioloop at entry=0x2169760) at ioloop.c:548 No locals. #25 0x00007fe2e4349608 in io_loop_run (ioloop=0x2169760) at ioloop.c:525 __FUNCTION__ = "io_loop_run" #26 0x00007fe2e42eabc3 in master_service_run (service=0x21695f0, callback=callback at entry=0x421140 ) at master-service.c:581 No locals. #27 0x000000000040c60b in main (argc=1, argv=0x2169390) at main.c:431 set_roots = {0x428c20, 0x0} login_set = {auth_socket_path = 0x2161060 "\210\020\026\002", postlogin_socket_path = 0x0, postlogin_timeout_secs = 60, callback = 0x420f80 , failure_callback = 0x4210f0 , request_auth_token = 1} service_flags = storage_service_flags = username = 0x0 c = (gdb) If necessary I can provide the mailbox, it has 7MB. From peljasz at yahoo.co.uk Tue Jun 16 13:16:57 2015 From: peljasz at yahoo.co.uk (lejeczek) Date: Tue, 16 Jun 2015 14:16:57 +0100 Subject: dsync selectively In-Reply-To: <20150616121438.GC32014@mx.grmbl.net> References: <55801198.8040600@yahoo.co.uk> <20150616121438.GC32014@mx.grmbl.net> Message-ID: <558021C9.3040208@yahoo.co.uk> On 16/06/15 13:14, B wrote: > P, > > On Tue, Jun 16, 2015 at 01:07:52PM +0100, lejeczek wrote: > >> I've barely started reading on dsync and I wonder.. >> would you know if it is possible to sync/replicate only specific >> domain(users)? or it's always the whole lot? > See > http://blog.dovecot.org/2012/02/dovecot-clustering-with-dsync-based.html > > basically set 'mail_replica' to 'remote:server3' in your userdb > > > B > thanks B, userdb as appose to plugin? it's quite unclear what to put there, to a beginner. From peljasz at yahoo.co.uk Tue Jun 16 13:27:37 2015 From: peljasz at yahoo.co.uk (lejeczek) Date: Tue, 16 Jun 2015 14:27:37 +0100 Subject: dsync selectively In-Reply-To: <558021C9.3040208@yahoo.co.uk> References: <55801198.8040600@yahoo.co.uk> <20150616121438.GC32014@mx.grmbl.net> <558021C9.3040208@yahoo.co.uk> Message-ID: <55802449.5070608@yahoo.co.uk> On 16/06/15 14:16, lejeczek wrote: > On 16/06/15 13:14, B wrote: >> P, >> >> On Tue, Jun 16, 2015 at 01:07:52PM +0100, lejeczek wrote: >> >>> I've barely started reading on dsync and I wonder.. >>> would you know if it is possible to sync/replicate only >>> specific >>> domain(users)? or it's always the whole lot? >> See >> http://blog.dovecot.org/2012/02/dovecot-clustering-with-dsync-based.html >> >> >> basically set 'mail_replica' to 'remote:server3' in your >> userdb >> >> >> B >> > thanks B, > userdb as appose to plugin? > it's quite unclear what to put there, to a beginner. > also if I put mail_replica (having the rest, pretty much take form wiki in repl.conf) into userdb I get: line 24: Unknown setting: mail_replica this userdb uses ldap driver in case it may matter, I guess it should not. From infoomatic at gmx.at Tue Jun 16 13:42:03 2015 From: infoomatic at gmx.at (Infoomatic) Date: Tue, 16 Jun 2015 15:42:03 +0200 Subject: Aw: bug in indexer/indexer-worker In-Reply-To: References: Message-ID: I guess this is the same issue: http://www.dovecot.org/list/dovecot/2015-June/101029.html > Gesendet: Dienstag, 16. Juni 2015 um 14:07 Uhr > Von: Infoomatic > An: "Dovecot ML" > Betreff: bug in indexer/indexer-worker > > Hi, > > I have already mentioned this in http://www.dovecot.org/pipermail/dovecot/2014-November/098592.html > > I could reproduce the errors above in a self-compiled v2.2.18 and the prebuilt packages from xi.rename-it.nl (in addition to version 2.2.15 mentioned in the link) > > The problem occurs when enabling fts_tika in the plugins (tried tika 1.6, 1.7 and 1.8). I tried to move a folder of my mailbox with about 2000 mails to my server (no users, modern hardware). > At some point I get an error and from this time on dovecot keeps repeating the last lines with every mail that comes in ... see [1] > I then get kernel syslog messages like in [2]. when I try to index all users (had another testuser) mailboxes with "doveadm index" I get the errors of [3]. > > The mailfolder does contain mails with attachments of all sorts, videos, office documents etc. When disabling fts_tika it works. dovecot -n output is [4] > > Could someone of the devs please have a look? > > best regards, > infoomatic > > > [1] Then comes the panic which produces loads of errormessages below the "Raw backtrace" part: > Jun 16 10:11:08 testhost dovecot: indexer-worker(user1): Warning: I/O leak: 0x7f40b55c39d0 (line 411, fd 20) > Jun 16 10:11:08 testhost dovecot: indexer-worker(user1): Warning: Timeout leak: 0x7f40b55c3780 (line 325) > Jun 16 10:11:08 testhost dovecot: indexer-worker(user1): Panic: file ioloop.c: line 39 (io_add_file): assertion failed: (callback != NULL) > Jun 16 10:11:08 testhost dovecot: indexer-worker(user1): Error: Raw backtrace: /opt/dovecot/lib/dovecot/libdovecot.so.0(+0x78320) [0x7f40b55f4320] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(+0x783fe) [0x7f40b55f43fe] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f40b55a3b25] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(+0x897d0) [0x7f40b56057d0] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(io_loop_move_io+0x3e) [0x7f40b560643e] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(connection_switch_ioloop+0x14) [0x7f40b55f21d4] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(http_client_switch_ioloop+0x28) [0x7f40b55c8148] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(+0x44536) [0x7f40b55c0536] -> /opt/dovecot/lib/dovecot/lib21_fts_solr_plugin.so(solr_connection_post_more+0x49) [0x7f40b108d469] -> /opt/dovecot/lib/dovecot/lib21_fts_solr_plugin.so(+0x3ac9) [0x7f40b1089ac9] -> /opt/dovecot/lib/dovecot/lib21_fts_solr_plugin.so(+0x3b6d) [0x7f40b1089b6d] -> /opt/dovecot/lib/dovecot/lib20_fts_plugin.so(+0x86ec) [0x7f40b495c6ec] -> /opt/dovecot/lib/dovecot/lib20_fts_plugin.so(fts_backend_update_deinit+0x23) [0x7f40b495c723] -> /opt/dovecot/lib/dovecot/lib20_fts_plugin.so(+0xe5cc) [0x7f40b49625cc] -> /opt/dovecot/lib/dovecot/lib20_fts_plugin.so(+0xf451) [0x7f40b4963451] -> /opt/dovecot/lib/dovecot/lib10_quota_plugin.so(+0xb454) [0x7f40b4b97454] -> /opt/dovecot/lib/dovecot/lib01_acl_plugin.so(+0xcfea) [0x7f40b4daafea] -> /opt/dovecot/lib/dovecot/libdovecot-storage.so.0(mailbox_transaction_commit_get_changes+0x41) [0x7f40b58a64f1] -> /opt/dovecot/lib/dovecot/libdovecot-storage.so.0(mailbox_transaction_commit+0xe) [0x7f40b58a658e] -> dovecot/indexer-worker() [0x40250c] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x4c) [0x7f40b560615c] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0xbb) [0x7f40b56070ab] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x9) [0x7f40b56061c9] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(io_loop_run+0x38) [0x7f40b5606248] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f40b55a9093] -> dovecot/indexer-worker(main+0xe3) [0x401f03] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5) [0x7f40b51d8ec5] -> dovecot/indexer-worker() [0x401fc2] > Jun 16 10:11:08 testhost dovecot: indexer: Error: Indexer worker disconnected, discarding 2 requests for user1 > Jun 16 10:11:08 testhost dovecot: indexer-worker(user1): Fatal: master: service(indexer-worker): child 2066 killed with signal 6 (core dumped) > Jun 16 10:11:09 testhost dovecot: indexer-worker(user1): Warning: I/O leak: 0x7f25bc1689d0 (line 120, fd 23) > Jun 16 10:11:09 testhost dovecot: indexer-worker(user1): Warning: Timeout leak: 0x7f25bc168780 (line 325) > Jun 16 10:11:09 testhost dovecot: indexer: Error: Indexer worker disconnected, discarding 2 requests for user1 > Jun 16 10:11:09 testhost dovecot: indexer-worker(user1): Fatal: master: service(indexer-worker): child 2124 killed with signal 11 (core dumped) > Jun 16 10:11:09 testhost dovecot: indexer-worker(user1): Warning: I/O leak: 0x7f6cabb149d0 (line 120, fd 23) > Jun 16 10:11:09 testhost dovecot: indexer-worker(user1): Warning: Timeout leak: 0x7f6cabb14780 (line 325) > Jun 16 10:11:09 testhost dovecot: indexer: Error: Indexer worker disconnected, discarding 2 requests for user1 > Jun 16 10:11:09 testhost dovecot: indexer-worker(user1): Fatal: master: service(indexer-worker): child 2125 killed with signal 11 (core dumped) > > [2] kernel syslog: > [Tue Jun 16 09:51:15 2015] indexer-worker[7592]: segfault at 8 ip 00007f066e8c8c27 sp 00007fff36a038b0 error 4 in libdovecot.so.0.0.0[7f066e832000+e7000] > [Tue Jun 16 09:51:16 2015] indexer-worker[7594]: segfault at 8 ip 00007f702671ac27 sp 00007ffc6e134840 error 4 in libdovecot.so.0.0.0[7f7026684000+e7000] > [Tue Jun 16 09:51:16 2015] indexer-worker[7596]: segfault at 20 ip 00007fb8a5af2c47 sp 00007fff0a344780 error 4 in libdovecot.so.0.0.0[7fb8a5a69000+e7000] > [Tue Jun 16 09:51:17 2015] indexer-worker[7598]: segfault at 20 ip 00007f5834b6ac47 sp 00007ffd54f35c00 error 4 in libdovecot.so.0.0.0[7f5834ae1000+e7000] > [Tue Jun 16 09:51:18 2015] indexer-worker[7600]: segfault at 20 ip 00007f5b2f6fac47 sp 00007fff1a697690 error 4 in libdovecot.so.0.0.0[7f5b2f671000+e7000] > [Tue Jun 16 09:51:19 2015] indexer-worker[7602]: segfault at 20 ip 00007fd6084ddc47 sp 00007ffdb4495af0 error 4 in libdovecot.so.0.0.0[7fd608454000+e7000] > [Tue Jun 16 09:51:20 2015] indexer-worker[7604]: segfault at 20 ip 00007f7049789c47 sp 00007ffe71e4bdd0 error 4 in libdovecot.so.0.0.0[7f7049700000+e7000] > [Tue Jun 16 09:51:20 2015] indexer-worker[7606]: segfault at 20 ip 00007f771d54dc47 sp 00007ffe01c6ff80 error 4 in libdovecot.so.0.0.0[7f771d4c4000+e7000] > [Tue Jun 16 09:51:21 2015] indexer-worker[7608]: segfault at 20 ip 00007fc19d482c47 sp 00007ffc9a0b0280 error 4 in libdovecot.so.0.0.0[7fc19d3f9000+e7000] > [Tue Jun 16 09:51:22 2015] indexer-worker[7610]: segfault at 29 ip 00007fa14df25c2b sp 00007ffeb246e5f0 error 4 in libdovecot.so.0.0.0[7fa14de8f000+e7000] > [Tue Jun 16 09:51:23 2015] indexer-worker[7612]: segfault at 8 ip 00007fe8e41f2c27 sp 00007ffc700e2170 error 4 in libdovecot.so.0.0.0[7fe8e415c000+e7000] > [Tue Jun 16 09:51:24 2015] indexer-worker[7614]: segfault at 8 ip 00007ff9a0c76c27 sp 00007fffecd44c90 error 4 in libdovecot.so.0.0.0[7ff9a0be0000+e7000] > [Tue Jun 16 09:51:25 2015] indexer-worker[7616]: segfault at 8 ip 00007fd27867dc27 sp 00007ffedd8407f0 error 4 in libdovecot.so.0.0.0[7fd2785e7000+e7000] > [Tue Jun 16 09:51:25 2015] indexer-worker[7618]: segfault at 8 ip 00007f94f8753c27 sp 00007fff56cc5ea0 error 4 in libdovecot.so.0.0.0[7f94f86bd000+e7000] > > [3] errors from "doveadm index": > /opt/dovecot/bin/doveadm index -A '*' > doveadm(user1): Warning: I/O leak: 0x7f0e072519d0 (line 120, fd 27) > doveadm(user1): Warning: Timeout leak: 0x7f0e07251780 (line 325) > Segmentation fault (core dumped) > > /opt/dovecot/bin/doveadm index -u user1 '*' > doveadm(user1): Warning: I/O leak: 0x7f99b4fba9d0 (line 411, fd 14) > doveadm(user1): Warning: Timeout leak: 0x7f99b4fba780 (line 325) > doveadm(user1): Fatal: pool_system_realloc(17179869184): Out of memory > doveadm(user1): Error: Raw backtrace: /opt/dovecot/lib/dovecot/libdovecot.so.0(+0x78320) [0x7f99b4feb320] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(default_fatal_handler+0x2a) [0x7f99b4feb38a] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(i_error+0) [0x7f99b4f9ac7f] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(+0x8f3a3) [0x7f99b50023a3] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(+0x7472d) [0x7f99b4fe772d] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(buffer_get_space_unsafe+0x5f) [0x7f99b4fe7f5f] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(io_loop_handle_add+0x24) [0x7f99b4ffdd94] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(+0x89761) [0x7f99b4ffc761] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(io_loop_move_io+0x3e) [0x7f99b4ffd43e] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(connection_switch_ioloop+0x14) [0x7f99b4fe91d4] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(http_client_switch_ioloop+0x28) [0x7f99b4fbf148] -> /opt/dovecot/lib/dovecot/libdovecot.so.0(+0x44536) [0x7f99b4fb7536] -> /opt/dovecot/lib/dovecot/lib21_fts_solr_plugin.so(solr_connection_post_more+0x49) [0x7f99b0c9d469] -> /opt/dovecot/lib/dovecot/lib21_fts_solr_plugin.so(+0x373f) [0x7f99b0c9973f] -> /opt/dovecot/lib/dovecot/lib20_fts_plugin.so(+0x91e8) [0x7f99b43541e8] -> /opt/dovecot/lib/dovecot/lib20_fts_plugin.so(+0x95f0) [0x7f99b43545f0] -> /opt/dovecot/lib/dovecot/lib20_fts_plugin.so(fts_build_mail+0x714) [0x7f99b4354d34] -> /opt/dovecot/lib/dovecot/lib20_fts_plugin.so(+0xf17e) [0x7f99b435a17e] -> /opt/dovecot/lib/dovecot/libdovecot-storage.so.0(mail_precache+0x19) [0x7f99b5294e89] -> /opt/dovecot/bin/doveadm() [0x423211] -> /opt/dovecot/bin/doveadm() [0x41ecc6] -> /opt/dovecot/bin/doveadm(doveadm_mail_try_run+0x27f) [0x41fb8f] -> /opt/dovecot/bin/doveadm(main+0x38f) [0x412a9f] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5) [0x7f99b4bcfec5] -> /opt/dovecot/bin/doveadm() [0x412b99] > > [4] dovecot -n > # 2.2.18: /opt/dovecot/etc/dovecot/dovecot.conf > # Pigeonhole version 0.4.8 (0c4ae064f307+) > # OS: Linux 3.13.0-52-generic x86_64 Ubuntu 14.04.2 LTS ext4 > auth_username_format = %n > auth_verbose = yes > disable_plaintext_auth = no > imap_idle_notify_interval = 5 mins > mail_gid = vmail > mail_home = /var/lib/vmail/home/%d/%u > mail_location = mdbox:/var/lib/vmail/mail/%d/%u > mail_plugins = fts fts_solr zlib acl quota zlib fts fts_solr acl > mail_uid = vmail > mailbox_idle_check_interval = 1 mins > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate imapflags notify > mdbox_rotate_size = 32 M > namespace { > list = children > location = mdbox:/var/lib/vmail/mail/%d/%%u > prefix = shared/%%u/ > separator = / > subscriptions = no > type = shared > } > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = > separator = / > type = private > } > passdb { > args = /opt/dovecot/etc/dovecot/dovecot-ldap.conf.ext > driver = ldap > } > plugin { > acl = vfile > acl_defaults_from_inbox = yes > acl_shared_dict = file:/var/lib/vmail/shared-mailboxes > fts = solr > fts_autoindex = yes > fts_solr = url=http://localhost:8983/solr/ break-imap-search > fts_tika = http://localhost:8081/tika > quota = dict:Quota::file:%h/dovecot-quota > quota_rule = *:storage=1G > quota_warning = storage=95%% quota-warning 95 %u > quota_warning2 = storage=80%% quota-warning 80 %u > sieve = ~/.dovecot.sieve > sieve_dir = ~/sieve > sieve_extensions = +notify +imapflags > zlib_save = gz > zlib_save_level = 9 > } > protocols = imap sieve > service auth { > unix_listener /var/spool/postfix/private/auth { > group = postfix > mode = 0666 > user = postfix > } > unix_listener auth-userdb { > group = vmail > user = vmail > } > } > service imap-login { > inet_listener imaps { > port = 0 > } > } > service managesieve-login { > inet_listener sieve_deprecated { > port = 2000 > } > } > service pop3-login { > inet_listener pop3 { > port = 0 > } > inet_listener pop3s { > port = 0 > } > } > ssl = required > ssl_cert = ssl_cipher_list = EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA > ssl_key = ssl_prefer_server_ciphers = yes > ssl_protocols = !SSLv2 !SSLv3 > userdb { > args = /opt/dovecot/etc/dovecot/dovecot-ldap.conf.ext > driver = ldap > } > protocol lda { > mail_plugins = fts fts_solr zlib sieve acl > } > protocol imap { > mail_plugins = fts fts_solr zlib acl quota imap_acl imap_quota > } > protocol sieve { > mail_plugins = fts fts_solr > } > From number6 at noisynotes.com Tue Jun 16 15:44:39 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Tue, 16 Jun 2015 11:44:39 -0400 Subject: Mail to nowhere Message-ID: <2ug0oal4o55hu4ca472133e7u4r6irgos1@4ax.com> The next phase of my testing procedure involves the simple act of delivering mail to my test box. When I send a message to either a valid or relayed user at my remote machine's address, it never gets there. I know this virtually for sure because I'm tailing /var/log/maillog and nothing new has been added for the past hour. I'm thinking eventually my ISP will send the message back to me as undeliverable, and in that bounced message there may be some information about why it was undeliverable, but maybe someone has a thought as to why I'm not even seeing anything attempt to connect? From info at netsend.nl Tue Jun 16 15:54:17 2015 From: info at netsend.nl (Tim Kuijsten) Date: Tue, 16 Jun 2015 17:54:17 +0200 Subject: replication of a big mailbox Message-ID: <558046A9.9000709@netsend.nl> I'm running dovecots replicator successfully on 33 mailboxes. There is only one mailbox (the biggest one, 167000 mails) that is not replicating successfully. After 10 minutes the "source" starts logging these messages: dovecot: dsync-local(foo at example.com): Error: dsync(imap.netsend.nl): I/O has stalled, no activity for 600 seconds dovecot: dsync-local(foo at example.com): Error: Timeout during state=sync_mails (send=mail_requests recv=changes) dovecot: dsync-local(foo at example.com): Error: Remote command process isn't dying, killing it dovecot: dsync-local(foo at example.com): Error: kill(17459, SIGKILL) failed: Operation not permitted dovecot: doveadm: Error: Pseudo-terminal will not be allocated because stdin is not a terminal. dovecot: doveadm: Error: dsync-remote(foo at example.com): Error: Couldn't lock //.dovecot-sync.lock: Timed out after 30 seconds dovecot: doveadm: Error: Pseudo-terminal will not be allocated because stdin is not a terminal. dovecot: doveadm: Error: dsync-remote(foo at example.com): Error: Couldn't lock //.dovecot-sync.lock: Timed out after 30 seconds The 30 seconds timeout keeps repeating, while the doveadm process on the destination keeps on going for hours and hours. Destination imap.netsend.nl is creating a lot of hardlinks (at least one hardlink per message) in .temp.... files. This takes about 1,5 hour, after that the number of hardlinks decline again. But it looks like the connection with source is already lost. I've patched the source to overcome the timeout by changing it from 10 minutes to 3 hours[1] but now I'm running into a memory error: dovecot: dsync-local(foo at example.com): Error: dsync(imap.netsend.nl): I/O has stalled, no activity for 10800 seconds dovecot: dsync-local(foo at example.com): Error: Timeout during state=sync_mails (send=done recv=mails) dovecot: dsync-local(foo at example.com): Error: mremap_anon(211677184) failed: Cannot allocate memory The allocate memory error shows up every 10 seconds. Next I'll try to look into the memory allocation code, but maybe someone already has a better idea? Thanks. -Tim Config on source: # 2.2.15: /etc/dovecot/dovecot.conf # OS: OpenBSD 5.7 amd64 auth_debug = yes auth_mechanisms = plain login auth_verbose = yes dsync_remote_cmd = /usr/bin/ssh imap.netsend.nl first_valid_gid = 30000 first_valid_uid = 30000 last_valid_gid = 30100 last_valid_uid = 30100 mail_debug = yes mail_home = /srv/vmail/%d/%n mail_location = maildir:~/Maildir mail_plugins = " notify replication" passdb { args = /passwd driver = passwd-file } passdb { args = /passwd_smtponly driver = passwd-file } plugin { mail_replica = remoteprefix:imap.netsend.nl } protocols = imap lmtp service aggregator { fifo_listener replication-notify-fifo { mode = 0666 } unix_listener replication-notify { mode = 0666 } } service auth-worker { chroot = /etc/mail unix_listener /etc/mail/auth-worker { mode = 0600 user = $default_internal_user } user = $default_internal_user } service auth { chroot = /etc/mail unix_listener /var/spool/postfix/private/dovecot-auth { group = _postfix mode = 0600 user = _postfix } } service imap-login { inet_listener imap { port = 0 } process_min_avail = 1 } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = _postfix mode = 0600 user = _postfix } } service replicator { process_min_avail = 1 unix_listener replicator-doveadm { mode = 0600 } } ssl = required ssl_cert = -#define DSYNC_IBC_STREAM_TIMEOUT_MSECS (60*10*1000) +#define DSYNC_IBC_STREAM_TIMEOUT_MSECS (60*180*1000) #define DSYNC_IBC_STREAM_OUTBUF_THROTTLE_SIZE (1024*128) #define DSYNC_PROTOCOL_VERSION_MAJOR 3 From noeldude at gmail.com Tue Jun 16 16:27:58 2015 From: noeldude at gmail.com (Noel) Date: Tue, 16 Jun 2015 11:27:58 -0500 Subject: Mail to nowhere In-Reply-To: <2ug0oal4o55hu4ca472133e7u4r6irgos1@4ax.com> References: <2ug0oal4o55hu4ca472133e7u4r6irgos1@4ax.com> Message-ID: <55804E8E.5040801@gmail.com> On 6/16/2015 10:44 AM, Steve Matzura wrote: > The next phase of my testing procedure involves the simple act of > delivering mail to my test box. When I send a message to either a > valid or relayed user at my remote machine's address, it never gets > there. I know this virtually for sure because I'm tailing > /var/log/maillog and nothing new has been added for the past hour. I'm > thinking eventually my ISP will send the message back to me as > undeliverable, and in that bounced message there may be some > information about why it was undeliverable, but maybe someone has a > thought as to why I'm not even seeing anything attempt to connect? No attempt to deliver almost always means either: - a DNS problem; the sender can't find the destination, or finds the "wrong" destination. - a connectivity problem; the sender can't connect to the destination. Possibly a firewall not open. From number6 at noisynotes.com Tue Jun 16 17:13:47 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Tue, 16 Jun 2015 13:13:47 -0400 Subject: Mail to nowhere In-Reply-To: <55804E8E.5040801@gmail.com> References: <2ug0oal4o55hu4ca472133e7u4r6irgos1@4ax.com> <55804E8E.5040801@gmail.com> Message-ID: On Tue, 16 Jun 2015 11:27:58 -0500, you wrote: >No attempt to deliver almost always means either: >- a DNS problem; the sender can't find the destination, or finds the >"wrong" destination. That would be interesting, since I tried both the actual IP address and the DNS name for the test node. Neither message got through. >- a connectivity problem; the sender can't connect to the >destination. Possibly a firewall not open. Now there's a possibility, but I am not aware of running any firewall on the remote machine. From lists-dovecot at listmail.innovate.net Tue Jun 16 17:31:07 2015 From: lists-dovecot at listmail.innovate.net (Richard) Date: Tue, 16 Jun 2015 17:31:07 +0000 Subject: Mail to nowhere In-Reply-To: References: <2ug0oal4o55hu4ca472133e7u4r6irgos1@4ax.com> <55804E8E.5040801@gmail.com> Message-ID: <871F6C25CD0444D3D10695A7@ritz.innovate.net> > Date: Tuesday, June 16, 2015 01:13:47 PM -0400 > From: Steve Matzura > > On Tue, 16 Jun 2015 11:27:58 -0500, you wrote: > >> No attempt to deliver almost always means either: >> - a DNS problem; the sender can't find the destination, or finds >> the "wrong" destination. > > That would be interesting, since I tried both the actual IP address > and the DNS name for the test node. Neither message got through. > >> - a connectivity problem; the sender can't connect to the >> destination. Possibly a firewall not open. > > Now there's a possibility, but I am not aware of running any > firewall on the remote machine. By default, most MTAs only listen to localhost, so don't accept externally derived mail. Try telnetting to port 25 on the machine from some place off your machine's network. If you get a "hang", it's likely a firewall issue. If you get a "connection refused" message it's probably that the MTA isn't listening on the external interface. If the MTA responds, do a manual delivery exchange and see what you get. If you're not seeing anything in your maillog, this is very likely an issue with your MTA's configuration, not dovecot. From andy at thecsillags.com Tue Jun 16 19:24:12 2015 From: andy at thecsillags.com (Andy Csillag) Date: Tue, 16 Jun 2015 19:24:12 +0000 Subject: Best practices for mailbox network file storage? Message-ID: <255b893a99fe7fa6480dda01842b0f68@www.thecsillags.com> Is there a current best practice for a shared filesystem backend for mailboxes (in my case, all virtual accounts)?? NFS 3/4, GFS2, GlusterFS, other?? In the case of the latter ones, is the use of Director necessary?? Any specific anti-recommendations?? Also, if it matters, I *think* I want to use BackBlaze racks for storage.? Also, I've seen recommendations for the filesystem underneath like XFS or ext4 or whatever.? Is there a best practice? Thanks, Drew From fzielcke at z-51.de Tue Jun 16 20:02:29 2015 From: fzielcke at z-51.de (Felix Zielcke) Date: Tue, 16 Jun 2015 22:02:29 +0200 Subject: Mail to nowhere In-Reply-To: <2ug0oal4o55hu4ca472133e7u4r6irgos1@4ax.com> References: <2ug0oal4o55hu4ca472133e7u4r6irgos1@4ax.com> Message-ID: <1434484949.2976.1.camel@z-51.de> Am Dienstag, den 16.06.2015, 11:44 -0400 schrieb Steve Matzura: > The next phase of my testing procedure involves the simple act of > delivering mail to my test box. When I send a message to either a > valid or relayed user at my remote machine's address, it never gets > there. I know this virtually for sure because I'm tailing > /var/log/maillog and nothing new has been added for the past hour. > I'm > thinking eventually my ISP will send the message back to me as > undeliverable, and in that bounced message there may be some > information about why it was undeliverable, but maybe someone has a > thought as to why I'm not even seeing anything attempt to connect? Receiving and Sending Mail is done by the MTA like postfix or exim. Not Dovecot. It's just for the IMAP/POP access by the users to get the mails. So look at that logs. And if there's nothing in it, then make sure port 25 is actually open by the postfix/exim process. From edgar at pettijohn-web.com Tue Jun 16 20:31:20 2015 From: edgar at pettijohn-web.com (Edgar Pettijohn) Date: Tue, 16 Jun 2015 15:31:20 -0500 Subject: Mail to nowhere In-Reply-To: <2ug0oal4o55hu4ca472133e7u4r6irgos1@4ax.com> References: <2ug0oal4o55hu4ca472133e7u4r6irgos1@4ax.com> Message-ID: <55808798.4080708@pettijohn-web.com> can you: $ telnet yourhost.com 25 (obviously replacing yourhost.com with whatever your domain/ip actually is) from the machine you are sending the mail from? If not make sure the service is running and make sure there isn't a firewall rule preventing this. On 06/16/15 10:44, Steve Matzura wrote: > The next phase of my testing procedure involves the simple act of > delivering mail to my test box. When I send a message to either a > valid or relayed user at my remote machine's address, it never gets > there. I know this virtually for sure because I'm tailing > /var/log/maillog and nothing new has been added for the past hour. I'm > thinking eventually my ISP will send the message back to me as > undeliverable, and in that bounced message there may be some > information about why it was undeliverable, but maybe someone has a > thought as to why I'm not even seeing anything attempt to connect? From number6 at noisynotes.com Tue Jun 16 23:05:43 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Tue, 16 Jun 2015 19:05:43 -0400 Subject: Mail to nowhere In-Reply-To: <871F6C25CD0444D3D10695A7@ritz.innovate.net> References: <2ug0oal4o55hu4ca472133e7u4r6irgos1@4ax.com> <55804E8E.5040801@gmail.com> <871F6C25CD0444D3D10695A7@ritz.innovate.net> Message-ID: On Tue, 16 Jun 2015 17:31:07 +0000, you wrote: >By default, most MTAs only listen to localhost, so don't accept >externally derived mail. Try telnetting to port 25 on the machine >from some place off your machine's network. If you get a "hang", >it's likely a firewall issue. If you get a "connection refused" >message it's probably that the MTA isn't listening on the external >interface. > >If the MTA responds, do a manual delivery exchange and see what you >get. > >If you're not seeing anything in your maillog, this is very likely >an issue with your MTA's configuration, not dovecot. Now that I think about and concentrate on what you wrote, make perfect sense. Add to that the fact that I received bounces from my ISP that all said the same thing: Unable to establish an SMTP connection. The return code was 4.5.1. From number6 at noisynotes.com Tue Jun 16 23:21:06 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Tue, 16 Jun 2015 19:21:06 -0400 Subject: Mail to nowhere In-Reply-To: <1434484949.2976.1.camel@z-51.de> References: <2ug0oal4o55hu4ca472133e7u4r6irgos1@4ax.com> <1434484949.2976.1.camel@z-51.de> Message-ID: <5fb1oatj8en5jb5g4860hnkan4kuv6qhug@4ax.com> On Tue, 16 Jun 2015 22:02:29 +0200, you wrote: >Am Dienstag, den 16.06.2015, 11:44 -0400 schrieb Steve Matzura: >> The next phase of my testing procedure involves the simple act of >> delivering mail to my test box. When I send a message to either a >> valid or relayed user at my remote machine's address, it never gets >> there. I know this virtually for sure because I'm tailing >> /var/log/maillog and nothing new has been added for the past hour. >> I'm >> thinking eventually my ISP will send the message back to me as >> undeliverable, and in that bounced message there may be some >> information about why it was undeliverable, but maybe someone has a >> thought as to why I'm not even seeing anything attempt to connect? > >Receiving and Sending Mail is done by the MTA like postfix or exim. >Not Dovecot. It's just for the IMAP/POP access by the users to get the >mails. >So look at that logs. And if there's nothing in it, then make sure port >25 is actually open by the postfix/exim process. Well, it isn't. In fact, there is no exim process running. However, something calling itself 'master' has port 25 open according to netstat, and that process has a subprocess running something called qmgr. I'd give more information, such as path to these programs, but it isn't shown. Time to check my Postfix config a little more closely. From number6 at noisynotes.com Tue Jun 16 23:21:07 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Tue, 16 Jun 2015 19:21:07 -0400 Subject: Mail to nowhere In-Reply-To: <55808798.4080708@pettijohn-web.com> References: <2ug0oal4o55hu4ca472133e7u4r6irgos1@4ax.com> <55808798.4080708@pettijohn-web.com> Message-ID: <7kb1oap4bcvg88nienk5rkjnv51nurfop0@4ax.com> On Tue, 16 Jun 2015 15:31:20 -0500, you wrote: >can you: > >$ telnet yourhost.com 25 >(obviously replacing yourhost.com with whatever your domain/ip actually is) >from the machine you are sending the mail from? If not make sure the >service is running and make sure there isn't a firewall rule preventing >this. Connect failed. >On 06/16/15 10:44, Steve Matzura wrote: >> The next phase of my testing procedure involves the simple act of >> delivering mail to my test box. When I send a message to either a >> valid or relayed user at my remote machine's address, it never gets >> there. I know this virtually for sure because I'm tailing >> /var/log/maillog and nothing new has been added for the past hour. I'm >> thinking eventually my ISP will send the message back to me as >> undeliverable, and in that bounced message there may be some >> information about why it was undeliverable, but maybe someone has a >> thought as to why I'm not even seeing anything attempt to connect? From lists-dovecot at listmail.innovate.net Tue Jun 16 23:35:34 2015 From: lists-dovecot at listmail.innovate.net (Richard) Date: Tue, 16 Jun 2015 23:35:34 +0000 Subject: Mail to nowhere Message-ID: > Date: Tuesday, June 16, 2015 07:05:43 PM -0400 > From: Steve Matzura > > On Tue, 16 Jun 2015 17:31:07 +0000, you wrote: > >> By default, most MTAs only listen to localhost, so don't accept >> externally derived mail. Try telnetting to port 25 on the machine >> from some place off your machine's network. If you get a "hang", >> it's likely a firewall issue. If you get a "connection refused" >> message it's probably that the MTA isn't listening on the external >> interface. >> >> If the MTA responds, do a manual delivery exchange and see what >> you get. >> >> If you're not seeing anything in your maillog, this is very likely >> an issue with your MTA's configuration, not dovecot. > > Now that I think about and concentrate on what you wrote, make > perfect sense. Add to that the fact that I received bounces from > my ISP that all said the same thing: Unable to establish an SMTP > connection. The return code was 4.5.1. A 4xx indicates a transient error (i.e., within configured limits, delivery retries will be attempted), 5xx is permanent (immediate reject, no retries), otherwise the specific number isn't all that telling. >From everything you've indicated, this is an MTA issue. From lists-dovecot at listmail.innovate.net Tue Jun 16 23:45:25 2015 From: lists-dovecot at listmail.innovate.net (Richard) Date: Tue, 16 Jun 2015 23:45:25 +0000 Subject: Mail to nowhere In-Reply-To: <5fb1oatj8en5jb5g4860hnkan4kuv6qhug@4ax.com> References: <2ug0oal4o55hu4ca472133e7u4r6irgos1@4ax.com> <1434484949.2976.1.camel@z-51.de> <5fb1oatj8en5jb5g4860hnkan4kuv6qhug@4ax.com> Message-ID: <45FA5145B1974D21C077CFEC@ritz.innovate.net> > Date: Tuesday, June 16, 2015 07:21:06 PM -0400 > From: Steve Matzura > > On Tue, 16 Jun 2015 22:02:29 +0200, you wrote: > >> Am Dienstag, den 16.06.2015, 11:44 -0400 schrieb Steve Matzura: >>> The next phase of my testing procedure involves the simple act of >>> delivering mail to my test box. When I send a message to either a >>> valid or relayed user at my remote machine's address, it never >>> gets there. I know this virtually for sure because I'm tailing >>> /var/log/maillog and nothing new has been added for the past >>> hour. I'm >>> thinking eventually my ISP will send the message back to me as >>> undeliverable, and in that bounced message there may be some >>> information about why it was undeliverable, but maybe someone >>> has a thought as to why I'm not even seeing anything attempt to >>> connect? >> >> Receiving and Sending Mail is done by the MTA like postfix or >> exim. Not Dovecot. It's just for the IMAP/POP access by the users >> to get the mails. >> So look at that logs. And if there's nothing in it, then make >> sure port 25 is actually open by the postfix/exim process. > > Well, it isn't. In fact, there is no exim process running. However, > something calling itself 'master' has port 25 open according to > netstat, and that process has a subprocess running something called > qmgr. I'd give more information, such as path to these programs, > but it isn't shown. > Time to check my Postfix config a little more closely. Those pieces are all part of the postfix MTA (you haven't indicated your OS, but postfix is the current default on most current linux distributions). As I indicated earlier, by default most (current) MTA installs only listen on localhost, not on the external interfaces, so don't accept off-host mail. There is extensive postfix documentation and also a postfix mailing list if you need assistance. From number6 at noisynotes.com Wed Jun 17 01:16:03 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Tue, 16 Jun 2015 21:16:03 -0400 Subject: Mail to nowhere In-Reply-To: References: Message-ID: On Tue, 16 Jun 2015 23:35:34 +0000, you wrote: >>From everything you've indicated, this is an MTA issue. I see that. OK, on to the other list. Thanks. From number6 at noisynotes.com Wed Jun 17 01:30:46 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Tue, 16 Jun 2015 21:30:46 -0400 Subject: Mail to nowhere In-Reply-To: <45FA5145B1974D21C077CFEC@ritz.innovate.net> References: <2ug0oal4o55hu4ca472133e7u4r6irgos1@4ax.com> <1434484949.2976.1.camel@z-51.de> <5fb1oatj8en5jb5g4860hnkan4kuv6qhug@4ax.com> <45FA5145B1974D21C077CFEC@ritz.innovate.net> Message-ID: On Tue, 16 Jun 2015 23:45:25 +0000, you wrote: >Those pieces are all part of the postfix MTA (you haven't indicated >your OS, but postfix is the current default on most current linux >distributions). Fedora 20. Soon upgrading to 22. >As I indicated earlier, by default most (current) MTA installs only >listen on localhost, not on the external interfaces, so don't accept >off-host mail. Unless I'm mistaken, which it appears that I am, I set Postfix up to receive off-host mail. I'm on the other email list, will carry this over there. From darix at opensu.se Wed Jun 17 09:56:12 2015 From: darix at opensu.se (Marcus =?UTF-8?B?UsO8Y2tlcnQ=?=) Date: Wed, 17 Jun 2015 11:56:12 +0200 Subject: Best practices for mailbox network file storage? In-Reply-To: <255b893a99fe7fa6480dda01842b0f68@www.thecsillags.com> References: <255b893a99fe7fa6480dda01842b0f68@www.thecsillags.com> Message-ID: <20150617115612.6be8b640@tengu.suse.de> On Tue, 16 Jun 2015 19:24:12 +0000 "Andy Csillag" wrote: > Is there a current best practice for a shared filesystem backend for > mailboxes (in my case, all virtual accounts)?? NFS 3/4, GFS2, > GlusterFS, other?? In the case of the latter ones, is the use of > Director necessary?? Any specific anti-recommendations?? Also, if it > matters, I *think* I want to use BackBlaze racks for storage.? Also, > I've seen recommendations for the filesystem underneath like XFS or > ext4 or whatever.? Is there a best practice? > > Thanks, > Drew http://wiki2.dovecot.org/NFS -- openSUSE - SUSE Linux is my linux openSUSE is good for you www.opensuse.org From tss at iki.fi Wed Jun 17 10:13:47 2015 From: tss at iki.fi (Timo Sirainen) Date: Wed, 17 Jun 2015 13:13:47 +0300 Subject: bug in indexer/indexer-worker In-Reply-To: References: Message-ID: <8B0A6CD2-D153-47BE-9526-DC314758CC50@iki.fi> On 16 Jun 2015, at 15:07, Infoomatic wrote: > [1] Then comes the panic which produces loads of errormessages below the "Raw backtrace" part: > Jun 16 10:11:08 testhost dovecot: indexer-worker(user1): Warning: I/O leak: 0x7f40b55c39d0 (line 411, fd 20) > Jun 16 10:11:08 testhost dovecot: indexer-worker(user1): Warning: Timeout leak: 0x7f40b55c3780 (line 325) > Jun 16 10:11:08 testhost dovecot: indexer-worker(user1): Panic: file ioloop.c: line 39 (io_add_file): assertion failed: (callback != NULL) Should be fixed by http://hg.dovecot.org/dovecot-2.2/rev/3ae8cf3f8320 From tss at iki.fi Wed Jun 17 11:26:46 2015 From: tss at iki.fi (Timo Sirainen) Date: Wed, 17 Jun 2015 14:26:46 +0300 Subject: Imap process crashes when search in virtual mailbox In-Reply-To: References: Message-ID: <98668656-C1FE-40A5-A880-AFEAA524A1F9@iki.fi> On 16 Jun 2015, at 15:17, mihaiush wrote: > > Hi, > > When searching in a virtual mailbox imap process crashes if the virtual > mailbox has a lot of physical mailboxes behind (more than 80 - 100 > mailboxes). > > 2015-06-16T12:49:25.502864+02:00 sr-be-store07 dovecot: store107: imap( > mihaiush at sunrise.ch): hCdxU6AY/wAKThJr: Panic: file mail-index-map.c: line > 547 (mail_index_map_lookup_seq_range): assertion failed: (first_uid > 0) Fixed: http://hg.dovecot.org/dovecot-2.2/rev/d609454bdf64 From tss at iki.fi Wed Jun 17 11:29:08 2015 From: tss at iki.fi (Timo Sirainen) Date: Wed, 17 Jun 2015 14:29:08 +0300 Subject: Dovecot 2.2.16: disappearing messages, mismatched summaries, duplicated messages, excessive full re-downloads In-Reply-To: <557F72C3.9050102@blackrosetech.com> References: <553247D0.1020400@blackrosetech.com> <5532557D.10000@blackrosetech.com> <"> <3C3A4690-1FB3-4972-92E3-B2E1B554ECB6@iki.fi> <"> <55390406.9070701@blackrosetech.com> <555C496C.8030809@blackrosetech.com> <556C5E50.6060509@skye.it> <557F72C3.9050102@blackrosetech.com> Message-ID: <628B9CAD-A236-48A6-9F2E-B4CBFDDB15D2@iki.fi> On 16 Jun 2015, at 03:50, David Gessel wrote: > >> Alessio Cecchi skrev den 2015-06-01 15:29: >>> Il 20/05/2015 10:44, David Gessel ha scritto: >>>> Is there a way to completely disable caching on dovecot? >>> >>> Yes: mail_location = maildir:~/Maildir:INDEX=MEMORY >> >> dont know if that really solve it, imho it just move the problem from disk cache to memory cache, it does not imho disable it > > > It seemed to do the trick. Behavior finally seems normal. The best evidence: At 10:00:00-ish I made the change in the config file and at 10:02:29 I restarted the server. > > It is now after 17:14 in Oakland and the logs are quiet. > > 09:00:06 host newsyslog[55292]: logfile turned over due to size>1000K > 09:00:08 imap(user1): Warning: Maildir /mail/dom1.com/user1/: Expunged message reappeared, giving a new UID (old uid=3558585, file=1434383291.M430136P55004.host,S=2380,W=2423:2,) > 09:00:08 imap(user1): Warning: Maildir /mail/dom1.com/user1/: Expunged message reappeared, giving a new UID (old uid=3558586, file=1434383253.M121801P54997.host,S=27419,W=28395:2,) .. > The last log file was turned over when it got greater than 1000K. It covered 1312 minutes and 3726 "expunged Message" warnings or one every 21 seconds. There hasn't been a single one in the 7+ hours since I moved the index to MEMORY. > > Whatever is confusing the index state on disk, it is not happening in RAM. Well, it's also possible that the confusion is still happening, but Dovecot just doesn't notice it. If it is, IMAP clients may randomly not see all messages or may otherwise have strange behavior. From peljasz at yahoo.co.uk Wed Jun 17 13:10:02 2015 From: peljasz at yahoo.co.uk (lejeczek) Date: Wed, 17 Jun 2015 14:10:02 +0100 Subject: dsync userdb and required fields? Message-ID: <558171AA.1010806@yahoo.co.uk> hi, I'm fiddling with dsync and get these in the logs: auth: Error: password(ps655@): Password data is not valid for scheme SSHA: Input isn't valid base64 encoded data .. auth: Error: ldap(ns580@,172.25.12.215): ldap_search(base=ou=,ou=mail,dc=virtual,dc=hosting filter=(&(objectclass=person) .... This is on a dovecot that I'd call second, to which I'd like to replicate, first dovecot which is already populated with users, etc. does not show these errors. and I also have seen complains about possixAccunt I think. Do these mean that there is a base minimum required from dovecot/dsync in order to deem/find a user as a valid user? Also I can tell that those users do belong to different domain (not even this RDN) than the one in which the second dovecot is trying to look. These fields/attributes are nowhere defined/mentioned in my configs thus I wonder. many thanks From tss at iki.fi Wed Jun 17 13:43:17 2015 From: tss at iki.fi (Timo Sirainen) Date: Wed, 17 Jun 2015 16:43:17 +0300 Subject: FTS lucene and english + german mails In-Reply-To: <1434392551.8047.2.camel@z-51.de> References: <1434392551.8047.2.camel@z-51.de> Message-ID: <2218E04D-CD9C-4D07-86A3-ECE39A8A2AD6@iki.fi> On 15 Jun 2015, at 21:22, Felix Zielcke wrote: > > Hi, > > I'm currently looking over the FTS pages to enable it in my dovecot. > But I'm unsure what the best settings of the lucene plugin are, if you > receive german and english mails. > Wiki says: > > textcat_conf= textcat_dir=: If specified, enable guessing > the stemming language for emails and search keywords. This is a little > bit problematic in practice, since indexing and searching languages may > differ and may not find even exact words because they stem differently. > > On Debian libstemmer is included in the debian-lucene package. > > So what settings are the best to have not the problem that exact words > can't be found? The textcat support in fts-lucene works very badly and shouldn't be used. There's new lib-fts code being developed that supports multiple languages better. It's already kind of usable in v2.2.18, but would be better to wait for v2.2.19. From peljasz at yahoo.co.uk Wed Jun 17 15:07:48 2015 From: peljasz at yahoo.co.uk (lejeczek) Date: Wed, 17 Jun 2015 16:07:48 +0100 Subject: dsync selectively In-Reply-To: <55802449.5070608@yahoo.co.uk> References: <55801198.8040600@yahoo.co.uk> <20150616121438.GC32014@mx.grmbl.net> <558021C9.3040208@yahoo.co.uk> <55802449.5070608@yahoo.co.uk> Message-ID: <55818D44.8060807@yahoo.co.uk> On 16/06/15 14:27, lejeczek wrote: > On 16/06/15 14:16, lejeczek wrote: >> On 16/06/15 13:14, B wrote: >>> P, >>> >>> On Tue, Jun 16, 2015 at 01:07:52PM +0100, lejeczek wrote: >>> >>>> I've barely started reading on dsync and I wonder.. >>>> would you know if it is possible to sync/replicate only >>>> specific >>>> domain(users)? or it's always the whole lot? >>> See >>> http://blog.dovecot.org/2012/02/dovecot-clustering-with-dsync-based.html >>> >>> >>> basically set 'mail_replica' to 'remote:server3' in your >>> userdb >>> >>> >>> B >>> >> thanks B, >> userdb as appose to plugin? >> it's quite unclear what to put there, to a beginner. >> > also if I put mail_replica (having the rest, pretty much > take form wiki in repl.conf) into userdb > I get: > > line 24: Unknown setting: mail_replica > > this userdb uses ldap driver in case it may matter, I > guess it should not. > gee, I cannot figure it out, and I'd guess it must be sort of typical situation, where one would want to avoid replication os local/system users and only sync a virtual domain(s), no? Can it be done by means of config files? From diegoliz at gmail.com Wed Jun 17 15:14:44 2015 From: diegoliz at gmail.com (Diego Liziero) Date: Wed, 17 Jun 2015 17:14:44 +0200 Subject: SOLR 5 In-Reply-To: <607ea91045088057faa6a5b1840cfb47@hpc.at> References: <607ea91045088057faa6a5b1840cfb47@hpc.at> Message-ID: On Sat, Feb 28, 2015 at 8:17 PM, Robert Gierzinger wrote: > Hello, > > I just wanted to give SOLR 5 a try, however there probably have changed > quite some bits in the config files, did not even manage to create a core > with various solrconfig.xml and schema.xml files, but I am absolutely no > expert in solr. > Has anybody given it a try or are there some tips on how to get it running? > > regards, > Robert > Using solr-5.0.0 with a single core here, the last one I managed to get working with dovecot 1.1.18. Starting from 5.1.0 solr changed behaviour and complains with "Bad contentType for search handler :text/xml" (I've tried to change dovecot header requests to "application/x-www-form-urlencoded" but I got a "missing content stream" error). Here some further steps I did to get it working, not sure if it's the correct way of doing it, though (but I'm sure that someone will correct me where I'm wrong). I've created a new folder server/solr/dovecot/ with a file core.properties and two subdirs: data and conf. My core.properties contains these four lines: name=dovecot config=solrconfig.xml schema=schema.xml dataDir=data in the server/solr/dovecot/conf dir I initially copied the content of one of the sample dirs (server/solr/configsets/basic_configs/conf) and then I copied as schema.xml the solr-schema.xml from dovecot install. This changes the main url path of solr, so I had to point dovecot config to http://localhost:8983/solr/dovecot/ and the crontab became: # solr 0 0 * * * curl http://localhost:8983/solr/dovecot/update?optimize=true */10 * * * * curl http://localhost:8983/solr/dovecot/update?commit=true &>/dev/null If someone knows how to keep the usual main "http://localhost:8983/solr/" url with solr-5, please let me know how to do it. In bin/init.d/solr there is an init.d script with some comments to get it correctly configured and some pointer to the other config steps (such as create a solr user, edit conf/solr.in.sh for other environment variables, and so on). Regards, Diego. From number6 at noisynotes.com Wed Jun 17 15:23:18 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Wed, 17 Jun 2015 11:23:18 -0400 Subject: Mail to nowhere In-Reply-To: <20150617131025.GB11777@trot.notinkansas> References: <20150617131025.GB11777@trot.notinkansas> Message-ID: <9343oatrodcofouo93c9ta8lfl1l1e7bg0@4ax.com> On Wed, 17 Jun 2015 09:10:26 -0400, you wrote: >Please send the output of postconf -n to the mailing list. Paul: I purposefully obfuscated my FQDN and domain, but they both have real and good data in them. alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5 html_directory = no inet_interfaces = localhost inet_protocols = all mail_owner = postfix mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man mydestination = $myhostname, localhost.$mydomain, localhost myhostname = newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix/README_FILES sample_directory = /usr/share/doc/postfix/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache smtpd_sasl_auth_enable = yes smtpd_tls_auth_only = yes smtpd_tls_key_file = /etc/pki/dovecot/certs/tgv2015.crt smtpd_tls_received_header = yes smtpd_tls_security_level = may smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache smtpd_use_tls = yes unknown_local_recipient_reject_code = 550 virtual_mailbox_base = /var/mail/vhosts virtual_mailbox_domains = virtual_transport = lmtp:unix:private/dovecot-lmtp From number6 at noisynotes.com Wed Jun 17 15:26:54 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Wed, 17 Jun 2015 11:26:54 -0400 Subject: Sorry, wrong paste buffer Message-ID: Please ignore last message. From peljasz at yahoo.co.uk Wed Jun 17 16:58:29 2015 From: peljasz at yahoo.co.uk (lejeczek) Date: Wed, 17 Jun 2015 17:58:29 +0100 Subject: why would replicated to server ask for extra fs permissions? Message-ID: <5581A735.4040304@yahoo.co.uk> I think I'm near getting a simple replication, but on server which is still "empty" I get: Initialization failed: Namespace '': mkdir(/var/spool/mail/ccnr.biotechnology/nr412/Maildir) failed: Permission denied (euid=1187(nr412) egid=513(Domain Users) missing +w perm: /var/spool/mail, we're not in group 12(mail), dir owned by 0:12 mode=0775 but repl from server runs just fine and their configs are virtually identical. What I missed? many thanks From fzielcke at z-51.de Wed Jun 17 18:07:52 2015 From: fzielcke at z-51.de (Felix Zielcke) Date: Wed, 17 Jun 2015 20:07:52 +0200 Subject: FTS lucene and english + german mails In-Reply-To: <2218E04D-CD9C-4D07-86A3-ECE39A8A2AD6@iki.fi> References: <1434392551.8047.2.camel@z-51.de> <2218E04D-CD9C-4D07-86A3-ECE39A8A2AD6@iki.fi> Message-ID: <1434564472.3118.3.camel@z-51.de> Am Mittwoch, den 17.06.2015, 16:43 +0300 schrieb Timo Sirainen: > > The textcat support in fts-lucene works very badly and shouldn't be > used. There's new lib-fts code being developed that supports multiple > languages better. It's already kind of usable in v2.2.18, but would > be better to wait for v2.2.19. Thanks for your answer. Then as soon as 2.2.19 has been uploaded to unstable I'll do my own backport package. Instead of waiting to be officially avaible From andrelisci at gmail.com Wed Jun 17 21:03:12 2015 From: andrelisci at gmail.com (Andrea Lisci) Date: Wed, 17 Jun 2015 23:03:12 +0200 Subject: centos 7 dovecot 2.2.10 segmentation fault on devcot/auth using ldap driver in userdb Message-ID: <5581E090.1090804@gmail.com> dovecot 2.2.10 packaged by centos 7 configuring ldap driver on userdb cause imap crash during login userdb { driver = ldap args = /etc/dovecot/dovecot-ldap-userdb.conf3.ext # Default fields can be used to specify defaults that LDAP may override #default_fields = home=/home/virtual/%u } #ldap conf --------------- hosts = myDChost base = dc=company,dc=testdomain,dc=dom ldap_version = 3 auth_bind = yes auth_bind_userdn = windowsdomain\%u user_filter = (&(objectclass=person)(|(mail=%u)(sAMAccountName=%n))) user_attrs = =uid=vmail,=gid=vmail,=home=/users/vmail/maildomain.com/%n,=mail_location=maildir:/users/vmail/maildomain.com/%n/Maildir tls = yes tls_require_cert = never dovecot -n --------------- # 2.2.10: /etc/dovecot/dovecot.conf # OS: Linux 3.10.0-229.4.2.el7.x86_64 x86_64 CentOS Linux release 7.1.1503 (Core) xfs auth_debug = yes auth_mechanisms = plain login listen = * mail_debug = yes mail_location = maildir:/users/vmail/maildomain.com/%n/Maildir managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mbox_write_locks = fcntl namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-ldap.conf2.ext driver = ldap } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } ssl = required ssl_cert = This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-redhat-linux-gnu". For bug reporting instructions, please see: ... Reading symbols from /usr/libexec/dovecot/auth...Reading symbols from /usr/lib/debug/usr/libexec/dovecot/auth.debug...done. done. [New LWP 25122] [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib64/libthread_db.so.1". Missing separate debuginfo for /usr/lib64/libnssckbi.so Try: yum --enablerepo='*debug*' install /usr/lib/debug/.build-id/1e/a2171aee7143d971607597b24f2a97e9276cbb.debug Core was generated by `dovecot/auth'. Program terminated with signal 11, Segmentation fault. #0 db_ldap_handle_request_result (res=0x0, idx=, request=, conn=) at db-ldap.c:819 819 request->callback(conn, request, res->msg); (gdb) bt full #0 db_ldap_handle_request_result (res=0x0, idx=, request=, conn=) at db-ldap.c:819 _data_stack_cur_id = 3 srequest = ret = final_result = named_res = #1 db_ldap_handle_result (res=, conn=) at db-ldap.c:886 auth_request = 0x7f3704fa2620 idx = msgid = #2 ldap_input (conn=) at db-ldap.c:918 timeout = {tv_sec = 0, tv_usec = 0} res = 0x7f3704b1b530 msg = 0x7f370489fcb0 prev_reply_diff = ret = #3 0x00007f3702a19a47 in io_loop_call_io (io=0x7f37046dbad0) at ioloop.c:388 ioloop = 0x7f37046bd7b0 t_id = 2 #4 0x00007f3702a1a8cf in io_loop_handler_run (ioloop=ioloop at entry=0x7f37046bd7b0) at ioloop-epoll.c:220 ctx = 0x7f37046c5450 events = list = 0x7f3704998170 io = tv = {tv_sec = 0, tv_usec = 999118} events_count = msecs = ret = 1 i = 0 call = __FUNCTION__ = "io_loop_handler_run" #5 0x00007f3702a19598 in io_loop_run (ioloop=0x7f37046bd7b0) at ioloop.c:412 __FUNCTION__ = "io_loop_run" #6 0x00007f37029c69e3 in master_service_run (service=0x7f37046bd640, callback=) at master-service.c:571 No locals. #7 0x00007f3702ea77f1 in main (argc=1, argv=0x7f37046bd390) at main.c:393 c = From p at sys4.de Wed Jun 17 21:08:00 2015 From: p at sys4.de (Patrick Ben Koetter) Date: Wed, 17 Jun 2015 23:08:00 +0200 Subject: centos 7 dovecot 2.2.10 segmentation fault on devcot/auth using ldap driver in userdb In-Reply-To: <5581E090.1090804@gmail.com> References: <5581E090.1090804@gmail.com> Message-ID: <20150617210800.GA29025@sys4.de> * Andrea Lisci : > dovecot 2.2.10 packaged by centos 7 > > configuring ldap driver on userdb cause imap crash during login SELinux enabled? p at rick -- [*] sys4 AG https://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From infoomatic at gmx.at Wed Jun 17 22:19:57 2015 From: infoomatic at gmx.at (Infoo Matic) Date: Thu, 18 Jun 2015 00:19:57 +0200 Subject: =?utf-8?q?Re=3A_bug_in_indexer=2Findexer-worker?