From sean at seangreenslade.com Tue Nov 1 00:32:29 2016 From: sean at seangreenslade.com (Sean Greenslade) Date: Mon, 31 Oct 2016 17:32:29 -0700 Subject: IP Addresses In-Reply-To: <067901d233ad$e00b2030$a0216090$@datagatesystems.com> References: <067901d233ad$e00b2030$a0216090$@datagatesystems.com> Message-ID: <20161101003229.GC23838@coach> On Mon, Oct 31, 2016 at 12:35:02PM -0700, Stephen Hanselman wrote: > Good Morning, > > Can someone point me to the area in Dovecot that deals with incoming IP > addresses. Specifically I want to determine if it is possible to "spoof" > the address or is the address I look at in the headers the actual address > that made the connection request (hopefully it is). I can't point you to a section of code since I'm not familiar with the Dovecot codebase, but I can provide a bit of insight. It's quite possible to spoof source IP addresses on the internet. It's quite a complicated and deep topic[1], but it is very much a real thing. Since this is at the network level, Dovecot has no way of detecting or preventing this. Thankfully, it's much more complicated to actually _receive_ packets intended for an IP you don't control, so IP spoofing is used primarily for making DDoS attacks harder to block. I can't find the talk that gave this number, but I recall someone claiming 27% of ISPs did not take adequate steps to prevent IP spoofing on their networks. I'm curious what your goal is. IP addresses are not generally an acceptable means of identification, which is why Dovecot supports real authentication mechanisms like SASL. So what are you trying to do? --Sean [1]: http://www.internetsociety.org/doc/addressing-challenge-ip-spoofing From cedric.malitte at gmail.com Tue Nov 1 00:42:47 2016 From: cedric.malitte at gmail.com (Cedric Malitte) Date: Mon, 31 Oct 2016 20:42:47 -0400 Subject: mail relay for local network In-Reply-To: <2c887d44-ad59-ec7b-6a64-619b0b85cb0c@free.fr> References: <2c887d44-ad59-ec7b-6a64-619b0b85cb0c@free.fr> Message-ID: JF, Pi is usable to host an dovecot email server, but remember that SD Cards are not hard drives and tend to fail more often unless you use industrial grade ones ( do not ask how I know :) ) Or make backups on a regular basis. For fecthing emails you should look at fetchmail, something like https://www.linode.com/docs/email/clients/using-fetchmail-to-retrieve-email. That's another thing, and I'm sure you'll find forums to help you on this. That said, don't be afraid to try. I had a dovecot runing on pi with nginx. Really easy to clone to make a small cluster for testing. Cedric 2016-10-31 11:49 GMT-04:00 jean francois pion : > > hello, > > i'm quite a newbie to the mail server instalation and admin (you must > start one day !) > > > i would like to use a rapberry pi to build a system to get the mails from > different mail accounts via pop, to store them in the raspberry memory an > be able to get them with my thunderbird client on the different computers > on my local network. > > no need to accesse them via internet it is for local use only. > > the puropose is to avoid gettin my fai mail box full and loosing mails > (quite a big mail traffic ) > > no need for spamkiller i've got what i want already on the computer > > no need for an smtp relay the computer can acces the fai smtp, > > is dovecot able to do that ? > > > thank you > > sorry for the bad english > > > > -- > > -- > > JF Pion > > *Quand je suis all? ? l'?cole, ils m'ont demand? ce que je voulais ?tre > quand je serai grand. J'ai r?pondu : "Heureux"* > > Ils m?ont dit que je n?avais pas compris la question, j?ai r?pondu qu?ils > n?avaient pas compris la vie. > > John Lennon > > > Des montages ?lectroniques pour le mod?lisme > http://jean.francois.pion.free.fr > > le site du vol ?lectrique http://electrofly.free.fr/ > > > > --- > L'absence de virus dans ce courrier ?lectronique a ?t? v?rifi?e par le > logiciel antivirus Avast. > https://www.avast.com/antivirus > From bunkertor at tiscali.it Tue Nov 1 01:55:39 2016 From: bunkertor at tiscali.it (bunkertor) Date: Tue, 1 Nov 2016 03:55:39 +0200 Subject: =?utf-8?B?cGxlYXNlIHN1Z2dlc3QgbWUgYSBuaWNlIG1vdmll?= Message-ID: <00001921f9da$0dd0aa20$b1cf15f8$@tiscali.it> Hi! I'd like to watch something really interesting, can you suggest me something cool? Here is the list of movies I've already watched bunkertor From aki.tuomi at dovecot.fi Tue Nov 1 07:15:20 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Tue, 1 Nov 2016 09:15:20 +0200 Subject: Panic: file mail-transaction-log-file.c: line 104 (mail_transaction_log_file_free): assertion failed: (!file->locked) In-Reply-To: References: <201607140956.35987.arekm@maven.pl> Message-ID: On 25.08.2016 10:29, Aki Tuomi wrote: > > On 14.07.2016 10:56, Arkadiusz Mi?kiewicz wrote: >> 2.2.25 (also happens on 2.2.24). Happens every time I try to make deliver >> and only for this user: >> >> Jul 14 09:52:02 mbox dovecot: lmtp(25601): Connect from local >> Jul 14 09:52:02 mbox dovecot: lmtp(powiadomienia): session=, Error: Index /var/mail/powiadomienia/dovecot.index: Lost log for seq=1009 offset=40: Missing middle file seq=1009 (between >> 1009..4294967295) >> Jul 14 09:52:02 mbox dovecot: lmtp(powiadomienia): session=, Warning: fscking index file /var/mail/powiadomienia/dovecot.index >> Jul 14 09:52:02 mbox dovecot: lmtp(powiadomienia): session=, Error: Fixed index file /var/mail/powiadomienia/dovecot.index: log_file_seq 1009 -> 1011 >> Jul 14 09:52:02 mbox dovecot: lmtp(powiadomienia): session=, Panic: file mail-transaction-log-file.c: line 104 (mail_transaction_log_file_free): assertion failed: (!file->locked) >> Jul 14 09:52:02 mbox dovecot: lmtp(powiadomienia): session=, Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0(+0x8d7d2) [0x7feb89fc97d2] -> /usr/lib64/dovecot/libdovecot.so.0(+0x8d8bd) >> [0x7feb89fc98bd] -> /usr/lib64/dovecot/libdovecot.so.0(i_fatal+0) [0x7feb89f67e31] -> /usr/lib64/dovecot/libdovecot-storage.so.0(mail_transaction_log_file_free+0x160) [0x7feb8a331fa0] -> /usr/lib64/dovecot/libdovecot- >> storage.so.0(mail_transaction_logs_clean+0x4d) [0x7feb8a3360ed] -> /usr/lib64/dovecot/libdovecot-storage.so.0(mail_transaction_log_close+0x30) [0x7feb8a336230] -> /usr/lib64/dovecot/libdovecot- >> storage.so.0(mail_transaction_log_move_to_memory+0xd5) [0x7feb8a3363e5] -> /usr/lib64/dovecot/libdovecot-storage.so.0(mail_index_move_to_memory+0xa0) [0x7feb8a330440] -> /usr/lib64/dovecot/libdovecot- >> storage.so.0(mail_index_write+0x183) [0x7feb8a32e9d3] -> /usr/lib64/dovecot/libdovecot-storage.so.0(mail_index_fsck+0xc1f) [0x7feb8a3186ff] -> /usr/lib64/dovecot/libdovecot-storage.so.0(mail_index_sync_map+0x49b) >> [0x7feb8a322eab] -> /usr/lib64/dovecot/libdovecot-storage.so.0(mail_index_map+0x71) [0x7feb8a31a231] -> /usr/lib64/dovecot/libdovecot-storage.so.0(+0xe0fed) [0x7feb8a32ffed] -> /usr/lib64/dovecot/libdovecot-storage.so.0(+0xe15f3) >> [0x7feb8a3305f3] -> /usr/lib64/dovecot/libdovecot-storage.so.0(mail_index_open+0x78) [0x7feb8a3306d8] -> /usr/lib64/dovecot/libdovecot-storage.so.0(index_storage_mailbox_open+0x92) [0x7feb8a309202] -> >> /usr/lib64/dovecot/libdovecot-storage.so.0(+0x6c0e2) [0x7feb8a2bb0e2] -> /usr/lib64/dovecot/libdovecot-storage.so.0(+0x6c1c8) [0x7feb8a2bb1c8] -> /usr/lib64/dovecot/plugins/lib20_zlib_plugin.so(+0x2fdc) [0x7feb85697fdc] -> >> /usr/lib64/dovecot/libdovecot-storage.so.0(+0x450c6) [0x7feb8a2940c6] -> /usr/lib64/dovecot/libdovecot-storage.so.0(mailbox_open+0x20) [0x7feb8a294240] -> /usr/lib64/dovecot/libdovecot-lda.so.0(mail_deliver_save_open+0xad) >> [0x7feb8a58d1ad] -> /usr/lib64/dovecot/libdovecot-lda.so.0(mail_deliver_save+0xbb) [0x7feb8a58d48b] -> /usr/lib64/dovecot/libdovecot-lda.so.0(mail_deliver+0x123) [0x7feb8a58d9e3] -> dovecot/lmtp [DATA powiadomienia]() [0x406bc8] >> -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_call_io+0x4c) [0x7feb89fdd67c] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0x101) [0x7feb89fdeb01] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run+0x25) >> [0x7feb89fdd705] >> Jul 14 09:52:02 mbox dovecot: lmtp(powiadomienia): session=, Fatal: master: service(lmtp): child 25601 killed with signal 6 (core dumps disabled) >> >> > Hi! > > Are you still able to reproduce this? Any hope for backtrace with gdb? > > gdb /path/to/binary /path/to/core > bt full > > Aki Ping Aki From sami.ketola at dovecot.fi Tue Nov 1 07:58:41 2016 From: sami.ketola at dovecot.fi (Sami Ketola) Date: Tue, 1 Nov 2016 09:58:41 +0200 Subject: Server migration In-Reply-To: <4ab2b970-8c9f-5d44-c247-d44a89f10ab7@libertytrek.org> References: <1879ea04-a29c-bf04-197c-4f8ffc0bf9bc@dovecot.fi> <7109c6da-c5be-9a95-736a-2a6c840285ed@libertytrek.org> <32af9379-7a4f-b61e-ec41-5c63e795a6dc@libertytrek.org> <4ab2b970-8c9f-5d44-c247-d44a89f10ab7@libertytrek.org> Message-ID: > On 31 Oct 2016, at 13.11, Tanstaafl wrote: > > On 10/30/2016 5:32 AM, Sami Ketola wrote: >> On 28 Oct 2016, at 16.54, Tanstaafl wrote: >>> Oh... I thought the --useuid option eliminated this problem? >>> >>> https://imapsync.lamiral.info/FAQ.d/FAQ.Duplicates.txt > >> It does not. There is no option at IMAP level to set the UID. >> >> In this case ?useuid seems to keep track on source:uid -> dest:uid >> pairs on multiple syncs and uses uid numbers to avoid syncing mails >> as duplicates instead of using headers to do that. > > Ok, interesting. So... how does dsync do it? Or would it only work > between two dovecot servers? > > I'm interested in migrating from other servers (Office 365 in one case). Dsync does not use IMAP protocol to store the mails to storage but instead uses the dovecot storage API to do that. Internally we can set what ever properties we want to including IMAP UIDs and POP3 UIDLs. Migrating from legacy system should then be done by pulling the mails from the legacy platform by using the imapc connector and storing them by using the internal apis. We can also store mails to imapc: location but in that case there is many properties that will be lost due to limitations of the IMAP protocol. Sami From mail at tomsommer.dk Tue Nov 1 08:47:17 2016 From: mail at tomsommer.dk (Tom Sommer) Date: Tue, 01 Nov 2016 09:47:17 +0100 Subject: Errors with count:User quota and NFS In-Reply-To: References: <3c824d592f58b8922de0e810c168f508@tomsommer.dk> Message-ID: On 2016-10-31 22:04, Timo Sirainen wrote: >> Oct 31 10:52:37 imap(xxx at xxxx.xx): Warning: Locking transaction log >> file /mnt/nfs/xxx.xx/xxx/indexes/dovecot.list.index.log took 31 >> seconds (syncing) >> Oct 31 10:52:37 imap(xxx at xxx.xx): Warning: Locking transaction log >> file /mnt/nfs/xxx.xx/xxx/indexes/dovecot.list.index.log took 31 >> seconds (syncing) > > This just means something is being slow. Not necessarily a problem. > Although it could also indicate a deadlock. Is this Maildir? Did you > say you were using lock_method=dotlock? I removed dotlock some time ago (using director) and switched to: lock_method = fcntl mail_fsync = always With "count" as quota backend I get a lot of these errors on the director: imap-login: Error: proxy(xxx at xxxx.xxx): Login for xxx.xxx.xxx.xxx:143 timed out in state=2 (after 30 secs, local=xxxxx:58478): user=, method=CRAM-MD5, rip=xxxx, lip=xxxxx, TLS, session= on the server: imap(xxxx at xxxx.xxx): Warning: Locking transaction log file /mnt/nfs/xxxx.dk/xxxxx/indexes/.INBOX/dovecot.index.log took 32 seconds (appending) From arekm at maven.pl Tue Nov 1 09:24:37 2016 From: arekm at maven.pl (Arkadiusz =?utf-8?q?Mi=C5=9Bkiewicz?=) Date: Tue, 1 Nov 2016 10:24:37 +0100 Subject: Panic: file mail-transaction-log-file.c: line 104 (mail_transaction_log_file_free): assertion failed: (!file->locked) In-Reply-To: References: <201607140956.35987.arekm@maven.pl> Message-ID: <201611011024.37322.arekm@maven.pl> On Tuesday 01 of November 2016, Aki Tuomi wrote: > On 25.08.2016 10:29, Aki Tuomi wrote: > > On 14.07.2016 10:56, Arkadiusz Mi?kiewicz wrote: > >> 2.2.25 (also happens on 2.2.24). Happens every time I try to make > >> deliver and only for this user: > >> > >> Jul 14 09:52:02 mbox dovecot: lmtp(25601): Connect from local > >> Jul 14 09:52:02 mbox dovecot: lmtp(powiadomienia): > >> session=, Error: Index > >> /var/mail/powiadomienia/dovecot.index: Lost log for seq=1009 offset=40: > >> Missing middle file seq=1009 (between 1009..4294967295) > >> Jul 14 09:52:02 mbox dovecot: lmtp(powiadomienia): > >> session=, Warning: fscking index file > >> /var/mail/powiadomienia/dovecot.index Jul 14 09:52:02 mbox dovecot: > >> lmtp(powiadomienia): session=, Error: Fixed > >> index file /var/mail/powiadomienia/dovecot.index: log_file_seq 1009 -> > >> 1011 Jul 14 09:52:02 mbox dovecot: lmtp(powiadomienia): > >> session=, Panic: file > >> mail-transaction-log-file.c: line 104 (mail_transaction_log_file_free): > >> assertion failed: (!file->locked) Jul 14 09:52:02 mbox dovecot: > >> lmtp(powiadomienia): session=, Error: Raw > >> backtrace: /usr/lib64/dovecot/libdovecot.so.0(+0x8d7d2) > >> [0x7feb89fc97d2] -> /usr/lib64/dovecot/libdovecot.so.0(+0x8d8bd) > >> [0x7feb89fc98bd] -> /usr/lib64/dovecot/libdovecot.so.0(i_fatal+0) > >> [0x7feb89f67e31] -> > >> /usr/lib64/dovecot/libdovecot-storage.so.0(mail_transaction_log_file_fr > >> ee+0x160) [0x7feb8a331fa0] -> /usr/lib64/dovecot/libdovecot- > >> storage.so.0(mail_transaction_logs_clean+0x4d) [0x7feb8a3360ed] -> > >> /usr/lib64/dovecot/libdovecot-storage.so.0(mail_transaction_log_close+0 > >> x30) [0x7feb8a336230] -> /usr/lib64/dovecot/libdovecot- > >> storage.so.0(mail_transaction_log_move_to_memory+0xd5) [0x7feb8a3363e5] > >> -> > >> /usr/lib64/dovecot/libdovecot-storage.so.0(mail_index_move_to_memory+0x > >> a0) [0x7feb8a330440] -> /usr/lib64/dovecot/libdovecot- > >> storage.so.0(mail_index_write+0x183) [0x7feb8a32e9d3] -> > >> /usr/lib64/dovecot/libdovecot-storage.so.0(mail_index_fsck+0xc1f) > >> [0x7feb8a3186ff] -> > >> /usr/lib64/dovecot/libdovecot-storage.so.0(mail_index_sync_map+0x49b) > >> [0x7feb8a322eab] -> > >> /usr/lib64/dovecot/libdovecot-storage.so.0(mail_index_map+0x71) > >> [0x7feb8a31a231] -> > >> /usr/lib64/dovecot/libdovecot-storage.so.0(+0xe0fed) [0x7feb8a32ffed] > >> -> /usr/lib64/dovecot/libdovecot-storage.so.0(+0xe15f3) > >> [0x7feb8a3305f3] -> > >> /usr/lib64/dovecot/libdovecot-storage.so.0(mail_index_open+0x78) > >> [0x7feb8a3306d8] -> > >> /usr/lib64/dovecot/libdovecot-storage.so.0(index_storage_mailbox_open+0 > >> x92) [0x7feb8a309202] -> > >> /usr/lib64/dovecot/libdovecot-storage.so.0(+0x6c0e2) [0x7feb8a2bb0e2] > >> -> /usr/lib64/dovecot/libdovecot-storage.so.0(+0x6c1c8) > >> [0x7feb8a2bb1c8] -> > >> /usr/lib64/dovecot/plugins/lib20_zlib_plugin.so(+0x2fdc) > >> [0x7feb85697fdc] -> > >> /usr/lib64/dovecot/libdovecot-storage.so.0(+0x450c6) [0x7feb8a2940c6] > >> -> /usr/lib64/dovecot/libdovecot-storage.so.0(mailbox_open+0x20) > >> [0x7feb8a294240] -> > >> /usr/lib64/dovecot/libdovecot-lda.so.0(mail_deliver_save_open+0xad) > >> [0x7feb8a58d1ad] -> > >> /usr/lib64/dovecot/libdovecot-lda.so.0(mail_deliver_save+0xbb) > >> [0x7feb8a58d48b] -> > >> /usr/lib64/dovecot/libdovecot-lda.so.0(mail_deliver+0x123) > >> [0x7feb8a58d9e3] -> dovecot/lmtp [DATA powiadomienia]() [0x406bc8] -> > >> /usr/lib64/dovecot/libdovecot.so.0(io_loop_call_io+0x4c) > >> [0x7feb89fdd67c] -> > >> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0x101) > >> [0x7feb89fdeb01] -> > >> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run+0x25) > >> [0x7feb89fdd705] > >> Jul 14 09:52:02 mbox dovecot: lmtp(powiadomienia): > >> session=, Fatal: master: service(lmtp): child > >> 25601 killed with signal 6 (core dumps disabled) > > > > Hi! > > > > Are you still able to reproduce this? Any hope for backtrace with gdb? > > > > gdb /path/to/binary /path/to/core > > bt full > > > > Aki > > Ping Sorry, I deleted index for that login and things started to work again, so have no way to reproduce anymore. Also no core dump for that issue. When it happens again I'll check backtrace. > Aki -- Arkadiusz Mi?kiewicz, arekm / ( maven.pl | pld-linux.org ) From mail at tomsommer.dk Tue Nov 1 10:58:19 2016 From: mail at tomsommer.dk (Tom Sommer) Date: Tue, 01 Nov 2016 11:58:19 +0100 Subject: 2.2.26.0: Error: redis: Unexpected input (state=0): -ERR max number of clients reached Message-ID: <32c59771109976d87edf3d9a65a312a9@tomsommer.dk> I use redis as quota backend (currently). After upgrading to 2.2.26.0 I see a ton of "Error: redis: Unexpected input (state=0): -ERR max number of clients reached" errors. It looks like either more Redis connections are being made, or Redis connections don't time out/are reused correctly anymore. No such errors were seen in 2.2.24. -- Tom From stephan at rename-it.nl Tue Nov 1 11:33:14 2016 From: stephan at rename-it.nl (Stephan Bosch) Date: Tue, 1 Nov 2016 12:33:14 +0100 Subject: Released Pigeonhole v0.4.16 for Dovecot v2.2.26.0. In-Reply-To: <223eedfa-923b-3b75-149c-3ac1f88c391b@rename-it.nl> References: <223eedfa-923b-3b75-149c-3ac1f88c391b@rename-it.nl> Message-ID: Hello Dovecot users, It has come to our attention that older Pigeonhole releases will not work properly anymore with Dovecot v2.2.26.0, while there were no known issues with 2.2.26. So, make sure you use the new Pigeonhole v0.4.16 release if you upgrade Dovecot to v2.2.26.0. Regards, Stephan. Op 30-10-2016 om 23:46 schreef Stephan Bosch: > Hello Dovecot users, > > Here's the definitive 0.4.16 release. There were no changes since the > release candidate. > > The reported replication issues are still open, since we haven't been > able to reproduce them so far. > > Changelog v0.4.16: > > * Part of the Sieve extprograms implementation was moved to Dovecot, > which means that this release depends on Dovecot v2.2.26+. > * ManageSieve: The PUTSCRIPT command now allows uploading empty Sieve > scripts. There was really no good reason to disallow doing that. > + Sieve vnd.dovecot.report extension: > + Added a Dovecot-Reporting-User field to the report body, which > contains the e-mail address of the user sending the report. > + Added support for configuring the "From:" address used in the > report. > + LDA sieve plugin: Implemented support for a "discard script" that is > run when the message is going to be discarded. This allows doing > something other than throwing the message away for good. > + Sieve vnd.dovecot.environment extension: Added vnd.dovecot.config.* > environment items. These environment items map to sieve_env_* > settings from the plugin {} section in the configuration. Such values > can of course also be returned from userdb. > + Sieve vacation extension: Use the Microsoft X-Auto-Response-Suppress > header to prevent unwanted responses from and to (older) Microsoft > products. > + ManageSieve: Added rawlog_dir setting to store ManageSieve traffic > logs. This replaces at least partially the rawlog plugin (mimics > similar IMAP/POP3 change). > - doveadm sieve plugin: synchronization: Prevent setting file > timestamps to unix epoch time. This occurred when Dovecot passed the > timestamp as 'unknown' during synchronization. > - Sieve exprograms plugin: Fixed spurious '+' sometimes returned at the > end of socket-based program output. > - imapsieve plugin: Fixed crash occurring in specific situations. > - Performed various fixes based on static analysis and Clang warnings. > > The release is available as follows: > > http://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-0.4.16.tar.gz > http://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-0.4.16.tar.gz.sig > > Refer to http://pigeonhole.dovecot.org and the Dovecot v2.x wiki for > more information. Have fun testing this release and don't > hesitate to notify me when there are any problems. > > Regards, > From tanstaafl at libertytrek.org Tue Nov 1 12:10:46 2016 From: tanstaafl at libertytrek.org (Tanstaafl) Date: Tue, 1 Nov 2016 08:10:46 -0400 Subject: Server migration In-Reply-To: References: <1879ea04-a29c-bf04-197c-4f8ffc0bf9bc@dovecot.fi> <7109c6da-c5be-9a95-736a-2a6c840285ed@libertytrek.org> <32af9379-7a4f-b61e-ec41-5c63e795a6dc@libertytrek.org> <4ab2b970-8c9f-5d44-c247-d44a89f10ab7@libertytrek.org> Message-ID: <86e40e81-8ad8-7955-7b51-a77fe263fba5@libertytrek.org> On 11/1/2016 3:58 AM, Sami Ketola wrote: > On 31 Oct 2016, at 13.11, Tanstaafl wrote: >> Ok, interesting. So... how does dsync do it? Or would it only work >> between two dovecot servers? >> >> I'm interested in migrating from other servers (Office 365 in one case). > Dsync does not use IMAP protocol to store the mails to storage but instead uses the > dovecot storage API to do that. Internally we can set what ever properties we want to > including IMAP UIDs and POP3 UIDLs. > > Migrating from legacy system should then be done by pulling the mails from the > legacy platform by using the imapc connector and storing them by using the internal apis. > > We can also store mails to imapc: location but in that case there is many properties that > will be lost due to limitations of the IMAP protocol. Thanks Sami, but I don't see a definitive answer top my question in the above... So, when migrating from legacy system (legacy = non-dovecot) using imapc, is dovecot able to preserver the UIDs? Thanks, and my apologies for being a bit dense... From sami.ketola at dovecot.fi Tue Nov 1 15:07:05 2016 From: sami.ketola at dovecot.fi (Sami Ketola) Date: Tue, 1 Nov 2016 17:07:05 +0200 Subject: Server migration In-Reply-To: <86e40e81-8ad8-7955-7b51-a77fe263fba5@libertytrek.org> References: <1879ea04-a29c-bf04-197c-4f8ffc0bf9bc@dovecot.fi> <7109c6da-c5be-9a95-736a-2a6c840285ed@libertytrek.org> <32af9379-7a4f-b61e-ec41-5c63e795a6dc@libertytrek.org> <4ab2b970-8c9f-5d44-c247-d44a89f10ab7@libertytrek.org> <86e40e81-8ad8-7955-7b51-a77fe263fba5@libertytrek.org> Message-ID: <548FD336-3338-41AA-8CC3-4C11704525B7@dovecot.fi> > On 1 Nov 2016, at 14.10, Tanstaafl wrote: > > On 11/1/2016 3:58 AM, Sami Ketola wrote: >> On 31 Oct 2016, at 13.11, Tanstaafl wrote: >>> Ok, interesting. So... how does dsync do it? Or would it only work >>> between two dovecot servers? >>> >>> I'm interested in migrating from other servers (Office 365 in one case). > >> Dsync does not use IMAP protocol to store the mails to storage but instead uses the >> dovecot storage API to do that. Internally we can set what ever properties we want to >> including IMAP UIDs and POP3 UIDLs. >> >> Migrating from legacy system should then be done by pulling the mails from the >> legacy platform by using the imapc connector and storing them by using the internal apis. >> >> We can also store mails to imapc: location but in that case there is many properties that >> will be lost due to limitations of the IMAP protocol. > > Thanks Sami, but I don't see a definitive answer top my question in the > above... > > So, when migrating from legacy system (legacy = non-dovecot) using > imapc, is dovecot able to preserver the UIDs? If you fetch emails over imapc and store to dovecot dsync will preserve IMAP UIDs. Sami From doctor at doctor.nl2k.ab.ca Tue Nov 1 16:26:37 2016 From: doctor at doctor.nl2k.ab.ca (The Doctor) Date: Tue, 1 Nov 2016 10:26:37 -0600 Subject: Repeat e-mail syndrome shows up in 2.2.26+ Message-ID: <20161101162637.GA26017@doctor.nl2k.ab.ca> Getting complaints from people about pop/imap issues. some people are getting repaeted e-mail. Other are not able to delete their e-mails from an IMAP lcient. Current configuration /usr/dovecot2/sbin/dovecot -n # 2.2.26.0 (23d1de6): /usr/dovecot2/etc/dovecot/dovecot.conf # OS: FreeBSD 11.0-RELEASE-p2 amd64 base_dir = /var/run/dovecot/ disable_plaintext_auth = no first_valid_uid = 100 info_log_path = /var/log/dovecot-info.log listen = [::] log_path = /var/log/dovecot.log login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c mail_debug = yes mail_location = mbox:~/mail:INBOX=/var/mail/%u mail_log_prefix = %Us(%u): mdbox_rotate_size = 2 k passdb { args = /etc/master.passwd driver = passwd-file } plugin { home = /usr/dovecot2 } service auth { executable = /usr/dovecot2/libexec/dovecot/auth user = root } service imap-login { chroot = login client_limit = 256 executable = /usr/dovecot2/libexec/dovecot/imap-login inet_listener imap { address = 204.209.81.1, 127.0.0.1 port = 143 } inet_listener imaps { address = 204.209.81.1, 127.0.0.1 port = 993 ssl = yes } process_limit = 128 process_min_avail = 3 service_count = 1 user = dovecot } service imap { executable = /usr/dovecot2/libexec/dovecot/imap process_limit = 512 } service lmtp { executable = lmtp -L inet_listener lmtp { address = 204.209.81.1 127.0.0.1 ::1 port = 24 } process_min_avail = 5 } service pop3-login { chroot = login client_limit = 256 executable = /usr/dovecot2/libexec/dovecot/pop3-login inet_listener pop3 { address = 204.209.81.1 port = 110 } inet_listener pop3s { address = 204.209.81.1 port = 995 ssl = yes } process_limit = 128 process_min_avail = 3 service_count = 1 user = dovecot } service pop3 { executable = /usr/dovecot2/libexec/dovecot/pop3 process_limit = 512 } ssl_cert = References: <20161101162637.GA26017@doctor.nl2k.ab.ca> Message-ID: <6c267577-0f36-9d77-221f-d322f153baef@inti.gob.ar> El 01/11/2016 a las 01:26 p.m., The Doctor escribi?: > Getting complaints from people about pop/imap > > issues. > > some people are getting repaeted e-mail. > > Other are not able to delete their e-mails from an IMAP lcient. Did you try to delete the dovecots cache? I had the same problem once, when I restored a backup of some mails. I deleted all dovecot.index* on home directories of the user > > Current configuration > > /usr/dovecot2/sbin/dovecot -n > # 2.2.26.0 (23d1de6): /usr/dovecot2/etc/dovecot/dovecot.conf > # OS: FreeBSD 11.0-RELEASE-p2 amd64 > base_dir = /var/run/dovecot/ > disable_plaintext_auth = no > first_valid_uid = 100 > info_log_path = /var/log/dovecot-info.log > listen = [::] > log_path = /var/log/dovecot.log > login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c > mail_debug = yes > mail_location = mbox:~/mail:INBOX=/var/mail/%u > mail_log_prefix = %Us(%u): > mdbox_rotate_size = 2 k > passdb { > args = /etc/master.passwd > driver = passwd-file > } > plugin { > home = /usr/dovecot2 > } > service auth { > executable = /usr/dovecot2/libexec/dovecot/auth > user = root > } > service imap-login { > chroot = login > client_limit = 256 > executable = /usr/dovecot2/libexec/dovecot/imap-login > inet_listener imap { > address = 204.209.81.1, 127.0.0.1 > port = 143 > } > inet_listener imaps { > address = 204.209.81.1, 127.0.0.1 > port = 993 > ssl = yes > } > process_limit = 128 > process_min_avail = 3 > service_count = 1 > user = dovecot > } > service imap { > executable = /usr/dovecot2/libexec/dovecot/imap > process_limit = 512 > } > service lmtp { > executable = lmtp -L > inet_listener lmtp { > address = 204.209.81.1 127.0.0.1 ::1 > port = 24 > } > process_min_avail = 5 > } > service pop3-login { > chroot = login > client_limit = 256 > executable = /usr/dovecot2/libexec/dovecot/pop3-login > inet_listener pop3 { > address = 204.209.81.1 > port = 110 > } > inet_listener pop3s { > address = 204.209.81.1 > port = 995 > ssl = yes > } > process_limit = 128 > process_min_avail = 3 > service_count = 1 > user = dovecot > } > service pop3 { > executable = /usr/dovecot2/libexec/dovecot/pop3 > process_limit = 512 > } > ssl_cert = ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:aNULL > ssl_key = # hidden, use -P to show it > userdb { > driver = passwd > } > userdb { > args = /etc/passwd > driver = passwd-file > } > verbose_ssl = yes > protocol imap { > imap_client_workarounds = delay-newmail tb-extra-mailbox-sep > imap_idle_notify_interval = 2 mins > imap_logout_format = bytes=%i/%o > imap_max_line_length = 64 k > mail_max_userip_connections = 10 > mail_plugin_dir = /usr/dovecot2/lib/dovecot/imap > ssl_cert = ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:aNULL > ssl_key = # hidden, use -P to show it > verbose_ssl = yes > } > protocol pop3 { > mail_max_userip_connections = 3 > mail_plugins = > pop3_client_workarounds = outlook-no-nuls oe-ns-eoh > pop3_enable_last = yes > pop3_lock_session = yes > pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s > pop3_no_flag_updates = yes > pop3_reuse_xuidl = yes > pop3_save_uidl = no > pop3_uidl_format = %08Xu%08Xv > ssl_cert = ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:aNULL > ssl_key = # hidden, use -P to show it > verbose_ssl = yes > } > protocol lmtp { > auth_username_format = %Lu > info_log_path = /var/log/dovecot-lmtp.log > } > > > Sorry about the indents. > > Anything causing these issues? > From ruga at protonmail.com Tue Nov 1 17:46:11 2016 From: ruga at protonmail.com (Ruga) Date: Tue, 01 Nov 2016 13:46:11 -0400 Subject: v2.2.26.0 released In-Reply-To: <6CB829CF-3BC6-4089-BB35-01BAA0F99EF7@iki.fi> References: <6CB829CF-3BC6-4089-BB35-01BAA0F99EF7@iki.fi> Message-ID: <2DPmCI1mgp2koi_0oYFWJH-gJcbEuuOBPsetrVc4PAc5DzGdYo7poC8kpl_QfNlEngkhYlb0djFfQf4opgG6CuAkts_o12hOqX4LXj-zgDU=@protonmail.com> Hello, We cannot upgrade from 2.2.24, because we use libressl and the newer dovecot versions demand openssl v1.1. Please add the new library requirement to the INSTALL file. All the best. -------- Original Message -------- Subject: v2.2.26.0 released Local Time: 28 October 2016 6:51 PM UTC Time: 28 October 2016 16:51 From: tss at iki.fi To: dovecot-news at dovecot.org, Dovecot Mailing List http://dovecot.org/releases/2.2/dovecot-2.2.26.0.tar.gz http://dovecot.org/releases/2.2/dovecot-2.2.26.0.tar.gz.sig v2.2.26 had a couple of nasty bugs left in it, so here's a fixup release. The version number is also a little bit weird, but had to be done this way (although 2.2.26.0.1 could have been another possibility). - Fixed some compiling issues. - auth: Fixed assert-crash when using NTLM or SKEY mechanisms and multiple passdbs. - auth: Fixed crash when exporting to auth-worker passdb extra fields that had empty values. - dsync: Fixed assert-crash in dsync_brain_sync_mailbox_deinit From aki.tuomi at dovecot.fi Tue Nov 1 18:30:10 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Tue, 1 Nov 2016 20:30:10 +0200 (EET) Subject: v2.2.26.0 released In-Reply-To: <2DPmCI1mgp2koi_0oYFWJH-gJcbEuuOBPsetrVc4PAc5DzGdYo7poC8kpl_QfNlEngkhYlb0djFfQf4opgG6CuAkts_o12hOqX4LXj-zgDU=@protonmail.com> References: <6CB829CF-3BC6-4089-BB35-01BAA0F99EF7@iki.fi> <2DPmCI1mgp2koi_0oYFWJH-gJcbEuuOBPsetrVc4PAc5DzGdYo7poC8kpl_QfNlEngkhYlb0djFfQf4opgG6CuAkts_o12hOqX4LXj-zgDU=@protonmail.com> Message-ID: <1138840967.2628.1478025011098@appsuite-dev.open-xchange.com> OpenSSL v1.0.1 is enough. Aki > On November 1, 2016 at 7:46 PM Ruga wrote: > > > Hello, > > We cannot upgrade from 2.2.24, because we use libressl and the newer > dovecot versions demand openssl v1.1. > > Please add the new library requirement to the INSTALL file. > > All the best. > > > > > > > > > > -------- Original Message -------- > Subject: v2.2.26.0 released > Local Time: 28 October 2016 6:51 PM > UTC Time: 28 October 2016 16:51 > From: tss at iki.fi > To: dovecot-news at dovecot.org, Dovecot Mailing List > > http://dovecot.org/releases/2.2/dovecot-2.2.26.0.tar.gz > http://dovecot.org/releases/2.2/dovecot-2.2.26.0.tar.gz.sig > > v2.2.26 had a couple of nasty bugs left in it, so here's a fixup release. The version number is also a little bit weird, but had to be done this way (although 2.2.26.0.1 could have been another possibility). > > - Fixed some compiling issues. > - auth: Fixed assert-crash when using NTLM or SKEY mechanisms and > multiple passdbs. > - auth: Fixed crash when exporting to auth-worker passdb extra fields > that had empty values. > - dsync: Fixed assert-crash in dsync_brain_sync_mailbox_deinit From larryrtx at gmail.com Tue Nov 1 18:30:22 2016 From: larryrtx at gmail.com (Larry Rosenman) Date: Tue, 1 Nov 2016 13:30:22 -0500 Subject: doveadm index: can't index a different namespace? Message-ID: doveadm -D -vvvvvv index \#ARCHIVE/\* garners the below for ALL mailboxes in the namespace: doveadm(ler): Error: Mailbox #ARCHIVE/2013/04/clamav-rules: Status lookup failed: Internal error occurred. Refer to server log for more information. [2016-11-01 13:25:21] doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't selectable doveadm(ler): Error: Mailbox #ARCHIVE/2013/04/SA/FN: Status lookup failed: Internal error occurred. Refer to server log for more information. [2016-11-01 13:25:21] thebighonker.lerctr.org ~ $ doveconf -n attached. 2.2.26.0, pigeonhole 0.4.16, clucene from FreeBSD ports. What else do we need here? -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 -------------- next part -------------- # 2.2.26.0 (23d1de6): /usr/local/etc/dovecot/dovecot.conf # Pigeonhole version 0.4.16 (fed8554) # OS: FreeBSD 10.3-STABLE amd64 auth_default_realm = lerctr.org auth_mechanisms = plain login auth_realms = lerctr.org thebighonker.lerctr.org tbh.lerctr.org auth_username_format = %Ln default_vsz_limit = 1 G deliver_log_format = msgid=%m: %$ (subject=%s from=%f size=%w) lda_mailbox_autocreate = yes listen = 192.147.25.65, :: lmtp_save_to_detail_mailbox = yes login_access_sockets = tcpwrap mail_attribute_dict = file:~/mail/.imap/dovecot-mail-attributes mail_debug = yes mail_location = mbox:~/mail:INBOX=~/mail/INBOX mail_plugins = fts fts_lucene notify stats mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext vacation-seconds editheader namespace archive { hidden = no list = no location = mbox:~/MAILARCHIVE prefix = "#ARCHIVE/" separator = / } namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox INBOX { auto = create } mailbox Junk { special_use = \Junk } mailbox SA/FN { special_use = \Junk } mailbox SENT { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = failure_show_msg=yes session=yes max_requests=20 driver = pam } plugin { fts = lucene fts_autoindex = yes fts_lucene = whitespace_chars=@. normalize no_snowball fts_tika = http://localhost:9998/tika/ mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename flag_change append mail_log_fields = uid box msgid size from subject vsize flags recipient_delimiter = + sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = +editheader +vacation-seconds stats_command_min_time = 1 mins stats_domain_min_time = 12 hours stats_ip_min_time = 12 hours stats_memory_limit = 16 M stats_refresh = 5s stats_session_min_time = 15 mins stats_track_cmds = yes stats_user_min_time = 1 hours } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-client { mode = 0666 } unix_listener auth-master { mode = 0666 } } service stats { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = stats extra_groups = fifo_listener stats-mail { group = mode = 0666 user = } group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener stats { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service tcpwrap { unix_listener login/tcpwrap { group = $default_login_user mode = 0600 user = $default_login_user } } ssl_cert = References: Message-ID: <1155518218.2630.1478025173988@appsuite-dev.open-xchange.com> Server logs would be appreciated. Aki > On November 1, 2016 at 8:30 PM Larry Rosenman wrote: > > > doveadm -D -vvvvvv index \#ARCHIVE/\* garners the below for ALL mailboxes > in the > namespace: > doveadm(ler): Error: Mailbox #ARCHIVE/2013/04/clamav-rules: Status lookup > failed: Internal error occurred. Refer to server log for more information. > [2016-11-01 13:25:21] > doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't > selectable > doveadm(ler): Error: Mailbox #ARCHIVE/2013/04/SA/FN: Status lookup failed: > Internal error occurred. Refer to server log for more information. > [2016-11-01 13:25:21] > thebighonker.lerctr.org ~ $ > > doveconf -n attached. > > 2.2.26.0, pigeonhole 0.4.16, clucene from FreeBSD ports. > > What else do we need here? > > > > -- > Larry Rosenman http://www.lerctr.org/~ler > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com > US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From larryrtx at gmail.com Tue Nov 1 18:37:21 2016 From: larryrtx at gmail.com (Larry Rosenman) Date: Tue, 1 Nov 2016 13:37:21 -0500 Subject: doveadm index: can't index a different namespace? In-Reply-To: <1155518218.2630.1478025173988@appsuite-dev.open-xchange.com> References: <1155518218.2630.1478025173988@appsuite-dev.open-xchange.com> Message-ID: Nothing in them from what I can see..... Nov 1 13:25:14 thebighonker dovecot: indexer-worker(mrm): Debug: fs: root=/home/mrm/mail, index=, indexpvt=, control=, inbox=/home/mrm/mail/INBOX, alt= Nov 1 13:25:14 thebighonker dovecot: indexer-worker(mrm): Debug: Namespace archive: type=private, prefix=#ARCHIVE/, sep=/, inbox=no, hidden=no, list=no, subscriptions=yes location=mbox:~/MAILARCHIVE Nov 1 13:25:14 thebighonker dovecot: indexer-worker(mrm): Debug: mbox: INBOX defaulted to /home/mrm/MAILARCHIVE/inbox Nov 1 13:25:14 thebighonker dovecot: indexer-worker(mrm): Debug: fs: root=/home/mrm/MAILARCHIVE, index=, indexpvt=, control=, inbox=/home/mrm/MAILARCHIVE/inbox, alt= Nov 1 13:25:14 thebighonker exim[6544]: 1c1dkI-0001gw-B7 => mrm < mrm at lerctr.org> R=localuser T=dovecot_lmtp S=11532 C="250 2.0.0 < mrm at lerctr.org> pfbVHwreGFhQFgAAu+mOrA Saved" QT=0s DT=0s Nov 1 13:25:14 thebighonker exim[6544]: 1c1dkI-0001gw-B7 Completed QT=0s Nov 1 13:25:15 thebighonker dovecot: indexer-worker(mrm): Debug: Mailbox INBOX: Opened mail UID=447860 because: fts indexing Nov 1 13:25:15 thebighonker dovecot: indexer-worker(mrm): Indexed 1 messages in INBOX Nov 1 13:25:19 thebighonker exim[6519]: H=(ylmf-pc) [69.64.78.83]:57747 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc Nov 1 13:25:27 thebighonker dovecot: imap-login: Login: user=, method=PLAIN, rip=2001:470:1f0f:3ad:223:7dff:fe9e:6e8a, lip=2001:470:1f0f:3ad:223:7dff:fe9e:6e8a, mpid=6583, TLS, session= Nov 1 13:25:27 thebighonker dovecot: imap(ler): Debug: Loading modules from directory: /usr/local/lib/dovecot Nov 1 13:25:27 thebighonker dovecot: imap(ler): Debug: Module loaded: /usr/local/lib/dovecot/lib15_notify_plugin.so Nov 1 13:25:27 thebighonker dovecot: imap(ler): Debug: Module loaded: /usr/local/lib/dovecot/lib20_fts_plugin.so Nov 1 13:25:27 thebighonker dovecot: imap(ler): Debug: Module loaded: /usr/local/lib/dovecot/lib20_mail_log_plugin.so Nov 1 13:25:27 thebighonker dovecot: imap(ler): Debug: Module loaded: /usr/local/lib/dovecot/lib21_fts_lucene_plugin.so Nov 1 13:25:27 thebighonker dovecot: imap(ler): Debug: Module loaded: /usr/local/lib/dovecot/lib90_stats_plugin.so Nov 1 13:25:27 thebighonker dovecot: imap(ler): Debug: Module loaded: /usr/local/lib/dovecot/lib95_imap_stats_plugin.so Nov 1 13:25:27 thebighonker dovecot: imap(ler): Debug: Effective uid=1001, gid=1001, home=/home/ler Nov 1 13:25:27 thebighonker dovecot: imap(ler): Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=mbox:~/mail:INBOX=~/mail/INBOX Nov 1 13:25:27 thebighonker dovecot: imap(ler): Debug: fs: root=/home/ler/mail, index=, indexpvt=, control=, inbox=/home/ler/mail/INBOX, alt= Nov 1 13:25:27 thebighonker dovecot: imap(ler): Debug: Namespace archive: type=private, prefix=#ARCHIVE/, sep=/, inbox=no, hidden=no, list=no, subscriptions=yes location=mbox:~/MAILARCHIVE Nov 1 13:25:27 thebighonker dovecot: imap(ler): Debug: mbox: INBOX defaulted to /home/ler/MAILARCHIVE/inbox Nov 1 13:25:27 thebighonker dovecot: imap(ler): Debug: fs: root=/home/ler/MAILARCHIVE, index=, indexpvt=, control=, inbox=/home/ler/MAILARCHIVE/inbox, alt= Nov 1 13:25:27 thebighonker dovecot: imap(ler): Logged out in=6049 out=63372 fhc=50 fhb=22424 fbc=0 fbb=0 del=0 exp=0 trash=0 Nov 1 13:25:29 thebighonker exim[6561]: H=(ylmf-pc) [69.64.78.83]:63376 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc Nov 1 13:25:39 thebighonker exim[6585]: H=(ylmf-pc) [69.64.78.83]:60216 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc Nov 1 13:25:46 thebighonker exim[6588]: no host name found for IP address 125.123.158.215 Nov 1 13:25:47 thebighonker exim[6588]: H=(qrhx) [125.123.158.215]:60710 I=[192.147.25.65]:25 F= rejected RCPT <3371453348 at qq.com>: RBL: found in zen.spamhaus.org (127.0.0.11) (https://ww w.spamhaus.org/query/ip/125.123.158.215) Nov 1 13:25:48 thebighonker exim[6588]: unexpected disconnection while reading SMTP command from (qrhx) [125.123.158.215]:60710 I=[192.147.25.65]:25 Nov 1 13:25:49 thebighonker exim[6590]: H=(ylmf-pc) [69.64.78.83]:60073 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc Nov 1 13:25:59 thebighonker exim[6608]: H=(ylmf-pc) [69.64.78.83]:60168 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc Nov 1 13:26:09 thebighonker exim[6613]: H=(ylmf-pc) [69.64.78.83]:55031 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc Nov 1 13:26:15 thebighonker dovecot: imap-login: Login: user=, method=PLAIN, rip=2600:1:d613:48fb:b5da:4a31:b4b6:7ff8, lip=2001:470:1f0f:3ad:223:7dff:fe9e:6e8a, mpid=6645, TLS, session= Nov 1 13:26:15 thebighonker dovecot: imap(ler): Debug: Loading modules from directory: /usr/local/lib/dovecot Nov 1 13:26:15 thebighonker dovecot: imap(ler): Debug: Module loaded: /usr/local/lib/dovecot/lib15_notify_plugin.so Nov 1 13:26:15 thebighonker dovecot: imap(ler): Debug: Module loaded: /usr/local/lib/dovecot/lib20_fts_plugin.so Nov 1 13:26:15 thebighonker dovecot: imap(ler): Debug: Module loaded: /usr/local/lib/dovecot/lib20_mail_log_plugin.so Nov 1 13:26:15 thebighonker dovecot: imap(ler): Debug: Module loaded: /usr/local/lib/dovecot/lib21_fts_lucene_plugin.so Nov 1 13:26:15 thebighonker dovecot: imap(ler): Debug: Module loaded: /usr/local/lib/dovecot/lib90_stats_plugin.so Nov 1 13:26:15 thebighonker dovecot: imap(ler): Debug: Module loaded: /usr/local/lib/dovecot/lib95_imap_stats_plugin.so Nov 1 13:26:15 thebighonker dovecot: imap(ler): Debug: Effective uid=1001, gid=1001, home=/home/ler Nov 1 13:26:15 thebighonker dovecot: imap(ler): Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=mbox:~/mail:INBOX=~/mail/INBOX Nov 1 13:26:15 thebighonker dovecot: imap(ler): Debug: fs: root=/home/ler/mail, index=, indexpvt=, control=, inbox=/home/ler/mail/INBOX, alt= I can provide fuller logs, but doveadm running on the server seems to log all to it's own srdout/stderr On Tue, Nov 1, 2016 at 1:32 PM, Aki Tuomi wrote: > Server logs would be appreciated. > > Aki > > > On November 1, 2016 at 8:30 PM Larry Rosenman > wrote: > > > > > > doveadm -D -vvvvvv index \#ARCHIVE/\* garners the below for ALL > mailboxes > > in the > > namespace: > > doveadm(ler): Error: Mailbox #ARCHIVE/2013/04/clamav-rules: Status lookup > > failed: Internal error occurred. Refer to server log for more > information. > > [2016-11-01 13:25:21] > > doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't > > selectable > > doveadm(ler): Error: Mailbox #ARCHIVE/2013/04/SA/FN: Status lookup > failed: > > Internal error occurred. Refer to server log for more information. > > [2016-11-01 13:25:21] > > thebighonker.lerctr.org ~ $ > > > > doveconf -n attached. > > > > 2.2.26.0, pigeonhole 0.4.16, clucene from FreeBSD ports. > > > > What else do we need here? > > > > > > > > -- > > Larry Rosenman http://www.lerctr.org/~ler > > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com > > US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 > -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From petros.fraser at gmail.com Tue Nov 1 20:25:57 2016 From: petros.fraser at gmail.com (Peter Fraser) Date: Tue, 1 Nov 2016 15:25:57 -0500 Subject: Dovecot 2 LDAP "unknown user" Message-ID: Hi All I am using Dovecot dovecot2-2.2.25_6 on FreeBSD 11. I am trying to set up LDAP authentication to Active Director as I had it in version 1 of Dovecot. My settings are at bottom. When I run doveadm auth test username, I get back root at BSD-11:/usr/local/etc/dovecot # doveadm auth test username Password: passdb: user auth succeeded extra fields: user=username root at BSD-11:/usr/local/etc/dovecot # But when I run telnet 127.0.0.1 110 and try to log in it says unknown user. Error below in maillog. BSD-11 dovecot: pop3: Error: Authenticated user not found from userdb, auth lookup id=2262958081 (client-pid=2273 client-id=1) Nov 1 15:15:41 BSD-11 dovecot: pop3-login: Internal login failure (pid=2273 id=1) (internal failure, 1 successful auths): user= root at BSD-11:/usr/local/etc/dovecot # doveconf -n # 2.2.25 (7be1766): /usr/local/etc/dovecot/dovecot.conf # OS: FreeBSD 11.0-RELEASE-p1 i386 auth_debug = yes auth_verbose = yes listen = * login_greeting = Mail Server ready. mail_location = maildir:~/Maildir namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } ssl_cert = HI, I?m currently testing the stats module of Dovecot (2.2.26.0 (23d1de6)) Looks like there no statistics under FreeBSD. Server isn?t busy yet but got at least a few connection open. Added mail_plugins = $mail_plugins stats plugin { stats_refresh = 30 secs stats_track_cmds = yes } doveadm stats dump global reset_timestamp last_update num_logins num_cmds num_connected_sessions auth_successes auth_master_successes auth_failures auth_db_tempfails auth_cache_hits auth_cache_misses user_cpu sys_cpu clock_time min_faults maj_faults vol_cs invol_cs disk_input disk_output read_count read_bytes write_count write_bytes mail_lookup_path mail_lookup_attr mail_read_count mail_read_bytes mail_cache_hits 1478031539 0.000000 0 0 0 0 0 0 0 0 0 0.0 0.0 0.0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Cheers, Ruud From bryan at shout.net Tue Nov 1 23:20:14 2016 From: bryan at shout.net (Bryan Holloway) Date: Tue, 1 Nov 2016 18:20:14 -0500 Subject: Outlook 2010 woes In-Reply-To: <3dd328d4-aac4-3686-d68e-50840b8d291c@shout.net> References: <4aad0d05-bc43-4fda-c4e7-544fc59557f4@shout.net> <20161013095531.00007012@seibercom.net> <1454388715.707.1476367654083@appsuite-dev.open-xchange.com> <20161013182334.f65847ce815588d05557bd94@domain007.com> <20161013185200.5aa3b7a5d485f24b2a036c84@domain007.com> <1040717331.825.1476374511077@appsuite-dev.open-xchange.com> <918e60ae-be12-6994-e397-eeb0ae11313a@shout.net> <3dd328d4-aac4-3686-d68e-50840b8d291c@shout.net> Message-ID: <096c351f-a2fe-b088-0800-699e29ec549f@shout.net> In case anyone is interested, we finally found the problem: The new (2.2) server had "auth_mechanisms" of "digest-md5" enabled along with "plain". This is what was causing the four-second delay, but only with Outlook clients. Everything is working great now across the board. Thanks again to everyone's suggestions. - bryan On 10/27/16 7:09 PM, Bryan Holloway wrote: > So after several days of more troubleshooting, I have some things to > report to the list. > > First and foremost, I have discovered that the issue has nothing to do > with SSL/TLS, which was my earlier suspicion because after doing some > PCAPs I discovered that the transactions were negotiating TLS 1.2 on the > new server, as opposed to 1.0 on the old. > > Also thank you for the rawlog suggestion: that helped a lot in > determining what was happening on the IMAP level. > > That all said, this is what I've discovered: > > There is a very curious and reproducible four-second delay during the > negotiation between server and client which is not present in Dovecot > 2.1. This is what our customer is complaining about using Outlook 2010. > > During a plaintext TCP stream, I'm seeing this: > > 1. Client connects (SYN) to server. > > 2. Server ACKs and throws back CAPABILITIES. > > 3. User attempts to auth with DIGEST-MD5. > > 4. Server says, "no thanks." (Not sure why, but I don't believe this is > relevant.) > > 5. User attempts to auth with plaintext. > > 6. Server says, "Yup. You are you. You're logged in." > > 7. Client sends the following: ID ("name" "Microsoft Outlook" "version" > "14.0") > > 8. Server sends an ACK > > ... and then there's this very curious four-second delay. > > 9. Server then sends out new CAPABILITIES, and everything proceeds > thereafter as normal and zippy and fast. > > Does this shed any light on the subject? > > > On 10/13/16 11:21 AM, Bryan Holloway wrote: >> On 10/13/16 11:01 AM, Aki Tuomi wrote: >>> >>>> On October 13, 2016 at 6:52 PM Konstantin Khomoutov >>>> wrote: >>>> >>>> >>>> On Thu, 13 Oct 2016 10:35:14 -0500 >>>> Bryan Holloway wrote: >>>> >>>>>> [...] >>>>>>> Is there a way to see the IMAP commands coming from the client? >>>>>>> I've tried looking at PCAPs, but of course they're encrypted so I >>>>>>> can't see the actual dialog going on between the server and >>>>>>> client. I didn't see an obvious way to do this in the docs. >>>>>> >>>>>> If you have access to the SSL/TLS key (IOW, the private part of the >>>>>> cert) the server uses to secure IMAP connections you can dump the >>>>>> IMAP traffic using the `ssldump` utility (which builds on >>>>>> `tcpdump`). >>>>> >>>>> I do, but the client is using a DH key exchange so I only have the >>>>> server-side private key. >>>>> >>>>> Tried that using Wireshark's decoder features and ran into this >>>>> problem. I'm assuming I'd run into the same using ssldump, but I'll >>>>> give it a shot! >>>> >>>> I think DH is not the culprit: just to be able to actually decode SSL >>>> traffic, you must have the server private key when you're decoding the >>>> SSL handshake phase -- to be able to recover the session keys, which >>>> you then use to decode the actual tunneled data. >>> >>> You can also enable only non DH algorithms in ssl settings if rawlog >>> isn't working for you. >>> >>> Aki >>> >> >> Ah -- interesting tip. I hadn't thought of that. Thank you! I'll report >> my findings to the list. From bryan at shout.net Tue Nov 1 23:32:32 2016 From: bryan at shout.net (Bryan Holloway) Date: Tue, 1 Nov 2016 18:32:32 -0500 Subject: Outlook 2010 woes In-Reply-To: <096c351f-a2fe-b088-0800-699e29ec549f@shout.net> References: <4aad0d05-bc43-4fda-c4e7-544fc59557f4@shout.net> <20161013095531.00007012@seibercom.net> <1454388715.707.1476367654083@appsuite-dev.open-xchange.com> <20161013182334.f65847ce815588d05557bd94@domain007.com> <20161013185200.5aa3b7a5d485f24b2a036c84@domain007.com> <1040717331.825.1476374511077@appsuite-dev.open-xchange.com> <918e60ae-be12-6994-e397-eeb0ae11313a@shout.net> <3dd328d4-aac4-3686-d68e-50840b8d291c@shout.net> <096c351f-a2fe-b088-0800-699e29ec549f@shout.net> Message-ID: <9d7406ee-0082-a16e-5a2f-93b13a49a1a7@shout.net> On 11/1/16 6:20 PM, Bryan Holloway wrote: > In case anyone is interested, we finally found the problem: > > The new (2.2) server had "auth_mechanisms" of "digest-md5" enabled along > with "plain". This is what was causing the four-second delay, but only > with Outlook clients. > > Everything is working great now across the board. > > Thanks again to everyone's suggestions. > > - bryan > Sorry -- that wasn't very clear, was it: Removing "digest-md5" fixed the issue. > On 10/27/16 7:09 PM, Bryan Holloway wrote: >> So after several days of more troubleshooting, I have some things to >> report to the list. >> >> First and foremost, I have discovered that the issue has nothing to do >> with SSL/TLS, which was my earlier suspicion because after doing some >> PCAPs I discovered that the transactions were negotiating TLS 1.2 on the >> new server, as opposed to 1.0 on the old. >> >> Also thank you for the rawlog suggestion: that helped a lot in >> determining what was happening on the IMAP level. >> >> That all said, this is what I've discovered: >> >> There is a very curious and reproducible four-second delay during the >> negotiation between server and client which is not present in Dovecot >> 2.1. This is what our customer is complaining about using Outlook 2010. >> >> During a plaintext TCP stream, I'm seeing this: >> >> 1. Client connects (SYN) to server. >> >> 2. Server ACKs and throws back CAPABILITIES. >> >> 3. User attempts to auth with DIGEST-MD5. >> >> 4. Server says, "no thanks." (Not sure why, but I don't believe this is >> relevant.) >> >> 5. User attempts to auth with plaintext. >> >> 6. Server says, "Yup. You are you. You're logged in." >> >> 7. Client sends the following: ID ("name" "Microsoft Outlook" "version" >> "14.0") >> >> 8. Server sends an ACK >> >> ... and then there's this very curious four-second delay. >> >> 9. Server then sends out new CAPABILITIES, and everything proceeds >> thereafter as normal and zippy and fast. >> >> Does this shed any light on the subject? >> >> >> On 10/13/16 11:21 AM, Bryan Holloway wrote: >>> On 10/13/16 11:01 AM, Aki Tuomi wrote: >>>> >>>>> On October 13, 2016 at 6:52 PM Konstantin Khomoutov >>>>> wrote: >>>>> >>>>> >>>>> On Thu, 13 Oct 2016 10:35:14 -0500 >>>>> Bryan Holloway wrote: >>>>> >>>>>>> [...] >>>>>>>> Is there a way to see the IMAP commands coming from the client? >>>>>>>> I've tried looking at PCAPs, but of course they're encrypted so I >>>>>>>> can't see the actual dialog going on between the server and >>>>>>>> client. I didn't see an obvious way to do this in the docs. >>>>>>> >>>>>>> If you have access to the SSL/TLS key (IOW, the private part of the >>>>>>> cert) the server uses to secure IMAP connections you can dump the >>>>>>> IMAP traffic using the `ssldump` utility (which builds on >>>>>>> `tcpdump`). >>>>>> >>>>>> I do, but the client is using a DH key exchange so I only have the >>>>>> server-side private key. >>>>>> >>>>>> Tried that using Wireshark's decoder features and ran into this >>>>>> problem. I'm assuming I'd run into the same using ssldump, but I'll >>>>>> give it a shot! >>>>> >>>>> I think DH is not the culprit: just to be able to actually decode SSL >>>>> traffic, you must have the server private key when you're decoding the >>>>> SSL handshake phase -- to be able to recover the session keys, which >>>>> you then use to decode the actual tunneled data. >>>> >>>> You can also enable only non DH algorithms in ssl settings if rawlog >>>> isn't working for you. >>>> >>>> Aki >>>> >>> >>> Ah -- interesting tip. I hadn't thought of that. Thank you! I'll report >>> my findings to the list. From doctor at doctor.nl2k.ab.ca Wed Nov 2 03:35:38 2016 From: doctor at doctor.nl2k.ab.ca (The Doctor) Date: Tue, 1 Nov 2016 21:35:38 -0600 Subject: Repeat e-mail syndrome shows up in 2.2.26+ In-Reply-To: <6c267577-0f36-9d77-221f-d322f153baef@inti.gob.ar> References: <20161101162637.GA26017@doctor.nl2k.ab.ca> <6c267577-0f36-9d77-221f-d322f153baef@inti.gob.ar> Message-ID: <20161102033538.GA2685@doctor.nl2k.ab.ca> On Tue, Nov 01, 2016 at 02:01:28PM -0300, Juan Bernhard wrote: > > El 01/11/2016 a las 01:26 p.m., The Doctor escribi?: > > Getting complaints from people about pop/imap > > > > issues. > > > > some people are getting repaeted e-mail. > > > > Other are not able to delete their e-mails from an IMAP lcient. > Did you try to delete the dovecots cache? I had the same problem once, > when I restored a backup of some mails. I deleted all dovecot.index* on > home directories of the user Tried that no dice. This is affecting POP3/IMAP clients such as Thunderbird, Entourage, Outlook, OE, and MS Live Mail. I ran the rc1 and the problem was not there. As soon as the release hit the problem started to crop up. Using FreeBSD 11.0 - p2 > > > > Current configuration > > > > /usr/dovecot2/sbin/dovecot -n > > # 2.2.26.0 (23d1de6): /usr/dovecot2/etc/dovecot/dovecot.conf > > # OS: FreeBSD 11.0-RELEASE-p2 amd64 > > base_dir = /var/run/dovecot/ > > disable_plaintext_auth = no > > first_valid_uid = 100 > > info_log_path = /var/log/dovecot-info.log > > listen = [::] > > log_path = /var/log/dovecot.log > > login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c > > mail_debug = yes > > mail_location = mbox:~/mail:INBOX=/var/mail/%u > > mail_log_prefix = %Us(%u): > > mdbox_rotate_size = 2 k > > passdb { > > args = /etc/master.passwd > > driver = passwd-file > > } > > plugin { > > home = /usr/dovecot2 > > } > > service auth { > > executable = /usr/dovecot2/libexec/dovecot/auth > > user = root > > } > > service imap-login { > > chroot = login > > client_limit = 256 > > executable = /usr/dovecot2/libexec/dovecot/imap-login > > inet_listener imap { > > address = 204.209.81.1, 127.0.0.1 > > port = 143 > > } > > inet_listener imaps { > > address = 204.209.81.1, 127.0.0.1 > > port = 993 > > ssl = yes > > } > > process_limit = 128 > > process_min_avail = 3 > > service_count = 1 > > user = dovecot > > } > > service imap { > > executable = /usr/dovecot2/libexec/dovecot/imap > > process_limit = 512 > > } > > service lmtp { > > executable = lmtp -L > > inet_listener lmtp { > > address = 204.209.81.1 127.0.0.1 ::1 > > port = 24 > > } > > process_min_avail = 5 > > } > > service pop3-login { > > chroot = login > > client_limit = 256 > > executable = /usr/dovecot2/libexec/dovecot/pop3-login > > inet_listener pop3 { > > address = 204.209.81.1 > > port = 110 > > } > > inet_listener pop3s { > > address = 204.209.81.1 > > port = 995 > > ssl = yes > > } > > process_limit = 128 > > process_min_avail = 3 > > service_count = 1 > > user = dovecot > > } > > service pop3 { > > executable = /usr/dovecot2/libexec/dovecot/pop3 > > process_limit = 512 > > } > > ssl_cert = > ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:aNULL > > ssl_key = # hidden, use -P to show it > > userdb { > > driver = passwd > > } > > userdb { > > args = /etc/passwd > > driver = passwd-file > > } > > verbose_ssl = yes > > protocol imap { > > imap_client_workarounds = delay-newmail tb-extra-mailbox-sep > > imap_idle_notify_interval = 2 mins > > imap_logout_format = bytes=%i/%o > > imap_max_line_length = 64 k > > mail_max_userip_connections = 10 > > mail_plugin_dir = /usr/dovecot2/lib/dovecot/imap > > ssl_cert = > ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:aNULL > > ssl_key = # hidden, use -P to show it > > verbose_ssl = yes > > } > > protocol pop3 { > > mail_max_userip_connections = 3 > > mail_plugins = > > pop3_client_workarounds = outlook-no-nuls oe-ns-eoh > > pop3_enable_last = yes > > pop3_lock_session = yes > > pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s > > pop3_no_flag_updates = yes > > pop3_reuse_xuidl = yes > > pop3_save_uidl = no > > pop3_uidl_format = %08Xu%08Xv > > ssl_cert = > ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:aNULL > > ssl_key = # hidden, use -P to show it > > verbose_ssl = yes > > } > > protocol lmtp { > > auth_username_format = %Lu > > info_log_path = /var/log/dovecot-lmtp.log > > } > > > > > > Sorry about the indents. > > > > Anything causing these issues? > > -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Time for the USA to hold a referendum on its republic and vote to dissolve!! From reuben-dovecot at reub.net Wed Nov 2 04:25:06 2016 From: reuben-dovecot at reub.net (Reuben Farrelly) Date: Wed, 2 Nov 2016 15:25:06 +1100 Subject: v2.2.26.0 released In-Reply-To: <2DPmCI1mgp2koi_0oYFWJH-gJcbEuuOBPsetrVc4PAc5DzGdYo7poC8kpl_QfNlEngkhYlb0djFfQf4opgG6CuAkts_o12hOqX4LXj-zgDU=@protonmail.com> References: <6CB829CF-3BC6-4089-BB35-01BAA0F99EF7@iki.fi> <2DPmCI1mgp2koi_0oYFWJH-gJcbEuuOBPsetrVc4PAc5DzGdYo7poC8kpl_QfNlEngkhYlb0djFfQf4opgG6CuAkts_o12hOqX4LXj-zgDU=@protonmail.com> Message-ID: I don't believe that is the case. I have 2.2.26.0 and -git building and running on multiple systems now (two of which are Gentoo boxes) with LibreSSL-2.5 - and these systems do not have OpenSSL installed. Are you running an old version of LibreSSL perhaps? I *think* LibreSSL-2.4 was OK as well. Reuben On 2/11/2016 4:46 AM, Ruga wrote: > Hello, > > We cannot upgrade from 2.2.24, because we use libressl and the newer > dovecot versions demand openssl v1.1. > > Please add the new library requirement to the INSTALL file. > > All the best. > From mpeters at domblogger.net Wed Nov 2 05:52:40 2016 From: mpeters at domblogger.net (Michael A. Peters) Date: Tue, 1 Nov 2016 22:52:40 -0700 Subject: v2.2.26.0 released In-Reply-To: References: <6CB829CF-3BC6-4089-BB35-01BAA0F99EF7@iki.fi> <2DPmCI1mgp2koi_0oYFWJH-gJcbEuuOBPsetrVc4PAc5DzGdYo7poC8kpl_QfNlEngkhYlb0djFfQf4opgG6CuAkts_o12hOqX4LXj-zgDU=@protonmail.com> Message-ID: <1c7c563b-1b09-2342-7169-806a645d2632@domblogger.net> I can confirm that LibreSSL 2.4.3 works just fine for building 2.2.26.0 On 11/01/2016 09:25 PM, Reuben Farrelly wrote: > I don't believe that is the case. > > I have 2.2.26.0 and -git building and running on multiple systems now > (two of which are Gentoo boxes) with LibreSSL-2.5 - and these systems do > not have OpenSSL installed. Are you running an old version of LibreSSL > perhaps? > > I *think* LibreSSL-2.4 was OK as well. > > Reuben > > > On 2/11/2016 4:46 AM, Ruga wrote: >> Hello, >> >> We cannot upgrade from 2.2.24, because we use libressl and the newer >> dovecot versions demand openssl v1.1. >> >> Please add the new library requirement to the INSTALL file. >> >> All the best. >> From skdovecot at smail.inf.fh-brs.de Wed Nov 2 09:39:06 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Wed, 2 Nov 2016 10:39:06 +0100 (CET) Subject: Dovecot 2 LDAP "unknown user" In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 1 Nov 2016, Peter Fraser wrote: > root at BSD-11:/usr/local/etc/dovecot # doveadm auth test username > Password: > passdb: user auth succeeded > extra fields: > user=username > root at BSD-11:/usr/local/etc/dovecot # > > But when I run telnet 127.0.0.1 110 and try to log in it says unknown user. > Error below in maillog. > BSD-11 dovecot: pop3: Error: Authenticated user not found from userdb, auth > lookup id=2262958081 (client-pid=2273 client-id=1) > Nov 1 15:15:41 BSD-11 dovecot: pop3-login: Internal login failure > (pid=2273 id=1) (internal failure, 1 successful auths): user= > passdb { > args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext > driver = ldap > } > userdb { > args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext > driver = ldap > } > #Contents of dovecot-ldap.conf.ext > hosts = 192.168.153.143 > dn = user at domain.com > dnpass = password > auth_bind = yes > auth_bind_userdn = domain\%u > ldap_version = 3 > base = dc=domain,dc=com > pass_filter = (&(objectclass=person)(uid=%u)) > user_attrs = homeDirectory=/home/vmail/%u,uid=1002,gid=1002 duplicate pass_filter to user_filter. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBWBm0Onz1H7kL/d9rAQJWhQf+PRD5yd29UyL1drjlTOWD/s4qUffg8OBh inb8L3eCKDuSad8s9INUJSa6WxGEVdatL4PKjTcbL5IsPIob87W5jOduWFMtPlt0 FXxWtfc1bAjRyNLzkGe1mUT1z0EDVO22UkQSd9J3bZQ9wR+FzgeGqdcyzl+WSyzB Eaiea23ieCjhZRAZF/pl1gDjkap+tPQ8gZLdt4p1QQrY5Jllifu5jYEyjqPkwUXf YMfEiCJSInyMQ8CCuL1Aj8iM/7qLLi8pyC9KSA6NntK4mpHAaInYln6SZY+ZGJCY KV60nGuwwv3qQFeKchhhr+GpGDQYXJ5eBq+Ji+cKgvbypFa13NNS8A== =l02F -----END PGP SIGNATURE----- From ruga at protonmail.com Wed Nov 2 10:34:37 2016 From: ruga at protonmail.com (Ruga) Date: Wed, 02 Nov 2016 06:34:37 -0400 Subject: v2.2.26.0 released In-Reply-To: <1138840967.2628.1478025011098@appsuite-dev.open-xchange.com> References: <6CB829CF-3BC6-4089-BB35-01BAA0F99EF7@iki.fi> <2DPmCI1mgp2koi_0oYFWJH-gJcbEuuOBPsetrVc4PAc5DzGdYo7poC8kpl_QfNlEngkhYlb0djFfQf4opgG6CuAkts_o12hOqX4LXj-zgDU=@protonmail.com> <1138840967.2628.1478025011098@appsuite-dev.open-xchange.com> Message-ID: dovecot 2.2.26.0 uses the following functions, which are not available on libressl 2.4.3: HMAC_CTX_new HMAC_CTX_free EVP_PKEY_get0_EC_KEY EVP_PKEY_get0_RSA OBJ_length EVP_MD_CTX_new EVP_MD_CTX_free The result of calling a non-existent function is a runtime error, and we do not want that on production servers. There are additional problems. I recommend compiling with clang-llvm 3.9.0 to see them all. -------- Original Message -------- Subject: Re: v2.2.26.0 released Local Time: 1 November 2016 7:30 PM UTC Time: 1 November 2016 18:30 From: aki.tuomi at dovecot.fi To: Dovecot Mailing List , Ruga OpenSSL v1.0.1 is enough. Aki > On November 1, 2016 at 7:46 PM Ruga wrote: > > > Hello, > > We cannot upgrade from 2.2.24, because we use libressl and the newer > dovecot versions demand openssl v1.1. > > Please add the new library requirement to the INSTALL file. > > All the best. > > > > > > > > > > -------- Original Message -------- > Subject: v2.2.26.0 released > Local Time: 28 October 2016 6:51 PM > UTC Time: 28 October 2016 16:51 > From: tss at iki.fi > To: dovecot-news at dovecot.org, Dovecot Mailing List > > http://dovecot.org/releases/2.2/dovecot-2.2.26.0.tar.gz > http://dovecot.org/releases/2.2/dovecot-2.2.26.0.tar.gz.sig > > v2.2.26 had a couple of nasty bugs left in it, so here's a fixup release. The version number is also a little bit weird, but had to be done this way (although 2.2.26.0.1 could have been another possibility). > > - Fixed some compiling issues. > - auth: Fixed assert-crash when using NTLM or SKEY mechanisms and > multiple passdbs. > - auth: Fixed crash when exporting to auth-worker passdb extra fields > that had empty values. > - dsync: Fixed assert-crash in dsync_brain_sync_mailbox_deinit From aki.tuomi at dovecot.fi Wed Nov 2 10:39:30 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Wed, 2 Nov 2016 12:39:30 +0200 Subject: v2.2.26.0 released In-Reply-To: References: <6CB829CF-3BC6-4089-BB35-01BAA0F99EF7@iki.fi> <2DPmCI1mgp2koi_0oYFWJH-gJcbEuuOBPsetrVc4PAc5DzGdYo7poC8kpl_QfNlEngkhYlb0djFfQf4opgG6CuAkts_o12hOqX4LXj-zgDU=@protonmail.com> <1138840967.2628.1478025011098@appsuite-dev.open-xchange.com> Message-ID: <4fe2e1ec-4e02-e74a-6a1f-10e8b98c9880@dovecot.fi> Hi! Those are used if #if OPENSSL_VERSION_NUMBER >= 0x10100000L So (your) libressl is providing this define. We compile our code using GCC and CLANG regularly, with OpenSSL v1.0.x which is the currently officially supported one. Aki On 02.11.2016 12:34, Ruga wrote: > dovecot 2.2.26.0 uses the following functions, which are not available on libressl 2.4.3: > > HMAC_CTX_new > HMAC_CTX_free > EVP_PKEY_get0_EC_KEY > EVP_PKEY_get0_RSA > OBJ_length > EVP_MD_CTX_new > EVP_MD_CTX_free > > The result of calling a non-existent function is a runtime error, > and we do not want that on production servers. > > > > > > > > There are additional problems. I recommend compiling with clang-llvm 3.9.0 > to see them all. > > > > > > > > -------- Original Message -------- > Subject: Re: v2.2.26.0 released > Local Time: 1 November 2016 7:30 PM > UTC Time: 1 November 2016 18:30 > From: aki.tuomi at dovecot.fi > To: Dovecot Mailing List , Ruga > > OpenSSL v1.0.1 is enough. > > Aki > >> On November 1, 2016 at 7:46 PM Ruga wrote: >> >> >> Hello, >> >> We cannot upgrade from 2.2.24, because we use libressl and the newer >> dovecot versions demand openssl v1.1. >> >> Please add the new library requirement to the INSTALL file. >> >> All the best. >> >> >> >> >> >> >> >> >> >> -------- Original Message -------- >> Subject: v2.2.26.0 released >> Local Time: 28 October 2016 6:51 PM >> UTC Time: 28 October 2016 16:51 >> From: tss at iki.fi >> To: dovecot-news at dovecot.org, Dovecot Mailing List >> >> http://dovecot.org/releases/2.2/dovecot-2.2.26.0.tar.gz >> http://dovecot.org/releases/2.2/dovecot-2.2.26.0.tar.gz.sig >> >> v2.2.26 had a couple of nasty bugs left in it, so here's a fixup release. The version number is also a little bit weird, but had to be done this way (although 2.2.26.0.1 could have been another possibility). >> >> - Fixed some compiling issues. >> - auth: Fixed assert-crash when using NTLM or SKEY mechanisms and >> multiple passdbs. >> - auth: Fixed crash when exporting to auth-worker passdb extra fields >> that had empty values. >> - dsync: Fixed assert-crash in dsync_brain_sync_mailbox_deinit From aki.tuomi at dovecot.fi Wed Nov 2 11:07:04 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Wed, 2 Nov 2016 13:07:04 +0200 Subject: v2.2.26.0 released In-Reply-To: <4fe2e1ec-4e02-e74a-6a1f-10e8b98c9880@dovecot.fi> References: <6CB829CF-3BC6-4089-BB35-01BAA0F99EF7@iki.fi> <2DPmCI1mgp2koi_0oYFWJH-gJcbEuuOBPsetrVc4PAc5DzGdYo7poC8kpl_QfNlEngkhYlb0djFfQf4opgG6CuAkts_o12hOqX4LXj-zgDU=@protonmail.com> <1138840967.2628.1478025011098@appsuite-dev.open-xchange.com> <4fe2e1ec-4e02-e74a-6a1f-10e8b98c9880@dovecot.fi> Message-ID: After doing some testing by myself, I noticed that libressl, for some unknown reason, defines #define OPENSSL_VERSION_NUMBER 0x20000000L No idea why they decided to advertise that they are OpenSSL v2.0.0. A local fix, if you need one, is to use #if OPENSSL_VERSION_NUMBER == 0x20000000L #define OPENSSL_VERSION_NUMBER 0x1000100L #endif in dcrypt-openssl.c after includes. Aki On 02.11.2016 12:39, Aki Tuomi wrote: > Hi! > > Those are used if > > #if OPENSSL_VERSION_NUMBER >= 0x10100000L > > So (your) libressl is providing this define. We compile our code using > GCC and CLANG regularly, with OpenSSL v1.0.x which is the currently > officially supported one. > > Aki > > > On 02.11.2016 12:34, Ruga wrote: >> dovecot 2.2.26.0 uses the following functions, which are not >> available on libressl 2.4.3: >> >> HMAC_CTX_new >> HMAC_CTX_free >> EVP_PKEY_get0_EC_KEY >> EVP_PKEY_get0_RSA >> OBJ_length >> EVP_MD_CTX_new >> EVP_MD_CTX_free >> >> The result of calling a non-existent function is a runtime error, >> and we do not want that on production servers. >> >> >> >> >> >> >> >> There are additional problems. I recommend compiling with clang-llvm >> 3.9.0 >> to see them all. >> >> >> >> >> >> >> >> -------- Original Message -------- >> Subject: Re: v2.2.26.0 released >> Local Time: 1 November 2016 7:30 PM >> UTC Time: 1 November 2016 18:30 >> From: aki.tuomi at dovecot.fi >> To: Dovecot Mailing List , Ruga >> >> >> OpenSSL v1.0.1 is enough. >> >> Aki >> >>> On November 1, 2016 at 7:46 PM Ruga wrote: >>> >>> >>> Hello, >>> >>> We cannot upgrade from 2.2.24, because we use libressl and the newer >>> dovecot versions demand openssl v1.1. >>> >>> Please add the new library requirement to the INSTALL file. >>> >>> All the best. >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> -------- Original Message -------- >>> Subject: v2.2.26.0 released >>> Local Time: 28 October 2016 6:51 PM >>> UTC Time: 28 October 2016 16:51 >>> From: tss at iki.fi >>> To: dovecot-news at dovecot.org, Dovecot Mailing List >>> >>> >>> http://dovecot.org/releases/2.2/dovecot-2.2.26.0.tar.gz >>> http://dovecot.org/releases/2.2/dovecot-2.2.26.0.tar.gz.sig >>> >>> v2.2.26 had a couple of nasty bugs left in it, so here's a fixup >>> release. The version number is also a little bit weird, but had to >>> be done this way (although 2.2.26.0.1 could have been another >>> possibility). >>> >>> - Fixed some compiling issues. >>> - auth: Fixed assert-crash when using NTLM or SKEY mechanisms and >>> multiple passdbs. >>> - auth: Fixed crash when exporting to auth-worker passdb extra fields >>> that had empty values. >>> - dsync: Fixed assert-crash in dsync_brain_sync_mailbox_deinit From mpeters at domblogger.net Wed Nov 2 11:22:52 2016 From: mpeters at domblogger.net (Michael A. Peters) Date: Wed, 2 Nov 2016 04:22:52 -0700 Subject: v2.2.26.0 released In-Reply-To: References: <6CB829CF-3BC6-4089-BB35-01BAA0F99EF7@iki.fi> <2DPmCI1mgp2koi_0oYFWJH-gJcbEuuOBPsetrVc4PAc5DzGdYo7poC8kpl_QfNlEngkhYlb0djFfQf4opgG6CuAkts_o12hOqX4LXj-zgDU=@protonmail.com> <1138840967.2628.1478025011098@appsuite-dev.open-xchange.com> <4fe2e1ec-4e02-e74a-6a1f-10e8b98c9880@dovecot.fi> Message-ID: <3b684169-119b-4ea7-7c90-45713cc44763@domblogger.net> Standard way to fix it (on the LibreSSL page) is to check for LIBRESSL_VERSION_NUMBER - e.g. the patch attached which I think catches them all where needed. Note the word think. It certainly appears to be working anyway with it. On 11/02/2016 04:07 AM, Aki Tuomi wrote: > After doing some testing by myself, I noticed that libressl, for some > unknown reason, defines > > #define OPENSSL_VERSION_NUMBER 0x20000000L > > No idea why they decided to advertise that they are OpenSSL v2.0.0. A > local fix, if you need one, is to use > > #if OPENSSL_VERSION_NUMBER == 0x20000000L > #define OPENSSL_VERSION_NUMBER 0x1000100L > #endif > > in dcrypt-openssl.c after includes. > > Aki > > > On 02.11.2016 12:39, Aki Tuomi wrote: >> Hi! >> >> Those are used if >> >> #if OPENSSL_VERSION_NUMBER >= 0x10100000L >> >> So (your) libressl is providing this define. We compile our code using >> GCC and CLANG regularly, with OpenSSL v1.0.x which is the currently >> officially supported one. >> >> Aki >> >> >> On 02.11.2016 12:34, Ruga wrote: >>> dovecot 2.2.26.0 uses the following functions, which are not >>> available on libressl 2.4.3: >>> >>> HMAC_CTX_new >>> HMAC_CTX_free >>> EVP_PKEY_get0_EC_KEY >>> EVP_PKEY_get0_RSA >>> OBJ_length >>> EVP_MD_CTX_new >>> EVP_MD_CTX_free >>> >>> The result of calling a non-existent function is a runtime error, >>> and we do not want that on production servers. >>> >>> >>> >>> >>> >>> >>> >>> There are additional problems. I recommend compiling with clang-llvm >>> 3.9.0 >>> to see them all. >>> >>> >>> >>> >>> >>> >>> >>> -------- Original Message -------- >>> Subject: Re: v2.2.26.0 released >>> Local Time: 1 November 2016 7:30 PM >>> UTC Time: 1 November 2016 18:30 >>> From: aki.tuomi at dovecot.fi >>> To: Dovecot Mailing List , Ruga >>> >>> >>> OpenSSL v1.0.1 is enough. >>> >>> Aki >>> >>>> On November 1, 2016 at 7:46 PM Ruga wrote: >>>> >>>> >>>> Hello, >>>> >>>> We cannot upgrade from 2.2.24, because we use libressl and the newer >>>> dovecot versions demand openssl v1.1. >>>> >>>> Please add the new library requirement to the INSTALL file. >>>> >>>> All the best. >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> -------- Original Message -------- >>>> Subject: v2.2.26.0 released >>>> Local Time: 28 October 2016 6:51 PM >>>> UTC Time: 28 October 2016 16:51 >>>> From: tss at iki.fi >>>> To: dovecot-news at dovecot.org, Dovecot Mailing List >>>> >>>> >>>> http://dovecot.org/releases/2.2/dovecot-2.2.26.0.tar.gz >>>> http://dovecot.org/releases/2.2/dovecot-2.2.26.0.tar.gz.sig >>>> >>>> v2.2.26 had a couple of nasty bugs left in it, so here's a fixup >>>> release. The version number is also a little bit weird, but had to >>>> be done this way (although 2.2.26.0.1 could have been another >>>> possibility). >>>> >>>> - Fixed some compiling issues. >>>> - auth: Fixed assert-crash when using NTLM or SKEY mechanisms and >>>> multiple passdbs. >>>> - auth: Fixed crash when exporting to auth-worker passdb extra fields >>>> that had empty values. >>>> - dsync: Fixed assert-crash in dsync_brain_sync_mailbox_deinit -------------- next part -------------- A non-text attachment was