= In-Reply-To: <8B0A6CD2-D153-47BE-9526-DC314758CC50@iki.fi> Message-ID: <648-5581f280-3-31b52040@189859545> On Wednesday, June 17, 2015 12:13 CEST, Timo Sirainen wrote: > On 16 Jun 2015, at 15:07, Infoomatic wrote: > > > [1] Then comes the panic which produces loads of errormessages below the "Raw backtrace" part: > > Jun 16 10:11:08 testhost dovecot: indexer-worker(user1): Warning: I/O leak: 0x7f40b55c39d0 (line 411, fd 20) > > Jun 16 10:11:08 testhost dovecot: indexer-worker(user1): Warning: Timeout leak: 0x7f40b55c3780 (line 325) > > Jun 16 10:11:08 testhost dovecot: indexer-worker(user1): Panic: file ioloop.c: line 39 (io_add_file): assertion failed: (callback != NULL) > > Should be fixed by http://hg.dovecot.org/dovecot-2.2/rev/3ae8cf3f8320 wow, that was fast! Great, works on my tests! Thanks a lot! From yakoh at sd.keio.ac.jp Thu Jun 18 01:36:39 2015 From: yakoh at sd.keio.ac.jp (Takahiro Yakoh) Date: Thu, 18 Jun 2015 10:36:39 +0900 Subject: privilege of process executed by extprograms plugin Message-ID: <558220A7.4020507@sd.keio.ac.jp> Hi, I'm just a beginner of extprograms plugin of sieve. When I execute a process via execute or pipe command, the process start with "root" privilege. Why? I believe the process must be executed with recipient privilege. Give me some checkpoints, or hints, please. My setup is as follows: Ubuntu 14.04.2 LTS 64bit + dovecot-core, dovecot-sieve plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_execute_bin_dir = /some/where sieve_extensions = +vnd.dovecot.execute +vnd.dovecot.pipe sieve_pipe_bin_dir = /some/where sieve_plugins = sieve_extprograms } protocol lmtp { mail_plugins = " sieve" postmaster_address = postmaster at some.where } Yakoh From number6 at noisynotes.com Thu Jun 18 02:35:32 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Wed, 17 Jun 2015 22:35:32 -0400 Subject: LMTP with Postfix Problem Message-ID: <8ra4oatp2obr8s7g6csil1c8gtro72mtt2@4ax.com> Here's a maillog entry that's one of many I receive when I try sending a test message to my system. The recipient is a virtual user in /etc/virtual. The way I'm expecting it to work is that my message from me to this Postfix virtual user will be sent back to me. Every time the message delivery is attempted, Dovecot says the LMTP directory doesn't exist. I thought it was created automatically as messages arrive. Jun 18 01:48:27 postfix/lmtp[30644]: 4CA5B8CB6: to=>, orig_to=, relay=none, delay=0.02, delays=0.02/0/0/0, dsn=4.4.1, status=deferred (connect to [private/dovecot-lmtp]: No such file or directory) From skdovecot at smail.inf.fh-brs.de Thu Jun 18 06:45:47 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 18 Jun 2015 08:45:47 +0200 (CEST) Subject: why would replicated to server ask for extra fs permissions? In-Reply-To: <5581A735.4040304@yahoo.co.uk> References: <5581A735.4040304@yahoo.co.uk> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 17 Jun 2015, lejeczek wrote: > I think I'm near getting a simple replication, but on server which is still > "empty" I get: > > Initialization failed: Namespace '': > mkdir(/var/spool/mail/ccnr.biotechnology/nr412/Maildir) failed: Permission > denied (euid=1187(nr412) egid=513(Domain Users) missing +w perm: > /var/spool/mail, we're not in group 12(mail), dir owned by 0:12 mode=0775 > > but repl from server runs just fine and their configs are virtually > identical. > What I missed? does "/var/spool/mail/ccnr.biotechnology" exists or do you run SELinux, which prevents accessing it? - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVYJpG3z1H7kL/d9rAQIPHgf+M4XOeplRlhqnjrfeMBhSekBckCZYOUO7 gRCYvOdx8dNY9YN9SJRU/a/SKb+r4MCX4ozOXdWDZZgWoOcjpetrL9RQHXhFQzgF HbNkxyfaUljYxCWbNBCcisFW/fiwFalsi/ib+3TJ5246TYFGmXPBSup0Iru59LRl NQPNwJ1OzmSu/A5kerkoIhtEIPZpKuOfWQqa4CmzA9FEb7kwcUnTkfZhMHox3QeP TiOunx8GcSXsvuoVevG8xH4Gczk/bmJNHfE5ZsKPAkn+sv0aUpTTO8BU9fFWCBHU oXmSsRLPi+B3GvPrPLYkobYG5LPUkdFY7sxizuCN9Zwt2x1gNpe1fw== =XXHt -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Thu Jun 18 06:48:15 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 18 Jun 2015 08:48:15 +0200 (CEST) Subject: get failed auth In-Reply-To: <55800405.3070402@gmail.com> References: <55800405.3070402@gmail.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 16 Jun 2015, My Work wrote: > Hi, how i can write all users to my db (mysql example) if it is possible that > get "unknown user", "auth failed" e.g.? maybe I don't understand your question wrong, but "unknown user", "auth failed" etc. are logged to Dovecot's log, so parse the file. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVYJpr3z1H7kL/d9rAQJThggArVJC74oZH4lGx7uuKS4vXNGTdlSzOrJ/ Njf1GQBMEkjjDUhQssgv7gA7SGBDx3VcuYeR6/Ph9yl1eJvJwXNuAEJJ/Ux1bks5 gYTxragNMW9zIobVGJZ6f/XkXgIPj6HRVeKn1soxIhBqoXUB9HAjv4y1CXdmEAeF enDRKv8nQ+uYJyKUr1k8HFYZjzSRbUnsi+dCVyRyn9usZcydBKafc/wsuj+LBtIf NfETteATxQAxym0jRVhopv7yH0ldpX/ZuhmK33/S1V2C0UYxXeY67Gv9L4RLjpPr HQYrPkM4UAxNfw1DiEZe38WzZC2uLVt2r1TuW1YBmr2Mi1wuwX6bGA== =O6Ml -----END PGP SIGNATURE----- From troeder at univention.de Thu Jun 18 07:24:32 2015 From: troeder at univention.de (=?windows-1252?Q?Daniel_Tr=F6der?=) Date: Thu, 18 Jun 2015 09:24:32 +0200 Subject: LMTP with Postfix Problem In-Reply-To: <8ra4oatp2obr8s7g6csil1c8gtro72mtt2@4ax.com> References: <8ra4oatp2obr8s7g6csil1c8gtro72mtt2@4ax.com> Message-ID: <55827230.30303@univention.de> Am 18.06.2015 um 04:35 schrieb Steve Matzura: > Here's a maillog entry that's one of many I receive when I try sending > a test message to my system. The recipient is a virtual user in > /etc/virtual. The way I'm expecting it to work is that my message from > me to this Postfix virtual user will be sent back to me. Every time > the message delivery is attempted, Dovecot says the LMTP directory > doesn't exist. I thought it was created automatically as messages > arrive. > > Jun 18 01:48:27 postfix/lmtp[30644]: 4CA5B8CB6: > to=>, orig_to=, relay=none, > delay=0.02, delays=0.02/0/0/0, dsn=4.4.1, status=deferred (connect to > [private/dovecot-lmtp]: No such file or directory) > I think "private/dovecot-lmtp" isn't found. Please compare your Dovecot socket configuration and Postfix-main.cf configuration to http://wiki2.dovecot.org/HowTo/PostfixDovecotLMTP (The group may not be "postfix" for your system.) service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } virtual_transport = lmtp:unix:private/dovecot-lmtp -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From dino.blazeka at gmail.com Thu Jun 18 07:34:44 2015 From: dino.blazeka at gmail.com (Dino Blazeka) Date: Thu, 18 Jun 2015 07:34:44 +0000 Subject: Pigeonhole vacation from alias address Message-ID: Hi everyone. I've set up my instance not to check recipient address with sieve_vacation_dont_check_recipient=yes to enable users to set up their vacation script without listing addresses (there are to many). Only problem remaining is that when they receive an e-mail sent to their alias, the vacation response comes from their original mail address. Is there a setting or workaround that would enable vacation extension to send response with from field set to whichever address the original message was addressed to. Thank you in advance, Dino P. S. This is my first message to the list so I apologize in advance if I have broken any rules. It was not done intentionally From number6 at noisynotes.com Thu Jun 18 09:27:27 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Thu, 18 Jun 2015 05:27:27 -0400 Subject: LMTP with Postfix Problem In-Reply-To: <55827230.30303@univention.de> References: <8ra4oatp2obr8s7g6csil1c8gtro72mtt2@4ax.com> <55827230.30303@univention.de> Message-ID: On Thu, 18 Jun 2015 09:24:32 +0200, you wrote: >I think "private/dovecot-lmtp" isn't found. Please compare your Dovecot >socket configuration and Postfix-main.cf configuration to >http://wiki2.dovecot.org/HowTo/PostfixDovecotLMTP I had it set up that way, but found extra lines in 10-master.conf. Fixed. Thanks again. From number6 at noisynotes.com Thu Jun 18 10:31:07 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Thu, 18 Jun 2015 06:31:07 -0400 Subject: Help with Namespaces Message-ID: Most of my users are virtual. Do I need defined namespaces or is the default undefined one OK? From number6 at noisynotes.com Thu Jun 18 10:49:59 2015 From: number6 at noisynotes.com (Steve Matzura) Date: Thu, 18 Jun 2015 06:49:59 -0400 Subject: Help with Namespaces In-Reply-To: References: Message-ID: I neglected to include this log entry, which comes immediately after Dovecot reports successful user login authentication: Jun 18 10:39:16 dovecot: imap(admin): Error: User initialization failed: Namespace 'Public/': mkdir(/var/vmail/public) failed: Permission denied (euid=1000(admin) egid=1002(vmail) missing +w perm: /var, dir owned by 0:0 mode=0755) From skdovecot at smail.inf.fh-brs.de Thu Jun 18 12:06:45 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 18 Jun 2015 14:06:45 +0200 (CEST) Subject: Help with Namespaces In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 18 Jun 2015, Steve Matzura wrote: > I neglected to include this log entry, which comes immediately after > Dovecot reports successful user login authentication: > > Jun 18 10:39:16 dovecot: imap(admin): Error: User > initialization failed: Namespace 'Public/': mkdir(/var/vmail/public) > failed: Permission denied (euid=1000(admin) egid=1002(vmail) missing > +w perm: /var, dir owned by 0:0 mode=0755) There is no directory /var/vmail or Dovecot may not access it, maybe due to system hardening like SELinux. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVYK0VXz1H7kL/d9rAQIm2wgAgz96s7am6B/jK22xw3HmJjkpBRSdvkbf YBGT7DpDUZRe66PKUDP7dnmZ4VlQl3Pgy/EvpMN/D+YgA/V5Y5R9ikvE21NUHELu asjlosApAK8jP9YWD/SvAtbzOeVQ5m4VwriVSrg9+uVx2Pcjjqbk+NYYu/mydB/9 8q/EeToNLzhGgUfYjVUwwxarWoUmEItjO+m1zXJdrPiRFc0covBkbgZcrqio8Qzd nKmbI5L5h4vpXGPTclfpWIKfiT69RSWFur/CQtymbuMHXG3CjD8YkDY9foIEl/Z8 O1ojwn4Y47tx5mOK3b4l/sb7eX9mce8IJf9fox1GVvlZbCg3NOXCOg== =B0JB -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Thu Jun 18 12:09:01 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 18 Jun 2015 14:09:01 +0200 (CEST) Subject: maildir, how to always add size tags to filename (,S=). In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 27 May 2015, Sergei Franco wrote: > Behaviour of dovecot is very peculiar: it generally adds the ,S= tag (along > with ,W= tag) but occasionally it does not (I wander if it depends on the > IMAP client). Please try to find out how this message arrived your system: LDA, LMTP, IMAP APPEND, ... - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVYK03Xz1H7kL/d9rAQLQ4gf9FN7ulXXAIFKqjuYhFSVvCh59uL/l/lEe VvAhnyQcg5lemJ/b6U6Au6lvkLrJXYIoWJyKbpskmis5FCbL5pvR0GY6vDSkz14a xL34CUbJxhz99MRJwRJajZVcVZrDg5Q4RZwpcp1JTujvTXgURNzYLSG7VZdzKed6 rIKEHR4sI4meh07RUFPjpXdWD2HRsiurb708DBhjkeHDrehkVGlu1YHS2LIUiZI9 S+wzlwJzQCBqMA9zIF2IZiQRN3CPc2LM2WIVN9RbF1toY3U7hp+yZsITo1ROjvVF YoJQVk8ZCbNGH7LLZeXRMA+rNgCLL8bg/x+2xvW0FaThKnFqu5GdyA== =j8kt -----END PGP SIGNATURE----- From alessio at skye.it Thu Jun 18 12:28:10 2015 From: alessio at skye.it (Alessio Cecchi) Date: Thu, 18 Jun 2015 14:28:10 +0200 Subject: Best practices for mailbox network file storage? In-Reply-To: <255b893a99fe7fa6480dda01842b0f68@www.thecsillags.com> References: <255b893a99fe7fa6480dda01842b0f68@www.thecsillags.com> Message-ID: <5582B95A.70108@skye.it> Il 16/06/2015 21:24, Andy Csillag ha scritto: > Is there a current best practice for a shared filesystem backend for mailboxes (in my case, all virtual accounts)? NFS 3/4, GFS2, GlusterFS, other? In the case of the latter ones, is the use of Director necessary? Any specific anti-recommendations? Also, if it matters, I *think* I want to use BackBlaze racks for storage. Also, I've seen recommendations for the filesystem underneath like XFS or ext4 or whatever. Is there a best practice? > > Thanks, > Drew > Hi, I'm using NetApp as storage (with NFS3) and Director is required for shared file system. I suggest to use XFS with CentOS 6 as file system on NFS Server, prior to NetApp we use these and works fine but also ext4 is ok. I have never hear about success story with GFS2 or GlusterFS, if you do not want surprises use XFS/EXT4 and NFS3. -- Alessio Cecchi http://www.linkedin.com/in/alessice From teemu.huovila at dovecot.fi Thu Jun 18 13:01:37 2015 From: teemu.huovila at dovecot.fi (Teemu Huovila) Date: Thu, 18 Jun 2015 16:01:37 +0300 Subject: dsync selectively In-Reply-To: <55818D44.8060807@yahoo.co.uk> References: <55801198.8040600@yahoo.co.uk> <20150616121438.GC32014@mx.grmbl.net> <558021C9.3040208@yahoo.co.uk> <55802449.5070608@yahoo.co.uk> <55818D44.8060807@yahoo.co.uk> Message-ID: <5582C131.9000902@dovecot.fi> On 06/17/2015 06:07 PM, lejeczek wrote: > On 16/06/15 14:27, lejeczek wrote: >> On 16/06/15 14:16, lejeczek wrote: >>> On 16/06/15 13:14, B wrote: >>>> P, >>>> >>>> On Tue, Jun 16, 2015 at 01:07:52PM +0100, lejeczek wrote: >>>> >>>>> I've barely started reading on dsync and I wonder.. >>>>> would you know if it is possible to sync/replicate only specific >>>>> domain(users)? or it's always the whole lot? >>>> See >>>> http://blog.dovecot.org/2012/02/dovecot-clustering-with-dsync-based.html >>>> >>>> basically set 'mail_replica' to 'remote:server3' in your userdb >>>> >>>> >>>> B >>>> >>> thanks B, >>> userdb as appose to plugin? >>> it's quite unclear what to put there, to a beginner. >>> >> also if I put mail_replica (having the rest, pretty much take form wiki in repl.conf) into userdb >> I get: >> >> line 24: Unknown setting: mail_replica >> >> this userdb uses ldap driver in case it may matter, I guess it should not. >> > gee, I cannot figure it out, and I'd guess it must be sort of typical situation, > where one would want to avoid replication os local/system users and only sync a virtual domain(s), no? > Can it be done by means of config files? What the original answer meant was, that you should put it in your userdb backend, in this case LDAP. So add a field in LDAP, which for users you want to replicate points to the replication destination and for other users is blank. then add it via a LDAP attribute template, e.g. user_attrs = \ =mail_replica=%{ldap:nameOfFieldContainingReplica} Make sure (with auth_debug=yes and mail_debug=yes in your config)the mail_replica is empty for users you do not want to replicate. Please read http://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb http://wiki2.dovecot.org/Replication?highlight=%28mail_replica%29 and http://wiki2.dovecot.org/Tools/Doveadm/Sync?highlight=%28mail_replica%29 carefully. br, Teemu Huovila From skdovecot at smail.inf.fh-brs.de Thu Jun 18 13:31:51 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 18 Jun 2015 15:31:51 +0200 (CEST) Subject: dsync selectively In-Reply-To: <5582C131.9000902@dovecot.fi> References: <55801198.8040600@yahoo.co.uk> <20150616121438.GC32014@mx.grmbl.net> <558021C9.3040208@yahoo.co.uk> <55802449.5070608@yahoo.co.uk> <55818D44.8060807@yahoo.co.uk> <5582C131.9000902@dovecot.fi> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 18 Jun 2015, Teemu Huovila wrote: > On 06/17/2015 06:07 PM, lejeczek wrote: >> On 16/06/15 14:27, lejeczek wrote: >>> On 16/06/15 14:16, lejeczek wrote: >>>> On 16/06/15 13:14, B wrote: >>>>> On Tue, Jun 16, 2015 at 01:07:52PM +0100, lejeczek wrote: >>>>> >>>>>> I've barely started reading on dsync and I wonder.. >>>>>> would you know if it is possible to sync/replicate only specific >>>>>> domain(users)? or it's always the whole lot? >>>>> See >>>>> http://blog.dovecot.org/2012/02/dovecot-clustering-with-dsync-based.html >>>>> >>>>> basically set 'mail_replica' to 'remote:server3' in your userdb >>>> userdb as appose to plugin? >>>> it's quite unclear what to put there, to a beginner. >>>> >>> also if I put mail_replica (having the rest, pretty much take form wiki in repl.conf) into userdb >>> I get: >>> >>> line 24: Unknown setting: mail_replica >>> >>> this userdb uses ldap driver in case it may matter, I guess it should not. >>> >> gee, I cannot figure it out, and I'd guess it must be sort of typical situation, >> where one would want to avoid replication os local/system users and only sync a virtual domain(s), no? >> Can it be done by means of config files? > What the original answer meant was, that you should put it in your userdb backend, in this case LDAP. So add a field in LDAP, > which for users you want to replicate points to the replication destination and for other users is blank. then add it via a LDAP > attribute template, e.g. > > user_attrs = \ > =mail_replica=%{ldap:nameOfFieldContainingReplica} > > Make sure (with auth_debug=yes and mail_debug=yes in your config)the mail_replica is empty for users you do not want to replicate. > > Please read http://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb http://wiki2.dovecot.org/Replication?highlight=%28mail_replica%29 > and http://wiki2.dovecot.org/Tools/Doveadm/Sync?highlight=%28mail_replica%29 carefully. I would recommend using the generic http://wiki2.dovecot.org/UserDatabase/ExtraFields?highlight=%28userdb_import%29 for such settings, enable it with: user_attrs = customLDAPattribute=userdb_import pass_attrs = customLDAPattribute=userdb_userdb_import then populate any UserDB setting as separated list in the specified LDAP attribute. If the attribute is missing, nothing happens. If you need a setting: customLDAPattribute: mail_replica=.... - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVYLIR3z1H7kL/d9rAQIJmAf/SQqK8BtTL1XhMatjFurQ7BSrPhKAbcyO ECcIPCym1AI5NCnDagsrDr8FR5ZV9L5VGrkmaDlu3fz1ZbWJliEcyFJVvdhuzDAp R5ptjieJ903kQ65mM+9SZw8PfyPb48khOz08jw+i8yTkSuJP8OBiB765UB3fz5IC fK4TvjU79xtTMUsCP5IC67XIX7EOKZOTf4NhgpOtWnj6oTXl77DU0bVxcSpr5PZg 8cfTeJoAJelIgWpUNYv41I6/7992LYNrincURTNzm65XFc9lj1S5VikI1zExXLOQ bMvM7+D7a6lV1WUDs7h1uDI6AZIaATJA/QGu3gVyA6tL0zjfhZXF+g== =pDhC -----END PGP SIGNATURE----- From peljasz at yahoo.co.uk Thu Jun 18 16:04:23 2015 From: peljasz at yahoo.co.uk (lejeczek) Date: Thu, 18 Jun 2015 17:04:23 +0100 Subject: dsync selectively In-Reply-To: <5582C131.9000902@dovecot.fi> References: <55801198.8040600@yahoo.co.uk> <20150616121438.GC32014@mx.grmbl.net> <558021C9.3040208@yahoo.co.uk> <55802449.5070608@yahoo.co.uk> <55818D44.8060807@yahoo.co.uk> <5582C131.9000902@dovecot.fi> Message-ID: <5582EC07.2040206@yahoo.co.uk> On 18/06/15 14:01, Teemu Huovila wrote: > On 06/17/2015 06:07 PM, lejeczek wrote: >> On 16/06/15 14:27, lejeczek wrote: >>> On 16/06/15 14:16, lejeczek wrote: >>>> On 16/06/15 13:14, B wrote: >>>>> P, >>>>> >>>>> On Tue, Jun 16, 2015 at 01:07:52PM +0100, lejeczek wrote: >>>>> >>>>>> I've barely started reading on dsync and I wonder.. >>>>>> would you know if it is possible to sync/replicate only specific >>>>>> domain(users)? or it's always the whole lot? >>>>> See >>>>> http://blog.dovecot.org/2012/02/dovecot-clustering-with-dsync-based.html >>>>> >>>>> basically set 'mail_replica' to 'remote:server3' in your userdb >>>>> >>>>> >>>>> B >>>>> >>>> thanks B, >>>> userdb as appose to plugin? >>>> it's quite unclear what to put there, to a beginner. >>>> >>> also if I put mail_replica (having the rest, pretty much take form wiki in repl.conf) into userdb >>> I get: >>> >>> line 24: Unknown setting: mail_replica >>> >>> this userdb uses ldap driver in case it may matter, I guess it should not. >>> >> gee, I cannot figure it out, and I'd guess it must be sort of typical situation, >> where one would want to avoid replication os local/system users and only sync a virtual domain(s), no? >> Can it be done by means of config files? > What the original answer meant was, that you should put it in your userdb backend, in this case LDAP. So add a field in LDAP, > which for users you want to replicate points to the replication destination and for other users is blank. then add it via a LDAP > attribute template, e.g. > > user_attrs = \ > =mail_replica=%{ldap:nameOfFieldContainingReplica} > > Make sure (with auth_debug=yes and mail_debug=yes in your config)the mail_replica is empty for users you do not want to replicate. > > Please read http://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb http://wiki2.dovecot.org/Replication?highlight=%28mail_replica%29 > and http://wiki2.dovecot.org/Tools/Doveadm/Sync?highlight=%28mail_replica%29 carefully. > > br, > Teemu Huovila > ok, I see, thank you before now I delve into trying - having used wiki howto/example literally to setup replication I see that dsync attempts to replicate every user above my first_valid_uid, which already is a problem since this uid is my vmail=492 (I use if for non system users) and there are other system users up to uid=1000 (where "regular" users (ldap backend) start, a common scenario I believe). Now, this wasn't a problem cause no system user ever tried to login to dovecot but now with replication it seems messy! If I suss out replication for users from a specific backend that does not somehow automatically/miraculously deactivate replication for all the other users, does it? here just in case is my simple repl-config service replicator { process_min_avail = 1 unix_listener replicator-doveadm { mode = 0660 } } service aggregator { fifo_listener replication-notify-fifo { user = vmail } unix_listener replication-notify { user = vmail } } service doveadm { inet_listener { port = 12345 } } #doveadm_port = 12345 doveadm_password = secret plugin { mail_replica = tcp:rider.ccnr.biotechnology:12345 # use doveadm_port #mail_replica = tcp:anotherhost.example.com:12345 # use port 12345 explicitly } From admin at jtlabs.net Thu Jun 18 19:48:23 2015 From: admin at jtlabs.net (JT) Date: Thu, 18 Jun 2015 12:48:23 -0700 Subject: Dovecot 2.1.9 shared folder deletion causes fault Message-ID: <55832087.70100@jtlabs.net> Hey all, I'm getting a fault in dovecot (see below) using shared folders. I have a mailbox that receives new mail (Account X/INBOX). Another account (Account A) has access to the other account (Account X/INBOX) with ACL below. The ACL directory (.DEFAULT) contains: user=AccountA lrwst I removed a test email from Account A/INBOX, which is supposed to remove the email from Account X/INBOX. A fault occurs whenever my client (Thunderbird) attempts to connect and complete the deletion. Other actions complete successfully. It only appears to happen when using Thunderbird. Mac Mail does not cause the fault. I'm not getting a core dump so all I have is what the log outputs. I can reproduce this regularly so let me know if you need any additional information. Thanks, JT === Version: 2.1.9 (Ubuntu Trustydeb package) OS: Ubuntu trusty 14.04 2015-06-18T19:17:50.518505+00:00 mail-103 dovecot: imap(XXX): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x5e271) [0x7eff3f6d1271] -> /usr/lib/dovecot/libdovecot.so.0(+0x5e34e) [0x7eff3f6d134e] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7eff3f68ca9e] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0xa7cbc) [0x7eff3f9e2cbc] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_copy+0x6c) [0x7eff3f9ac8ec] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_move+0x15) [0x7eff3f9ac985] -> dovecot/imap(+0xded5) [0x7eff3fe78ed5] -> dovecot/imap(command_exec+0x3c) [0x7eff3fe836dc] -> dovecot/imap(+0x176cf) [0x7eff3fe826cf] -> dovecot/imap(+0x17785) [0x7eff3fe82785] -> dovecot/imap(client_handle_input+0x125) [0x7eff3fe82aa5] -> dovecot/imap(client_input+0x75) [0x7eff3fe82e35] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x27) [0x7eff3f6e1247] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xd7) [0x7eff3f6e1fd7] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x38) [0x7eff3f6e0de8] -> /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7eff3f691c93] -> dovecot/imap(main+0x2c4) [0x7eff3fe772f4] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5) [0x7eff3f2cfec5] -> dovecot/imap(+0xc460) [0x7eff3fe77460] 2015-06-18T19:17:50.736901+00:00 mail-103 dovecot: imap(XXX): Fatal: master: service(imap): child 4461 killed with signal 6 (core dumped) 2015-06-18T19:17:51.662157+00:00 mail-103 dovecot: imap(XXX): Panic: file mail-index.c: line 380 (mail_index_keywords_unref): assertion failed: (keywords->refcount > 0) 2015-06-18T19:17:51.662969+00:00 mail-103 dovecot: imap(XXX): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x5e271) [0x7f3fa05bb271] -> /usr/lib/dovecot/libdovecot.so.0(+0x5e34e) [0x7f3fa05bb34e] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f3fa0576a9e] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0xa7cbc) [0x7f3fa08cccbc] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_copy+0x6c) [0x7f3fa08968ec] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_move+0x15) [0x7f3fa0896985] -> dovecot/imap(+0xded5) [0x7f3fa0d62ed5] -> dovecot/imap(command_exec+0x3c) [0x7f3fa0d6d6dc] -> dovecot/imap(+0x176cf) [0x7f3fa0d6c6cf] -> dovecot/imap(+0x17785) [0x7f3fa0d6c785] -> dovecot/imap(client_handle_input+0x125) [0x7f3fa0d6caa5] -> dovecot/imap(client_input+0x75) [0x7f3fa0d6ce35] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x27) [0x7f3fa05cb247] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xd7) [0x7f3fa05cbfd7] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x38) [0x7f3fa05cade8] -> /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f3fa057bc93] -> dovecot/imap(main+0x2c4) [0x7f3fa0d612f4] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5) [0x7f3fa01b9ec5] -> dovecot/imap(+0xc460) [0x7f3fa0d61460] 2015-06-18T19:17:51.857451+00:00 mail-103 dovecot: imap(XXX): Fatal: master: service(imap): child 4464 killed with signal 6 (core dumped) protocol imap { imap_client_workarounds = tb-extra-mailbox-sep imap_idle_notify_interval = 1 mins mail_max_userip_connections = 10 mail_plugins = acl quota acl imap_acl quota imap_quota } plugin { acl = vfile:/etc/dovecot/acl acl_defaults_from_inbox = yes acl_shared_dict = proxy::acl ... } namespace { hidden = no inbox = yes list = yes location = prefix = separator = / subscriptions = yes type = private } namespace { hidden = no list = children location = maildir:/var/mail/public/Maildir:INDEX=/var/mail/%d/%n/Maildir/public prefix = public/ separator = / subscriptions = yes type = public } namespace { list = yes location = maildir:%%h/Maildir:CONTROL=~/Maildir/control/%%u:INDEX=~/Maildir/shared/%%u.indx:INDEXPVT=~/Maildir/shared/%%u.pvt prefix = shared/%%u/ separator = / subscriptions = no type = shared } From sergei.franco at gmail.com Thu Jun 18 21:06:41 2015 From: sergei.franco at gmail.com (sergei) Date: Fri, 19 Jun 2015 09:06:41 +1200 Subject: maildir, how to always add size tags to filename (,S=). In-Reply-To: References: Message-ID: <558332E1.4090508@gmail.com> Hi, the messages are delivered by exim that append maildir tag. That is easily confirmed that they do not miss messages as the hostname of the servers is in the mailidir file. When we switched the tagging on, occasional messages that were manipulated by IMAP (dovecot) did not get tagged, ie: the message was "uploaded" by clients without tags. I noticed this behaviour specifically when their other messages were not tagged. At this stage I see no untagged messages, as I wrote a script that renamed every single maildir file on the system to have tags. I am not sure what is the logic behind tagging messages in dovecot, perhaps someone can point me to the relevant source file? Sergei. On 19/06/15 00:09, Steffen Kaiser wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Wed, 27 May 2015, Sergei Franco wrote: > >> Behaviour of dovecot is very peculiar: it generally adds the ,S= tag >> (along >> with ,W= tag) but occasionally it does not (I wander if it depends on >> the >> IMAP client). > > Please try to find out how this message arrived your system: > > LDA, LMTP, IMAP APPEND, ... > > - -- Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iQEVAwUBVYK03Xz1H7kL/d9rAQLQ4gf9FN7ulXXAIFKqjuYhFSVvCh59uL/l/lEe > VvAhnyQcg5lemJ/b6U6Au6lvkLrJXYIoWJyKbpskmis5FCbL5pvR0GY6vDSkz14a > xL34CUbJxhz99MRJwRJajZVcVZrDg5Q4RZwpcp1JTujvTXgURNzYLSG7VZdzKed6 > rIKEHR4sI4meh07RUFPjpXdWD2HRsiurb708DBhjkeHDrehkVGlu1YHS2LIUiZI9 > S+wzlwJzQCBqMA9zIF2IZiQRN3CPc2LM2WIVN9RbF1toY3U7hp+yZsITo1ROjvVF > YoJQVk8ZCbNGH7LLZeXRMA+rNgCLL8bg/x+2xvW0FaThKnFqu5GdyA== > =j8kt > -----END PGP SIGNATURE----- From andrelisci at gmail.com Thu Jun 18 22:28:58 2015 From: andrelisci at gmail.com (andrea lisci) Date: Fri, 19 Jun 2015 00:28:58 +0200 Subject: centos 7 dovecot 2.2.10 segmentation fault on devcot/auth using ldap driver in userdb In-Reply-To: <5581E090.1090804@gmail.com> References: <5581E090.1090804@gmail.com> Message-ID: The crash seems involved with bad handled AD response DSID-0C090627,.comment:.In.order.to.perform.this.operation.a.successful.bind.must.be.completed.on.the.connection. when this occurs dovecot got a segmentation fault this bug probably has been corrected (changelogs aren't clear) because this response is well handled on dovecot-2.2.18-2.fc21.x86_64 2015-06-17 23:03 GMT+02:00 Andrea Lisci : > dovecot 2.2.10 packaged by centos 7 > > configuring ldap driver on userdb cause imap crash during login > > userdb { > driver = ldap > args = /etc/dovecot/dovecot-ldap-userdb.conf3.ext > > # Default fields can be used to specify defaults that LDAP may override > #default_fields = home=/home/virtual/%u > } > > > #ldap conf > --------------- > hosts = myDChost > base = dc=company,dc=testdomain,dc=dom > ldap_version = 3 > auth_bind = yes > auth_bind_userdn = windowsdomain\%u > user_filter = (&(objectclass=person)(|(mail=%u)(sAMAccountName=%n))) > user_attrs = > =uid=vmail,=gid=vmail,=home=/users/vmail/ > maildomain.com/%n,=mail_location=maildir:/users/vmail/maildomain.com/%n/Maildir > tls = yes > tls_require_cert = never > > > dovecot -n > --------------- > # 2.2.10: /etc/dovecot/dovecot.conf > # OS: Linux 3.10.0-229.4.2.el7.x86_64 x86_64 CentOS Linux release > 7.1.1503 (Core) xfs > auth_debug = yes > auth_mechanisms = plain login > listen = * > mail_debug = yes > mail_location = maildir:/users/vmail/maildomain.com/%n/Maildir > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope > encoded-character vacation subaddress comparator-i;ascii-numeric > relational regex imap4flags copy include variables body enotify > environment mailbox date ihave > mbox_write_locks = fcntl > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = > } > passdb { > args = /etc/dovecot/dovecot-ldap.conf2.ext > driver = ldap > } > plugin { > sieve = ~/.dovecot.sieve > sieve_dir = ~/sieve > } > service auth { > unix_listener /var/spool/postfix/private/auth { > group = postfix > mode = 0660 > user = postfix > } > } > service lmtp { > unix_listener /var/spool/postfix/private/dovecot-lmtp { > group = postfix > mode = 0600 > user = postfix > } > } > ssl = required > ssl_cert = ssl_key = userdb { > args = /etc/dovecot/dovecot-ldap-userdb.conf3.ext > driver = ldap > } > protocol lmtp { > mail_plugins = " quota sieve" > passdb { > args = password=foo > driver = static > } > } > protocol lda { > mail_plugins = " sieve" > } > > core dump > ------------- > gdb /usr/libexec/dovecot/auth /var/core/25122 > GNU gdb (GDB) Red Hat Enterprise Linux 7.6.1-64.el7 > Copyright (C) 2013 Free Software Foundation, Inc. > License GPLv3+: GNU GPL version 3 or later > > This is free software: you are free to change and redistribute it. > There is NO WARRANTY, to the extent permitted by law. Type "show copying" > and "show warranty" for details. > This GDB was configured as "x86_64-redhat-linux-gnu". > For bug reporting instructions, please see: > ... > Reading symbols from /usr/libexec/dovecot/auth...Reading symbols from > /usr/lib/debug/usr/libexec/dovecot/auth.debug...done. > done. > [New LWP 25122] > [Thread debugging using libthread_db enabled] > Using host libthread_db library "/lib64/libthread_db.so.1". > Missing separate debuginfo for /usr/lib64/libnssckbi.so > Try: yum --enablerepo='*debug*' install > /usr/lib/debug/.build-id/1e/a2171aee7143d971607597b24f2a97e9276cbb.debug > Core was generated by `dovecot/auth'. > Program terminated with signal 11, Segmentation fault. > #0 db_ldap_handle_request_result (res=0x0, idx=, > request=, conn=) at db-ldap.c:819 > 819 request->callback(conn, request, res->msg); > (gdb) bt full > #0 db_ldap_handle_request_result (res=0x0, idx=, > request=, conn=) at db-ldap.c:819 > _data_stack_cur_id = 3 > srequest = > ret = > final_result = > named_res = > #1 db_ldap_handle_result (res=, conn=) at > db-ldap.c:886 > auth_request = 0x7f3704fa2620 > idx = > msgid = > #2 ldap_input (conn=) at db-ldap.c:918 > timeout = {tv_sec = 0, tv_usec = 0} > res = 0x7f3704b1b530 > msg = 0x7f370489fcb0 > prev_reply_diff = > ret = > #3 0x00007f3702a19a47 in io_loop_call_io (io=0x7f37046dbad0) at > ioloop.c:388 > ioloop = 0x7f37046bd7b0 > t_id = 2 > #4 0x00007f3702a1a8cf in io_loop_handler_run > (ioloop=ioloop at entry=0x7f37046bd7b0) at ioloop-epoll.c:220 > ctx = 0x7f37046c5450 > events = > list = 0x7f3704998170 > io = > tv = {tv_sec = 0, tv_usec = 999118} > events_count = > msecs = > ret = 1 > i = 0 > call = > __FUNCTION__ = "io_loop_handler_run" > #5 0x00007f3702a19598 in io_loop_run (ioloop=0x7f37046bd7b0) at > ioloop.c:412 > __FUNCTION__ = "io_loop_run" > #6 0x00007f37029c69e3 in master_service_run (service=0x7f37046bd640, > callback=) at master-service.c:571 > No locals. > #7 0x00007f3702ea77f1 in main (argc=1, argv=0x7f37046bd390) at main.c:393 > c = > > From voytek at sbt.net.au Fri Jun 19 01:44:55 2015 From: voytek at sbt.net.au (voytek at sbt.net.au) Date: Fri, 19 Jun 2015 11:44:55 +1000 Subject: help with t/s retrieval 'hangs' disconnect for inactivity Message-ID: <7140d3928c15e7d2b671017c76677d9c.squirrel@sbt.net.au> I have Dovecot 2.1.17 on Centos, all working well since yesterday one user complaining he can not retrieve emails, TBird mail client says like '1 of 9' and, doesn't go any further. that's on several of his PCs using TBird, on a LAN behind f/wall, quite physically remote to server, server in Sydney, remote client is SEAsia looking at logs I see emails access, looking at server Maildir , new emails get moved from 'new' to 'cur' what else can I do from server end ? what else should be done from user end ? Jun 19 11:28:31 pop3(it at aaaa.com.au): Info: Disconnected for inactivity in reading our output top=0/0, retr=1/0, del=0/56, size=6562805 Jun 19 11:29:20 pop3(it at aaa.com.au): Info: Connection closed top=0/0, retr=1/0, del=0/56, size=6562805 From mickael.choisnard at free.fr Fri Jun 19 06:29:08 2015 From: mickael.choisnard at free.fr (Mickael Choisnard) Date: Fri, 19 Jun 2015 08:29:08 +0200 Subject: [Dovecot] question about /var/mail/xxx Message-ID: <5583B6B4.5080807@free.fr> Hi, I need your help to use dovecot with sendmail I use a fresh debian 8 jessie and i installed sendmail and dovecot 2. Sendmail works fine. All mails go to /var/mail/xxx this is problem for dovecot. dovecot cannot get it. # 2.2.13: /etc/dovecot/dovecot.conf # OS: Linux 3.16.0-4-amd64 x86_64 Debian 8.1 auth_mechanisms = plain login auth_verbose = yes auth_verbose_passwords = yes disable_plaintext_auth = no first_valid_uid = 116 last_valid_uid = 116 log_path = /var/log/dovecot.log mail_home = /srv/mail/%u mail_location = mbox:~/mail:INBOX=/var/mail/%u mail_privileged_group = mail namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = scheme=SHA-CRYPT /etc/dovecot/users driver = passwd-file } postmaster_address = root at arpagon protocols = " imap pop3" service auth { unix_listener auth-userdb { group = vmail user = vmail } } ssl = no userdb { args = uid=vmail gid=vmail home=/srv/vmail/%d/%n driver = static } cat /var/log/dovecot.log Jun 19 08:14:18 imap-login: Info: Login: user=, method=PLAIN, rip=10.11.12.30, lip=88.179.182.93, mpid=18799, session= Jun 19 08:14:18 imap(mc110771): Info: Disconnected: Logged out in=8 out=395 Jun 19 08:14:26 imap-login: Info: Login: user=, method=PLAIN, rip=10.11.12.30, lip=88.179.182.93, mpid=18801, session= Jun 19 08:14:26 imap-login: Info: Login: user=, method=PLAIN, rip=10.11.12.30, lip=88.179.182.93, mpid=18803, session= Jun 19 08:14:26 imap(mc120771): Error: open() failed with mbox file /var/mail/mc120771: Permission denied Jun 19 08:14:57 imap(mc120771): Info: Disconnected: Logged out in=137 out=640 Jun 19 08:14:57 imap(mc120771): Info: Disconnected: Logged out in=74 out=547 Jun 19 08:18:47 imap-login: Info: Disconnected (no auth attempts in 0 secs): user=<>, rip=10.11.12.45, lip=88.179.182.93, session= Jun 19 08:18:47 imap-login: Info: Disconnected (no auth attempts in 0 secs): user=<>, rip=10.11.12.45, lip=88.179.182.93, session=<2gOX5dgYigAKCwwt> Jun 19 08:18:47 imap-login: Info: Disconnected (no auth attempts in 0 secs): user=<>, rip=10.11.12.45, lip=88.179.182.93, session= From troeder at univention.de Fri Jun 19 06:42:47 2015 From: troeder at univention.de (=?UTF-8?B?RGFuaWVsIFRyw7ZkZXI=?=) Date: Fri, 19 Jun 2015 08:42:47 +0200 Subject: [Dovecot] question about /var/mail/xxx In-Reply-To: <5583B6B4.5080807@free.fr> References: <5583B6B4.5080807@free.fr> Message-ID: <5583B9E7.1050601@univention.de> Am 19.06.2015 um 08:29 schrieb Mickael Choisnard: > Hi, > I need your help to use dovecot with sendmail > I use a fresh debian 8 jessie and i installed sendmail and dovecot 2. > Sendmail works fine. > > All mails go to /var/mail/xxx > > this is problem for dovecot. dovecot cannot get it. > > # 2.2.13: /etc/dovecot/dovecot.conf > # OS: Linux 3.16.0-4-amd64 x86_64 Debian 8.1 > auth_mechanisms = plain login > auth_verbose = yes > auth_verbose_passwords = yes > disable_plaintext_auth = no > first_valid_uid = 116 > last_valid_uid = 116 > log_path = /var/log/dovecot.log > mail_home = /srv/mail/%u > mail_location = mbox:~/mail:INBOX=/var/mail/%u > mail_privileged_group = mail > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = > } > passdb { > args = scheme=SHA-CRYPT /etc/dovecot/users > driver = passwd-file > } > postmaster_address = root at arpagon > protocols = " imap pop3" > service auth { > unix_listener auth-userdb { > group = vmail > user = vmail > } > } > ssl = no > userdb { > args = uid=vmail gid=vmail home=/srv/vmail/%d/%n > driver = static > } > > cat /var/log/dovecot.log > > Jun 19 08:14:18 imap-login: Info: Login: user=, method=PLAIN, > rip=10.11.12.30, lip=88.179.182.93, mpid=18799, session= > Jun 19 08:14:18 imap(mc110771): Info: Disconnected: Logged out in=8 out=395 > Jun 19 08:14:26 imap-login: Info: Login: user=, method=PLAIN, > rip=10.11.12.30, lip=88.179.182.93, mpid=18801, session= > Jun 19 08:14:26 imap-login: Info: Login: user=, method=PLAIN, > rip=10.11.12.30, lip=88.179.182.93, mpid=18803, session= > Jun 19 08:14:26 imap(mc120771): Error: open() failed with mbox file > /var/mail/mc120771: Permission denied > Jun 19 08:14:57 imap(mc120771): Info: Disconnected: Logged out in=137 > out=640 > Jun 19 08:14:57 imap(mc120771): Info: Disconnected: Logged out in=74 > out=547 > Jun 19 08:18:47 imap-login: Info: Disconnected (no auth attempts in 0 > secs): user=<>, rip=10.11.12.45, lip=88.179.182.93, > session= > Jun 19 08:18:47 imap-login: Info: Disconnected (no auth attempts in 0 > secs): user=<>, rip=10.11.12.45, lip=88.179.182.93, > session=<2gOX5dgYigAKCwwt> > Jun 19 08:18:47 imap-login: Info: Disconnected (no auth attempts in 0 > secs): user=<>, rip=10.11.12.45, lip=88.179.182.93, > session= You have to configure Sendmail to "give" mails to Dovecot, so it can save them itself: http://wiki2.dovecot.org/LDA/Sendmail -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From skdovecot at smail.inf.fh-brs.de Fri Jun 19 07:02:26 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 19 Jun 2015 09:02:26 +0200 (CEST) Subject: help with t/s retrieval 'hangs' disconnect for inactivity In-Reply-To: <7140d3928c15e7d2b671017c76677d9c.squirrel@sbt.net.au> References: <7140d3928c15e7d2b671017c76677d9c.squirrel@sbt.net.au> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 19 Jun 2015, voytek at sbt.net.au wrote: > since yesterday one user complaining he can not retrieve emails, TBird > mail client says like '1 of 9' and, doesn't go any further. > > that's on several of his PCs using TBird, on a LAN behind f/wall, quite > physically remote to server, server in Sydney, remote client is SEAsia > > looking at logs I see emails access, looking at server Maildir , new > emails get moved from 'new' to 'cur' > > what else can I do from server end ? > what else should be done from user end ? > > Jun 19 11:28:31 pop3(it at aaaa.com.au): Info: Disconnected for inactivity in > reading our output top=0/0, retr=1/0, del=0/56, size=6562805 > Jun 19 11:29:20 pop3(it at aaa.com.au): Info: Connection closed top=0/0, > retr=1/0, del=0/56, size=6562805 verify that the TCP connection is working using wireshark or similiar tool. Maybe a firewall on your side cuts the connection? - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVYO+gnz1H7kL/d9rAQKsvAf+N1feXNFpKmLm9AosBAtUzZTgXw8sARFm fEUXm2LXjB9twNkf5M/5Owry6jnqIYtlGb6hbCqWUONsLlCTnR+RrlNLmGKJw3NY 3czIJr70MmHT8SW++vyJRuXU4A7lexB+4/sCGrMyaHD2eT3TNVGjVx3FhTrKTO62 Hbbkw+RjenjYllSEE2J1k7193HcITeWnY3hrLOdYDLKuqaB6/vvl0In1nWxWOwZP mOJA+F/5Fc2yS2ra3YB7s57XyHwHlPf7nuyi6YN2vqZiyekGVz0fcdGGt96L9QFW FRUfHwUy0lLzv29bkA4Xqu3GtYiPlUG6bEdGsmwFbiYWzDDU1UCAPA== =qDKS -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Fri Jun 19 07:04:29 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 19 Jun 2015 09:04:29 +0200 (CEST) Subject: [Dovecot] question about /var/mail/xxx In-Reply-To: <5583B6B4.5080807@free.fr> References: <5583B6B4.5080807@free.fr> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 19 Jun 2015, Mickael Choisnard wrote: > Date: Fri, 19 Jun 2015 08:29:08 +0200 > From: Mickael Choisnard > To: dovecot at dovecot.org > Subject: [Dovecot] question about /var/mail/xxx > > Hi, > I need your help to use dovecot with sendmail > I use a fresh debian 8 jessie and i installed sendmail and dovecot 2. > Sendmail works fine. > > All mails go to /var/mail/xxx > > this is problem for dovecot. dovecot cannot get it. > > # 2.2.13: /etc/dovecot/dovecot.conf > # OS: Linux 3.16.0-4-amd64 x86_64 Debian 8.1 > auth_mechanisms = plain login > auth_verbose = yes > auth_verbose_passwords = yes > disable_plaintext_auth = no > first_valid_uid = 116 > last_valid_uid = 116 > log_path = /var/log/dovecot.log > mail_home = /srv/mail/%u > mail_location = mbox:~/mail:INBOX=/var/mail/%u > mail_privileged_group = mail > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = > } > passdb { > args = scheme=SHA-CRYPT /etc/dovecot/users > driver = passwd-file > } > postmaster_address = root at arpagon > protocols = " imap pop3" > service auth { > unix_listener auth-userdb { > group = vmail > user = vmail > } > } > ssl = no > userdb { > args = uid=vmail gid=vmail home=/srv/vmail/%d/%n > driver = static > } > > cat /var/log/dovecot.log > > Jun 19 08:14:18 imap-login: Info: Login: user=, method=PLAIN, > rip=10.11.12.30, lip=88.179.182.93, mpid=18799, session= > Jun 19 08:14:18 imap(mc110771): Info: Disconnected: Logged out in=8 out=395 > Jun 19 08:14:26 imap-login: Info: Login: user=, method=PLAIN, > rip=10.11.12.30, lip=88.179.182.93, mpid=18801, session= > Jun 19 08:14:26 imap-login: Info: Login: user=, method=PLAIN, > rip=10.11.12.30, lip=88.179.182.93, mpid=18803, session= > Jun 19 08:14:26 imap(mc120771): Error: open() failed with mbox file /var/mail/mc120771: Permission denied what permissions have these files? > Jun 19 08:14:57 imap(mc120771): Info: Disconnected: Logged out in=137 out=640 > Jun 19 08:14:57 imap(mc120771): Info: Disconnected: Logged out in=74 out=547 > Jun 19 08:18:47 imap-login: Info: Disconnected (no auth attempts in 0 secs): > user=<>, rip=10.11.12.45, lip=88.179.182.93, session= > Jun 19 08:18:47 imap-login: Info: Disconnected (no auth attempts in 0 secs): > user=<>, rip=10.11.12.45, lip=88.179.182.93, session=<2gOX5dgYigAKCwwt> > Jun 19 08:18:47 imap-login: Info: Disconnected (no auth attempts in 0 secs): > user=<>, rip=10.11.12.45, lip=88.179.182.93, session= > - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVYO+/Xz1H7kL/d9rAQIanggAjEpTu5XO/bbmsZlCxtqircdUkHzCxih1 6BdH2D7VlCv2UKPfk+xrY7GJoZEWg4cXYsOb3YfGwgLPffTMxvxZ5bOcW4O46jfn YfVqkLmOTVL66MQR5Z+bxR3oi/5fIGFIPDQ268XRZOLuFb6adGgQyu5GiASkrx9A YXGz9XYwI2yYAN0PxgajNbLlsu/x36b/xMSl8j9YdeZryDHhiG7p5AKluijwfMBg 4Eu+Tr7LabU0iYQuLSFqfV9sNLA4PCOIoJANPGaCcl+xVoPwKok+/GeVJIHNMFa/ cCH04Vc414g5TzVbHreYrJAD86z2WBPQjk37ZmGplnePCKSpsOdP/A== =r68Y -----END PGP SIGNATURE----- From wdgarc88 at gmail.com Fri Jun 19 07:57:15 2015 From: wdgarc88 at gmail.com (Edwardo Garcia) Date: Fri, 19 Jun 2015 17:57:15 +1000 Subject: Dovecot 2.1.9 shared folder deletion causes fault In-Reply-To: <55832087.70100@jtlabs.net> References: <55832087.70100@jtlabs.net> Message-ID: You are reporting a problem with a antique? Please try current stable version and if problem persist let us know with include the dovecot -n output. Current version is 2.2.18, pretty pointless trying to look for a bug resolution in such a old version, also, 2.1.9 maybe latest in your distribution but that is not dovecot problem, dovecot does not produce binaries for any distribution.and you are likely many many bugs in your 2.1.9 version that long been fixed. On 6/19/15, JT wrote: > Hey all, > > I'm getting a fault in dovecot (see below) using shared folders. I have > a mailbox that receives new mail (Account X/INBOX). Another account > (Account A) has access to the other account (Account X/INBOX) with ACL > below. > > The ACL directory (.DEFAULT) contains: > user=AccountA lrwst > > I removed a test email from Account A/INBOX, which is supposed to remove > the email from Account X/INBOX. A fault occurs whenever my client > (Thunderbird) attempts to connect and complete the deletion. Other > actions complete successfully. It only appears to happen when using > Thunderbird. Mac Mail does not cause the fault. > > I'm not getting a core dump so all I have is what the log outputs. I can > reproduce this regularly so let me know if you need any additional > information. > > Thanks, > > JT > > === > > Version: 2.1.9 (Ubuntu Trustydeb package) > OS: Ubuntu trusty 14.04 > > 2015-06-18T19:17:50.518505+00:00 mail-103 dovecot: imap(XXX): Error: Raw > backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x5e271) [0x7eff3f6d1271] > -> /usr/lib/dovecot/libdovecot.so.0(+0x5e34e) [0x7eff3f6d134e] -> > /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7eff3f68ca9e] -> > /usr/lib/dovecot/libdovecot-storage.so.0(+0xa7cbc) [0x7eff3f9e2cbc] -> > /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_copy+0x6c) > [0x7eff3f9ac8ec] -> > /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_move+0x15) > [0x7eff3f9ac985] -> dovecot/imap(+0xded5) [0x7eff3fe78ed5] -> > dovecot/imap(command_exec+0x3c) [0x7eff3fe836dc] -> > dovecot/imap(+0x176cf) [0x7eff3fe826cf] -> dovecot/imap(+0x17785) > [0x7eff3fe82785] -> dovecot/imap(client_handle_input+0x125) > [0x7eff3fe82aa5] -> dovecot/imap(client_input+0x75) [0x7eff3fe82e35] -> > /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x27) [0x7eff3f6e1247] > -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xd7) > [0x7eff3f6e1fd7] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x38) > [0x7eff3f6e0de8] -> > /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13) > [0x7eff3f691c93] -> dovecot/imap(main+0x2c4) [0x7eff3fe772f4] -> > /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5) [0x7eff3f2cfec5] > -> dovecot/imap(+0xc460) [0x7eff3fe77460] > 2015-06-18T19:17:50.736901+00:00 mail-103 dovecot: imap(XXX): Fatal: > master: service(imap): child 4461 killed with signal 6 (core dumped) > 2015-06-18T19:17:51.662157+00:00 mail-103 dovecot: imap(XXX): Panic: > file mail-index.c: line 380 (mail_index_keywords_unref): assertion > failed: (keywords->refcount > 0) > 2015-06-18T19:17:51.662969+00:00 mail-103 dovecot: imap(XXX): Error: Raw > backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x5e271) [0x7f3fa05bb271] > -> /usr/lib/dovecot/libdovecot.so.0(+0x5e34e) [0x7f3fa05bb34e] -> > /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f3fa0576a9e] -> > /usr/lib/dovecot/libdovecot-storage.so.0(+0xa7cbc) [0x7f3fa08cccbc] -> > /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_copy+0x6c) > [0x7f3fa08968ec] -> > /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_move+0x15) > [0x7f3fa0896985] -> dovecot/imap(+0xded5) [0x7f3fa0d62ed5] -> > dovecot/imap(command_exec+0x3c) [0x7f3fa0d6d6dc] -> > dovecot/imap(+0x176cf) [0x7f3fa0d6c6cf] -> dovecot/imap(+0x17785) > [0x7f3fa0d6c785] -> dovecot/imap(client_handle_input+0x125) > [0x7f3fa0d6caa5] -> dovecot/imap(client_input+0x75) [0x7f3fa0d6ce35] -> > /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x27) [0x7f3fa05cb247] > -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xd7) > [0x7f3fa05cbfd7] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x38) > [0x7f3fa05cade8] -> > /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13) > [0x7f3fa057bc93] -> dovecot/imap(main+0x2c4) [0x7f3fa0d612f4] -> > /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5) [0x7f3fa01b9ec5] > -> dovecot/imap(+0xc460) [0x7f3fa0d61460] > 2015-06-18T19:17:51.857451+00:00 mail-103 dovecot: imap(XXX): Fatal: > master: service(imap): child 4464 killed with signal 6 (core dumped) > > protocol imap { > imap_client_workarounds = tb-extra-mailbox-sep > imap_idle_notify_interval = 1 mins > mail_max_userip_connections = 10 > mail_plugins = acl quota acl imap_acl quota imap_quota > } > > plugin { > acl = vfile:/etc/dovecot/acl > acl_defaults_from_inbox = yes > acl_shared_dict = proxy::acl > ... > } > > namespace { > hidden = no > inbox = yes > list = yes > location = > prefix = > separator = / > subscriptions = yes > type = private > } > namespace { > hidden = no > list = children > location = > maildir:/var/mail/public/Maildir:INDEX=/var/mail/%d/%n/Maildir/public > prefix = public/ > separator = / > subscriptions = yes > type = public > } > namespace { > list = yes > location = > maildir:%%h/Maildir:CONTROL=~/Maildir/control/%%u:INDEX=~/Maildir/shared/%%u.indx:INDEXPVT=~/Maildir/shared/%%u.pvt > prefix = shared/%%u/ > separator = / > subscriptions = no > type = shared > } > From peljasz at yahoo.co.uk Fri Jun 19 08:39:10 2015 From: peljasz at yahoo.co.uk (lejeczek) Date: Fri, 19 Jun 2015 09:39:10 +0100 Subject: dsync selectively In-Reply-To: <5582C131.9000902@dovecot.fi> References: <55801198.8040600@yahoo.co.uk> <20150616121438.GC32014@mx.grmbl.net> <558021C9.3040208@yahoo.co.uk> <55802449.5070608@yahoo.co.uk> <55818D44.8060807@yahoo.co.uk> <5582C131.9000902@dovecot.fi> Message-ID: <5583D52E.9080109@yahoo.co.uk> On 18/06/15 14:01, Teemu Huovila wrote: > On 06/17/2015 06:07 PM, lejeczek wrote: >> On 16/06/15 14:27, lejeczek wrote: >>> On 16/06/15 14:16, lejeczek wrote: >>>> On 16/06/15 13:14, B wrote: >>>>> P, >>>>> >>>>> On Tue, Jun 16, 2015 at 01:07:52PM +0100, lejeczek wrote: >>>>> >>>>>> I've barely started reading on dsync and I wonder.. >>>>>> would you know if it is possible to sync/replicate only specific >>>>>> domain(users)? or it's always the whole lot? >>>>> See >>>>> http://blog.dovecot.org/2012/02/dovecot-clustering-with-dsync-based.html >>>>> >>>>> basically set 'mail_replica' to 'remote:server3' in your userdb >>>>> >>>>> >>>>> B >>>>> >>>> thanks B, >>>> userdb as appose to plugin? >>>> it's quite unclear what to put there, to a beginner. >>>> >>> also if I put mail_replica (having the rest, pretty much take form wiki in repl.conf) into userdb >>> I get: >>> >>> line 24: Unknown setting: mail_replica >>> >>> this userdb uses ldap driver in case it may matter, I guess it should not. >>> >> gee, I cannot figure it out, and I'd guess it must be sort of typical situation, >> where one would want to avoid replication os local/system users and only sync a virtual domain(s), no? >> Can it be done by means of config files? > What the original answer meant was, that you should put it in your userdb backend, in this case LDAP. So add a field in LDAP, > which for users you want to replicate points to the replication destination and for other users is blank. then add it via a LDAP > attribute template, e.g. > > user_attrs = \ > =mail_replica=%{ldap:nameOfFieldContainingReplica} > > Make sure (with auth_debug=yes and mail_debug=yes in your config)the mail_replica is empty for users you do not want to replicate. > > Please read http://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb http://wiki2.dovecot.org/Replication?highlight=%28mail_replica%29 > and http://wiki2.dovecot.org/Tools/Doveadm/Sync?highlight=%28mail_replica%29 carefully. > > br, > Teemu Huovila > ok, I hope I'm beginning to understand this, do we have an attribute good for this? Common/default schemas do not seem to provide anything suitable. many thanks. From troeder at univention.de Fri Jun 19 09:34:11 2015 From: troeder at univention.de (=?UTF-8?B?RGFuaWVsIFRyw7ZkZXI=?=) Date: Fri, 19 Jun 2015 11:34:11 +0200 Subject: setting quota through IMAP Message-ID: <5583E213.8040808@univention.de> I'd like to set the quota of a user through the IMAP protocol. I use Pythons imaplib: imap.setquota("test1m at uni.dtr", "(storage 8192)") ('NO', ['Quota can be changed only by admin.']) So... which user is the "admin" user in a virtual user setting (passwd: PAM, userdb: LDAP)? Greetings Daniel -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From peljasz at yahoo.co.uk Fri Jun 19 13:08:13 2015 From: peljasz at yahoo.co.uk (lejeczek) Date: Fri, 19 Jun 2015 14:08:13 +0100 Subject: how do I conceptualize system & virtual users? Message-ID: <5584143D.40606@yahoo.co.uk> I guess this would be a common case, I am hoping for some final clarification. a few Linux boxes share ldap (multi-master) backend that PAM/SSSD uses to authenticated users, and these LDAPs are also is used by Samba, users start @ uid 1000. Boxes are in the same both DNS and Samba domains. Do I treat these users as system or virtual users from postfix/dovecot perspective? If it can be a matter of choice then which is better/best? many thanks. From Hajo.Locke at gmx.de Fri Jun 19 13:30:50 2015 From: Hajo.Locke at gmx.de (Hajo Locke) Date: Fri, 19 Jun 2015 15:30:50 +0200 Subject: crash dovecot 2.2.18 Message-ID: <5584198A.7050104@gmx.de> Hello, after upgrading from 2.1.17 to 2.2.18 i have a specific Inbox which causes a crash on dovecot: Jun 19 09:28:03 hostname dovecot: imap(username): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x7075f) [0x7f9298c4375f] -> /usr/lib/dovecot/libdovecot.so.0(+0x707be) [0x7f9298c437be] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f9298bf11aa] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x2bd9a) [0x7f9298ee2d9a] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x98f8b) [0x7f9298f4ff8b] -> /usr/lib/dovecot/libdovecot-storage.so.0(index_mail_get_first_header+0xb9) [0x7f9298f502c9] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_get_first_header+0x38) [0x7f9298ee3d18] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0xabfa2) [0x7f9298f62fa2] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0xac1e2) [0x7f9298f631e2] -> /usr/lib/dovecot/libdovecot.so.0(i_stream_read+0x68) [0x7f9298c4d118] -> /usr/lib/dovecot/libdovecot.so.0(i_stream_read_data+0x3d) [0x7f9298c4da9d] -> /usr/lib/dovecot/libdovecot.so.0(message_parse_header_next+0x65) [0x7f9298c33065] -> /usr/lib/dovecot/libdovecot.so.0(message_parse_header+0x38) [0x7f9298c338d8] -> /usr/lib/dovecot/libdovecot-storage.so.0(index_mail_parse_headers+0x80) [0x7f9298f4f940] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x98cca) [0x7f9298f4fcca] -> /usr/lib/dovecot/libdovecot-storage.so.0(index_mail_get_first_header+0xb9) [0x7f9298f502c9] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_get_first_header+0x38) [0x7f9298ee3d18] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x9a85a) [0x7f9298f5185a] -> /usr/lib/dovecot/libdovecot-storage.so.0(index_mail_get_date+0x92) [0x7f9298f51972] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_get_date+0x36) [0x7f9298ee3b76] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0xa3113) [0x7f9298f5a113] -> /usr/lib/dovecot/libdovecot-storage.so.0(index_sort_list_add+0x31) [0x7f9298f5a471] -> /usr/lib/dovecot/libdovecot-storage.so.0(index_storage_search_next_nonblock+0x3d) [0x7f9298f5801d] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_search_next_nonblock+0x27) [0x7f9298eecd67] -> dovecot/imap [username ip.ip.ip.ip UID SORT](+0x1e7f7) [0x7f92994117f7] -> dovecot/imap [username ip.ip.ip.ip UID SORT](imap_search_start+0xf1) [0x7f9299411c41] -> dovecot/imap [username ip.ip.ip.ip UID SORT](cmd_sort+0x25b) [0x7f9299407c4b] -> dovecot/imap [username ip.ip.ip.ip UID SORT](command_exec+0x4d) [0x7f929940c40d] Mailboxformat is mbox. I think reason was a damaged Index in ~username/mail/.imap/INBOX/ I removed this folder and immediately errors are gone and Mailbox was readable again. Never noticed this kind of errors for years on 2.1.17, maybe this helps to find a Bug in Code. Thanks, Hajo From raubvogel at gmail.com Fri Jun 19 14:13:58 2015 From: raubvogel at gmail.com (Mauricio Tavares) Date: Fri, 19 Jun 2015 10:13:58 -0400 Subject: how do I conceptualize system & virtual users? In-Reply-To: <5584143D.40606@yahoo.co.uk> References: <5584143D.40606@yahoo.co.uk> Message-ID: On Jun 19, 2015 9:08 AM, "lejeczek" wrote: > > I guess this would be a common case, I am hoping for some final clarification. > > a few Linux boxes share ldap (multi-master) backend that PAM/SSSD uses to authenticated users, and these LDAPs are also is used by Samba, users start @ uid 1000. > Boxes are in the same both DNS and Samba domains. > > Do I treat these users as system or virtual users from postfix/dovecot perspective? > If it can be a matter of choice then which is better/best? > I would make them virtual users. This way you can abstract and scale things up. Also your normal users then would not need to have access to your mail servers; they only access the services. > many thanks. From skdovecot at smail.inf.fh-brs.de Fri Jun 19 14:16:40 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 19 Jun 2015 16:16:40 +0200 (CEST) Subject: setting quota through IMAP In-Reply-To: <5583E213.8040808@univention.de> References: <5583E213.8040808@univention.de> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 19 Jun 2015, Daniel Tr?der wrote: > I'd like to set the quota of a user through the IMAP protocol. I use > Pythons imaplib: > > imap.setquota("test1m at uni.dtr", "(storage 8192)") > ('NO', ['Quota can be changed only by admin.']) > > So... which user is the "admin" user in a virtual user setting (passwd: > PAM, userdb: LDAP)? You can't. Use a LDAP-Library to change the values in the UserDB directly, not via IMAP. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVYQkSHz1H7kL/d9rAQL2aggAvGuA2xjpUV5tDZAMjGTY7pfxU96nuqif Dlm6HoJpfk4H7cn4Yc5NXi5rExk45KSBWn5CffKES4nPeMOQ6o7Tc3H5zDEak1Iv iQGStBvSrKzML4tKz9n5j2GAertFYTvxk1bVAA9pJzmFO7HNWfOzxu3GypVEL4lU MYmHwR3emxCIU8FmWxLTiPqsvgLYHJDxRbE/usFWW6X79gUeBuA265SsmUB8OM9E qkUnMv1YZCWgxAXLC+I5W+F275pTyAc82roVZwuX4cJdA8VG2aLzQRG0lnYjxHuc 99IvRf3BJqOxtJVlVKk2I/rqNRiXqlvqVYduHm/VnrxJEsElPt9USw== =ykQL -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Fri Jun 19 14:18:34 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 19 Jun 2015 16:18:34 +0200 (CEST) Subject: how do I conceptualize system & virtual users? In-Reply-To: <5584143D.40606@yahoo.co.uk> References: <5584143D.40606@yahoo.co.uk> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 19 Jun 2015, lejeczek wrote: > a few Linux boxes share ldap (multi-master) backend that PAM/SSSD uses to > authenticated users, and these LDAPs are also is used by Samba, users start @ > uid 1000. > Boxes are in the same both DNS and Samba domains. > > Do I treat these users as system or virtual users from postfix/dovecot > perspective? > If it can be a matter of choice then which is better/best? I used system users, but because I use a dedicated mail server and I needed IMAP ACLs and sharing of mailboxes, I switched to virtual users. Depending on security concerns virtual users are easier to manage, IMHO. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVYQkunz1H7kL/d9rAQL0DAf/f4syrrjKjDZxbyIE4f6QRI+NA3yMNwr/ uxpJbZUwo2K8NLlSiez96rsOJ1kSuF0ZL8/wjFZByIfrppO2oXFodCaNdkXcDB6H G4fkR0NcKgbKikO0ADpruHGcwiDD7q/jNLpNL96TgDZMnzq+6JNcG7eUfGAt+PKP GURIEtOoq0pqlU3kfylcEjju1ybczvLgXAA6w+pa7saIoWnGy+X/4CUy6i2KwBqZ SHB4fAZT5k0pIHeB7MMt+PoGSgT28ddAGlJWizLLkck6MADlhGZGK4vT4gbLgt/g 9XaxUg30Q+VfSJS+jxiiowlcmw3BPUCTJzj6BoYRaWwK/DWakg2CsA== =3g4i -----END PGP SIGNATURE----- From peljasz at yahoo.co.uk Fri Jun 19 15:12:11 2015 From: peljasz at yahoo.co.uk (lejeczek) Date: Fri, 19 Jun 2015 16:12:11 +0100 Subject: how do I conceptualize system & virtual users? In-Reply-To: References: <5584143D.40606@yahoo.co.uk> Message-ID: <5584314B.3060600@yahoo.co.uk> On 19/06/15 15:13, Mauricio Tavares wrote: > On Jun 19, 2015 9:08 AM, "lejeczek" wrote: >> I guess this would be a common case, I am hoping for some final > clarification. >> a few Linux boxes share ldap (multi-master) backend that PAM/SSSD uses to > authenticated users, and these LDAPs are also is used by Samba, users start > @ uid 1000. >> Boxes are in the same both DNS and Samba domains. >> >> Do I treat these users as system or virtual users from postfix/dovecot > perspective? >> If it can be a matter of choice then which is better/best? >> > I would make them virtual users. This way you can abstract and scale > things up. Also your normal users then would not need to have access to > your mail servers; they only access the services. > >> many thanks. it can be a tricky for beginner to define those, in old days when one said system users thought of OS dedicated accounts for daemons/services etc. In this team of postfix+dovecot, which one decides whether user is canonical/system or virtual? From mickael.choisnard at free.fr Fri Jun 19 16:27:46 2015 From: mickael.choisnard at free.fr (Mickael Choisnard) Date: Fri, 19 Jun 2015 18:27:46 +0200 Subject: [Dovecot] question about /var/mail/xxx In-Reply-To: References: <5583B6B4.5080807@free.fr> Message-ID: <55844302.4060503@free.fr> Le 19/06/2015 09:04, Steffen Kaiser a ?crit : > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Fri, 19 Jun 2015, Mickael Choisnard wrote: > >> Date: Fri, 19 Jun 2015 08:29:08 +0200 >> From: Mickael Choisnard >> To: dovecot at dovecot.org >> Subject: [Dovecot] question about /var/mail/xxx >> >> Hi, >> I need your help to use dovecot with sendmail >> I use a fresh debian 8 jessie and i installed sendmail and dovecot 2. >> Sendmail works fine. >> >> All mails go to /var/mail/xxx >> >> this is problem for dovecot. dovecot cannot get it. >> >> # 2.2.13: /etc/dovecot/dovecot.conf >> # OS: Linux 3.16.0-4-amd64 x86_64 Debian 8.1 >> auth_mechanisms = plain login >> auth_verbose = yes >> auth_verbose_passwords = yes >> disable_plaintext_auth = no >> first_valid_uid = 116 >> last_valid_uid = 116 >> log_path = /var/log/dovecot.log >> mail_home = /srv/mail/%u >> mail_location = mbox:~/mail:INBOX=/var/mail/%u >> mail_privileged_group = mail >> namespace inbox { >> inbox = yes >> location = >> mailbox Drafts { >> special_use = \Drafts >> } >> mailbox Junk { >> special_use = \Junk >> } >> mailbox Sent { >> special_use = \Sent >> } >> mailbox "Sent Messages" { >> special_use = \Sent >> } >> mailbox Trash { >> special_use = \Trash >> } >> prefix = >> } >> passdb { >> args = scheme=SHA-CRYPT /etc/dovecot/users >> driver = passwd-file >> } >> postmaster_address = root at arpagon >> protocols = " imap pop3" >> service auth { >> unix_listener auth-userdb { >> group = vmail >> user = vmail >> } >> } >> ssl = no >> userdb { >> args = uid=vmail gid=vmail home=/srv/vmail/%d/%n >> driver = static >> } >> >> cat /var/log/dovecot.log >> >> Jun 19 08:14:18 imap-login: Info: Login: user=, >> method=PLAIN, rip=10.11.12.30, lip=88.179.182.93, mpid=18799, >> session= >> Jun 19 08:14:18 imap(mc110771): Info: Disconnected: Logged out in=8 >> out=395 >> Jun 19 08:14:26 imap-login: Info: Login: user=, >> method=PLAIN, rip=10.11.12.30, lip=88.179.182.93, mpid=18801, >> session= >> Jun 19 08:14:26 imap-login: Info: Login: user=, >> method=PLAIN, rip=10.11.12.30, lip=88.179.182.93, mpid=18803, >> session= >> Jun 19 08:14:26 imap(mc120771): Error: open() failed with mbox file >> /var/mail/mc120771: Permission denied > > what permissions have these files? -rw-rw---- mc120771 mail I'm in the configuration like this http://wiki2.dovecot.org/MailLocation/mbox I use "mail_privileged_group = mail" whithout success Maybe i can do this http://wiki2.dovecot.org/LDA/Sendmail > >> Jun 19 08:14:57 imap(mc120771): Info: Disconnected: Logged out in=137 >> out=640 >> Jun 19 08:14:57 imap(mc120771): Info: Disconnected: Logged out in=74 >> out=547 >> Jun 19 08:18:47 imap-login: Info: Disconnected (no auth attempts in 0 >> secs): user=<>, rip=10.11.12.45, lip=88.179.182.93, >> session= >> Jun 19 08:18:47 imap-login: Info: Disconnected (no auth attempts in 0 >> secs): user=<>, rip=10.11.12.45, lip=88.179.182.93, >> session=<2gOX5dgYigAKCwwt> >> Jun 19 08:18:47 imap-login: Info: Disconnected (no auth attempts in 0 >> secs): user=<>, rip=10.11.12.45, lip=88.179.182.93, >> session= >> > > - -- Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iQEVAwUBVYO+/Xz1H7kL/d9rAQIanggAjEpTu5XO/bbmsZlCxtqircdUkHzCxih1 > 6BdH2D7VlCv2UKPfk+xrY7GJoZEWg4cXYsOb3YfGwgLPffTMxvxZ5bOcW4O46jfn > YfVqkLmOTVL66MQR5Z+bxR3oi/5fIGFIPDQ268XRZOLuFb6adGgQyu5GiASkrx9A > YXGz9XYwI2yYAN0PxgajNbLlsu/x36b/xMSl8j9YdeZryDHhiG7p5AKluijwfMBg > 4Eu+Tr7LabU0iYQuLSFqfV9sNLA4PCOIoJANPGaCcl+xVoPwKok+/GeVJIHNMFa/ > cCH04Vc414g5TzVbHreYrJAD86z2WBPQjk37ZmGplnePCKSpsOdP/A== > =r68Y > -----END PGP SIGNATURE----- > > > From dovecot-m at homeinbox.net Fri Jun 19 17:41:19 2015 From: dovecot-m at homeinbox.net (Mark) Date: Fri, 19 Jun 2015 18:41:19 +0100 Subject: Large jumps in dovecot-uidlist In-Reply-To: <557F05B2.9070303@homeinbox.net> References: <557D4D80.4020501@homeinbox.net> <1434386794.4524.9.camel@z-51.de> <557F05B2.9070303@homeinbox.net> Message-ID: <5584543F.508@homeinbox.net> On 15/06/2015 18:04, Mark wrote: > On 15/06/2015 17:46, Felix Zielcke wrote: >> Am Sonntag, den 14.06.2015, 10:46 +0100 schrieb Mark: >>> Since upgrading to Debian Wheezy >> ... >>> # 2.2.13: /etc/dovecot/dovecot.conf >>> # OS: Linux 3.2.0-4-kirkwood armv5tel Debian 7.8 >> >> So it's dovecot from the backports. >> Didn't you notice that since about 2 months there's now jessie out? > > I did. Based on my previous experience of upgrading Debian as soon as > the new release was announced and having to roll everything back because > of this problem I'm taking a more cautious approach this time. > >> That has 2.2.13 too but maybe it's an issue outside of dovecot in some >> library. Or just a bug in the backport. > > Possibly. I'm not against doing the full upgrade to Jessie to see what > effect that has. I've been running the backport for a while and the > problem certainly hasn't got worse. I'll see if I can find some time in > the next few days to try the upgrade. I haven't found the time to do the upgrade to Jessie yet but I have tweaked my checking script to run more frequently. That gave me a narrower window to look at in the logs and these messages appear at the same time as the jump is introduced into the UID list: Jun 19 17:00:57 server02 dovecot: imap(mark): Error: Log synchronization error at seq=2,offset=152 for /secure/home/mark/Maildir/.Apache.Misc.committers/dovecot.index: Append with UID 2427206830, but next_uid = 2685375011 Jun 19 17:00:57 server02 dovecot: imap(mark): Warning: fscking index file /secure/home/mark/Maildir/.Apache.Misc.committers/dovecot.index I've done some Googling but haven't (yet) found anything that might match up. I'm hoping that the above might provide enough information to someone more familiar with Dovecot than me to suggest what I might be able to do to fix this. If not, I'll see what happens post Jessie upgrade. Thanks in advance, Mark From troeder at univention.de Fri Jun 19 18:58:57 2015 From: troeder at univention.de (=?UTF-8?B?RGFuaWVsIFRyw7ZkZXI=?=) Date: Fri, 19 Jun 2015 20:58:57 +0200 Subject: setting quota through IMAP In-Reply-To: References: <5583E213.8040808@univention.de> Message-ID: <55846671.8030306@univention.de> Am 19.06.2015 um 16:16 schrieb Steffen Kaiser: > On Fri, 19 Jun 2015, Daniel Tr?der wrote: > >> I'd like to set the quota of a user through the IMAP protocol. I use >> Pythons imaplib: > >> imap.setquota("test1m at uni.dtr", "(storage 8192)") >> ('NO', ['Quota can be changed only by admin.']) > >> So... which user is the "admin" user in a virtual user setting (passwd: >> PAM, userdb: LDAP)? > > You can't. Use a LDAP-Library to change the values in the UserDB > directly, not via IMAP. Sure - I do anyway - this was just for a test-case I was writing. I'm curious though: in which scenario / IMAP-server does this work? Maybe in a setting with a root (uid=0) email user? Or with Cyrus (which has a admin user)? Greetings Daniel -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From mickael.choisnard at free.fr Fri Jun 19 21:37:55 2015 From: mickael.choisnard at free.fr (Mickael Choisnard) Date: Fri, 19 Jun 2015 23:37:55 +0200 Subject: [Dovecot] question about /var/mail/xxx In-Reply-To: References: <5583B6B4.5080807@free.fr> Message-ID: <55848BB3.1000206@free.fr> Hi, I changed my sendmail.cf with dovecot-lda. No success. i despair to find a solution. It's a debian bug. I don't know what i can do. Quit sendmail to postfix ? Download dovecot sources ? From voytek at sbt.net.au Sat Jun 20 06:43:11 2015 From: voytek at sbt.net.au (voytek at sbt.net.au) Date: Sat, 20 Jun 2015 16:43:11 +1000 Subject: help with t/s retrieval 'hangs' disconnect for inactivity In-Reply-To: References: <7140d3928c15e7d2b671017c76677d9c.squirrel@sbt.net.au> Message-ID: <51a80fc6a64c1ca6c6de8b7bd450354c.squirrel@sbt.net.au> On Fri, June 19, 2015 5:02 pm, Steffen Kaiser wrote: >> >> Jun 19 11:28:31 pop3(it at aaaa.com.au): Info: Disconnected for inactivity >> in reading our output top=0/0, retr=1/0, del=0/56, size=6562805 Jun 19 >> 11:29:20 pop3(it at aaa.com.au): Info: Connection closed top=0/0, >> retr=1/0, del=0/56, size=6562805 > > verify that the TCP connection is working using wireshark or similiar > tool. Maybe a firewall on your side cuts the connection? > Steffen, thanks. it seems it was some issue with "abnormal long time reponse from some Thai gateways", as reported back by o/s user is there some system where such issues are reported ? I vaguely recall being shown something like that in the past? From mysql.jorge at decimal.pt Sat Jun 20 10:26:33 2015 From: mysql.jorge at decimal.pt (Jorge Bastos) Date: Sat, 20 Jun 2015 11:26:33 +0100 Subject: help with t/s retrieval 'hangs' disconnect for inactivity In-Reply-To: <7140d3928c15e7d2b671017c76677d9c.squirrel@sbt.net.au> References: <7140d3928c15e7d2b671017c76677d9c.squirrel@sbt.net.au> Message-ID: <002a01d0ab43$94a56450$bdf02cf0$@jorge@decimal.pt> My guess would be some crazy formated email that is causing that. Login via webmail/other email client and manage those new emails, > -----Original Message----- > From: dovecot [mailto:dovecot-bounces at dovecot.org] On Behalf Of > voytek at sbt.net.au > Sent: sexta-feira, 19 de Junho de 2015 02:45 > To: dovecot at dovecot.org > Subject: help with t/s retrieval 'hangs' disconnect for inactivity > > I have Dovecot 2.1.17 on Centos, all working well > > since yesterday one user complaining he can not retrieve emails, TBird > mail client says like '1 of 9' and, doesn't go any further. > > that's on several of his PCs using TBird, on a LAN behind f/wall, quite > physically remote to server, server in Sydney, remote client is SEAsia > > looking at logs I see emails access, looking at server Maildir , new > emails get moved from 'new' to 'cur' > > what else can I do from server end ? > what else should be done from user end ? > > Jun 19 11:28:31 pop3(it at aaaa.com.au): Info: Disconnected for inactivity > in reading our output top=0/0, retr=1/0, del=0/56, size=6562805 Jun 19 > 11:29:20 pop3(it at aaa.com.au): Info: Connection closed top=0/0, > retr=1/0, del=0/56, size=6562805 From gessel at blackrosetech.com Sat Jun 20 15:20:37 2015 From: gessel at blackrosetech.com (David Gessel) Date: Sat, 20 Jun 2015 18:20:37 +0300 Subject: Dovecot 2.2.16: disappearing messages, mismatched summaries, duplicated messages, excessive full re-downloads In-Reply-To: <628B9CAD-A236-48A6-9F2E-B4CBFDDB15D2@iki.fi> References: <553247D0.1020400@blackrosetech.com> <5532557D.10000@blackrosetech.com> <"> <3C3A4690-1FB3-4972-92E3-B2E1B554ECB6@iki.fi> <"> <55390406.9070701@blackrosetech.com> <555C496C.8030809@blackrosetech.com> <556C5E50.6060509@skye.it> <557F72C3.9050102@blackrosetech.com> <628B9CAD-A236-48A6-9F2E-B4CBFDDB15D2@iki.fi> Message-ID: <558584C5.9040409@blackrosetech.com> -------- Original Message -------- Subject: Re: Dovecot 2.2.16: disappearing messages, mismatched summaries, duplicated messages, excessive full re-downloads From: Timo Sirainen To: David Gessel Date: Wed Jun 17 2015 14:29:08 GMT+0300 (Arabic Standard Time) > On 16 Jun 2015, at 03:50, David Gessel wrote: >> >>> Alessio Cecchi skrev den 2015-06-01 15:29: >>>> Il 20/05/2015 10:44, David Gessel ha scritto: >>>>> Is there a way to completely disable caching on dovecot? >>>> >>>> Yes: mail_location = maildir:~/Maildir:INDEX=MEMORY >>> >>> dont know if that really solve it, imho it just move the problem from disk cache to memory cache, it does not imho disable it >> >> >> It seemed to do the trick. Behavior finally seems normal. The best evidence: At 10:00:00-ish I made the change in the config file and at 10:02:29 I restarted the server. >> >> It is now after 17:14 in Oakland and the logs are quiet. >> >> 09:00:06 host newsyslog[55292]: logfile turned over due to size>1000K >> 09:00:08 imap(user1): Warning: Maildir /mail/dom1.com/user1/: Expunged message reappeared, giving a new UID (old uid=3558585, file=1434383291.M430136P55004.host,S=2380,W=2423:2,) >> 09:00:08 imap(user1): Warning: Maildir /mail/dom1.com/user1/: Expunged message reappeared, giving a new UID (old uid=3558586, file=1434383253.M121801P54997.host,S=27419,W=28395:2,) > .. >> The last log file was turned over when it got greater than 1000K. It covered 1312 minutes and 3726 "expunged Message" warnings or one every 21 seconds. There hasn't been a single one in the 7+ hours since I moved the index to MEMORY. >> >> Whatever is confusing the index state on disk, it is not happening in RAM. > > Well, it's also possible that the confusion is still happening, but Dovecot just doesn't notice it. If it is, IMAP clients may randomly not see all messages or may otherwise have strange behavior. > As far as anyone has been able to determine, all artifacts are resolved. I believe it is fair to say "SOLVED." As I often start trying to solve problems by searching the list archives, I'll append my description of the artifacts as googlebait to the bottom of this message. I am curious if setting INDEX=MEMORY "disables the index completely" as per http://wiki2.dovecot.org/MailLocation: "If you really want to, you can also disable the index files completely by appending :INDEX=MEMORY." Or if there are index files in memory as one might assume taking the directive literally, and if so, if these are functionally equivalent to, say, Courier IMAP's caching model. Performance seems excellent, all features seem to work fine. A list of the artifacts that were observed before setting INDEX=MEMORY, all of which have been resolved by the directive change include: *Client Artifacts* Thunderbird 31.6 Win 7 Ultimate SP1: - messages disappear and reappear with checks somewhat randomly. - Sometimes full re-download of folders is triggered, also seems random - Copies of messages appear, sometimes multiplying with each mail check up to about 5-8 or so of each message. - The summary information in the list pane doesn't match the message headers in the preview pane *All resolved with the fix* Mulberry 4.08 Win 7 Ultimate SP1: - messages disappear and reappear - full re-scans of entire folders triggered occasionally when changing folders, but not always - message list filled with semi-blank entries (message number, status flags, and dates are listed, but no sender, subject, or body is available). The time stamps do not appear to be correct "date received". - message list fills with duplicates - the last of the set of duplicates, which are not necessarily sequentially numbered, has load-able body text and headers, but the others do not. There may be 3-5 copies, only one of which is the real message. The inbox is sequentially numbered by "message number" (the "natural order of the mailbox") and duplicates have unique numbers. *All resolved with the fix* Claws 3.10.1 Win 7 Ultimate SP1 - initial load is correct, but once claws tries to sync mail, it locks up and never releases (even after days). Claws is weird like that. - Initial load is very fast * Mostly works * - claws still refuses to respond to the "exit" command and has to be force-quit. This is a widely reported claws issue. - All mail tasks work fine, no artifacts other than refusing to quit. Sylpheed 3.4.2 Win 7 Ultimate SP1 - mail list always looks fine, but sometimes clicking a message shows "can't display" in the preview pane *Resolved with the fix* Thunderbird 31.5 Linux Mint 17 Qaina 3.13.0-24-generic - messages disappear and reappear with checks somewhat randomly. - Sometimes full redownload of folders is triggered, also seems random - Copies of messages appear, sometimes multiplying with each mail check - The summary information in the list pane doesn't match the message headers in the preview pane - wrong message total (every other client agrees on 2576 but TB-linux says 3242, perhaps counting dups) *All resolved with the fix* Claws 3.9.3 Linux Mint 17 Qaina 3.13.0-24-generic - Occasionally shows "this message can't be displayed" (haven't tested, but I'm guessing it is fixed) K-9 5.004 Android 4.3 - messages appear and then disappear on the next check - message body is occasionally blank (only subject and arrival time appear, no body preview line, clicking on the message shows "no text" - K-9 reports an absurdly large number of messages to download - K-9's notification message appears constantly with notifications of already downloaded messages - Battery usage is excessive (K-9 sometimes uses more battery than the display) - excessive bandwidth usage *All resolved with the fix* *Server artifacts:* dovecot.log shows runs of this error: Apr 15 09:02:37 imap(user at domain.com): Warning: Maildir /mail/domain.com/user//.Sent: Expunged message reappeared, giving a new UID (old uid=306286, file=1429102024.M826331P1156.host,S=1678,W=1724:2,S) or this error: Apr 15 10:04:00 indexer-worker(user at domain.com): Warning: Maildir /mail/domain.com/user//.Sent: Expunged message reappeared, giving a new UID (old uid=306803, file=1428785463.M645546P27215.host,S=5389,W=5442:2,S) # grep -c "Expunged message reappeared" dovecot.log.0 8981 On my server, "Expunged message reappeared" errors were being logged at a rate of about 3-5,000 per hour. After the fix, the error has not been logged at all. # doveadm dump -t mailboxlog /mail/domain.com/user #0: rename 000000803de108b60f00000000000000 (1969-12-31 16:00:00) #24: 00000000000000000000000000000000 (1969-12-31 16:00:00) #48: 000000000000000000000000c8272100 (1969-12-31 16:01:04) #72: 00002e61726368697665732e32303031 (2031-02-20 10:50:40) Fatal: rec read() 10 != 24 After the fix: # doveadm dump -t mailboxlog /mail/domain.com/user #0: rename 00000080fba020fd0600000000000000 (1969-12-31 16:00:00) #24: 00000000000000000000000000000000 (1969-12-31 16:00:00) #48: 000000000000000000000000e9a83900 (1969-12-31 16:02:08) #72: 0000646f7665636f742d75696476616c (2026-01-11 19:24:36) Fatal: rec read() 10 != 24 - OK, that's not fixed. :-( # doveadm dump -t fts-expunge-log /mail/domain.com/user Fatal: Invalid record_size=2147483648 at offset 0 After the fix: # doveadm dump -t fts-expunge-log /mail/domain.com/user Fatal: Invalid record_size=2147483648 at offset 0 Perhaps there are still some corrupt messages? Any way to clean those up? This is either a different issue completely or it is a persistent artifact of the previous issue. I have done a # find /mail/ -name "dovecot*" -type f -delete since changing the directive followed by a jail reboot, are there any other files that should be deleted and allowed to recreate? doveadm_ files? lucene-indexes? # doveadm dump -t log /mail/domain.com/user version = 0.0 hdr size = 0 index id = 0 file seq = 0 prev file = 0/0 create stamp = 0 initial modseq = 0 compat flags = 0 record: offset=0, type=unknown: 80000000, size=broken (3) perhaps the size values should be recomputed with http://dovecot.org/tools/maildir-size-fix.pl ? # doveadm dump -t thread /mail/domain.com/user Fatal: mmap() failed: Invalid argument From wogri at wogri.com Sat Jun 20 20:29:53 2015 From: wogri at wogri.com (Wolfgang Hennerbichler) Date: Sat, 20 Jun 2015 22:29:53 +0200 Subject: Duplicate mails with pop3 + dsync replication Message-ID: Hi, When I enable (and it only happens when it is actually running) replication over TCP my users get duplicate mails via pop3. Here?s what happens: * User gets mail * Mail appears in (Maildir) new/ folder on both replicas * user retrieves mail (retr), calls dele. Mail still exists in new/ folder on both replicas. * user runs retr (and gets the duplicate) and dele a second time, the mail is actually removed. If I disable replication this behaviour goes away. I use dovecot from debian stable resources. Any help would _really_ be appreciated. I found one german thread that dealt with the same problem, but no solution for it (http://www.dovecot-buch.de/mailingliste/pop3-fehler-bei-delete-und-dsync-replikation/) wogri # dovecot --version 2.2.13 # dovecot -n # 2.2.13: /etc/dovecot/dovecot.conf # OS: Linux 3.16.0-4-amd64 x86_64 Debian 8.0 ext4 auth_verbose = yes doveadm_password = XXX first_valid_gid = 113 first_valid_uid = 108 last_valid_gid = 113 last_valid_uid = 108 mail_gid = dovecot mail_location = maildir:/var/mail/%n mail_plugins = quota fts fts_lucene virtual notify replication mail_temp_dir = /var/lib/dovecot/tmp mail_uid = dovecot namespace { list = children location = virtual:/var/mail/%n/virtual prefix = virtual. separator = . } namespace inbox { inbox = yes list = yes location = mailbox "Deleted Messages" { auto = subscribe special_use = \Trash } mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { auto = no special_use = \Sent } mailbox Spam { auto = subscribe special_use = \Junk } [48/4646] mailbox Trash { special_use = \Trash } prefix = separator = . subscriptions = yes type = private } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { default_language = de fts = lucene fts_lucene = whitespace_chars=@. mail_replica = tcp:172.16.1.1:12345 quota = maildir:User quota quota_rule = *:storage=4G quota_rule2 = Trash:storage=+100M quota_rule3 = Spam:ignore quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = /etc/sieve/%n.sieve sieve_default = /etc/sieve/default.sieve sieve_dir = ~/sieve sieve_extensions = +editheader } postmaster_address = postmaster at wogri.at protocols = " imap lmtp pop3" service aggregator { fifo_listener replication-notify-fifo { user = dovecot } unix_listener replication-notify { user = dovecot } } service doveadm { inet_listener { port = 12345 } } service imap { process_limit = 1024 } } service lmtp { inet_listener lmtp { address = 127.0.0.1 port = 2003 } user = dovecot } service managesieve-login { inet_listener sieve { port = 4190 } service_count = 1 } service pop3 { process_limit = 1024 } service quota-warning { executable = script /usr/local/sbin/quota-warning.sh unix_listener quota-warning { user = dovecot } user = dovecot } service replicator { process_min_avail = 1 unix_listener replicator-doveadm { mode = 0600 } } ssl = required ssl_cert = From dmiller at amfes.com Sat Jun 20 21:21:24 2015 From: dmiller at amfes.com (Daniel Miller) Date: Sat, 20 Jun 2015 21:21:24 +0000 Subject: Virtual Mailboxes Message-ID: Having some trouble with my first attempt at virtual mailboxes. ?I've enabled the plugin in 10-mail.conf, added a virtual namespace, and created the dovecot-virtual files in the folders. I see the folder names in the list when I refresh the folders available for subscription - but the folders cannot be subscribed to and I can't view their contents. ?What obvious mistake did I make? doveconf -n: auth_cache_size = 4 k auth_mechanisms = plain login default_login_user = nobody default_vsz_limit = 1 G dict { ? acl = mysql:/usr/local/etc/dovecot/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no listen = * mail_attachment_dir = /var/mail/attachments mail_plugins = fts fts_solr acl zlib virtual mail_shared_explicit_inbox = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mdbox_rotate_interval = 1 days mdbox_rotate_size = 32 M namespace { ? hidden = no ? inbox = yes ? list = yes ? location = ? prefix = ? separator = / ? subscriptions = yes ? type = private } namespace { ? list = children ? location = mdbox:/var/mail/%%d/%%n/mdbox ? prefix = shared/%%n/ ? separator = / ? subscriptions = no ? type = shared } namespace { ? location = virtual:/var/mail/%%d/%%n/mdbox/virtual ? prefix = virtual/ ? separator = / } passdb { ? args = /usr/local/etc/dovecot/dovecot-ldap.conf ? driver = ldap } plugin { ? acl = vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300 ? acl_shared_dict = proxy::acl ? fts = solr ? fts_autoindex = yes ? fts_solr = break-imap-search url=http://solr.amfes.lan:8983/solr/ ? sieve = ~/.dovecot.sieve ? sieve_dir = ~/sieve } protocols = imap lmtp sieve service auth { ? unix_listener /var/spool/postfix/private/auth { ? ? group = postfix ? ? mode = 0660 ? ? user = postfix ? } ? unix_listener auth-userdb { ? ? group = mail ? ? mode = 0600 ? ? user = vmail ? } } service dict { ? unix_listener dict { ? ? group = mail ? ? mode = 0660 ? ? user = vmail ? } } service imap-login { ? process_limit = 200 ? process_min_avail = 10 ? service_count = 1 } service lmtp { ? process_min_avail = 5 ? unix_listener /var/spool/postfix/private/dovecot-lmtp { ? ? group = mail ? ? mode = 0666 ? ? user = vmail ? } } service managesieve-login { ? inet_listener sieve { ? ? port = 4190 ? } ? inet_listener sieve_deprecated { ? ? port = 2000 ? } ? process_min_avail = 0 ? service_count = 1 } ssl_cert = From dmiller at amfes.com Sat Jun 20 21:50:09 2015 From: dmiller at amfes.com (dmiller at amfes.com) Date: Sat, 20 Jun 2015 14:50:09 -0700 Subject: Virtual Mailboxes In-Reply-To: <41d3ec6ca13fd96e50b56559ca6f77bb@amfes.com> References: <41d3ec6ca13fd96e50b56559ca6f77bb@amfes.com> Message-ID: The first bonehead maneuver seems to be: location = virtual:/var/mail/%%d/%%n/mdbox/virtual I'm thinking it should be: location = virtual:/var/mail/%%d/%%n/mdbox/mailboxes/virtual But...it didn't seem to make a difference. And if I have the "virtual" folder tree under a location other than "/var/mail/domain/user/mdbox/mailboxes" no names appear - so I think I have the files in the right place. Any ideas? -- Daniel On 2015-06-20 14:34, dmiller at amfes.com wrote: > > Having some trouble with my first attempt at virtual mailboxes. I've > enabled the plugin in 10-mail.conf, added a virtual namespace, and > created the dovecot-virtual files in the folders. > > I see the folder names in the list when I refresh the folders > available for subscription - but the folders cannot be subscribed to > and I can't view their contents. What obvious mistake did I make? > > doveconf -n: > auth_cache_size = 4 k > auth_mechanisms = plain login > default_login_user = nobody > default_vsz_limit = 1 G > dict { > acl = mysql:/usr/local/etc/dovecot/dovecot-dict-sql.conf.ext > } > disable_plaintext_auth = no > listen = * > mail_attachment_dir = /var/mail/attachments > mail_plugins = fts fts_solr acl zlib virtual > mail_shared_explicit_inbox = yes > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope > encoded-character vacation subaddress comparator-i;ascii-numeric > relational regex imap4flags copy include variables body enotify > environment mailbox date index ihave duplicate > mdbox_rotate_interval = 1 days > mdbox_rotate_size = 32 M > namespace { > hidden = no > inbox = yes > list = yes > location = > prefix = > separator = / > subscriptions = yes > type = private > } > namespace { > list = children > location = mdbox:/var/mail/%%d/%%n/mdbox > prefix = shared/%%n/ > separator = / > subscriptions = no > type = shared > } > namespace { > location = virtual:/var/mail/%%d/%%n/mdbox/virtual > prefix = virtual/ > separator = / > } > passdb { > args = /usr/local/etc/dovecot/dovecot-ldap.conf > driver = ldap > } > plugin { > acl = vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300 > acl_shared_dict = proxy::acl > fts = solr > fts_autoindex = yes > fts_solr = break-imap-search url=http://solr.amfes.lan:8983/solr/ > sieve = ~/.dovecot.sieve > sieve_dir = ~/sieve > } > protocols = imap lmtp sieve > service auth { > unix_listener /var/spool/postfix/private/auth { > group = postfix > mode = 0660 > user = postfix > } > unix_listener auth-userdb { > group = mail > mode = 0600 > user = vmail > } > } > service dict { > unix_listener dict { > group = mail > mode = 0660 > user = vmail > } > } > service imap-login { > process_limit = 200 > process_min_avail = 10 > service_count = 1 > } > service lmtp { > process_min_avail = 5 > unix_listener /var/spool/postfix/private/dovecot-lmtp { > group = mail > mode = 0666 > user = vmail > } > } > service managesieve-login { > inet_listener sieve { > port = 4190 > } > inet_listener sieve_deprecated { > port = 2000 > } > process_min_avail = 0 > service_count = 1 > } > ssl_cert = ssl_key = userdb { > driver = prefetch > } > userdb { > args = /usr/local/etc/dovecot/dovecot-ldap.conf > driver = ldap > } > verbose_proctitle = yes > protocol lmtp { > mail_plugins = fts fts_solr acl zlib virtual sieve > } > protocol lda { > mail_plugins = fts fts_solr acl zlib virtual sieve > } > protocol imap { > imap_client_workarounds = tb-extra-mailbox-sep > imap_idle_notify_interval = 29 mins > mail_max_userip_connections = 50 > mail_plugins = fts fts_solr acl zlib virtual imap_acl > } > local 192.168.0.2 { > protocol imap { > ssl_cert = ssl_key = } > } > > Given my mail storage location of /var/mail/%%d/%%n, I have created: > /var/mail/mydomain/myname/virtual/newfolder > > and within that folder created a dovecot-virtual. I created a few like > this from the wiki samples - the folder names are visible but no > contents. > > -- > Daniel From edward at 4angle.com Sun Jun 21 09:41:48 2015 From: edward at 4angle.com (Edward Betts) Date: Sun, 21 Jun 2015 10:41:48 +0100 Subject: dovecot auth using 100% CPU Message-ID: <20150621094148.GA8593@4angle.com> Every few days I find that dovecot auth is using all my CPU. This is from dovecot 2.2.13, I've just upgraded to 2.2.18 strace -r -p 17956 output: Process 17956 attached 0.000000 lseek(19, 0, SEEK_CUR) = -1 ESPIPE (Illegal seek) 0.000057 getsockname(19, {sa_family=AF_LOCAL, NULL}, [2]) = 0 0.000043 epoll_ctl(15, EPOLL_CTL_ADD, 19, {EPOLLIN|EPOLLPRI|EPOLLERR|EPOLLHUP, {u32=850618928, u64=140128453618224}}) = 0 0.000040 write(19, "VERSION\tauth-worker\t1\t0\nDBHASH\t5"..., 97) = -1 EPIPE (Broken pipe) 0.000035 --- SIGPIPE {si_signo=SIGPIPE, si_code=SI_USER, si_pid=17956, si_uid=108} --- 0.000020 epoll_wait(15, {{EPOLLIN|EPOLLHUP, {u32=850618928, u64=140128453618224}}}, 14, 12614) = 1 0.000031 read(19, "", 8192) = 0 0.000026 epoll_ctl(15, EPOLL_CTL_DEL, 19, 7fff77616870) = 0 0.000027 close(19) = 0 0.000029 socket(PF_LOCAL, SOCK_STREAM, 0) = 19 0.000027 fcntl(19, F_GETFL) = 0x2 (flags O_RDWR) 0.000028 fcntl(19, F_SETFL, O_RDWR|O_NONBLOCK) = 0 0.000029 connect(19, {sa_family=AF_LOCAL, sun_path="auth-worker"}, 110) = 0 0.000033 fstat(19, {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0 0.000033 lseek(19, 0, SEEK_CUR) = -1 ESPIPE (Illegal seek) 0.000026 getsockname(19, {sa_family=AF_LOCAL, NULL}, [2]) = 0 0.000030 epoll_ctl(15, EPOLL_CTL_ADD, 19, {EPOLLIN|EPOLLPRI|EPOLLERR|EPOLLHUP, {u32=850618928, u64=140128453618224}}) = 0 0.000035 write(19, "VERSION\tauth-worker\t1\t0\nDBHASH\t5"..., 97) = -1 EPIPE (Broken pipe) 0.000029 --- SIGPIPE {si_signo=SIGPIPE, si_code=SI_USER, si_pid=17956, si_uid=108} --- 0.000015 epoll_wait(15, {{EPOLLIN|EPOLLHUP, {u32=850618928, u64=140128453618224}}}, 14, 12614) = 1 0.000031 read(19, "", 8192) = 0 0.000026 epoll_ctl(15, EPOLL_CTL_DEL, 19, 7fff77616870) = 0 0.000027 close(19) = 0 0.000028 socket(PF_LOCAL, SOCK_STREAM, 0) = 19 0.000036 fcntl(19, F_GETFL) = 0x2 (flags O_RDWR) 0.000026 fcntl(19, F_SETFL, O_RDWR|O_NONBLOCK) = 0 0.000024 connect(19, {sa_family=AF_LOCAL, sun_path="auth-worker"}, 110) = 0 0.000034 fstat(19, {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0 0.000030 lseek(19, 0, SEEK_CUR) = -1 ESPIPE (Illegal seek) 0.000025 getsockname(19, {sa_family=AF_LOCAL, NULL}, [2]) = 0 0.000031 epoll_ctl(15, EPOLL_CTL_ADD, 19, {EPOLLIN|EPOLLPRI|EPOLLERR|EPOLLHUP, {u32=850618928, u64=140128453618224}}) = 0 0.000036 write(19, "VERSION\tauth-worker\t1\t0\nDBHASH\t5"..., 97) = -1 EPIPE (Broken pipe) 0.000030 --- SIGPIPE {si_signo=SIGPIPE, si_code=SI_USER, si_pid=17956, si_uid=108} --- 0.000016 epoll_wait(15, {{EPOLLIN|EPOLLHUP, {u32=850618928, u64=140128453618224}}}, 14, 12614) = 1 0.000031 read(19, "", 8192) = 0 0.000027 epoll_ctl(15, EPOLL_CTL_DEL, 19, 7fff77616870) = 0 0.000028 close(19) = 0 Any ideas what's wrong? The machine is running Debian. -- Edward. From mysql.jorge at decimal.pt Sun Jun 21 10:23:50 2015 From: mysql.jorge at decimal.pt (Jorge Bastos) Date: Sun, 21 Jun 2015 11:23:50 +0100 Subject: dovecot auth using 100% CPU In-Reply-To: <20150621094148.GA8593@4angle.com> References: <20150621094148.GA8593@4angle.com> Message-ID: <000301d0ac0c$5dc23ca0$1946b5e0$@jorge@decimal.pt> What do you see in the logs? My guess is that someone is trying a brute force auth against you, > -----Original Message----- > From: dovecot [mailto:dovecot-bounces at dovecot.org] On Behalf Of Edward > Betts > Sent: domingo, 21 de Junho de 2015 10:42 > To: dovecot at dovecot.org > Subject: dovecot auth using 100% CPU > > Every few days I find that dovecot auth is using all my CPU. > > This is from dovecot 2.2.13, I've just upgraded to 2.2.18 > > strace -r -p 17956 output: > > Process 17956 attached > 0.000000 lseek(19, 0, SEEK_CUR) = -1 ESPIPE (Illegal seek) > 0.000057 getsockname(19, {sa_family=AF_LOCAL, NULL}, [2]) = 0 > 0.000043 epoll_ctl(15, EPOLL_CTL_ADD, 19, > {EPOLLIN|EPOLLPRI|EPOLLERR|EPOLLHUP, {u32=850618928, > u64=140128453618224}}) = 0 > 0.000040 write(19, "VERSION\tauth-worker\t1\t0\nDBHASH\t5"..., 97) > = -1 EPIPE (Broken pipe) > 0.000035 --- SIGPIPE {si_signo=SIGPIPE, si_code=SI_USER, > si_pid=17956, si_uid=108} --- > 0.000020 epoll_wait(15, {{EPOLLIN|EPOLLHUP, {u32=850618928, > u64=140128453618224}}}, 14, 12614) = 1 > 0.000031 read(19, "", 8192) = 0 > 0.000026 epoll_ctl(15, EPOLL_CTL_DEL, 19, 7fff77616870) = 0 > 0.000027 close(19) = 0 > 0.000029 socket(PF_LOCAL, SOCK_STREAM, 0) = 19 > 0.000027 fcntl(19, F_GETFL) = 0x2 (flags O_RDWR) > 0.000028 fcntl(19, F_SETFL, O_RDWR|O_NONBLOCK) = 0 > 0.000029 connect(19, {sa_family=AF_LOCAL, sun_path="auth-worker"}, > 110) = 0 > 0.000033 fstat(19, {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0 > 0.000033 lseek(19, 0, SEEK_CUR) = -1 ESPIPE (Illegal seek) > 0.000026 getsockname(19, {sa_family=AF_LOCAL, NULL}, [2]) = 0 > 0.000030 epoll_ctl(15, EPOLL_CTL_ADD, 19, > {EPOLLIN|EPOLLPRI|EPOLLERR|EPOLLHUP, {u32=850618928, > u64=140128453618224}}) = 0 > 0.000035 write(19, "VERSION\tauth-worker\t1\t0\nDBHASH\t5"..., 97) > = -1 EPIPE (Broken pipe) > 0.000029 --- SIGPIPE {si_signo=SIGPIPE, si_code=SI_USER, > si_pid=17956, si_uid=108} --- > 0.000015 epoll_wait(15, {{EPOLLIN|EPOLLHUP, {u32=850618928, > u64=140128453618224}}}, 14, 12614) = 1 > 0.000031 read(19, "", 8192) = 0 > 0.000026 epoll_ctl(15, EPOLL_CTL_DEL, 19, 7fff77616870) = 0 > 0.000027 close(19) = 0 > 0.000028 socket(PF_LOCAL, SOCK_STREAM, 0) = 19 > 0.000036 fcntl(19, F_GETFL) = 0x2 (flags O_RDWR) > 0.000026 fcntl(19, F_SETFL, O_RDWR|O_NONBLOCK) = 0 > 0.000024 connect(19, {sa_family=AF_LOCAL, sun_path="auth-worker"}, > 110) = 0 > 0.000034 fstat(19, {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0 > 0.000030 lseek(19, 0, SEEK_CUR) = -1 ESPIPE (Illegal seek) > 0.000025 getsockname(19, {sa_family=AF_LOCAL, NULL}, [2]) = 0 > 0.000031 epoll_ctl(15, EPOLL_CTL_ADD, 19, > {EPOLLIN|EPOLLPRI|EPOLLERR|EPOLLHUP, {u32=850618928, > u64=140128453618224}}) = 0 > 0.000036 write(19, "VERSION\tauth-worker\t1\t0\nDBHASH\t5"..., 97) > = -1 EPIPE (Broken pipe) > 0.000030 --- SIGPIPE {si_signo=SIGPIPE, si_code=SI_USER, > si_pid=17956, si_uid=108} --- > 0.000016 epoll_wait(15, {{EPOLLIN|EPOLLHUP, {u32=850618928, > u64=140128453618224}}}, 14, 12614) = 1 > 0.000031 read(19, "", 8192) = 0 > 0.000027 epoll_ctl(15, EPOLL_CTL_DEL, 19, 7fff77616870) = 0 > 0.000028 close(19) = 0 > > Any ideas what's wrong? The machine is running Debian. > -- > Edward. From darix at opensu.se Sun Jun 21 10:26:36 2015 From: darix at opensu.se (Marcus Rueckert) Date: Sun, 21 Jun 2015 12:26:36 +0200 Subject: dovecot auth using 100% CPU In-Reply-To: <20150621094148.GA8593@4angle.com> References: <20150621094148.GA8593@4angle.com> Message-ID: <20150621102635.GP2722@nordisch.org> On 2015-06-21 10:41:48 +0100, Edward Betts wrote: > 0.000040 write(19, "VERSION\tauth-worker\t1\t0\nDBHASH\t5"..., 97) = -1 EPIPE (Broken pipe) > 0.000035 write(19, "VERSION\tauth-worker\t1\t0\nDBHASH\t5"..., 97) = -1 EPIPE (Broken pipe) something is fishy in your setup darix -- openSUSE - SUSE Linux is my linux openSUSE is good for you www.opensuse.org From wogri at wogri.com Sun Jun 21 19:05:25 2015 From: wogri at wogri.com (Wolfgang Hennerbichler) Date: Sun, 21 Jun 2015 21:05:25 +0200 Subject: Duplicate mails with pop3 + dsync replication In-Reply-To: References: Message-ID: FWIW I just tried the sdbox mailbox format for a singe user (not the whole installation) by overriding the mail-userattr via ldap and the problem persists, so I don?t think it?s an issue with maildir per se, but rather a pop3 / replication issue or a misconfiguration on my side. Wolfgang > On 20 Jun 2015, at 22:29, Wolfgang Hennerbichler wrote: > > Hi, > > When I enable (and it only happens when it is actually running) replication over TCP my users get duplicate mails via pop3. > Here?s what happens: > > * User gets mail > * Mail appears in (Maildir) new/ folder on both replicas > * user retrieves mail (retr), calls dele. Mail still exists in new/ folder on both replicas. > * user runs retr (and gets the duplicate) and dele a second time, the mail is actually removed. > If I disable replication this behaviour goes away. > I use dovecot from debian stable resources. > Any help would _really_ be appreciated. I found one german thread that dealt with the same problem, but no solution for it (http://www.dovecot-buch.de/mailingliste/pop3-fehler-bei-delete-und-dsync-replikation/) > > wogri > > # dovecot --version > 2.2.13 > > # dovecot -n > # 2.2.13: /etc/dovecot/dovecot.conf > # OS: Linux 3.16.0-4-amd64 x86_64 Debian 8.0 ext4 > auth_verbose = yes > doveadm_password = XXX > first_valid_gid = 113 > first_valid_uid = 108 > last_valid_gid = 113 > last_valid_uid = 108 > mail_gid = dovecot > mail_location = maildir:/var/mail/%n > mail_plugins = quota fts fts_lucene virtual notify replication > mail_temp_dir = /var/lib/dovecot/tmp > mail_uid = dovecot > namespace { > list = children > location = virtual:/var/mail/%n/virtual > prefix = virtual. > separator = . > } > namespace inbox { > inbox = yes > list = yes > location = > mailbox "Deleted Messages" { > auto = subscribe > special_use = \Trash > } > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > auto = no > special_use = \Sent > } > mailbox Spam { > auto = subscribe > special_use = \Junk > } [48/4646] > mailbox Trash { > special_use = \Trash > } > prefix = > separator = . > subscriptions = yes > type = private > } > passdb { > args = /etc/dovecot/dovecot-ldap.conf.ext > driver = ldap > } > plugin { > default_language = de > fts = lucene > fts_lucene = whitespace_chars=@. > mail_replica = tcp:172.16.1.1:12345 > quota = maildir:User quota > quota_rule = *:storage=4G > quota_rule2 = Trash:storage=+100M > quota_rule3 = Spam:ignore > quota_warning = storage=95%% quota-warning 95 %u > quota_warning2 = storage=80%% quota-warning 80 %u > sieve = /etc/sieve/%n.sieve > sieve_default = /etc/sieve/default.sieve > sieve_dir = ~/sieve > sieve_extensions = +editheader > } > postmaster_address = postmaster at wogri.at > protocols = " imap lmtp pop3" > service aggregator { > fifo_listener replication-notify-fifo { > user = dovecot > } > unix_listener replication-notify { > user = dovecot > } > } > service doveadm { > inet_listener { > port = 12345 > } > } > service imap { > process_limit = 1024 > } > } > service lmtp { > inet_listener lmtp { > address = 127.0.0.1 > port = 2003 > } > user = dovecot > } > service managesieve-login { > inet_listener sieve { > port = 4190 > } > service_count = 1 > } > service pop3 { > process_limit = 1024 > } > service quota-warning { > executable = script /usr/local/sbin/quota-warning.sh > unix_listener quota-warning { > user = dovecot > } > user = dovecot > } > service replicator { > process_min_avail = 1 > unix_listener replicator-doveadm { > mode = 0600 > } > } > ssl = required > ssl_cert = ssl_key = userdb { > args = /etc/dovecot/dovecot-ldap.conf.ext > driver = ldap > } > protocol lmtp { > mail_plugins = quota sieve virtual notify replication > } > protocol lda { > mail_plugins = quota fts fts_lucene virtual notify replication sieve > } > protocol imap { > mail_max_userip_connections = 50 > mail_plugins = quota fts fts_lucene virtual notify replication imap_quota > } > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4127 bytes Desc: not available URL: From skdovecot at smail.inf.fh-brs.de Mon Jun 22 06:18:35 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Mon, 22 Jun 2015 08:18:35 +0200 (CEST) Subject: how do I conceptualize system & virtual users? In-Reply-To: <5584314B.3060600@yahoo.co.uk> References: <5584143D.40606@yahoo.co.uk> <5584314B.3060600@yahoo.co.uk> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 19 Jun 2015, lejeczek wrote: > On 19/06/15 15:13, Mauricio Tavares wrote: >> On Jun 19, 2015 9:08 AM, "lejeczek" wrote: >>> I guess this would be a common case, I am hoping for some final >> clarification. >>> a few Linux boxes share ldap (multi-master) backend that PAM/SSSD uses to >> authenticated users, and these LDAPs are also is used by Samba, users start >> @ uid 1000. >>> Boxes are in the same both DNS and Samba domains. >>> >>> Do I treat these users as system or virtual users from postfix/dovecot >> perspective? >>> If it can be a matter of choice then which is better/best? >>> >> I would make them virtual users. This way you can abstract and scale >> things up. Also your normal users then would not need to have access to >> your mail servers; they only access the services. >> >>> many thanks. > it can be a tricky for beginner to define those, in old days when one said > system users thought of OS dedicated accounts for daemons/services etc. > In this team of postfix+dovecot, which one decides whether user is > canonical/system or virtual? Optimally installed, Dovecot provides the user information for Postfix. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVYeou3z1H7kL/d9rAQIYqQgAy3FuDLPOn0jvmk6Iua31gSLlL40ghAwB TxBCVQGsjrnvQF3k3hXtSwopsR9A6jA0ccbUiqHWA7SBUlCHG+ijgOMneEmuaVKa 9bUavKU7SFfRMnCt4VcoSoEodB5g3e7INQyE8dxZ9bWwsshpuHaD/0YUajUtc8/Q ewhq7U+UGW/VoVCOvJ7SYl9uZ5o8VMZacbngHHA6xN0soeoi+kFCkUjM5iMVWIOw UzitYvHUCT5TxVtmGF3ynYFtByXzw7dKAoNc0KFZUs5z9h2kBxBhFuCti1tHz9I6 73bPdulAnc/NMgd9HYCpK662mqRsYK406Cbmfqb/1x7Rjm1PmoDYXA== =IogP -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Mon Jun 22 06:39:04 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Mon, 22 Jun 2015 08:39:04 +0200 (CEST) Subject: setting quota through IMAP In-Reply-To: <55846671.8030306@univention.de> References: <5583E213.8040808@univention.de> <55846671.8030306@univention.de> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 19 Jun 2015, Daniel Tr?der wrote: > Am 19.06.2015 um 16:16 schrieb Steffen Kaiser: >> On Fri, 19 Jun 2015, Daniel Tr?der wrote: >> >>> I'd like to set the quota of a user through the IMAP protocol. I use >>> Pythons imaplib: >> >>> imap.setquota("test1m at uni.dtr", "(storage 8192)") >>> ('NO', ['Quota can be changed only by admin.']) >> >>> So... which user is the "admin" user in a virtual user setting (passwd: >>> PAM, userdb: LDAP)? >> >> You can't. Use a LDAP-Library to change the values in the UserDB >> directly, not via IMAP. > Sure - I do anyway - this was just for a test-case I was writing. > I'm curious though: in which scenario / IMAP-server does this work? > Maybe in a setting with a root (uid=0) email user? Or with Cyrus (which > has a admin user)? Oh, it seems that Dictionary quota http://wiki2.dovecot.org/Quota/Dict handles SETQUOTA. This implementation does not support usual UserDBs, though. The admin-status is described here: http://wiki2.dovecot.org/Quota/Configuration?highlight=%28admin%3D%29 - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVYetiXz1H7kL/d9rAQJlaAf/YXko3mn7Y2XMztMAgdV0oGHbjJHjQba/ 4IvLuQTsqsXiH9j7Hy/KysNEEFZMowA5MNJ9Ijg2d7Jn/Gd3vqSC55fV7I1QA0Sc 3tpsB1MIceOjIVUUnUzppABoU8qB7INCuSfaofAkeGpLdY9Kh7RELkTZhmjKsL8/ 6gR80nC6yYASltuhGY+gJjX9nSfsw/aRbpLfzzTt4sWJ6iM4XEawHvrAAxbb/kWF gBqfaWo305QwPsB61OhzUN4OiIjXkK149frRKHGZQDG2xY/X+bmU4eEvANIDdZz3 rzdODCxtX+YAWZW9OEEWStGDeiIX3Ovj5uWPBtrYoIUO527qVhqqNg== =pLuM -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Mon Jun 22 06:48:27 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Mon, 22 Jun 2015 08:48:27 +0200 (CEST) Subject: [Dovecot] question about /var/mail/xxx In-Reply-To: <55844302.4060503@free.fr> References: <5583B6B4.5080807@free.fr> <55844302.4060503@free.fr> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 19 Jun 2015, Mickael Choisnard wrote: > Le 19/06/2015 09:04, Steffen Kaiser a ?crit : >> On Fri, 19 Jun 2015, Mickael Choisnard wrote: >>> I need your help to use dovecot with sendmail >>> I use a fresh debian 8 jessie and i installed sendmail and dovecot 2. >>> Sendmail works fine. >>> >>> All mails go to /var/mail/xxx >>> >>> this is problem for dovecot. dovecot cannot get it. >>> >>> # 2.2.13: /etc/dovecot/dovecot.conf >>> # OS: Linux 3.16.0-4-amd64 x86_64 Debian 8.1 >>> auth_mechanisms = plain login >>> auth_verbose = yes >>> auth_verbose_passwords = yes >>> disable_plaintext_auth = no >>> first_valid_uid = 116 >>> last_valid_uid = 116 >>> log_path = /var/log/dovecot.log >>> mail_home = /srv/mail/%u >>> mail_location = mbox:~/mail:INBOX=/var/mail/%u >>> mail_privileged_group = mail >>> namespace inbox { >>> inbox = yes >>> location = >>> mailbox Drafts { >>> special_use = \Drafts >>> } >>> mailbox Junk { >>> special_use = \Junk >>> } >>> mailbox Sent { >>> special_use = \Sent >>> } >>> mailbox "Sent Messages" { >>> special_use = \Sent >>> } >>> mailbox Trash { >>> special_use = \Trash >>> } >>> prefix = >>> } >>> passdb { >>> args = scheme=SHA-CRYPT /etc/dovecot/users >>> driver = passwd-file >>> } >>> postmaster_address = root at arpagon >>> protocols = " imap pop3" >>> service auth { >>> unix_listener auth-userdb { >>> group = vmail >>> user = vmail >>> } >>> } >>> ssl = no >>> userdb { >>> args = uid=vmail gid=vmail home=/srv/vmail/%d/%n >>> driver = static >>> } >>> >>> cat /var/log/dovecot.log >>> >>> Jun 19 08:14:18 imap-login: Info: Login: user=, method=PLAIN, >>> rip=10.11.12.30, lip=88.179.182.93, mpid=18799, session= >>> Jun 19 08:14:18 imap(mc110771): Info: Disconnected: Logged out in=8 >>> out=395 >>> Jun 19 08:14:26 imap-login: Info: Login: user=, method=PLAIN, >>> rip=10.11.12.30, lip=88.179.182.93, mpid=18801, session= >>> Jun 19 08:14:26 imap-login: Info: Login: user=, method=PLAIN, >>> rip=10.11.12.30, lip=88.179.182.93, mpid=18803, session= >>> Jun 19 08:14:26 imap(mc120771): Error: open() failed with mbox file >>> /var/mail/mc120771: Permission denied >> >> what permissions have these files? > -rw-rw---- mc120771 mail > I'm in the configuration like this > http://wiki2.dovecot.org/MailLocation/mbox > I use "mail_privileged_group = mail" whithout success hmm: 1) # Group to enable temporarily for privileged operations. Currently this is # used only with INBOX when either its initial creation or dotlocking fails. # Typically this is set to "mail" to give access to /var/mail. #mail_privileged_group = # Grant access to these supplementary groups for mail processes. Typically # these are used to set up access to shared mailboxes. Note that it may be # dangerous to set these if users can create symlinks (e.g. if "mail" group is # set here, ln -s /var/mail ~/mail/var could allow a user to delete others' # mailboxes, or ln -s /secret/shared/box ~/mail/mybox would allow reading it). #mail_access_groups = IMHO, you need to set both settings, see the difference in the explanation. 