scrubbed... Name: dovecot-2.2.26.0-libressl.patch Type: text/x-patch Size: 4597 bytes Desc: not available URL: From aki.tuomi at dovecot.fi Wed Nov 2 11:25:17 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Wed, 2 Nov 2016 13:25:17 +0200 Subject: v2.2.26.0 released In-Reply-To: <3b684169-119b-4ea7-7c90-45713cc44763@domblogger.net> References: <6CB829CF-3BC6-4089-BB35-01BAA0F99EF7@iki.fi> <2DPmCI1mgp2koi_0oYFWJH-gJcbEuuOBPsetrVc4PAc5DzGdYo7poC8kpl_QfNlEngkhYlb0djFfQf4opgG6CuAkts_o12hOqX4LXj-zgDU=@protonmail.com> <1138840967.2628.1478025011098@appsuite-dev.open-xchange.com> <4fe2e1ec-4e02-e74a-6a1f-10e8b98c9880@dovecot.fi> <3b684169-119b-4ea7-7c90-45713cc44763@domblogger.net> Message-ID: It does work today, I am just bit worried that it will keep on breaking with libressl as they evolve their API. I would personally like to avoid more ifdef hell if possible... Aki On 02.11.2016 13:22, Michael A. Peters wrote: > Standard way to fix it (on the LibreSSL page) is to check for > LIBRESSL_VERSION_NUMBER - e.g. the patch attached which I think > catches them all where needed. Note the word think. > > It certainly appears to be working anyway with it. > > On 11/02/2016 04:07 AM, Aki Tuomi wrote: >> After doing some testing by myself, I noticed that libressl, for some >> unknown reason, defines >> >> #define OPENSSL_VERSION_NUMBER 0x20000000L >> >> No idea why they decided to advertise that they are OpenSSL v2.0.0. A >> local fix, if you need one, is to use >> >> #if OPENSSL_VERSION_NUMBER == 0x20000000L >> #define OPENSSL_VERSION_NUMBER 0x1000100L >> #endif >> >> in dcrypt-openssl.c after includes. >> >> Aki >> >> >> On 02.11.2016 12:39, Aki Tuomi wrote: >>> Hi! >>> >>> Those are used if >>> >>> #if OPENSSL_VERSION_NUMBER >= 0x10100000L >>> >>> So (your) libressl is providing this define. We compile our code using >>> GCC and CLANG regularly, with OpenSSL v1.0.x which is the currently >>> officially supported one. >>> >>> Aki >>> >>> >>> On 02.11.2016 12:34, Ruga wrote: >>>> dovecot 2.2.26.0 uses the following functions, which are not >>>> available on libressl 2.4.3: >>>> >>>> HMAC_CTX_new >>>> HMAC_CTX_free >>>> EVP_PKEY_get0_EC_KEY >>>> EVP_PKEY_get0_RSA >>>> OBJ_length >>>> EVP_MD_CTX_new >>>> EVP_MD_CTX_free >>>> >>>> The result of calling a non-existent function is a runtime error, >>>> and we do not want that on production servers. >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> There are additional problems. I recommend compiling with clang-llvm >>>> 3.9.0 >>>> to see them all. >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> -------- Original Message -------- >>>> Subject: Re: v2.2.26.0 released >>>> Local Time: 1 November 2016 7:30 PM >>>> UTC Time: 1 November 2016 18:30 >>>> From: aki.tuomi at dovecot.fi >>>> To: Dovecot Mailing List , Ruga >>>> >>>> >>>> OpenSSL v1.0.1 is enough. >>>> >>>> Aki >>>> >>>>> On November 1, 2016 at 7:46 PM Ruga wrote: >>>>> >>>>> >>>>> Hello, >>>>> >>>>> We cannot upgrade from 2.2.24, because we use libressl and the newer >>>>> dovecot versions demand openssl v1.1. >>>>> >>>>> Please add the new library requirement to the INSTALL file. >>>>> >>>>> All the best. >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> -------- Original Message -------- >>>>> Subject: v2.2.26.0 released >>>>> Local Time: 28 October 2016 6:51 PM >>>>> UTC Time: 28 October 2016 16:51 >>>>> From: tss at iki.fi >>>>> To: dovecot-news at dovecot.org, Dovecot Mailing List >>>>> >>>>> >>>>> http://dovecot.org/releases/2.2/dovecot-2.2.26.0.tar.gz >>>>> http://dovecot.org/releases/2.2/dovecot-2.2.26.0.tar.gz.sig >>>>> >>>>> v2.2.26 had a couple of nasty bugs left in it, so here's a fixup >>>>> release. The version number is also a little bit weird, but had to >>>>> be done this way (although 2.2.26.0.1 could have been another >>>>> possibility). >>>>> >>>>> - Fixed some compiling issues. >>>>> - auth: Fixed assert-crash when using NTLM or SKEY mechanisms and >>>>> multiple passdbs. >>>>> - auth: Fixed crash when exporting to auth-worker passdb extra fields >>>>> that had empty values. >>>>> - dsync: Fixed assert-crash in dsync_brain_sync_mailbox_deinit > From limperis at cti.gr Wed Nov 2 11:30:33 2016 From: limperis at cti.gr (Limperis Antonis) Date: Wed, 2 Nov 2016 11:30:33 +0000 Subject: =?utf-8?B?zpEgY29tcGlsYXRpb24gcHJvYmxlbSBleGlzdHMgd2l0aCBTdW4gc3R1ZGlv?= =?utf-8?Q?_12?= Message-ID: Hello, I tried to compile Dovecot 2.2.26.0 with Sun Studio 12.0 on a Sun Solaris 10 x86 machine, but an error occurred related to src/lib-ldap/ldap-compare.c. "ldap-compare.c", line 112: void function cannot return value cc: acomp failed for ldap-compare.c *** Error code 1 make: Fatal error: Command failed for target `ldap-compare.lo' The problem fixed with the following changes on this file: --- dovecot-2.2.26.0/src/lib-ldap/ldap-compare.c.orig Wed Nov 2 06:51:27 2016 +++ dovecot-2.2.26.0/src/lib-ldap/ldap-compare.c Wed Nov 2 06:24:02 2016 @@ -109,7 +109,9 @@ req->send_request_cb = ldap_compare_send; req->timeout_secs = input->timeout_secs; - return ldap_connection_queue_request(conn, req); +// return ldap_connection_queue_request(conn, req); + ldap_connection_queue_request(conn, req); + return; } You could see it in the next release of dovecot; Thank You. Antonis From aki.tuomi at dovecot.fi Wed Nov 2 11:31:29 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Wed, 2 Nov 2016 13:31:29 +0200 Subject: =?UTF-8?Q?Re:_=ce=91_compilation_problem_exists_with_Sun_studio_12?= In-Reply-To: References: Message-ID: On 02.11.2016 13:30, Limperis Antonis wrote: > Hello, > > I tried to compile Dovecot 2.2.26.0 with Sun Studio 12.0 on a Sun Solaris 10 x86 machine, but an error occurred related to src/lib-ldap/ldap-compare.c. > > "ldap-compare.c", line 112: void function cannot return value > cc: acomp failed for ldap-compare.c > *** Error code 1 > make: Fatal error: Command failed for target `ldap-compare.lo' > > The problem fixed with the following changes on this file: > > --- dovecot-2.2.26.0/src/lib-ldap/ldap-compare.c.orig Wed Nov 2 06:51:27 2016 > +++ dovecot-2.2.26.0/src/lib-ldap/ldap-compare.c Wed Nov 2 06:24:02 2016 > @@ -109,7 +109,9 @@ > req->send_request_cb = ldap_compare_send; > req->timeout_secs = input->timeout_secs; > > - return ldap_connection_queue_request(conn, req); > +// return ldap_connection_queue_request(conn, req); > + ldap_connection_queue_request(conn, req); > + return; > } > > You could see it in the next release of dovecot; > Thank You. > Antonis Hi! Thank you. Aki Tuomi Dovecot oy From mpeters at domblogger.net Wed Nov 2 11:36:05 2016 From: mpeters at domblogger.net (Michael A. Peters) Date: Wed, 2 Nov 2016 04:36:05 -0700 Subject: v2.2.26.0 released In-Reply-To: References: <6CB829CF-3BC6-4089-BB35-01BAA0F99EF7@iki.fi> <2DPmCI1mgp2koi_0oYFWJH-gJcbEuuOBPsetrVc4PAc5DzGdYo7poC8kpl_QfNlEngkhYlb0djFfQf4opgG6CuAkts_o12hOqX4LXj-zgDU=@protonmail.com> <1138840967.2628.1478025011098@appsuite-dev.open-xchange.com> <4fe2e1ec-4e02-e74a-6a1f-10e8b98c9880@dovecot.fi> <3b684169-119b-4ea7-7c90-45713cc44763@domblogger.net> Message-ID: They have stated they are going to remain API compatible with 1.0.1h (or g, forget which they forked) - their new stuff is outside of libcrypto. On 11/02/2016 04:25 AM, Aki Tuomi wrote: > It does work today, I am just bit worried that it will keep on breaking > with libressl as they evolve their API. I would personally like to avoid > more ifdef hell if possible... > > Aki > > > On 02.11.2016 13:22, Michael A. Peters wrote: >> Standard way to fix it (on the LibreSSL page) is to check for >> LIBRESSL_VERSION_NUMBER - e.g. the patch attached which I think >> catches them all where needed. Note the word think. >> >> It certainly appears to be working anyway with it. >> >> On 11/02/2016 04:07 AM, Aki Tuomi wrote: >>> After doing some testing by myself, I noticed that libressl, for some >>> unknown reason, defines >>> >>> #define OPENSSL_VERSION_NUMBER 0x20000000L >>> >>> No idea why they decided to advertise that they are OpenSSL v2.0.0. A >>> local fix, if you need one, is to use >>> >>> #if OPENSSL_VERSION_NUMBER == 0x20000000L >>> #define OPENSSL_VERSION_NUMBER 0x1000100L >>> #endif >>> >>> in dcrypt-openssl.c after includes. >>> >>> Aki >>> >>> >>> On 02.11.2016 12:39, Aki Tuomi wrote: >>>> Hi! >>>> >>>> Those are used if >>>> >>>> #if OPENSSL_VERSION_NUMBER >= 0x10100000L >>>> >>>> So (your) libressl is providing this define. We compile our code using >>>> GCC and CLANG regularly, with OpenSSL v1.0.x which is the currently >>>> officially supported one. >>>> >>>> Aki >>>> >>>> >>>> On 02.11.2016 12:34, Ruga wrote: >>>>> dovecot 2.2.26.0 uses the following functions, which are not >>>>> available on libressl 2.4.3: >>>>> >>>>> HMAC_CTX_new >>>>> HMAC_CTX_free >>>>> EVP_PKEY_get0_EC_KEY >>>>> EVP_PKEY_get0_RSA >>>>> OBJ_length >>>>> EVP_MD_CTX_new >>>>> EVP_MD_CTX_free >>>>> >>>>> The result of calling a non-existent function is a runtime error, >>>>> and we do not want that on production servers. >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> There are additional problems. I recommend compiling with clang-llvm >>>>> 3.9.0 >>>>> to see them all. >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> -------- Original Message -------- >>>>> Subject: Re: v2.2.26.0 released >>>>> Local Time: 1 November 2016 7:30 PM >>>>> UTC Time: 1 November 2016 18:30 >>>>> From: aki.tuomi at dovecot.fi >>>>> To: Dovecot Mailing List , Ruga >>>>> >>>>> >>>>> OpenSSL v1.0.1 is enough. >>>>> >>>>> Aki >>>>> >>>>>> On November 1, 2016 at 7:46 PM Ruga wrote: >>>>>> >>>>>> >>>>>> Hello, >>>>>> >>>>>> We cannot upgrade from 2.2.24, because we use libressl and the newer >>>>>> dovecot versions demand openssl v1.1. >>>>>> >>>>>> Please add the new library requirement to the INSTALL file. >>>>>> >>>>>> All the best. >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -------- Original Message -------- >>>>>> Subject: v2.2.26.0 released >>>>>> Local Time: 28 October 2016 6:51 PM >>>>>> UTC Time: 28 October 2016 16:51 >>>>>> From: tss at iki.fi >>>>>> To: dovecot-news at dovecot.org, Dovecot Mailing List >>>>>> >>>>>> >>>>>> http://dovecot.org/releases/2.2/dovecot-2.2.26.0.tar.gz >>>>>> http://dovecot.org/releases/2.2/dovecot-2.2.26.0.tar.gz.sig >>>>>> >>>>>> v2.2.26 had a couple of nasty bugs left in it, so here's a fixup >>>>>> release. The version number is also a little bit weird, but had to >>>>>> be done this way (although 2.2.26.0.1 could have been another >>>>>> possibility). >>>>>> >>>>>> - Fixed some compiling issues. >>>>>> - auth: Fixed assert-crash when using NTLM or SKEY mechanisms and >>>>>> multiple passdbs. >>>>>> - auth: Fixed crash when exporting to auth-worker passdb extra fields >>>>>> that had empty values. >>>>>> - dsync: Fixed assert-crash in dsync_brain_sync_mailbox_deinit >> From mpeters at domblogger.net Wed Nov 2 11:39:17 2016 From: mpeters at domblogger.net (Michael A. Peters) Date: Wed, 2 Nov 2016 04:39:17 -0700 Subject: v2.2.26.0 released In-Reply-To: References: <6CB829CF-3BC6-4089-BB35-01BAA0F99EF7@iki.fi> <2DPmCI1mgp2koi_0oYFWJH-gJcbEuuOBPsetrVc4PAc5DzGdYo7poC8kpl_QfNlEngkhYlb0djFfQf4opgG6CuAkts_o12hOqX4LXj-zgDU=@protonmail.com> <1138840967.2628.1478025011098@appsuite-dev.open-xchange.com> <4fe2e1ec-4e02-e74a-6a1f-10e8b98c9880@dovecot.fi> <3b684169-119b-4ea7-7c90-45713cc44763@domblogger.net> Message-ID: <7c906b32-e5f8-3479-2d22-84b28fdb4507@domblogger.net> IMHO it would be acceptable to have a LibreSSL patch that is maintained by the people who want it. It's free software, and that kind of is the point of Open Source. On 11/02/2016 04:36 AM, Michael A. Peters wrote: > They have stated they are going to remain API compatible with 1.0.1h (or > g, forget which they forked) - their new stuff is outside of libcrypto. > > On 11/02/2016 04:25 AM, Aki Tuomi wrote: >> It does work today, I am just bit worried that it will keep on breaking >> with libressl as they evolve their API. I would personally like to avoid >> more ifdef hell if possible... >> >> Aki >> >> >> On 02.11.2016 13:22, Michael A. Peters wrote: >>> Standard way to fix it (on the LibreSSL page) is to check for >>> LIBRESSL_VERSION_NUMBER - e.g. the patch attached which I think >>> catches them all where needed. Note the word think. >>> >>> It certainly appears to be working anyway with it. >>> >>> On 11/02/2016 04:07 AM, Aki Tuomi wrote: >>>> After doing some testing by myself, I noticed that libressl, for some >>>> unknown reason, defines >>>> >>>> #define OPENSSL_VERSION_NUMBER 0x20000000L >>>> >>>> No idea why they decided to advertise that they are OpenSSL v2.0.0. A >>>> local fix, if you need one, is to use >>>> >>>> #if OPENSSL_VERSION_NUMBER == 0x20000000L >>>> #define OPENSSL_VERSION_NUMBER 0x1000100L >>>> #endif >>>> >>>> in dcrypt-openssl.c after includes. >>>> >>>> Aki >>>> >>>> >>>> On 02.11.2016 12:39, Aki Tuomi wrote: >>>>> Hi! >>>>> >>>>> Those are used if >>>>> >>>>> #if OPENSSL_VERSION_NUMBER >= 0x10100000L >>>>> >>>>> So (your) libressl is providing this define. We compile our code using >>>>> GCC and CLANG regularly, with OpenSSL v1.0.x which is the currently >>>>> officially supported one. >>>>> >>>>> Aki >>>>> >>>>> >>>>> On 02.11.2016 12:34, Ruga wrote: >>>>>> dovecot 2.2.26.0 uses the following functions, which are not >>>>>> available on libressl 2.4.3: >>>>>> >>>>>> HMAC_CTX_new >>>>>> HMAC_CTX_free >>>>>> EVP_PKEY_get0_EC_KEY >>>>>> EVP_PKEY_get0_RSA >>>>>> OBJ_length >>>>>> EVP_MD_CTX_new >>>>>> EVP_MD_CTX_free >>>>>> >>>>>> The result of calling a non-existent function is a runtime error, >>>>>> and we do not want that on production servers. >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> There are additional problems. I recommend compiling with clang-llvm >>>>>> 3.9.0 >>>>>> to see them all. >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -------- Original Message -------- >>>>>> Subject: Re: v2.2.26.0 released >>>>>> Local Time: 1 November 2016 7:30 PM >>>>>> UTC Time: 1 November 2016 18:30 >>>>>> From: aki.tuomi at dovecot.fi >>>>>> To: Dovecot Mailing List , Ruga >>>>>> >>>>>> >>>>>> OpenSSL v1.0.1 is enough. >>>>>> >>>>>> Aki >>>>>> >>>>>>> On November 1, 2016 at 7:46 PM Ruga wrote: >>>>>>> >>>>>>> >>>>>>> Hello, >>>>>>> >>>>>>> We cannot upgrade from 2.2.24, because we use libressl and the newer >>>>>>> dovecot versions demand openssl v1.1. >>>>>>> >>>>>>> Please add the new library requirement to the INSTALL file. >>>>>>> >>>>>>> All the best. >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> -------- Original Message -------- >>>>>>> Subject: v2.2.26.0 released >>>>>>> Local Time: 28 October 2016 6:51 PM >>>>>>> UTC Time: 28 October 2016 16:51 >>>>>>> From: tss at iki.fi >>>>>>> To: dovecot-news at dovecot.org, Dovecot Mailing List >>>>>>> >>>>>>> >>>>>>> http://dovecot.org/releases/2.2/dovecot-2.2.26.0.tar.gz >>>>>>> http://dovecot.org/releases/2.2/dovecot-2.2.26.0.tar.gz.sig >>>>>>> >>>>>>> v2.2.26 had a couple of nasty bugs left in it, so here's a fixup >>>>>>> release. The version number is also a little bit weird, but had to >>>>>>> be done this way (although 2.2.26.0.1 could have been another >>>>>>> possibility). >>>>>>> >>>>>>> - Fixed some compiling issues. >>>>>>> - auth: Fixed assert-crash when using NTLM or SKEY mechanisms and >>>>>>> multiple passdbs. >>>>>>> - auth: Fixed crash when exporting to auth-worker passdb extra >>>>>>> fields >>>>>>> that had empty values. >>>>>>> - dsync: Fixed assert-crash in dsync_brain_sync_mailbox_deinit >>> From ruga at protonmail.com Wed Nov 2 12:08:56 2016 From: ruga at protonmail.com (Ruga) Date: Wed, 02 Nov 2016 08:08:56 -0400 Subject: v2.2.26.0 released In-Reply-To: <7c906b32-e5f8-3479-2d22-84b28fdb4507@domblogger.net> References: <6CB829CF-3BC6-4089-BB35-01BAA0F99EF7@iki.fi> <2DPmCI1mgp2koi_0oYFWJH-gJcbEuuOBPsetrVc4PAc5DzGdYo7poC8kpl_QfNlEngkhYlb0djFfQf4opgG6CuAkts_o12hOqX4LXj-zgDU=@protonmail.com> <1138840967.2628.1478025011098@appsuite-dev.open-xchange.com> <4fe2e1ec-4e02-e74a-6a1f-10e8b98c9880@dovecot.fi> <3b684169-119b-4ea7-7c90-45713cc44763@domblogger.net> <7c906b32-e5f8-3479-2d22-84b28fdb4507@domblogger.net> Message-ID: libressl is a leaner and safer openssl Sent from ProtonMail Mobile On Wed, Nov 2, 2016 at 12:39 PM, Michael A. Peters <'mpeters at domblogger.net'> wrote: IMHO it would be acceptable to have a LibreSSL patch that is maintained by the people who want it. It's free software, and that kind of is the point of Open Source. On 11/02/2016 04:36 AM, Michael A. Peters wrote: > They have stated they are going to remain API compatible with 1.0.1h (or > g, forget which they forked) - their new stuff is outside of libcrypto. > > On 11/02/2016 04:25 AM, Aki Tuomi wrote: >> It does work today, I am just bit worried that it will keep on breaking >> with libressl as they evolve their API. I would personally like to avoid >> more ifdef hell if possible... >> >> Aki >> >> >> On 02.11.2016 13:22, Michael A. Peters wrote: >>> Standard way to fix it (on the LibreSSL page) is to check for >>> LIBRESSL_VERSION_NUMBER - e.g. the patch attached which I think >>> catches them all where needed. Note the word think. >>> >>> It certainly appears to be working anyway with it. >>> >>> On 11/02/2016 04:07 AM, Aki Tuomi wrote: >>>> After doing some testing by myself, I noticed that libressl, for some >>>> unknown reason, defines >>>> >>>> #define OPENSSL_VERSION_NUMBER 0x20000000L >>>> >>>> No idea why they decided to advertise that they are OpenSSL v2.0.0. A >>>> local fix, if you need one, is to use >>>> >>>> #if OPENSSL_VERSION_NUMBER == 0x20000000L >>>> #define OPENSSL_VERSION_NUMBER 0x1000100L >>>> #endif >>>> >>>> in dcrypt-openssl.c after includes. >>>> >>>> Aki >>>> >>>> >>>> On 02.11.2016 12:39, Aki Tuomi wrote: >>>>> Hi! >>>>> >>>>> Those are used if >>>>> >>>>> #if OPENSSL_VERSION_NUMBER >= 0x10100000L >>>>> >>>>> So (your) libressl is providing this define. We compile our code using >>>>> GCC and CLANG regularly, with OpenSSL v1.0.x which is the currently >>>>> officially supported one. >>>>> >>>>> Aki >>>>> >>>>> >>>>> On 02.11.2016 12:34, Ruga wrote: >>>>>> dovecot 2.2.26.0 uses the following functions, which are not >>>>>> available on libressl 2.4.3: >>>>>> >>>>>> HMAC_CTX_new >>>>>> HMAC_CTX_free >>>>>> EVP_PKEY_get0_EC_KEY >>>>>> EVP_PKEY_get0_RSA >>>>>> OBJ_length >>>>>> EVP_MD_CTX_new >>>>>> EVP_MD_CTX_free >>>>>> >>>>>> The result of calling a non-existent function is a runtime error, >>>>>> and we do not want that on production servers. >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> There are additional problems. I recommend compiling with clang-llvm >>>>>> 3.9.0 >>>>>> to see them all. >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -------- Original Message -------- >>>>>> Subject: Re: v2.2.26.0 released >>>>>> Local Time: 1 November 2016 7:30 PM >>>>>> UTC Time: 1 November 2016 18:30 >>>>>> From: aki.tuomi at dovecot.fi >>>>>> To: Dovecot Mailing List , Ruga >>>>>> >>>>>> >>>>>> OpenSSL v1.0.1 is enough. >>>>>> >>>>>> Aki >>>>>> >>>>>>> On November 1, 2016 at 7:46 PM Ruga wrote: >>>>>>> >>>>>>> >>>>>>> Hello, >>>>>>> >>>>>>> We cannot upgrade from 2.2.24, because we use libressl and the newer >>>>>>> dovecot versions demand openssl v1.1. >>>>>>> >>>>>>> Please add the new library requirement to the INSTALL file. >>>>>>> >>>>>>> All the best. >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> -------- Original Message -------- >>>>>>> Subject: v2.2.26.0 released >>>>>>> Local Time: 28 October 2016 6:51 PM >>>>>>> UTC Time: 28 October 2016 16:51 >>>>>>> From: tss at iki.fi >>>>>>> To: dovecot-news at dovecot.org, Dovecot Mailing List >>>>>>> >>>>>>> >>>>>>> http://dovecot.org/releases/2.2/dovecot-2.2.26.0.tar.gz >>>>>>> http://dovecot.org/releases/2.2/dovecot-2.2.26.0.tar.gz.sig >>>>>>> >>>>>>> v2.2.26 had a couple of nasty bugs left in it, so here's a fixup >>>>>>> release. The version number is also a little bit weird, but had to >>>>>>> be done this way (although 2.2.26.0.1 could have been another >>>>>>> possibility). >>>>>>> >>>>>>> - Fixed some compiling issues. >>>>>>> - auth: Fixed assert-crash when using NTLM or SKEY mechanisms and >>>>>>> multiple passdbs. >>>>>>> - auth: Fixed crash when exporting to auth-worker passdb extra >>>>>>> fields >>>>>>> that had empty values. >>>>>>> - dsync: Fixed assert-crash in dsync_brain_sync_mailbox_deinit >>> From flatworm at users.sourceforge.net Wed Nov 2 12:16:53 2016 From: flatworm at users.sourceforge.net (Konstantin Khomoutov) Date: Wed, 2 Nov 2016 15:16:53 +0300 Subject: Outlook 2010 woes In-Reply-To: <096c351f-a2fe-b088-0800-699e29ec549f@shout.net> References: <4aad0d05-bc43-4fda-c4e7-544fc59557f4@shout.net> <20161013095531.00007012@seibercom.net> <1454388715.707.1476367654083@appsuite-dev.open-xchange.com> <20161013182334.f65847ce815588d05557bd94@domain007.com> <20161013185200.5aa3b7a5d485f24b2a036c84@domain007.com> <1040717331.825.1476374511077@appsuite-dev.open-xchange.com> <918e60ae-be12-6994-e397-eeb0ae11313a@shout.net> <3dd328d4-aac4-3686-d68e-50840b8d291c@shout.net> <096c351f-a2fe-b088-0800-699e29ec549f@shout.net> Message-ID: <20161102151653.629dd40a5d907d44cfcfd243@domain007.com> On Tue, 1 Nov 2016 18:20:14 -0500 Bryan Holloway wrote: > In case anyone is interested, we finally found the problem: > > The new (2.2) server had "auth_mechanisms" of "digest-md5" enabled > along with "plain". This is what was causing the four-second delay, > but only with Outlook clients. > > Everything is working great now across the board. > > Thanks again to everyone's suggestions. Thanks for sharing. It's pretty amazing how far removed the problem cause can be from that problem's manifestation ;-) From mpeters at domblogger.net Wed Nov 2 12:24:00 2016 From: mpeters at domblogger.net (Michael A. Peters) Date: Wed, 2 Nov 2016 05:24:00 -0700 Subject: v2.2.26.0 released In-Reply-To: References: <6CB829CF-3BC6-4089-BB35-01BAA0F99EF7@iki.fi> <2DPmCI1mgp2koi_0oYFWJH-gJcbEuuOBPsetrVc4PAc5DzGdYo7poC8kpl_QfNlEngkhYlb0djFfQf4opgG6CuAkts_o12hOqX4LXj-zgDU=@protonmail.com> <1138840967.2628.1478025011098@appsuite-dev.open-xchange.com> <4fe2e1ec-4e02-e74a-6a1f-10e8b98c9880@dovecot.fi> <3b684169-119b-4ea7-7c90-45713cc44763@domblogger.net> <7c906b32-e5f8-3479-2d22-84b28fdb4507@domblogger.net> Message-ID: Indeed, which is why I use it. But it also is in the minority which is why I find it acceptable for FLOSS projects like dovecot to elect to only un-officially support LibreSSL via a community maintained patch. One of the reasons why OpenSSL was forked is because they were trying to support so many platforms that it made the code a real mess. Don't want the same to happen to another project because of it. Especially with places like github that make it easy for members of the community to create and maintain such a patch, it may be the best option if the project itself doesn't have someone who can officially maintain LibreSSL support. On 11/02/2016 05:08 AM, Ruga wrote: > libressl is a leaner and safer openssl > > Sent from ProtonMail Mobile > > > On Wed, Nov 2, 2016 at 12:39 PM, Michael A. Peters <'mpeters at domblogger.net'> wrote: > IMHO it would be acceptable to have a LibreSSL patch that is maintained > by the people who want it. > > It's free software, and that kind of is the point of Open Source. > > On 11/02/2016 04:36 AM, Michael A. Peters wrote: >> They have stated they are going to remain API compatible with 1.0.1h (or >> g, forget which they forked) - their new stuff is outside of libcrypto. >> >> On 11/02/2016 04:25 AM, Aki Tuomi wrote: >>> It does work today, I am just bit worried that it will keep on breaking >>> with libressl as they evolve their API. I would personally like to avoid >>> more ifdef hell if possible... >>> >>> Aki >>> >>> >>> On 02.11.2016 13:22, Michael A. Peters wrote: >>>> Standard way to fix it (on the LibreSSL page) is to check for >>>> LIBRESSL_VERSION_NUMBER - e.g. the patch attached which I think >>>> catches them all where needed. Note the word think. >>>> >>>> It certainly appears to be working anyway with it. >>>> >>>> On 11/02/2016 04:07 AM, Aki Tuomi wrote: >>>>> After doing some testing by myself, I noticed that libressl, for some >>>>> unknown reason, defines >>>>> >>>>> #define OPENSSL_VERSION_NUMBER 0x20000000L >>>>> >>>>> No idea why they decided to advertise that they are OpenSSL v2.0.0. A >>>>> local fix, if you need one, is to use >>>>> >>>>> #if OPENSSL_VERSION_NUMBER == 0x20000000L >>>>> #define OPENSSL_VERSION_NUMBER 0x1000100L >>>>> #endif >>>>> >>>>> in dcrypt-openssl.c after includes. >>>>> >>>>> Aki >>>>> >>>>> >>>>> On 02.11.2016 12:39, Aki Tuomi wrote: >>>>>> Hi! >>>>>> >>>>>> Those are used if >>>>>> >>>>>> #if OPENSSL_VERSION_NUMBER >= 0x10100000L >>>>>> >>>>>> So (your) libressl is providing this define. We compile our code using >>>>>> GCC and CLANG regularly, with OpenSSL v1.0.x which is the currently >>>>>> officially supported one. >>>>>> >>>>>> Aki >>>>>> >>>>>> >>>>>> On 02.11.2016 12:34, Ruga wrote: >>>>>>> dovecot 2.2.26.0 uses the following functions, which are not >>>>>>> available on libressl 2.4.3: >>>>>>> >>>>>>> HMAC_CTX_new >>>>>>> HMAC_CTX_free >>>>>>> EVP_PKEY_get0_EC_KEY >>>>>>> EVP_PKEY_get0_RSA >>>>>>> OBJ_length >>>>>>> EVP_MD_CTX_new >>>>>>> EVP_MD_CTX_free >>>>>>> >>>>>>> The result of calling a non-existent function is a runtime error, >>>>>>> and we do not want that on production servers. >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> There are additional problems. I recommend compiling with clang-llvm >>>>>>> 3.9.0 >>>>>>> to see them all. >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> -------- Original Message -------- >>>>>>> Subject: Re: v2.2.26.0 released >>>>>>> Local Time: 1 November 2016 7:30 PM >>>>>>> UTC Time: 1 November 2016 18:30 >>>>>>> From: aki.tuomi at dovecot.fi >>>>>>> To: Dovecot Mailing List , Ruga >>>>>>> >>>>>>> >>>>>>> OpenSSL v1.0.1 is enough. >>>>>>> >>>>>>> Aki >>>>>>> >>>>>>>> On November 1, 2016 at 7:46 PM Ruga wrote: >>>>>>>> >>>>>>>> >>>>>>>> Hello, >>>>>>>> >>>>>>>> We cannot upgrade from 2.2.24, because we use libressl and the newer >>>>>>>> dovecot versions demand openssl v1.1. >>>>>>>> >>>>>>>> Please add the new library requirement to the INSTALL file. >>>>>>>> >>>>>>>> All the best. >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -------- Original Message -------- >>>>>>>> Subject: v2.2.26.0 released >>>>>>>> Local Time: 28 October 2016 6:51 PM >>>>>>>> UTC Time: 28 October 2016 16:51 >>>>>>>> From: tss at iki.fi >>>>>>>> To: dovecot-news at dovecot.org, Dovecot Mailing List >>>>>>>> >>>>>>>> >>>>>>>> http://dovecot.org/releases/2.2/dovecot-2.2.26.0.tar.gz >>>>>>>> http://dovecot.org/releases/2.2/dovecot-2.2.26.0.tar.gz.sig >>>>>>>> >>>>>>>> v2.2.26 had a couple of nasty bugs left in it, so here's a fixup >>>>>>>> release. The version number is also a little bit weird, but had to >>>>>>>> be done this way (although 2.2.26.0.1 could have been another >>>>>>>> possibility). >>>>>>>> >>>>>>>> - Fixed some compiling issues. >>>>>>>> - auth: Fixed assert-crash when using NTLM or SKEY mechanisms and >>>>>>>> multiple passdbs. >>>>>>>> - auth: Fixed crash when exporting to auth-worker passdb extra >>>>>>>> fields >>>>>>>> that had empty values. >>>>>>>> - dsync: Fixed assert-crash in dsync_brain_sync_mailbox_deinit >>> > From aki.tuomi at dovecot.fi Wed Nov 2 12:37:41 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Wed, 2 Nov 2016 14:37:41 +0200 Subject: v2.2.26.0 released In-Reply-To: References: <6CB829CF-3BC6-4089-BB35-01BAA0F99EF7@iki.fi> <2DPmCI1mgp2koi_0oYFWJH-gJcbEuuOBPsetrVc4PAc5DzGdYo7poC8kpl_QfNlEngkhYlb0djFfQf4opgG6CuAkts_o12hOqX4LXj-zgDU=@protonmail.com> <1138840967.2628.1478025011098@appsuite-dev.open-xchange.com> <4fe2e1ec-4e02-e74a-6a1f-10e8b98c9880@dovecot.fi> <3b684169-119b-4ea7-7c90-45713cc44763@domblogger.net> <7c906b32-e5f8-3479-2d22-84b28fdb4507@domblogger.net> Message-ID: If the standard way works, I am happy to include the original patch I sent, amended so that it checks for presence of LIBRESSL_VERSION_NUMBER. If they keep this promise, then we should have no worries about things breaking up. Aki On 02.11.2016 14:24, Michael A. Peters wrote: > Indeed, which is why I use it. > > But it also is in the minority which is why I find it acceptable for > FLOSS projects like dovecot to elect to only un-officially support > LibreSSL via a community maintained patch. > > One of the reasons why OpenSSL was forked is because they were trying > to support so many platforms that it made the code a real mess. Don't > want the same to happen to another project because of it. > > Especially with places like github that make it easy for members of > the community to create and maintain such a patch, it may be the best > option if the project itself doesn't have someone who can officially > maintain LibreSSL support. > > On 11/02/2016 05:08 AM, Ruga wrote: >> libressl is a leaner and safer openssl >> >> Sent from ProtonMail Mobile >> >> >> On Wed, Nov 2, 2016 at 12:39 PM, Michael A. Peters >> <'mpeters at domblogger.net'> wrote: >> IMHO it would be acceptable to have a LibreSSL patch that is maintained >> by the people who want it. >> >> It's free software, and that kind of is the point of Open Source. >> >> On 11/02/2016 04:36 AM, Michael A. Peters wrote: >>> They have stated they are going to remain API compatible with 1.0.1h >>> (or >>> g, forget which they forked) - their new stuff is outside of libcrypto. >>> >>> On 11/02/2016 04:25 AM, Aki Tuomi wrote: >>>> It does work today, I am just bit worried that it will keep on >>>> breaking >>>> with libressl as they evolve their API. I would personally like to >>>> avoid >>>> more ifdef hell if possible... >>>> >>>> Aki >>>> >>>> >>>> On 02.11.2016 13:22, Michael A. Peters wrote: >>>>> Standard way to fix it (on the LibreSSL page) is to check for >>>>> LIBRESSL_VERSION_NUMBER - e.g. the patch attached which I think >>>>> catches them all where needed. Note the word think. >>>>> >>>>> It certainly appears to be working anyway with it. >>>>> >>>>> On 11/02/2016 04:07 AM, Aki Tuomi wrote: >>>>>> After doing some testing by myself, I noticed that libressl, for >>>>>> some >>>>>> unknown reason, defines >>>>>> >>>>>> #define OPENSSL_VERSION_NUMBER 0x20000000L >>>>>> >>>>>> No idea why they decided to advertise that they are OpenSSL >>>>>> v2.0.0. A >>>>>> local fix, if you need one, is to use >>>>>> >>>>>> #if OPENSSL_VERSION_NUMBER == 0x20000000L >>>>>> #define OPENSSL_VERSION_NUMBER 0x1000100L >>>>>> #endif >>>>>> >>>>>> in dcrypt-openssl.c after includes. >>>>>> >>>>>> Aki >>>>>> >>>>>> >>>>>> On 02.11.2016 12:39, Aki Tuomi wrote: >>>>>>> Hi! >>>>>>> >>>>>>> Those are used if >>>>>>> >>>>>>> #if OPENSSL_VERSION_NUMBER >= 0x10100000L >>>>>>> >>>>>>> So (your) libressl is providing this define. We compile our code >>>>>>> using >>>>>>> GCC and CLANG regularly, with OpenSSL v1.0.x which is the currently >>>>>>> officially supported one. >>>>>>> >>>>>>> Aki >>>>>>> >>>>>>> >>>>>>> On 02.11.2016 12:34, Ruga wrote: >>>>>>>> dovecot 2.2.26.0 uses the following functions, which are not >>>>>>>> available on libressl 2.4.3: >>>>>>>> >>>>>>>> HMAC_CTX_new >>>>>>>> HMAC_CTX_free >>>>>>>> EVP_PKEY_get0_EC_KEY >>>>>>>> EVP_PKEY_get0_RSA >>>>>>>> OBJ_length >>>>>>>> EVP_MD_CTX_new >>>>>>>> EVP_MD_CTX_free >>>>>>>> >>>>>>>> The result of calling a non-existent function is a runtime error, >>>>>>>> and we do not want that on production servers. >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> There are additional problems. I recommend compiling with >>>>>>>> clang-llvm >>>>>>>> 3.9.0 >>>>>>>> to see them all. >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -------- Original Message -------- >>>>>>>> Subject: Re: v2.2.26.0 released >>>>>>>> Local Time: 1 November 2016 7:30 PM >>>>>>>> UTC Time: 1 November 2016 18:30 >>>>>>>> From: aki.tuomi at dovecot.fi >>>>>>>> To: Dovecot Mailing List , Ruga >>>>>>>> >>>>>>>> >>>>>>>> OpenSSL v1.0.1 is enough. >>>>>>>> >>>>>>>> Aki >>>>>>>> >>>>>>>>> On November 1, 2016 at 7:46 PM Ruga wrote: >>>>>>>>> >>>>>>>>> >>>>>>>>> Hello, >>>>>>>>> >>>>>>>>> We cannot upgrade from 2.2.24, because we use libressl and the >>>>>>>>> newer >>>>>>>>> dovecot versions demand openssl v1.1. >>>>>>>>> >>>>>>>>> Please add the new library requirement to the INSTALL file. >>>>>>>>> >>>>>>>>> All the best. >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> -------- Original Message -------- >>>>>>>>> Subject: v2.2.26.0 released >>>>>>>>> Local Time: 28 October 2016 6:51 PM >>>>>>>>> UTC Time: 28 October 2016 16:51 >>>>>>>>> From: tss at iki.fi >>>>>>>>> To: dovecot-news at dovecot.org, Dovecot Mailing List >>>>>>>>> >>>>>>>>> >>>>>>>>> http://dovecot.org/releases/2.2/dovecot-2.2.26.0.tar.gz >>>>>>>>> http://dovecot.org/releases/2.2/dovecot-2.2.26.0.tar.gz.sig >>>>>>>>> >>>>>>>>> v2.2.26 had a couple of nasty bugs left in it, so here's a fixup >>>>>>>>> release. The version number is also a little bit weird, but >>>>>>>>> had to >>>>>>>>> be done this way (although 2.2.26.0.1 could have been another >>>>>>>>> possibility). >>>>>>>>> >>>>>>>>> - Fixed some compiling issues. >>>>>>>>> - auth: Fixed assert-crash when using NTLM or SKEY mechanisms and >>>>>>>>> multiple passdbs. >>>>>>>>> - auth: Fixed crash when exporting to auth-worker passdb extra >>>>>>>>> fields >>>>>>>>> that had empty values. >>>>>>>>> - dsync: Fixed assert-crash in dsync_brain_sync_mailbox_deinit >>>> > From ruga at protonmail.com Wed Nov 2 13:15:20 2016 From: ruga at protonmail.com (Ruga) Date: Wed, 02 Nov 2016 09:15:20 -0400 Subject: v2.2.26.0 released In-Reply-To: <3b684169-119b-4ea7-7c90-45713cc44763@domblogger.net> References: <6CB829CF-3BC6-4089-BB35-01BAA0F99EF7@iki.fi> <2DPmCI1mgp2koi_0oYFWJH-gJcbEuuOBPsetrVc4PAc5DzGdYo7poC8kpl_QfNlEngkhYlb0djFfQf4opgG6CuAkts_o12hOqX4LXj-zgDU=@protonmail.com> <1138840967.2628.1478025011098@appsuite-dev.open-xchange.com> <4fe2e1ec-4e02-e74a-6a1f-10e8b98c9880@dovecot.fi> <3b684169-119b-4ea7-7c90-45713cc44763@domblogger.net> Message-ID: Thank you. Sent from ProtonMail Mobile On Wed, Nov 2, 2016 at 12:22 PM, Michael A. Peters <'mpeters at domblogger.net'> wrote: Standard way to fix it (on the LibreSSL page) is to check for LIBRESSL_VERSION_NUMBER - e.g. the patch attached which I think catches them all where needed. Note the word think. It certainly appears to be working anyway with it. On 11/02/2016 04:07 AM, Aki Tuomi wrote: > After doing some testing by myself, I noticed that libressl, for some > unknown reason, defines > > #define OPENSSL_VERSION_NUMBER 0x20000000L > > No idea why they decided to advertise that they are OpenSSL v2.0.0. A > local fix, if you need one, is to use > > #if OPENSSL_VERSION_NUMBER == 0x20000000L > #define OPENSSL_VERSION_NUMBER 0x1000100L > #endif > > in dcrypt-openssl.c after includes. > > Aki > > > On 02.11.2016 12:39, Aki Tuomi wrote: >> Hi! >> >> Those are used if >> >> #if OPENSSL_VERSION_NUMBER >= 0x10100000L >> >> So (your) libressl is providing this define. We compile our code using >> GCC and CLANG regularly, with OpenSSL v1.0.x which is the currently >> officially supported one. >> >> Aki >> >> >> On 02.11.2016 12:34, Ruga wrote: >>> dovecot 2.2.26.0 uses the following functions, which are not >>> available on libressl 2.4.3: >>> >>> HMAC_CTX_new >>> HMAC_CTX_free >>> EVP_PKEY_get0_EC_KEY >>> EVP_PKEY_get0_RSA >>> OBJ_length >>> EVP_MD_CTX_new >>> EVP_MD_CTX_free >>> >>> The result of calling a non-existent function is a runtime error, >>> and we do not want that on production servers. >>> >>> >>> >>> >>> >>> >>> >>> There are additional problems. I recommend compiling with clang-llvm >>> 3.9.0 >>> to see them all. >>> >>> >>> >>> >>> >>> >>> >>> -------- Original Message -------- >>> Subject: Re: v2.2.26.0 released >>> Local Time: 1 November 2016 7:30 PM >>> UTC Time: 1 November 2016 18:30 >>> From: aki.tuomi at dovecot.fi >>> To: Dovecot Mailing List , Ruga >>> >>> >>> OpenSSL v1.0.1 is enough. >>> >>> Aki >>> >>>> On November 1, 2016 at 7:46 PM Ruga wrote: >>>> >>>> >>>> Hello, >>>> >>>> We cannot upgrade from 2.2.24, because we use libressl and the newer >>>> dovecot versions demand openssl v1.1. >>>> >>>> Please add the new library requirement to the INSTALL file. >>>> >>>> All the best. >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> -------- Original Message -------- >>>> Subject: v2.2.26.0 released >>>> Local Time: 28 October 2016 6:51 PM >>>> UTC Time: 28 October 2016 16:51 >>>> From: tss at iki.fi >>>> To: dovecot-news at dovecot.org, Dovecot Mailing List >>>> >>>> >>>> http://dovecot.org/releases/2.2/dovecot-2.2.26.0.tar.gz >>>> http://dovecot.org/releases/2.2/dovecot-2.2.26.0.tar.gz.sig >>>> >>>> v2.2.26 had a couple of nasty bugs left in it, so here's a fixup >>>> release. The version number is also a little bit weird, but had to >>>> be done this way (although 2.2.26.0.1 could have been another >>>> possibility). >>>> >>>> - Fixed some compiling issues. >>>> - auth: Fixed assert-crash when using NTLM or SKEY mechanisms and >>>> multiple passdbs. >>>> - auth: Fixed crash when exporting to auth-worker passdb extra fields >>>> that had empty values. >>>> - dsync: Fixed assert-crash in dsync_brain_sync_mailbox_deinit From larryrtx at gmail.com Wed Nov 2 13:50:31 2016 From: larryrtx at gmail.com (larryrtx) Date: Wed, 02 Nov 2016 08:50:31 -0500 Subject: doveadm index: can't index a different namespace? Message-ID: <89e6o20i6pexeetab6u7qklv.1478094631803@email.android.com> Anything else I can provide ?? Sent from my Sprint Samsung Galaxy S7. -------- Original message --------From: Larry Rosenman Date: 11/1/16 1:37 PM (GMT-06:00) To: Aki Tuomi Cc: Dovecot Mailing List Subject: Re: doveadm index: can't index a different namespace? Nothing in them from what I can see..... Nov ?1 13:25:14 thebighonker dovecot: indexer-worker(mrm): Debug: fs: root=/home/mrm/mail, index=, indexpvt=, control=, inbox=/home/mrm/mail/INBOX, alt=Nov ?1 13:25:14 thebighonker dovecot: indexer-worker(mrm): Debug: Namespace archive: type=private, prefix=#ARCHIVE/, sep=/, inbox=no, hidden=no, list=no, subscriptions=yes location=mbox:~/MAILARCHIVENov ?1 13:25:14 thebighonker dovecot: indexer-worker(mrm): Debug: mbox: INBOX defaulted to /home/mrm/MAILARCHIVE/inboxNov ?1 13:25:14 thebighonker dovecot: indexer-worker(mrm): Debug: fs: root=/home/mrm/MAILARCHIVE, index=, indexpvt=, control=, inbox=/home/mrm/MAILARCHIVE/inbox, alt=Nov ?1 13:25:14 thebighonker exim[6544]: 1c1dkI-0001gw-B7 => mrm R=localuser T=dovecot_lmtp S=11532 C="250 2.0.0 pfbVHwreGFhQFgAAu+mOrA Saved" QT=0s DT=0sNov ?1 13:25:14 thebighonker exim[6544]: 1c1dkI-0001gw-B7 Completed QT=0sNov ?1 13:25:15 thebighonker dovecot: indexer-worker(mrm): Debug: Mailbox INBOX: Opened mail UID=447860 because: fts indexingNov ?1 13:25:15 thebighonker dovecot: indexer-worker(mrm): Indexed 1 messages in INBOXNov ?1 13:25:19 thebighonker exim[6519]: H=(ylmf-pc) [69.64.78.83]:57747 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pcNov ?1 13:25:27 thebighonker dovecot: imap-login: Login: user=, method=PLAIN, rip=2001:470:1f0f:3ad:223:7dff:fe9e:6e8a, lip=2001:470:1f0f:3ad:223:7dff:fe9e:6e8a, mpid=6583, TLS, session=Nov ?1 13:25:27 thebighonker dovecot: imap(ler): Debug: Loading modules from directory: /usr/local/lib/dovecotNov ?1 13:25:27 thebighonker dovecot: imap(ler): Debug: Module loaded: /usr/local/lib/dovecot/lib15_notify_plugin.soNov ?1 13:25:27 thebighonker dovecot: imap(ler): Debug: Module loaded: /usr/local/lib/dovecot/lib20_fts_plugin.soNov ?1 13:25:27 thebighonker dovecot: imap(ler): Debug: Module loaded: /usr/local/lib/dovecot/lib20_mail_log_plugin.soNov ?1 13:25:27 thebighonker dovecot: imap(ler): Debug: Module loaded: /usr/local/lib/dovecot/lib21_fts_lucene_plugin.soNov ?1 13:25:27 thebighonker dovecot: imap(ler): Debug: Module loaded: /usr/local/lib/dovecot/lib90_stats_plugin.soNov ?1 13:25:27 thebighonker dovecot: imap(ler): Debug: Module loaded: /usr/local/lib/dovecot/lib95_imap_stats_plugin.soNov ?1 13:25:27 thebighonker dovecot: imap(ler): Debug: Effective uid=1001, gid=1001, home=/home/lerNov ?1 13:25:27 thebighonker dovecot: imap(ler): Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=mbox:~/mail:INBOX=~/mail/INBOXNov ?1 13:25:27 thebighonker dovecot: imap(ler): Debug: fs: root=/home/ler/mail, index=, indexpvt=, control=, inbox=/home/ler/mail/INBOX, alt=Nov ?1 13:25:27 thebighonker dovecot: imap(ler): Debug: Namespace archive: type=private, prefix=#ARCHIVE/, sep=/, inbox=no, hidden=no, list=no, subscriptions=yes location=mbox:~/MAILARCHIVENov ?1 13:25:27 thebighonker dovecot: imap(ler): Debug: mbox: INBOX defaulted to /home/ler/MAILARCHIVE/inboxNov ?1 13:25:27 thebighonker dovecot: imap(ler): Debug: fs: root=/home/ler/MAILARCHIVE, index=, indexpvt=, control=, inbox=/home/ler/MAILARCHIVE/inbox, alt=Nov ?1 13:25:27 thebighonker dovecot: imap(ler): Logged out in=6049 out=63372 fhc=50 fhb=22424 fbc=0 fbb=0 del=0 exp=0 trash=0Nov ?1 13:25:29 thebighonker exim[6561]: H=(ylmf-pc) [69.64.78.83]:63376 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pcNov ?1 13:25:39 thebighonker exim[6585]: H=(ylmf-pc) [69.64.78.83]:60216 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pcNov ?1 13:25:46 thebighonker exim[6588]: no host name found for IP address 125.123.158.215Nov ?1 13:25:47 thebighonker exim[6588]: H=(qrhx) [125.123.158.215]:60710 I=[192.147.25.65]:25 F= rejected RCPT <3371453348 at qq.com>: RBL: found in zen.spamhaus.org (127.0.0.11) (https://www.spamhaus.org/query/ip/125.123.158.215)Nov ?1 13:25:48 thebighonker exim[6588]: unexpected disconnection while reading SMTP command from (qrhx) [125.123.158.215]:60710 I=[192.147.25.65]:25Nov ?1 13:25:49 thebighonker exim[6590]: H=(ylmf-pc) [69.64.78.83]:60073 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pcNov ?1 13:25:59 thebighonker exim[6608]: H=(ylmf-pc) [69.64.78.83]:60168 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pcNov ?1 13:26:09 thebighonker exim[6613]: H=(ylmf-pc) [69.64.78.83]:55031 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pcNov ?1 13:26:15 thebighonker dovecot: imap-login: Login: user=, method=PLAIN, rip=2600:1:d613:48fb:b5da:4a31:b4b6:7ff8, lip=2001:470:1f0f:3ad:223:7dff:fe9e:6e8a, mpid=6645, TLS, session=Nov ?1 13:26:15 thebighonker dovecot: imap(ler): Debug: Loading modules from directory: /usr/local/lib/dovecotNov ?1 13:26:15 thebighonker dovecot: imap(ler): Debug: Module loaded: /usr/local/lib/dovecot/lib15_notify_plugin.soNov ?1 13:26:15 thebighonker dovecot: imap(ler): Debug: Module loaded: /usr/local/lib/dovecot/lib20_fts_plugin.soNov ?1 13:26:15 thebighonker dovecot: imap(ler): Debug: Module loaded: /usr/local/lib/dovecot/lib20_mail_log_plugin.soNov ?1 13:26:15 thebighonker dovecot: imap(ler): Debug: Module loaded: /usr/local/lib/dovecot/lib21_fts_lucene_plugin.soNov ?1 13:26:15 thebighonker dovecot: imap(ler): Debug: Module loaded: /usr/local/lib/dovecot/lib90_stats_plugin.soNov ?1 13:26:15 thebighonker dovecot: imap(ler): Debug: Module loaded: /usr/local/lib/dovecot/lib95_imap_stats_plugin.soNov ?1 13:26:15 thebighonker dovecot: imap(ler): Debug: Effective uid=1001, gid=1001, home=/home/lerNov ?1 13:26:15 thebighonker dovecot: imap(ler): Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=mbox:~/mail:INBOX=~/mail/INBOXNov ?1 13:26:15 thebighonker dovecot: imap(ler): Debug: fs: root=/home/ler/mail, index=, indexpvt=, control=, inbox=/home/ler/mail/INBOX, alt= I can provide fuller logs, but doveadm running on the server seems to log all to it's ownsrdout/stderr On Tue, Nov 1, 2016 at 1:32 PM, Aki Tuomi wrote: Server logs would be appreciated. Aki > On November 1, 2016 at 8:30 PM Larry Rosenman wrote: > > > doveadm -D? -vvvvvv index? \#ARCHIVE/\* garners the below for ALL mailboxes > in the > namespace: > doveadm(ler): Error: Mailbox #ARCHIVE/2013/04/clamav-rules: Status lookup > failed: Internal error occurred. Refer to server log for more information. > [2016-11-01 13:25:21] > doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't > selectable > doveadm(ler): Error: Mailbox #ARCHIVE/2013/04/SA/FN: Status lookup failed: > Internal error occurred. Refer to server log for more information. > [2016-11-01 13:25:21] > thebighonker.lerctr.org ~ $ > > doveconf -n attached. > > 2.2.26.0, pigeonhole 0.4.16, clucene from FreeBSD ports. > > What else do we need here? > > > > -- > Larry Rosenman? ? ? ? ? ? ? ? ? ? ?http://www.lerctr.org/~ler > Phone: +1 214-642-9640 (c)? ? ?E-Mail: larryrtx at gmail.com > US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 -- Larry Rosenman? ? ? ? ? ? ? ? ? ?? http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) ? ? E-Mail: larryrtx at gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From doctor at doctor.nl2k.ab.ca Wed Nov 2 17:03:35 2016 From: doctor at doctor.nl2k.ab.ca (The Doctor) Date: Wed, 2 Nov 2016 11:03:35 -0600 Subject: Dovecot Issues on FreeBSD 10.3 and FreebSD 11.0 Message-ID: <20161102170335.GA4023@doctor.nl2k.ab.ca> Hello everyone. I see we are having issues with dovecot 2.226.0 in the FreeBSD world. I did run dovecot-2.2.26.rc1 myself and did not see repeat problem in POP3 or IMAP issue customers were reporting. I see this repeat issue in dovecot 2.26.0 either port or compiled similarly. So the question begs way so many problem in BSD after the initial release and not in rc1 ? -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Time for the USA to hold a referendum on its republic and vote to dissolve!! From tss at iki.fi Wed Nov 2 17:13:40 2016 From: tss at iki.fi (Timo Sirainen) Date: Wed, 2 Nov 2016 19:13:40 +0200 Subject: No stats under FreeBSD 10.3 In-Reply-To: References: Message-ID: <12BC0BB8-8A18-43CD-879A-02DF43F701F3@iki.fi> On 01 Nov 2016, at 22:31, Ruud Boon wrote: > > HI, > > I?m currently testing the stats module of Dovecot (2.2.26.0 (23d1de6)) > Looks like there no statistics under FreeBSD. > Server isn?t busy yet but got at least a few connection open. See if there are any errors in logs. I guess mail-stats fifo doesn't have enough permissions so that imap/pop3/lmtp can connect to it. From tss at iki.fi Wed Nov 2 17:15:17 2016 From: tss at iki.fi (Timo Sirainen) Date: Wed, 2 Nov 2016 19:15:17 +0200 Subject: Repeat e-mail syndrome shows up in 2.2.26+ In-Reply-To: <20161101162637.GA26017@doctor.nl2k.ab.ca> References: <20161101162637.GA26017@doctor.nl2k.ab.ca> Message-ID: On 01 Nov 2016, at 18:26, The Doctor wrote: > > Getting complaints from people about pop/imap > > issues. > > some people are getting repaeted e-mail. > > Other are not able to delete their e-mails from an IMAP lcient. Anything in error logs? POP3 duplicates sound like IMAP UIDs were changed (or are still changing?) From tss at iki.fi Wed Nov 2 17:17:25 2016 From: tss at iki.fi (Timo Sirainen) Date: Wed, 2 Nov 2016 19:17:25 +0200 Subject: doveadm index: can't index a different namespace? In-Reply-To: References: Message-ID: On 01 Nov 2016, at 20:30, Larry Rosenman wrote: > > doveadm -D -vvvvvv index \#ARCHIVE/\* garners the below for ALL mailboxes > in the > namespace: > doveadm(ler): Error: Mailbox #ARCHIVE/2013/04/clamav-rules: Status lookup > failed: Internal error occurred. Refer to server log for more information. > [2016-11-01 13:25:21] > doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't > selectable You're using mbox format and "clamav-rules" is a directory. I guess doveadm should be ignoring non-selectable mailboxes. From larryrtx at gmail.com Wed Nov 2 17:18:44 2016 From: larryrtx at gmail.com (Larry Rosenman) Date: Wed, 2 Nov 2016 12:18:44 -0500 Subject: No stats under FreeBSD 10.3 In-Reply-To: <12BC0BB8-8A18-43CD-879A-02DF43F701F3@iki.fi> References: <12BC0BB8-8A18-43CD-879A-02DF43F701F3@iki.fi> Message-ID: prw-rw-rw- 1 root wheel 0 Nov 1 13:09 stats-mail prw------- 1 root wheel 0 Nov 1 13:09 stats-user drwxr-x--- 2 root dovenull 4 Nov 1 13:09 token-login If something other than root is trying to write to stats-user, we found the issue. this is on 10.3-STABLE On Wed, Nov 2, 2016 at 12:13 PM, Timo Sirainen wrote: > On 01 Nov 2016, at 22:31, Ruud Boon wrote: > > > > HI, > > > > I?m currently testing the stats module of Dovecot (2.2.26.0 (23d1de6)) > > Looks like there no statistics under FreeBSD. > > Server isn?t busy yet but got at least a few connection open. > > See if there are any errors in logs. I guess mail-stats fifo doesn't have > enough permissions so that imap/pop3/lmtp can connect to it. > -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From larryrtx at gmail.com Wed Nov 2 17:19:58 2016 From: larryrtx at gmail.com (Larry Rosenman) Date: Wed, 2 Nov 2016 12:19:58 -0500 Subject: doveadm index: can't index a different namespace? In-Reply-To: References: Message-ID: clamav-rules is NOT a directory, nor are any of the others: thebighonker.lerctr.org ~/MAILARCHIVE $ cd 2016/10 thebighonker.lerctr.org ~/MAILARCHIVE/2016/10 $ ls -l total 72106 -rw-r--r-- 1 ler ler 440461 Nov 1 00:05 Amplify_Mail -rw-r--r-- 1 ler ler 104102478 Nov 1 14:53 INBOX drwxr-xr-x 3 ler ler 4 Nov 1 00:05 SA -rw-r--r-- 1 ler ler 21083767 Nov 1 00:05 SENT -rw-r--r-- 1 ler ler 1850677 Nov 1 00:05 SPAM -rw-r--r-- 1 ler ler 36483 Nov 1 00:05 UFCU_Mail -rw-r--r-- 1 ler ler 460073 Nov 1 00:05 bacula -rw-r--r-- 1 ler ler 1107098 Nov 1 00:05 bayes-update -rw-r--r-- 1 