2) Check out the last paragraphe on: http://wiki2.dovecot.org/WhyDoesItNotWork?highlight=%28SELinux%29 - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVYevu3z1H7kL/d9rAQKnNwf/UJAQ4Z/G8vEeXp205sm889VFu2Xtmw1j moR3rE8vQ0aFnyUcW/mZVcdAkhJD4qdTnJqvw568oSnaUNBmfS49QAQ8laYwsUke Y0DYkU0kHtQebwOPI0FptXHdtjzqOvq2AcElxvPFTEyHBU5Y1RbUxHZ8XqEQcJl+ cDGfU0wO2CDlimYw8ahtFkKPX+2Q2sGWZnkRUj1eFhF1QN3kA5/TENFRWahwxAte BcgyBXH2W6gNJMuRs/71skwpL5/El+Ws6fGSTUPNxxx7dg1fgpbxbqXRyfGG5vaY iFP/Admv3LeLtEF731HtPmA6HIO9FoamFfYRmor4S5tFIMi57xiuQQ== =l30L -----END PGP SIGNATURE----- From wogri at wogri.com Mon Jun 22 06:49:11 2015 From: wogri at wogri.com (Wolfgang Hennerbichler) Date: Mon, 22 Jun 2015 08:49:11 +0200 Subject: Duplicate mails with pop3 + dsync replication In-Reply-To: References: Message-ID: <7D04A2F7-D467-4A80-B64B-7B3FC8C76CB7@wogri.com> It turns out that if I enable this option: pop3_deleted_flag = "$POP3Deleted? The issue no longer persists. I have to manually expunge the kept mails that have been deleted via pop3 though: doveadm expunge mailbox INBOX KEYWORD '$POP3Deleted' -A Wolfgang > On 21 Jun 2015, at 21:05, Wolfgang Hennerbichler wrote: > > FWIW I just tried the sdbox mailbox format for a singe user (not the whole installation) by overriding the mail-userattr via ldap and the problem persists, so I don?t think it?s an issue with maildir per se, but rather a pop3 / replication issue or a misconfiguration on my side. > > Wolfgang > >> On 20 Jun 2015, at 22:29, Wolfgang Hennerbichler wrote: >> >> Hi, >> >> When I enable (and it only happens when it is actually running) replication over TCP my users get duplicate mails via pop3. >> Here?s what happens: >> >> * User gets mail >> * Mail appears in (Maildir) new/ folder on both replicas >> * user retrieves mail (retr), calls dele. Mail still exists in new/ folder on both replicas. >> * user runs retr (and gets the duplicate) and dele a second time, the mail is actually removed. >> If I disable replication this behaviour goes away. >> I use dovecot from debian stable resources. >> Any help would _really_ be appreciated. I found one german thread that dealt with the same problem, but no solution for it (http://www.dovecot-buch.de/mailingliste/pop3-fehler-bei-delete-und-dsync-replikation/) >> >> wogri >> >> # dovecot --version >> 2.2.13 >> >> # dovecot -n >> # 2.2.13: /etc/dovecot/dovecot.conf >> # OS: Linux 3.16.0-4-amd64 x86_64 Debian 8.0 ext4 >> auth_verbose = yes >> doveadm_password = XXX >> first_valid_gid = 113 >> first_valid_uid = 108 >> last_valid_gid = 113 >> last_valid_uid = 108 >> mail_gid = dovecot >> mail_location = maildir:/var/mail/%n >> mail_plugins = quota fts fts_lucene virtual notify replication >> mail_temp_dir = /var/lib/dovecot/tmp >> mail_uid = dovecot >> namespace { >> list = children >> location = virtual:/var/mail/%n/virtual >> prefix = virtual. >> separator = . >> } >> namespace inbox { >> inbox = yes >> list = yes >> location = >> mailbox "Deleted Messages" { >> auto = subscribe >> special_use = \Trash >> } >> mailbox Drafts { >> special_use = \Drafts >> } >> mailbox Junk { >> special_use = \Junk >> } >> mailbox Sent { >> special_use = \Sent >> } >> mailbox "Sent Messages" { >> auto = no >> special_use = \Sent >> } >> mailbox Spam { >> auto = subscribe >> special_use = \Junk >> } [48/4646] >> mailbox Trash { >> special_use = \Trash >> } >> prefix = >> separator = . >> subscriptions = yes >> type = private >> } >> passdb { >> args = /etc/dovecot/dovecot-ldap.conf.ext >> driver = ldap >> } >> plugin { >> default_language = de >> fts = lucene >> fts_lucene = whitespace_chars=@. >> mail_replica = tcp:172.16.1.1:12345 >> quota = maildir:User quota >> quota_rule = *:storage=4G >> quota_rule2 = Trash:storage=+100M >> quota_rule3 = Spam:ignore >> quota_warning = storage=95%% quota-warning 95 %u >> quota_warning2 = storage=80%% quota-warning 80 %u >> sieve = /etc/sieve/%n.sieve >> sieve_default = /etc/sieve/default.sieve >> sieve_dir = ~/sieve >> sieve_extensions = +editheader >> } >> postmaster_address = postmaster at wogri.at >> protocols = " imap lmtp pop3" >> service aggregator { >> fifo_listener replication-notify-fifo { >> user = dovecot >> } >> unix_listener replication-notify { >> user = dovecot >> } >> } >> service doveadm { >> inet_listener { >> port = 12345 >> } >> } >> service imap { >> process_limit = 1024 >> } >> } >> service lmtp { >> inet_listener lmtp { >> address = 127.0.0.1 >> port = 2003 >> } >> user = dovecot >> } >> service managesieve-login { >> inet_listener sieve { >> port = 4190 >> } >> service_count = 1 >> } >> service pop3 { >> process_limit = 1024 >> } >> service quota-warning { >> executable = script /usr/local/sbin/quota-warning.sh >> unix_listener quota-warning { >> user = dovecot >> } >> user = dovecot >> } >> service replicator { >> process_min_avail = 1 >> unix_listener replicator-doveadm { >> mode = 0600 >> } >> } >> ssl = required >> ssl_cert = > ssl_key = > userdb { >> args = /etc/dovecot/dovecot-ldap.conf.ext >> driver = ldap >> } >> protocol lmtp { >> mail_plugins = quota sieve virtual notify replication >> } >> protocol lda { >> mail_plugins = quota fts fts_lucene virtual notify replication sieve >> } >> protocol imap { >> mail_max_userip_connections = 50 >> mail_plugins = quota fts fts_lucene virtual notify replication imap_quota >> } >> > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4127 bytes Desc: not available URL: From skdovecot at smail.inf.fh-brs.de Mon Jun 22 06:52:36 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Mon, 22 Jun 2015 08:52:36 +0200 (CEST) Subject: help with t/s retrieval 'hangs' disconnect for inactivity In-Reply-To: <51a80fc6a64c1ca6c6de8b7bd450354c.squirrel@sbt.net.au> References: <7140d3928c15e7d2b671017c76677d9c.squirrel@sbt.net.au> <51a80fc6a64c1ca6c6de8b7bd450354c.squirrel@sbt.net.au> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sat, 20 Jun 2015, voytek at sbt.net.au wrote: > On Fri, June 19, 2015 5:02 pm, Steffen Kaiser wrote: > >>> Jun 19 11:28:31 pop3(it at aaaa.com.au): Info: Disconnected for inactivity >>> in reading our output top=0/0, retr=1/0, del=0/56, size=6562805 Jun 19 >>> 11:29:20 pop3(it at aaa.com.au): Info: Connection closed top=0/0, >>> retr=1/0, del=0/56, size=6562805 >> >> verify that the TCP connection is working using wireshark or similiar >> tool. Maybe a firewall on your side cuts the connection? > > it seems it was some issue with "abnormal long time reponse from some Thai > gateways", as reported back by o/s user > > is there some system where such issues are reported ? I vaguely recall > being shown something like that in the past? if you find such place, post it here, please :-) - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVYewtHz1H7kL/d9rAQKLVwgAlypXmXGP6WENfxgzqg+a6L87yJeVcvM5 cSm4LxkzR2rrFRAm172CHXvZwS05Jdr4x9OG2L9J5zNrVReIQBvc3A3bPxFU6lSb KZwVdGDD8f/T04d5+aXIj6nh8Nc3t5sGFPXJwlra+9trGtxiziGDT79qbjPTCaOL ruhkA6IGROfFwDi81vH69389964LRcvGSOBbp7UufffpaNRdi70rR1FASzJJGiE7 IgnBhhdaUIaTQdkFSBKIvYPvwYvJT2uSJjoyv7LWYGYD3qQk8FmK8o99f9tFeLN+ I2xGRN7hgvpDR5fpHT5uqWHXxmstZmneKij6rWqV1lXioMyGhol7bw== =r44C -----END PGP SIGNATURE----- From azurit at pobox.sk Mon Jun 22 07:35:38 2015 From: azurit at pobox.sk (azurIt) Date: Mon, 22 Jun 2015 09:35:38 +0200 Subject: =?utf-8?q?=5BBUG=5D_Mailbox_aliases_problem?= In-Reply-To: <20150616103741.9F4D64A0@pobox.sk> References: <20150616103741.9F4D64A0@pobox.sk> Message-ID: <20150622093538.3081DCF6@pobox.sk> As no one was able to advice anything, i believe this is a bug. Can anyone confirm it? azur > Od: azurIt > Komu: > D?tum: 16.06.2015 10:38 > Predmet: Mailbox aliases problem > >Hi, > >i'm trying to implement malbox aliases but it's not fully working as i expected. This is my configuration: > >mail_plugins = acl mailbox_alias >plugin { > mailbox_alias_old = INBOX/Odoslane > mailbox_alias_new = INBOX/SentTest >} > > >That 'INBOX/' must be there because of this (we were moving from Courier IMAP): > >namespace inbox { > type = private > prefix = INBOX/ > separator = / > inbox = yes > list = yes >} > > >All of this is working fine, if i create folder SentTest, the link to folder Odoslane is correctly created on filesystem. The problem is that folder SentTest is invisible even after creation: > >1 CREATE "INBOX/SentTest" >1 OK Create completed. > >2 LIST "" "*" > >2 OK List completed. > >3 LIST "INBOX/SentTest" "*" >3 OK List completed. > >4 LIST "INBOX/Odoslane" "*" >4 LIST (\HasNoChildren \Sent) "/" INBOX/Odoslane >4 OK List completed. > >5 CREATE "INBOX/SentTest" >5 NO [ALREADYEXISTS] Mailbox already exists > >6 DELETE "INBOX/SentTest" >6 OK Delete completed. > > >None of the e-mail clients i tried can see the folder. I'm using Dovecot 2.2.13 from Debian Wheezy (wheezy-backports). Any hints? > >azur > From axos88 at gmail.com Mon Jun 22 08:12:32 2015 From: axos88 at gmail.com (Akos Vandra) Date: Mon, 22 Jun 2015 10:12:32 +0200 Subject: Quota SQL separate queries? Message-ID: Hello, We are trying to enforce per-domain quotas. Currently my quota-sql.conf looks like this: connect = host=/var/run/postgresql dbname=mail user=mailreader map { pattern = priv/quota/storage table = quota username_field = username value_field = bytes } map { pattern = priv/quota/messages table = quota username_field = username value_field = messages } With quota = dict:Domain:%d:proxy::sqlquota This works with a trigger by updating and , however I am unable to show the administrators a list of which of their users are using the most space. That is to be purely informative, and is not to be enforced. I would appreciate if there was a documented way to specify exact SQL queries to run for inserting, updating and selecting from the quota storage, something like this: -- CREATE VIEW quota_domain AS SELECT domain, sum(bytes), sum(messages) FROM quotas GROUP BY domain INSERT/UPDATE INTO quotas(username, domain, bytes, messages) SELECT bytes, messages from quota_domain WHERE domain = %d Is there such a possibility? If not, can you suggest a workaround to have a list of per-user quota usages as well as enforced per-domain quotas? Thanks, Akos Vandra From peljasz at yahoo.co.uk Mon Jun 22 08:16:42 2015 From: peljasz at yahoo.co.uk (lejeczek) Date: Mon, 22 Jun 2015 09:16:42 +0100 Subject: a temporary failure Message-ID: <5587C46A.2040604@yahoo.co.uk> dear all I have a postfix relaying to dovecot's lda but "strangely" it does not work, I mean I imaging it's me doing something wrong, yet I cannot figure out what. postfix logs: to=,orig_to=, relay=dovecot, delay=39296, delays=39294/2.2/0/0.27, dsn=4.3.0, status=deferred (temporary failure) and dovecot logs no error, despite having debug to yes in couple of places, it shows: auth: Debug: master in: USER 1 me at my.domain service=lda auth-worker(25343): Debug: passwd(me at my.domain): lookup auth-worker(25343): passwd(me at my.domain): unknown user auth: Debug: ldap(me at my.domain): user search: base=ou=People,dc=my,dc=domain scope=subtree filter=(&(objectClass=person)(uid=me)) fields= auth: Debug: ldap(me at my.domain): result: objectClass=top,top,top,top, ... here goes the whole lot of ldap atrribs, and at the end: unused. For passdb & userdb in the configs I only configure ldap backed, nothing else. Ldap works, I can query it without failling. I believe it's very simple set up but I must be wrong somewhere. pass_filter = (&(objectClass=posixAccount)(uid=%n)) pass_attrs = uid=user=%n,userPassword=password user_attrs = =home=/var/spool/mail/%d/%n,=mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n user_filter = (&(objectClass=person)(uid=%n)) Any suggestions very appreciated. thanks From peljasz at yahoo.co.uk Mon Jun 22 08:30:31 2015 From: peljasz at yahoo.co.uk (lejeczek) Date: Mon, 22 Jun 2015 09:30:31 +0100 Subject: a temporary failure In-Reply-To: <5587C46A.2040604@yahoo.co.uk> References: <5587C46A.2040604@yahoo.co.uk> Message-ID: <5587C7A7.8090902@yahoo.co.uk> On 22/06/15 09:16, lejeczek wrote: > > dear all > > I have a postfix relaying to dovecot's lda but "strangely" > it does not work, I mean I imaging it's me doing something > wrong, yet I cannot figure out what. > > postfix logs: > > to=,orig_to=, relay=dovecot, > delay=39296, delays=39294/2.2/0/0.27, dsn=4.3.0, > status=deferred (temporary failure) > > and dovecot logs no error, despite having debug to yes in > couple of places, > it shows: > > auth: Debug: master in: USER 1 me at my.domain > service=lda > auth-worker(25343): Debug: passwd(me at my.domain): lookup > auth-worker(25343): passwd(me at my.domain): unknown user > auth: Debug: ldap(me at my.domain): user search: > base=ou=People,dc=my,dc=domain scope=subtree > filter=(&(objectClass=person)(uid=me)) fields= > auth: Debug: ldap(me at my.domain): result: > objectClass=top,top,top,top, > > ... here goes the whole lot of ldap atrribs, and at the end: > > unused. > > For passdb & userdb in the configs I only configure ldap > backed, nothing else. Ldap works, I can query it without > failling. > I believe it's very simple set up but I must be wrong > somewhere. > > > pass_filter = (&(objectClass=posixAccount)(uid=%n)) > pass_attrs = uid=user=%n,userPassword=password > > user_attrs = > =home=/var/spool/mail/%d/%n,=mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n > user_filter = (&(objectClass=person)(uid=%n)) > > Any suggestions very appreciated. > thanks > even stranger, if I use(along with ldap in configs): userdb { driver = static args = uid=vmail gid=mail home=/var/spool/mail/%d/%n mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n sieve_storage=/var/spool/mail/%d/%n/SIEVE sieve=/var/spool/mail/%d/%n/dovecot.sieve } dovecot start to core dump: auth: Fatal: master: service(auth): child 9188 killed with signal 11 (core dumped) From skdovecot at smail.inf.fh-brs.de Mon Jun 22 08:43:12 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Mon, 22 Jun 2015 10:43:12 +0200 (CEST) Subject: a temporary failure In-Reply-To: <5587C7A7.8090902@yahoo.co.uk> References: <5587C46A.2040604@yahoo.co.uk> <5587C7A7.8090902@yahoo.co.uk> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 22 Jun 2015, lejeczek wrote: > On 22/06/15 09:16, lejeczek wrote: >> >> to=,orig_to=, relay=dovecot, delay=39296, >> delays=39294/2.2/0/0.27, dsn=4.3.0, status=deferred (temporary failure) >> >> and dovecot logs no error, despite having debug to yes in couple of places, >> it shows: >> >> auth: Debug: master in: USER 1 me at my.domain service=lda >> auth-worker(25343): Debug: passwd(me at my.domain): lookup >> auth-worker(25343): passwd(me at my.domain): unknown user >> auth: Debug: ldap(me at my.domain): user search: >> base=ou=People,dc=my,dc=domain scope=subtree >> filter=(&(objectClass=person)(uid=me)) fields= >> auth: Debug: ldap(me at my.domain): result: objectClass=top,top,top,top, >> >> ... here goes the whole lot of ldap atrribs, and at the end: >> >> unused. >> >> For passdb & userdb in the configs I only configure ldap backed, nothing >> else. Ldap works, I can query it without failling. >> I believe it's very simple set up but I must be wrong somewhere. >> >> pass_filter = (&(objectClass=posixAccount)(uid=%n)) >> pass_attrs = uid=user=%n,userPassword=password Use either uid=user oder =user=%n but not uid=user=%n. I would use uid=user, so the user cannot specify the case of the username. >> user_attrs = >> =home=/var/spool/mail/%d/%n,=mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n >> user_filter = (&(objectClass=person)(uid=%n)) >> > even stranger, if I use(along with ldap in configs): Please post: complete doveconf -n and the complete LDAP config being referenced by the config. > userdb { > driver = static > args = uid=vmail gid=mail home=/var/spool/mail/%d/%n > mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n > sieve_storage=/var/spool/mail/%d/%n/SIEVE > sieve=/var/spool/mail/%d/%n/dovecot.sieve > } > > dovecot start to core dump: > > auth: Fatal: master: service(auth): child 9188 killed with signal 11 (core > dumped) > - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVYfKoHz1H7kL/d9rAQLhsQgAkwOcfTIoH/NiIXHL+IJcUjzHBpFsQJeT lXdN5XIfyXgZdpzmObXG606ON5Y5higyfR1kby3bLxlvkioyAt4WqWHcTw7XLrwo e5zz9774M7dlnZN+CpY0WAHcyllZeodaD5jVruXzS2JAZmShL8vAV1AIC2QKOtwL h4Z5y0ZYTA4bwD7J6pwZ18kaF3pV9lD6uHiFE0DTq8TupUjp0gV0wLOMKkcetsD2 kpWPvz8CGlc2LBDJTEHVdw1of7/VVIRIJKSqX3mzizWMf+DLy6fAJRue4S1o3cT8 m+4PM48B50ycGQXW1U3dJ9ERAgg21sS0kmUBbuuKnC8BWacsdSFUaA== =QCeP -----END PGP SIGNATURE----- From peljasz at yahoo.co.uk Mon Jun 22 09:05:54 2015 From: peljasz at yahoo.co.uk (lejeczek) Date: Mon, 22 Jun 2015 10:05:54 +0100 Subject: a temporary failure In-Reply-To: <5587C46A.2040604@yahoo.co.uk> References: <5587C46A.2040604@yahoo.co.uk> Message-ID: <5587CFF2.7030305@yahoo.co.uk> On 22/06/15 09:16, lejeczek wrote: > > dear all > > I have a postfix relaying to dovecot's lda but "strangely" > it does not work, I mean I imaging it's me doing something > wrong, yet I cannot figure out what. > > postfix logs: > > to=,orig_to=, relay=dovecot, > delay=39296, delays=39294/2.2/0/0.27, dsn=4.3.0, > status=deferred (temporary failure) > > and dovecot logs no error, despite having debug to yes in > couple of places, > it shows: > > auth: Debug: master in: USER 1 me at my.domain > service=lda > auth-worker(25343): Debug: passwd(me at my.domain): lookup > auth-worker(25343): passwd(me at my.domain): unknown user > auth: Debug: ldap(me at my.domain): user search: > base=ou=People,dc=my,dc=domain scope=subtree > filter=(&(objectClass=person)(uid=me)) fields= > auth: Debug: ldap(me at my.domain): result: > objectClass=top,top,top,top, > > ... here goes the whole lot of ldap atrribs, and at the end: > > unused. > > For passdb & userdb in the configs I only configure ldap > backed, nothing else. Ldap works, I can query it without > failling. > I believe it's very simple set up but I must be wrong > somewhere. > > > pass_filter = (&(objectClass=posixAccount)(uid=%n)) > pass_attrs = uid=user=%n,userPassword=password > > user_attrs = > =home=/var/spool/mail/%d/%n,=mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n > user_filter = (&(objectClass=person)(uid=%n)) > > Any suggestions very appreciated. > thanks > I wonder could there be some kind of collision between user/passdbs, even though I do not configure anything but ldap, when I do: #doveadm user me me at my.domain field value uid 1177 gid 513 home /home/me mail maildir:/var/spool/mail/my.domain/me/Maildir system_groups_user me uid vmail gid home /var/spool/mail/my.domain/me mail maildir:/var/spool/mail/my.domain/me/Maildir:INDEX=/var/spool/mail/my.domain/me:CONTROL=/var/spool/mail/my.domain/me I understand that it's dovecot trying something else than just ldap? Or not a collision, and these would be two separate, different users? From peljasz at yahoo.co.uk Mon Jun 22 09:15:33 2015 From: peljasz at yahoo.co.uk (lejeczek) Date: Mon, 22 Jun 2015 10:15:33 +0100 Subject: a temporary failure In-Reply-To: References: <5587C46A.2040604@yahoo.co.uk> <5587C7A7.8090902@yahoo.co.uk> Message-ID: <5587D235.20709@yahoo.co.uk> On 22/06/15 09:43, Steffen Kaiser wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Mon, 22 Jun 2015, lejeczek wrote: >> On 22/06/15 09:16, lejeczek wrote: >>> >>> to=,orig_to=, >>> relay=dovecot, delay=39296, delays=39294/2.2/0/0.27, >>> dsn=4.3.0, status=deferred (temporary failure) >>> >>> and dovecot logs no error, despite having debug to yes >>> in couple of places, >>> it shows: >>> >>> auth: Debug: master in: USER 1 me at my.domain >>> service=lda >>> auth-worker(25343): Debug: passwd(me at my.domain): lookup >>> auth-worker(25343): passwd(me at my.domain): unknown user >>> auth: Debug: ldap(me at my.domain): user search: >>> base=ou=People,dc=my,dc=domain scope=subtree >>> filter=(&(objectClass=person)(uid=me)) fields= >>> auth: Debug: ldap(me at my.domain): result: >>> objectClass=top,top,top,top, >>> >>> ... here goes the whole lot of ldap atrribs, and at the >>> end: >>> >>> unused. >>> >>> For passdb & userdb in the configs I only configure ldap >>> backed, nothing else. Ldap works, I can query it without >>> failling. >>> I believe it's very simple set up but I must be wrong >>> somewhere. >>> >>> pass_filter = (&(objectClass=posixAccount)(uid=%n)) >>> pass_attrs = uid=user=%n,userPassword=password > > Use either uid=user oder =user=%n but not uid=user=%n. I > would use uid=user, so the user cannot specify the case of > the username. > >>> user_attrs = >>> =home=/var/spool/mail/%d/%n,=mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n >>> user_filter = (&(objectClass=person)(uid=%n)) >>> >> even stranger, if I use(along with ldap in configs): > > Please post: > > complete doveconf -n > and the complete LDAP config being referenced by the config. > >> userdb { >> driver = static >> args = uid=vmail gid=mail home=/var/spool/mail/%d/%n >> mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n >> sieve_storage=/var/spool/mail/%d/%n/SIEVE >> sieve=/var/spool/mail/%d/%n/dovecot.sieve >> } >> >> dovecot start to core dump: >> >> auth: Fatal: master: service(auth): child 9188 killed >> with signal 11 (core dumped) >> > > - -- Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iQEVAwUBVYfKoHz1H7kL/d9rAQLhsQgAkwOcfTIoH/NiIXHL+IJcUjzHBpFsQJeT > > lXdN5XIfyXgZdpzmObXG606ON5Y5higyfR1kby3bLxlvkioyAt4WqWHcTw7XLrwo > > e5zz9774M7dlnZN+CpY0WAHcyllZeodaD5jVruXzS2JAZmShL8vAV1AIC2QKOtwL > > h4Z5y0ZYTA4bwD7J6pwZ18kaF3pV9lD6uHiFE0DTq8TupUjp0gV0wLOMKkcetsD2 > > kpWPvz8CGlc2LBDJTEHVdw1of7/VVIRIJKSqX3mzizWMf+DLy6fAJRue4S1o3cT8 > > m+4PM48B50ycGQXW1U3dJ9ERAgg21sS0kmUBbuuKnC8BWacsdSFUaA== > =QCeP > -----END PGP SIGNATURE----- > auth_debug = yes auth_mechanisms = login auth_verbose = yes first_valid_uid = 999 mail_debug = yes mail_location = maildir:/var/spool/mail/my.domain/%u/Maildir mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mbox_write_locks = fcntl namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } passdb { args = /etc/dovecot/ldap-passdb-my.domain.conf driver = ldap } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_storage = SIEVE } protocols = imap sieve service auth { unix_listener /var/spool/postfix/private/auth { group = mail mode = 0660 user = vmail } unix_listener auth-userdb { group = mail mode = 0660 user = vmail } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 } } ssl = required ssl_cert = Hi list! I'm trying to configure Dovecot 2.2.18 to act as proxy. Dovecot has to authentificate the users against an LDAP-Server (AD) and then act as IMAP-Proxy to an Exchange Server. Now the problem is, that we have TWO Exchange servers (and two ADs, too). How can I say to Dovecot that it has to search for the user in the first AD (and if found proxy to the first Exchange server) and if the user was not found, to search in the second AD (and if found proxy to the second Exchange server)? Thanks a lot Luca Bertoncello (lucabert at lucabert.de) From lucabert at lucabert.de Mon Jun 22 14:19:52 2015 From: lucabert at lucabert.de (Luca Bertoncello) Date: Mon, 22 Jun 2015 14:19:52 +0000 Subject: LDAP authentication Message-ID: <20150622141952.Horde.OXl6q7wJGxOPKVSuC56AXEv@horde.lucabert.de> Hi again I'm trying to authenticate a user against an LDAP Server (well, our AD, but it can LDAP). This is my configuration: hosts = my.server.local auth_bind = yes ldap_version = 3 base = CN=Person,CN=Schema,CN=Configuration,DC=company,DC=local scope = subtree user_attrs = \ =home=/home/imapproxy/%u, \ =mail=maildir:/home/imapproxy/%u pass_attrs = uid=%u, userPassword=%w pass_filter = (&(objectClass=user)(sAMAccountName=%u)) auth_bind_userdn = company\%u If I try to login on the LDAP-Server using ldapsearch it works, but with Dovecot not... I see this in my log: Jun 22 16:14:08 proxy01 dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=imap#011secured#011session=+agW4xsZ4gAKADPG#011lip=10.0.46.4#011rip=10.0.51.198#011lport=143#011rport=34018#011resp= Jun 22 16:14:08 proxy01 dovecot: auth: Debug: client passdb out: OK#0111#011user=bertoncello Jun 22 16:14:08 proxy01 dovecot: auth: Debug: master in: REQUEST#0111586495489#01117122#0111#01161785e0770d6c48e7316ab484bc2778c#011session_pid=17125#011request_auth_token Jun 22 16:14:08 proxy01 dovecot: auth: Debug: ldap(bertoncello,10.0.51.198,<+agW4xsZ4gAKADPG>): user search: base=CN=Person,CN=Schema,CN=Configuration,DC=company,DC=local scope=subtree filter=(&(objectClass=posixAccount)(uid=bertoncello)) fields= Jun 22 16:14:08 proxy01 dovecot: auth: Error: ldap(bertoncello,10.0.51.198,<+agW4xsZ4gAKADPG>): ldap_search(base=CN=Person,CN=Schema,CN=Configuration,DC=company,DC=local filter=(&(objectClass=posixAccount)(uid=bertoncello))) failed: Operations error Jun 22 16:14:08 proxy01 dovecot: auth: Debug: master userdb out: FAIL#0111586495489 Jun 22 16:14:08 proxy01 dovecot: imap: Error: Internal auth failure (client-pid=17122 client-id=1) Jun 22 16:14:08 proxy01 dovecot: imap-login: Internal login failure (pid=17122 id=1) (internal failure, 1 successful auths): user=, method=PLAIN, rip=10.0.51.198, lip=10.0.46.4, mpid=17125, TLS, session=<+agW4xsZ4gAKADPG> and if I sniff with ngrep the comunication with the AD I see: #### T 10.0.46.4:58761 -> 192.168.168.23:389 [AP] 0....`........ # T 192.168.168.23:389 -> 10.0.46.4:58761 [AP] 0........a............ ## T 10.0.46.4:58761 -> 192.168.168.23:389 [AP] 0#...`......company\bertoncello..secret # T 192.168.168.23:389 -> 10.0.46.4:58761 [AP] 0........a............ ## T 10.0.46.4:58761 -> 192.168.168.23:389 [AP] 0....`........ # T 192.168.168.23:389 -> 10.0.46.4:58761 [AP] 0........a............ # T 10.0.46.4:58761 -> 192.168.168.23:389 [AP] 0.....c{.5CN=Person,CN=Schema,CN=Configuration,DC=company,DC=local................1....objectClass..posixAccount....uid..bertoncello0. # T 192.168.168.23:389 -> 10.0.46.4:58761 [AP] 0........e................000004DC: LdapErr: DSID-0C0906E8, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v1db1. ## T 10.0.46.4:58761 -> 192.168.168.23:389 [AP] 0....B. ### T 192.168.168.23:389 -> 10.0.46.4:58761 [AR] .. and I can't understand why: 1) I read "objectClass..posixAccount" 2) The authentication does not work... Thanks for your help! Luca Bertoncello (lucabert at lucabert.de) From fzielcke at z-51.de Mon Jun 22 14:34:11 2015 From: fzielcke at z-51.de (Felix Zielcke) Date: Mon, 22 Jun 2015 16:34:11 +0200 Subject: a temporary failure In-Reply-To: <5587CFF2.7030305@yahoo.co.uk> References: <5587C46A.2040604@yahoo.co.uk> <5587CFF2.7030305@yahoo.co.uk> Message-ID: <1434983651.1209.0.camel@z-51.de> Am Montag, den 22.06.2015, 10:05 +0100 schrieb lejeczek: > > > I wonder could there be some kind of collision between > user/passdbs, even though I do not configure anything but > ldap, when I do: passdb { driver = pam } passdb { args = /etc/dovecot/ldap-passdb-my.domain.conf driver = ldap } Check your whole dovecot config. You have an active PAM passdb lookup and an ldap lookup. From peljasz at yahoo.co.uk Mon Jun 22 14:52:42 2015 From: peljasz at yahoo.co.uk (lejeczek) Date: Mon, 22 Jun 2015 15:52:42 +0100 Subject: a temporary failure In-Reply-To: <1434983651.1209.0.camel@z-51.de> References: <5587C46A.2040604@yahoo.co.uk> <5587CFF2.7030305@yahoo.co.uk> <1434983651.1209.0.camel@z-51.de> Message-ID: <5588213A.6030302@yahoo.co.uk> On 22/06/15 15:34, Felix Zielcke wrote: > Am Montag, den 22.06.2015, 10:05 +0100 schrieb lejeczek: >> I wonder could there be some kind of collision between >> user/passdbs, even though I do not configure anything but >> ldap, when I do: > passdb { > driver = pam > } > passdb { > args = /etc/dovecot/ldap-passdb-my.domain.conf > driver = ldap > } > > Check your whole dovecot config. > You have an active PAM passdb lookup and an ldap lookup. > I assume that all backend are ON by default, even though there are not in the configs? Is it possible to completely disable a backend? From skdovecot at smail.inf.fh-brs.de Mon Jun 22 14:57:33 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Mon, 22 Jun 2015 16:57:33 +0200 (CEST) Subject: a temporary failure In-Reply-To: <5587D235.20709@yahoo.co.uk> References: <5587C46A.2040604@yahoo.co.uk> <5587C7A7.8090902@yahoo.co.uk> <5587D235.20709@yahoo.co.uk> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 22 Jun 2015, lejeczek wrote: > On 22/06/15 09:43, Steffen Kaiser wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> On Mon, 22 Jun 2015, lejeczek wrote: >>> On 22/06/15 09:16, lejeczek wrote: >>>> >>>> to=,orig_to=, relay=dovecot, delay=39296, >>>> delays=39294/2.2/0/0.27, dsn=4.3.0, status=deferred (temporary failure) >>>> >>>> and dovecot logs no error, despite having debug to yes in couple of >>>> places, >>>> it shows: >>>> >>>> auth: Debug: master in: USER 1 me at my.domain service=lda >>>> auth-worker(25343): Debug: passwd(me at my.domain): lookup >>>> auth-worker(25343): passwd(me at my.domain): unknown user >>>> auth: Debug: ldap(me at my.domain): user search: >>>> base=ou=People,dc=my,dc=domain scope=subtree >>>> filter=(&(objectClass=person)(uid=me)) fields= >>>> auth: Debug: ldap(me at my.domain): result: objectClass=top,top,top,top, >>>> >>>> ... here goes the whole lot of ldap atrribs, and at the end: >>>> >>>> unused. >>>> >>>> For passdb & userdb in the configs I only configure ldap backed, nothing >>>> else. Ldap works, I can query it without failling. >>>> I believe it's very simple set up but I must be wrong somewhere. >>>> >>>> pass_filter = (&(objectClass=posixAccount)(uid=%n)) >>>> pass_attrs = uid=user=%n,userPassword=password >> >> Use either uid=user oder =user=%n but not uid=user=%n. I would use >> uid=user, so the user cannot specify the case of the username. >> >>>> user_attrs = >>>> =home=/var/spool/mail/%d/%n,=mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n >>>> user_filter = (&(objectClass=person)(uid=%n)) >>>> >>> even stranger, if I use(along with ldap in configs): >> >> Please post: >> >> complete doveconf -n >> and the complete LDAP config being referenced by the config. >> >>> userdb { >>> driver = static >>> args = uid=vmail gid=mail home=/var/spool/mail/%d/%n >>> mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n >>> sieve_storage=/var/spool/mail/%d/%n/SIEVE >>> sieve=/var/spool/mail/%d/%n/dovecot.sieve >>> } >>> >>> dovecot start to core dump: >>> >>> auth: Fatal: master: service(auth): child 9188 killed with signal 11 (core >>> dumped) >>> >> >> - -- Steffen Kaiser >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1 >> >> iQEVAwUBVYfKoHz1H7kL/d9rAQLhsQgAkwOcfTIoH/NiIXHL+IJcUjzHBpFsQJeT >> lXdN5XIfyXgZdpzmObXG606ON5Y5higyfR1kby3bLxlvkioyAt4WqWHcTw7XLrwo >> e5zz9774M7dlnZN+CpY0WAHcyllZeodaD5jVruXzS2JAZmShL8vAV1AIC2QKOtwL >> h4Z5y0ZYTA4bwD7J6pwZ18kaF3pV9lD6uHiFE0DTq8TupUjp0gV0wLOMKkcetsD2 >> kpWPvz8CGlc2LBDJTEHVdw1of7/VVIRIJKSqX3mzizWMf+DLy6fAJRue4S1o3cT8 >> m+4PM48B50ycGQXW1U3dJ9ERAgg21sS0kmUBbuuKnC8BWacsdSFUaA== >> =QCeP >> -----END PGP SIGNATURE----- >> > > auth_debug = yes > auth_mechanisms = login > auth_verbose = yes > first_valid_uid = 999 > mail_debug = yes > mail_location = maildir:/var/spool/mail/my.domain/%u/Maildir > mail_uid = vmail > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope encoded-character > vacation subaddress comparator-i;ascii-numeric relational regex imap4flags > copy include variables body enotify environment mailbox date ihave > mbox_write_locks = fcntl > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = > } > passdb { > driver = pam > } > passdb { > args = /etc/dovecot/ldap-passdb-my.domain.conf > driver = ldap > } > plugin { > sieve = ~/.dovecot.sieve > sieve_dir = ~/sieve > sieve_storage = SIEVE > } > protocols = imap sieve > service auth { > unix_listener /var/spool/postfix/private/auth { > group = mail > mode = 0660 > user = vmail > } > unix_listener auth-userdb { > group = mail > mode = 0660 > user = vmail > } > } > service imap-login { > inet_listener imap { > port = 143 > } > inet_listener imaps { > port = 993 > } > } > ssl = required > ssl_cert = ssl_key = userdb { > driver = passwd > } > userdb { > args = /etc/dovecot/ldap-userdb-my.domain.conf > driver = ldap > } > protocol lmtp { > mail_plugins = " sieve" > } > protocol lda { > mail_plugins = " sieve" > } > > #ldap-passdb > hosts = localhost > uris = ldap://localhost:389/ > ldap_version = 3 > base = ou=People,dc=my,dc=domain > dn = cn=Manager,dc=my,dc=domain > dnpass = my.pass > auth_bind = no > pass_attrs = uid=%n,userPassword=password That's neiter your original request nor following: >> Use either uid=user oder =user=%n but not uid=user=%n. I would use >> uid=user, so the user cannot specify the case of the username. > pass_filter = (&(objectClass=posixAccount)(uid=%n)) > > > #ldap-userdb > hosts = localhost > uris = ldap://localhost:389/ > ldap_version = 3 > base = ou=People,dc=my,dc=domain > dn = cn=Manager,dc=my,dc=domain > dnpass = my.pass > auth_bind = no > user_attrs = > =home=/var/spool/mail/%d/%n,=mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n > user_filter = (&(objectClass=person)(uid=%n)) > default_pass_scheme = SSHA > > It cannot be postfix if it relays and dovecots gets these relays. Can it be? > - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVYgiXXz1H7kL/d9rAQLvTAgAk4lWQgRkclu9hx8InE1VGukWKSxwDcpI kwpQtVGrqm7AjSnNIn02NMZfyfEAxS67aHfn49fPgjnOkGSDwl6b3WDpUrtJ9XVJ cAcMSDsWPiqyHmAHNY2YTRKfcEySFctc/voMcxo0gFPFtJfpjf7UvNw8EdkX+BmW XRNTlIKDaa6bLSFv48F8NpMH0M7uOUqxgm8R/3DOt8M55qK0aa/Qqvqbxj/L9Ir3 KtCGYI02Lk/QZngzIqtIPIXASOzpVFefLKLxwnIuVFS5Xfv/Wat7URD6TKn5Wx8S dRnC/CH9MduOfcHmoaUMxzsFfVkAeeVMB0rVl/GdljHr6pefUxtrPA== =VsKL -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Mon Jun 22 14:58:58 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Mon, 22 Jun 2015 16:58:58 +0200 (CEST) Subject: a temporary failure In-Reply-To: <5588213A.6030302@yahoo.co.uk> References: <5587C46A.2040604@yahoo.co.uk> <5587CFF2.7030305@yahoo.co.uk> <1434983651.1209.0.camel@z-51.de> <5588213A.6030302@yahoo.co.uk> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 22 Jun 2015, lejeczek wrote: > On 22/06/15 15:34, Felix Zielcke wrote: >> Am Montag, den 22.06.2015, 10:05 +0100 schrieb lejeczek: >>> I wonder could there be some kind of collision between >>> user/passdbs, even though I do not configure anything but >>> ldap, when I do: >> passdb { >> driver = pam >> } >> passdb { >> args = /etc/dovecot/ldap-passdb-my.domain.conf >> driver = ldap >> } >> >> Check your whole dovecot config. >> You have an active PAM passdb lookup and an ldap lookup. >> > I assume that all backend are ON by default, even though there are not in the > configs? > Is it possible to completely disable a backend? Checkout 10-auth.conf and comment out: #!include auth-system.conf.ext auth-system.conf.ext enables passwd. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVYgisnz1H7kL/d9rAQLhvAf/fzg2ZTV+Bkq+DRcpIqpTCj6ZTmicV30z 4FgnVwJIsM/YP/54bI3lqGDUUbkLbjJIqB3R5+2x31im4NlXV2PrqFoHIJTERx2t RgermJBFEV9E7q/dkmtrEFm2PfjrKTuS4FP9lwdHqpTmIzuSfIfOoLb8vzCntNw1 sdz3mjmmcXgTeGzp1ZMkgvUTN8ZjSG7jbO1xihHOsrXOdW6a6xUQNpJ34DY1uqoR Ok92wt0VTDc/5wfcTcYNsaBvd0uPT8zpiZY1Ini5B0R0Zq1A1JapCFmj/vXrqfZP 9oD6wRNJ4hZdz+lgSpULXQphirjqm+2gwwlrrHYlFwkIK+R6FrRazw== =Wpd+ -----END PGP SIGNATURE----- From peljasz at yahoo.co.uk Mon Jun 22 15:42:09 2015 From: peljasz at yahoo.co.uk (lejeczek) Date: Mon, 22 Jun 2015 16:42:09 +0100 Subject: a temporary failure In-Reply-To: References: <5587C46A.2040604@yahoo.co.uk> <5587C7A7.8090902@yahoo.co.uk> <5587D235.20709@yahoo.co.uk> Message-ID: <55882CD1.3030305@yahoo.co.uk> On 22/06/15 15:57, Steffen Kaiser wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Mon, 22 Jun 2015, lejeczek wrote: >> On 22/06/15 09:43, Steffen Kaiser wrote: >>> -----BEGIN PGP SIGNED MESSAGE----- >>> Hash: SHA1 >>> >>> On Mon, 22 Jun 2015, lejeczek wrote: >>>> On 22/06/15 09:16, lejeczek wrote: >>>>> >>>>> to=,orig_to=, >>>>> relay=dovecot, delay=39296, delays=39294/2.2/0/0.27, >>>>> dsn=4.3.0, status=deferred (temporary failure) >>>>> >>>>> and dovecot logs no error, despite having debug to yes >>>>> in couple of places, >>>>> it shows: >>>>> >>>>> auth: Debug: master in: USER 1 me at my.domain >>>>> service=lda >>>>> auth-worker(25343): Debug: passwd(me at my.domain): lookup >>>>> auth-worker(25343): passwd(me at my.domain): unknown user >>>>> auth: Debug: ldap(me at my.domain): user search: >>>>> base=ou=People,dc=my,dc=domain scope=subtree >>>>> filter=(&(objectClass=person)(uid=me)) fields= >>>>> auth: Debug: ldap(me at my.domain): result: >>>>> objectClass=top,top,top,top, >>>>> >>>>> ... here goes the whole lot of ldap atrribs, and at >>>>> the end: >>>>> >>>>> unused. >>>>> >>>>> For passdb & userdb in the configs I only configure >>>>> ldap backed, nothing else. Ldap works, I can query it >>>>> without failling. >>>>> I believe it's very simple set up but I must be wrong >>>>> somewhere. >>>>> >>>>> pass_filter = (&(objectClass=posixAccount)(uid=%n)) >>>>> pass_attrs = uid=user=%n,userPassword=password >>> >>> Use either uid=user oder =user=%n but not uid=user=%n. I >>> would use uid=user, so the user cannot specify the case >>> of the username. >>> >>>>> user_attrs = >>>>> =home=/var/spool/mail/%d/%n,=mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n >>>>> user_filter = (&(objectClass=person)(uid=%n)) >>>>> >>>> even stranger, if I use(along with ldap in configs): >>> >>> Please post: >>> >>> complete doveconf -n >>> and the complete LDAP config being referenced by the >>> config. >>> >>>> userdb { >>>> driver = static >>>> args = uid=vmail gid=mail home=/var/spool/mail/%d/%n >>>> mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n >>>> sieve_storage=/var/spool/mail/%d/%n/SIEVE >>>> sieve=/var/spool/mail/%d/%n/dovecot.sieve >>>> } >>>> >>>> dovecot start to core dump: >>>> >>>> auth: Fatal: master: service(auth): child 9188 killed >>>> with signal 11 (core dumped) >>>> >>> >>> - -- Steffen Kaiser >>> -----BEGIN PGP SIGNATURE----- >>> Version: GnuPG v1 >>> >>> iQEVAwUBVYfKoHz1H7kL/d9rAQLhsQgAkwOcfTIoH/NiIXHL+IJcUjzHBpFsQJeT >>> lXdN5XIfyXgZdpzmObXG606ON5Y5higyfR1kby3bLxlvkioyAt4WqWHcTw7XLrwo >>> e5zz9774M7dlnZN+CpY0WAHcyllZeodaD5jVruXzS2JAZmShL8vAV1AIC2QKOtwL >>> h4Z5y0ZYTA4bwD7J6pwZ18kaF3pV9lD6uHiFE0DTq8TupUjp0gV0wLOMKkcetsD2 >>> kpWPvz8CGlc2LBDJTEHVdw1of7/VVIRIJKSqX3mzizWMf+DLy6fAJRue4S1o3cT8 >>> m+4PM48B50ycGQXW1U3dJ9ERAgg21sS0kmUBbuuKnC8BWacsdSFUaA== >>> =QCeP >>> -----END PGP SIGNATURE----- >>> >> >> auth_debug = yes >> auth_mechanisms = login >> auth_verbose = yes >> first_valid_uid = 999 >> mail_debug = yes >> mail_location = maildir:/var/spool/mail/my.domain/%u/Maildir >> mail_uid = vmail >> managesieve_notify_capability = mailto >> managesieve_sieve_capability = fileinto reject envelope >> encoded-character vacation subaddress >> comparator-i;ascii-numeric relational regex imap4flags >> copy include variables body enotify environment mailbox >> date ihave >> mbox_write_locks = fcntl >> namespace inbox { >> inbox = yes >> location = >> mailbox Drafts { >> special_use = \Drafts >> } >> mailbox Junk { >> special_use = \Junk >> } >> mailbox Sent { >> special_use = \Sent >> } >> mailbox "Sent Messages" { >> special_use = \Sent >> } >> mailbox Trash { >> special_use = \Trash >> } >> prefix = >> } >> passdb { >> driver = pam >> } >> passdb { >> args = /etc/dovecot/ldap-passdb-my.domain.conf >> driver = ldap >> } >> plugin { >> sieve = ~/.dovecot.sieve >> sieve_dir = ~/sieve >> sieve_storage = SIEVE >> } >> protocols = imap sieve >> service auth { >> unix_listener /var/spool/postfix/private/auth { >> group = mail >> mode = 0660 >> user = vmail >> } >> unix_listener auth-userdb { >> group = mail >> mode = 0660 >> user = vmail >> } >> } >> service imap-login { >> inet_listener imap { >> port = 143 >> } >> inet_listener imaps { >> port = 993 >> } >> } >> ssl = required >> ssl_cert = > ssl_key = > userdb { >> driver = passwd >> } >> userdb { >> args = /etc/dovecot/ldap-userdb-my.domain.conf >> driver = ldap >> } >> protocol lmtp { >> mail_plugins = " sieve" >> } >> protocol lda { >> mail_plugins = " sieve" >> } >> >> #ldap-passdb >> hosts = localhost >> uris = ldap://localhost:389/ >> ldap_version = 3 >> base = ou=People,dc=my,dc=domain >> dn = cn=Manager,dc=my,dc=domain >> dnpass = my.pass >> auth_bind = no >> pass_attrs = uid=%n,userPassword=password > > That's neiter your original request nor following: > if I use uid=user then dovecot loses domain and I get: .. username changed my at my.domain .> me and still does not work >>> Use either uid=user oder =user=%n but not uid=user=%n. I >>> would use >>> uid=user, so the user cannot specify the case of the >>> username. > >> pass_filter = (&(objectClass=posixAccount)(uid=%n)) >> >> >> #ldap-userdb >> hosts = localhost >> uris = ldap://localhost:389/ >> ldap_version = 3 >> base = ou=People,dc=my,dc=domain >> dn = cn=Manager,dc=my,dc=domain >> dnpass = my.pass >> auth_bind = no >> user_attrs = >> =home=/var/spool/mail/%d/%n,=mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n >> user_filter = (&(objectClass=person)(uid=%n)) >> default_pass_scheme = SSHA >> >> It cannot be postfix if it relays and dovecots gets these >> relays. Can it be? >> > > - -- Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iQEVAwUBVYgiXXz1H7kL/d9rAQLvTAgAk4lWQgRkclu9hx8InE1VGukWKSxwDcpI > > kwpQtVGrqm7AjSnNIn02NMZfyfEAxS67aHfn49fPgjnOkGSDwl6b3WDpUrtJ9XVJ > > cAcMSDsWPiqyHmAHNY2YTRKfcEySFctc/voMcxo0gFPFtJfpjf7UvNw8EdkX+BmW > > XRNTlIKDaa6bLSFv48F8NpMH0M7uOUqxgm8R/3DOt8M55qK0aa/Qqvqbxj/L9Ir3 > > KtCGYI02Lk/QZngzIqtIPIXASOzpVFefLKLxwnIuVFS5Xfv/Wat7URD6TKn5Wx8S > > dRnC/CH9MduOfcHmoaUMxzsFfVkAeeVMB0rVl/GdljHr6pefUxtrPA== > =VsKL > -----END PGP SIGNATURE----- > From peljasz at yahoo.co.uk Mon Jun 22 16:21:50 2015 From: peljasz at yahoo.co.uk (lejeczek) Date: Mon, 22 Jun 2015 17:21:50 +0100 Subject: a temporary failure In-Reply-To: <5587C46A.2040604@yahoo.co.uk> References: <5587C46A.2040604@yahoo.co.uk> Message-ID: <5588361E.6020008@yahoo.co.uk> On 22/06/15 09:16, lejeczek wrote: > > dear all > > I have a postfix relaying to dovecot's lda but "strangely" > it does not work, I mean I imaging it's me doing something > wrong, yet I cannot figure out what. > > postfix logs: > > to=,orig_to=, relay=dovecot, > delay=39296, delays=39294/2.2/0/0.27, dsn=4.3.0, > status=deferred (temporary failure) > > and dovecot logs no error, despite having debug to yes in > couple of places, > it shows: > > auth: Debug: master in: USER 1 me at my.domain > service=lda > auth-worker(25343): Debug: passwd(me at my.domain): lookup > auth-worker(25343): passwd(me at my.domain): unknown user > auth: Debug: ldap(me at my.domain): user search: > base=ou=People,dc=my,dc=domain scope=subtree > filter=(&(objectClass=person)(uid=me)) fields= > auth: Debug: ldap(me at my.domain): result: > objectClass=top,top,top,top, > > ... here goes the whole lot of ldap atrribs, and at the end: > > unused. > > For passdb & userdb in the configs I only configure ldap > backed, nothing else. Ldap works, I can query it without > failling. > I believe it's very simple set up but I must be wrong > somewhere. > > > pass_filter = (&(objectClass=posixAccount)(uid=%n)) > pass_attrs = uid=user=%n,userPassword=password > > user_attrs = > =home=/var/spool/mail/%d/%n,=mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n > user_filter = (&(objectClass=person)(uid=%n)) > > Any suggestions very appreciated. > thanks > strange thing is that an IMAP clients authenticates just fine. Only problems are when sending messages with smtp/postfix. From dmiller at amfes.com Mon Jun 22 17:31:57 2015 From: dmiller at amfes.com (dmiller at amfes.com) Date: Mon, 22 Jun 2015 10:31:57 -0700 Subject: Virtual Mailboxes In-Reply-To: References: <41d3ec6ca13fd96e50b56559ca6f77bb@amfes.com> Message-ID: Any ideas on what I need to check or should post to help find the problem? -- Daniel On 2015-06-20 14:50, dmiller at amfes.com wrote: > The first bonehead maneuver seems to be: > location = virtual:/var/mail/%%d/%%n/mdbox/virtual > I'm thinking it should be: > location = virtual:/var/mail/%%d/%%n/mdbox/mailboxes/virtual > > But...it didn't seem to make a difference. And if I have the > "virtual" folder tree under a location other than > "/var/mail/domain/user/mdbox/mailboxes" no names appear - so I think I > have the files in the right place. Any ideas? > > -- > Daniel > > > On 2015-06-20 14:34, dmiller at amfes.com wrote: >> >> Having some trouble with my first attempt at virtual mailboxes. I've >> enabled the plugin in 10-mail.conf, added a virtual namespace, and >> created the dovecot-virtual files in the folders. >> >> I see the folder names in the list when I refresh the folders >> available for subscription - but the folders cannot be subscribed to >> and I can't view their contents. What obvious mistake did I make? >> >> doveconf -n: >> auth_cache_size = 4 k >> auth_mechanisms = plain login >> default_login_user = nobody >> default_vsz_limit = 1 G >> dict { >> acl = mysql:/usr/local/etc/dovecot/dovecot-dict-sql.conf.ext >> } >> disable_plaintext_auth = no >> listen = * >> mail_attachment_dir = /var/mail/attachments >> mail_plugins = fts fts_solr acl zlib virtual >> mail_shared_explicit_inbox = yes >> managesieve_notify_capability = mailto >> managesieve_sieve_capability = fileinto reject envelope >> encoded-character vacation subaddress comparator-i;ascii-numeric >> relational regex imap4flags copy include variables body enotify >> environment mailbox date index ihave duplicate >> mdbox_rotate_interval = 1 days >> mdbox_rotate_size = 32 M >> namespace { >> hidden = no >> inbox = yes >> list = yes >> location = >> prefix = >> separator = / >> subscriptions = yes >> type = private >> } >> namespace { >> list = children >> location = mdbox:/var/mail/%%d/%%n/mdbox >> prefix = shared/%%n/ >> separator = / >> subscriptions = no >> type = shared >> } >> namespace { >> location = virtual:/var/mail/%%d/%%n/mdbox/virtual >> prefix = virtual/ >> separator = / >> } >> passdb { >> args = /usr/local/etc/dovecot/dovecot-ldap.conf >> driver = ldap >> } >> plugin { >> acl = vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300 >> acl_shared_dict = proxy::acl >> fts = solr >> fts_autoindex = yes >> fts_solr = break-imap-search url=http://solr.amfes.lan:8983/solr/ >> sieve = ~/.dovecot.sieve >> sieve_dir = ~/sieve >> } >> protocols = imap lmtp sieve >> service auth { >> unix_listener /var/spool/postfix/private/auth { >> group = postfix >> mode = 0660 >> user = postfix >> } >> unix_listener auth-userdb { >> group = mail >> mode = 0600 >> user = vmail >> } >> } >> service dict { >> unix_listener dict { >> group = mail >> mode = 0660 >> user = vmail >> } >> } >> service imap-login { >> process_limit = 200 >> process_min_avail = 10 >> service_count = 1 >> } >> service lmtp { >> process_min_avail = 5 >> unix_listener /var/spool/postfix/private/dovecot-lmtp { >> group = mail >> mode = 0666 >> user = vmail >> } >> } >> service managesieve-login { >> inet_listener sieve { >> port = 4190 >> } >> inet_listener sieve_deprecated { >> port = 2000 >> } >> process_min_avail = 0 >> service_count = 1 >> } >> ssl_cert = > ssl_key = > userdb { >> driver = prefetch >> } >> userdb { >> args = /usr/local/etc/dovecot/dovecot-ldap.conf >> driver = ldap >> } >> verbose_proctitle = yes >> protocol lmtp { >> mail_plugins = fts fts_solr acl zlib virtual sieve >> } >> protocol lda { >> mail_plugins = fts fts_solr acl zlib virtual sieve >> } >> protocol imap { >> imap_client_workarounds = tb-extra-mailbox-sep >> imap_idle_notify_interval = 29 mins >> mail_max_userip_connections = 50 >> mail_plugins = fts fts_solr acl zlib virtual imap_acl >> } >> local 192.168.0.2 { >> protocol imap { >> ssl_cert = > ssl_key = > } >> } >> >> Given my mail storage location of /var/mail/%%d/%%n, I have created: >> /var/mail/mydomain/myname/virtual/newfolder >> >> and within that folder created a dovecot-virtual. I created a few like >> this from the wiki samples - the folder names are visible but no >> contents. >> >> -- >> Daniel From soumplis at ekt.gr Mon Jun 22 19:54:08 2015 From: soumplis at ekt.gr (Alexandros Soumplis) Date: Mon, 22 Jun 2015 22:54:08 +0300 Subject: LDAP authentication In-Reply-To: <20150622141952.Horde.OXl6q7wJGxOPKVSuC56AXEv@horde.lucabert.de> References: <20150622141952.Horde.OXl6q7wJGxOPKVSuC56AXEv@horde.lucabert.de> Message-ID: <558867E0.4080803@ekt.gr> If you allow anonymous search on AD maybe you can try to set auth_bind = no . a. On 22/06/15 17:19, Luca Bertoncello wrote: > Hi again > > I'm trying to authenticate a user against an LDAP Server (well, our > AD, but it can LDAP). > > This is my configuration: > > hosts = my.server.local > auth_bind = yes > ldap_version = 3 > base = CN=Person,CN=Schema,CN=Configuration,DC=company,DC=local > scope = subtree > user_attrs = \ > =home=/home/imapproxy/%u, \ > =mail=maildir:/home/imapproxy/%u > > pass_attrs = uid=%u, userPassword=%w > pass_filter = (&(objectClass=user)(sAMAccountName=%u)) > auth_bind_userdn = company\%u > > If I try to login on the LDAP-Server using ldapsearch it works, but > with Dovecot not... > I see this in my log: > > Jun 22 16:14:08 proxy01 dovecot: auth: Debug: client in: > AUTH#0111#011PLAIN#011service=imap#011secured#011session=+agW4xsZ4gAKADPG#011lip=10.0.46.4#011rip=10.0.51.198#011lport=143#011rport=34018#011resp= > Jun 22 16:14:08 proxy01 dovecot: auth: Debug: client passdb out: > OK#0111#011user=bertoncello > Jun 22 16:14:08 proxy01 dovecot: auth: Debug: master in: > REQUEST#0111586495489#01117122#0111#01161785e0770d6c48e7316ab484bc2778c#011session_pid=17125#011request_auth_token > Jun 22 16:14:08 proxy01 dovecot: auth: Debug: > ldap(bertoncello,10.0.51.198,<+agW4xsZ4gAKADPG>): user search: > base=CN=Person,CN=Schema,CN=Configuration,DC=company,DC=local > scope=subtree filter=(&(objectClass=posixAccount)(uid=bertoncello)) > fields= > Jun 22 16:14:08 proxy01 dovecot: auth: Error: > ldap(bertoncello,10.0.51.198,<+agW4xsZ4gAKADPG>): > ldap_search(base=CN=Person,CN=Schema,CN=Configuration,DC=company,DC=local > filter=(&(objectClass=posixAccount)(uid=bertoncello))) failed: > Operations error > Jun 22 16:14:08 proxy01 dovecot: auth: Debug: master userdb out: > FAIL#0111586495489 > Jun 22 16:14:08 proxy01 dovecot: imap: Error: Internal auth failure > (client-pid=17122 client-id=1) > Jun 22 16:14:08 proxy01 dovecot: imap-login: Internal login failure > (pid=17122 id=1) (internal failure, 1 successful auths): > user=, method=PLAIN, rip=10.0.51.198, lip=10.0.46.4, > mpid=17125, TLS, session=<+agW4xsZ4gAKADPG> > > and if I sniff with ngrep the comunication with the AD I see: > > #### > T 10.0.46.4:58761 -> 192.168.168.23:389 [AP] > 0....`........ > # > T 192.168.168.23:389 -> 10.0.46.4:58761 [AP] > 0........a............ > ## > T 10.0.46.4:58761 -> 192.168.168.23:389 [AP] > 0#...`......company\bertoncello..secret > # > T 192.168.168.23:389 -> 10.0.46.4:58761 [AP] > 0........a............ > ## > T 10.0.46.4:58761 -> 192.168.168.23:389 [AP] > 0....`........ > # > T 192.168.168.23:389 -> 10.0.46.4:58761 [AP] > 0........a............ > # > T 10.0.46.4:58761 -> 192.168.168.23:389 [AP] > 0.....c{.5CN=Person,CN=Schema,CN=Configuration,DC=company,DC=local................1....objectClass..posixAccount....uid..bertoncello0. > # > T 192.168.168.23:389 -> 10.0.46.4:58761 [AP] > 0........e................000004DC: LdapErr: DSID-0C0906E8, comment: > In order to perform this operation a successful bind must be completed > on the connection., data 0, v1db1. > ## > T 10.0.46.4:58761 -> 192.168.168.23:389 [AP] > 0....B. > ### > T 192.168.168.23:389 -> 10.0.46.4:58761 [AR] > .. > > and I can't understand why: > > 1) I read "objectClass..posixAccount" > 2) The authentication does not work... > > Thanks for your help! > Luca Bertoncello > (lucabert at lucabert.de) From lucabert at lucabert.de Mon Jun 22 20:00:11 2015 From: lucabert at lucabert.de (Luca Bertoncello) Date: Mon, 22 Jun 2015 22:00:11 +0200 Subject: LDAP authentication In-Reply-To: <558867E0.4080803@ekt.gr> References: <20150622141952.Horde.OXl6q7wJGxOPKVSuC56AXEv@horde.lucabert.de> <558867E0.4080803@ekt.gr> Message-ID: <20150622220011.6855fdae@frodo.lucabert.intra> Alexandros Soumplis schrieb: > If you allow anonymous search on AD maybe you can try to set auth_bind = > no . I'm sorry, but I think, the AD does NOT allow anonymous search... I'm new in this company and I don't know exactly the server, but every try I did without any authentication, failed... Any other idea? Thanks Luca Bertoncello (lucabert at lucabert.de) From jtam.home at gmail.com Mon Jun 22 20:46:46 2015 From: jtam.home at gmail.com (Joseph Tam) Date: Mon, 22 Jun 2015 13:46:46 -0700 (PDT) Subject: Dovecot 2.2.16: disappearing messages, mismatched summaries, duplicated messages, excessive full re-downloads In-Reply-To: References: Message-ID: David Gessel writes: > As far as anyone has been able to determine, all artifacts are > resolved. I believe it is fair to say "SOLVED." As I often start > trying to solve problems by searching the list archives, I'll append my > description of the artifacts as googlebait to the bottom of this > message. To say that disabling the use of index files solved your problems is akin to saying amputating your foot solved your bunion problems. Ordinarily, indices ought to be a benefit -- it will help with I/O bottlenecks when mailboxes or number of users get huge. I can't tell from your list of problems whether they are the result of one or many causes, but fixing the index consistency problem would go a long way toward clearing up most of your problems. If INDEX=MEMORY is working for you and you don't see performance degradation, there's no harm in using it, but in my opinion, it may benefit you in the future to get to the bottom of the indexing problem rather than to lop it off altogether. > I am curious if setting INDEX=MEMORY "disables the index completely" as > per http://wiki2.dovecot.org/MailLocation: "If you really want to, you > can also disable the index files completely by appending > :INDEX=MEMORY." Or if there are index files in memory as one might > assume taking the directive literally, and if so, if these are > functionally equivalent to, say, Courier IMAP's caching model. The latter I believe. The important words in the wiki sentence is "index files", not "indexing". Dovecot is still indexing, exept that it builds it from scratch each and every time a worker process accesses a mailbox, so incurs a fixed overhead that cannot be used for the next session. Joseph Tam From mihai at badici.ro Mon Jun 22 20:51:48 2015 From: mihai at badici.ro (mihai at badici.ro) Date: Mon, 22 Jun 2015 23:51:48 +0300 Subject: LDAP authentication In-Reply-To: <20150622141952.Horde.OXl6q7wJGxOPKVSuC56AXEv@horde.lucabert.de> References: <20150622141952.Horde.OXl6q7wJGxOPKVSuC56AXEv@horde.lucabert.de> Message-ID: <9697768.0z1DL2hJXX@hpdesktop> On Monday 22 June 2015 14:19:52 Luca Bertoncello wrote: > Hi again > > I'm trying to authenticate a user against an LDAP Server (well, our > AD, but it can LDAP). > > This is my configuration: > > hosts = my.server.local > auth_bind = yes > ldap_version = 3 > base = CN=Person,CN=Schema,CN=Configuration,DC=company,DC=local > scope = subtree > user_attrs = \ > =home=/home/imapproxy/%u, \ > =mail=maildir:/home/imapproxy/%u > > pass_attrs = uid=%u, userPassword=%w > pass_filter = (&(objectClass=user)(sAMAccountName=%u)) > auth_bind_userdn = company\%u BTW, there is an userPassword attribute? As I remember, on AD it is sAMAccountpassword. From bob at computerisms.ca Mon Jun 22 20:54:00 2015 From: bob at computerisms.ca (Bob Miller) Date: Mon, 22 Jun 2015 13:54:00 -0700 Subject: LDAP authentication In-Reply-To: <20150622141952.Horde.OXl6q7wJGxOPKVSuC56AXEv@horde.lucabert.de> References: <20150622141952.Horde.OXl6q7wJGxOPKVSuC56AXEv@horde.lucabert.de> Message-ID: <558875E8.2090200@computerisms.ca> Hi, I would suggest starting with a simplified config. by example: > hosts = my.server.local > auth_bind = yes > ldap_version = 3 > base = CN=Person,CN=Schema,CN=Configuration,DC=company,DC=local base = DC=company,DC=local > scope = subtree > user_attrs = \ > =home=/home/imapproxy/%u, \ > =mail=maildir:/home/imapproxy/%u remove the user_attrs In my config, home is defined in userdb in main dovecot.conf > pass_attrs = uid=%u, userPassword=%w remove pass_attrs > pass_filter = (&(objectClass=user)(sAMAccountName=%u)) pass_filter = (sAMAccountName=%Ln) And add: user_filter = (sAMAccountName=%Ln) > auth_bind_userdn = company\%u something tickles my brain that says my setup didn't like that. anyway, my config has %Ln at company.xyz If that works, then you can add the other bits one at a time till it fails.... > > If I try to login on the LDAP-Server using ldapsearch it works, but with > Dovecot not... > I see this in my log: > > Jun 22 16:14:08 proxy01 dovecot: auth: Debug: client in: > AUTH#0111#011PLAIN#011service=imap#011secured#011session=+agW4xsZ4gAKADPG#011lip=10.0.46.4#011rip=10.0.51.198#011lport=143#011rport=34018#011resp= > > Jun 22 16:14:08 proxy01 dovecot: auth: Debug: client passdb out: > OK#0111#011user=bertoncello > Jun 22 16:14:08 proxy01 dovecot: auth: Debug: master in: > REQUEST#0111586495489#01117122#0111#01161785e0770d6c48e7316ab484bc2778c#011session_pid=17125#011request_auth_token > > Jun 22 16:14:08 proxy01 dovecot: auth: Debug: > ldap(bertoncello,10.0.51.198,<+agW4xsZ4gAKADPG>): user search: > base=CN=Person,CN=Schema,CN=Configuration,DC=company,DC=local > scope=subtree filter=(&(objectClass=posixAccount)(uid=bertoncello)) fields= > Jun 22 16:14:08 proxy01 dovecot: auth: Error: > ldap(bertoncello,10.0.51.198,<+agW4xsZ4gAKADPG>): > ldap_search(base=CN=Person,CN=Schema,CN=Configuration,DC=company,DC=local filter=(&(objectClass=posixAccount)(uid=bertoncello))) > failed: Operations error > Jun 22 16:14:08 proxy01 dovecot: auth: Debug: master userdb out: > FAIL#0111586495489 > Jun 22 16:14:08 proxy01 dovecot: imap: Error: Internal auth failure > (client-pid=17122 client-id=1) > Jun 22 16:14:08 proxy01 dovecot: imap-login: Internal login failure > (pid=17122 id=1) (internal failure, 1 successful auths): > user=, method=PLAIN, rip=10.0.51.198, lip=10.0.46.4, > mpid=17125, TLS, session=<+agW4xsZ4gAKADPG> > > and if I sniff with ngrep the comunication with the AD I see: > > #### > T 10.0.46.4:58761 -> 192.168.168.23:389 [AP] > 0....`........ > # > T 192.168.168.23:389 -> 10.0.46.4:58761 [AP] > 0........a............ > ## > T 10.0.46.4:58761 -> 192.168.168.23:389 [AP] > 0#...`......company\bertoncello..secret > # > T 192.168.168.23:389 -> 10.0.46.4:58761 [AP] > 0........a............ > ## > T 10.0.46.4:58761 -> 192.168.168.23:389 [AP] > 0....`........ > # > T 192.168.168.23:389 -> 10.0.46.4:58761 [AP] > 0........a............ > # > T 10.0.46.4:58761 -> 192.168.168.23:389 [AP] > > 0.....c{.5CN=Person,CN=Schema,CN=Configuration,DC=company,DC=local................1....objectClass..posixAccount....uid..bertoncello0. > > # > T 192.168.168.23:389 -> 10.0.46.4:58761 [AP] > 0........e................000004DC: LdapErr: DSID-0C0906E8, comment: > In order to perform this operation a successful bind must be completed > on the connection., data 0, v1db1. > ## > T 10.0.46.4:58761 -> 192.168.168.23:389 [AP] > 0....B. > ### > T 192.168.168.23:389 -> 10.0.46.4:58761 [AR] > .. > > and I can't understand why: > > 1) I read "objectClass..posixAccount" > 2) The authentication does not work... > > Thanks for your help! > Luca Bertoncello > (lucabert at lucabert.de) From soumplis at ekt.gr Mon Jun 22 21:28:51 2015 From: soumplis at ekt.gr (Alexandros Soumplis) Date: Tue, 23 Jun 2015 00:28:51 +0300 Subject: LDAP authentication In-Reply-To: <20150622220011.6855fdae@frodo.lucabert.intra> References: <20150622141952.Horde.OXl6q7wJGxOPKVSuC56AXEv@horde.lucabert.de> <558867E0.4080803@ekt.gr> <20150622220011.6855fdae@frodo.lucabert.intra> Message-ID: <55887E13.5010606@ekt.gr> Can you try adding the following options user_filter = (&(samAccountName=%Ln)(objectClass=person)) pass_filter = (&(samAccountName=%Ln)(objectClass=person)) pass_attrs = userPassword=password default_pass_scheme = CRYPT a. On 22/06/15 23:00, Luca Bertoncello wrote: > Alexandros Soumplis schrieb: > >> If you allow anonymous search on AD maybe you can try to set auth_bind = >> no . > I'm sorry, but I think, the AD does NOT allow anonymous search... > I'm new in this company and I don't know exactly the server, but every try > I did without any authentication, failed... > > Any other idea? > > Thanks > Luca Bertoncello > (lucabert at lucabert.de) From troeder at univention.de Tue Jun 23 07:19:03 2015 From: troeder at univention.de (=?UTF-8?B?RGFuaWVsIFRyw7ZkZXI=?=) Date: Tue, 23 Jun 2015 09:19:03 +0200 Subject: a temporary failure In-Reply-To: <5588361E.6020008@yahoo.co.uk> References: <5587C46A.2040604@yahoo.co.uk> <5588361E.6020008@yahoo.co.uk> Message-ID: <55890867.5040701@univention.de> Am 22.06.2015 um 18:21 schrieb lejeczek: > On 22/06/15 09:16, lejeczek wrote: >> >> dear all >> >> I have a postfix relaying to dovecot's lda but "strangely" it does not >> work, I mean I imaging it's me doing something wrong, yet I cannot >> figure out what. >> >> postfix logs: >> >> to=,orig_to=, relay=dovecot, >> delay=39296, delays=39294/2.2/0/0.27, dsn=4.3.0, status=deferred >> (temporary failure) >> >> and dovecot logs no error, despite having debug to yes in couple of >> places, >> it shows: >> >> auth: Debug: master in: USER 1 me at my.domain service=lda >> auth-worker(25343): Debug: passwd(me at my.domain): lookup >> auth-worker(25343): passwd(me at my.domain): unknown user >> auth: Debug: ldap(me at my.domain): user search: >> base=ou=People,dc=my,dc=domain scope=subtree >> filter=(&(objectClass=person)(uid=me)) fields= >> auth: Debug: ldap(me at my.domain): result: objectClass=top,top,top,top, >> >> ... here goes the whole lot of ldap atrribs, and at the end: >> >> unused. >> >> For passdb & userdb in the configs I only configure ldap backed, >> nothing else. Ldap works, I can query it without failling. >> I believe it's very simple set up but I must be wrong somewhere. >> >> >> pass_filter = (&(objectClass=posixAccount)(uid=%n)) >> pass_attrs = uid=user=%n,userPassword=password >> >> user_attrs = >> =home=/var/spool/mail/%d/%n,=mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n >> >> user_filter = (&(objectClass=person)(uid=%n)) >> >> Any suggestions very appreciated. >> thanks >> > strange thing is that an IMAP clients authenticates just fine. Only > problems are when sending messages with smtp/postfix. I had a similar problem. Turned out, that when the message comes from Postfix, the identifier is an email address (surprise ;) and not a username, so my LDAP query looks similar to this: user_filter = (&(objectClass=person)(|(uid=%u)(email=%u))) Anyway, when you set auth_verbose=yes and auth_debug=yes, in 10-logging.conf you'll see the exact LDAP query. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From skdovecot at smail.inf.fh-brs.de Tue Jun 23 08:32:54 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Tue, 23 Jun 2015 10:32:54 +0200 (CEST) Subject: a temporary failure In-Reply-To: <5587D235.20709@yahoo.co.uk> References: <5587C46A.2040604@yahoo.co.uk> <5587C7A7.8090902@yahoo.co.uk> <5587D235.20709@yahoo.co.uk> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 22 Jun 2015, lejeczek wrote: > On 22/06/15 09:43, Steffen Kaiser wrote: >> On Mon, 22 Jun 2015, lejeczek wrote: >>> On 22/06/15 09:16, lejeczek wrote: >>>> >>>> to=,orig_to=, relay=dovecot, delay=39296, >>>> delays=39294/2.2/0/0.27, dsn=4.3.0, status=deferred (temporary failure) >>>> >>>> and dovecot logs no error, despite having debug to yes in couple of >>>> places, >>>> it shows: >>>> >>>> auth: Debug: master in: USER 1 me at my.domain service=lda >>>> auth-worker(25343): Debug: passwd(me at my.domain): lookup >>>> auth-worker(25343): passwd(me at my.domain): unknown user >>>> auth: Debug: ldap(me at my.domain): user search: >>>> base=ou=People,dc=my,dc=domain scope=subtree >>>> filter=(&(objectClass=person)(uid=me)) fields= >>>> auth: Debug: ldap(me at my.domain): result: objectClass=top,top,top,top, >>>> >>>> ... here goes the whole lot of ldap atrribs, and at the end: >>>> >>>> unused. >>>> >>>> For passdb & userdb in the configs I only configure ldap backed, nothing >>>> else. Ldap works, I can query it without failling. >>>> I believe it's very simple set up but I must be wrong somewhere. >>>> >>>> pass_filter = (&(objectClass=posixAccount)(uid=%n)) >>>> pass_attrs = uid=user=%n,userPassword=password >> >> Use either uid=user oder =user=%n but not uid=user=%n. I would use >> uid=user, so the user cannot specify the case of the username. >> >>>> user_attrs = >>>> =home=/var/spool/mail/%d/%n,=mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n >>>> user_filter = (&(objectClass=person)(uid=%n)) >>>> >>> even stranger, if I use(along with ldap in configs): >> >> Please post: >> >> complete doveconf -n >> and the complete LDAP config being referenced by the config. >> >>> userdb { >>> driver = static >>> args = uid=vmail gid=mail home=/var/spool/mail/%d/%n >>> mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n >>> sieve_storage=/var/spool/mail/%d/%n/SIEVE >>> sieve=/var/spool/mail/%d/%n/dovecot.sieve >>> } >>> >>> dovecot start to core dump: >>> >>> auth: Fatal: master: service(auth): child 9188 killed with signal 11 (core >>> dumped) > > auth_debug = yes The first lines should be something like this: # 2.2.18 (8906101589f9): /usr/local/dovecot-2.2.18/etc/dovecot/dovecot.conf # Pigeonhole version 0.4.8 (3df7e50f986d) # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.10 What version are you using? > auth_mechanisms = login > auth_verbose = yes > first_valid_uid = 999 > mail_debug = yes > mail_location = maildir:/var/spool/mail/my.domain/%u/Maildir > mail_uid = vmail > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope encoded-character > vacation subaddress comparator-i;ascii-numeric relational regex imap4flags > copy include variables body enotify environment mailbox date ihave > mbox_write_locks = fcntl > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = > } > passdb { > driver = pam > } Did you've removed or commented the line : 10-auth.conf:#!include auth-system.conf.ext ? > passdb { > args = /etc/dovecot/ldap-passdb-my.domain.conf > driver = ldap > } > plugin { > sieve = ~/.dovecot.sieve > sieve_dir = ~/sieve > sieve_storage = SIEVE > } > protocols = imap sieve > service auth { > unix_listener /var/spool/postfix/private/auth { > group = mail > mode = 0660 > user = vmail > } > unix_listener auth-userdb { > group = mail > mode = 0660 > user = vmail > } > } > service imap-login { > inet_listener imap { > port = 143 > } > inet_listener imaps { > port = 993 > } > } > ssl = required > ssl_cert = ssl_key = userdb { > driver = passwd > } > userdb { > args = /etc/dovecot/ldap-userdb-my.domain.conf > driver = ldap > } > protocol lmtp { > mail_plugins = " sieve" > } > protocol lda { > mail_plugins = " sieve" > } > > #ldap-passdb > hosts = localhost > uris = ldap://localhost:389/ > ldap_version = 3 > base = ou=People,dc=my,dc=domain > dn = cn=Manager,dc=my,dc=domain > dnpass = my.pass > auth_bind = no > pass_attrs = uid=%n,userPassword=password uid=%n makes no sense. Please use just: pass_attrs = userPassword=password > pass_filter = (&(objectClass=posixAccount)(uid=%n)) > > > #ldap-userdb > hosts = localhost > uris = ldap://localhost:389/ > ldap_version = 3 > base = ou=People,dc=my,dc=domain > dn = cn=Manager,dc=my,dc=domain > dnpass = my.pass > auth_bind = no > user_attrs = > =home=/var/spool/mail/%d/%n,=mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n > user_filter = (&(objectClass=person)(uid=%n)) > default_pass_scheme = SSHA > > It cannot be postfix if it relays and dovecots gets these relays. Can it be? I have tried your config with above mentioned version, with LDAP as only passdb and userdb and these LDAP-settings: hosts = localhost auth_bind = yes base = deref = searching user_attrs = =home=/var/spool/mail/%d/%n,=mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n user_filter = (&(objectClass=fhMailAlias)(uid=%n)) pass_attrs = userPassword=password pass_filter = (&(objectClass=fhMailAlias)(uid=%Ln)(!(deniedService=%Ls))) iterate_filter = (objectClass=fhMailAlias) Note the pass_attrs. Then I submitted a new message with: socat stdin UNIX:/var/run/dovecot2.2/lmtp LHLO loc mail from: rcpt to: data Subject: 1 1 . successfully. Maildir was created and message spooled to /var/spool/mail/example.com/other/Maildir. Then I logged in via IMAP successfully as well. I also tried the other order: reload Dovecot to flush any caches, log in via IMAP and submit via LMTP. You should however note the following: Both filters treat users "me at example.com" and "me at localhost.localdomain" as the same user, because they match the same LDAP item (uid=%n), however the directories of the users _should_ differ, but they won't as long as the user's information is cached in the auth cache. That means: doveadm auch cache flush doveadm user me at example.net doveadm user me at example.com returns the date for me at example.net in both cases and doveadm auch cache flush doveadm user me at example.com doveadm user me at example.net returns the data for me at example.com in both cases. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVYkZtnz1H7kL/d9rAQIZEQf6AsT93VQg1bvF+kla4q9m/0cFlZpAEzDl t4V1XwiYUENBCCvXuxKpY1QvKCKVwryS+GUbPh0eP0t+Rjl6bOT1wP4qwkOlRIkN V6kmx6sBabdObTUgI1kl07ss2vt0MVzjFh5WDRPz6Z/UzKRIGkuphzksVle14GDG UefgtdOYhR+Mfn0nRil2FOSFbWnMgR/9rkKEBr7Ou4vxgU7BF1nfOUA/bmc/tEF+ oMuNkq8xdsKmuN5AhbIghUr3o4DARW0KnLCo4uUJTx7BRreO651Cw4K3fwKlRyAu Pvt4NqxAkJ2Iyu0lFc60xkN0RX+vndfqGOwfIwRYhiBIbX03Cvesaw== =Hn9X -----END PGP SIGNATURE----- From lucabert at lucabert.de Tue Jun 23 09:29:29 2015 From: lucabert at lucabert.de (Luca Bertoncello) Date: Tue, 23 Jun 2015 09:29:29 +0000 Subject: Problem with LDAP... again... Message-ID: <20150623092929.Horde.WCuXAmcOf8y6yV4c-WbjXmU@horde.lucabert.de> Hi list! I'm always trying to configure Dovecot to ask our LDAP-Server (AD) in order to authenticate the users. I really don'know what can I do wrong... I configured my Dovecot so: hosts = chimaera.company.local dn = CN=mailproxy,CN=Users,DC=company,DC=local dnpass = SECRET sasl_bind = no tls = no debug_level = -1 auth_bind = yes ldap_version = 3 base = dc=company,dc=local deref = never scope = subtree user_filter = (&(sAMAccountName=%n)(objectClass=user)) pass_attrs = userPassword=password pass_filter = (&(samAccountName=%n)(objectClass=user)) default_pass_scheme = CRYPT If I try to login in, with my login and password, I see with ngrep that Dovecot ask the AD for my data AND GET THEM, then I see: T 10.0.46.4:49204 -> 192.168.168.23:389 [AP] 0p...ck."DC=DomainDnsZones,DC=company,DC=local................4....samAccountName..bertoncello....objectClass..user0. # T 192.168.168.23:389 -> 10.0.46.4:49204 [AP] 0........e................000004DC: LdapErr: DSID-0C0906E8, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v1db1. This is what I see in Dovecot's log: -- Dipl. Inf. Luca Bertoncello Hartigstra?e 12 01127 Dresden Germany Tel: +49 351 4977290 Mobile: +49 177 3218409 Fax: +49 351 4977291 http://www.lucabert.de/ GPG-Key: http://www.lucabert.de/lucabert.asc E-Mail: lucabert at lucabert.de From lucabert at lucabert.de Tue Jun 23 09:31:34 2015 From: lucabert at lucabert.de (Luca Bertoncello) Date: Tue, 23 Jun 2015 09:31:34 +0000 Subject: Problem with LDAP... again... Message-ID: <20150623093134.Horde.k9h9Za4rugVjXVA8ao2qvdb@horde.lucabert.de> Hi list! I'm always trying to configure Dovecot to ask our LDAP-Server (AD) in order to authenticate the users. I really don'know what can I do wrong... I configured my Dovecot so: hosts = chimaera.company.local dn = CN=mailproxy,CN=Users,DC=company,DC=local dnpass = SECRET sasl_bind = no tls = no debug_level = -1 auth_bind = yes ldap_version = 3 base = dc=company,dc=local deref = never scope = subtree user_filter = (&(sAMAccountName=%n)(objectClass=user)) pass_attrs = userPassword=password pass_filter = (&(samAccountName=%n)(objectClass=user)) default_pass_scheme = CRYPT If I try to login in, with my login and password, I see with ngrep that Dovecot ask the AD for my data AND GET THEM, then I see: T 10.0.46.4:49204 -> 192.168.168.23:389 [AP] 0p...ck."DC=DomainDnsZones,DC=company,DC=local................4....samAccountName..bertoncello....objectClass..user0. # T 192.168.168.23:389 -> 10.0.46.4:49204 [AP] 0........e................000004DC: LdapErr: DSID-0C0906E8, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v1db1. This is what I see in Dovecot's log: Jun 23 11:26:43 proxy01 dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=imap#011secured#011session=7z8T/SsZ2AAKADPG#011lip=10.0.46.4#011rip=10.0.51.198#011lport=143#011rport=38104#011resp= Jun 23 11:26:43 proxy01 dovecot: auth: Debug: ldap(bertoncello,10.0.51.198,<7z8T/SsZ2AAKADPG>): bind search: base=dc=company,dc=local filter=(&(samAccountName=bertoncello)(objectClass=user)) Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_search Jun 23 11:26:43 proxy01 dovecot: auth: Error: put_filter: "(&(samAccountName=bertoncello)(objectClass=user))" Jun 23 11:26:43 proxy01 dovecot: auth: Error: put_filter: AND Jun 23 11:26:43 proxy01 dovecot: auth: Error: put_filter_list "(samAccountName=bertoncello)(objectClass=user)" Jun 23 11:26:43 proxy01 dovecot: auth: Error: put_filter: "(samAccountName=bertoncello)" Jun 23 11:26:43 proxy01 dovecot: auth: Error: put_filter: simple Jun 23 11:26:43 proxy01 dovecot: auth: Error: put_simple_filter: "samAccountName=bertoncello" Jun 23 11:26:43 proxy01 dovecot: auth: Error: put_filter: "(objectClass=user)" Jun 23 11:26:43 proxy01 dovecot: auth: Error: put_filter: simple Jun 23 11:26:43 proxy01 dovecot: auth: Error: put_simple_filter: "objectClass=user" Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_build_search_req ATTRS: Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_send_initial_request Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_send_server_request Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_result ld 0x1920bb0 msgid -1 Jun 23 11:26:43 proxy01 dovecot: auth: Error: wait4msg ld 0x1920bb0 msgid -1 (timeout 0 usec) Jun 23 11:26:43 proxy01 dovecot: auth: Error: wait4msg continue ld 0x1920bb0 msgid -1 all 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ** ld 0x1920bb0 Connections: Jun 23 11:26:43 proxy01 dovecot: auth: Error: * host: chimaera.company.local port: 389 (default) Jun 23 11:26:43 proxy01 dovecot: auth: Error: refcnt: 2 status: Connected Jun 23 11:26:43 proxy01 dovecot: auth: Error: last used: Tue Jun 23 11:26:43 2015 Jun 23 11:26:43 proxy01 dovecot: auth: Error: Jun 23 11:26:43 proxy01 dovecot: auth: Error: Jun 23 11:26:43 proxy01 dovecot: auth: Error: ** ld 0x1920bb0 Outstanding Requests: Jun 23 11:26:43 proxy01 dovecot: auth: Error: * msgid 2, origid 2, status InProgress Jun 23 11:26:43 proxy01 dovecot: auth: Error: outstanding referrals 0, parent count 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ld 0x1920bb0 request count 1 (abandoned 0) Jun 23 11:26:43 proxy01 dovecot: auth: Error: ** ld 0x1920bb0 Response Queue: Jun 23 11:26:43 proxy01 dovecot: auth: Error: Empty Jun 23 11:26:43 proxy01 dovecot: auth: Error: ld 0x1920bb0 response count 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_chkResponseList ld 0x1920bb0 msgid -1 all 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_chkResponseList returns ld 0x1920bb0 NULL Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_int_select Jun 23 11:26:43 proxy01 dovecot: auth: Error: read1msg: ld 0x1920bb0 msgid -1 all 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ber_get_next failed. Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_result ld 0x1920bb0 msgid -1 Jun 23 11:26:43 proxy01 dovecot: auth: Error: wait4msg ld 0x1920bb0 msgid -1 (timeout 0 usec) Jun 23 11:26:43 proxy01 dovecot: auth: Error: wait4msg continue ld 0x1920bb0 msgid -1 all 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ** ld 0x1920bb0 Connections: Jun 23 11:26:43 proxy01 dovecot: auth: Error: * host: chimaera.company.local port: 389 (default) Jun 23 11:26:43 proxy01 dovecot: auth: Error: refcnt: 2 status: Connected Jun 23 11:26:43 proxy01 dovecot: auth: Error: last used: Tue Jun 23 11:26:43 2015 Jun 23 11:26:43 proxy01 dovecot: auth: Error: Jun 23 11:26:43 proxy01 dovecot: auth: Error: Jun 23 11:26:43 proxy01 dovecot: auth: Error: ** ld 0x1920bb0 Outstanding Requests: Jun 23 11:26:43 proxy01 dovecot: auth: Error: * msgid 2, origid 2, status InProgress Jun 23 11:26:43 proxy01 dovecot: auth: Error: outstanding referrals 0, parent count 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ld 0x1920bb0 request count 1 (abandoned 0) Jun 23 11:26:43 proxy01 dovecot: auth: Error: ** ld 0x1920bb0 Response Queue: Jun 23 11:26:43 proxy01 dovecot: auth: Error: Empty Jun 23 11:26:43 proxy01 dovecot: auth: Error: ld 0x1920bb0 response count 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_chkResponseList ld 0x1920bb0 msgid -1 all 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_chkResponseList returns ld 0x1920bb0 NULL Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_int_select Jun 23 11:26:43 proxy01 dovecot: auth: Error: read1msg: ld 0x1920bb0 msgid -1 all 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: read1msg: ld 0x1920bb0 msgid 2 message type search-entry Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_result ld 0x1920bb0 msgid -1 Jun 23 11:26:43 proxy01 dovecot: auth: Error: wait4msg ld 0x1920bb0 msgid -1 (timeout 0 usec) Jun 23 11:26:43 proxy01 dovecot: auth: Error: wait4msg continue ld 0x1920bb0 msgid -1 all 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ** ld 0x1920bb0 Connections: Jun 23 11:26:43 proxy01 dovecot: auth: Error: * host: chimaera.company.local port: 389 (default) Jun 23 11:26:43 proxy01 dovecot: auth: Error: refcnt: 2 status: Connected Jun 23 11:26:43 proxy01 dovecot: auth: Error: last used: Tue Jun 23 11:26:43 2015 Jun 23 11:26:43 proxy01 dovecot: auth: Error: Jun 23 11:26:43 proxy01 dovecot: auth: Error: Jun 23 11:26:43 proxy01 dovecot: auth: Error: ** ld 0x1920bb0 Outstanding Requests: Jun 23 11:26:43 proxy01 dovecot: auth: Error: * msgid 2, origid 2, status InProgress Jun 23 11:26:43 proxy01 dovecot: auth: Error: outstanding referrals 0, parent count 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ld 0x1920bb0 request count 1 (abandoned 0) Jun 23 11:26:43 proxy01 dovecot: auth: Error: ** ld 0x1920bb0 Response Queue: Jun 23 11:26:43 proxy01 dovecot: auth: Error: Empty Jun 23 11:26:43 proxy01 dovecot: auth: Error: ld 0x1920bb0 response count 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_chkResponseList ld 0x1920bb0 msgid -1 all 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_chkResponseList returns ld 0x1920bb0 NULL Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_int_select Jun 23 11:26:43 proxy01 dovecot: auth: Error: read1msg: ld 0x1920bb0 msgid -1 all 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: read1msg: ld 0x1920bb0 msgid 2 message type search-reference Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_chase_v3referrals Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_url_parse_ext(ldap://DomainDnsZones.company.local/DC=DomainDnsZones,DC=company,DC=local) Jun 23 11:26:43 proxy01 dovecot: auth: Error: re_encode_request: new msgid 3, new dn Jun 23 11:26:43 proxy01 dovecot: auth: Error: re_encode_request new request is: Jun 23 11:26:43 proxy01 dovecot: auth: Error: ber_dump: buf=0x1934920 ptr=0x1934992 end=0x19358fc len=114 Jun 23 11:26:43 proxy01 dovecot: auth: Error: 0000: 65 72 30 00 65 72 30 00 00 00 00 00 00 00 00 00 er0.er0......... Jun 23 11:26:43 proxy01 dovecot: auth: Error: 0010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ Jun 23 11:26:43 proxy01 dovecot: auth: Error: 0020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ Jun 23 11:26:43 proxy01 dovecot: auth: Error: 0030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ Jun 23 11:26:43 proxy01 dovecot: auth: Error: 0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ Jun 23 11:26:43 proxy01 dovecot: auth: Error: 0050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ Jun 23 11:26:43 proxy01 dovecot: auth: Error: 0060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ Jun 23 11:26:43 proxy01 dovecot: auth: Error: 0070: 00 00 .. Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_chase_v3referral: msgid 2, url "ldap://DomainDnsZones.company.local/DC=DomainDnsZones,DC=company,DC=local" Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_send_server_request Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_new_connection 0 1 1 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_int_open_connection Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_connect_to_host: TCP DomainDnsZones.company.local:389 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_new_socket: 20 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_prepare_socket: 20 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_connect_to_host: Trying 192.168.168.26:389 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_pvt_connect: fd: 20 tm: -1 async: 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: attempting to connect: Jun 23 11:26:43 proxy01 dovecot: auth: Error: connect errno: 111 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_close_socket: 20 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_new_socket: 20 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_prepare_socket: 20 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_connect_to_host: Trying 192.168.168.23:389 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_pvt_connect: fd: 20 tm: -1 async: 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: attempting to connect: Jun 23 11:26:43 proxy01 dovecot: auth: Error: connect success Jun 23 11:26:43 proxy01 dovecot: auth: Error: anonymous rebind via ldap_sasl_bind("") Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_sasl_bind Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_send_initial_request Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_send_server_request Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_result ld 0x1920bb0 msgid 4 Jun 23 11:26:43 proxy01 dovecot: auth: Error: wait4msg ld 0x1920bb0 msgid 4 (timeout 100000 usec) Jun 23 11:26:43 proxy01 dovecot: auth: Error: wait4msg continue ld 0x1920bb0 msgid 4 all 1 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ** ld 0x1920bb0 Connections: Jun 23 11:26:43 proxy01 dovecot: auth: Error: * host: DomainDnsZones.company.local port: 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: refcnt: 2 status: Connected Jun 23 11:26:43 proxy01 dovecot: auth: Error: last used: Tue Jun 23 11:26:43 2015 Jun 23 11:26:43 proxy01 dovecot: auth: Error: rebind in progress Jun 23 11:26:43 proxy01 dovecot: auth: Error: queue is empty Jun 23 11:26:43 proxy01 dovecot: auth: Error: Jun 23 11:26:43 proxy01 dovecot: auth: Error: * host: chimaera.company.local port: 389 (default) Jun 23 11:26:43 proxy01 dovecot: auth: Error: refcnt: 3 status: Connected Jun 23 11:26:43 proxy01 dovecot: auth: Error: last used: Tue Jun 23 11:26:43 2015 Jun 23 11:26:43 proxy01 dovecot: auth: Error: Jun 23 11:26:43 proxy01 dovecot: auth: Error: Jun 23 11:26:43 proxy01 dovecot: auth: Error: ** ld 0x1920bb0 Outstanding Requests: Jun 23 11:26:43 proxy01 dovecot: auth: Error: * msgid 4, origid 4, status InProgress Jun 23 11:26:43 proxy01 dovecot: auth: Error: outstanding referrals 0, parent count 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: * msgid 2, origid 2, status InProgress Jun 23 11:26:43 proxy01 dovecot: auth: Error: outstanding referrals 1, parent count 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ld 0x1920bb0 request count 2 (abandoned 0) Jun 23 11:26:43 proxy01 dovecot: auth: Error: ** ld 0x1920bb0 Response Queue: Jun 23 11:26:43 proxy01 dovecot: auth: Error: Empty Jun 23 11:26:43 proxy01 dovecot: auth: Error: ld 0x1920bb0 response count 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_chkResponseList ld 0x1920bb0 msgid 4 all 1 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_chkResponseList returns ld 0x1920bb0 NULL Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_int_select Jun 23 11:26:43 proxy01 dovecot: auth: Error: read1msg: ld 0x1920bb0 msgid 4 all 1 Jun 23 11:26:43 proxy01 dovecot: auth: Error: read1msg: ld 0x1920bb0 msgid 2 message type search-reference Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_chase_v3referrals Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_url_parse_ext(ldap://ForestDnsZones.company.local/DC=ForestDnsZones,DC=company,DC=local) Jun 23 11:26:43 proxy01 dovecot: auth: Error: re_encode_request: new msgid 5, new dn Jun 23 11:26:43 proxy01 dovecot: auth: Error: re_encode_request new request is: Jun 23 11:26:43 proxy01 dovecot: auth: Error: ber_dump: buf=0x1936cc0 ptr=0x1936d32 end=0x1937c9c len=114 Jun 23 11:26:43 proxy01 dovecot: auth: Error: 0000: 65 72 30 00 65 72 30 00 00 00 00 00 00 00 00 00 er0.er0......... Jun 23 11:26:43 proxy01 dovecot: auth: Error: 0010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ Jun 23 11:26:43 proxy01 dovecot: auth: Error: 0020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ Jun 23 11:26:43 proxy01 dovecot: auth: Error: 0030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ Jun 23 11:26:43 proxy01 dovecot: auth: Error: 0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ Jun 23 11:26:43 proxy01 dovecot: auth: Error: 0050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ Jun 23 11:26:43 proxy01 dovecot: auth: Error: 0060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ Jun 23 11:26:43 proxy01 dovecot: auth: Error: 0070: 00 00 .. Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_chase_v3referral: msgid 2, url "ldap://ForestDnsZones.company.local/DC=ForestDnsZones,DC=company,DC=local" Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_send_server_request Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_new_connection 0 1 1 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_int_open_connection Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_connect_to_host: TCP ForestDnsZones.company.local:389 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_new_socket: 21 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_prepare_socket: 21 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_connect_to_host: Trying 192.168.168.18:389 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_pvt_connect: fd: 21 tm: -1 async: 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: attempting to connect: Jun 23 11:26:43 proxy01 dovecot: auth: Error: connect success Jun 23 11:26:43 proxy01 dovecot: auth: Error: anonymous rebind via ldap_sasl_bind("") Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_sasl_bind Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_send_initial_request Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_send_server_request Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_result ld 0x1920bb0 msgid 6 Jun 23 11:26:43 proxy01 dovecot: auth: Error: wait4msg ld 0x1920bb0 msgid 6 (timeout 100000 usec) Jun 23 11:26:43 proxy01 dovecot: auth: Error: wait4msg continue ld 0x1920bb0 msgid 6 all 1 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ** ld 0x1920bb0 Connections: Jun 23 11:26:43 proxy01 dovecot: auth: Error: * host: ForestDnsZones.company.local port: 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: refcnt: 2 status: Connected Jun 23 11:26:43 proxy01 dovecot: auth: Error: last used: Tue Jun 23 11:26:43 2015 Jun 23 11:26:43 proxy01 dovecot: auth: Error: rebind in progress Jun 23 11:26:43 proxy01 dovecot: auth: Error: queue is empty Jun 23 11:26:43 proxy01 dovecot: auth: Error: Jun 23 11:26:43 proxy01 dovecot: auth: Error: * host: DomainDnsZones.company.local port: 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: refcnt: 2 status: Connected Jun 23 11:26:43 proxy01 dovecot: auth: Error: last used: Tue Jun 23 11:26:43 2015 Jun 23 11:26:43 proxy01 dovecot: auth: Error: rebind in progress Jun 23 11:26:43 proxy01 dovecot: auth: Error: queue is empty Jun 23 11:26:43 proxy01 dovecot: auth: Error: Jun 23 11:26:43 proxy01 dovecot: auth: Error: * host: chimaera.company.local port: 389 (default) Jun 23 11:26:43 proxy01 dovecot: auth: Error: refcnt: 4 status: Connected Jun 23 11:26:43 proxy01 dovecot: auth: Error: last used: Tue Jun 23 11:26:43 2015 Jun 23 11:26:43 proxy01 dovecot: auth: Error: Jun 23 11:26:43 proxy01 dovecot: auth: Error: Jun 23 11:26:43 proxy01 dovecot: auth: Error: ** ld 0x1920bb0 Outstanding Requests: Jun 23 11:26:43 proxy01 dovecot: auth: Error: * msgid 6, origid 6, status InProgress Jun 23 11:26:43 proxy01 dovecot: auth: Error: outstanding referrals 0, parent count 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: * msgid 4, origid 4, status InProgress Jun 23 11:26:43 proxy01 dovecot: auth: Error: outstanding referrals 0, parent count 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: * msgid 2, origid 2, status InProgress Jun 23 11:26:43 proxy01 dovecot: auth: Error: outstanding referrals 2, parent count 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ld 0x1920bb0 request count 3 (abandoned 0) Jun 23 11:26:43 proxy01 dovecot: auth: Error: ** ld 0x1920bb0 Response Queue: I can't understand why it happens... I can't understand why Dovecot says anonymous rebind via ldap_sasl_bind(""), too... Thanks for your help! Luca Bertoncello From peljasz at yahoo.co.uk Tue Jun 23 09:36:26 2015 From: peljasz at yahoo.co.uk (lejeczek) Date: Tue, 23 Jun 2015 10:36:26 +0100 Subject: a temporary failure In-Reply-To: <55890867.5040701@univention.de> References: <5587C46A.2040604@yahoo.co.uk> <5588361E.6020008@yahoo.co.uk> <55890867.5040701@univention.de> Message-ID: <5589289A.8020604@yahoo.co.uk> On 23/06/15 08:19, Daniel Tr?der wrote: > Am 22.06.2015 um 18:21 schrieb lejeczek: >> On 22/06/15 09:16, lejeczek wrote: >>> dear all >>> >>> I have a postfix relaying to dovecot's lda but "strangely" it does not >>> work, I mean I imaging it's me doing something wrong, yet I cannot >>> figure out what. >>> >>> postfix logs: >>> >>> to=,orig_to=, relay=dovecot, >>> delay=39296, delays=39294/2.2/0/0.27, dsn=4.3.0, status=deferred >>> (temporary failure) >>> >>> and dovecot logs no error, despite having debug to yes in couple of >>> places, >>> it shows: >>> >>> auth: Debug: master in: USER 1 me at my.domain service=lda >>> auth-worker(25343): Debug: passwd(me at my.domain): lookup >>> auth-worker(25343): passwd(me at my.domain): unknown user >>> auth: Debug: ldap(me at my.domain): user search: >>> base=ou=People,dc=my,dc=domain scope=subtree >>> filter=(&(objectClass=person)(uid=me)) fields= >>> auth: Debug: ldap(me at my.domain): result: objectClass=top,top,top,top, >>> >>> ... here goes the whole lot of ldap atrribs, and at the end: >>> >>> unused. >>> >>> For passdb & userdb in the configs I only configure ldap backed, >>> nothing else. Ldap works, I can query it without failling. >>> I believe it's very simple set up but I must be wrong somewhere. >>> >>> >>> pass_filter = (&(objectClass=posixAccount)(uid=%n)) >>> pass_attrs = uid=user=%n,userPassword=password >>> >>> user_attrs = >>> =home=/var/spool/mail/%d/%n,=mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n >>> >>> user_filter = (&(objectClass=person)(uid=%n)) >>> >>> Any suggestions very appreciated. >>> thanks >>> >> strange thing is that an IMAP clients authenticates just fine. Only >> problems are when sending messages with smtp/postfix. > I had a similar problem. Turned out, that when the message comes from > Postfix, the identifier is an email address (surprise ;) and not a > username, so my LDAP query looks similar to this: > > user_filter = (&(objectClass=person)(|(uid=%u)(email=%u))) > > Anyway, when you set auth_verbose=yes and auth_debug=yes, in > 10-logging.conf you'll see the exact LDAP query. > yes, I've seen all the queries in my logs. The thing is that I was all this time able to ldapsearch that query successfully. when smtp send this gets to logs: auth: Debug: ldap(me at my.domain): pass search: base=ou=my.domain,ou=mail,dc=virtual,dc=hosting scope=subtree filter=(&(objectclass=person)(|(uid=me)(mail=me at my.domain))) fields=uid,userPassword auth: Debug: ldap(me at my.domain): result: uid=me userPassword=; uid,userPassword unused auth: Debug: ldap(me at my.domain): result: uid=me userPassword= auth: Fatal: master: service(auth): child 11831 killed with signal 11 (core dumped) and dovecot is: 2.2.10: /etc/dovecot/dovecot.conf # OS: Linux 3.10.0-229.4.2.el7.x86_64 x86_64 Scientific Linux release 7.1 (Nitrogen) xfs From dave at 661.org Tue Jun 23 10:48:22 2015 From: dave at 661.org (dave at 661.org) Date: Tue, 23 Jun 2015 10:48:22 +0000 (UTC) Subject: allowing shell users to change passwords Message-ID: Does anyone else here have a need to allow shell users to change their imap/pop3 passwords? I came up with a little thing that works similarly to regular passwd(1), dovepasswd, which can be found at https://github.com/DavidGriffith/dovepasswd. It does the job for me and I'd love for other people to take a look and give me some feedback. -- David Griffith dave at 661.org A: Because it fouls the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing in e-mail? From fzielcke at z-51.de Tue Jun 23 10:57:26 2015 From: fzielcke at z-51.de (Felix Zielcke) Date: Tue, 23 Jun 2015 12:57:26 +0200 Subject: allowing shell users to change passwords In-Reply-To: References: Message-ID: <1435057046.2403.4.camel@z-51.de> Am Dienstag, den 23.06.2015, 10:48 +0000 schrieb dave at 661.org: > Does anyone else here have a need to allow shell users to change > their > imap/pop3 passwords? I came up with a little thing that works > similarly > to regular passwd(1), dovepasswd, which can be found at > https://github.com/DavidGriffith/dovepasswd.?; It does the job for me > and > I'd love for other people to take a look and give me some feedback. > If you want you can add my attached script for the horde groupware and the passwd module of it. On my own server I'm the only ssh/shell user there. But for friends/family I want to have them able to change the passwords themself. And it looks like your dovepasswd is for normal passwd files like my horde script. This is just a quick&dirty one but it seems to work for me. Note that I only use SHA512-CRYPT scheme. But feel free to improve it. Needs to be enabled in the horde/passwd/backends.php config. -------------- next part -------------- A non-text attachment was scrubbed... Name: pw.sh Type: application/x-shellscript Size: 414 bytes Desc: not available URL: From peljasz at yahoo.co.uk Tue Jun 23 11:19:57 2015 From: peljasz at yahoo.co.uk (lejeczek) Date: Tue, 23 Jun 2015 12:19:57 +0100 Subject: a temporary failure In-Reply-To: References: <5587C46A.2040604@yahoo.co.uk> <5587C7A7.8090902@yahoo.co.uk> <5587D235.20709@yahoo.co.uk> Message-ID: <558940DD.8010506@yahoo.co.uk> On 23/06/15 09:32, Steffen Kaiser wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Mon, 22 Jun 2015, lejeczek wrote: >> On 22/06/15 09:43, Steffen Kaiser wrote: >>> On Mon, 22 Jun 2015, lejeczek wrote: >>>> On 22/06/15 09:16, lejeczek wrote: >>>>> >>>>> to=,orig_to=, >>>>> relay=dovecot, delay=39296, delays=39294/2.2/0/0.27, >>>>> dsn=4.3.0, status=deferred (temporary failure) >>>>> >>>>> and dovecot logs no error, despite having debug to yes >>>>> in couple of places, >>>>> it shows: >>>>> >>>>> auth: Debug: master in: USER 1 me at my.domain >>>>> service=lda >>>>> auth-worker(25343): Debug: passwd(me at my.domain): lookup >>>>> auth-worker(25343): passwd(me at my.domain): unknown user >>>>> auth: Debug: ldap(me at my.domain): user search: >>>>> base=ou=People,dc=my,dc=domain scope=subtree >>>>> filter=(&(objectClass=person)(uid=me)) fields= >>>>> auth: Debug: ldap(me at my.domain): result: >>>>> objectClass=top,top,top,top, >>>>> >>>>> ... here goes the whole lot of ldap atrribs, and at >>>>> the end: >>>>> >>>>> unused. >>>>> >>>>> For passdb & userdb in the configs I only configure >>>>> ldap backed, nothing else. Ldap works, I can query it >>>>> without failling. >>>>> I believe it's very simple set up but I must be wrong >>>>> somewhere. >>>>> >>>>> pass_filter = (&(objectClass=posixAccount)(uid=%n)) >>>>> pass_attrs = uid=user=%n,userPassword=password >>> >>> Use either uid=user oder =user=%n but not uid=user=%n. I >>> would use uid=user, so the user cannot specify the case >>> of the username. >>> >>>>> user_attrs = >>>>> =home=/var/spool/mail/%d/%n,=mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n >>>>> user_filter = (&(objectClass=person)(uid=%n)) >>>>> >>>> even stranger, if I use(along with ldap in configs): >>> >>> Please post: >>> >>> complete doveconf -n >>> and the complete LDAP config being referenced by the >>> config. >>> >>>> userdb { >>>> driver = static >>>> args = uid=vmail gid=mail home=/var/spool/mail/%d/%n >>>> mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n >>>> sieve_storage=/var/spool/mail/%d/%n/SIEVE >>>> sieve=/var/spool/mail/%d/%n/dovecot.sieve >>>> } >>>> >>>> dovecot start to core dump: >>>> >>>> auth: Fatal: master: service(auth): child 9188 killed >>>> with signal 11 (core dumped) >> >> auth_debug = yes > > The first lines should be something like this: > > # 2.2.18 (8906101589f9): > /usr/local/dovecot-2.2.18/etc/dovecot/dovecot.conf > # Pigeonhole version 0.4.8 (3df7e50f986d) > # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.10 > > What version are you using? > >> auth_mechanisms = login >> auth_verbose = yes >> first_valid_uid = 999 >> mail_debug = yes >> mail_location = maildir:/var/spool/mail/my.domain/%u/Maildir >> mail_uid = vmail >> managesieve_notify_capability = mailto >> managesieve_sieve_capability = fileinto reject envelope >> encoded-character vacation subaddress >> comparator-i;ascii-numeric relational regex imap4flags >> copy include variables body enotify environment mailbox >> date ihave >> mbox_write_locks = fcntl >> namespace inbox { >> inbox = yes >> location = >> mailbox Drafts { >> special_use = \Drafts >> } >> mailbox Junk { >> special_use = \Junk >> } >> mailbox Sent { >> special_use = \Sent >> } >> mailbox "Sent Messages" { >> special_use = \Sent >> } >> mailbox Trash { >> special_use = \Trash >> } >> prefix = >> } >> passdb { >> driver = pam >> } > > Did you've removed or commented the line : > > 10-auth.conf:#!include auth-system.conf.ext > > ? > >> passdb { >> args = /etc/dovecot/ldap-passdb-my.domain.conf >> driver = ldap >> } >> plugin { >> sieve = ~/.dovecot.sieve >> sieve_dir = ~/sieve >> sieve_storage = SIEVE >> } >> protocols = imap sieve >> service auth { >> unix_listener /var/spool/postfix/private/auth { >> group = mail >> mode = 0660 >> user = vmail >> } >> unix_listener auth-userdb { >> group = mail >> mode = 0660 >> user = vmail >> } >> } >> service imap-login { >> inet_listener imap { >> port = 143 >> } >> inet_listener imaps { >> port = 993 >> } >> } >> ssl = required >> ssl_cert = > ssl_key = > userdb { >> driver = passwd >> } >> userdb { >> args = /etc/dovecot/ldap-userdb-my.domain.conf >> driver = ldap >> } >> protocol lmtp { >> mail_plugins = " sieve" >> } >> protocol lda { >> mail_plugins = " sieve" >> } >> >> #ldap-passdb >> hosts = localhost >> uris = ldap://localhost:389/ >> ldap_version = 3 >> base = ou=People,dc=my,dc=domain >> dn = cn=Manager,dc=my,dc=domain >> dnpass = my.pass >> auth_bind = no >> pass_attrs = uid=%n,userPassword=password > > uid=%n makes no sense. Please use just: > > pass_attrs = userPassword=password > >> pass_filter = (&(objectClass=posixAccount)(uid=%n)) >> >> >> #ldap-userdb >> hosts = localhost >> uris = ldap://localhost:389/ >> ldap_version = 3 >> base = ou=People,dc=my,dc=domain >> dn = cn=Manager,dc=my,dc=domain >> dnpass = my.pass >> auth_bind = no >> user_attrs = >> =home=/var/spool/mail/%d/%n,=mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n >> user_filter = (&(objectClass=person)(uid=%n)) >> default_pass_scheme = SSHA >> >> It cannot be postfix if it relays and dovecots gets these >> relays. Can it be? > > I have tried your config with above mentioned version, > with LDAP as only passdb and userdb and these LDAP-settings: > > hosts = localhost > auth_bind = yes > base = > deref = searching > user_attrs = > =home=/var/spool/mail/%d/%n,=mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n > user_filter = (&(objectClass=fhMailAlias)(uid=%n)) > pass_attrs = userPassword=password > pass_filter = > (&(objectClass=fhMailAlias)(uid=%Ln)(!(deniedService=%Ls))) > iterate_filter = (objectClass=fhMailAlias) > > Note the pass_attrs. Then I submitted a new message with: > > socat stdin UNIX:/var/run/dovecot2.2/lmtp > LHLO loc > mail from: > rcpt to: > data > Subject: 1 > > 1 > . > > successfully. Maildir was created and message spooled to > /var/spool/mail/example.com/other/Maildir. Then I logged > in via IMAP successfully as well. > > I also tried the other order: reload Dovecot to flush any > caches, log in via IMAP and submit via LMTP. > > You should however note the following: > > Both filters treat users "me at example.com" and > "me at localhost.localdomain" as the same user, because they > match the same LDAP item (uid=%n), however the directories > of the users _should_ differ, but they won't as long as > the user's information is cached in the auth cache. > > That means: > > doveadm auch cache flush > doveadm user me at example.net > doveadm user me at example.com > > returns the date for me at example.net in both cases and > > doveadm auch cache flush > doveadm user me at example.com > doveadm user me at example.net > > returns the data for me at example.com in both cases. it's weird I know, I do: # doveadm auth test -x service=smtp -x rip=172.25.12.214 me at my.domain Password: passdb: me at my.domain auth succeeded extra fields: user=me at my.domain and in the logs: auth-worker(32531): Debug: pam(me at my.domain,172.25.12.214): lookup service=dovecot auth-worker(32531): Debug: pam(me at my.domain,172.25.12.214): #1/1 style=1 msg=Password: pam_unix(dovecot:auth): check pass; user unknown pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=me at my.domain rhost=172.25.12.214 auth-worker(32531): pam(me at my.domain,172.25.12.214): unknown user auth: Debug: ldap(me at my.domain,172.25.12.214): pass search: base=ou=spotdepression.org,ou=mail,dc=virtual,dc=hosting scope=subtree filter=(&(objectclass=person)(|(uid=info)(mail=me at my.domain))) fields=uid,userPassword auth: Debug: ldap(me at my.domain,172.25.12.214): result: uid=info userPassword=; uid,userPassword unused auth: Debug: ldap(me at my.domain,172.25.12.214): result: uid=info userPassword= auth: Debug: client passdb out: OK 1 user=me at my.domain so it seems fine, right? only I do simple test on that dovecot locally echo repli_test | mail -s "repl test" my at my.domain to get: auth-worker(365): Debug: passwd(me at my.domain): lookup auth-worker(365): passwd(me at my.domain): unknown user auth: Debug: password(me at my.domain): passdb doesn't support credential lookups auth: Debug: ldap(me at my.domain): pass search: base=ou=spotdepression.org,ou=mail,dc=virtual,dc=hosting scope=subtree filter=(&(objectclass=person)(|(uid=info)(mail=me at my.domain))) fields=uid,userPassword auth: Debug: ldap(me at my.domain): result: uid=info userPassword=; uid,userPassword unused auth: Debug: ldap(me at my.domain): result: uid=info userPassword= auth: Fatal: master: service(auth): child 364 killed with signal 11 (core dumped) the same error with: doveadm user me at my.domain so it's must be userdb, right? maybe it's postfix twisting something? > > - -- Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iQEVAwUBVYkZtnz1H7kL/d9rAQIZEQf6AsT93VQg1bvF+kla4q9m/0cFlZpAEzDl > > t4V1XwiYUENBCCvXuxKpY1QvKCKVwryS+GUbPh0eP0t+Rjl6bOT1wP4qwkOlRIkN > > V6kmx6sBabdObTUgI1kl07ss2vt0MVzjFh5WDRPz6Z/UzKRIGkuphzksVle14GDG > > UefgtdOYhR+Mfn0nRil2FOSFbWnMgR/9rkKEBr7Ou4vxgU7BF1nfOUA/bmc/tEF+ > > oMuNkq8xdsKmuN5AhbIghUr3o4DARW0KnLCo4uUJTx7BRreO651Cw4K3fwKlRyAu > > Pvt4NqxAkJ2Iyu0lFc60xkN0RX+vndfqGOwfIwRYhiBIbX03Cvesaw== > =Hn9X > -----END PGP SIGNATURE----- > From skdovecot at smail.inf.fh-brs.de Tue Jun 23 12:10:30 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Tue, 23 Jun 2015 14:10:30 +0200 (CEST) Subject: a temporary failure In-Reply-To: <558940DD.8010506@yahoo.co.uk> References: <5587C46A.2040604@yahoo.co.uk> <5587C7A7.8090902@yahoo.co.uk> <5587D235.20709@yahoo.co.uk> <558940DD.8010506@yahoo.co.uk> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 23 Jun 2015, lejeczek wrote: > On 23/06/15 09:32, Steffen Kaiser wrote: >> On Mon, 22 Jun 2015, lejeczek wrote: >>> On 22/06/15 09:43, Steffen Kaiser wrote: >>>> On Mon, 22 Jun 2015, lejeczek wrote: >>>>> On 22/06/15 09:16, lejeczek wrote: >>>>>> >>>>>> to=,orig_to=, relay=dovecot, delay=39296, >>>>>> delays=39294/2.2/0/0.27, dsn=4.3.0, status=deferred (temporary failure) >>>>>> >>>>>> and dovecot logs no error, despite having debug to yes in couple of >>>>>> places, >>>>>> it shows: >>>>>> >>>>>> auth: Debug: master in: USER 1 me at my.domain service=lda >>>>>> auth-worker(25343): Debug: passwd(me at my.domain): lookup >>>>>> auth-worker(25343): passwd(me at my.domain): unknown user >>>>>> auth: Debug: ldap(me at my.domain): user search: >>>>>> base=ou=People,dc=my,dc=domain scope=subtree >>>>>> filter=(&(objectClass=person)(uid=me)) fields= >>>>>> auth: Debug: ldap(me at my.domain): result: objectClass=top,top,top,top, >>>>>> >>>>>> ... here goes the whole lot of ldap atrribs, and at the end: >>>>>> >>>>>> unused. >>>>>> >>>>>> For passdb & userdb in the configs I only configure ldap backed, >>>>>> nothing else. Ldap works, I can query it without failling. >>>>>> I believe it's very simple set up but I must be wrong somewhere. >>>>>> >>>>>> pass_filter = (&(objectClass=posixAccount)(uid=%n)) >>>>>> pass_attrs = uid=user=%n,userPassword=password >>>> >>>> Use either uid=user oder =user=%n but not uid=user=%n. I would use >>>> uid=user, so the user cannot specify the case of the username. >>>> >>>>>> user_attrs = >>>>>> =home=/var/spool/mail/%d/%n,=mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n >>>>>> user_filter = (&(objectClass=person)(uid=%n)) >>>>>> >>>>> even stranger, if I use(along with ldap in configs): >>>> >>>> Please post: >>>> >>>> complete doveconf -n >>>> and the complete LDAP config being referenced by the config. >>>> >>>>> userdb { >>>>> driver = static >>>>> args = uid=vmail gid=mail home=/var/spool/mail/%d/%n >>>>> mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n >>>>> sieve_storage=/var/spool/mail/%d/%n/SIEVE >>>>> sieve=/var/spool/mail/%d/%n/dovecot.sieve >>>>> } >>>>> >>>>> dovecot start to core dump: >>>>> >>>>> auth: Fatal: master: service(auth): child 9188 killed with signal 11 >>>>> (core dumped) >>> >>> auth_debug = yes >> >> The first lines should be something like this: >> >> # 2.2.18 (8906101589f9): /usr/local/dovecot-2.2.18/etc/dovecot/dovecot.conf >> # Pigeonhole version 0.4.8 (3df7e50f986d) >> # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.10 >> >> What version are you using? >> >>> auth_mechanisms = login >>> auth_verbose = yes >>> first_valid_uid = 999 >>> mail_debug = yes >>> mail_location = maildir:/var/spool/mail/my.domain/%u/Maildir >>> mail_uid = vmail >>> managesieve_notify_capability = mailto >>> managesieve_sieve_capability = fileinto reject envelope encoded-character >>> vacation subaddress comparator-i;ascii-numeric relational regex imap4flags >>> copy include variables body enotify environment mailbox date ihave >>> mbox_write_locks = fcntl >>> namespace inbox { >>> inbox = yes >>> location = >>> mailbox Drafts { >>> special_use = \Drafts >>> } >>> mailbox Junk { >>> special_use = \Junk >>> } >>> mailbox Sent { >>> special_use = \Sent >>> } >>> mailbox "Sent Messages" { >>> special_use = \Sent >>> } >>> mailbox Trash { >>> special_use = \Trash >>> } >>> prefix = >>> } >>> passdb { >>> driver = pam >>> } >> >> Did you've removed or commented the line : >> >> 10-auth.conf:#!include auth-system.conf.ext >> >> ? >> >>> passdb { >>> args = /etc/dovecot/ldap-passdb-my.domain.conf >>> driver = ldap >>> } >>> plugin { >>> sieve = ~/.dovecot.sieve >>> sieve_dir = ~/sieve >>> sieve_storage = SIEVE >>> } >>> protocols = imap sieve >>> service auth { >>> unix_listener /var/spool/postfix/private/auth { >>> group = mail >>> mode = 0660 >>> user = vmail >>> } >>> unix_listener auth-userdb { >>> group = mail >>> mode = 0660 >>> user = vmail >>> } >>> } >>> service imap-login { >>> inet_listener imap { >>> port = 143 >>> } >>> inet_listener imaps { >>> port = 993 >>> } >>> } >>> ssl = required >>> ssl_cert = >> ssl_key = >> userdb { >>> driver = passwd >>> } >>> userdb { >>> args = /etc/dovecot/ldap-userdb-my.domain.conf >>> driver = ldap >>> } >>> protocol lmtp { >>> mail_plugins = " sieve" >>> } >>> protocol lda { >>> mail_plugins = " sieve" >>> } >>> >>> #ldap-passdb >>> hosts = localhost >>> uris = ldap://localhost:389/ >>> ldap_version = 3 >>> base = ou=People,dc=my,dc=domain >>> dn = cn=Manager,dc=my,dc=domain >>> dnpass = my.pass >>> auth_bind = no >>> pass_attrs = uid=%n,userPassword=password >> >> uid=%n makes no sense. Please use just: >> >> pass_attrs = userPassword=password >> >>> pass_filter = (&(objectClass=posixAccount)(uid=%n)) >>> >>> >>> #ldap-userdb >>> hosts = localhost >>> uris = ldap://localhost:389/ >>> ldap_version = 3 >>> base = ou=People,dc=my,dc=domain >>> dn = cn=Manager,dc=my,dc=domain >>> dnpass = my.pass >>> auth_bind = no >>> user_attrs = >>> =home=/var/spool/mail/%d/%n,=mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n >>> user_filter = (&(objectClass=person)(uid=%n)) >>> default_pass_scheme = SSHA >>> >>> It cannot be postfix if it relays and dovecots gets these relays. Can it >>> be? >> >> I have tried your config with above mentioned version, with LDAP as only >> passdb and userdb and these LDAP-settings: >> >> hosts = localhost >> auth_bind = yes >> base = >> deref = searching >> user_attrs = >> =home=/var/spool/mail/%d/%n,=mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n >> user_filter = (&(objectClass=fhMailAlias)(uid=%n)) >> pass_attrs = userPassword=password >> pass_filter = (&(objectClass=fhMailAlias)(uid=%Ln)(!