ler ler 3884041 Nov 1 00:05 clamav-rules -rw-r--r-- 1 ler ler 652132 Nov 1 00:05 firewall drwxr-xr-x 11 ler ler 20 Nov 1 00:05 lists -rw-r--r-- 1 ler ler 25122465 Nov 1 00:05 root-mail -rw-r--r-- 1 ler ler 44553 Nov 1 00:05 satelliteguys -rw-r--r-- 1 ler ler 625628 Nov 1 00:05 wview thebighonker.lerctr.org ~/MAILARCHIVE/2016/10 $ On Wed, Nov 2, 2016 at 12:17 PM, Timo Sirainen wrote: > On 01 Nov 2016, at 20:30, Larry Rosenman wrote: > > > > doveadm -D -vvvvvv index \#ARCHIVE/\* garners the below for ALL > mailboxes > > in the > > namespace: > > doveadm(ler): Error: Mailbox #ARCHIVE/2013/04/clamav-rules: Status lookup > > failed: Internal error occurred. Refer to server log for more > information. > > [2016-11-01 13:25:21] > > doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't > > selectable > > You're using mbox format and "clamav-rules" is a directory. I guess > doveadm should be ignoring non-selectable mailboxes. > > -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From tss at iki.fi Wed Nov 2 17:22:57 2016 From: tss at iki.fi (Timo Sirainen) Date: Wed, 2 Nov 2016 19:22:57 +0200 Subject: doveadm index: can't index a different namespace? In-Reply-To: References: Message-ID: <7643DFB7-F3F9-47A8-8B28-558DD8930BFC@iki.fi> On 02 Nov 2016, at 19:19, Larry Rosenman wrote: > > clamav-rules is NOT a directory, nor are any of the others: Can you access these mboxes at all with Dovecot? e.g. doveadm mailbox status -u user at domain clamav-rules > thebighonker.lerctr.org ~/MAILARCHIVE $ cd 2016/10 > thebighonker.lerctr.org ~/MAILARCHIVE/2016/10 $ ls -l > total 72106 > -rw-r--r-- 1 ler ler 440461 Nov 1 00:05 Amplify_Mail > -rw-r--r-- 1 ler ler 104102478 Nov 1 14:53 INBOX > drwxr-xr-x 3 ler ler 4 Nov 1 00:05 SA > -rw-r--r-- 1 ler ler 21083767 Nov 1 00:05 SENT > -rw-r--r-- 1 ler ler 1850677 Nov 1 00:05 SPAM > -rw-r--r-- 1 ler ler 36483 Nov 1 00:05 UFCU_Mail > -rw-r--r-- 1 ler ler 460073 Nov 1 00:05 bacula > -rw-r--r-- 1 ler ler 1107098 Nov 1 00:05 bayes-update > -rw-r--r-- 1 ler ler 3884041 Nov 1 00:05 clamav-rules > -rw-r--r-- 1 ler ler 652132 Nov 1 00:05 firewall > drwxr-xr-x 11 ler ler 20 Nov 1 00:05 lists > -rw-r--r-- 1 ler ler 25122465 Nov 1 00:05 root-mail > -rw-r--r-- 1 ler ler 44553 Nov 1 00:05 satelliteguys > -rw-r--r-- 1 ler ler 625628 Nov 1 00:05 wview > thebighonker.lerctr.org ~/MAILARCHIVE/2016/10 $ > > On Wed, Nov 2, 2016 at 12:17 PM, Timo Sirainen wrote: > >> On 01 Nov 2016, at 20:30, Larry Rosenman wrote: >>> >>> doveadm -D -vvvvvv index \#ARCHIVE/\* garners the below for ALL >> mailboxes >>> in the >>> namespace: >>> doveadm(ler): Error: Mailbox #ARCHIVE/2013/04/clamav-rules: Status lookup >>> failed: Internal error occurred. Refer to server log for more >> information. >>> [2016-11-01 13:25:21] >>> doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't >>> selectable >> >> You're using mbox format and "clamav-rules" is a directory. I guess >> doveadm should be ignoring non-selectable mailboxes. >> >> > > > -- > Larry Rosenman http://www.lerctr.org/~ler > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com > US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From larryrtx at gmail.com Wed Nov 2 17:25:46 2016 From: larryrtx at gmail.com (Larry Rosenman) Date: Wed, 2 Nov 2016 12:25:46 -0500 Subject: doveadm index: can't index a different namespace? In-Reply-To: <7643DFB7-F3F9-47A8-8B28-558DD8930BFC@iki.fi> References: <7643DFB7-F3F9-47A8-8B28-558DD8930BFC@iki.fi> Message-ID: thebighonker.lerctr.org ~ $ doveadm mailbox status -u ler at lerctr.org vsize \#ARCHIVE/2016/10/clamav-rules #ARCHIVE/2016/10/clamav-rules vsize=3840752 thebighonker.lerctr.org ~ $ On Wed, Nov 2, 2016 at 12:22 PM, Timo Sirainen wrote: > On 02 Nov 2016, at 19:19, Larry Rosenman wrote: > > > > clamav-rules is NOT a directory, nor are any of the others: > > Can you access these mboxes at all with Dovecot? e.g. > > doveadm mailbox status -u user at domain clamav-rules > > > thebighonker.lerctr.org ~/MAILARCHIVE $ cd 2016/10 > > thebighonker.lerctr.org ~/MAILARCHIVE/2016/10 $ ls -l > > total 72106 > > -rw-r--r-- 1 ler ler 440461 Nov 1 00:05 Amplify_Mail > > -rw-r--r-- 1 ler ler 104102478 Nov 1 14:53 INBOX > > drwxr-xr-x 3 ler ler 4 Nov 1 00:05 SA > > -rw-r--r-- 1 ler ler 21083767 Nov 1 00:05 SENT > > -rw-r--r-- 1 ler ler 1850677 Nov 1 00:05 SPAM > > -rw-r--r-- 1 ler ler 36483 Nov 1 00:05 UFCU_Mail > > -rw-r--r-- 1 ler ler 460073 Nov 1 00:05 bacula > > -rw-r--r-- 1 ler ler 1107098 Nov 1 00:05 bayes-update > > -rw-r--r-- 1 ler ler 3884041 Nov 1 00:05 clamav-rules > > -rw-r--r-- 1 ler ler 652132 Nov 1 00:05 firewall > > drwxr-xr-x 11 ler ler 20 Nov 1 00:05 lists > > -rw-r--r-- 1 ler ler 25122465 Nov 1 00:05 root-mail > > -rw-r--r-- 1 ler ler 44553 Nov 1 00:05 satelliteguys > > -rw-r--r-- 1 ler ler 625628 Nov 1 00:05 wview > > thebighonker.lerctr.org ~/MAILARCHIVE/2016/10 $ > > > > On Wed, Nov 2, 2016 at 12:17 PM, Timo Sirainen wrote: > > > >> On 01 Nov 2016, at 20:30, Larry Rosenman wrote: > >>> > >>> doveadm -D -vvvvvv index \#ARCHIVE/\* garners the below for ALL > >> mailboxes > >>> in the > >>> namespace: > >>> doveadm(ler): Error: Mailbox #ARCHIVE/2013/04/clamav-rules: Status > lookup > >>> failed: Internal error occurred. Refer to server log for more > >> information. > >>> [2016-11-01 13:25:21] > >>> doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox > isn't > >>> selectable > >> > >> You're using mbox format and "clamav-rules" is a directory. I guess > >> doveadm should be ignoring non-selectable mailboxes. > >> > >> > > > > > > -- > > Larry Rosenman http://www.lerctr.org/~ler > > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com > > US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 > > -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From matthew.broadhead at nbmlaw.co.uk Wed Nov 2 17:29:39 2016 From: matthew.broadhead at nbmlaw.co.uk (Matthew Broadhead) Date: Wed, 2 Nov 2016 18:29:39 +0100 Subject: sieve sending vacation message from vmail@ns1.domain.tld In-Reply-To: <0c0eaf7f-e65c-e31d-443f-21f3e3ae4fd2@nbmlaw.co.uk> References: <71b362e8-3a69-076d-6376-2f3bbd39d0eb@nbmlaw.co.uk> <94941225-09d0-1440-1733-3884cc6dcd67@rename-it.nl> <7cdadba3-fd03-7d8c-1235-b428018a081c@nbmlaw.co.uk> <55712b3a-4812-f0a6-c9f9-59efcdac79f7@rename-it.nl> <8260ce16-bc94-e3a9-13d1-f1204e6ae525@rename-it.nl> <344d3d36-b905-5a90-e0ea-17d556076838@nbmlaw.co.uk> <9b47cb74-0aa7-4851-11f0-5a367341a63b@nbmlaw.co.uk> <4aa89a3c-937f-a1e6-3871-1df196ac7af2@rename-it.nl> <0c0eaf7f-e65c-e31d-443f-21f3e3ae4fd2@nbmlaw.co.uk> Message-ID: <15a908f9-2820-d056-e221-984c0a994e77@nbmlaw.co.uk> is there something more i need to be doing my end? On 25/10/2016 09:11, Matthew Broadhead wrote: > are there any instructions or tests i can make to check the sieve > configuration? or does the magic all happen internally and there are > no settings to change? > > On 21/10/2016 10:22, Matthew Broadhead wrote: >> the server is using CentOS 7 and that is the package that comes >> through yum. everything is up to date. i am hesitant to install a >> new package manually as that could cause other compatibility issues? >> is there another way to test the configuration on the server? >> >> On 21/10/2016 01:07, Stephan Bosch wrote: >>> Op 10/20/2016 om 7:38 PM schreef Matthew Broadhead: >>>> do i need to provide more information? >>>> >>> It still doesn't make sense to me. I do notice that the version you're >>> using is ancient (dated 26-09-2013), which may well the problem. >>> >>> Do have the ability to upgrade? >>> >>> Regards, >>> >>> Stephan. >>> >>>> On 19/10/2016 14:49, Matthew Broadhead wrote: >>>>> /var/log/maillog showed this >>>>> Oct 19 13:25:41 ns1 postfix/smtpd[1298]: 7599A2C19C6: >>>>> client=unknown[127.0.0.1] >>>>> Oct 19 13:25:41 ns1 postfix/cleanup[1085]: 7599A2C19C6: >>>>> message-id= >>>>> Oct 19 13:25:41 ns1 postfix/qmgr[1059]: 7599A2C19C6: >>>>> from=, size=3190, nrcpt=1 (queue >>>>> active) >>>>> Oct 19 13:25:41 ns1 amavis[32367]: (32367-17) Passed CLEAN >>>>> {RelayedInternal}, ORIGINATING LOCAL [80.30.255.180]:54566 >>>>> [80.30.255.180] -> >>>>> , Queue-ID: BFFA62C1965, Message-ID: >>>>> , mail_id: >>>>> TlJQ9xQhWjQk, Hits: -2.9, size: 2235, queued_as: 7599A2C19C6, >>>>> dkim_new=foo:nbmlaw.co.uk, 531 ms >>>>> Oct 19 13:25:41 ns1 postfix/smtp[1135]: BFFA62C1965: >>>>> to=, relay=127.0.0.1[127.0.0.1]:10026, >>>>> delay=0.76, delays=0.22/0/0/0.53, dsn=2.0.0, status=sent (250 2.0.0 >>>>> from MTA(smtp:[127.0.0.1]:10027): 250 2.0.0 Ok: queued as >>>>> 7599A2C19C6) >>>>> Oct 19 13:25:41 ns1 postfix/qmgr[1059]: BFFA62C1965: removed >>>>> Oct 19 13:25:41 ns1 postfix/smtpd[1114]: connect from >>>>> ns1.nbmlaw.co.uk[217.174.253.19] >>>>> Oct 19 13:25:41 ns1 postfix/smtpd[1114]: NOQUEUE: filter: RCPT from >>>>> ns1.nbmlaw.co.uk[217.174.253.19]: : Sender >>>>> address triggers FILTER smtp-amavis:[127.0.0.1]:10026; >>>>> from= to= >>>>> proto=SMTP helo= >>>>> Oct 19 13:25:41 ns1 postfix/smtpd[1114]: 8A03F2C1965: >>>>> client=ns1.nbmlaw.co.uk[217.174.253.19] >>>>> Oct 19 13:25:41 ns1 postfix/cleanup[1085]: 8A03F2C1965: >>>>> message-id= >>>>> Oct 19 13:25:41 ns1 opendmarc[2430]: implicit authentication service: >>>>> ns1.nbmlaw.co.uk >>>>> Oct 19 13:25:41 ns1 opendmarc[2430]: 8A03F2C1965: ns1.nbmlaw.co.uk >>>>> fail >>>>> Oct 19 13:25:41 ns1 postfix/qmgr[1059]: 8A03F2C1965: >>>>> from=, size=1077, nrcpt=1 (queue active) >>>>> Oct 19 13:25:41 ns1 postfix/smtpd[1114]: disconnect from >>>>> ns1.nbmlaw.co.uk[217.174.253.19] >>>>> Oct 19 13:25:41 ns1 sSMTP[1895]: Sent mail for vmail at ns1.nbmlaw.co.uk >>>>> (221 2.0.0 Bye) uid=996 username=vmail outbytes=971 >>>>> Oct 19 13:25:41 ns1 postfix/smtpd[1898]: connect from >>>>> unknown[127.0.0.1] >>>>> Oct 19 13:25:41 ns1 postfix/pipe[1162]: 7599A2C19C6: >>>>> to=, relay=dovecot, delay=0.46, >>>>> delays=0/0/0/0.45, dsn=2.0.0, status=sent (delivered via dovecot >>>>> service) >>>>> Oct 19 13:25:41 ns1 postfix/qmgr[1059]: 7599A2C19C6: removed >>>>> Oct 19 13:25:41 ns1 postfix/smtpd[1898]: E53472C19C6: >>>>> client=unknown[127.0.0.1] >>>>> Oct 19 13:25:41 ns1 postfix/cleanup[1085]: E53472C19C6: >>>>> message-id= >>>>> Oct 19 13:25:41 ns1 postfix/qmgr[1059]: E53472C19C6: >>>>> from=, size=1619, nrcpt=1 (queue active) >>>>> Oct 19 13:25:41 ns1 amavis[1885]: (01885-01) Passed CLEAN >>>>> {RelayedInternal}, ORIGINATING LOCAL [217.174.253.19]:40960 >>>>> [217.174.253.19] -> >>>>> , Queue-ID: 8A03F2C1965, Message-ID: >>>>> , mail_id: >>>>> mOMO97yjVqjM, Hits: -2.211, size: 1301, queued_as: E53472C19C6, >>>>> 296 ms >>>>> Oct 19 13:25:41 ns1 postfix/smtp[1217]: 8A03F2C1965: >>>>> to=, >>>>> relay=127.0.0.1[127.0.0.1]:10026, delay=0.38, delays=0.08/0/0/0.29, >>>>> dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10027): >>>>> 250 2.0.0 Ok: queued as E53472C19C6) >>>>> Oct 19 13:25:41 ns1 postfix/qmgr[1059]: 8A03F2C1965: removed >>>>> Oct 19 13:25:42 ns1 postfix/pipe[1303]: E53472C19C6: >>>>> to=, relay=dovecot, delay=0.14, >>>>> delays=0/0/0/0.14, dsn=2.0.0, status=sent (delivered via dovecot >>>>> service) >>>>> Oct 19 13:25:42 ns1 postfix/qmgr[1059]: E53472C19C6: removed >>>>> >>>>> On 19/10/2016 13:54, Stephan Bosch wrote: >>>>>> >>>>>> Op 19-10-2016 om 13:47 schreef Matthew Broadhead: >>>>>>> i am not 100% sure how to give you the information you require. >>>>>>> >>>>>>> my current setup in /etc/postfix/master.cf is >>>>>>> flags=DRhu user=vmail:mail argv=/usr/libexec/dovecot/deliver -d >>>>>>> ${recipient} >>>>>>> so recipient would presumably be user at domain.tld? or do you want >>>>>>> the real email address of one of our users? is there some way i >>>>>>> can output this information directly e.g. in logs? >>>>>> I am no Postfix expert. I just need to know which values are being >>>>>> passed to dovecot-lda with what options. I'd assume Postfix allows >>>>>> logging the command line or at least the values of these variables. >>>>>> >>>>>>> the incoming email message could be anything? again i can run an >>>>>>> example directly if you can advise the best way to do this >>>>>> As long as the problem occurs with this message. >>>>>> >>>>>> BTW, it would also be helpful to have the Dovecot logs from this >>>>>> delivery, with mail_debug configured to "yes". >>>>>> >>>>>> Regards, >>>>>> >>>>>> Stephan. >>>>>> >>>>>>> On 19/10/2016 12:54, Stephan Bosch wrote: >>>>>>>> Also, please provide an example scenario; i.e., for one >>>>>>>> problematic delivery provide: >>>>>>>> >>>>>>>> - The values of the variables substituted in the dovecot-lda >>>>>>>> command line; i.e., provide that command line. >>>>>>>> - The incoming e-mail message. >>>>>>>> >>>>>>>> Regards, >>>>>>>> >>>>>>>> Stephan. >>>>>>>> >>>>>>>> Op 19-10-2016 om 12:43 schreef Matthew Broadhead: >>>>>>>>> dovecot is configured by sentora control panel to a certain >>>>>>>>> extent. if you want those configs i can send them as well >>>>>>>>> >>>>>>>>> dovecot -n >>>>>>>>> >>>>>>>>> debug_log_path = /var/log/dovecot-debug.log >>>>>>>>> dict { >>>>>>>>> quotadict = >>>>>>>>> mysql:/etc/sentora/configs/dovecot2/dovecot-dict-quota.conf >>>>>>>>> } >>>>>>>>> disable_plaintext_auth = no >>>>>>>>> first_valid_gid = 12 >>>>>>>>> first_valid_uid = 996 >>>>>>>>> info_log_path = /var/log/dovecot-info.log >>>>>>>>> lda_mailbox_autocreate = yes >>>>>>>>> lda_mailbox_autosubscribe = yes >>>>>>>>> listen = * >>>>>>>>> lmtp_save_to_detail_mailbox = yes >>>>>>>>> log_path = /var/log/dovecot.log >>>>>>>>> log_timestamp = %Y-%m-%d %H:%M:%S >>>>>>>>> mail_fsync = never >>>>>>>>> mail_location = maildir:/var/sentora/vmail/%d/%n >>>>>>>>> managesieve_notify_capability = mailto >>>>>>>>> managesieve_sieve_capability = fileinto reject envelope >>>>>>>>> encoded-character vacation subaddress comparator-i;ascii-numeric >>>>>>>>> relational regex imap4flags copy include variables body enotify >>>>>>>>> environment mailbox date ihave >>>>>>>>> passdb { >>>>>>>>> args = /etc/sentora/configs/dovecot2/dovecot-mysql.conf >>>>>>>>> driver = sql >>>>>>>>> } >>>>>>>>> plugin { >>>>>>>>> acl = vfile:/etc/dovecot/acls >>>>>>>>> quota = maildir:User quota >>>>>>>>> sieve = ~/dovecot.sieve >>>>>>>>> sieve_dir = ~/sieve >>>>>>>>> sieve_global_dir = /var/sentora/sieve/ >>>>>>>>> sieve_global_path = /var/sentora/sieve/globalfilter.sieve >>>>>>>>> sieve_max_script_size = 1M >>>>>>>>> sieve_vacation_send_from_recipient = yes >>>>>>>>> trash = /etc/sentora/configs/dovecot2/dovecot-trash.conf >>>>>>>>> } >>>>>>>>> protocols = imap pop3 lmtp sieve >>>>>>>>> service auth { >>>>>>>>> unix_listener /var/spool/postfix/private/auth { >>>>>>>>> group = postfix >>>>>>>>> mode = 0666 >>>>>>>>> user = postfix >>>>>>>>> } >>>>>>>>> unix_listener auth-userdb { >>>>>>>>> group = mail >>>>>>>>> mode = 0666 >>>>>>>>> user = vmail >>>>>>>>> } >>>>>>>>> } >>>>>>>>> service dict { >>>>>>>>> unix_listener dict { >>>>>>>>> group = mail >>>>>>>>> mode = 0666 >>>>>>>>> user = vmail >>>>>>>>> } >>>>>>>>> } >>>>>>>>> service imap-login { >>>>>>>>> inet_listener imap { >>>>>>>>> port = 143 >>>>>>>>> } >>>>>>>>> process_limit = 500 >>>>>>>>> process_min_avail = 2 >>>>>>>>> } >>>>>>>>> service imap { >>>>>>>>> vsz_limit = 256 M >>>>>>>>> } >>>>>>>>> service managesieve-login { >>>>>>>>> inet_listener sieve { >>>>>>>>> port = 4190 >>>>>>>>> } >>>>>>>>> process_min_avail = 0 >>>>>>>>> service_count = 1 >>>>>>>>> vsz_limit = 64 M >>>>>>>>> } >>>>>>>>> service pop3-login { >>>>>>>>> inet_listener pop3 { >>>>>>>>> port = 110 >>>>>>>>> } >>>>>>>>> } >>>>>>>>> ssl_cert = >>>>>>>> ssl_key = >>>>>>>> ssl_protocols = !SSLv2 !SSLv3 >>>>>>>>> userdb { >>>>>>>>> driver = prefetch >>>>>>>>> } >>>>>>>>> userdb { >>>>>>>>> args = /etc/sentora/configs/dovecot2/dovecot-mysql.conf >>>>>>>>> driver = sql >>>>>>>>> } >>>>>>>>> protocol lda { >>>>>>>>> mail_fsync = optimized >>>>>>>>> mail_plugins = quota sieve >>>>>>>>> postmaster_address = postmaster at ns1.nbmlaw.co.uk >>>>>>>>> } >>>>>>>>> protocol imap { >>>>>>>>> imap_client_workarounds = delay-newmail >>>>>>>>> mail_fsync = optimized >>>>>>>>> mail_max_userip_connections = 60 >>>>>>>>> mail_plugins = quota imap_quota trash >>>>>>>>> } >>>>>>>>> protocol lmtp { >>>>>>>>> mail_plugins = quota sieve >>>>>>>>> } >>>>>>>>> protocol pop3 { >>>>>>>>> mail_plugins = quota >>>>>>>>> pop3_client_workarounds = outlook-no-nuls oe-ns-eoh >>>>>>>>> pop3_uidl_format = %08Xu%08Xv >>>>>>>>> } >>>>>>>>> protocol sieve { >>>>>>>>> managesieve_implementation_string = Dovecot Pigeonhole >>>>>>>>> managesieve_max_compile_errors = 5 >>>>>>>>> managesieve_max_line_length = 65536 >>>>>>>>> } >>>>>>>>> >>>>>>>>> managesieve.sieve >>>>>>>>> >>>>>>>>> require ["fileinto","vacation"]; >>>>>>>>> # rule:[vacation] >>>>>>>>> if true >>>>>>>>> { >>>>>>>>> vacation :days 1 :subject "Vacation subject" text: >>>>>>>>> i am currently out of the office >>>>>>>>> >>>>>>>>> trying some line breaks >>>>>>>>> >>>>>>>>> ...zzz >>>>>>>>> . >>>>>>>>> ; >>>>>>>>> } >>>>>>>>> >>>>>>>>> On 19/10/2016 12:29, Stephan Bosch wrote: >>>>>>>>>> Could you send your configuration (output from `dovecot -n`)? >>>>>>>>>> >>>>>>>>>> Also, please provide an example scenario; i.e., for one >>>>>>>>>> problematic delivery provide: >>>>>>>>>> >>>>>>>>>> - The values of the variables substituted below. >>>>>>>>>> >>>>>>>>>> - The incoming e-mail message. >>>>>>>>>> >>>>>>>>>> - The Sieve script (or at least that vacation command). >>>>>>>>>> >>>>>>>>>> Regards, >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> Stephan. >>>>>>>>>> >>>>>>>>>> Op 19-10-2016 om 11:42 schreef Matthew Broadhead: >>>>>>>>>>> hi, does anyone have any ideas about this issue? i have not >>>>>>>>>>> had any response yet >>>>>>>>>>> >>>>>>>>>>> i tried changing /etc/postfix/master.cf line: >>>>>>>>>>> dovecot unix - n n - - pipe >>>>>>>>>>> flags=DRhu user=vmail:mail argv=/usr/libexec/dovecot/deliver -d >>>>>>>>>>> ${recipient} >>>>>>>>>>> >>>>>>>>>>> to >>>>>>>>>>> flags=DRhu user=vmail:mail >>>>>>>>>>> argv=/usr/libexec/dovecot/dovecot-lda -f ${sender} -d >>>>>>>>>>> ${user}@${nexthop} -a ${original_recipient} >>>>>>>>>>> >>>>>>>>>>> and >>>>>>>>>>> -d ${user}@${domain} -a {recipient} -f ${sender} -m >>>>>>>>>>> ${extension} >>>>>>>>>>> >>>>>>>>>>> but it didn't work >>>>>>>>>>> >>>>>>>>>>> On 12/10/2016 13:57, Matthew Broadhead wrote: >>>>>>>>>>>> I have a server running >>>>>>>>>>>> centos-release-7-2.1511.el7.centos.2.10.x86_64 with dovecot >>>>>>>>>>>> version 2.2.10. I am also using roundcube for webmail. when a >>>>>>>>>>>> vacation filter (reply with message) is created in roundcube >>>>>>>>>>>> it adds a rule to managesieve.sieve in the user's mailbox. >>>>>>>>>>>> everything works fine except the reply comes from >>>>>>>>>>>> vmail at ns1.domain.tld instead of user at domain.tld. >>>>>>>>>>>> ns1.domain.tld is the fully qualified name of the server. >>>>>>>>>>>> >>>>>>>>>>>> it used to work fine on my old CentOS 6 server so I am not >>>>>>>>>>>> sure what has changed. Can anyone point me in the direction >>>>>>>>>>>> of where I can configure this behaviour? From tss at iki.fi Wed Nov 2 17:30:39 2016 From: tss at iki.fi (Timo Sirainen) Date: Wed, 2 Nov 2016 19:30:39 +0200 Subject: doveadm index: can't index a different namespace? In-Reply-To: References: <7643DFB7-F3F9-47A8-8B28-558DD8930BFC@iki.fi> Message-ID: <0CE4811F-EDA3-47E8-8266-5ED5ECA53533@iki.fi> It's getting a bit strange. You were running 2.2.25 previously and it was working then? Does the doveadm index always fail with the same errors? Also I just noticed that it's saying INBOX isn't selectable: "lucene: Failed to sync mailbox INBOX: Mailbox isn't selectable". Which I guess isn't true. It seems to be failing somewhat randomly.. > On 02 Nov 2016, at 19:25, Larry Rosenman wrote: > > thebighonker.lerctr.org ~ $ doveadm mailbox status -u ler at lerctr.org vsize \#ARCHIVE/2016/10/clamav-rules > #ARCHIVE/2016/10/clamav-rules vsize=3840752 > thebighonker.lerctr.org ~ $ > > > > On Wed, Nov 2, 2016 at 12:22 PM, Timo Sirainen > wrote: > On 02 Nov 2016, at 19:19, Larry Rosenman > wrote: > > > > clamav-rules is NOT a directory, nor are any of the others: > > Can you access these mboxes at all with Dovecot? e.g. > > doveadm mailbox status -u user at domain clamav-rules > > > thebighonker.lerctr.org ~/MAILARCHIVE $ cd 2016/10 > > thebighonker.lerctr.org ~/MAILARCHIVE/2016/10 $ ls -l > > total 72106 > > -rw-r--r-- 1 ler ler 440461 Nov 1 00:05 Amplify_Mail > > -rw-r--r-- 1 ler ler 104102478 Nov 1 14:53 INBOX > > drwxr-xr-x 3 ler ler 4 Nov 1 00:05 SA > > -rw-r--r-- 1 ler ler 21083767 Nov 1 00:05 SENT > > -rw-r--r-- 1 ler ler 1850677 Nov 1 00:05 SPAM > > -rw-r--r-- 1 ler ler 36483 Nov 1 00:05 UFCU_Mail > > -rw-r--r-- 1 ler ler 460073 Nov 1 00:05 bacula > > -rw-r--r-- 1 ler ler 1107098 Nov 1 00:05 bayes-update > > -rw-r--r-- 1 ler ler 3884041 Nov 1 00:05 clamav-rules > > -rw-r--r-- 1 ler ler 652132 Nov 1 00:05 firewall > > drwxr-xr-x 11 ler ler 20 Nov 1 00:05 lists > > -rw-r--r-- 1 ler ler 25122465 Nov 1 00:05 root-mail > > -rw-r--r-- 1 ler ler 44553 Nov 1 00:05 satelliteguys > > -rw-r--r-- 1 ler ler 625628 Nov 1 00:05 wview > > thebighonker.lerctr.org ~/MAILARCHIVE/2016/10 $ > > > > On Wed, Nov 2, 2016 at 12:17 PM, Timo Sirainen > wrote: > > > >> On 01 Nov 2016, at 20:30, Larry Rosenman > wrote: > >>> > >>> doveadm -D -vvvvvv index \#ARCHIVE/\* garners the below for ALL > >> mailboxes > >>> in the > >>> namespace: > >>> doveadm(ler): Error: Mailbox #ARCHIVE/2013/04/clamav-rules: Status lookup > >>> failed: Internal error occurred. Refer to server log for more > >> information. > >>> [2016-11-01 13:25:21] > >>> doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't > >>> selectable > >> > >> You're using mbox format and "clamav-rules" is a directory. I guess > >> doveadm should be ignoring non-selectable mailboxes. > >> > >> > > > > > > -- > > Larry Rosenman http://www.lerctr.org/~ler > > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com > > US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 > > > > > -- > Larry Rosenman http://www.lerctr.org/~ler > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com > US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From larryrtx at gmail.com Wed Nov 2 17:32:28 2016 From: larryrtx at gmail.com (Larry Rosenman) Date: Wed, 2 Nov 2016 12:32:28 -0500 Subject: doveadm index: can't index a different namespace? In-Reply-To: <0CE4811F-EDA3-47E8-8266-5ED5ECA53533@iki.fi> References: <7643DFB7-F3F9-47A8-8B28-558DD8930BFC@iki.fi> <0CE4811F-EDA3-47E8-8266-5ED5ECA53533@iki.fi> Message-ID: It's ALWAYS failed on the other NAMESPACE. Some of the logging looks weird as well for the 2nd namespace: Nov 2 12:32:03 thebighonker dovecot: imap-login: Login: user=, method=PLAIN, rip=207.231.91.36, lip=192.147.25.65, mpid=76712, TLS, session= Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Loading modules from directory: /usr/local/lib/dovecot Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: /usr/local/lib/dovecot/lib15_notify_plugin.so Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: /usr/local/lib/dovecot/lib20_fts_plugin.so Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: /usr/local/lib/dovecot/lib20_mail_log_plugin.so Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: /usr/local/lib/dovecot/lib21_fts_lucene_plugin.so Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: /usr/local/lib/dovecot/lib90_stats_plugin.so Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: /usr/local/lib/dovecot/lib95_imap_stats_plugin.so Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Effective uid=1004, gid=1004, home=/home/mrm Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=mbox:~/mail:INBOX=~/mail/INBOX Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: fs: root=/home/mrm/mail, index=, indexpvt=, control=, inbox=/home/mrm/mail/INBOX, alt= Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Namespace archive: type=private, prefix=#ARCHIVE/, sep=/, inbox=no, hidden=no, list=no, subscriptions=yes location=mbox:~/MAILARCHIVE Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: mbox: INBOX defaulted to /home/mrm/MAILARCHIVE/inbox Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: fs: root=/home/mrm/MAILARCHIVE, index=, indexpvt=, control=, inbox=/home/mrm/MAILARCHIVE/inbox, alt= On Wed, Nov 2, 2016 at 12:30 PM, Timo Sirainen wrote: > It's getting a bit strange. You were running 2.2.25 previously and it was > working then? Does the doveadm index always fail with the same errors? > > Also I just noticed that it's saying INBOX isn't selectable: "lucene: > Failed to sync mailbox INBOX: Mailbox isn't selectable". Which I guess > isn't true. It seems to be failing somewhat randomly.. > > On 02 Nov 2016, at 19:25, Larry Rosenman wrote: > > thebighonker.lerctr.org ~ $ doveadm mailbox status -u ler at lerctr.org > vsize \#ARCHIVE/2016/10/clamav-rules > #ARCHIVE/2016/10/clamav-rules vsize=3840752 > thebighonker.lerctr.org ~ $ > > > > On Wed, Nov 2, 2016 at 12:22 PM, Timo Sirainen wrote: > >> On 02 Nov 2016, at 19:19, Larry Rosenman wrote: >> > >> > clamav-rules is NOT a directory, nor are any of the others: >> >> Can you access these mboxes at all with Dovecot? e.g. >> >> doveadm mailbox status -u user at domain clamav-rules >> >> > thebighonker.lerctr.org ~/MAILARCHIVE $ cd 2016/10 >> > thebighonker.lerctr.org ~/MAILARCHIVE/2016/10 $ ls -l >> > total 72106 >> > -rw-r--r-- 1 ler ler 440461 Nov 1 00:05 Amplify_Mail >> > -rw-r--r-- 1 ler ler 104102478 Nov 1 14:53 INBOX >> > drwxr-xr-x 3 ler ler 4 Nov 1 00:05 SA >> > -rw-r--r-- 1 ler ler 21083767 Nov 1 00:05 SENT >> > -rw-r--r-- 1 ler ler 1850677 Nov 1 00:05 SPAM >> > -rw-r--r-- 1 ler ler 36483 Nov 1 00:05 UFCU_Mail >> > -rw-r--r-- 1 ler ler 460073 Nov 1 00:05 bacula >> > -rw-r--r-- 1 ler ler 1107098 Nov 1 00:05 bayes-update >> > -rw-r--r-- 1 ler ler 3884041 Nov 1 00:05 clamav-rules >> > -rw-r--r-- 1 ler ler 652132 Nov 1 00:05 firewall >> > drwxr-xr-x 11 ler ler 20 Nov 1 00:05 lists >> > -rw-r--r-- 1 ler ler 25122465 Nov 1 00:05 root-mail >> > -rw-r--r-- 1 ler ler 44553 Nov 1 00:05 satelliteguys >> > -rw-r--r-- 1 ler ler 625628 Nov 1 00:05 wview >> > thebighonker.lerctr.org ~/MAILARCHIVE/2016/10 $ >> > >> > On Wed, Nov 2, 2016 at 12:17 PM, Timo Sirainen wrote: >> > >> >> On 01 Nov 2016, at 20:30, Larry Rosenman wrote: >> >>> >> >>> doveadm -D -vvvvvv index \#ARCHIVE/\* garners the below for ALL >> >> mailboxes >> >>> in the >> >>> namespace: >> >>> doveadm(ler): Error: Mailbox #ARCHIVE/2013/04/clamav-rules: Status >> lookup >> >>> failed: Internal error occurred. Refer to server log for more >> >> information. >> >>> [2016-11-01 13:25:21] >> >>> doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox >> isn't >> >>> selectable >> >> >> >> You're using mbox format and "clamav-rules" is a directory. I guess >> >> doveadm should be ignoring non-selectable mailboxes. >> >> >> >> >> > >> > >> > -- >> > Larry Rosenman http://www.lerctr.org/~ler >> > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com >> > US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 >> >> > > > -- > Larry Rosenman http://www.lerctr.org/~ler > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com > US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 > > > -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From larryrtx at gmail.com Wed Nov 2 17:52:45 2016 From: larryrtx at gmail.com (Larry Rosenman) Date: Wed, 2 Nov 2016 12:52:45 -0500 Subject: No stats under FreeBSD 10.3 In-Reply-To: References: <12BC0BB8-8A18-43CD-879A-02DF43F701F3@iki.fi> Message-ID: I added the following to 90-plugin.conf: .... service stats { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = stats extra_groups = fifo_listener stats-mail { group = mode = 0666 user = } fifo_listener stats-user { group = mode = 0666 user = } .... and now: srw-rw-rw- 1 root wheel 0 Nov 2 12:47 stats prw-rw-rw- 1 root wheel 0 Nov 2 12:47 stats-mail prw-rw-rw- 1 root wheel 0 Nov 2 12:47 stats-user and I get stats. On Wed, Nov 2, 2016 at 12:18 PM, Larry Rosenman wrote: > prw-rw-rw- 1 root wheel 0 Nov 1 13:09 stats-mail > prw------- 1 root wheel 0 Nov 1 13:09 stats-user > drwxr-x--- 2 root dovenull 4 Nov 1 13:09 token-login > > If something other than root is trying to write to stats-user, we found > the issue. > > this is on 10.3-STABLE > > On Wed, Nov 2, 2016 at 12:13 PM, Timo Sirainen wrote: > >> On 01 Nov 2016, at 22:31, Ruud Boon wrote: >> > >> > HI, >> > >> > I?m currently testing the stats module of Dovecot (2.2.26.0 (23d1de6)) >> > Looks like there no statistics under FreeBSD. >> > Server isn?t busy yet but got at least a few connection open. >> >> See if there are any errors in logs. I guess mail-stats fifo doesn't have >> enough permissions so that imap/pop3/lmtp can connect to it. >> > > > > -- > Larry Rosenman http://www.lerctr.org/~ler > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com > US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 > -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From stu at spacehopper.org Wed Nov 2 17:54:31 2016 From: stu at spacehopper.org (Stuart Henderson) Date: Wed, 2 Nov 2016 17:54:31 +0000 (UTC) Subject: v2.2.26.0 released References: <6CB829CF-3BC6-4089-BB35-01BAA0F99EF7@iki.fi> <2DPmCI1mgp2koi_0oYFWJH-gJcbEuuOBPsetrVc4PAc5DzGdYo7poC8kpl_QfNlEngkhYlb0djFfQf4opgG6CuAkts_o12hOqX4LXj-zgDU=@protonmail.com> <1138840967.2628.1478025011098@appsuite-dev.open-xchange.com> <4fe2e1ec-4e02-e74a-6a1f-10e8b98c9880@dovecot.fi> <3b684169-119b-4ea7-7c90-45713cc44763@domblogger.net> <7c906b32-e5f8-3479-2d22-84b28fdb4507@domblogger.net> Message-ID: On 2016-11-02, Aki Tuomi wrote: > If the standard way works, I am happy to include the original patch I > sent, amended so that it checks for presence of LIBRESSL_VERSION_NUMBER. > If they keep this promise, then we should have no worries about things > breaking up. Diff below is what I've added to OpenBSD ports. The libressl API is not cast in stone, there's a possibility some functions from newer OpenSSL might be added - in fact we already have some like TLS_method. 0x20000000L was specifically chosen to not match up with anything OpenSSL had used because they aren't directly comparable. In general I think the best approach would be for feature checks, e.g. in autoconf. (I wish there was some common m4 file shared between projects that people could use for this..) In the absence of this, it seems a better idea to check at the places where #ifdefs are done rather than override OPENSSL_VERSION_NUMBER locally. I don't think carrying patches like this separately is all that good an idea - people may well compile things on their own and not know about the problem. If the build fails that's not so bad, but the silent miscompile we see here is pretty nasty. --- src/lib-dcrypt/dcrypt-openssl.c.orig Wed Nov 2 12:11:31 2016 +++ src/lib-dcrypt/dcrypt-openssl.c Wed Nov 2 12:22:26 2016 @@ -67,7 +67,7 @@ 2key algo oid1symmetric algo namesalthash algoroundsE(RSA = i2d_PrivateKey, EC=Private Point)key id **/ -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) #define EVP_PKEY_get0_EC_KEY(x) x->pkey.ec #define EVP_PKEY_get0_RSA(x) x->pkey.rsa #define OBJ_length(o) ((o)->length) @@ -90,7 +90,7 @@ struct dcrypt_context_symmetric { struct dcrypt_context_hmac { pool_t pool; const EVP_MD *md; -#if OPENSSL_VERSION_NUMBER >= 0x10100000L +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) HMAC_CTX *ctx; #else HMAC_CTX ctx; @@ -427,7 +427,7 @@ static void dcrypt_openssl_ctx_hmac_destroy(struct dcrypt_context_hmac **ctx) { pool_t pool = (*ctx)->pool; -#if OPENSSL_VERSION_NUMBER >= 0x10100000L +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) if ((*ctx)->ctx) HMAC_CTX_free((*ctx)->ctx); #else HMAC_cleanup(&((*ctx)->ctx)); @@ -470,7 +470,7 @@ bool dcrypt_openssl_ctx_hmac_init(struct dcrypt_contex { int ec; i_assert(ctx->md != NULL); -#if OPENSSL_VERSION_NUMBER >= 0x10100000L +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) ctx->ctx = HMAC_CTX_new(); if (ctx->ctx == NULL) return dcrypt_openssl_error(error_r); ec = HMAC_Init_ex(ctx->ctx, ctx->key, ctx->klen, ctx->md, NULL); @@ -484,7 +484,7 @@ static bool dcrypt_openssl_ctx_hmac_update(struct dcrypt_context_hmac *ctx, const unsigned char *data, size_t data_len, const char **error_r) { int ec; -#if OPENSSL_VERSION_NUMBER >= 0x10100000L +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) ec = HMAC_Update(ctx->ctx, data, data_len); #else ec = HMAC_Update(&(ctx->ctx), data, data_len); @@ -498,7 +498,7 @@ bool dcrypt_openssl_ctx_hmac_final(struct dcrypt_conte int ec; unsigned char buf[HMAC_MAX_MD_CBLOCK]; unsigned int outl; -#if OPENSSL_VERSION_NUMBER >= 0x10100000L +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) ec = HMAC_Final(ctx->ctx, buf, &outl); HMAC_CTX_free(ctx->ctx); ctx->ctx = NULL; @@ -2133,7 +2133,7 @@ bool dcrypt_openssl_public_key_id_evp(EVP_PKEY *key, c long len = BIO_get_mem_data(b, &ptr); unsigned int hlen = sizeof(buf); /* then hash it */ -#if OPENSSL_VERSION_NUMBER >= 0x10100000L +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) EVP_MD_CTX *ctx = EVP_MD_CTX_new(); #else EVP_MD_CTX *ctx = EVP_MD_CTX_create(); @@ -2147,7 +2147,7 @@ bool dcrypt_openssl_public_key_id_evp(EVP_PKEY *key, c buffer_append(result, buf, hlen); res = TRUE; } -#if OPENSSL_VERSION_NUMBER >= 0x10100000L +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) EVP_MD_CTX_free(ctx); #else EVP_MD_CTX_destroy(ctx); --- src/lib-ssl-iostream/dovecot-openssl-common.c.orig Wed Nov 2 12:11:31 2016 +++ src/lib-ssl-iostream/dovecot-openssl-common.c Wed Nov 2 12:21:04 2016 @@ -10,7 +10,7 @@ static int openssl_init_refcount = 0; static ENGINE *dovecot_openssl_engine; -#if OPENSSL_VERSION_NUMBER >= 0x10100000L +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) static void *dovecot_openssl_malloc(size_t size, const char *u0 ATTR_UNUSED, int u1 ATTR_UNUSED) #else static void *dovecot_openssl_malloc(size_t size) @@ -26,7 +26,7 @@ static void *dovecot_openssl_malloc(size_t size) return mem; } -#if OPENSSL_VERSION_NUMBER >= 0x10100000L +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) static void *dovecot_openssl_realloc(void *ptr, size_t size, const char *u0 ATTR_UNUSED, int u1 ATTR_UNUSED) #else static void *dovecot_openssl_realloc(void *ptr, size_t size) @@ -40,7 +40,7 @@ static void *dovecot_openssl_realloc(void *ptr, size_t return mem; } -#if OPENSSL_VERSION_NUMBER >= 0x10100000L +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) static void dovecot_openssl_free(void *ptr, const char *u0 ATTR_UNUSED, int u1 ATTR_UNUSED) #else static void dovecot_openssl_free(void *ptr) @@ -97,7 +97,7 @@ bool dovecot_openssl_common_global_unref(void) CRYPTO_cleanup_all_ex_data(); #if OPENSSL_VERSION_NUMBER < 0x10000000L ERR_remove_state(0); -#elif OPENSSL_VERSION_NUMBER < 0x10100000L +#elif OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) ERR_remove_thread_state(NULL); #endif ERR_free_strings(); From aki.tuomi at dovecot.fi Wed Nov 2 18:06:27 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Wed, 2 Nov 2016 20:06:27 +0200 Subject: v2.2.26.0 released In-Reply-To: References: <6CB829CF-3BC6-4089-BB35-01BAA0F99EF7@iki.fi> <2DPmCI1mgp2koi_0oYFWJH-gJcbEuuOBPsetrVc4PAc5DzGdYo7poC8kpl_QfNlEngkhYlb0djFfQf4opgG6CuAkts_o12hOqX4LXj-zgDU=@protonmail.com> <1138840967.2628.1478025011098@appsuite-dev.open-xchange.com> <4fe2e1ec-4e02-e74a-6a1f-10e8b98c9880@dovecot.fi> <3b684169-119b-4ea7-7c90-45713cc44763@domblogger.net> <7c906b32-e5f8-3479-2d22-84b28fdb4507@domblogger.net> Message-ID: On 02.11.2016 19:54, Stuart Henderson wrote: > On 2016-11-02, Aki Tuomi wrote: >> If the standard way works, I am happy to include the original patch I >> sent, amended so that it checks for presence of LIBRESSL_VERSION_NUMBER. >> If they keep this promise, then we should have no worries about things >> breaking up. > Diff below is what I've added to OpenBSD ports. > > The libressl API is not cast in stone, there's a possibility some > functions from newer OpenSSL might be added - in fact we already have > some like TLS_method. 0x20000000L was specifically chosen to not > match up with anything OpenSSL had used because they aren't directly > comparable. > > In general I think the best approach would be for feature checks, e.g. > in autoconf. (I wish there was some common m4 file shared between > projects that people could use for this..) In the absence of this, > it seems a better idea to check at the places where #ifdefs are done > rather than override OPENSSL_VERSION_NUMBER locally. > > I don't think carrying patches like this separately is all that good an > idea - people may well compile things on their own and not know about > the problem. If the build fails that's not so bad, but the silent > miscompile we see here is pretty nasty. > > > Thank you for the patch. My personal opinion is that it is also bit nasty to pretend to support some API/ABI but provide false version numbers. https://wiki.openssl.org/index.php/1.1_API_Changes, this is what OpenSSL recommends to use for handling backwards compability with older versions. As you can see, it uses < test. Now you are claiming to be v2.0.0, which means that there is no reasonable way to use OPENSSL_VERSION to determine whether some particular feature is there or not. Yes, we could test each function separately, but that would kinda beat the point of having a VERSION header in the first place, and also adds up for the ifdef hell by forcing us to check for each and every openssl function that has changed since 1.0.0 and use that particular ifdef. It would've been, again in my opinion, to keep the VERSION in libressl to match with the API you are providing instead of choosing some abstract value that can will mess up with everyone's code. If you add features to your API from OpenSSL, you can update the version number to match with the API you provide. Just my 0.02?. Aki From larryrtx at gmail.com Wed Nov 2 18:10:56 2016 From: larryrtx at gmail.com (Larry Rosenman) Date: Wed, 2 Nov 2016 13:10:56 -0500 Subject: doveadm index: can't index a different namespace? In-Reply-To: References: <7643DFB7-F3F9-47A8-8B28-558DD8930BFC@iki.fi> <0CE4811F-EDA3-47E8-8266-5ED5ECA53533@iki.fi> Message-ID: FWIW it DOES work on my default NAMESPACE, just not the #ARCHIVE/ NAMESPACE. On Wed, Nov 2, 2016 at 12:32 PM, Larry Rosenman wrote: > It's ALWAYS failed on the other NAMESPACE. > > Some of the logging looks weird as well for the 2nd namespace: > > Nov 2 12:32:03 thebighonker dovecot: imap-login: Login: user=, > method=PLAIN, rip=207.231.91.36, lip=192.147.25.65, mpid=76712, TLS, > session= > Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Loading modules > from directory: /usr/local/lib/dovecot > Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: > /usr/local/lib/dovecot/lib15_notify_plugin.so > Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: > /usr/local/lib/dovecot/lib20_fts_plugin.so > Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: > /usr/local/lib/dovecot/lib20_mail_log_plugin.so > Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: > /usr/local/lib/dovecot/lib21_fts_lucene_plugin.so > Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: > /usr/local/lib/dovecot/lib90_stats_plugin.so > Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: > /usr/local/lib/dovecot/lib95_imap_stats_plugin.so > Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Effective > uid=1004, gid=1004, home=/home/mrm > Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Namespace inbox: > type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, > subscriptions=yes location=mbox:~/mail:INBOX=~/mail/INBOX > Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: fs: > root=/home/mrm/mail, index=, indexpvt=, control=, > inbox=/home/mrm/mail/INBOX, alt= > Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Namespace archive: > type=private, prefix=#ARCHIVE/, sep=/, inbox=no, hidden=no, list=no, > subscriptions=yes location=mbox:~/MAILARCHIVE > Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: mbox: INBOX > defaulted to /home/mrm/MAILARCHIVE/inbox > Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: fs: > root=/home/mrm/MAILARCHIVE, index=, indexpvt=, control=, > inbox=/home/mrm/MAILARCHIVE/inbox, alt= > > > > On Wed, Nov 2, 2016 at 12:30 PM, Timo Sirainen wrote: > >> It's getting a bit strange. You were running 2.2.25 previously and it was >> working then? Does the doveadm index always fail with the same errors? >> >> Also I just noticed that it's saying INBOX isn't selectable: "lucene: >> Failed to sync mailbox INBOX: Mailbox isn't selectable". Which I guess >> isn't true. It seems to be failing somewhat randomly.. >> >> On 02 Nov 2016, at 19:25, Larry Rosenman wrote: >> >> thebighonker.lerctr.org ~ $ doveadm mailbox status -u ler at lerctr.org >> vsize \#ARCHIVE/2016/10/clamav-rules >> #ARCHIVE/2016/10/clamav-rules vsize=3840752 >> thebighonker.lerctr.org ~ $ >> >> >> >> On Wed, Nov 2, 2016 at 12:22 PM, Timo Sirainen wrote: >> >>> On 02 Nov 2016, at 19:19, Larry Rosenman wrote: >>> > >>> > clamav-rules is NOT a directory, nor are any of the others: >>> >>> Can you access these mboxes at all with Dovecot? e.g. >>> >>> doveadm mailbox status -u user at domain clamav-rules >>> >>> > thebighonker.lerctr.org ~/MAILARCHIVE $ cd 2016/10 >>> > thebighonker.lerctr.org ~/MAILARCHIVE/2016/10 $ ls -l >>> > total 72106 >>> > -rw-r--r-- 1 ler ler 440461 Nov 1 00:05 Amplify_Mail >>> > -rw-r--r-- 1 ler ler 104102478 Nov 1 14:53 INBOX >>> > drwxr-xr-x 3 ler ler 4 Nov 1 00:05 SA >>> > -rw-r--r-- 1 ler ler 21083767 Nov 1 00:05 SENT >>> > -rw-r--r-- 1 ler ler 1850677 Nov 1 00:05 SPAM >>> > -rw-r--r-- 1 ler ler 36483 Nov 1 00:05 UFCU_Mail >>> > -rw-r--r-- 1 ler ler 460073 Nov 1 00:05 bacula >>> > -rw-r--r-- 1 ler ler 1107098 Nov 1 00:05 bayes-update >>> > -rw-r--r-- 1 ler ler 3884041 Nov 1 00:05 clamav-rules >>> > -rw-r--r-- 1 ler ler 652132 Nov 1 00:05 firewall >>> > drwxr-xr-x 11 ler ler 20 Nov 1 00:05 lists >>> > -rw-r--r-- 1 ler ler 25122465 Nov 1 00:05 root-mail >>> > -rw-r--r-- 1 ler ler 44553 Nov 1 00:05 satelliteguys >>> > -rw-r--r-- 1 ler ler 625628 Nov 1 00:05 wview >>> > thebighonker.lerctr.org ~/MAILARCHIVE/2016/10 $ >>> > >>> > On Wed, Nov 2, 2016 at 12:17 PM, Timo Sirainen wrote: >>> > >>> >> On 01 Nov 2016, at 20:30, Larry Rosenman wrote: >>> >>> >>> >>> doveadm -D -vvvvvv index \#ARCHIVE/\* garners the below for ALL >>> >> mailboxes >>> >>> in the >>> >>> namespace: >>> >>> doveadm(ler): Error: Mailbox #ARCHIVE/2013/04/clamav-rules: Status >>> lookup >>> >>> failed: Internal error occurred. Refer to server log for more >>> >> information. >>> >>> [2016-11-01 13:25:21] >>> >>> doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox >>> isn't >>> >>> selectable >>> >> >>> >> You're using mbox format and "clamav-rules" is a directory. I guess >>> >> doveadm should be ignoring non-selectable mailboxes. >>> >> >>> >> >>> > >>> > >>> > -- >>> > Larry Rosenman http://www.lerctr.org/~ler >>> > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com >>> > US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 >>> >>> >> >> >> -- >> Larry Rosenman http://www.lerctr.org/~ler >> Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com >> US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 >> >> >> > > > -- > Larry Rosenman http://www.lerctr.org/~ler > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com > US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 > -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From larryrtx at gmail.com Wed Nov 2 18:13:27 2016 From: larryrtx at gmail.com (Larry Rosenman) Date: Wed, 2 Nov 2016 13:13:27 -0500 Subject: doveadm index: can't index a different namespace? In-Reply-To: References: <7643DFB7-F3F9-47A8-8B28-558DD8930BFC@iki.fi> <0CE4811F-EDA3-47E8-8266-5ED5ECA53533@iki.fi> Message-ID: one other thing, fts_autoindex does NOT appear to be working on the #ARCHIVE/ NAMESPACE. I wonder if these are all interrelated? On Wed, Nov 2, 2016 at 1:10 PM, Larry Rosenman wrote: > FWIW it DOES work on my default NAMESPACE, just not the #ARCHIVE/ > NAMESPACE. > > > On Wed, Nov 2, 2016 at 12:32 PM, Larry Rosenman > wrote: > >> It's ALWAYS failed on the other NAMESPACE. >> >> Some of the logging looks weird as well for the 2nd namespace: >> >> Nov 2 12:32:03 thebighonker dovecot: imap-login: Login: user=, >> method=PLAIN, rip=207.231.91.36, lip=192.147.25.65, mpid=76712, TLS, >> session= >> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Loading modules >> from directory: /usr/local/lib/dovecot >> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: >> /usr/local/lib/dovecot/lib15_notify_plugin.so >> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: >> /usr/local/lib/dovecot/lib20_fts_plugin.so >> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: >> /usr/local/lib/dovecot/lib20_mail_log_plugin.so >> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: >> /usr/local/lib/dovecot/lib21_fts_lucene_plugin.so >> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: >> /usr/local/lib/dovecot/lib90_stats_plugin.so >> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: >> /usr/local/lib/dovecot/lib95_imap_stats_plugin.so >> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Effective >> uid=1004, gid=1004, home=/home/mrm >> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Namespace inbox: >> type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, >> subscriptions=yes location=mbox:~/mail:INBOX=~/mail/INBOX >> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: fs: >> root=/home/mrm/mail, index=, indexpvt=, control=, >> inbox=/home/mrm/mail/INBOX, alt= >> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Namespace >> archive: type=private, prefix=#ARCHIVE/, sep=/, inbox=no, hidden=no, >> list=no, subscriptions=yes location=mbox:~/MAILARCHIVE >> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: mbox: INBOX >> defaulted to /home/mrm/MAILARCHIVE/inbox >> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: fs: >> root=/home/mrm/MAILARCHIVE, index=, indexpvt=, control=, >> inbox=/home/mrm/MAILARCHIVE/inbox, alt= >> >> >> >> On Wed, Nov 2, 2016 at 12:30 PM, Timo Sirainen wrote: >> >>> It's getting a bit strange. You were running 2.2.25 previously and it >>> was working then? Does the doveadm index always fail with the same errors? >>> >>> Also I just noticed that it's saying INBOX isn't selectable: "lucene: >>> Failed to sync mailbox INBOX: Mailbox isn't selectable". Which I guess >>> isn't true. It seems to be failing somewhat randomly.. >>> >>> On 02 Nov 2016, at 19:25, Larry Rosenman wrote: >>> >>> thebighonker.lerctr.org ~ $ doveadm mailbox status -u ler at lerctr.org >>> vsize \#ARCHIVE/2016/10/clamav-rules >>> #ARCHIVE/2016/10/clamav-rules vsize=3840752 >>> thebighonker.lerctr.org ~ $ >>> >>> >>> >>> On Wed, Nov 2, 2016 at 12:22 PM, Timo Sirainen wrote: >>> >>>> On 02 Nov 2016, at 19:19, Larry Rosenman wrote: >>>> > >>>> > clamav-rules is NOT a directory, nor are any of the others: >>>> >>>> Can you access these mboxes at all with Dovecot? e.g. >>>> >>>> doveadm mailbox status -u user at domain clamav-rules >>>> >>>> > thebighonker.lerctr.org ~/MAILARCHIVE $ cd 2016/10 >>>> > thebighonker.lerctr.org ~/MAILARCHIVE/2016/10 $ ls -l >>>> > total 72106 >>>> > -rw-r--r-- 1 ler ler 440461 Nov 1 00:05 Amplify_Mail >>>> > -rw-r--r-- 1 ler ler 104102478 Nov 1 14:53 INBOX >>>> > drwxr-xr-x 3 ler ler 4 Nov 1 00:05 SA >>>> > -rw-r--r-- 1 ler ler 21083767 Nov 1 00:05 SENT >>>> > -rw-r--r-- 1 ler ler 1850677 Nov 1 00:05 SPAM >>>> > -rw-r--r-- 1 ler ler 36483 Nov 1 00:05 UFCU_Mail >>>> > -rw-r--r-- 1 ler ler 460073 Nov 1 00:05 bacula >>>> > -rw-r--r-- 1 ler ler 1107098 Nov 1 00:05 bayes-update >>>> > -rw-r--r-- 1 ler ler 3884041 Nov 1 00:05 clamav-rules >>>> > -rw-r--r-- 1 ler ler 652132 Nov 1 00:05 firewall >>>> > drwxr-xr-x 11 ler ler 20 Nov 1 00:05 lists >>>> > -rw-r--r-- 1 ler ler 25122465 Nov 1 00:05 root-mail >>>> > -rw-r--r-- 1 ler ler 44553 Nov 1 00:05 satelliteguys >>>> > -rw-r--r-- 1 ler ler 625628 Nov 1 00:05 wview >>>> > thebighonker.lerctr.org ~/MAILARCHIVE/2016/10 $ >>>> > >>>> > On Wed, Nov 2, 2016 at 12:17 PM, Timo Sirainen wrote: >>>> > >>>> >> On 01 Nov 2016, at 20:30, Larry Rosenman wrote: >>>> >>> >>>> >>> doveadm -D -vvvvvv index \#ARCHIVE/\* garners the below for ALL >>>> >> mailboxes >>>> >>> in the >>>> >>> namespace: >>>> >>> doveadm(ler): Error: Mailbox #ARCHIVE/2013/04/clamav-rules: Status >>>> lookup >>>> >>> failed: Internal error occurred. Refer to server log for more >>>> >> information. >>>> >>> [2016-11-01 13:25:21] >>>> >>> doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox >>>> isn't >>>> >>> selectable >>>> >> >>>> >> You're using mbox format and "clamav-rules" is a directory. I guess >>>> >> doveadm should be ignoring non-selectable mailboxes. >>>> >> >>>> >> >>>> > >>>> > >>>> > -- >>>> > Larry Rosenman http://www.lerctr.org/~ler >>>> > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com >>>> > US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 >>>> >>>> >>> >>> >>> -- >>> Larry Rosenman http://www.lerctr.org/~ler >>> Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com >>> US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 >>> >>> >>> >> >> >> -- >> Larry Rosenman http://www.lerctr.org/~ler >> Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com >> US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 >> > > > > -- > Larry Rosenman