(deniedService=%Ls))) >> iterate_filter = (objectClass=fhMailAlias) >> >> Note the pass_attrs. Then I submitted a new message with: >> >> socat stdin UNIX:/var/run/dovecot2.2/lmtp >> LHLO loc >> mail from: >> rcpt to: >> data >> Subject: 1 >> >> 1 >> . >> >> successfully. Maildir was created and message spooled to >> /var/spool/mail/example.com/other/Maildir. Then I logged in via IMAP >> successfully as well. >> >> I also tried the other order: reload Dovecot to flush any caches, log in >> via IMAP and submit via LMTP. >> >> You should however note the following: >> >> Both filters treat users "me at example.com" and "me at localhost.localdomain" as >> the same user, because they match the same LDAP item (uid=%n), however the >> directories of the users _should_ differ, but they won't as long as the >> user's information is cached in the auth cache. >> >> That means: >> >> doveadm auch cache flush >> doveadm user me at example.net >> doveadm user me at example.com >> >> returns the date for me at example.net in both cases and >> >> doveadm auch cache flush >> doveadm user me at example.com >> doveadm user me at example.net >> >> returns the data for me at example.com in both cases. > it's weird I know, I do: > > # doveadm auth test -x service=smtp -x rip=172.25.12.214 me at my.domain > Password: > passdb: me at my.domain auth succeeded > extra fields: > user=me at my.domain > > and in the logs: > > auth-worker(32531): Debug: pam(me at my.domain,172.25.12.214): lookup > service=dovecot > auth-worker(32531): Debug: pam(me at my.domain,172.25.12.214): #1/1 style=1 > msg=Password: > pam_unix(dovecot:auth): check pass; user unknown > pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 > tty=dovecot ruser=me at my.domain rhost=172.25.12.214 > auth-worker(32531): pam(me at my.domain,172.25.12.214): unknown user > auth: Debug: ldap(me at my.domain,172.25.12.214): pass search: > base=ou=spotdepression.org,ou=mail,dc=virtual,dc=hosting scope=subtree > filter=(&(objectclass=person)(|(uid=info)(mail=me at my.domain))) > fields=uid,userPassword > auth: Debug: ldap(me at my.domain,172.25.12.214): result: uid=info > userPassword=; uid,userPassword unused > auth: Debug: ldap(me at my.domain,172.25.12.214): result: uid=info > userPassword= > auth: Debug: client passdb out: OK 1 user=me at my.domain > > so it seems fine, right? > only I do simple test on that dovecot locally > > echo repli_test | mail -s "repl test" my at my.domain > > to get: > > auth-worker(365): Debug: passwd(me at my.domain): lookup > auth-worker(365): passwd(me at my.domain): unknown user > auth: Debug: password(me at my.domain): passdb doesn't support credential > lookups > auth: Debug: ldap(me at my.domain): pass search: > base=ou=spotdepression.org,ou=mail,dc=virtual,dc=hosting scope=subtree > filter=(&(objectclass=person)(|(uid=info)(mail=me at my.domain))) > fields=uid,userPassword > auth: Debug: ldap(me at my.domain): result: uid=info userPassword=; > uid,userPassword unused > auth: Debug: ldap(me at my.domain): result: uid=info userPassword= > auth: Fatal: master: service(auth): child 364 killed with signal 11 (core > dumped) > > the same error with: > doveadm user me at my.domain > > so it's must be userdb, right? No, you've authentificated before and some data are now in the auth cache, which are used by the userdb, too. 1) You do not have no system users, right? Then remove the passwd userdb and pam passdb. 2) Did you removed the "uid=user=%n" from pass_attr? There might be fixes since 2.2.10: changeset: 18538:d3332ee1d26a user: Timo Sirainen date: Thu May 07 17:18:44 2015 +0300 files: src/auth/auth-worker-client.c description: auth: Added assert to make sure previous change is correct. changeset: 18537:8a3da4ef590f user: Timo Sirainen date: Thu May 07 11:27:55 2015 +0300 files: src/auth/auth-worker-client.c description: auth: Fixed credentials lookups via auth-workers when no actual password was returned. For example LDAP lookup with auth_bind=yes should still return any extra fields. changeset: 18536:5dc00179dd60 user: Timo Sirainen date: Thu May 07 11:21:33 2015 +0300 files: src/auth/passdb-ldap.c description: ldap auth: If password is already verified (e.g. master user login), skip LDAP auth binding. This happens only if auth_bind_userdn isn't set, i.e. it only makes sense if the LDAP DN lookup also returns some extra fields. changeset: 18402:635f9c7d5991 user: Timo Sirainen date: Mon Apr 13 20:38:10 2015 +0300 files: src/auth/auth-request.c description: auth: If passdb/userdb changes the username, add the changed username also to the cache. changeset: 18401:08b2f79e8212 user: Timo Sirainen date: Mon Apr 13 20:37:48 2015 +0300 files: src/auth/auth-request.c description: auth: Setting userdb fields from cache didn't set handle any special fields. The special fields were relatively rarely used though. changeset: 18364:3546457ae3fb user: Timo Sirainen date: Tue Mar 17 17:30:33 2015 +0200 files: src/auth/db-ldap.c description: auth ldap: Crashfixes for earlier changes. Hopefully works correctly now changeset: 18363:a4acf88b0c91 user: Timo Sirainen date: Tue Mar 17 10:49:20 2015 +0200 files: src/auth/db-ldap.c description: auth ldap: Fixed crash when handling invalid SSL option. changeset: 18362:870cb73e5960 user: Timo Sirainen date: Tue Mar 17 09:58:03 2015 +0200 files: src/auth/db-ldap.c src/auth/db-ldap.h description: auth ldap: Fixed assert-crash when both passdb ldap and userdb ldap was used changeset: 18361:0a17875f0ece user: Timo Sirainen date: Mon Mar 16 23:25:34 2015 +0200 files: src/auth/db-ldap.c src/auth/db-ldap.h src/auth/passdb-ldap.c src/auth/userdb-ldap.c description: auth ldap: Start LDAP connection only after auth process initialization is finished. This way even if connecting to LDAP takes a while it won't cause the master process to kill the auth process due to it not sending the startup "I'm ok" notification early enough. changeset: 18360:d9a0d4f4f4b6 user: Timo Sirainen date: Mon Mar 16 23:21:05 2015 +0200 files: src/auth/db-ldap.c description: auth ldap: Make sure config file path is included in all fatal error messages. changeset: 18359:ec2e7ae958c5 user: Timo Sirainen date: Mon Mar 16 23:17:39 2015 +0200 files: src/auth/db-ldap.c description: auth ldap: If any tls_* settings are given when they're not supported, fail with fatal instead of just warning. These may be important for intended security, especially tls_cipher_suite. We shouldn't allow setting them and then somewhat silently just ignore them. .... - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVYlMtnz1H7kL/d9rAQJA1gf9FQqfLMutqbE1BWYGzg15tLIT9kH7Nfwu bwA16Er3lVehuEk1GnmbsJxlVmcz96Yei7MFUAOcNmjM9x0JqLj/Jp5LiXKlHa0+ ZAzF+ivMij9wsNlFzPCb9M16B92GaGd6Q8d4ud0Wd5IeQuC/+Vs5avPcgGKdCxon ygqZPeFBhXZDLCxnfgcKuW05lO+mlgkD6zXcywfMLDpjwHwy1EOchGJ+ciwdaZky tKYj3ZPXrDLzIl2sBwXNOEeFpsIQR+FRH1Llje3+coVbvWK09DM6HKa8ynts2YmN pDgQph43yOTgv27LlUMcN80HjNknHjg0sLw05OtJoVt+ZDVOSZTxug== =wlvQ -----END PGP SIGNATURE----- From edward at 4angle.com Tue Jun 23 12:41:32 2015 From: edward at 4angle.com (Edward Betts) Date: Tue, 23 Jun 2015 13:41:32 +0100 Subject: dovecot auth using 100% CPU In-Reply-To: <000301d0ac0c$5dc23ca0$1946b5e0$@jorge@decimal.pt> References: <20150621094148.GA8593@4angle.com> <000301d0ac0c$5dc23ca0$1946b5e0$@jorge@decimal.pt> Message-ID: <20150623124131.GA31703@4angle.com> Jorge Bastos wrote: > What do you see in the logs? > My guess is that someone is trying a brute force auth against you, Thanks Jorge, I think this is the answer. I'm using dovecot for exim4 SMTP authentication. The exim4 logs show brute force attacks. -- Edward. From peljasz at yahoo.co.uk Tue Jun 23 13:02:53 2015 From: peljasz at yahoo.co.uk (lejeczek) Date: Tue, 23 Jun 2015 14:02:53 +0100 Subject: a temporary failure In-Reply-To: References: <5587C46A.2040604@yahoo.co.uk> <5587C7A7.8090902@yahoo.co.uk> <5587D235.20709@yahoo.co.uk> <558940DD.8010506@yahoo.co.uk> Message-ID: <558958FD.4020600@yahoo.co.uk> On 23/06/15 13:10, Steffen Kaiser wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Tue, 23 Jun 2015, lejeczek wrote: >> On 23/06/15 09:32, Steffen Kaiser wrote: >>> On Mon, 22 Jun 2015, lejeczek wrote: >>>> On 22/06/15 09:43, Steffen Kaiser wrote: >>>>> On Mon, 22 Jun 2015, lejeczek wrote: >>>>>> On 22/06/15 09:16, lejeczek wrote: >>>>>>> >>>>>>> to=,orig_to=, >>>>>>> relay=dovecot, delay=39296, delays=39294/2.2/0/0.27, >>>>>>> dsn=4.3.0, status=deferred (temporary failure) >>>>>>> >>>>>>> and dovecot logs no error, despite having debug to >>>>>>> yes in couple of places, >>>>>>> it shows: >>>>>>> >>>>>>> auth: Debug: master in: USER 1 me at my.domain >>>>>>> service=lda >>>>>>> auth-worker(25343): Debug: passwd(me at my.domain): lookup >>>>>>> auth-worker(25343): passwd(me at my.domain): unknown user >>>>>>> auth: Debug: ldap(me at my.domain): user search: >>>>>>> base=ou=People,dc=my,dc=domain scope=subtree >>>>>>> filter=(&(objectClass=person)(uid=me)) fields= >>>>>>> auth: Debug: ldap(me at my.domain): result: >>>>>>> objectClass=top,top,top,top, >>>>>>> >>>>>>> ... here goes the whole lot of ldap atrribs, and at >>>>>>> the end: >>>>>>> >>>>>>> unused. >>>>>>> >>>>>>> For passdb & userdb in the configs I only configure >>>>>>> ldap backed, nothing else. Ldap works, I can query >>>>>>> it without failling. >>>>>>> I believe it's very simple set up but I must be >>>>>>> wrong somewhere. >>>>>>> >>>>>>> pass_filter = (&(objectClass=posixAccount)(uid=%n)) >>>>>>> pass_attrs = uid=user=%n,userPassword=password >>>>> >>>>> Use either uid=user oder =user=%n but not uid=user=%n. >>>>> I would use uid=user, so the user cannot specify the >>>>> case of the username. >>>>> >>>>>>> user_attrs = >>>>>>> =home=/var/spool/mail/%d/%n,=mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n >>>>>>> user_filter = (&(objectClass=person)(uid=%n)) >>>>>>> >>>>>> even stranger, if I use(along with ldap in configs): >>>>> >>>>> Please post: >>>>> >>>>> complete doveconf -n >>>>> and the complete LDAP config being referenced by the >>>>> config. >>>>> >>>>>> userdb { >>>>>> driver = static >>>>>> args = uid=vmail gid=mail home=/var/spool/mail/%d/%n >>>>>> mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n >>>>>> sieve_storage=/var/spool/mail/%d/%n/SIEVE >>>>>> sieve=/var/spool/mail/%d/%n/dovecot.sieve >>>>>> } >>>>>> >>>>>> dovecot start to core dump: >>>>>> >>>>>> auth: Fatal: master: service(auth): child 9188 killed >>>>>> with signal 11 (core dumped) >>>> >>>> auth_debug = yes >>> >>> The first lines should be something like this: >>> >>> # 2.2.18 (8906101589f9): >>> /usr/local/dovecot-2.2.18/etc/dovecot/dovecot.conf >>> # Pigeonhole version 0.4.8 (3df7e50f986d) >>> # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.10 >>> >>> What version are you using? >>> >>>> auth_mechanisms = login >>>> auth_verbose = yes >>>> first_valid_uid = 999 >>>> mail_debug = yes >>>> mail_location = >>>> maildir:/var/spool/mail/my.domain/%u/Maildir >>>> mail_uid = vmail >>>> managesieve_notify_capability = mailto >>>> managesieve_sieve_capability = fileinto reject envelope >>>> encoded-character vacation subaddress >>>> comparator-i;ascii-numeric relational regex imap4flags >>>> copy include variables body enotify environment mailbox >>>> date ihave >>>> mbox_write_locks = fcntl >>>> namespace inbox { >>>> inbox = yes >>>> location = >>>> mailbox Drafts { >>>> special_use = \Drafts >>>> } >>>> mailbox Junk { >>>> special_use = \Junk >>>> } >>>> mailbox Sent { >>>> special_use = \Sent >>>> } >>>> mailbox "Sent Messages" { >>>> special_use = \Sent >>>> } >>>> mailbox Trash { >>>> special_use = \Trash >>>> } >>>> prefix = >>>> } >>>> passdb { >>>> driver = pam >>>> } >>> >>> Did you've removed or commented the line : >>> >>> 10-auth.conf:#!include auth-system.conf.ext >>> >>> ? >>> >>>> passdb { >>>> args = /etc/dovecot/ldap-passdb-my.domain.conf >>>> driver = ldap >>>> } >>>> plugin { >>>> sieve = ~/.dovecot.sieve >>>> sieve_dir = ~/sieve >>>> sieve_storage = SIEVE >>>> } >>>> protocols = imap sieve >>>> service auth { >>>> unix_listener /var/spool/postfix/private/auth { >>>> group = mail >>>> mode = 0660 >>>> user = vmail >>>> } >>>> unix_listener auth-userdb { >>>> group = mail >>>> mode = 0660 >>>> user = vmail >>>> } >>>> } >>>> service imap-login { >>>> inet_listener imap { >>>> port = 143 >>>> } >>>> inet_listener imaps { >>>> port = 993 >>>> } >>>> } >>>> ssl = required >>>> ssl_cert = >>> ssl_key = >>> userdb { >>>> driver = passwd >>>> } >>>> userdb { >>>> args = /etc/dovecot/ldap-userdb-my.domain.conf >>>> driver = ldap >>>> } >>>> protocol lmtp { >>>> mail_plugins = " sieve" >>>> } >>>> protocol lda { >>>> mail_plugins = " sieve" >>>> } >>>> >>>> #ldap-passdb >>>> hosts = localhost >>>> uris = ldap://localhost:389/ >>>> ldap_version = 3 >>>> base = ou=People,dc=my,dc=domain >>>> dn = cn=Manager,dc=my,dc=domain >>>> dnpass = my.pass >>>> auth_bind = no >>>> pass_attrs = uid=%n,userPassword=password >>> >>> uid=%n makes no sense. Please use just: >>> >>> pass_attrs = userPassword=password >>> >>>> pass_filter = (&(objectClass=posixAccount)(uid=%n)) >>>> >>>> >>>> #ldap-userdb >>>> hosts = localhost >>>> uris = ldap://localhost:389/ >>>> ldap_version = 3 >>>> base = ou=People,dc=my,dc=domain >>>> dn = cn=Manager,dc=my,dc=domain >>>> dnpass = my.pass >>>> auth_bind = no >>>> user_attrs = >>>> =home=/var/spool/mail/%d/%n,=mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n >>>> user_filter = (&(objectClass=person)(uid=%n)) >>>> default_pass_scheme = SSHA >>>> >>>> It cannot be postfix if it relays and dovecots gets >>>> these relays. Can it be? >>> >>> I have tried your config with above mentioned version, >>> with LDAP as only passdb and userdb and these >>> LDAP-settings: >>> >>> hosts = localhost >>> auth_bind = yes >>> base = >>> deref = searching >>> user_attrs = >>> =home=/var/spool/mail/%d/%n,=mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n >>> user_filter = (&(objectClass=fhMailAlias)(uid=%n)) >>> pass_attrs = userPassword=password >>> pass_filter = >>> (&(objectClass=fhMailAlias)(uid=%Ln)(!(deniedService=%Ls))) >>> iterate_filter = (objectClass=fhMailAlias) >>> >>> Note the pass_attrs. Then I submitted a new message with: >>> >>> socat stdin UNIX:/var/run/dovecot2.2/lmtp >>> LHLO loc >>> mail from: >>> rcpt to: >>> data >>> Subject: 1 >>> >>> 1 >>> . >>> >>> successfully. Maildir was created and message spooled to >>> /var/spool/mail/example.com/other/Maildir. Then I logged >>> in via IMAP successfully as well. >>> >>> I also tried the other order: reload Dovecot to flush >>> any caches, log in via IMAP and submit via LMTP. >>> >>> You should however note the following: >>> >>> Both filters treat users "me at example.com" and >>> "me at localhost.localdomain" as the same user, because >>> they match the same LDAP item (uid=%n), however the >>> directories of the users _should_ differ, but they won't >>> as long as the user's information is cached in the auth >>> cache. >>> >>> That means: >>> >>> doveadm auch cache flush >>> doveadm user me at example.net >>> doveadm user me at example.com >>> >>> returns the date for me at example.net in both cases and >>> >>> doveadm auch cache flush >>> doveadm user me at example.com >>> doveadm user me at example.net >>> >>> returns the data for me at example.com in both cases. >> it's weird I know, I do: >> >> # doveadm auth test -x service=smtp -x rip=172.25.12.214 >> me at my.domain >> Password: >> passdb: me at my.domain auth succeeded >> extra fields: >> user=me at my.domain >> >> and in the logs: >> >> auth-worker(32531): Debug: >> pam(me at my.domain,172.25.12.214): lookup service=dovecot >> auth-worker(32531): Debug: >> pam(me at my.domain,172.25.12.214): #1/1 style=1 msg=Password: >> pam_unix(dovecot:auth): check pass; user unknown >> pam_unix(dovecot:auth): authentication failure; logname= >> uid=0 euid=0 tty=dovecot ruser=me at my.domain >> rhost=172.25.12.214 >> auth-worker(32531): pam(me at my.domain,172.25.12.214): >> unknown user >> auth: Debug: ldap(me at my.domain,172.25.12.214): pass >> search: >> base=ou=spotdepression.org,ou=mail,dc=virtual,dc=hosting >> scope=subtree >> filter=(&(objectclass=person)(|(uid=info)(mail=me at my.domain))) >> fields=uid,userPassword >> auth: Debug: ldap(me at my.domain,172.25.12.214): result: >> uid=info userPassword=; uid,userPassword unused >> auth: Debug: ldap(me at my.domain,172.25.12.214): result: >> uid=info userPassword= >> auth: Debug: client passdb out: OK 1 user=me at my.domain >> >> so it seems fine, right? >> only I do simple test on that dovecot locally >> >> echo repli_test | mail -s "repl test" my at my.domain >> >> to get: >> >> auth-worker(365): Debug: passwd(me at my.domain): lookup >> auth-worker(365): passwd(me at my.domain): unknown user >> auth: Debug: password(me at my.domain): passdb doesn't >> support credential lookups >> auth: Debug: ldap(me at my.domain): pass search: >> base=ou=spotdepression.org,ou=mail,dc=virtual,dc=hosting >> scope=subtree >> filter=(&(objectclass=person)(|(uid=info)(mail=me at my.domain))) >> fields=uid,userPassword >> auth: Debug: ldap(me at my.domain): result: uid=info >> userPassword=; uid,userPassword unused >> auth: Debug: ldap(me at my.domain): result: uid=info >> userPassword= >> auth: Fatal: master: service(auth): child 364 killed with >> signal 11 (core dumped) >> >> the same error with: >> doveadm user me at my.domain >> >> so it's must be userdb, right? > > No, you've authentificated before and some data are now in > the auth cache, which are used by the userdb, too. > > 1) You do not have no system users, right? > Then remove the passwd userdb and pam passdb. > > 2) Did you removed the "uid=user=%n" from pass_attr? > this is freaking weird, and wrong! If I do no configure pam nor passwd and no userdb+static then! ...ldap works. I do use, well I'm trying, pam for system users which are not in passwd. PAM gets those system users from LDAP, uid > 1000. I wonder if its possible to have pam auth+lookup for users constructed this way: systemuser at local.domain ? > There might be fixes since 2.2.10: > > changeset: 18538:d3332ee1d26a > user: Timo Sirainen > date: Thu May 07 17:18:44 2015 +0300 > files: src/auth/auth-worker-client.c > description: > auth: Added assert to make sure previous change is correct. > > > changeset: 18537:8a3da4ef590f > user: Timo Sirainen > date: Thu May 07 11:27:55 2015 +0300 > files: src/auth/auth-worker-client.c > description: > auth: Fixed credentials lookups via auth-workers when no > actual password was returned. > For example LDAP lookup with auth_bind=yes should still > return any extra > fields. > > > changeset: 18536:5dc00179dd60 > user: Timo Sirainen > date: Thu May 07 11:21:33 2015 +0300 > files: src/auth/passdb-ldap.c > description: > ldap auth: If password is already verified (e.g. master > user login), skip LDAP auth binding. > This happens only if auth_bind_userdn isn't set, i.e. it > only makes sense if > the LDAP DN lookup also returns some extra fields. > > > changeset: 18402:635f9c7d5991 > user: Timo Sirainen > date: Mon Apr 13 20:38:10 2015 +0300 > files: src/auth/auth-request.c > description: > auth: If passdb/userdb changes the username, add the > changed username also to the cache. > > > changeset: 18401:08b2f79e8212 > user: Timo Sirainen > date: Mon Apr 13 20:37:48 2015 +0300 > files: src/auth/auth-request.c > description: > auth: Setting userdb fields from cache didn't set handle > any special fields. > The special fields were relatively rarely used though. > > > changeset: 18364:3546457ae3fb > user: Timo Sirainen > date: Tue Mar 17 17:30:33 2015 +0200 > files: src/auth/db-ldap.c > description: > auth ldap: Crashfixes for earlier changes. > Hopefully works correctly now > > > changeset: 18363:a4acf88b0c91 > user: Timo Sirainen > date: Tue Mar 17 10:49:20 2015 +0200 > files: src/auth/db-ldap.c > description: > auth ldap: Fixed crash when handling invalid SSL option. > > > changeset: 18362:870cb73e5960 > user: Timo Sirainen > date: Tue Mar 17 09:58:03 2015 +0200 > files: src/auth/db-ldap.c src/auth/db-ldap.h > description: > auth ldap: Fixed assert-crash when both passdb ldap and > userdb ldap was used > > > changeset: 18361:0a17875f0ece > user: Timo Sirainen > date: Mon Mar 16 23:25:34 2015 +0200 > files: src/auth/db-ldap.c src/auth/db-ldap.h > src/auth/passdb-ldap.c src/auth/userdb-ldap.c > description: > auth ldap: Start LDAP connection only after auth process > initialization is finished. > This way even if connecting to LDAP takes a while it won't > cause the master > process to kill the auth process due to it not sending the > startup "I'm ok" > notification early enough. > > > changeset: 18360:d9a0d4f4f4b6 > user: Timo Sirainen > date: Mon Mar 16 23:21:05 2015 +0200 > files: src/auth/db-ldap.c > description: > auth ldap: Make sure config file path is included in all > fatal error messages. > > > changeset: 18359:ec2e7ae958c5 > user: Timo Sirainen > date: Mon Mar 16 23:17:39 2015 +0200 > files: src/auth/db-ldap.c > description: > auth ldap: If any tls_* settings are given when they're > not supported, fail with fatal instead of just warning. > These may be important for intended security, especially > tls_cipher_suite. > We shouldn't allow setting them and then somewhat silently > just ignore them. > > .... > > - -- Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iQEVAwUBVYlMtnz1H7kL/d9rAQJA1gf9FQqfLMutqbE1BWYGzg15tLIT9kH7Nfwu > > bwA16Er3lVehuEk1GnmbsJxlVmcz96Yei7MFUAOcNmjM9x0JqLj/Jp5LiXKlHa0+ > > ZAzF+ivMij9wsNlFzPCb9M16B92GaGd6Q8d4ud0Wd5IeQuC/+Vs5avPcgGKdCxon > > ygqZPeFBhXZDLCxnfgcKuW05lO+mlgkD6zXcywfMLDpjwHwy1EOchGJ+ciwdaZky > > tKYj3ZPXrDLzIl2sBwXNOEeFpsIQR+FRH1Llje3+coVbvWK09DM6HKa8ynts2YmN > > pDgQph43yOTgv27LlUMcN80HjNknHjg0sLw05OtJoVt+ZDVOSZTxug== > =wlvQ > -----END PGP SIGNATURE----- > From jerry at seibercom.net Tue Jun 23 13:13:58 2015 From: jerry at seibercom.net (Jerry) Date: Tue, 23 Jun 2015 09:13:58 -0400 Subject: a temporary failure In-Reply-To: <558958FD.4020600@yahoo.co.uk> References: <5587C46A.2040604@yahoo.co.uk> <5587C7A7.8090902@yahoo.co.uk> <5587D235.20709@yahoo.co.uk> <558940DD.8010506@yahoo.co.uk> <558958FD.4020600@yahoo.co.uk> Message-ID: <20150623091358.30ed56af@seibercom.net> On Tue, 23 Jun 2015 14:02:53 +0100, lejeczek stated: >this is freaking weird, and wrong! If I do no configure pam >nor passwd and no userdb+static then! ...ldap works. > >I do use, well I'm trying, pam for system users which are >not in passwd. PAM gets those system users from LDAP, uid > >1000. >I wonder if its possible to have pam auth+lookup for users >constructed this way: systemuser at local.domain ? I think you posted your "dovecot -n" and LDAP configuration; however, this thread has gone on so long untrimmed, that I am now completely lost. I assume you have shutdown and restarted these applications after making configuration changes? Sometimes that is the only way to make them work. -- Jerry From lucabert at lucabert.de Tue Jun 23 13:16:45 2015 From: lucabert at lucabert.de (Luca Bertoncello) Date: Tue, 23 Jun 2015 13:16:45 +0000 Subject: Proxy to more Servers Message-ID: <20150623131645.Horde.wqyyDpVC0jnEz288UznbSxc@horde.lucabert.de> Hi list! Finally I got the LDAP-Authentication work (it was a problem of the OU-Path... :( ). Now I can authenticate the user against the AD and forwarding the IMAP-Connection to the Exchange Server. Wow! My next problem: we have TWO ADs and TWO Exchange-Servers. The first AD has the users for the first Exchange, and the second AD for the second Exchange. I defined two files so: auth-ldap-OLDAD.conf.ext: passdb { driver = ldap args = /etc/dovecot/dovecot-ldap-OLDAD.conf.ext } userdb { driver = ldap args = /etc/dovecot/dovecot-ldap-OLDAD.conf.ext default_fields = imapc_user=%u imapc_password=%w imapc_ssl=imaps imapc_host=sphinx.company.local imapc_port=993 driver=imap uid=imapproxy gid=imapproxy home=/home/imapproxy } auth-ldap-NEWAD.conf.ext: passdb { driver = ldap args = /etc/dovecot/dovecot-ldap-NEWAD.conf.ext } userdb { driver = ldap args = /etc/dovecot/dovecot-ldap-NEWAD.conf.ext default_fields = imapc_user=%u imapc_password=%w imapc_ssl=imaps imapc_host=exchange01.ad.company.org imapc_port=993 driver=imap uid=imapproxy gid=imapproxy home=/home/imapproxy } Well, the authentication works as expected, but when a user of the second AD/Exchanges tries to log in, after a SUCCESSFULLY authentication can't speak with the new Exchange server... :( In the log of Dovecot I see: Jun 23 15:07:58 proxy01 dovecot: imap(chorris): Error: User initialization failed: Namespace '': Mailbox list driver imapc: missing imapc_host Jun 23 15:07:58 proxy01 dovecot: imap(chorris): Error: Invalid user settings. Refer to server log for more information. Could someone explain me, why the configuration for imapc_host in the second file are ignored? Thanks Luca Bertoncello (lucabert at lucabert.de) From peljasz at yahoo.co.uk Tue Jun 23 13:38:43 2015 From: peljasz at yahoo.co.uk (lejeczek) Date: Tue, 23 Jun 2015 14:38:43 +0100 Subject: a temporary failure In-Reply-To: <20150623091358.30ed56af@seibercom.net> References: <5587C46A.2040604@yahoo.co.uk> <5587C7A7.8090902@yahoo.co.uk> <5587D235.20709@yahoo.co.uk> <558940DD.8010506@yahoo.co.uk> <558958FD.4020600@yahoo.co.uk> <20150623091358.30ed56af@seibercom.net> Message-ID: <55896163.6070807@yahoo.co.uk> On 23/06/15 14:13, Jerry wrote: > On Tue, 23 Jun 2015 14:02:53 +0100, lejeczek stated: > >> this is freaking weird, and wrong! If I do no configure pam >> nor passwd and no userdb+static then! ...ldap works. >> >> I do use, well I'm trying, pam for system users which are >> not in passwd. PAM gets those system users from LDAP, uid > >> 1000. >> I wonder if its possible to have pam auth+lookup for users >> constructed this way: systemuser at local.domain ? > I think you posted your "dovecot -n" and LDAP configuration; however, this > thread has gone on so long untrimmed, that I am now completely lost. > > I assume you have shutdown and restarted these applications after making > configuration changes? Sometimes that is the only way to make them work. > right, I think I'm closer, I have one more question but I'll start a new post the end. From peljasz at yahoo.co.uk Tue Jun 23 13:41:48 2015 From: peljasz at yahoo.co.uk (lejeczek) Date: Tue, 23 Jun 2015 14:41:48 +0100 Subject: passdb pam and args/format Message-ID: <5589621C.9000600@yahoo.co.uk> I wonder if queries to/via pam are formatable? What I'm thinking I'd like to try is to use pam with users at local.domain. And I guess I'd have to loose domain part somehow. many thanks From peljasz at yahoo.co.uk Tue Jun 23 14:24:59 2015 From: peljasz at yahoo.co.uk (lejeczek) Date: Tue, 23 Jun 2015 15:24:59 +0100 Subject: is it safe to have two backed used for the same user? Message-ID: <55896C3B.2010501@yahoo.co.uk> hi everybody I wonder if it is safe (and wise) to have two passw-user databases for the same one user. I'm thinking, mail to me via pam mail to me at this.domain via ldap whole Maildir would be essentially the same one storage target, I see permissions have to be mangled, available to write for both vmail and actual uid. what do you think? Is it how it's done? regards From skdovecot at smail.inf.fh-brs.de Tue Jun 23 14:34:46 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Tue, 23 Jun 2015 16:34:46 +0200 (CEST) Subject: is it safe to have two backed used for the same user? In-Reply-To: <55896C3B.2010501@yahoo.co.uk> References: <55896C3B.2010501@yahoo.co.uk> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 23 Jun 2015, lejeczek wrote: > I wonder if it is safe (and wise) to have two passw-user databases for the > same one user. > I'm thinking, > mail to me via pam > mail to me at this.domain via ldap the first passdb wins. No problem. > whole Maildir would be essentially the same one storage target, I see > permissions have to be mangled, available to write for both vmail and actual > uid. again, the first userdb wins. Your users can auth agains pam, but the data may come from LDAP or a static userdb. If you auth agains PAM successfully, does _not_ mean that you automatically use system users or Dovecot changes uids or something. All such information come from the userdb. If both users match the same userdb entry, they appear the same for Dovecot. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVYluhnz1H7kL/d9rAQI4gAgAy1K6C96H/L26Jb67AElPtOZ/2YUZQdqA IZQP6aD+WVEfy1brpwEkOs4EOYBRNGTN3ifTQSyKu5lcDffFIOEloXSc3PLuqR/e oc0l/g9qBzuCdITPHvDer+37pPn/lg70Ye/Aqc8EIiuNNNtt1EXnF0TMZYOLv/Uj SgWlCkW31iJBq83DJ/hRDQQO1CvDA/3pPl33vLRBXepICZXiPJhvMkzeqsy2wAEL VanIWuPRVhautE23ko7u/hjzIDKHEkFmXQgDQxVR9/bT5D0BGW6Ma+13EIGnnKZe /8aYu3l+TTzIcnyK3rXdW2tME0nqhGAg5bX/FgnBJ5uHGldg63zDjg== =QLx9 -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Tue Jun 23 14:41:07 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Tue, 23 Jun 2015 16:41:07 +0200 (CEST) Subject: is it safe to have two backed used for the same user? In-Reply-To: References: <55896C3B.2010501@yahoo.co.uk> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 23 Jun 2015, Steffen Kaiser wrote: > On Tue, 23 Jun 2015, lejeczek wrote: > >> I wonder if it is safe (and wise) to have two passw-user databases for the >> same one user. >> I'm thinking, >> mail to me via pam >> mail to me at this.domain via ldap > > the first passdb wins. No problem. > >> whole Maildir would be essentially the same one storage target, I see >> permissions have to be mangled, available to write for both vmail and >> actual >> uid. > > again, the first userdb wins. Your users can auth agains pam, but the data > may come from LDAP or a static userdb. > If you auth agains PAM successfully, does _not_ mean that you > automatically use system users or Dovecot changes uids or something. All > such information come from the userdb. If both users match the same userdb > entry, they appear the same for Dovecot. To make it more clear: you can have passdb { driver = pam } passdb { driver = ldap ... } userdb { driver = ldap .... } you do not need no userdb { driver = passwd }, unless you require user data from this source. Or use userdb { driver = static } instead the LDAP one, because you do not use LDAP attributes anyway. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVYlwA3z1H7kL/d9rAQLL6Af/SsS6K2oHv1X6DdNhCMPJrURf+IWWJQx0 pmmOHVPMLsuw3A6cQaMfxm7i3K4OdQA4CLPq2SER3Zxp98LigTLUdsHvPVfdD3x7 KHkIZ689emmmQZxJ1DXtAcu4ICu+0zdicpqaL8iOm7qlbYjLmB4TF2jTWvPpb3g4 GqiDgCrjzgyRKx0ppBRqdXMIuhtsmOyUX7qUc+TbE5C4dWs9gOllUp6haW+Am7pX cTVA/tAxCs+mqbCbOJSEGBC8xVD0gCfyg7DevYjZSOlbCLnR+tYZxIVQt5/KSIwg Ak0e64k9sy5wc95pZ8V49o2yaVyxkQdzEHbqlfUAuOahDTsx72yVpA== =UvLB -----END PGP SIGNATURE----- From alexandre.bagouet at alliaserv.fr Tue Jun 23 14:57:41 2015 From: alexandre.bagouet at alliaserv.fr (alex) Date: Tue, 23 Jun 2015 16:57:41 +0200 Subject: Migration from courier-imap to dovecot Message-ID: <558973E5.2070400@alliaserv.fr> hello, I search a solution to migrate a courier-impa mail accounts in maildir format to a dovecot mail accounts in sandbox format. The first server is an ubuntu 10.4 with courier-imap in maildir format, the accounts are managed by postfix 2.7.0 with MySQL The second server is an debian 7.8 (wheezy) with dovecot 2.2.13 in sdbox format, the accounts are managed by postfix 2.9.6 with MySQL My request is, how to import and convert the mail accounts ?? cordially, *--* *Alexandre Bagouet* From mhlavink at redhat.com Tue Jun 23 15:56:35 2015 From: mhlavink at redhat.com (Michal Hlavinka) Date: Tue, 23 Jun 2015 17:56:35 +0200 Subject: Assert test not compatible with s390(x) and ppc64 architectures Message-ID: <558981B3.30504@redhat.com> Hi, we have found that assert test fails on some architectures: test-net.c:59: Assert failed: net_addr2ip("127.0.0.1", &ip) == 0 && ip.family == AF_INET && ip.u.ip4.s_addr == (127 | (1 << 24)) It seems as bug in test suit as test is expecting IPv4 address in LE format (0x0100007f), but it gets address in BE format(0x7f000001). Patch in attachment should fix this issue. Regards Michal Hlavinka -------------- next part -------------- A non-text attachment was scrubbed... Name: dovecot-2.2.18-fixbuild.patch Type: text/x-patch Size: 505 bytes Desc: not available URL: From user+dovecot at localhost.localdomain.org Tue Jun 23 18:43:53 2015 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Tue, 23 Jun 2015 18:43:53 +0000 Subject: Migration from courier-imap to dovecot In-Reply-To: <558973E5.2070400@alliaserv.fr> References: <558973E5.2070400@alliaserv.fr> Message-ID: <5589A8E9.3040000@localhost.localdomain.org> On 06/23/2015 02:57 PM, alex wrote: > hello, > > I search a solution to migrate a courier-impa mail accounts in maildir > format to a dovecot mail accounts in sandbox format. > The first server is an ubuntu 10.4 with courier-imap in maildir format, > the accounts are managed by postfix 2.7.0 with MySQL > The second server is an debian 7.8 (wheezy) with dovecot 2.2.13 in sdbox > format, the accounts are managed by postfix 2.9.6 with MySQL > > My request is, how to import and convert the mail accounts ?? Did you read ? Regards, Pascal -- The trapper recommends today: c01dcofe.1517401 at localdomain.org From r at sys4.de Wed Jun 24 10:33:36 2015 From: r at sys4.de (Ralf Hildebrandt) Date: Wed, 24 Jun 2015 12:33:36 +0200 Subject: Quota question Message-ID: <20150624103336.GJ8100@sys4.de> http://wiki2.dovecot.org/Quota/Configuration says: concat('*:bytes=', quota_limit_bytes) AS quota_rule and concat('*:bytes=', quota_limit_bytes) AS userdb_quota_rule but a generic quota_rule on the same page says: plugin { quota = maildir:User quota quota_rule = *:storage=1G quota_rule2 = Trash:storage=+100M } Are "bytes=" and "storage=" equivalent? http://wiki2.dovecot.org/UserDatabase/ExtraFields also shows "storage=": user_query = SELECT home, uid, gid, \ '*:storage=100M' as quota_rule, mail_plugins, \ 'gz' as `plugin/zlib_save` FROM users WHERE userid = '%u' -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From r at sys4.de Wed Jun 24 10:42:35 2015 From: r at sys4.de (Ralf Hildebrandt) Date: Wed, 24 Jun 2015 12:42:35 +0200 Subject: Quota question In-Reply-To: <20150624103336.GJ8100@sys4.de> References: <20150624103336.GJ8100@sys4.de> Message-ID: <20150624104235.GK8100@sys4.de> * Ralf Hildebrandt : > Are "bytes=" and "storage=" equivalent? Found it on http://wiki2.dovecot.org/Quota/Configuration, sorry: storage: Quota limit in kilobytes, 0 means unlimited. bytes: Quota limit in bytes, 0 means unlimited. -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From peljasz at yahoo.co.uk Wed Jun 24 13:28:39 2015 From: peljasz at yahoo.co.uk (lejeczek) Date: Wed, 24 Jun 2015 14:28:39 +0100 Subject: is it safe to have two backed used for the same user? In-Reply-To: References: <55896C3B.2010501@yahoo.co.uk> Message-ID: <558AB087.4060900@yahoo.co.uk> On 23/06/15 15:41, Steffen Kaiser wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Tue, 23 Jun 2015, Steffen Kaiser wrote: >> On Tue, 23 Jun 2015, lejeczek wrote: >> >>> I wonder if it is safe (and wise) to have two passw-user >>> databases for the >>> same one user. >>> I'm thinking, >>> mail to me via pam >>> mail to me at this.domain via ldap >> >> the first passdb wins. No problem. >> >>> whole Maildir would be essentially the same one storage >>> target, I see >>> permissions have to be mangled, available to write for >>> both vmail and actual >>> uid. >> >> again, the first userdb wins. Your users can auth agains >> pam, but the data >> may come from LDAP or a static userdb. >> If you auth agains PAM successfully, does _not_ mean that >> you >> automatically use system users or Dovecot changes uids or >> something. All >> such information come from the userdb. If both users >> match the same userdb >> entry, they appear the same for Dovecot. > > To make it more clear: > > you can have > > passdb { driver = pam } > passdb { driver = ldap > ... > } > > userdb { driver = ldap > .... > } > > you do not need no userdb { driver = passwd }, unless you > require user data from this source. Or use userdb { driver > = static } instead the LDAP one, because you do not use > LDAP attributes anyway. OK, I see, can a querying pam backed be custom? eg. how does one looks up me at some.thing ? many thanks Steffen for all your help. > > - -- Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iQEVAwUBVYlwA3z1H7kL/d9rAQLL6Af/SsS6K2oHv1X6DdNhCMPJrURf+IWWJQx0 > > pmmOHVPMLsuw3A6cQaMfxm7i3K4OdQA4CLPq2SER3Zxp98LigTLUdsHvPVfdD3x7 > > KHkIZ689emmmQZxJ1DXtAcu4ICu+0zdicpqaL8iOm7qlbYjLmB4TF2jTWvPpb3g4 > > GqiDgCrjzgyRKx0ppBRqdXMIuhtsmOyUX7qUc+TbE5C4dWs9gOllUp6haW+Am7pX > > cTVA/tAxCs+mqbCbOJSEGBC8xVD0gCfyg7DevYjZSOlbCLnR+tYZxIVQt5/KSIwg > > Ak0e64k9sy5wc95pZ8V49o2yaVyxkQdzEHbqlfUAuOahDTsx72yVpA== > =UvLB > -----END PGP SIGNATURE----- > From peljasz at yahoo.co.uk Wed Jun 24 14:55:00 2015 From: peljasz at yahoo.co.uk (lejeczek) Date: Wed, 24 Jun 2015 15:55:00 +0100 Subject: is it safe to have two backed used for the same user? In-Reply-To: References: <55896C3B.2010501@yahoo.co.uk> Message-ID: <558AC4C4.8020806@yahoo.co.uk> On 23/06/15 15:34, Steffen Kaiser wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Tue, 23 Jun 2015, lejeczek wrote: > >> I wonder if it is safe (and wise) to have two passw-user >> databases for the same one user. >> I'm thinking, >> mail to me via pam >> mail to me at this.domain via ldap > > the first passdb wins. No problem. > >> whole Maildir would be essentially the same one storage >> target, I see permissions have to be mangled, available >> to write for both vmail and actual uid. > > again, the first userdb wins. Your users can auth agains > pam, but the data may come from LDAP or a static userdb. > If you auth agains PAM successfully, does _not_ mean that > you automatically use system users or Dovecot changes uids > or something. All such information come from the userdb. > If both users match the same userdb entry, they appear the > same for Dovecot. my working setup as above brakes if the target storage misses o=rwx (very weird again) Even if I stick an ACL to it with vmail=rwX it still fails and quite silently leaving one clueless. me via pam = actual UID me at this.domain via ldap = vmail UID and that shared storage target seems must have o=rwx ??? (Or I still got it wrong somewhere?) > > - -- Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iQEVAwUBVYluhnz1H7kL/d9rAQI4gAgAy1K6C96H/L26Jb67AElPtOZ/2YUZQdqA > > IZQP6aD+WVEfy1brpwEkOs4EOYBRNGTN3ifTQSyKu5lcDffFIOEloXSc3PLuqR/e > > oc0l/g9qBzuCdITPHvDer+37pPn/lg70Ye/Aqc8EIiuNNNtt1EXnF0TMZYOLv/Uj > > SgWlCkW31iJBq83DJ/hRDQQO1CvDA/3pPl33vLRBXepICZXiPJhvMkzeqsy2wAEL > > VanIWuPRVhautE23ko7u/hjzIDKHEkFmXQgDQxVR9/bT5D0BGW6Ma+13EIGnnKZe > > /8aYu3l+TTzIcnyK3rXdW2tME0nqhGAg5bX/FgnBJ5uHGldg63zDjg== > =QLx9 > -----END PGP SIGNATURE----- > From peljasz at yahoo.co.uk Wed Jun 24 15:24:55 2015 From: peljasz at yahoo.co.uk (lejeczek) Date: Wed, 24 Jun 2015 16:24:55 +0100 Subject: why would replicated to server ask for extra fs permissions? In-Reply-To: References: <5581A735.4040304@yahoo.co.uk> Message-ID: <558ACBC7.1090002@yahoo.co.uk> On 18/06/15 07:45, Steffen Kaiser wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Wed, 17 Jun 2015, lejeczek wrote: > >> I think I'm near getting a simple replication, but on >> server which is still "empty" I get: >> >> Initialization failed: Namespace '': >> mkdir(/var/spool/mail/ccnr.biotechnology/nr412/Maildir) >> failed: Permission denied (euid=1187(nr412) >> egid=513(Domain Users) missing +w perm: /var/spool/mail, >> we're not in group 12(mail), dir owned by 0:12 mode=0775 >> >> but repl from server runs just fine and their configs are >> virtually identical. >> What I missed? > > does "/var/spool/mail/ccnr.biotechnology" exists or do you > run SELinux, which prevents accessing it? spot on - the full path did not exist. Having a mixed passdb-real uids and ldap+vmail uid - will replication work? Do I need to set up both tcp & ssh? > > - -- Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iQEVAwUBVYJpG3z1H7kL/d9rAQIPHgf+M4XOeplRlhqnjrfeMBhSekBckCZYOUO7 > > gRCYvOdx8dNY9YN9SJRU/a/SKb+r4MCX4ozOXdWDZZgWoOcjpetrL9RQHXhFQzgF > > HbNkxyfaUljYxCWbNBCcisFW/fiwFalsi/ib+3TJ5246TYFGmXPBSup0Iru59LRl > > NQPNwJ1OzmSu/A5kerkoIhtEIPZpKuOfWQqa4CmzA9FEb7kwcUnTkfZhMHox3QeP > > TiOunx8GcSXsvuoVevG8xH4Gczk/bmJNHfE5ZsKPAkn+sv0aUpTTO8BU9fFWCBHU > > oXmSsRLPi+B3GvPrPLYkobYG5LPUkdFY7sxizuCN9Zwt2x1gNpe1fw== > =XXHt > -----END PGP SIGNATURE----- > From dovecot at nryc.fr Wed Jun 24 20:03:22 2015 From: dovecot at nryc.fr (Nicolas C.) Date: Wed, 24 Jun 2015 22:03:22 +0200 Subject: EXT4/LVM recommendations for 3TB of mdbox ? Message-ID: <558B0D0A.10604@nryc.fr> Hello, Do you have recommendations on EXT4 and LVM options for a 3TB file-system for mdbox? We currently use the mbox format on a XFS with poor performances since the update in v2.1 (Debian). We will switch to EXT4 to have the possibility of shrinking the file-system if needed (which is not possible with XFS), we currently have LVM partitions but with mdbox we will use LVM snapshots to backup the server in a consistent state. So, - any particular options to use with mkfs.ext4 for the creation of the FS ? - do you recommend a ?thin? logical volume ? Our storage (IBM Storwize v7000) already have thin provisioning capabilities. The server will be a VMware virtual machine running Debian with RDM LUNs of 500GB. Data blocks will be automatically spread across several RAID disk (SSD, SAS, SATA) by the v7000. The ?mdbox_rotate_size? will be configured around 10MB. Thanks, Nicolas C. From dmiller at amfes.com Wed Jun 24 20:35:46 2015 From: dmiller at amfes.com (dmiller at amfes.com) Date: Wed, 24 Jun 2015 13:35:46 -0700 Subject: EXT4/LVM recommendations for 3TB of mdbox ? In-Reply-To: <558B0D0A.10604@nryc.fr> References: <558B0D0A.10604@nryc.fr> Message-ID: On 2015-06-24 13:03, Nicolas C. wrote: > Hello, > > Do you have recommendations on EXT4 and LVM options for a 3TB > file-system for mdbox? > > We currently use the mbox format on a XFS with poor performances since > the update in v2.1 (Debian). What qualifies as "poor performance"? How many users? > > We will switch to EXT4 to have the possibility of shrinking the > file-system if needed (which is not possible with XFS), we currently > have LVM partitions but with mdbox we will use LVM snapshots to backup > the server in a consistent state. > > So, > > - any particular options to use with mkfs.ext4 for the creation of the > FS ? It's not what you asked - but the options for XFS creation and mounting can make a fair bit of difference. > > - do you recommend a ?thin? logical volume ? Our storage (IBM > Storwize v7000) already have thin provisioning capabilities. > > The server will be a VMware virtual machine running Debian with RDM > LUNs of 500GB. Data blocks will be automatically spread across several > RAID disk (SSD, SAS, SATA) by the v7000. The ?mdbox_rotate_size? will > be configured around 10MB. I happen to be using 32MB. Just going to mdbox can make a measurable performance increase. I also make use of single-instance-storage. Everyone is going to have their own opinions and experiences with filesystems. I personally have had mixed issues with EXT3/4 but have enjoyed great success with XFS. Admittedly my server is probably much smaller than others but I still need to depend on it. -- Daniel From dovecot at nryc.fr Wed Jun 24 21:41:28 2015 From: dovecot at nryc.fr (Nicolas C) Date: Wed, 24 Jun 2015 23:41:28 +0200 Subject: EXT4/LVM recommendations for 3TB of mdbox ? In-Reply-To: References: <558B0D0A.10604@nryc.fr> Message-ID: <558B2408.10600@nryc.fr> Le 24/06/2015 22:35, dmiller at amfes.com a ?crit : > On 2015-06-24 13:03, Nicolas C. wrote: >> Hello, >> >> Do you have recommendations on EXT4 and LVM options for a 3TB >> file-system for mdbox? >> >> We currently use the mbox format on a XFS with poor performances since >> the update in v2.1 (Debian). > > What qualifies as "poor performance"? Way more i/o for the exact same conditions. We kept dovecot in version 1.2 on Wheezy (with pinning) and it was running fine but as soon as we installed the official Wheezy version of Dovecot (2.1) the iowait increased on the server. > How many users? "doveadm who -1" reports an average of 4.000 connections during business hours with peaks going up to 6.000. >> We will switch to EXT4 to have the possibility of shrinking the >> file-system if needed (which is not possible with XFS), we currently >> have LVM partitions but with mdbox we will use LVM snapshots to backup >> the server in a consistent state. >> >> So, >> >> - any particular options to use with mkfs.ext4 for the creation of >> the FS ? > It's not what you asked - but the options for XFS creation and mounting > can make a fair bit of difference. Yes, I saw the "XFS vs EXT4 for mail storage" thread (2013) and I was wondering if, since then, people had a feedback on EXT4. >> - do you recommend a ?thin? logical volume ? Our storage (IBM >> Storwize v7000) already have thin provisioning capabilities. >> >> The server will be a VMware virtual machine running Debian with RDM >> LUNs of 500GB. Data blocks will be automatically spread across several >> RAID disk (SSD, SAS, SATA) by the v7000. The ?mdbox_rotate_size? will >> be configured around 10MB. > I happen to be using 32MB. > > Just going to mdbox can make a measurable performance increase. I also > make use of single-instance-storage. We know that mdbox will be helping, we are very eager to get rid of the old mdbox format! > Everyone is going to have their own opinions and experiences with > filesystems. I personally have had mixed issues with EXT3/4 but have > enjoyed great success with XFS. Admittedly my server is probably much > smaller than others but I still need to depend on it. From dmiller at amfes.com Thu Jun 25 00:00:09 2015 From: dmiller at amfes.com (dmiller at amfes.com) Date: Wed, 24 Jun 2015 17:00:09 -0700 Subject: Virtual Mailboxes In-Reply-To: <6cb687c2f0f1101a4a252951d288ef81@amfes.com> References: <41d3ec6ca13fd96e50b56559ca6f77bb@amfes.com> <6cb687c2f0f1101a4a252951d288ef81@amfes.com> Message-ID: My next bonehead maneuver - was more of the first! location = virtual:/var/mail/%%d/%%n/mdbox/mailboxes/virtual was adapted from my definition for my shared namespace. Which was intended to share OTHER users - which is why the '%%' prefixes are used. Changing to: location = virtual:/var/mail/%d/%n/mdbox/mailboxes/virtual Now I can actually view something! But I still have a challenge - the mailboxes don't allow subscriptions via IMAP. If I manually edit the "subscriptions" file I can force it and I can now browse & view - but I can't make changes via IMAP clients. What else am I missing? -- Daniel On 2015-06-22 10:31, dmiller at amfes.com wrote: > Any ideas on what I need to check or should post to help find the > problem? > > -- > Daniel > > > On 2015-06-20 14:50, dmiller at amfes.com wrote: >> The first bonehead maneuver seems to be: >> location = virtual:/var/mail/%%d/%%n/mdbox/virtual >> I'm thinking it should be: >> location = virtual:/var/mail/%%d/%%n/mdbox/mailboxes/virtual >> >> But...it didn't seem to make a difference. And if I have the >> "virtual" folder tree under a location other than >> "/var/mail/domain/user/mdbox/mailboxes" no names appear - so I think I >> have the files in the right place. Any ideas? >> >> -- >> Daniel >> >> >> On 2015-06-20 14:34, dmiller at amfes.com wrote: >>> >>> Having some trouble with my first attempt at virtual mailboxes. I've >>> enabled the plugin in 10-mail.conf, added a virtual namespace, and >>> created the dovecot-virtual files in the folders. >>> >>> I see the folder names in the list when I refresh the folders >>> available for subscription - but the folders cannot be subscribed to >>> and I can't view their contents. What obvious mistake did I make? >>> >>> doveconf -n: >>> auth_cache_size = 4 k >>> auth_mechanisms = plain login >>> default_login_user = nobody >>> default_vsz_limit = 1 G >>> dict { >>> acl = mysql:/usr/local/etc/dovecot/dovecot-dict-sql.conf.ext >>> } >>> disable_plaintext_auth = no >>> listen = * >>> mail_attachment_dir = /var/mail/attachments >>> mail_plugins = fts fts_solr acl zlib virtual >>> mail_shared_explicit_inbox = yes >>> managesieve_notify_capability = mailto >>> managesieve_sieve_capability = fileinto reject envelope >>> encoded-character vacation subaddress comparator-i;ascii-numeric >>> relational regex imap4flags copy include variables body enotify >>> environment mailbox date index ihave duplicate >>> mdbox_rotate_interval = 1 days >>> mdbox_rotate_size = 32 M >>> namespace { >>> hidden = no >>> inbox = yes >>> list = yes >>> location = >>> prefix = >>> separator = / >>> subscriptions = yes >>> type = private >>> } >>> namespace { >>> list = children >>> location = mdbox:/var/mail/%%d/%%n/mdbox >>> prefix = shared/%%n/ >>> separator = / >>> subscriptions = no >>> type = shared >>> } >>> namespace { >>> location = virtual:/var/mail/%%d/%%n/mdbox/virtual >>> prefix = virtual/ >>> separator = / >>> } >>> passdb { >>> args = /usr/local/etc/dovecot/dovecot-ldap.conf >>> driver = ldap >>> } >>> plugin { >>> acl = vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300 >>> acl_shared_dict = proxy::acl >>> fts = solr >>> fts_autoindex = yes >>> fts_solr = break-imap-search url=http://solr.amfes.lan:8983/solr/ >>> sieve = ~/.dovecot.sieve >>> sieve_dir = ~/sieve >>> } >>> protocols = imap lmtp sieve >>> service auth { >>> unix_listener /var/spool/postfix/private/auth { >>> group = postfix >>> mode = 0660 >>> user = postfix >>> } >>> unix_listener auth-userdb { >>> group = mail >>> mode = 0600 >>> user = vmail >>> } >>> } >>> service dict { >>> unix_listener dict { >>> group = mail >>> mode = 0660 >>> user = vmail >>> } >>> } >>> service imap-login { >>> process_limit = 200 >>> process_min_avail = 10 >>> service_count = 1 >>> } >>> service lmtp { >>> process_min_avail = 5 >>> unix_listener /var/spool/postfix/private/dovecot-lmtp { >>> group = mail >>> mode = 0666 >>> user = vmail >>> } >>> } >>> service managesieve-login { >>> inet_listener sieve { >>> port = 4190 >>> } >>> inet_listener sieve_deprecated { >>> port = 2000 >>> } >>> process_min_avail = 0 >>> service_count = 1 >>> } >>> ssl_cert = >> ssl_key = >> userdb { >>> driver = prefetch >>> } >>> userdb { >>> args = /usr/local/etc/dovecot/dovecot-ldap.conf >>> driver = ldap >>> } >>> verbose_proctitle = yes >>> protocol lmtp { >>> mail_plugins = fts fts_solr acl zlib virtual sieve >>> } >>> protocol lda { >>> mail_plugins = fts fts_solr acl zlib virtual sieve >>> } >>> protocol imap { >>> imap_client_workarounds = tb-extra-mailbox-sep >>> imap_idle_notify_interval = 29 mins >>> mail_max_userip_connections = 50 >>> mail_plugins = fts fts_solr acl zlib virtual imap_acl >>> } >>> local 192.168.0.2 { >>> protocol imap { >>> ssl_cert = >> ssl_key = >> } >>> } >>> >>> Given my mail storage location of /var/mail/%%d/%%n, I have created: >>> /var/mail/mydomain/myname/virtual/newfolder >>> >>> and within that folder created a dovecot-virtual. I created a few >>> like >>> this from the wiki samples - the folder names are visible but no >>> contents. >>> >>> -- >>> Daniel From peljasz at yahoo.co.uk Thu Jun 25 10:35:28 2015 From: peljasz at yahoo.co.uk (lejeczek) Date: Thu, 25 Jun 2015 11:35:28 +0100 Subject: imap-login: Authenticate PLAIN failed: Unsupported authentication mechanism - with Evolution Message-ID: <558BD970.3080909@yahoo.co.uk> I wonder if you know if Evolution works with dovecot TLS? From peljasz at yahoo.co.uk Thu Jun 25 10:49:36 2015 From: peljasz at yahoo.co.uk (lejeczek) Date: Thu, 25 Jun 2015 11:49:36 +0100 Subject: Fatal: -N parameter requires syncing with remote host Message-ID: <558BDCC0.40405@yahoo.co.uk> hi I get with default (not declared) replication_dsync_parameters above errors, and for users that I'm trying to disable replication. I'm trying to disable with: override_fields = mail_replica="" in userdb and just in case (ldap) also user_attrs = =mail_replica="" my replication conf is pretty basic: service replicator { process_min_avail = 1 unix_listener replicator-doveadm { mode = 0660 } } service aggregator { fifo_listener replication-notify-fifo { user = vmail group = Domain Users mode = 0660 } unix_listener replication-notify { user = vmail group = Domain Users } } service doveadm { inet_listener { port = 12345 } } doveadm_password = secret # I can tell simple test: doveadm -v sync -f -u my at my.domain ssh vmail at server doveadm dsync-server -u me at my.domain works. It's for a user that I don't want replication. What am I missing here? many thanks From daniel.colchete at gmail.com Thu Jun 25 12:33:02 2015 From: daniel.colchete at gmail.com (Daniel van Ham Colchete) Date: Thu, 25 Jun 2015 09:33:02 -0300 Subject: Namespace Translation / IMAP Proxying Message-ID: Hello everyone! About three years ago we migrated from Courier do Dovecot using the procedure at http://wiki2.dovecot.org/Migration/Courier. So we have a namespace prefix os "INBOX.". We are trying to implement the SOGo collaboration with Exchange ActiveSync integration with Android Lollipop devices. So, in this exact configuration (namespace prefix + ActiveSync + Android Lollipop) things dont work really well [1]. I'm trying to get an IMAP Proxy of any kind in front of my Dovecot system to translate my namespaces when SOGo connects to it. So instead of presenting INBOX and INBOX.Sent it should show INBOX and Sent. I tried to do it with imapc but couldn't find any configuration that would allow it. I also looked at Perdition IMAP Proxy and NGINX but couldn't find it there also. Does anyone knows a way to do it? Best, Daniel Colchete [1] https://lists.inverse.ca/sogo/arc/users/2015-06/msg00301.html From eduardo at freedominterface.org Thu Jun 25 13:10:15 2015 From: eduardo at freedominterface.org (Eduardo Ramos) Date: Thu, 25 Jun 2015 10:10:15 -0300 Subject: director In-Reply-To: References: Message-ID: <558BFDB7.1010603@freedominterface.org> It seems that you are having problem with connection between dovecot and ldap. Does your ldap server log anything? What about firewall configuration in both? On 06/02/2015 01:48 PM, jjhoffart wrote: > Hello, > I am currently trying to setup dovecot with a director instance and > have managed to configure to invocations of dovecot on my server but > my dovecot log keeps giving me errors about authentication. A little > background on my config I am running dovecot with postfix and using an > LDAP directory. Here are the errors I am seeing in my logs. > > > dovecot.log > > Jun 02 10:42:59 auth: Fatal: LDAP: ldap_init() failed with hosts: > 1.1.1.1:389 > Jun 02 10:42:59 master: Error: service(auth): command startup failed, > throttling for 60 secs > Jun 02 10:42:59 director: Error: Auth server disconnected unexpectedly > Jun 02 10:42:59 pop3-login: Info: Disconnected: Auth process broken > (disconnected before auth was ready, waited 0 secs): user=<>, > rip=1.1.3.4, lip=1.1.1.1, session= > Jun 02 10:43:59 auth: Fatal: LDAP: ldap_init() failed with hosts: > 1.1.1.1:389 > Jun 02 10:43:59 master: Error: service(auth): command startup failed, > throttling for 60 secs > Jun 02 10:43:59 director: Error: Auth server disconnected unexpectedly > Jun 02 10:43:59 pop3-login: Info: Disconnected: Auth process broken > (disconnected before auth was ready, waited 0 secs): user=<>, > rip=1.1.1.1, lip=1.1.1.2, session= > > dovecot-seive.log > Jun 01 14:39:57 lda: Fatal: Internal error occurred. Refer to server > log for more information. > Jun 01 14:47:51 lda: Error: userdb lookup(postmaster at mydomain.com): > Disconnected unexpectedly > Jun 01 14:47:51 lda: Fatal: Internal error occurred. Refer to server > log for more information. > > mail.log > Jun 2 10:41:25 mail1 postfix/smtpd[2932]: name_mask: noanonymous > Jun 2 10:41:25 mail1 postfix/smtpd[2932]: > xsasl_dovecot_server_connect: Connecting > Jun 2 10:41:25 mail1 postfix/smtpd[2932]: fatal: no SASL > authentication mechanisms > Jun 2 10:41:26 mail1 postfix/master[2068]: warning: process > /usr/lib/postfix/smtpd pid 2932 exit status 1 > Jun 2 10:41:26 mail1 postfix/master[2068]: warning: > /usr/lib/postfix/smtpd: bad command startup -- throttling > Jun 2 10:43:06 mail1 postfix/anvil[2934]: statistics: max connection > rate 1/60s for (smtp:0.0.0.0) at Jun 2 10:41:25 > Jun 2 10:43:06 mail1 postfix/anvil[2934]: statistics: max connection > count 1 for (smtp:0.0.0.0) at Jun 2 10:41:25 > Jun 2 10:43:06 mail1 postfix/anvil[2934]: statistics: max cache size > 1 at Jun 2 10:41:25 > > From fzielcke at z-51.de Thu Jun 25 14:28:16 2015 From: fzielcke at z-51.de (Felix Zielcke) Date: Thu, 25 Jun 2015 16:28:16 +0200 Subject: imap-login: Authenticate PLAIN failed: Unsupported authentication mechanism - with Evolution In-Reply-To: <558BD970.3080909@yahoo.co.uk> References: <558BD970.3080909@yahoo.co.uk> Message-ID: <1435242496.1110.2.camel@z-51.de> Am Donnerstag, den 25.06.2015, 11:35 +0100 schrieb lejeczek: > I wonder if you know if Evolution works with dovecot TLS? Of course. I use dovecot+Evolution fine. You only need to enable PLAIN and/or LOGIN auth method in your config. or the other ones supported by Evolution. And TLS doestn't matter in this case. As long as Evolution has compiled it in and dovecot has compiled it in, then it works. Dovecot of course needs to have it correctly configured with the certificate. From peljasz at yahoo.co.uk Thu Jun 25 14:40:46 2015 From: peljasz at yahoo.co.uk (lejeczek) Date: Thu, 25 Jun 2015 15:40:46 +0100 Subject: imap-login: Authenticate PLAIN failed: Unsupported authentication mechanism - with Evolution In-Reply-To: <1435242496.1110.2.camel@z-51.de> References: <558BD970.3080909@yahoo.co.uk> <1435242496.1110.2.camel@z-51.de> Message-ID: <558C12EE.8050608@yahoo.co.uk> On 25/06/15 15:28, Felix Zielcke wrote: > Am Donnerstag, den 25.06.2015, 11:35 +0100 schrieb lejeczek: >> I wonder if you know if Evolution works with dovecot TLS? > Of course. I use dovecot+Evolution fine. > You only need to enable PLAIN and/or LOGIN auth method in your config. > or the other ones supported by Evolution. > > And TLS doestn't matter in this case. As long as Evolution has compiled > it in and dovecot has compiled it in, then it works. Dovecot of course > needs to have it correctly configured with the certificate. > it does not work if dovecot disallow plain and allows only login, at least for me. Evolution 3.16.3 and dovecot 2.2.10 thanks From robertkwild at gmail.com Thu Jun 25 20:36:54 2015 From: robertkwild at gmail.com (robert k Wild) Date: Thu, 25 Jun 2015 21:36:54 +0100 Subject: authenticate LDAP to email server Message-ID: hi all, first things first my version and config - # 2.0.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-504.el6.x86_64 x86_64 CentOS release 6.6 (Final) auth_mechanisms = plain login mail_location = maildir:~/Maildir mbox_write_locks = fcntl passdb { driver = pam } protocols = imap pop3 service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } } ssl_cert = I'm getting the following error when using dovecot replication: dovecot: imap(foo at bar.com): Error: open(/var/dovecot/replication-notify-fifo) failed: No such file or directory I guess this has something to do with the fact that every user is chrooted in it's own homedir. Does dsync support dsync notification when all users are chrooted? lmtp does not seem to have this problem so new mails get replicated, but status changes don't. Thanks. -Tim Config on source: # 2.2.15: /etc/dovecot/dovecot.conf # OS: OpenBSD 5.7 amd64 auth_debug = yes auth_mechanisms = plain login auth_verbose = yes dsync_remote_cmd = /usr/bin/ssh imap.netsend.nl first_valid_gid = 30000 first_valid_uid = 30000 last_valid_gid = 30100 last_valid_uid = 30100 mail_debug = yes mail_home = /srv/vmail/%d/%n mail_location = maildir:~/Maildir mail_plugins = " notify replication" passdb { args = /passwd driver = passwd-file } passdb { args = /passwd_smtponly driver = passwd-file } plugin { mail_replica = remoteprefix:imap.netsend.nl } protocols = imap lmtp service aggregator { fifo_listener replication-notify-fifo { mode = 0666 } unix_listener replication-notify { mode = 0666 } } service auth-worker { chroot = /etc/mail unix_listener /etc/mail/auth-worker { mode = 0600 user = $default_internal_user } user = $default_internal_user } service auth { chroot = /etc/mail unix_listener /var/spool/postfix/private/dovecot-auth { group = _postfix mode = 0600 user = _postfix } } service imap-login { inet_listener imap { port = 0 } process_min_avail = 1 } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = _postfix mode = 0600 user = _postfix } } service replicator { process_min_avail = 1 unix_listener replicator-doveadm { mode = 0600 } } ssl = required ssl_cert = References: Message-ID: <558CEF0D.2060102@univention.de> Am 25.06.2015 um 22:36 schrieb robert k Wild: > hi all, > > first things first my version and config - > > # 2.0.9: /etc/dovecot/dovecot.conf > > # OS: Linux 2.6.32-504.el6.x86_64 x86_64 CentOS release 6.6 (Final) > > auth_mechanisms = plain login > > mail_location = maildir:~/Maildir > > mbox_write_locks = fcntl > > passdb { > > driver = pam > > } > > protocols = imap pop3 > > service auth { > > unix_listener /var/spool/postfix/private/auth { > > group = postfix > > mode = 0666 > > user = postfix > > } > > } > > ssl_cert = > ssl_key = > userdb { > > driver = passwd > > } > > - > > i have installed dovecot+?postfix email server and a > > LDAP server, if i create users on the LDAP server can dovecot pick up > > the usernames and create a mailbox for the individual users > > as atm > > if i want to create an email address for users i add the user to the > > email server and make a directory for the users mailbox and have to > > chmod and chown > > also just another question, can i set up mail groups on dovecot? > > cheers > > rob > Hi Rob, all you need to do is figure out what the attribute in your LDAP tree is, that holds the email address. Then configure uris, dn, dnpass, [tls*], base, scope, user_attrs, user_filter, iterate_attrs and iterate_filter in /etc/dovecot/dovecot-ldap.conf.ext and uncomment the include line in /etc/dovecot/conf.d/10-auth.conf http://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb Good luck Daniel -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From robertkwild at gmail.com Fri Jun 26 07:27:44 2015 From: robertkwild at gmail.com (Robert Wild) Date: Fri, 26 Jun 2015 08:27:44 +0100 Subject: authenticate LDAP to email server In-Reply-To: <558CEF0D.2060102@univention.de> References: <558CEF0D.2060102@univention.de> Message-ID: <558cfef1.2864c20a.4b4aa.1b2b@mx.google.com> That's great thanks, One thing tho I did a "ls /etc/dovecot" and I don't see a dovecot-ldap.conf Do I need to create that file or install it via yum? Thanks again for your help, very much appreciated Rob Sent from my Windows Phone -----Original Message----- From: "Daniel Tr?der" Sent: ?26/?06/?2015 07:20 To: "dovecot at dovecot.org" Subject: Re: authenticate LDAP to email server Am 25.06.2015 um 22:36 schrieb robert k Wild: > hi all, > > first things first my version and config - > > # 2.0.9: /etc/dovecot/dovecot.conf > > # OS: Linux 2.6.32-504.el6.x86_64 x86_64 CentOS release 6.6 (Final) > > auth_mechanisms = plain login > > mail_location = maildir:~/Maildir > > mbox_write_locks = fcntl > > passdb { > > driver = pam > > } > > protocols = imap pop3 > > service auth { > > unix_listener /var/spool/postfix/private/auth { > > group = postfix > > mode = 0666 > > user = postfix > > } > > } > > ssl_cert = > ssl_key = > userdb { > > driver = passwd > > } > > - > > i have installed dovecot+?postfix email server and a > > LDAP server, if i create users on the LDAP server can dovecot pick up > > the usernames and create a mailbox for the individual users > > as atm > > if i want to create an email address for users i add the user to the > > email server and make a directory for the users mailbox and have to > > chmod and chown > > also just another question, can i set up mail groups on dovecot? > > cheers > > rob > Hi Rob, all you need to do is figure out what the attribute in your LDAP tree is, that holds the email address. Then configure uris, dn, dnpass, [tls*], base, scope, user_attrs, user_filter, iterate_attrs and iterate_filter in /etc/dovecot/dovecot-ldap.conf.ext and uncomment the include line in /etc/dovecot/conf.d/10-auth.conf http://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb Good luck Daniel From troeder at univention.de Fri Jun 26 07:35:26 2015 From: troeder at univention.de (=?UTF-8?B?RGFuaWVsIFRyw7ZkZXI=?=) Date: Fri, 26 Jun 2015 09:35:26 +0200 Subject: authenticate LDAP to email server In-Reply-To: <558cfef1.2864c20a.4b4aa.1b2b@mx.google.com> References: <558CEF0D.2060102@univention.de> <558cfef1.2864c20a.4b4aa.1b2b@mx.google.com> Message-ID: <558D00BE.4030102@univention.de> Am 26.06.2015 um 09:27 schrieb Robert Wild: > That's great thanks, > > One thing tho I did a "ls /etc/dovecot" and I don't see a dovecot-ldap.conf > > Do I need to create that file or install it via yum? > > Thanks again for your help, very much appreciated > > Rob > > Sent from my Windows Phone Hi Rob, please don't top-post. On mailinglists it is custom, to write replies below the previous post. I don't use Fedora/CentOS/RH, so I don't really know, but in Debian* there is the LDAP part in a separate package. Maybe it is so in your case too..... I just looked at https://apps.fedoraproject.org/packages/dovecot/contents and it seems its all in 1 package, and you'll just have to copy it from /usr/share/doc/dovecot/example-config/ to /etc/dovecot. Greetings Daniel > > -----Original Message----- > From: "Daniel Tr?der" > Sent: ?26/?06/?2015 07:20 > To: "dovecot at dovecot.org" > Subject: Re: authenticate LDAP to email server > > Am 25.06.2015 um 22:36 schrieb robert k Wild: >> hi all, >> >> first things first my version and config - >> >> # 2.0.9: /etc/dovecot/dovecot.conf >> >> # OS: Linux 2.6.32-504.el6.x86_64 x86_64 CentOS release 6.6 (Final) >> >> auth_mechanisms = plain login >> >> mail_location = maildir:~/Maildir >> >> mbox_write_locks = fcntl >> >> passdb { >> >> driver = pam >> >> } >> >> protocols = imap pop3 >> >> service auth { >> >> unix_listener /var/spool/postfix/private/auth { >> >> group = postfix >> >> mode = 0666 >> >> user = postfix >> >> } >> >> } >> >> ssl_cert = > >> ssl_key = > >> userdb { >> >> driver = passwd >> >> } >> >> - >> >> i have installed dovecot+?postfix email server and a >> >> LDAP server, if i create users on the LDAP server can dovecot pick up >> >> the usernames and create a mailbox for the individual users >> >> as atm >> >> if i want to create an email address for users i add the user to the >> >> email server and make a directory for the users mailbox and have to >> >> chmod and chown >> >> also just another question, can i set up mail groups on dovecot? >> >> cheers >> >> rob >> > Hi Rob, > > all you need to do is figure out what the attribute in your LDAP tree > is, that holds the email address. Then configure uris, dn, dnpass, > [tls*], base, scope, user_attrs, user_filter, iterate_attrs and > iterate_filter in /etc/dovecot/dovecot-ldap.conf.ext and uncomment the > include line in /etc/dovecot/conf.d/10-auth.conf > > http://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb > > Good luck > Daniel > -- Daniel Tr?der Open Source Software Engineer Univention GmbH be open Mary-Somerville-Str.1 28359 Bremen Tel.: +49 421 22232-91 Fax : +49 421 22232-99 troeder at univention.de http://www.univention.de Gesch?ftsf?hrer: Peter H. Ganten HRB 20755 Amtsgericht Bremen Steuer-Nr.: 71-597-02876 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From andy at andybev.com Fri Jun 26 11:48:11 2015 From: andy at andybev.com (Andrew Beverley) Date: Fri, 26 Jun 2015 12:48:11 +0100 Subject: "Sensible" location for Sieve scripts Message-ID: <1435319291.8532.7.camel@andy-laptop> I'm configuring some Sieve scripts for virtual users. I'd like to keep the Sieve scripts somewhere "sensible". Currently, all the mail goes into /var/mail/vhosts// So I thought a good place for the sieve script might be in there as well, for example: /var/mail/vhosts/example.com/username/sieve Is there any reason *not* to store the sieve scripts in the same location as the mail? Thanks, Andy From peljasz at yahoo.co.uk Fri Jun 26 14:20:20 2015 From: peljasz at yahoo.co.uk (lejeczek) Date: Fri, 26 Jun 2015 15:20:20 +0100 Subject: replication - remove/delete in storage Message-ID: <558D5FA4.1000903@yahoo.co.uk> hi, novice question - is replication supposed to replicate maildir in it's entirety? I get new mails replicated but not operations of removal/deletion, is this normal? many thanks From elyograg at elyograg.org Fri Jun 26 15:40:35 2015 From: elyograg at elyograg.org (Shawn Heisey) Date: Fri, 26 Jun 2015 09:40:35 -0600 Subject: "Sensible" location for Sieve scripts In-Reply-To: <1435319291.8532.7.camel@andy-laptop> References: <1435319291.8532.7.camel@andy-laptop> Message-ID: <558D7273.3060109@elyograg.org> On 6/26/2015 5:48 AM, Andrew Beverley wrote: > I'm configuring some Sieve scripts for virtual users. I'd like to keep > the Sieve scripts somewhere "sensible". > > Currently, all the mail goes into /var/mail/vhosts// > > So I thought a good place for the sieve script might be in there as > well, for example: > > /var/mail/vhosts/example.com/username/sieve > > Is there any reason *not* to store the sieve scripts in the same > location as the mail? This is how I'm doing it. I'm running version 1.2.15. All users are virtual, stored in mysql, this is where mail goes: mail_location = maildir:/home/vmail/%d/%u/ There are a few config lines that handle sieve scripts: in the "protocol lda" section: sieve_global_path = /home/vmail/global.sieve in the "plugin" section: sieve=/home/vmail/sieve/%d/%u/.dovecot.sieve sieve_dir=/home/vmail/sieve/%d/%u/sieve I am using managesieve. There's a sieve plugin in my squirrelmail install so users can manage their filters. Thanks, Shawn From andy at andybev.com Fri Jun 26 17:09:29 2015 From: andy at andybev.com (Andrew Beverley) Date: Fri, 26 Jun 2015 18:09:29 +0100 Subject: "Sensible" location for Sieve scripts In-Reply-To: <558D7273.3060109@elyograg.org> References: <1435319291.8532.7.camel@andy-laptop> <558D7273.3060109@elyograg.org> Message-ID: <1435338569.10869.7.camel@andy-laptop> On Fri, 2015-06-26 at 09:40 -0600, Shawn Heisey wrote: > On 6/26/2015 5:48 AM, Andrew Beverley wrote: > > I'm configuring some Sieve scripts for virtual users. I'd like to keep > > the Sieve scripts somewhere "sensible". > > > > Currently, all the mail goes into /var/mail/vhosts// > > > > So I thought a good place for the sieve script might be in there as > > well, for example: > > > > /var/mail/vhosts/example.com/username/sieve > > > > Is there any reason *not* to store the sieve scripts in the same > > location as the mail? > > This is how I'm doing it. I'm running version 1.2.15. All users are > virtual, stored in mysql, this is where mail goes: > > mail_location = maildir:/home/vmail/%d/%u/ > > There are a few config lines that handle sieve scripts: > > in the "protocol lda" section: > sieve_global_path = /home/vmail/global.sieve > > in the "plugin" section: > sieve=/home/vmail/sieve/%d/%u/.dovecot.sieve > sieve_dir=/home/vmail/sieve/%d/%u/sieve > > I am using managesieve. There's a sieve plugin in my squirrelmail > install so users can manage their filters. Great, thanks Shawn, really useful. Andy From robertkwild at gmail.com Fri Jun 26 17:39:37 2015 From: robertkwild at gmail.com (Robert Wild) Date: Fri, 26 Jun 2015 18:39:37 +0100 Subject: authenticate LDAP to email server In-Reply-To: <558D00BE.4030102@univention.de> References: <558CEF0D.2060102@univention.de> <558cfef1.2864c20a.4b4aa.1b2b@mx.google.com> <558D00BE.4030102@univention.de> Message-ID: <558d8e5c.6a6ab40a.1f4a.31a5@mx.google.com> Sorry for top posting, don't mean to, looks like my outlook mobile client does it by default Ok great thanks Daniel for this, also do you know if I have to change/edit the config files for postfix/openldap as well or just for dovecot Thank you Rob Sent from my Windows Phone -----Original Message----- From: "Daniel Tr?der" Sent: ?26/?06/?2015 08:35 To: "dovecot at dovecot.org" Subject: Re: authenticate LDAP to email server Am 26.06.2015 um 09:27 schrieb Robert Wild: > That's great thanks, > > One thing tho I did a "ls /etc/dovecot" and I don't see a dovecot-ldap.conf > > Do I need to create that file or install it via yum? > > Thanks again for your help, very much appreciated > > Rob > > Sent from my Windows Phone Hi Rob, please don't top-post. On mailinglists it is custom, to write replies below the previous post. I don't use Fedora/CentOS/RH, so I don't really know, but in Debian* there is the LDAP part in a separate package. Maybe it is so in your case too..... I just looked at https://apps.fedoraproject.org/packages/dovecot/contents and it seems its all in 1 package, and you'll just have to copy it from /usr/share/doc/dovecot/example-config/ to /etc/dovecot. Greetings Daniel > > -----Original Message----- > From: "Daniel Tr?der" > Sent: ?26/?06/?2015 07:20 > To: "dovecot at dovecot.org" > Subject: Re: authenticate LDAP to email server > > Am 25.06.2015 um 22:36 schrieb robert k Wild: >> hi all, >> >> first things first my version and config - >> >> # 2.0.9: /etc/dovecot/dovecot.conf >> >> # OS: Linux 2.6.32-504.el6.x86_64 x86_64 CentOS release 6.6 (Final) >> >> auth_mechanisms = plain login >> >> mail_location = maildir:~/Maildir >> >> mbox_write_locks = fcntl >> >> passdb { >> >> driver = pam >> >> } >> >> protocols = imap pop3 >> >> service auth { >> >> unix_listener /var/spool/postfix/private/auth { >> >> group = postfix >> >> mode = 0666 >> >> user = postfix >> >> } >> >> } >> >> ssl_cert = > >> ssl_key = > >> userdb { >> >> driver = passwd >> >> } >> >> - >> >> i have installed dovecot+?postfix email server and a >> >> LDAP server, if i create users on the LDAP server can dovecot pick up >> >> the usernames and create a mailbox for the individual users >> >> as atm >> >> if i want to create an email address for users i add the user to the >> >> email server and make a directory for the users mailbox and have to >> >> chmod and chown >> >> also just another question, can i set up mail groups on dovecot? >> >> cheers >> >> rob >> > Hi Rob, > > all you need to do is figure out what the attribute in your LDAP tree > is, that holds the email address. Then configure uris, dn, dnpass, > [tls*], base, scope, user_attrs, user_filter, iterate_attrs and > iterate_filter in /etc/dovecot/dovecot-ldap.conf.ext and uncomment the > include line in /etc/dovecot/conf.d/10-auth.conf > > http://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb > > Good luck > Daniel > -- Daniel Tr?der Open Source Software Engineer Univention GmbH be open Mary-Somerville-Str.1 28359 Bremen Tel.: +49 421 22232-91 Fax : +49 421 22232-99 troeder at univention.de http://www.univention.de Gesch?ftsf?hrer: Peter H. Ganten HRB 20755 Amtsgericht Bremen Steuer-Nr.: 71-597-02876 From me at junc.eu Fri Jun 26 18:25:36 2015 From: me at junc.eu (Benny Pedersen) Date: Fri, 26 Jun 2015 20:25:36 +0200 Subject: "Sensible" location for Sieve scripts In-Reply-To: <1435338569.10869.7.camel@andy-laptop> References: <1435319291.8532.7.camel@andy-laptop> <558D7273.3060109@elyograg.org> <1435338569.10869.7.camel@andy-laptop> Message-ID: <14e311e2118.28c1.d475fad7b14312f5d8424e35e39f7512@junc.eu> On June 26, 2015 7:10:29 PM Andrew Beverley wrote: > > in the "plugin" section: > > sieve=/home/vmail/sieve/%d/%u/.dovecot.sieve > > sieve_dir=/home/vmail/sieve/%d/%u/sieve change last sieve to .sieve so it does not colledge with other dirs atleast to remember if maildir does not start with a dot, i do this to prevent sive scripts show up in maildirs above will olso works if $HOME is diff for sieve and maildir, just me that have one $HOME for all virtual users in dovecot From elyograg at elyograg.org Fri Jun 26 20:44:16 2015 From: elyograg at elyograg.org (Shawn Heisey) Date: Fri, 26 Jun 2015 14:44:16 -0600 Subject: "Sensible" location for Sieve scripts In-Reply-To: <14e311e2118.28c1.d475fad7b14312f5d8424e35e39f7512@junc.eu> References: <1435319291.8532.7.camel@andy-laptop> <558D7273.3060109@elyograg.org> <1435338569.10869.7.camel@andy-laptop> <14e311e2118.28c1.d475fad7b14312f5d8424e35e39f7512@junc.eu> Message-ID: <558DB9A0.9070905@elyograg.org> On 6/26/2015 12:25 PM, Benny Pedersen wrote: > On June 26, 2015 7:10:29 PM Andrew Beverley wrote: > >> > in the "plugin" section: >> > sieve=/home/vmail/sieve/%d/%u/.dovecot.sieve >> > sieve_dir=/home/vmail/sieve/%d/%u/sieve > > change last sieve to .sieve so it does not colledge with other dirs > atleast to remember if maildir does not start with a dot, i do this to > prevent sive scripts show up in maildirs > > above will olso works if $HOME is diff for sieve and maildir, just me > that have one $HOME for all virtual users in dovecot Since I don't have a domain named "sieve" (and never will) that location can never conflict with any user's Maildirs. My mail_location parameter is set to maildir:/home/vmail/%d/%u/ which doesn't overlap at all. Thanks, Shawn From robertkwild at gmail.com Fri Jun 26 22:36:27 2015 From: robertkwild at gmail.com (robert k Wild) Date: Fri, 26 Jun 2015 23:36:27 +0100 Subject: authenticate LDAP to email server In-Reply-To: <558d8e5c.6a6ab40a.1f4a.31a5@mx.google.com> References: <558CEF0D.2060102@univention.de> <558cfef1.2864c20a.4b4aa.1b2b@mx.google.com> <558D00BE.4030102@univention.de> <558d8e5c.6a6ab40a.1f4a.31a5@mx.google.com> Message-ID: i have made a file "/etc/dovecot/dovecot-ldap.conf.ext" hosts = 10.10.1.3 base = dc=robina,dc=private ldap_version = 3 auth_bind = yes auth_bind_userdn = cn=%u,cn=home,ou=robina_users,dc=robina,dc=private pass_attrs = uid=user pass_filter = (&(objectClass=posixAccount)(uid=%u)) i have also uncommented out the "include" line in the file10-auth.conf tried testing it by doing a telnet on my local host but it cant find my user, any suggestions many thanks rob On 26 June 2015 at 18:39, Robert Wild wrote: > Sorry for top posting, don't mean to, looks like my outlook mobile client > does it by default > > Ok great thanks Daniel for this, also do you know if I have to change/edit > the config files for postfix/openldap as well or just for dovecot > > Thank you > > Rob > > Sent from my Windows Phone > ------------------------------ > From: Daniel Tr?der > Sent: ?26/?06/?2015 08:35 > To: dovecot at dovecot.org > > Subject: Re: authenticate LDAP to email server > > Am 26.06.2015 um 09:27 schrieb Robert Wild: > > That's great thanks, > > > > One thing tho I did a "ls /etc/dovecot" and I don't see a > dovecot-ldap.conf > > > > Do I need to create that file or install it via yum? > > > > Thanks again for your help, very much appreciated > > > > Rob > > > > Sent from my Windows Phone > Hi Rob, > > please don't top-post. On mailinglists it is custom, to write replies > below the previous post. > > I don't use Fedora/CentOS/RH, so I don't really know, but in Debian* > there is the LDAP part in a separate package. Maybe it is so in your > case too..... > > I just looked at > https://apps.fedoraproject.org/packages/dovecot/contents and it seems > its all in 1 package, and you'll just have to copy it from > /usr/share/doc/dovecot/example-config/ to /etc/dovecot. > > Greetings > Daniel > > > > > -----Original Message----- > > From: "Daniel Tr?der" > > Sent: ?26/?06/?2015 07:20 > > To: "dovecot at dovecot.org" > > Subject: Re: authenticate LDAP to email server > > > > Am 25.06.2015 um 22:36 schrieb robert k Wild: > >> hi all, > >> > >> first things first my version and config - > >> > >> # 2.0.9: /etc/dovecot/dovecot.conf > >> > >> # OS: Linux 2.6.32-504.el6.x86_64 x86_64 CentOS release 6.6 (Final) > >> > >> auth_mechanisms = plain login > >> > >> mail_location = maildir:~/Maildir > >> > >> mbox_write_locks = fcntl > >> > >> passdb { > >> > >> driver = pam > >> > >> } > >> > >> protocols = imap pop3 > >> > >> service auth { > >> > >> unix_listener /var/spool/postfix/private/auth { > >> > >> group = postfix > >> > >> mode = 0666 > >> > >> user = postfix > >> > >> } > >> > >> } > >> > >> ssl_cert = >> > >> ssl_key = >> > >> userdb { > >> > >> driver = passwd > >> > >> } > >> > >> - > >> > >> i have installed dovecot+? postfix email server and a > >> > >> LDAP server, if i create users on the LDAP server can dovecot pick up > >> > >> the usernames and create a mailbox for the individual users > >> > >> as atm > >> > >> if i want to create an email address for users i add the user to the > >> > >> email server and make a directory for the users mailbox and have to > >> > >> chmod and chown > >> > >> also just another question, can i set up mail groups on dovecot? > >> > >> cheers > >> > >> rob > >> > > Hi Rob, > > > > all you need to do is figure out what the attribute in your LDAP tree > > is, that holds the email address. Then configure uris, dn, dnpass, > > [tls*], base, scope, user_attrs, user_filter, iterate_attrs and > > iterate_filter in /etc/dovecot/dovecot-ldap.conf.ext and uncomment the > > include line in /etc/dovecot/conf.d/10-auth.conf > > > > http://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb > > > > Good luck > > Daniel > > > > -- > Daniel Tr?der > Open Source Software Engineer > > Univention GmbH > be open > Mary-Somerville-Str.1 > 28359 Bremen > Tel.: +49 421 22232-91 > Fax : +49 421 22232-99 > > troeder at univention.de > http://www.univention.de > > Gesch?ftsf?hrer: Peter H. Ganten > HRB 20755 Amtsgericht Bremen > Steuer-Nr.: 71-597-02876 > > -- Regards, Robert K Wild. From ad+lists at uni-x.org Sat Jun 27 13:15:03 2015 From: ad+lists at uni-x.org (Alexander Dalloz) Date: Sat, 27 Jun 2015 15:15:03 +0200 Subject: authenticate LDAP to email server In-Reply-To: References: <558CEF0D.2060102@univention.de> <558cfef1.2864c20a.4b4aa.1b2b@mx.google.com> <558D00BE.4030102@univention.de> <558d8e5c.6a6ab40a.1f4a.31a5@mx.google.com> Message-ID: <558EA1D7.3010806@uni-x.org> Am 27.06.2015 um 00:36 schrieb robert k Wild: > i have made a file "/etc/dovecot/dovecot-ldap.conf.ext" > > hosts = 10.10.1.3 > base = dc=robina,dc=private > ldap_version = 3 > auth_bind = yes > auth_bind_userdn = cn=%u,cn=home,ou=robina_users,dc=robina,dc=private > pass_attrs = uid=user > pass_filter = (&(objectClass=posixAccount)(uid=%u)) Why do you ignore the documentation? http://wiki2.dovecot.org/AuthDatabase/LDAP/AuthBinds "If you're using DN template, pass_attrs and pass_filter settings are completely ignored. That means you can't make passdb return any extra fields. You should also set auth_username_format = %Lu in dovecot.conf to normalize the username by lowercasing it. " > i have also uncommented out the "include" line in the file10-auth.conf > > tried testing it by doing a telnet on my local host but it cant find my > user, any suggestions > > many thanks > > rob And please stop top-posting with full quotation of preovious content. This is a mailing list. The histtory of the thread is archived. Alexander From hanno at hboeck.de Sat Jun 27 16:05:53 2015 From: hanno at hboeck.de (Hanno =?UTF-8?B?QsO2Y2s=?=) Date: Sat, 27 Jun 2015 18:05:53 +0200 Subject: Out of bounds read error in wildcard_match.c Message-ID: <20150627180553.35d68734@pc1> Hi, I discovered an out of bounds read error in the file wildcard_match.c. Here's the code: /* find the end of each string */ while (*(++mask)); mask--; while (*(++data)); data--; The problem with this: It will search for the end of the strings (zero-terminated), but it'll only start at position 1, not at position 0 (because the ++ in front of the variable will first increment and then return the value). However these strings can be empty. This can be fixed by changing ++mask to mask++ (and same for data), then there must be a -=2 instead of -- afterwards. See attached patch. I found this by compiling dovecot with address sanitizer and running the test suite. cu, -- Hanno B?ck http://hboeck.de/ mail/jabber: hanno at hboeck.de GPG: BBB51E42 -------------- next part -------------- A non-text attachment was scrubbed... Name: dovecot-2.2.18-oob-wildcard-match.diff Type: text/x-patch Size: 506 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From g.danti at assyoma.it Sat Jun 27 16:18:47 2015 From: g.danti at assyoma.it (Gionatan Danti) Date: Sat, 27 Jun 2015 18:18:47 +0200 Subject: Questions about hardlinks, alternate storage and compression Message-ID: Hi all, I have some questions about hardlinks, alternate storage and compression. I already scanned the list for related information and I have an idea of how things works, but I would like to have a definite answer. System spec: - CentOS 6.6 x64 - dovecot-2.0.9-8.el6_6.4.x86_64 RPM package/version - sdbox mail store 1) About hardlinks: when sending the same message to two different recipients, I see that the two u.x files are created as two different files. Diffing them, I see that the only difference is a single char (see [1] for an example). My questions are: a) it is possible to tell dovecot to create a single file + a single hardlink (linkref=2)? As other IMAP servers support that features (eg: Cyrus, CommunigatePro, etc) I am wondering if I missed something in configuring dovecot... b) If it is not possible, can I run a script that compare the various files and substitute equal ones (minus the changing line) with hardlinks, or it will confuse dovecot? As a side note, why the changing line ever exists? 2) About alternate storage and compression: actually, I use a single mail_location without compression. I would like to have an alternate storage and to enable compression on it only, leaving the main location without compression. I if understand it correctly, it _should_ be done using a command similar to "doveadm -Dv -o "plugin/zlib_save=gz" altmove -uu testuser sentbefore 8d". I'm right thinking that it should work? I will really end with a primary uncompressed mail store and an alternate, zlib-compressed one? Thank you all and sorry if I did some naive questions. [1] 63c63 < G2fd0811c64be8e553d970000eaa8309f --- > G2ed0811c64be8e553d970000eaa8309f -- Danti Gionatan Supporto Tecnico Assyoma S.r.l. - www.assyoma.it email: g.danti at assyoma.it - info at assyoma.it GPG public key ID: FF5F32A8 From tbskyd at gmail.com Sun Jun 28 04:53:31 2015 From: tbskyd at gmail.com (d tbsky) Date: Sun, 28 Jun 2015 12:53:31 +0800 Subject: cram-md5 cache problem Message-ID: hi: I was using scientific linux 6 and had cache problem. I upgrade to scientific linux 7 but the problem is the same, so I try to find out why. dovecot version: 2.2.10. postfix + postfixadmin environment. use dovecot-lda to deliver local mail. if I enable cache with "auth_cache_size = 102400" and enable cram-md5 with "auth_mechanisms = plain login cram-md5". I have cache problem: if I change password at postfixadmin, I can not use the new password to login imap when old password is cached. dovecot log below: Jun 28 11:50:32 auth: Debug: client in: AUTH 6 CRAM-MD5 service=imap securedsession=xjn534sZ9gB/AAAB lip=127.0.0.1 rip=127.0.0.1 lport=143 rport=36342 Jun 28 11:50:32 auth: Debug: client passdb out: CONT 6 PDQzNTU5NTA4MTQxODg5NzUuMTQzNTQ2MzQzMkBtYWlsLmxoeS5jb20udHc+ Jun 28 11:50:32 auth: Debug: client in: CONT Jun 28 11:50:32 auth: Debug: cache(test at test.example.com,127.0.0.1,): hit: user=test at test.example.com userdb_home=/share/postfix/domains/test.example.com/test/home userdb_mail=maildir:/share/postfix/domains/test.example.com/test userdb_uid=143 userdb_gid=143 Jun 28 11:50:32 auth: Info: cram-md5(test at test.example.com,127.0.0.1,): password mismatch Jun 28 11:50:34 auth: Debug: client passdb out: FAIL 6 user=test at test.example.com Jun 28 11:50:34 imap-login: Debug: Ignoring unknown passdb extra field: Jun 28 11:50:34 imap-login: Info: Disconnected (auth failed, 1 attempts in 2 secs): user=, method=CRAM-MD5, rip=127.0.0.1, lip=127.0.0.1, secured, session= if I disable "cram-md5" with "auth_mechanisms = plain login". everything is fine. dovecot log below: Jun 28 11:32:24 auth: Debug: cache(test at test.example.com,127.0.0.1,): hit: user=test at test.example.com userdb_home=/share/postfix/domains/test.example.com/test/home userdb_mail=maildir:/share/postfix/domains/test.example.com/test userdb_uid=143 userdb_gid=143 Jun 28 11:32:24 auth: Info: cache(test at test.example.com,127.0.0.1,): Password mismatch Jun 28 11:32:24 auth-worker(3711): Debug: sql(test at test.example.com,127.0.0.1): query: SELECT username as user, password, '/share/postfix/domains/test.example.com/test/home' as userdb_home, 'maildir:/share/postfix/domains/test.example.com/test' as userdb_mail, 143 as userdb_uid, 143 as userdb_gid FROM mailbox WHERE username = 'test at test.example.com' AND active = '1' Jun 28 11:32:24 auth: Debug: client passdb out: OK 15 user=test at test.example.com Jun 28 11:32:24 auth: Debug: master in: REQUEST 1951268865 3672 15 0b198494a7e732324f6d6c507b25c13e session_pid=3956 request_auth_token Jun 28 11:32:24 auth: Debug: prefetch(test at test.example.com,127.0.0.1,): success Regards, tbskyd From robertkwild at gmail.com Sun Jun 28 17:50:11 2015 From: robertkwild at gmail.com (robert k Wild) Date: Sun, 28 Jun 2015 18:50:11 +0100 Subject: authenticate LDAP to email server In-Reply-To: <558EA1D7.3010806@uni-x.org> References: <558CEF0D.2060102@univention.de> <558cfef1.2864c20a.4b4aa.1b2b@mx.google.com> <558D00BE.4030102@univention.de> <558d8e5c.6a6ab40a.1f4a.31a5@mx.google.com> <558EA1D7.3010806@uni-x.org> Message-ID: i edited "dovecot-ldap.conf.ext" and added the lines hosts = 10.10.1.3 auth_bind = yes auth_bind_userdn = cn=%u,cn=home,ou=robina_users,dc=robina,dc=private i then edited "dovecot.conf" and added this line in auth_username_format = %Lu i edited "10-auth.conf" i unhashed the following line !include auth-ldap.conf.ext - which contains my userdb and passwddb file but when i try to create a new email account using thunderbird it cant find the settings for my email account any help please rob From ad+lists at uni-x.org Sun Jun 28 19:16:31 2015 From: ad+lists at uni-x.org (Alexander Dalloz) Date: Sun, 28 Jun 2015 21:16:31 +0200 Subject: authenticate LDAP to email server In-Reply-To: References: <558CEF0D.2060102@univention.de> <558cfef1.2864c20a.4b4aa.1b2b@mx.google.com> <558D00BE.4030102@univention.de> <558d8e5c.6a6ab40a.1f4a.31a5@mx.google.com> <558EA1D7.3010806@uni-x.org> Message-ID: <5590480F.9050401@uni-x.org> Am 28.06.2015 um 19:50 schrieb robert k Wild: > i edited "dovecot-ldap.conf.ext" and added the lines > > hosts = 10.10.1.3 > auth_bind = yes > auth_bind_userdn = cn=%u,cn=home,ou=robina_users,dc=robina,dc=private > > i then edited "dovecot.conf" and added this line in > > auth_username_format = %Lu > > i edited "10-auth.conf" i unhashed the following line > > !include auth-ldap.conf.ext - which contains my userdb and passwddb file > > but when i try to create a new email account using thunderbird it cant find > the settings for my email account > > any help please > > rob What is being logged when you try to login? Alexander From troeder at univention.de Sun Jun 28 20:11:00 2015 From: troeder at univention.de (=?UTF-8?B?RGFuaWVsIFRyw7ZkZXI=?=) Date: Sun, 28 Jun 2015 22:11:00 +0200 Subject: authenticate LDAP to email server In-Reply-To: <5590480F.9050401@uni-x.org> References: <558CEF0D.2060102@univention.de> <558cfef1.2864c20a.4b4aa.1b2b@mx.google.com> <558D00BE.4030102@univention.de> <558d8e5c.6a6ab40a.1f4a.31a5@mx.google.com> <558EA1D7.3010806@uni-x.org> <5590480F.9050401@uni-x.org> Message-ID: <559054D4.4040903@univention.de> Am 28.06.2015 um 21:16 schrieb Alexander Dalloz: > Am 28.06.2015 um 19:50 schrieb robert k Wild: >> i edited "dovecot-ldap.conf.ext" and added the lines >> >> hosts = 10.10.1.3 >> auth_bind = yes >> auth_bind_userdn = cn=%u,cn=home,ou=robina_users,dc=robina,dc=private >> >> i then edited "dovecot.conf" and added this line in >> >> auth_username_format = %Lu >> >> i edited "10-auth.conf" i unhashed the following line >> >> !include auth-ldap.conf.ext - which contains my userdb and passwddb file >> >> but when i try to create a new email account using thunderbird it cant >> find >> the settings for my email account >> >> any help please >> >> rob > > What is being logged when you try to login? > > Alexander Please edit /etc/dovecot/conf.d/10-logging.conf and enable: auth_verbose = yes auth_verbose_passwords = plain auth_debug = yes auth_debug_passwords = yes mail_debug = yes Then you'll get a very detailed account in the logfiles about what's going on. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From robertkwild at gmail.com Sun Jun 28 21:25:48 2015 From: robertkwild at gmail.com (robert k Wild) Date: Sun, 28 Jun 2015 22:25:48 +0100 Subject: authenticate LDAP to email server In-Reply-To: <559054D4.4040903@univention.de> References: <558CEF0D.2060102@univention.de> <558cfef1.2864c20a.4b4aa.1b2b@mx.google.com> <558D00BE.4030102@univention.de> <558d8e5c.6a6ab40a.1f4a.31a5@mx.google.com> <558EA1D7.3010806@uni-x.org> <5590480F.9050401@uni-x.org> <559054D4.4040903@univention.de> Message-ID: i have enabled logging, how can i run a test to get some results. i have tried to add a mail account through thunderbird using my ldap user but i am not getting any error logs in the /var/log/dovecot.log file any help on how i can produce logs to show you guys thanks rob From robertkwild at gmail.com Sun Jun 28 21:49:12 2015 From: robertkwild at gmail.com (robert k Wild) Date: Sun, 28 Jun 2015 22:49:12 +0100 Subject: authenticate LDAP to email server In-Reply-To: References: <558CEF0D.2060102@univention.de> <558cfef1.2864c20a.4b4aa.1b2b@mx.google.com> <558D00BE.4030102@univention.de> <558d8e5c.6a6ab40a.1f4a.31a5@mx.google.com> <558EA1D7.3010806@uni-x.org> <5590480F.9050401@uni-x.org> <559054D4.4040903@univention.de> Message-ID: got something when i did a telnet localhost 143, i got this Jun 28 23:16:46 post dovecot: auth: Fatal: LDAP: No base given Jun 28 23:16:46 post dovecot: master: Error: service(auth): command startup failed, throttling Jun 28 23:17:21 post dovecot: imap-login: Error: Timeout waiting for handshake from auth server. my pid=2284, input bytes=0 Jun 28 23:17:46 post dovecot: imap-login: Disconnected: Inactivity (no auth attempts): rip=::1, lip=::1, secured Jun 28 23:17:46 post dovecot: auth: Debug: Loading modules from directory: /usr/lib64/dovecot/auth Jun 28 23:17:46 post dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libauthdb_ldap.so Jun 28 23:17:46 post dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libdriver_sqlite.so Jun 28 23:17:46 post dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libmech_gssapi.so Jun 28 23:17:46 post dovecot: auth: Fatal: LDAP: No base given Jun 28 23:17:46 post dovecot: master: Error: service(auth): command startup failed, throttling From robertkwild at gmail.com Sun Jun 28 22:56:42 2015 From: robertkwild at gmail.com (robert k Wild) Date: Sun, 28 Jun 2015 23:56:42 +0100 Subject: authenticate LDAP to email server In-Reply-To: References: <558CEF0D.2060102@univention.de> <558cfef1.2864c20a.4b4aa.1b2b@mx.google.com> <558D00BE.4030102@univention.de> <558d8e5c.6a6ab40a.1f4a.31a5@mx.google.com> <558EA1D7.3010806@uni-x.org> <5590480F.9050401@uni-x.org> <559054D4.4040903@univention.de> Message-ID: success, i want to take this time in thanking all of you, thanks so much, much appreciated!!! Jun 29 00:10:12 post dovecot: imap(rwild): Disconnected: Too many invalid IMAP commands. bytes=50/12 91 Jun 29 00:10:31 post dovecot: auth: Debug: Loading modules from directory: /usr/lib64/dovecot/auth Jun 29 00:10:31 post dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libauthdb_ldap.so Jun 29 00:10:31 post dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libdriver_sqlite.s o Jun 29 00:10:31 post dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libmech_gssapi.so Jun 29 00:10:31 post dovecot: auth: Debug: auth client connected (pid=7350) Jun 29 00:10:46 post dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=imap#011secured# 011lip=::1#011rip=::1#011lport=143#011rport=42899#011resp=AHJ3aWxkAGthcm8xOTg0 Jun 29 00:10:46 post dovecot: auth: Debug: Loading modules from directory: /usr/lib64/dovecot/auth Jun 29 00:10:46 post dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libauthdb_ldap.so Jun 29 00:10:46 post dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libdriver_sqlite.s o Jun 29 00:10:46 post dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libmech_gssapi.so Jun 29 00:10:46 post dovecot: auth: Debug: pam(rwild,::1): lookup service=dovecot Jun 29 00:10:46 post dovecot: auth: Debug: pam(rwild,::1): #1/1 style=1 msg=Password: Jun 29 00:10:46 post dovecot: auth: Debug: client out: OK#0111#011user=rwild Jun 29 00:10:46 post dovecot: auth: Debug: master in: REQUEST#0113883401217#0117350#0111#0115b2e6643 70256436b6db653a8a21ac68 Jun 29 00:10:46 post dovecot: auth: Debug: passwd(rwild,::1): lookup Jun 29 00:10:46 post dovecot: auth: Debug: master out: USER#0113883401217#011rwild#011system_groups_ user=rwild#011uid=1000#011gid=500#011home=/ldap/home/rwild Jun 29 00:10:46 post dovecot: imap-login: Login: user=, method=PLAIN, rip=::1, lip=::1, mpid= 7393, secured Jun 29 00:10:46 post dovecot: imap(rwild): Debug: Effective uid=1000, gid=500, home=/ldap/home/rwild Jun 29 00:10:46 post dovecot: imap(rwild): Debug: maildir++: root=/ldap/home/rwild/Maildir, index=, control=, inbox=/ldap/home/rwild/Maildir From peljasz at yahoo.co.uk Mon Jun 29 07:34:20 2015 From: peljasz at yahoo.co.uk (lejeczek) Date: Mon, 29 Jun 2015 08:34:20 +0100 Subject: replication - remove/delete in storage In-Reply-To: <558D5FA4.1000903@yahoo.co.uk> References: <558D5FA4.1000903@yahoo.co.uk> Message-ID: <5590F4FC.806@yahoo.co.uk> nobody want to chip in, clarify this for me? If replication should replicate everything what I might have gotten wrong that remove/delete on messages does not replicate? On 26/06/15 15:20, lejeczek wrote: > hi, > novice question - is replication supposed to replicate > maildir in it's entirety? > I get new mails replicated but not operations of > removal/deletion, is this normal? > > many thanks > From g.danti at assyoma.it Mon Jun 29 09:20:34 2015 From: g.danti at assyoma.it (Gionatan Danti) Date: Mon, 29 Jun 2015 11:20:34 +0200 Subject: Questions about hardlinks, alternate storage and compression In-Reply-To: References: Message-ID: <55910DE2.2050404@assyoma.it> Hi all, any ideas? Especially point n.1 (no hardlink when sending the same email to multiple addresses) confuse me a bit. Searching in old messages I even stumbled on some users stating that, using Dovecot LMTP server, they achieved what I want (one messagge, multiple hardlinks), but I am _already_ using LMTP with no avail... Regards. On 27/06/15 18:18, Gionatan Danti wrote: > Hi all, > I have some questions about hardlinks, alternate storage and > compression. I already scanned the list for related information and I > have an idea of how things works, but I would like to have a definite > answer. > > System spec: > - CentOS 6.6 x64 > - dovecot-2.0.9-8.el6_6.4.x86_64 RPM package/version > - sdbox mail store > > 1) About hardlinks: when sending the same message to two different > recipients, I see that the two u.x files are created as two different > files. Diffing them, I see that the only difference is a single char > (see [1] for an example). My questions are: > a) it is possible to tell dovecot to create a single file + a single > hardlink (linkref=2)? As other IMAP servers support that features (eg: > Cyrus, CommunigatePro, etc) I am wondering if I missed something in > configuring dovecot... > b) If it is not possible, can I run a script that compare the various > files and substitute equal ones (minus the changing line) with > hardlinks, or it will confuse dovecot? As a side note, why the changing > line ever exists? > > 2) About alternate storage and compression: actually, I use a single > mail_location without compression. I would like to have an alternate > storage and to enable compression on it only, leaving the main location > without compression. I if understand it correctly, it _should_ be done > using a command similar to "doveadm -Dv -o "plugin/zlib_save=gz" altmove > -uu testuser sentbefore 8d". I'm right thinking that it should work? I > will really end with a primary uncompressed mail store and an alternate, > zlib-compressed one? > > Thank you all and sorry if I did some naive questions. > > [1] > 63c63 > < G2fd0811c64be8e553d970000eaa8309f > --- >> G2ed0811c64be8e553d970000eaa8309f > > > -- Danti Gionatan Supporto Tecnico Assyoma S.r.l. - www.assyoma.it email: g.danti at assyoma.it - info at assyoma.it GPG public key ID: FF5F32A8 From dragos.pacher at apexgroup.ro Mon Jun 29 10:08:45 2015 From: dragos.pacher at apexgroup.ro (Dragos Pacher) Date: Mon, 29 Jun 2015 13:08:45 +0300 Subject: Outlook 2013 not fetching new mail/synchronization issues Message-ID: <023801d0b253$960564f0$c2102ed0$@apexgroup.ro> Hi all, Dovecot 2.2.10 CentOS 6 64 bit. We are having terrible synchronization issues with Outlook 2013 (all updates) on Windows 7 SP1 and 8.1 hosts (all updates). Scenario: 1. Emails were sent since user closed Outlook 2. Next day: start computer, open outlook 3. No new email (even though email were sent overnight) 4. half a day later Outlook fetches emails like nothing happened Second issue: folders created or email send in Outlook 2013 does not synchronize on IMAP, they remain only local .. But I am mostly interested into finding a fix for the first synchronization issue described in scenario. Second is also important but I have a feeling its connected to the first. Any help will be highly appreciated! dovecot.conf listen = * #base_dir = /var/run/dovecot # Enabled mail protocols. #protocols = pop3 imap sieve protocols = pop3 imap # User/group who owns the message files: mail_uid = 89 mail_gid = 89 # Assign uid to virtual users. first_valid_uid = 89 last_valid_uid = 89 mail_max_userip_connections = 200 default_client_limit = 3000 namespace inbox { separator = . prefix = INBOX. inbox = yes # These mailboxes are widely used and could perhaps be created automatically: mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Trash { special_use = \Trash } # For \Sent mailboxes there are two widely used names. We'll mark both of # them as \Sent. User typically deletes one of them if duplicates are created. mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } } # Logging. Reference: http://wiki2.dovecot.org/Logging log_path = /var/log/dovecot.log mail_debug = no auth_verbose = no auth_debug = no auth_debug_passwords = no auth_verbose_passwords = no auth_worker_max_count = 2048 # SSL: Global settings. # Refer to wiki site for per protocol, ip, server name SSL settings: # http://wiki2.dovecot.org/SSL/DovecotConfiguration ssl = yes verbose_ssl = no ssl_ca = References: <023801d0b253$960564f0$c2102ed0$@apexgroup.ro> Message-ID: <20150629075820.15cf48b7@seibercom.net> On Mon, 29 Jun 2015 13:08:45 +0300, Dragos Pacher stated: >We are having terrible synchronization issues with Outlook 2013 (all >updates) on Windows 7 SP1 and 8.1 hosts (all updates). Have you tried putting Outlook into "debug" mode (it requires a restart) and seeing what it says? Furthermore, have you tried the Outlook Mail forums? I can send you a few links if you want. They helped me with a configuration problem I was having. How about "TcpTrace" output? You really have not given us much to work with. -- Jerry -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 473 bytes Desc: OpenPGP digital signature URL: From peljasz at yahoo.co.uk Mon Jun 29 12:25:28 2015 From: peljasz at yahoo.co.uk (lejeczek) Date: Mon, 29 Jun 2015 13:25:28 +0100 Subject: replication - remove/delete in storage In-Reply-To: <5590F4FC.806@yahoo.co.uk> References: <558D5FA4.1000903@yahoo.co.uk> <5590F4FC.806@yahoo.co.uk> Message-ID: <55913938.30809@yahoo.co.uk> On 29/06/15 08:34, lejeczek wrote: > nobody want to chip in, clarify this for me? > If replication should replicate everything what I might > have gotten wrong that remove/delete on messages does not > replicate? > > On 26/06/15 15:20, lejeczek wrote: >> hi, >> novice question - is replication supposed to replicate >> maildir in it's entirety? >> I get new mails replicated but not operations of >> removal/deletion, is this normal? >> >> many thanks >> > I wonder, remove/etc could be left for only full sync. From b-dovecot.org at grmbl.net Mon Jun 29 12:41:40 2015 From: b-dovecot.org at grmbl.net (B) Date: Mon, 29 Jun 2015 14:41:40 +0200 Subject: replication - remove/delete in storage In-Reply-To: <55913938.30809@yahoo.co.uk> References: <558D5FA4.1000903@yahoo.co.uk> <5590F4FC.806@yahoo.co.uk> <55913938.30809@yahoo.co.uk> Message-ID: <20150629124140.GQ43109@mx.grmbl.net> > >If replication should replicate everything what I might have gotten > >wrong that remove/delete on messages does not replicate? > > > >On 26/06/15 15:20, lejeczek wrote: > >>hi, > >>novice question - is replication supposed to replicate maildir in > >>it's entirety? > >>I get new mails replicated but not operations of > >>removal/deletion, is this normal? > >> > >>many thanks > >> > > > I wonder, remove/etc could be left for only full sync. Everything should be propagated, including flags by a normal sync. Make sure you do your operations via IMAP protocol and not via the filesystem. Also make sure sync works in both directions. B From rs at sys4.de Mon Jun 29 17:46:57 2015 From: rs at sys4.de (Robert Schetterer) Date: Mon, 29 Jun 2015 19:46:57 +0200 Subject: Outlook 2013 not fetching new mail/synchronization issues In-Reply-To: <023801d0b253$960564f0$c2102ed0$@apexgroup.ro> References: <023801d0b253$960564f0$c2102ed0$@apexgroup.ro> Message-ID: <55918491.3060000@sys4.de> Am 29.06.2015 um 12:08 schrieb Dragos Pacher: > Hi all, > sorry short in time , not reading your config but in most cases problems on windows are based on firewall/proxies either local or at the gateway, sometimes with other net issuses local firewall may included in antivirus solutions, have you checked this ? have you tried thunderbird on the same machine ? > > > Dovecot 2.2.10 CentOS 6 64 bit. > > > > We are having terrible synchronization issues with Outlook 2013 (all > updates) on Windows 7 SP1 and 8.1 hosts (all updates). > > > > Scenario: > > 1. Emails were sent since user closed Outlook > > 2. Next day: start computer, open outlook > > 3. No new email (even though email were sent overnight) > > 4. half a day later Outlook fetches emails like nothing happened > > > > Second issue: folders created or email send in Outlook 2013 does not > synchronize on IMAP, they remain only local .. > > > > But I am mostly interested into finding a fix for the first synchronization > issue described in scenario. Second is also important > > but I have a feeling its connected to the first. > > > > Any help will be highly appreciated! > > > > dovecot.conf > > > > listen = * > > > > #base_dir = /var/run/dovecot > > > > # Enabled mail protocols. > > #protocols = pop3 imap sieve > > protocols = pop3 imap > > > > # User/group who owns the message files: > > mail_uid = 89 > > mail_gid = 89 > > > > # Assign uid to virtual users. > > first_valid_uid = 89 > > last_valid_uid = 89 > > > > mail_max_userip_connections = 200 > > default_client_limit = 3000 > > > > namespace inbox { > > separator = . > > prefix = INBOX. > > inbox = yes > > > > # These mailboxes are widely used and could perhaps be created > automatically: > > mailbox Drafts { > > special_use = \Drafts > > } > > mailbox Junk { > > special_use = \Junk > > } > > mailbox Trash { > > special_use = \Trash > > } > > > > # For \Sent mailboxes there are two widely used names. We'll mark both of > > # them as \Sent. User typically deletes one of them if duplicates are > created. > > mailbox Sent { > > special_use = \Sent > > } > > mailbox "Sent Messages" { > > special_use = \Sent > > } > > } > > > > # Logging. Reference: http://wiki2.dovecot.org/Logging > > log_path = /var/log/dovecot.log > > mail_debug = no > > auth_verbose = no > > auth_debug = no > > auth_debug_passwords = no > > auth_verbose_passwords = no > > > > auth_worker_max_count = 2048 > > > > # SSL: Global settings. > > # Refer to wiki site for per protocol, ip, server name SSL settings: > > # http://wiki2.dovecot.org/SSL/DovecotConfiguration > > ssl = yes > > verbose_ssl = no > > ssl_ca = > ssl_cert = > ssl_key = > > > disable_plaintext_auth = no > > > > # Mail location and mailbox format. > > #mail_location = maildir:/%Lh/Maildir/:INDEX=/%Lh/Maildir/ > > mail_location = maildir:~/Maildir:INDEX=/home/dovecotindex/%Lh/Maildir/ > > > > # Authentication related settings. > > # Append this domain name if client gives empty realm. > > auth_default_realm = > > > > # Authentication mechanisms. > > auth_mechanisms = PLAIN LOGIN > > > > service imap-login { > > client_limit = 3024 > > process_limit = 2048 > > process_min_avail = 64 > > vsz_limit = 64 M > > } > > > > service auth { > > client_limit = 3072 > > > > unix_listener auth-userdb { > > } > > > > inet_listener { > > port = 12345 > > } > > } > > > > service imap { > > vsz_limit = 256M > > # Max. number of IMAP processes (connections) > > process_limit = 2048 > > #imap_idle_notify_interval = 2 mins > > } > > > > service pop3 { > > # Max. number of POP3 processes (connections) > > process_limit = 1024 > > } > > > > # Virtual mail accounts. > > userdb { > > args = /etc/dovecot/dovecot-mysql.conf > > driver = sql > > } > > passdb { > > args = /etc/dovecot/dovecot-mysql.conf > > driver = sql > > } > > > > plugin { > > auth_socket_path = /var/run/dovecot/auth-master > > > > # Plugin: autocreate. Create and subscribe to default IMAP folders. > > autocreate = INBOX > > autocreate2 = Sent > > autocreate3 = Trash > > autocreate4 = Drafts > > autocreate5 = Junk > > autosubscribe = INBOX > > autosubscribe2 = Sent > > autosubscribe3 = Trash > > autosubscribe4 = Drafts > > autosubscribe5 = Junk > > > > # Plugin: expire. > > expire = Trash 7 Trash/* 7 Junk 30 > > expire_dict = proxy::expire > > > > # Pigeonhole managesieve service. > > # Reference: http://wiki2.dovecot.org/Pigeonhole/Sieve/Configuration > > # Per-user sieve settings. > > sieve_dir = /%Lh/sieve > > sieve = /%Lh/sieve/dovecot.sieve > > > > # Global sieve settings. > > sieve_global_dir = /home/vpopmail/sieve > > sieve_global_path = /home/vpopmail/sieve/dovecot.sieve > > #sieve_before = > > #sieve_after = > > } > > > > service dict { > > unix_listener dict { > > # mode = 0660 > > # user = vmail > > # group = vmail > > } > > } > > > > protocol lda { > > # Reference: http://wiki2.dovecot.org/LDA > > #mail_plugins = quota sieve autocreate > > #auth_socket_path = /var/run/dovecot/auth-master > > #log_path = /var/log/sieve.log > > #lda_mailbox_autocreate = yes > > #postmaster_address = root > > } > > protocol imap { > > mail_max_userip_connections = 2048 > > imap_client_workarounds = tb-extra-mailbox-sep > > #mail_plugins = quota imap_quota autocreate > > #mail_plugins = autocreate > > > > } > > protocol pop3 { > > #mail_plugins = quota > > pop3_uidl_format = UID%u-%v > > pop3_client_workarounds = outlook-no-nuls oe-ns-eoh > > } > > > > > > Regards, > > > > > > Pacher Dragos > > > Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From leon at dexterous.org Mon Jun 29 23:47:34 2015 From: leon at dexterous.org (Leon Kyneur) Date: Mon, 29 Jun 2015 23:47:34 +0000 Subject: LDAP default value variable interpolation Message-ID: I'm wondering if there is a way I can dynamically generate an LDAP default value by using variables. I have a configuration that works something like this on my front end proxy: pass_attrs = mail=user,\ =nopassword=y,\ =proxy=y,\ =host=mail.%d The above works perfectly well even though it seems a bit hack. I want to fetch the host field from LDAP and default it to "mail.%d" if the attribute isn't populated for the user. I have tried the following : pass_attrs = mail=user,\ =nopassword=y,\ =proxy=y,\ =host=%{ldap:mailHost:mail.%d} however the interpolation doesn't occur on the default. Just wondering if there is a way to achieve this? thanks From andrew at infinet.net Tue Jun 30 01:16:20 2015 From: andrew at infinet.net (Andrew Obertas) Date: Mon, 29 Jun 2015 18:16:20 -0700 Subject: Same-server mail transfer Message-ID: <5591EDE4.9070100@infinet.net> Hello, What would be the best way to perform a same-server Maildir transfer, while retaining the IMAP structure already in place, between users with the same GID but different UIDs? I've tried doveadm import but I presume it is encountering a permissions error due to the different UIDs. Worst case scenario, I could move everything over manually and then update the UIDs. I feel like there should be a more elegant solution though that I'm not immediately grasping however. -- Best regards, Andrew Obertas Junior Systems Administrator Infinet Communications Group From dragos.pacher at apexgroup.ro Tue Jun 30 07:29:38 2015 From: dragos.pacher at apexgroup.ro (Dragos Pacher) Date: Tue, 30 Jun 2015 10:29:38 +0300 Subject: Outlook 2013 not fetching new mail/synchronization issues In-Reply-To: <55918491.3060000@sys4.de> References: <023801d0b253$960564f0$c2102ed0$@apexgroup.ro> <55918491.3060000@sys4.de> Message-ID: <00e401d0b306$85daa960$918ffc20$@apexgroup.ro> Hi all, Robert, Jerry, There were new emails overnight and both Thunderbird and Roundcube displayed them. I enabled Outlook debug mode and please find 2 logs of Send/Receive with no new emails. Scroll below to see 3rd log with "workaround" and mails downloaded. "Intializing connection [1C7E2830] IMAP: 08:53:03 [db] Setting internal codepage to 1200 IMAP: 08:53:03 [db] Connecting to 'imap.server.cz' on port 993. IMAP: 08:53:03 [db] OnNotify: asOld = 0, asNew = 2, ae = 0 IMAP: 08:53:03 [db] srv_name = "imap.server.cz" srv_addr = 193.x.y.z:993 IMAP: 08:53:03 [db] OnNotify: asOld = 2, asNew = 3, ae = 1 IMAP: 08:53:03 [db] OnNotify: asOld = 3, asNew = 4, ae = 0 IMAP: 08:53:03 [db] Negotiating secure connection with 'Microsoft Unified Security Protocol Provider'. IMAP: 08:53:03 [db] OnNotify: asOld = 4, asNew = 6, ae = 2 IMAP: 08:53:03 [db] OnNotify: asOld = 6, asNew = 6, ae = 4 IMAP: 08:53:03 [db] OnNotify: asOld = 6, asNew = 5, ae = 2 IMAP: 08:53:04 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 08:53:04 [rx] * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready. IMAP: 08:53:04 [tx] ozzj CAPABILITY IMAP: 08:53:04 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 08:53:04 [rx] * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN IMAP: 08:53:04 [rx] ozzj OK Pre-login capabilities listed, post-login capabilities have more. IMAP: 08:53:04 [tx] LOGIN command sent IMAP: 08:53:04 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 08:53:04 [rx] * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS SPECIAL-USE BINARY MOVE IMAP: 08:53:04 [rx] 4yl7 OK Logged in IMAP: 08:53:04 [tx] 0lgo IDLE IMAP: 08:53:04 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 08:53:04 [rx] + idling IMAP: 08:53:04 [tx] DONE IMAP: 08:53:04 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 08:53:04 [rx] 0lgo OK Idle completed. IMAP: 08:53:04 [tx] xf8u LIST "" "INBOX." IMAP: 08:53:04 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 08:53:04 [rx] xf8u OK List completed. IMAP: 08:53:04 [tx] sgh4 CREATE "INBOX." IMAP: 08:53:04 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 08:53:04 [rx] sgh4 NO [ALREADYEXISTS] Mailbox already exists IMAP: 08:53:04 [tx] r7t0 IDLE IMAP: 08:53:04 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 08:53:04 [rx] + idling IMAP: 08:53:04 [tx] DONE IMAP: 08:53:04 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 08:53:04 [rx] r7t0 OK Idle completed. IMAP: 08:53:04 [tx] 4prg ID ("name" "Microsoft Outlook" "version" "15.0.4727.1000") IMAP: 08:53:04 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 08:53:04 [rx] * ID ("name" "Dovecot") IMAP: 08:53:04 [rx] 4prg OK ID completed. IMAP: 08:53:04 [tx] 3kjk IDLE IMAP: 08:53:04 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 08:53:04 [rx] + idling IMAP: 08:53:59 [tx] DONE IMAP: 08:53:59 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 08:53:59 [rx] 3kjk OK Idle completed. IMAP: 08:53:59 [tx] 4i0o LOGOUT IMAP: 08:53:59 [db] Connection to 'imap.server.cz' closed. IMAP: 08:53:59 [db] OnNotify: asOld = 5, asNew = 0, ae = 5" Another send/receive not seeing any new email "Intializing connection [127E8EC0] IMAP: 09:09:14 [db] Setting internal codepage to 1200 IMAP: 09:09:14 [db] Connecting to 'imap.server.cz' on port 993. IMAP: 09:09:14 [db] OnNotify: asOld = 0, asNew = 4, ae = 0 IMAP: 09:09:14 [db] Negotiating secure connection with 'Microsoft Unified Security Protocol Provider'. IMAP: 09:09:14 [db] OnNotify: asOld = 4, asNew = 6, ae = 2 IMAP: 09:09:14 [db] OnNotify: asOld = 6, asNew = 6, ae = 4 IMAP: 09:09:14 [db] OnNotify: asOld = 6, asNew = 5, ae = 2 IMAP: 09:09:15 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:15 [rx] * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready. IMAP: 09:09:15 [tx] nj2r CAPABILITY IMAP: 09:09:15 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:15 [rx] * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN IMAP: 09:09:15 [rx] nj2r OK Pre-login capabilities listed, post-login capabilities have more. IMAP: 09:09:15 [tx] LOGIN command sent IMAP: 09:09:15 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:15 [rx] * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS SPECIAL-USE BINARY MOVE IMAP: 09:09:15 [rx] mvv9 OK Logged in IMAP: 09:09:15 [tx] ugks IDLE IMAP: 09:09:15 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:15 [rx] + idling IMAP: 09:09:15 [tx] DONE IMAP: 09:09:15 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:15 [rx] ugks OK Idle completed. IMAP: 09:09:15 [tx] wrwq SELECT "INBOX.Sent" IMAP: 09:09:15 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:15 [rx] * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) IMAP: 09:09:15 [db] Connection to 'imap.server.cz' closed. IMAP: 09:09:15 [db] OnNotify: asOld = 5, asNew = 0, ae = 5" Then I used the following "workaround" to force Outlook get new emails: click several times (> 5, 10) in between Send/Receive, Inbox and Sent. "Intializing connection [1C7E27F8] IMAP: 09:08:57 [db] Setting internal codepage to 1200 IMAP: 09:08:57 [db] Connecting to 'imap.server.cz' on port 993. IMAP: 09:08:57 [db] OnNotify: asOld = 0, asNew = 2, ae = 0 IMAP: 09:08:57 [db] srv_name = "imap.server.cz" srv_addr = 193.x.y.z:993 IMAP: 09:08:57 [db] OnNotify: asOld = 2, asNew = 3, ae = 1 IMAP: 09:08:57 [db] OnNotify: asOld = 3, asNew = 4, ae = 0 IMAP: 09:08:57 [db] Negotiating secure connection with 'Microsoft Unified Security Protocol Provider'. IMAP: 09:08:57 [db] OnNotify: asOld = 4, asNew = 6, ae = 2 IMAP: 09:08:57 [db] OnNotify: asOld = 6, asNew = 6, ae = 4 IMAP: 09:08:57 [db] OnNotify: asOld = 6, asNew = 5, ae = 2 IMAP: 09:08:57 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:08:57 [rx] * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready. IMAP: 09:08:57 [tx] 4t2h CAPABILITY IMAP: 09:08:57 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:08:57 [rx] * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN IMAP: 09:08:57 [rx] 4t2h OK Pre-login capabilities listed, post-login capabilities have more. IMAP: 09:08:57 [tx] LOGIN command sent IMAP: 09:08:57 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:08:57 [rx] * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS SPECIAL-USE BINARY MOVE IMAP: 09:08:57 [rx] ynxe OK Logged in IMAP: 09:08:57 [tx] wmsb IDLE IMAP: 09:08:57 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:08:57 [rx] + idling IMAP: 09:08:59 [tx] DONE IMAP: 09:08:59 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:08:59 [rx] wmsb OK Idle completed. IMAP: 09:08:59 [tx] 65vu ID ("name" "Microsoft Outlook" "version" "15.0.4727.1000") IMAP: 09:08:59 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:08:59 [rx] * ID ("name" "Dovecot") IMAP: 09:08:59 [rx] 65vu OK ID completed. IMAP: 09:08:59 [tx] 44jb IDLE IMAP: 09:08:59 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:08:59 [rx] + idling IMAP: 09:09:16 [tx] DONE IMAP: 09:09:16 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:16 [rx] 44jb OK Idle completed. IMAP: 09:09:16 [tx] u83i SELECT "INBOX" IMAP: 09:09:16 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:16 [rx] * FLAGS (\Answered \Flagged \Deleted \Seen \Draft $Forwarded) IMAP: 09:09:16 [rx] * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft $Forwarded \*)] Flags permitted. IMAP: 09:09:16 [rx] * 22 EXISTS IMAP: 09:09:16 [rx] * 0 RECENT IMAP: 09:09:16 [rx] * OK [UNSEEN 12] First unseen. IMAP: 09:09:16 [rx] * OK [UIDVALIDITY 1426675851] UIDs valid IMAP: 09:09:16 [rx] * OK [UIDNEXT 14233] Predicted next UID IMAP: 09:09:16 [rx] u83i OK [READ-WRITE] Select completed (0.000 secs). IMAP: 09:09:16 [tx] 2kqy IDLE IMAP: 09:09:16 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:16 [rx] + idling IMAP: 09:09:16 [tx] DONE IMAP: 09:09:16 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:16 [rx] 2kqy OK Idle completed. IMAP: 09:09:16 [tx] j5st FETCH 22 (UID) IMAP: 09:09:16 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:16 [rx] * 22 FETCH (UID 14232) IMAP: 09:09:16 [rx] j5st OK Fetch completed. IMAP: 09:09:16 [tx] 0ejn IDLE IMAP: 09:09:16 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:16 [rx] + idling IMAP: 09:09:16 [tx] DONE IMAP: 09:09:16 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:16 [rx] 0ejn OK Idle completed. IMAP: 09:09:16 [tx] cm5u UID SEARCH UID 14221:14232 SINCE 28-Jun-2015 IMAP: 09:09:16 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:16 [rx] * SEARCH 14221 14222 14223 14224 14225 14226 14227 14228 14229 14230 14231 14232 IMAP: 09:09:16 [rx] cm5u OK Search completed (0.000 secs). IMAP: 09:09:16 [tx] a974 IDLE IMAP: 09:09:16 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:16 [rx] + idling IMAP: 09:09:16 [tx] DONE IMAP: 09:09:16 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:16 [rx] a974 OK Idle completed. IMAP: 09:09:16 [tx] b9w1 UID FETCH 14221:14232 (UID FLAGS RFC822.SIZE BODY.PEEK[] INTERNALDATE) IMAP: 09:09:16 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:16 [rx] * 11 FETCH (UID 14221 FLAGS (\Seen) RFC822.SIZE 32537 INTERNALDATE "29-Jun-2015 14:48:16 +0200" BODY[] {32537} IMAP: 09:09:16 [rx] Buffer (literal) of length 6032 IMAP: 09:09:16 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:16 [rx] Buffer (literal) of length 6144 IMAP: 09:09:16 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:16 [rx] Buffer (literal) of length 3072 IMAP: 09:09:16 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:16 [rx] Buffer (literal) of length 7168 IMAP: 09:09:16 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:16 [rx] Buffer (literal) of length 3072 IMAP: 09:09:16 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:16 [rx] Buffer (literal) of length 3072 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 3072 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 905 IMAP: 09:09:17 [rx] ) IMAP: 09:09:17 [rx] * 12 FETCH (UID 14222 FLAGS () RFC822.SIZE 19716 INTERNALDATE "29-Jun-2015 14:51:35 +0200" BODY[] {19716} IMAP: 09:09:17 [rx] Buffer (literal) of length 2057 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 8183 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 7168 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 1024 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 1284 IMAP: 09:09:17 [rx] ) IMAP: 09:09:17 [rx] * 13 FETCH (UID 14223 FLAGS () RFC822.SIZE 13770 INTERNALDATE "29-Jun-2015 16:16:00 +0200" BODY[] {13770} IMAP: 09:09:17 [rx] Buffer (literal) of length 1678 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 8192 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 3900 IMAP: 09:09:17 [rx] ) IMAP: 09:09:17 [rx] * 14 FETCH (UID 14224 FLAGS () RFC822.SIZE 12923 INTERNALDATE "29-Jun-2015 16:30:49 +0200" BODY[] {12923} IMAP: 09:09:17 [rx] Buffer (literal) of length 3158 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 8192 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 1573 IMAP: 09:09:17 [rx] ) IMAP: 09:09:17 [rx] * 15 FETCH (UID 14225 FLAGS () RFC822.SIZE 11058 INTERNALDATE "29-Jun-2015 19:47:54 +0200" BODY[] {11058} IMAP: 09:09:17 [rx] Buffer (literal) of length 5485 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 5573 IMAP: 09:09:17 [rx] ) IMAP: 09:09:17 [rx] * 16 FETCH (UID 14226 FLAGS () RFC822.SIZE 4534 INTERNALDATE "30-Jun-2015 01:48:51 +0200" BODY[] {4534} IMAP: 09:09:17 [rx] Buffer (literal) of length 1487 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 3047 IMAP: 09:09:17 [rx] ) IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] * 17 FETCH (UID 14227 FLAGS () RFC822.SIZE 4392 INTERNALDATE "30-Jun-2015 03:17:24 +0200" BODY[] {4392} IMAP: 09:09:17 [rx] Buffer (literal) of length 4392 IMAP: 09:09:17 [rx] ) IMAP: 09:09:17 [rx] * 18 FETCH (UID 14228 FLAGS () RFC822.SIZE 5231 INTERNALDATE "30-Jun-2015 03:22:09 +0200" BODY[] {5231} IMAP: 09:09:17 [rx] Buffer (literal) of length 2585 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 2646 IMAP: 09:09:17 [rx] ) IMAP: 09:09:17 [rx] * 19 FETCH (UID 14229 FLAGS () RFC822.SIZE 19076 INTERNALDATE "30-Jun-2015 06:37:43 +0200" BODY[] {19076} IMAP: 09:09:17 [rx] Buffer (literal) of length 5436 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 7168 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 6472 IMAP: 09:09:17 [rx] ) IMAP: 09:09:17 [rx] * 20 FETCH (UID 14230 FLAGS (\Seen) RFC822.SIZE 9591 INTERNALDATE "30-Jun-2015 07:19:06 +0200" BODY[] {9591} IMAP: 09:09:17 [rx] Buffer (literal) of length 1607 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 7168 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 816 IMAP: 09:09:17 [rx] ) IMAP: 09:09:17 [rx] * 21 FETCH (UID 14231 FLAGS () RFC822.SIZE 20345 INTERNALDATE "30-Jun-2015 07:21:15 +0200" BODY[] {20345} IMAP: 09:09:17 [rx] Buffer (literal) of length 7266 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 4096 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 3072 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 3072 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 2839 IMAP: 09:09:17 [rx] ) IMAP: 09:09:17 [rx] * 22 FETCH (UID 14232 FLAGS () RFC822.SIZE 22135 INTERNALDATE "30-Jun-2015 07:29:13 +0200" BODY[] {22135} IMAP: 09:09:17 [rx] Buffer (literal) of length 123 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 8192 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 2048 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 6144 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 5628 IMAP: 09:09:17 [rx] ) IMAP: 09:09:17 [rx] b9w1 OK Fetch completed. IMAP: 09:09:17 [tx] 51g5 IDLE IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] + idling IMAP: 09:09:17 [tx] DONE IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] 51g5 OK Idle completed. IMAP: 09:09:17 [tx] ssmg UID FETCH 1:14232 (UID FLAGS) IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] * 1 FETCH (UID 1 FLAGS (\Seen)) IMAP: 09:09:17 [db] Connection to 'imap.server.cz' closed. IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 0, ae = 5" Pacher Dragos -----Original Message----- From: dovecot [mailto:dovecot-bounces at dovecot.org] On Behalf Of Robert Schetterer Sent: 29 June 2015 20:47 To: dovecot at dovecot.org Subject: Re: Outlook 2013 not fetching new mail/synchronization issues Am 29.06.2015 um 12:08 schrieb Dragos Pacher: > Hi all, > sorry short in time , not reading your config but in most cases problems on windows are based on firewall/proxies either local or at the gateway, sometimes with other net issuses local firewall may included in antivirus solutions, have you checked this ? have you tried thunderbird on the same machine ? > > > Dovecot 2.2.10 CentOS 6 64 bit. > > > > We are having terrible synchronization issues with Outlook 2013 (all > updates) on Windows 7 SP1 and 8.1 hosts (all updates). > > > > Scenario: > > 1. Emails were sent since user closed Outlook > > 2. Next day: start computer, open outlook > > 3. No new email (even though email were sent overnight) > > 4. half a day later Outlook fetches emails like nothing happened > > > > Second issue: folders created or email send in Outlook 2013 does not > synchronize on IMAP, they remain only local .. > > > > But I am mostly interested into finding a fix for the first > synchronization issue described in scenario. Second is also important > > but I have a feeling its connected to the first. > > > > Any help will be highly appreciated! > > > > dovecot.conf > > > > listen = * > > > > #base_dir = /var/run/dovecot > > > > # Enabled mail protocols. > > #protocols = pop3 imap sieve > > protocols = pop3 imap > > > > # User/group who owns the message files: > > mail_uid = 89 > > mail_gid = 89 > > > > # Assign uid to virtual users. > > first_valid_uid = 89 > > last_valid_uid = 89 > > > > mail_max_userip_connections = 200 > > default_client_limit = 3000 > > > > namespace inbox { > > separator = . > > prefix = INBOX. > > inbox = yes > > > > # These mailboxes are widely used and could perhaps be created > automatically: > > mailbox Drafts { > > special_use = \Drafts > > } > > mailbox Junk { > > special_use = \Junk > > } > > mailbox Trash { > > special_use = \Trash > > } > > > > # For \Sent mailboxes there are two widely used names. We'll mark > both of > > # them as \Sent. User typically deletes one of them if duplicates > are created. > > mailbox Sent { > > special_use = \Sent > > } > > mailbox "Sent Messages" { > > special_use = \Sent > > } > > } > > > > # Logging. Reference: http://wiki2.dovecot.org/Logging > > log_path = /var/log/dovecot.log > > mail_debug = no > > auth_verbose = no > > auth_debug = no > > auth_debug_passwords = no > > auth_verbose_passwords = no > > > > auth_worker_max_count = 2048 > > > > # SSL: Global settings. > > # Refer to wiki site for per protocol, ip, server name SSL settings: > > # http://wiki2.dovecot.org/SSL/DovecotConfiguration > > ssl = yes > > verbose_ssl = no > > ssl_ca = > ssl_cert = > ssl_key = > > > disable_plaintext_auth = no > > > > # Mail location and mailbox format. > > #mail_location = maildir:/%Lh/Maildir/:INDEX=/%Lh/Maildir/ > > mail_location = > maildir:~/Maildir:INDEX=/home/dovecotindex/%Lh/Maildir/ > > > > # Authentication related settings. > > # Append this domain name if client gives empty realm. > > auth_default_realm = > > > > # Authentication mechanisms. > > auth_mechanisms = PLAIN LOGIN > > > > service imap-login { > > client_limit = 3024 > > process_limit = 2048 > > process_min_avail = 64 > > vsz_limit = 64 M > > } > > > > service auth { > > client_limit = 3072 > > > > unix_listener auth-userdb { > > } > > > > inet_listener { > > port = 12345 > > } > > } > > > > service imap { > > vsz_limit = 256M > > # Max. number of IMAP processes (connections) > > process_limit = 2048 > > #imap_idle_notify_interval = 2 mins > > } > > > > service pop3 { > > # Max. number of POP3 processes (connections) > > process_limit = 1024 > > } > > > > # Virtual mail accounts. > > userdb { > > args = /etc/dovecot/dovecot-mysql.conf > > driver = sql > > } > > passdb { > > args = /etc/dovecot/dovecot-mysql.conf > > driver = sql > > } > > > > plugin { > > auth_socket_path = /var/run/dovecot/auth-master > > > > # Plugin: autocreate. Create and subscribe to default IMAP folders. > > autocreate = INBOX > > autocreate2 = Sent > > autocreate3 = Trash > > autocreate4 = Drafts > > autocreate5 = Junk > > autosubscribe = INBOX > > autosubscribe2 = Sent > > autosubscribe3 = Trash > > autosubscribe4 = Drafts > > autosubscribe5 = Junk > > > > # Plugin: expire. > > expire = Trash 7 Trash/* 7 Junk 30 > > expire_dict = proxy::expire > > > > # Pigeonhole managesieve service. > > # Reference: > http://wiki2.dovecot.org/Pigeonhole/Sieve/Configuration > > # Per-user sieve settings. > > sieve_dir = /%Lh/sieve > > sieve = /%Lh/sieve/dovecot.sieve > > > > # Global sieve settings. > > sieve_global_dir = /home/vpopmail/sieve > > sieve_global_path = /home/vpopmail/sieve/dovecot.sieve > > #sieve_before = > > #sieve_after = > > } > > > > service dict { > > unix_listener dict { > > # mode = 0660 > > # user = vmail > > # group = vmail > > } > > } > > > > protocol lda { > > # Reference: http://wiki2.dovecot.org/LDA > > #mail_plugins = quota sieve autocreate > > #auth_socket_path = /var/run/dovecot/auth-master > > #log_path = /var/log/sieve.log > > #lda_mailbox_autocreate = yes > > #postmaster_address = root > > } > > protocol imap { > > mail_max_userip_connections = 2048 > > imap_client_workarounds = tb-extra-mailbox-sep > > #mail_plugins = quota imap_quota autocreate > > #mail_plugins = autocreate > > > > } > > protocol pop3 { > > #mail_plugins = quota > > pop3_uidl_format = UID%u-%v > > pop3_client_workarounds = outlook-no-nuls oe-ns-eoh > > } > > > > > > Regards, > > > > > > Pacher Dragos > > > Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From skdovecot at smail.inf.fh-brs.de Tue Jun 30 09:04:41 2015 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Tue, 30 Jun 2015 11:04:41 +0200 (CEST) Subject: LDAP default value variable interpolation In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 29 Jun 2015, Leon Kyneur wrote: > I have a configuration that works something like this on my front end proxy: > > pass_attrs = mail=user,\ > =nopassword=y,\ > =proxy=y,\ > =host=mail.%d > > The above works perfectly well even though it seems a bit hack. > > I want to fetch the host field from LDAP and default it to "mail.%d" if the > attribute isn't populated for the user. > > I have tried the following : > > pass_attrs = mail=user,\ > =nopassword=y,\ > =proxy=y,\ > =host=%{ldap:mailHost:mail.%d} > > however the interpolation doesn't occur on the default. Just wondering if > there is a way to achieve this? according http://wiki2.dovecot.org/PasswordDatabase you can use default_fields = for passdb, too. Maybe, default_fields = host=mail.%d works? - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVZJbqXz1H7kL/d9rAQKIUwf+MTvxLBMgC2f2KrPjPdvBITHP2i61RhRo apXyz/EPym29RKOOjriWSyxZYrRguD+Umui/QwRmGNvdzdLiasEVJTzoKFQcBIM6 mUK8D1VxtVvM3xl41FqYaxs7jGwTzraIQnxSV1bBJHUU2udUb1Kc+tWNVYjYsDJh lukrYGMHSmcCT8ORxiTOuTY1bHzjyczw4mhHONUrVA2x+yufRfzF4U1wc0eJD7aS Mz08M+ONodGFKk1xMg0GFRHezvWYznPa+p9O2i/vtFUM1eEUtfzHJ5MjfBEyxALh a3dQFpk0U5UPmODlE34QSR1dP04nWZWXFtWywqQse3Qo3LjQKKaq7A== =XTO5 -----END PGP SIGNATURE----- From jerry at seibercom.net Tue Jun 30 09:59:40 2015 From: jerry at seibercom.net (Jerry) Date: Tue, 30 Jun 2015 05:59:40 -0400 Subject: Outlook 2013 not fetching new mail/synchronization issues In-Reply-To: <00e401d0b306$85daa960$918ffc20$@apexgroup.ro> References: <023801d0b253$960564f0$c2102ed0$@apexgroup.ro> <55918491.3060000@sys4.de> <00e401d0b306$85daa960$918ffc20$@apexgroup.ro> Message-ID: <20150630055940.36a4147a@seibercom.net> On Tue, 30 Jun 2015 10:29:38 +0300, Dragos Pacher stated: >There were new emails overnight and both Thunderbird and Roundcube displayed >them. > >I enabled Outlook debug mode and please find 2 logs of Send/Receive with no >new emails. It appears that Outlook considers these messages as all ready having been seen. In any case, I would suggest that you try either of these two MS Forums: (The first one is probably better) http://answers.microsoft.com/en-us/outlook_com/forum?auth=1 http://www.msofficeforums.com/outlook/ Post all of the info, etcetera. They might bump you up to the tech forum, which would be a good thing. Post your results back here. I am interested in finding out your problem, since I have a similar setup sans any problem. -- Jerry From dragos.pacher at apexgroup.ro Tue Jun 30 11:06:47 2015 From: dragos.pacher at apexgroup.ro (Dragos Pacher) Date: Tue, 30 Jun 2015 14:06:47 +0300 Subject: Outlook 2013 not fetching new mail/synchronization issues In-Reply-To: <00e401d0b306$85daa960$918ffc20$@apexgroup.ro> References: <023801d0b253$960564f0$c2102ed0$@apexgroup.ro> <55918491.3060000@sys4.de> <00e401d0b306$85daa960$918ffc20$@apexgroup.ro> Message-ID: <034501d0b324$dc33ef10$949bcd30$@apexgroup.ro> There is also an antivirus running on client with antispam module. I will try to disable it and see if there is any change. Pacher Dragos -----Original Message----- From: dovecot [mailto:dovecot-bounces at dovecot.org] On Behalf Of Dragos Pacher Sent: 30 June 2015 10:30 To: 'Robert Schetterer'; dovecot at dovecot.org; jerry at seibercom.net Subject: RE: Outlook 2013 not fetching new mail/synchronization issues Hi all, Robert, Jerry, There were new emails overnight and both Thunderbird and Roundcube displayed them. I enabled Outlook debug mode and please find 2 logs of Send/Receive with no new emails. Scroll below to see 3rd log with "workaround" and mails downloaded. "Intializing connection [1C7E2830] IMAP: 08:53:03 [db] Setting internal codepage to 1200 IMAP: 08:53:03 [db] Connecting to 'imap.server.cz' on port 993. IMAP: 08:53:03 [db] OnNotify: asOld = 0, asNew = 2, ae = 0 IMAP: 08:53:03 [db] srv_name = "imap.server.cz" srv_addr = 193.x.y.z:993 IMAP: 08:53:03 [db] OnNotify: asOld = 2, asNew = 3, ae = 1 IMAP: 08:53:03 [db] OnNotify: asOld = 3, asNew = 4, ae = 0 IMAP: 08:53:03 [db] Negotiating secure connection with 'Microsoft Unified Security Protocol Provider'. IMAP: 08:53:03 [db] OnNotify: asOld = 4, asNew = 6, ae = 2 IMAP: 08:53:03 [db] OnNotify: asOld = 6, asNew = 6, ae = 4 IMAP: 08:53:03 [db] OnNotify: asOld = 6, asNew = 5, ae = 2 IMAP: 08:53:04 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 08:53:04 [rx] * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready. IMAP: 08:53:04 [tx] ozzj CAPABILITY IMAP: 08:53:04 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 08:53:04 [rx] * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN IMAP: 08:53:04 [rx] ozzj OK Pre-login capabilities listed, post-login capabilities have more. IMAP: 08:53:04 [tx] LOGIN command sent IMAP: 08:53:04 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 08:53:04 [rx] * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS SPECIAL-USE BINARY MOVE IMAP: 08:53:04 [rx] 4yl7 OK Logged in IMAP: 08:53:04 [tx] 0lgo IDLE IMAP: 08:53:04 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 08:53:04 [rx] + idling IMAP: 08:53:04 [tx] DONE IMAP: 08:53:04 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 08:53:04 [rx] 0lgo OK Idle completed. IMAP: 08:53:04 [tx] xf8u LIST "" "INBOX." IMAP: 08:53:04 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 08:53:04 [rx] xf8u OK List completed. IMAP: 08:53:04 [tx] sgh4 CREATE "INBOX." IMAP: 08:53:04 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 08:53:04 [rx] sgh4 NO [ALREADYEXISTS] Mailbox already exists IMAP: 08:53:04 [tx] r7t0 IDLE IMAP: 08:53:04 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 08:53:04 [rx] + idling IMAP: 08:53:04 [tx] DONE IMAP: 08:53:04 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 08:53:04 [rx] r7t0 OK Idle completed. IMAP: 08:53:04 [tx] 4prg ID ("name" "Microsoft Outlook" "version" "15.0.4727.1000") IMAP: 08:53:04 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 08:53:04 [rx] * ID ("name" "Dovecot") IMAP: 08:53:04 [rx] 4prg OK ID completed. IMAP: 08:53:04 [tx] 3kjk IDLE IMAP: 08:53:04 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 08:53:04 [rx] + idling IMAP: 08:53:59 [tx] DONE IMAP: 08:53:59 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 08:53:59 [rx] 3kjk OK Idle completed. IMAP: 08:53:59 [tx] 4i0o LOGOUT IMAP: 08:53:59 [db] Connection to 'imap.server.cz' closed. IMAP: 08:53:59 [db] OnNotify: asOld = 5, asNew = 0, ae = 5" Another send/receive not seeing any new email "Intializing connection [127E8EC0] IMAP: 09:09:14 [db] Setting internal codepage to 1200 IMAP: 09:09:14 [db] Connecting to 'imap.server.cz' on port 993. IMAP: 09:09:14 [db] OnNotify: asOld = 0, asNew = 4, ae = 0 IMAP: 09:09:14 [db] Negotiating secure connection with 'Microsoft Unified Security Protocol Provider'. IMAP: 09:09:14 [db] OnNotify: asOld = 4, asNew = 6, ae = 2 IMAP: 09:09:14 [db] OnNotify: asOld = 6, asNew = 6, ae = 4 IMAP: 09:09:14 [db] OnNotify: asOld = 6, asNew = 5, ae = 2 IMAP: 09:09:15 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:15 [rx] * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready. IMAP: 09:09:15 [tx] nj2r CAPABILITY IMAP: 09:09:15 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:15 [rx] * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN IMAP: 09:09:15 [rx] nj2r OK Pre-login capabilities listed, post-login capabilities have more. IMAP: 09:09:15 [tx] LOGIN command sent IMAP: 09:09:15 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:15 [rx] * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS SPECIAL-USE BINARY MOVE IMAP: 09:09:15 [rx] mvv9 OK Logged in IMAP: 09:09:15 [tx] ugks IDLE IMAP: 09:09:15 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:15 [rx] + idling IMAP: 09:09:15 [tx] DONE IMAP: 09:09:15 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:15 [rx] ugks OK Idle completed. IMAP: 09:09:15 [tx] wrwq SELECT "INBOX.Sent" IMAP: 09:09:15 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:15 [rx] * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) IMAP: 09:09:15 [db] Connection to 'imap.server.cz' closed. IMAP: 09:09:15 [db] OnNotify: asOld = 5, asNew = 0, ae = 5" Then I used the following "workaround" to force Outlook get new emails: click several times (> 5, 10) in between Send/Receive, Inbox and Sent. "Intializing connection [1C7E27F8] IMAP: 09:08:57 [db] Setting internal codepage to 1200 IMAP: 09:08:57 [db] Connecting to 'imap.server.cz' on port 993. IMAP: 09:08:57 [db] OnNotify: asOld = 0, asNew = 2, ae = 0 IMAP: 09:08:57 [db] srv_name = "imap.server.cz" srv_addr = 193.x.y.z:993 IMAP: 09:08:57 [db] OnNotify: asOld = 2, asNew = 3, ae = 1 IMAP: 09:08:57 [db] OnNotify: asOld = 3, asNew = 4, ae = 0 IMAP: 09:08:57 [db] Negotiating secure connection with 'Microsoft Unified Security Protocol Provider'. IMAP: 09:08:57 [db] OnNotify: asOld = 4, asNew = 6, ae = 2 IMAP: 09:08:57 [db] OnNotify: asOld = 6, asNew = 6, ae = 4 IMAP: 09:08:57 [db] OnNotify: asOld = 6, asNew = 5, ae = 2 IMAP: 09:08:57 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:08:57 [rx] * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready. IMAP: 09:08:57 [tx] 4t2h CAPABILITY IMAP: 09:08:57 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:08:57 [rx] * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN IMAP: 09:08:57 [rx] 4t2h OK Pre-login capabilities listed, post-login capabilities have more. IMAP: 09:08:57 [tx] LOGIN command sent IMAP: 09:08:57 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:08:57 [rx] * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS SPECIAL-USE BINARY MOVE IMAP: 09:08:57 [rx] ynxe OK Logged in IMAP: 09:08:57 [tx] wmsb IDLE IMAP: 09:08:57 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:08:57 [rx] + idling IMAP: 09:08:59 [tx] DONE IMAP: 09:08:59 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:08:59 [rx] wmsb OK Idle completed. IMAP: 09:08:59 [tx] 65vu ID ("name" "Microsoft Outlook" "version" "15.0.4727.1000") IMAP: 09:08:59 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:08:59 [rx] * ID ("name" "Dovecot") IMAP: 09:08:59 [rx] 65vu OK ID completed. IMAP: 09:08:59 [tx] 44jb IDLE IMAP: 09:08:59 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:08:59 [rx] + idling IMAP: 09:09:16 [tx] DONE IMAP: 09:09:16 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:16 [rx] 44jb OK Idle completed. IMAP: 09:09:16 [tx] u83i SELECT "INBOX" IMAP: 09:09:16 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:16 [rx] * FLAGS (\Answered \Flagged \Deleted \Seen \Draft $Forwarded) IMAP: 09:09:16 [rx] * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft $Forwarded \*)] Flags permitted. IMAP: 09:09:16 [rx] * 22 EXISTS IMAP: 09:09:16 [rx] * 0 RECENT IMAP: 09:09:16 [rx] * OK [UNSEEN 12] First unseen. IMAP: 09:09:16 [rx] * OK [UIDVALIDITY 1426675851] UIDs valid IMAP: 09:09:16 [rx] * OK [UIDNEXT 14233] Predicted next UID IMAP: 09:09:16 [rx] u83i OK [READ-WRITE] Select completed (0.000 secs). IMAP: 09:09:16 [tx] 2kqy IDLE IMAP: 09:09:16 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:16 [rx] + idling IMAP: 09:09:16 [tx] DONE IMAP: 09:09:16 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:16 [rx] 2kqy OK Idle completed. IMAP: 09:09:16 [tx] j5st FETCH 22 (UID) IMAP: 09:09:16 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:16 [rx] * 22 FETCH (UID 14232) IMAP: 09:09:16 [rx] j5st OK Fetch completed. IMAP: 09:09:16 [tx] 0ejn IDLE IMAP: 09:09:16 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:16 [rx] + idling IMAP: 09:09:16 [tx] DONE IMAP: 09:09:16 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:16 [rx] 0ejn OK Idle completed. IMAP: 09:09:16 [tx] cm5u UID SEARCH UID 14221:14232 SINCE 28-Jun-2015 IMAP: 09:09:16 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:16 [rx] * SEARCH 14221 14222 14223 14224 14225 14226 14227 14228 14229 14230 14231 14232 IMAP: 09:09:16 [rx] cm5u OK Search completed (0.000 secs). IMAP: 09:09:16 [tx] a974 IDLE IMAP: 09:09:16 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:16 [rx] + idling IMAP: 09:09:16 [tx] DONE IMAP: 09:09:16 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:16 [rx] a974 OK Idle completed. IMAP: 09:09:16 [tx] b9w1 UID FETCH 14221:14232 (UID FLAGS RFC822.SIZE BODY.PEEK[] INTERNALDATE) IMAP: 09:09:16 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:16 [rx] * 11 FETCH (UID 14221 FLAGS (\Seen) RFC822.SIZE 32537 INTERNALDATE "29-Jun-2015 14:48:16 +0200" BODY[] {32537} IMAP: 09:09:16 [rx] Buffer (literal) of length 6032 IMAP: 09:09:16 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:16 [rx] Buffer (literal) of length 6144 IMAP: 09:09:16 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:16 [rx] Buffer (literal) of length 3072 IMAP: 09:09:16 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:16 [rx] Buffer (literal) of length 7168 IMAP: 09:09:16 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:16 [rx] Buffer (literal) of length 3072 IMAP: 09:09:16 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:16 [rx] Buffer (literal) of length 3072 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 3072 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 905 IMAP: 09:09:17 [rx] ) IMAP: 09:09:17 [rx] * 12 FETCH (UID 14222 FLAGS () RFC822.SIZE 19716 INTERNALDATE "29-Jun-2015 14:51:35 +0200" BODY[] {19716} IMAP: 09:09:17 [rx] Buffer (literal) of length 2057 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 8183 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 7168 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 1024 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 1284 IMAP: 09:09:17 [rx] ) IMAP: 09:09:17 [rx] * 13 FETCH (UID 14223 FLAGS () RFC822.SIZE 13770 INTERNALDATE "29-Jun-2015 16:16:00 +0200" BODY[] {13770} IMAP: 09:09:17 [rx] Buffer (literal) of length 1678 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 8192 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 3900 IMAP: 09:09:17 [rx] ) IMAP: 09:09:17 [rx] * 14 FETCH (UID 14224 FLAGS () RFC822.SIZE 12923 INTERNALDATE "29-Jun-2015 16:30:49 +0200" BODY[] {12923} IMAP: 09:09:17 [rx] Buffer (literal) of length 3158 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 8192 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 1573 IMAP: 09:09:17 [rx] ) IMAP: 09:09:17 [rx] * 15 FETCH (UID 14225 FLAGS () RFC822.SIZE 11058 INTERNALDATE "29-Jun-2015 19:47:54 +0200" BODY[] {11058} IMAP: 09:09:17 [rx] Buffer (literal) of length 5485 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 5573 IMAP: 09:09:17 [rx] ) IMAP: 09:09:17 [rx] * 16 FETCH (UID 14226 FLAGS () RFC822.SIZE 4534 INTERNALDATE "30-Jun-2015 01:48:51 +0200" BODY[] {4534} IMAP: 09:09:17 [rx] Buffer (literal) of length 1487 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 3047 IMAP: 09:09:17 [rx] ) IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] * 17 FETCH (UID 14227 FLAGS () RFC822.SIZE 4392 INTERNALDATE "30-Jun-2015 03:17:24 +0200" BODY[] {4392} IMAP: 09:09:17 [rx] Buffer (literal) of length 4392 IMAP: 09:09:17 [rx] ) IMAP: 09:09:17 [rx] * 18 FETCH (UID 14228 FLAGS () RFC822.SIZE 5231 INTERNALDATE "30-Jun-2015 03:22:09 +0200" BODY[] {5231} IMAP: 09:09:17 [rx] Buffer (literal) of length 2585 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 2646 IMAP: 09:09:17 [rx] ) IMAP: 09:09:17 [rx] * 19 FETCH (UID 14229 FLAGS () RFC822.SIZE 19076 INTERNALDATE "30-Jun-2015 06:37:43 +0200" BODY[] {19076} IMAP: 09:09:17 [rx] Buffer (literal) of length 5436 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 7168 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 6472 IMAP: 09:09:17 [rx] ) IMAP: 09:09:17 [rx] * 20 FETCH (UID 14230 FLAGS (\Seen) RFC822.SIZE 9591 INTERNALDATE "30-Jun-2015 07:19:06 +0200" BODY[] {9591} IMAP: 09:09:17 [rx] Buffer (literal) of length 1607 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 7168 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 816 IMAP: 09:09:17 [rx] ) IMAP: 09:09:17 [rx] * 21 FETCH (UID 14231 FLAGS () RFC822.SIZE 20345 INTERNALDATE "30-Jun-2015 07:21:15 +0200" BODY[] {20345} IMAP: 09:09:17 [rx] Buffer (literal) of length 7266 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 4096 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 3072 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 3072 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 2839 IMAP: 09:09:17 [rx] ) IMAP: 09:09:17 [rx] * 22 FETCH (UID 14232 FLAGS () RFC822.SIZE 22135 INTERNALDATE "30-Jun-2015 07:29:13 +0200" BODY[] {22135} IMAP: 09:09:17 [rx] Buffer (literal) of length 123 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 8192 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 2048 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 6144 IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] Buffer (literal) of length 5628 IMAP: 09:09:17 [rx] ) IMAP: 09:09:17 [rx] b9w1 OK Fetch completed. IMAP: 09:09:17 [tx] 51g5 IDLE IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] + idling IMAP: 09:09:17 [tx] DONE IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] 51g5 OK Idle completed. IMAP: 09:09:17 [tx] ssmg UID FETCH 1:14232 (UID FLAGS) IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 5, ae = 3 IMAP: 09:09:17 [rx] * 1 FETCH (UID 1 FLAGS (\Seen)) IMAP: 09:09:17 [db] Connection to 'imap.server.cz' closed. IMAP: 09:09:17 [db] OnNotify: asOld = 5, asNew = 0, ae = 5" Pacher Dragos -----Original Message----- From: dovecot [mailto:dovecot-bounces at dovecot.org] On Behalf Of Robert Schetterer Sent: 29 June 2015 20:47 To: dovecot at dovecot.org Subject: Re: Outlook 2013 not fetching new mail/synchronization issues Am 29.06.2015 um 12:08 schrieb Dragos Pacher: > Hi all, > sorry short in time , not reading your config but in most cases problems on windows are based on firewall/proxies either local or at the gateway, sometimes with other net issuses local firewall may included in antivirus solutions, have you checked this ? have you tried thunderbird on the same machine ? > > > Dovecot 2.2.10 CentOS 6 64 bit. > > > > We are having terrible synchronization issues with Outlook 2013 (all > updates) on Windows 7 SP1 and 8.1 hosts (all updates). > > > > Scenario: > > 1. Emails were sent since user closed Outlook > > 2. Next day: start computer, open outlook > > 3. No new email (even though email were sent overnight) > > 4. half a day later Outlook fetches emails like nothing happened > > > > Second issue: folders created or email send in Outlook 2013 does not > synchronize on IMAP, they remain only local .. > > > > But I am mostly interested into finding a fix for the first > synchronization issue described in scenario. Second is also important > > but I have a feeling its connected to the first. > > > > Any help will be highly appreciated! > > > > dovecot.conf > > > > listen = * > > > > #base_dir = /var/run/dovecot > > > > # Enabled mail protocols. > > #protocols = pop3 imap sieve > > protocols = pop3 imap > > > > # User/group who owns the message files: > > mail_uid = 89 > > mail_gid = 89 > > > > # Assign uid to virtual users. > > first_valid_uid = 89 > > last_valid_uid = 89 > > > > mail_max_userip_connections = 200 > > default_client_limit = 3000 > > > > namespace inbox { > > separator = . > > prefix = INBOX. > > inbox = yes > > > > # These mailboxes are widely used and could perhaps be created > automatically: > > mailbox Drafts { > > special_use = \Drafts > > } > > mailbox Junk { > > special_use = \Junk > > } > > mailbox Trash { > > special_use = \Trash > > } > > > > # For \Sent mailboxes there are two widely used names. We'll mark > both of > > # them as \Sent. User typically deletes one of them if duplicates > are created. > > mailbox Sent { > > special_use = \Sent > > } > > mailbox "Sent Messages" { > > special_use = \Sent > > } > > } > > > > # Logging. Reference: http://wiki2.dovecot.org/Logging > > log_path = /var/log/dovecot.log > > mail_debug = no > > auth_verbose = no > > auth_debug = no > > auth_debug_passwords = no > > auth_verbose_passwords = no > > > > auth_worker_max_count = 2048 > > > > # SSL: Global settings. > > # Refer to wiki site for per protocol, ip, server name SSL settings: > > # http://wiki2.dovecot.org/SSL/DovecotConfiguration > > ssl = yes > > verbose_ssl = no > > ssl_ca = > ssl_cert = > ssl_key = > > > disable_plaintext_auth = no > > > > # Mail location and mailbox format. > > #mail_location = maildir:/%Lh/Maildir/:INDEX=/%Lh/Maildir/ > > mail_location = > maildir:~/Maildir:INDEX=/home/dovecotindex/%Lh/Maildir/ > > > > # Authentication related settings. > > # Append this domain name if client gives empty realm. > > auth_default_realm = > > > > # Authentication mechanisms. > > auth_mechanisms = PLAIN LOGIN > > > > service imap-login { > > client_limit = 3024 > > process_limit = 2048 > > process_min_avail = 64 > > vsz_limit = 64 M > > } > > > > service auth { > > client_limit = 3072 > > > > unix_listener auth-userdb { > > } > > > > inet_listener { > > port = 12345 > > } > > } > > > > service imap { > > vsz_limit = 256M > > # Max. number of IMAP processes (connections) > > process_limit = 2048 > > #imap_idle_notify_interval = 2 mins > > } > > > > service pop3 { > > # Max. number of POP3 processes (connections) > > process_limit = 1024 > > } > > > > # Virtual mail accounts. > > userdb { > > args = /etc/dovecot/dovecot-mysql.conf > > driver = sql > > } > > passdb { > > args = /etc/dovecot/dovecot-mysql.conf > > driver = sql > > } > > > > plugin { > > auth_socket_path = /var/run/dovecot/auth-master > > > > # Plugin: autocreate. Create and subscribe to default IMAP folders. > > autocreate = INBOX > > autocreate2 = Sent > > autocreate3 = Trash > > autocreate4 = Drafts > > autocreate5 = Junk > > autosubscribe = INBOX > > autosubscribe2 = Sent > > autosubscribe3 = Trash > > autosubscribe4 = Drafts > > autosubscribe5 = Junk > > > > # Plugin: expire. > > expire = Trash 7 Trash/* 7 Junk 30 > > expire_dict = proxy::expire > > > > # Pigeonhole managesieve service. > > # Reference: > http://wiki2.dovecot.org/Pigeonhole/Sieve/Configuration > > # Per-user sieve settings. > > sieve_dir = /%Lh/sieve > > sieve = /%Lh/sieve/dovecot.sieve > > > > # Global sieve settings. > > sieve_global_dir = /home/vpopmail/sieve > > sieve_global_path = /home/vpopmail/sieve/dovecot.sieve > > #sieve_before = > > #sieve_after = > > } > > > > service dict { > > unix_listener dict { > > # mode = 0660 > > # user = vmail > > # group = vmail > > } > > } > > > > protocol lda { > > # Reference: http://wiki2.dovecot.org/LDA > > #mail_plugins = quota sieve autocreate > > #auth_socket_path = /var/run/dovecot/auth-master > > #log_path = /var/log/sieve.log > > #lda_mailbox_autocreate = yes > > #postmaster_address = root > > } > > protocol imap { > > mail_max_userip_connections = 2048 > > imap_client_workarounds = tb-extra-mailbox-sep > > #mail_plugins = quota imap_quota autocreate > > #mail_plugins = autocreate > > > > } > > protocol pop3 { > > #mail_plugins = quota > > pop3_uidl_format = UID%u-%v > > pop3_client_workarounds = outlook-no-nuls oe-ns-eoh > > } > > > > > > Regards, > > > > > > Pacher Dragos > > > Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From dragos.pacher at apexgroup.ro Tue Jun 30 11:07:53 2015 From: dragos.pacher at apexgroup.ro (Dragos Pacher) Date: Tue, 30 Jun 2015 14:07:53 +0300 Subject: Outlook 2013 not fetching new mail/synchronization issues In-Reply-To: <20150630055940.36a4147a@seibercom.net> References: <023801d0b253$960564f0$c2102ed0$@apexgroup.ro> <55918491.3060000@sys4.de> <00e401d0b306$85daa960$918ffc20$@apexgroup.ro> <20150630055940.36a4147a@seibercom.net> Message-ID: <034701d0b325$03136930$093a3b90$@apexgroup.ro> Ok, I will try there too. So, this is not Dovecot related ? Pacher Dragos -----Original Message----- From: dovecot [mailto:dovecot-bounces at dovecot.org] On Behalf Of Jerry Sent: 30 June 2015 13:00 To: Dovecot Mailing List Subject: Re: Outlook 2013 not fetching new mail/synchronization issues On Tue, 30 Jun 2015 10:29:38 +0300, Dragos Pacher stated: >There were new emails overnight and both Thunderbird and Roundcube >displayed them. > >I enabled Outlook debug mode and please find 2 logs of Send/Receive >with no new emails. It appears that Outlook considers these messages as all ready having been seen. In any case, I would suggest that you try either of these two MS Forums: (The first one is probably better) http://answers.microsoft.com/en-us/outlook_com/forum?auth=1 http://www.msofficeforums.com/outlook/ Post all of the info, etcetera. They might bump you up to the tech forum, which would be a good thing. Post your results back here. I am interested in finding out your problem, since I have a similar setup sans any problem. -- Jerry From jerry at seibercom.net Tue Jun 30 11:31:17 2015 From: jerry at seibercom.net (Jerry) Date: Tue, 30 Jun 2015 07:31:17 -0400 Subject: Outlook 2013 not fetching new mail/synchronization issues In-Reply-To: <034701d0b325$03136930$093a3b90$@apexgroup.ro> References: <023801d0b253$960564f0$c2102ed0$@apexgroup.ro> <55918491.3060000@sys4.de> <00e401d0b306$85daa960$918ffc20$@apexgroup.ro> <20150630055940.36a4147a@seibercom.net> <034701d0b325$03136930$093a3b90$@apexgroup.ro> Message-ID: <20150630073117.47516455@seibercom.net> On Tue, 30 Jun 2015 14:07:53 +0300, Dragos Pacher stated: >I will try there too. So, this is not Dovecot related ? I am not really sure? I don't know how you have Outlook configured, so I cannot definitively say. I just know that I don't have the problem that you have. By the way, please don't "TOP POST". It makes following these threads far more difficult than it needs to be. -- Jerry -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 473 bytes Desc: OpenPGP digital signature URL: From dragos.pacher at apexgroup.ro Tue Jun 30 11:44:07 2015 From: dragos.pacher at apexgroup.ro (Dragos Pacher) Date: Tue, 30 Jun 2015 14:44:07 +0300 Subject: Outlook 2013 not fetching new mail/synchronization issues In-Reply-To: <20150630073117.47516455@seibercom.net> References: <023801d0b253$960564f0$c2102ed0$@apexgroup.ro> <55918491.3060000@sys4.de> <00e401d0b306$85daa960$918ffc20$@apexgroup.ro> <20150630055940.36a4147a@seibercom.net> <034701d0b325$03136930$093a3b90$@apexgroup.ro> <20150630073117.47516455@seibercom.net> Message-ID: <039b01d0b32a$130a8800$391f9800$@apexgroup.ro> I would say Outlook is standard IMAP configuration: IMAP, 993 SSL, root folder path: "INBOX." and timeout on 1 minute. Can I provide more details ? Ok, I will avoid including all replies in the thread. Pacher Dragos -----Original Message----- From: dovecot [mailto:dovecot-bounces at dovecot.org] On Behalf Of Jerry Sent: 30 June 2015 14:31 To: Dovecot Mailing List Subject: Re: Outlook 2013 not fetching new mail/synchronization issues On Tue, 30 Jun 2015 14:07:53 +0300, Dragos Pacher stated: >I will try there too. So, this is not Dovecot related ? I am not really sure? I don't know how you have Outlook configured, so I cannot definitively say. I just know that I don't have the problem that you have. By the way, please don't "TOP POST". It makes following these threads far more difficult than it needs to be. -- Jerry From jerry at seibercom.net Tue Jun 30 12:01:08 2015 From: jerry at seibercom.net (Jerry) Date: Tue, 30 Jun 2015 08:01:08 -0400 Subject: Outlook 2013 not fetching new mail/synchronization issues In-Reply-To: <039b01d0b32a$130a8800$391f9800$@apexgroup.ro> References: <023801d0b253$960564f0$c2102ed0$@apexgroup.ro> <55918491.3060000@sys4.de> <00e401d0b306$85daa960$918ffc20$@apexgroup.ro> <20150630055940.36a4147a@seibercom.net> <034701d0b325$03136930$093a3b90$@apexgroup.ro> <20150630073117.47516455@seibercom.net> <039b01d0b32a$130a8800$391f9800$@apexgroup.ro> Message-ID: <20150630080108.28813789@seibercom.net> On Tue, 30 Jun 2015 14:44:07 +0300, Dragos Pacher stated: >I would say Outlook is standard IMAP configuration: >IMAP, 993 SSL, root folder path: "INBOX." and timeout on 1 minute. I assume you are actually subscribed to those folders. You might want to check. Also, why do you have a root folder path? I don't and it works fine. Also, the "." after "INBOX " might be causing a problem. Have you tried remove the folder path, restarting Outlook and seeing what transpires? By the way, I am using port 143 with TLS for incoming mail. Works fine. Also, I have left everything unchecked in the "Deleted Items" section. Just an idea. -- Jerry From rs at sys4.de Tue Jun 30 15:05:21 2015 From: rs at sys4.de (Robert Schetterer) Date: Tue, 30 Jun 2015 17:05:21 +0200 Subject: Outlook 2013 not fetching new mail/synchronization issues In-Reply-To: <034501d0b324$dc33ef10$949bcd30$@apexgroup.ro> References: <023801d0b253$960564f0$c2102ed0$@apexgroup.ro> <55918491.3060000@sys4.de> <00e401d0b306$85daa960$918ffc20$@apexgroup.ro> <034501d0b324$dc33ef10$949bcd30$@apexgroup.ro> Message-ID: <5592B031.3030208@sys4.de> Am 30.06.2015 um 13:06 schrieb Dragos Pacher: > There is also an antivirus running on client with antispam module. I will > try to disable it and see > if there is any change. > > Pacher Dragos yeah most problems are depend to such software Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From leon at dexterous.org Tue Jun 30 22:23:55 2015 From: leon at dexterous.org (Leon Kyneur) Date: Tue, 30 Jun 2015 22:23:55 +0000 Subject: LDAP default value variable interpolation In-Reply-To: References: Message-ID: Yes that seems to work just fine! Thanks On Tue, Jun 30, 2015 at 7:02 PM Steffen Kaiser < skdovecot at smail.inf.fh-brs.de> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Mon, 29 Jun 2015, Leon Kyneur wrote: > > > I have a configuration that works something like this on my front end > proxy: > > > > pass_attrs = mail=user,\ > > =nopassword=y,\ > > =proxy=y,\ > > =host=mail.%d > > > > The above works perfectly well even though it seems a bit hack. > > > > I want to fetch the host field from LDAP and default it to "mail.%d" if > the > > attribute isn't populated for the user. > > > > I have tried the following : > > > > pass_attrs = mail=user,\ > > =nopassword=y,\ > > =proxy=y,\ > > =host=%{ldap:mailHost:mail.%d} > > > > however the interpolation doesn't occur on the default. Just wondering if > > there is a way to achieve this? > > according http://wiki2.dovecot.org/PasswordDatabase > > you can use > > default_fields = > > for passdb, too. Maybe, > > default_fields = host=mail.%d > > works? > > - -- > Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iQEVAwUBVZJbqXz1H7kL/d9rAQKIUwf+MTvxLBMgC2f2KrPjPdvBITHP2i61RhRo > apXyz/EPym29RKOOjriWSyxZYrRguD+Umui/QwRmGNvdzdLiasEVJTzoKFQcBIM6 > mUK8D1VxtVvM3xl41FqYaxs7jGwTzraIQnxSV1bBJHUU2udUb1Kc+tWNVYjYsDJh > lukrYGMHSmcCT8ORxiTOuTY1bHzjyczw4mhHONUrVA2x+yufRfzF4U1wc0eJD7aS > Mz08M+ONodGFKk1xMg0GFRHezvWYznPa+p9O2i/vtFUM1eEUtfzHJ5MjfBEyxALh > a3dQFpk0U5UPmODlE34QSR1dP04nWZWXFtWywqQse3Qo3LjQKKaq7A== > =XTO5 > -----END PGP SIGNATURE----- > From ms at ddnetservice.de Tue Jun 30 13:46:00 2015 From: ms at ddnetservice.de (Michael) Date: Tue, 30 Jun 2015 15:46:00 +0200 Subject: Getting regularly mailbox desyncs while syncing with imapc Message-ID: <55929D98.1000206@ddnetservice.de> Hello list! I sync approximately ~1000 Mailboxes actually without any problems, except my very own mailbox - Dovecot 2.2.18 (mdbox format) running here. The server from where I sync my mails from runs Dovecot 1.2.4 (with mbox format). The last log line that I receive is: dsync(ms at ddnetservice.de): Warning: Mailbox changes caused a desync. You may want to run dsync again. dovecot error log: 2015-06-30 13:09:50 imap(ms at ddnetservice.de): Error: Corrupted transaction log file /var/vmail/ddnetservice.de/ms/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index.log seq 2: indexid changed 1435401731 -> 1435662589 (sync_offset=0) This is the command for running my syncs: doveadm -o imapc_user= -o imapc_password= -o imapc_host= -o imapc_features="rfc822.size fetch-headers" -o mail_prefetch_count=20 -v -D sync -R -u imapc: &> $LOGS/$BOX.log A re-run of this command for my mailbox doesn't fix the problem. The "Inbox" remains empty. Only a "doveadm force-resync -ums at ddnetservice.de" fixes this problem with the exception that the Inbox still remains empty. So after force-resyncing I need to run the sync again and my Inbox remains consistent until the next imapc sync run. Actually the desync message is self-explanatory, but I wonder why this behaviour only occurs for my own Inbox (only Inbox, other directories aren't affected) and not anywhere else. Is there any possiblity to debug this? Could also the amount of new incoming mails cause this or do I have maybe a bugged mail in my original mailbox that is causing my trouble? Any hint is appreciated. Thanks, Michael