http://www.lerctr.org/~ler > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com > US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 > -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From tss at iki.fi Wed Nov 2 18:25:25 2016 From: tss at iki.fi (Timo Sirainen) Date: Wed, 2 Nov 2016 20:25:25 +0200 Subject: doveadm index: can't index a different namespace? In-Reply-To: References: <7643DFB7-F3F9-47A8-8B28-558DD8930BFC@iki.fi> <0CE4811F-EDA3-47E8-8266-5ED5ECA53533@iki.fi> Message-ID: <2A752732-C8C5-459A-B47E-106EEBEF01AA@iki.fi> It looks like fts-lucene wants to write some information into INBOX's index files. But your archive namespace doesn't have a working INBOX. Maybe it would work if you create "#ARCHIVE/inbox"? > On 02 Nov 2016, at 20:13, Larry Rosenman wrote: > > one other thing, fts_autoindex does NOT appear to be working on the > #ARCHIVE/ NAMESPACE. > > I wonder if these are all interrelated? > > On Wed, Nov 2, 2016 at 1:10 PM, Larry Rosenman > wrote: > FWIW it DOES work on my default NAMESPACE, just not the #ARCHIVE/ NAMESPACE. > > > On Wed, Nov 2, 2016 at 12:32 PM, Larry Rosenman > wrote: > It's ALWAYS failed on the other NAMESPACE. > > Some of the logging looks weird as well for the 2nd namespace: > > Nov 2 12:32:03 thebighonker dovecot: imap-login: Login: user=, method=PLAIN, rip=207.231.91.36, lip=192.147.25.65, mpid=76712, TLS, session= > Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Loading modules from directory: /usr/local/lib/dovecot > Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: /usr/local/lib/dovecot/lib15_notify_plugin.so > Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: /usr/local/lib/dovecot/lib20_fts_plugin.so > Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: /usr/local/lib/dovecot/lib20_mail_log_plugin.so > Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: /usr/local/lib/dovecot/lib21_fts_lucene_plugin.so > Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: /usr/local/lib/dovecot/lib90_stats_plugin.so > Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: /usr/local/lib/dovecot/lib95_imap_stats_plugin.so > Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Effective uid=1004, gid=1004, home=/home/mrm > Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=mbox:~/mail:INBOX=~/mail/INBOX > Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: fs: root=/home/mrm/mail, index=, indexpvt=, control=, inbox=/home/mrm/mail/INBOX, alt= > Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Namespace archive: type=private, prefix=#ARCHIVE/, sep=/, inbox=no, hidden=no, list=no, subscriptions=yes location=mbox:~/MAILARCHIVE > Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: mbox: INBOX defaulted to /home/mrm/MAILARCHIVE/inbox > Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: fs: root=/home/mrm/MAILARCHIVE, index=, indexpvt=, control=, inbox=/home/mrm/MAILARCHIVE/inbox, alt= > > > > On Wed, Nov 2, 2016 at 12:30 PM, Timo Sirainen > wrote: > It's getting a bit strange. You were running 2.2.25 previously and it was working then? Does the doveadm index always fail with the same errors? > > Also I just noticed that it's saying INBOX isn't selectable: "lucene: Failed to sync mailbox INBOX: Mailbox isn't selectable". Which I guess isn't true. It seems to be failing somewhat randomly.. > >> On 02 Nov 2016, at 19:25, Larry Rosenman > wrote: >> >> thebighonker.lerctr.org ~ $ doveadm mailbox status -u ler at lerctr.org vsize \#ARCHIVE/2016/10/clamav-rules >> #ARCHIVE/2016/10/clamav-rules vsize=3840752 >> thebighonker.lerctr.org ~ $ >> >> >> >> On Wed, Nov 2, 2016 at 12:22 PM, Timo Sirainen > wrote: >> On 02 Nov 2016, at 19:19, Larry Rosenman > wrote: >> > >> > clamav-rules is NOT a directory, nor are any of the others: >> >> Can you access these mboxes at all with Dovecot? e.g. >> >> doveadm mailbox status -u user at domain clamav-rules >> >> > thebighonker.lerctr.org ~/MAILARCHIVE $ cd 2016/10 >> > thebighonker.lerctr.org ~/MAILARCHIVE/2016/10 $ ls -l >> > total 72106 >> > -rw-r--r-- 1 ler ler 440461 Nov 1 00:05 Amplify_Mail >> > -rw-r--r-- 1 ler ler 104102478 Nov 1 14:53 INBOX >> > drwxr-xr-x 3 ler ler 4 Nov 1 00:05 SA >> > -rw-r--r-- 1 ler ler 21083767 Nov 1 00:05 SENT >> > -rw-r--r-- 1 ler ler 1850677 Nov 1 00:05 SPAM >> > -rw-r--r-- 1 ler ler 36483 Nov 1 00:05 UFCU_Mail >> > -rw-r--r-- 1 ler ler 460073 Nov 1 00:05 bacula >> > -rw-r--r-- 1 ler ler 1107098 Nov 1 00:05 bayes-update >> > -rw-r--r-- 1 ler ler 3884041 Nov 1 00:05 clamav-rules >> > -rw-r--r-- 1 ler ler 652132 Nov 1 00:05 firewall >> > drwxr-xr-x 11 ler ler 20 Nov 1 00:05 lists >> > -rw-r--r-- 1 ler ler 25122465 Nov 1 00:05 root-mail >> > -rw-r--r-- 1 ler ler 44553 Nov 1 00:05 satelliteguys >> > -rw-r--r-- 1 ler ler 625628 Nov 1 00:05 wview >> > thebighonker.lerctr.org ~/MAILARCHIVE/2016/10 $ >> > >> > On Wed, Nov 2, 2016 at 12:17 PM, Timo Sirainen > wrote: >> > >> >> On 01 Nov 2016, at 20:30, Larry Rosenman > wrote: >> >>> >> >>> doveadm -D -vvvvvv index \#ARCHIVE/\* garners the below for ALL >> >> mailboxes >> >>> in the >> >>> namespace: >> >>> doveadm(ler): Error: Mailbox #ARCHIVE/2013/04/clamav-rules: Status lookup >> >>> failed: Internal error occurred. Refer to server log for more >> >> information. >> >>> [2016-11-01 13:25:21] >> >>> doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't >> >>> selectable >> >> >> >> You're using mbox format and "clamav-rules" is a directory. I guess >> >> doveadm should be ignoring non-selectable mailboxes. >> >> >> >> >> > >> > >> > -- >> > Larry Rosenman http://www.lerctr.org/~ler >> > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com >> > US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 >> >> >> >> >> -- >> Larry Rosenman http://www.lerctr.org/~ler >> Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com >> US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 > > > > > -- > Larry Rosenman http://www.lerctr.org/~ler > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com > US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 > > > > -- > Larry Rosenman http://www.lerctr.org/~ler > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com > US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 > > > > -- > Larry Rosenman http://www.lerctr.org/~ler > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com > US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From larryrtx at gmail.com Wed Nov 2 18:30:13 2016 From: larryrtx at gmail.com (Larry Rosenman) Date: Wed, 2 Nov 2016 13:30:13 -0500 Subject: doveadm index: can't index a different namespace? In-Reply-To: <2A752732-C8C5-459A-B47E-106EEBEF01AA@iki.fi> References: <7643DFB7-F3F9-47A8-8B28-558DD8930BFC@iki.fi> <0CE4811F-EDA3-47E8-8266-5ED5ECA53533@iki.fi> <2A752732-C8C5-459A-B47E-106EEBEF01AA@iki.fi> Message-ID: nope -- No difference thebighonker.lerctr.org ~ $ ls -l ~/MAILARCHIVE/ total 176 drwx------ 6 ler ler 7 May 25 2014 2004 drwx------ 8 ler ler 8 Mar 3 2013 2005 drwx------ 11 ler ler 11 Mar 3 2013 2006 drwx------ 11 ler ler 11 May 3 2013 2007 drwx------ 14 ler ler 14 Mar 3 2013 2008 drwx------ 14 ler ler 14 Mar 3 2013 2009 drwx------ 14 ler ler 14 Mar 3 2013 2010 drwx------ 15 ler ler 15 Mar 3 2013 2011 drwx------ 15 ler ler 15 Mar 3 2013 2012 drwx------ 14 ler ler 14 Dec 31 2013 2013 drwxr-xr-x 14 ler ler 14 Jan 1 2015 2014 drwxr-xr-x 14 ler ler 14 Jan 1 2016 2015 drwxr-xr-x 12 ler ler 12 Nov 1 00:05 2016 -rw-r--r-- 1 ler ler 0 Nov 2 13:26 inbox thebighonker.lerctr.org ~ $ doveadm(ler): Error: Mailbox #ARCHIVE/2013/04/Amplify_Mail: Status lookup failed: Internal error occurred. Refer to server log for more information. [2016-11-02 13:28:28] doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't selectable doveadm(ler): Error: Mailbox #ARCHIVE/2013/04/clamav-rules: Status lookup failed: Internal error occurred. Refer to server log for more information. [2016-11-02 13:28:28] doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't selectable doveadm(ler): Error: Mailbox #ARCHIVE/2013/04/SA/FN: Status lookup failed: Internal error occurred. Refer to server log for more information. [2016-11-02 13:28:28] thebighonker.lerctr.org ~ $ thebighonker.lerctr.org ~ $ doveadm -D -vvvvv index \#ARCHIVE/\* Debug: Loading modules from directory: /usr/local/lib/dovecot Debug: Module loaded: /usr/local/lib/dovecot/lib15_notify_plugin.so Debug: Module loaded: /usr/local/lib/dovecot/lib20_fts_plugin.so Debug: Module loaded: /usr/local/lib/dovecot/lib21_fts_lucene_plugin.so Debug: Module loaded: /usr/local/lib/dovecot/lib90_stats_plugin.so Debug: Loading modules from directory: /usr/local/lib/dovecot/doveadm Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: /usr/local/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so: Undefined symbol "acl_user_module" (this is usually intentional, so just ignore this message) Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/local/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so: Undefined symbol "expire_set_lookup" (this is usually intentional, so just ignore this message) Debug: Skipping module doveadm_quota_plugin, because dlopen() failed: /usr/local/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so: Undefined symbol "quota_user_module" (this is usually intentional, so just ignore this message) Debug: Module loaded: /usr/local/lib/dovecot/doveadm/lib10_doveadm_sieve_plugin.so Debug: Module loaded: /usr/local/lib/dovecot/doveadm/lib20_doveadm_fts_lucene_plugin.so Debug: Module loaded: /usr/local/lib/dovecot/doveadm/lib20_doveadm_fts_plugin.so doveadm(ler): Debug: Effective uid=1001, gid=1001, home=/home/ler doveadm(ler): Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=mbox:~/mail:INBOX=~/mail/INBOX doveadm(ler): Debug: fs: root=/home/ler/mail, index=, indexpvt=, control=, inbox=/home/ler/mail/INBOX, alt= doveadm(ler): Debug: Namespace archive: type=private, prefix=#ARCHIVE/, sep=/, inbox=no, hidden=no, list=no, subscriptions=yes location=mbox:~/MAILARCHIVE doveadm(ler): Debug: mbox: INBOX defaulted to /home/ler/MAILARCHIVE/inbox doveadm(ler): Debug: fs: root=/home/ler/MAILARCHIVE, index=, indexpvt=, control=, inbox=/home/ler/MAILARCHIVE/inbox, alt= doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't selectable doveadm(ler): Error: Mailbox #ARCHIVE/2011/07/satelliteguys: Status lookup failed: Internal error occurred. Refer to server log for more information. [2016-11-02 13:27:19] doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't selectable doveadm(ler): Error: Mailbox #ARCHIVE/2011/07/SA/FN: Status lookup failed: Internal error occurred. Refer to server log for more information. [2016-11-02 13:27:19] doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't selectable doveadm(ler): Error: Mailbox #ARCHIVE/2011/07/SENT: Status lookup failed: Internal error occurred. Refer to server log for more information. [2016-11-02 13:27:19] doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't selectable doveadm(ler): Error: Mailbox #ARCHIVE/2011/07/INBOX: Status lookup failed: Internal error occurred. Refer to server log for more information. [2016-11-02 13:27:19] doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't selectable doveadm(ler): Error: Mailbox #ARCHIVE/2011/07/SPAM: Status lookup failed: Internal error occurred. Refer to server log for more information. [2016-11-02 13:27:19] doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't selectable doveadm(ler): Error: Mailbox #ARCHIVE/2011/07/root-mail: Status lookup failed: Internal error occurred. Refer to server log for more information. [2016-11-02 13:27:19] doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't selectable doveadm(ler): Error: Mailbox #ARCHIVE/2011/07/bacula: Status lookup failed: Internal error occurred. Refer to server log for more information. [2016-11-02 13:27:19] doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't selectable doveadm(ler): Error: Mailbox #ARCHIVE/2011/07/Junk E-mail: Status lookup failed: Internal error occurred. Refer to server log for more information. [2016-11-02 13:27:19] doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't selectable doveadm(ler): Error: Mailbox #ARCHIVE/2011/07/Amplify_Mail: Status lookup failed: Internal error occurred. Refer to server log for more information. [2016-11-02 13:27:19] doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't selectable On Wed, Nov 2, 2016 at 1:25 PM, Timo Sirainen wrote: > It looks like fts-lucene wants to write some information into INBOX's > index files. But your archive namespace doesn't have a working INBOX. Maybe > it would work if you create "#ARCHIVE/inbox"? > > On 02 Nov 2016, at 20:13, Larry Rosenman wrote: > > one other thing, fts_autoindex does NOT appear to be working on the > #ARCHIVE/ NAMESPACE. > > I wonder if these are all interrelated? > > On Wed, Nov 2, 2016 at 1:10 PM, Larry Rosenman wrote: > >> FWIW it DOES work on my default NAMESPACE, just not the #ARCHIVE/ >> NAMESPACE. >> >> >> On Wed, Nov 2, 2016 at 12:32 PM, Larry Rosenman >> wrote: >> >>> It's ALWAYS failed on the other NAMESPACE. >>> >>> Some of the logging looks weird as well for the 2nd namespace: >>> >>> Nov 2 12:32:03 thebighonker dovecot: imap-login: Login: user=, >>> method=PLAIN, rip=207.231.91.36, lip=192.147.25.65, mpid=76712, TLS, >>> session= >>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Loading modules >>> from directory: /usr/local/lib/dovecot >>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: >>> /usr/local/lib/dovecot/lib15_notify_plugin.so >>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: >>> /usr/local/lib/dovecot/lib20_fts_plugin.so >>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: >>> /usr/local/lib/dovecot/lib20_mail_log_plugin.so >>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: >>> /usr/local/lib/dovecot/lib21_fts_lucene_plugin.so >>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: >>> /usr/local/lib/dovecot/lib90_stats_plugin.so >>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: >>> /usr/local/lib/dovecot/lib95_imap_stats_plugin.so >>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Effective >>> uid=1004, gid=1004, home=/home/mrm >>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Namespace inbox: >>> type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, >>> subscriptions=yes location=mbox:~/mail:INBOX=~/mail/INBOX >>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: fs: >>> root=/home/mrm/mail, index=, indexpvt=, control=, >>> inbox=/home/mrm/mail/INBOX, alt= >>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Namespace >>> archive: type=private, prefix=#ARCHIVE/, sep=/, inbox=no, hidden=no, >>> list=no, subscriptions=yes location=mbox:~/MAILARCHIVE >>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: mbox: INBOX >>> defaulted to /home/mrm/MAILARCHIVE/inbox >>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: fs: >>> root=/home/mrm/MAILARCHIVE, index=, indexpvt=, control=, >>> inbox=/home/mrm/MAILARCHIVE/inbox, alt= >>> >>> >>> >>> On Wed, Nov 2, 2016 at 12:30 PM, Timo Sirainen wrote: >>> >>>> It's getting a bit strange. You were running 2.2.25 previously and it >>>> was working then? Does the doveadm index always fail with the same errors? >>>> >>>> Also I just noticed that it's saying INBOX isn't selectable: "lucene: >>>> Failed to sync mailbox INBOX: Mailbox isn't selectable". Which I guess >>>> isn't true. It seems to be failing somewhat randomly.. >>>> >>>> On 02 Nov 2016, at 19:25, Larry Rosenman wrote: >>>> >>>> thebighonker.lerctr.org ~ $ doveadm mailbox status -u ler at lerctr.org >>>> vsize \#ARCHIVE/2016/10/clamav-rules >>>> #ARCHIVE/2016/10/clamav-rules vsize=3840752 >>>> thebighonker.lerctr.org ~ $ >>>> >>>> >>>> >>>> On Wed, Nov 2, 2016 at 12:22 PM, Timo Sirainen wrote: >>>> >>>>> On 02 Nov 2016, at 19:19, Larry Rosenman wrote: >>>>> > >>>>> > clamav-rules is NOT a directory, nor are any of the others: >>>>> >>>>> Can you access these mboxes at all with Dovecot? e.g. >>>>> >>>>> doveadm mailbox status -u user at domain clamav-rules >>>>> >>>>> > thebighonker.lerctr.org ~/MAILARCHIVE $ cd 2016/10 >>>>> > thebighonker.lerctr.org ~/MAILARCHIVE/2016/10 $ ls -l >>>>> > total 72106 >>>>> > -rw-r--r-- 1 ler ler 440461 Nov 1 00:05 Amplify_Mail >>>>> > -rw-r--r-- 1 ler ler 104102478 Nov 1 14:53 INBOX >>>>> > drwxr-xr-x 3 ler ler 4 Nov 1 00:05 SA >>>>> > -rw-r--r-- 1 ler ler 21083767 Nov 1 00:05 SENT >>>>> > -rw-r--r-- 1 ler ler 1850677 Nov 1 00:05 SPAM >>>>> > -rw-r--r-- 1 ler ler 36483 Nov 1 00:05 UFCU_Mail >>>>> > -rw-r--r-- 1 ler ler 460073 Nov 1 00:05 bacula >>>>> > -rw-r--r-- 1 ler ler 1107098 Nov 1 00:05 bayes-update >>>>> > -rw-r--r-- 1 ler ler 3884041 Nov 1 00:05 clamav-rules >>>>> > -rw-r--r-- 1 ler ler 652132 Nov 1 00:05 firewall >>>>> > drwxr-xr-x 11 ler ler 20 Nov 1 00:05 lists >>>>> > -rw-r--r-- 1 ler ler 25122465 Nov 1 00:05 root-mail >>>>> > -rw-r--r-- 1 ler ler 44553 Nov 1 00:05 satelliteguys >>>>> > -rw-r--r-- 1 ler ler 625628 Nov 1 00:05 wview >>>>> > thebighonker.lerctr.org ~/MAILARCHIVE/2016/10 $ >>>>> > >>>>> > On Wed, Nov 2, 2016 at 12:17 PM, Timo Sirainen wrote: >>>>> > >>>>> >> On 01 Nov 2016, at 20:30, Larry Rosenman >>>>> wrote: >>>>> >>> >>>>> >>> doveadm -D -vvvvvv index \#ARCHIVE/\* garners the below for ALL >>>>> >> mailboxes >>>>> >>> in the >>>>> >>> namespace: >>>>> >>> doveadm(ler): Error: Mailbox #ARCHIVE/2013/04/clamav-rules: Status >>>>> lookup >>>>> >>> failed: Internal error occurred. Refer to server log for more >>>>> >> information. >>>>> >>> [2016-11-01 13:25:21] >>>>> >>> doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox >>>>> isn't >>>>> >>> selectable >>>>> >> >>>>> >> You're using mbox format and "clamav-rules" is a directory. I guess >>>>> >> doveadm should be ignoring non-selectable mailboxes. >>>>> >> >>>>> >> >>>>> > >>>>> > >>>>> > -- >>>>> > Larry Rosenman http://www.lerctr.org/~ler >>>>> > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com >>>>> > US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 >>>>> >>>>> >>>> >>>> >>>> -- >>>> Larry Rosenman http://www.lerctr.org/~ler >>>> Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com >>>> US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 >>>> >>>> >>>> >>> >>> >>> -- >>> Larry Rosenman http://www.lerctr.org/~ler >>> Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com >>> US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 >>> >> >> >> >> -- >> Larry Rosenman http://www.lerctr.org/~ler >> Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com >> US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 >> > > > > -- > Larry Rosenman http://www.lerctr.org/~ler > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com > US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 > > > -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From doctor at doctor.nl2k.ab.ca Wed Nov 2 19:26:00 2016 From: doctor at doctor.nl2k.ab.ca (The Doctor) Date: Wed, 2 Nov 2016 13:26:00 -0600 Subject: Repeat e-mail syndrome shows up in 2.2.26+ In-Reply-To: References: <20161101162637.GA26017@doctor.nl2k.ab.ca> Message-ID: <20161102192600.GB60272@doctor.nl2k.ab.ca> On Wed, Nov 02, 2016 at 07:15:17PM +0200, Timo Sirainen wrote: > On 01 Nov 2016, at 18:26, The Doctor wrote: > > > > Getting complaints from people about pop/imap > > > > issues. > > > > some people are getting repaeted e-mail. > > > > Other are not able to delete their e-mails from an IMAP lcient. > > Anything in error logs? POP3 duplicates sound like IMAP UIDs were changed (or are still changing?) Let me see, I just started to rotate these logs just today. -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Time for the USA to hold a referendum on its republic and vote to dissolve!! From petros.fraser at gmail.com Wed Nov 2 19:26:57 2016 From: petros.fraser at gmail.com (Peter Fraser) Date: Wed, 2 Nov 2016 14:26:57 -0500 Subject: Dovecot 2 LDAP "unknown user" In-Reply-To: References: Message-ID: I updated dovecot-ldap.conf.ext so that it now reads as below: #Custom Settings hosts = 192.168.153.143 dn = user at domain.com dnpass = password auth_bind = yes auth_bind_userdn = %u at domain.com ldap_version = 3 base = dc=rpservices,dc=com #user_filter = (&(objectclass=person)(mail=%u)) user_filter = (&(objectclass=person)(uid=%u)) pass_filter = (&(objectclass=person)(uid=%u)) user_attrs = homeDirectory=/home/vmail/%u,uid=1002,gid=1002 When I tried to log in again using telnet 127.0.0.1 110, the error shows up in maillog. I first tried logging in with just the username, then I tried using username at domain.com. Using doveadm still works though. BSD-11 dovecot: auth: ldap(peter,127.0.0.1,): unknown user Nov 2 11:29:23 BSD-11 dovecot: auth: Error: ldap(user,127.0.0.1,): user not found from userdb Nov 2 11:29:23 BSD-11 dovecot: pop3: Error: Authenticated user not found from userdb, auth lookup id=226492417 (client-pid=874 client-id=1) Nov 2 11:29:23 BSD-11 dovecot: pop3-login: Internal login failure (pid=874 id=1) (internal failure, 1 successful auths): user=, method=PLAIN Nov 2 11:30:42 BSD-11 dovecot: auth: ldap(user at domain.com): invalid credentials Nov 2 14:08:17 BSD-11 dovecot: auth: ldap(user,127.0.0.1,<4uLkKVZAvY9/AAAB>): invalid credentials Nov 2 14:09:38 BSD-11 dovecot: auth: ldap(user at domain.com,127.0.0.1,<4uLkKVZAvY9/AAAB>): invalid credentials Nov 2 14:11:00 BSD-11 dovecot: pop3-login: Disconnected: Inactivity (auth failed, 2 attempts in 163 secs): user= On Wed, Nov 2, 2016 at 4:39 AM, Steffen Kaiser < skdovecot at smail.inf.fh-brs.de> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Tue, 1 Nov 2016, Peter Fraser wrote: > > root at BSD-11:/usr/local/etc/dovecot # doveadm auth test username >> Password: >> passdb: user auth succeeded >> extra fields: >> user=username >> root at BSD-11:/usr/local/etc/dovecot # >> >> But when I run telnet 127.0.0.1 110 and try to log in it says unknown >> user. >> Error below in maillog. >> BSD-11 dovecot: pop3: Error: Authenticated user not found from userdb, >> auth >> lookup id=2262958081 (client-pid=2273 client-id=1) >> Nov 1 15:15:41 BSD-11 dovecot: pop3-login: Internal login failure >> (pid=2273 id=1) (internal failure, 1 successful auths): user= >> > > passdb { >> args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext >> driver = ldap >> } >> > > userdb { >> args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext >> driver = ldap >> } >> > > #Contents of dovecot-ldap.conf.ext >> hosts = 192.168.153.143 >> dn = user at domain.com >> dnpass = password >> auth_bind = yes >> auth_bind_userdn = domain\%u >> ldap_version = 3 >> base = dc=domain,dc=com >> pass_filter = (&(objectclass=person)(uid=%u)) >> user_attrs = homeDirectory=/home/vmail/%u,uid=1002,gid=1002 >> > > duplicate pass_filter to user_filter. > > - -- Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iQEVAwUBWBm0Onz1H7kL/d9rAQJWhQf+PRD5yd29UyL1drjlTOWD/s4qUffg8OBh > inb8L3eCKDuSad8s9INUJSa6WxGEVdatL4PKjTcbL5IsPIob87W5jOduWFMtPlt0 > FXxWtfc1bAjRyNLzkGe1mUT1z0EDVO22UkQSd9J3bZQ9wR+FzgeGqdcyzl+WSyzB > Eaiea23ieCjhZRAZF/pl1gDjkap+tPQ8gZLdt4p1QQrY5Jllifu5jYEyjqPkwUXf > YMfEiCJSInyMQ8CCuL1Aj8iM/7qLLi8pyC9KSA6NntK4mpHAaInYln6SZY+ZGJCY > KV60nGuwwv3qQFeKchhhr+GpGDQYXJ5eBq+Ji+cKgvbypFa13NNS8A== > =l02F > -----END PGP SIGNATURE----- > From ruud at t-boonproductions.nl Wed Nov 2 19:27:56 2016 From: ruud at t-boonproductions.nl (Ruud Boon) Date: Wed, 2 Nov 2016 20:27:56 +0100 Subject: No stats under FreeBSD 10.3 In-Reply-To: References: <12BC0BB8-8A18-43CD-879A-02DF43F701F3@iki.fi> Message-ID: <8507E63A-D487-4D73-9E08-27D19CCF4DB8@t-boonproductions.nl> Thnx Larry, Thats was it! Ruud > On 2 Nov 2016, at 18:52, Larry Rosenman wrote: > > I added the following to 90-plugin.conf: > .... > service stats { > chroot = empty > client_limit = 0 > drop_priv_before_exec = no > executable = stats > extra_groups = > fifo_listener stats-mail { > group = > mode = 0666 > user = > } > fifo_listener stats-user { > group = > mode = 0666 > user = > } > .... > > and now: > srw-rw-rw- 1 root wheel 0 Nov 2 12:47 stats > prw-rw-rw- 1 root wheel 0 Nov 2 12:47 stats-mail > prw-rw-rw- 1 root wheel 0 Nov 2 12:47 stats-user > > and I get stats. > > > On Wed, Nov 2, 2016 at 12:18 PM, Larry Rosenman > wrote: > prw-rw-rw- 1 root wheel 0 Nov 1 13:09 stats-mail > prw------- 1 root wheel 0 Nov 1 13:09 stats-user > drwxr-x--- 2 root dovenull 4 Nov 1 13:09 token-login > > If something other than root is trying to write to stats-user, we found the issue. > > this is on 10.3-STABLE > > On Wed, Nov 2, 2016 at 12:13 PM, Timo Sirainen > wrote: > On 01 Nov 2016, at 22:31, Ruud Boon > wrote: > > > > HI, > > > > I?m currently testing the stats module of Dovecot (2.2.26.0 (23d1de6)) > > Looks like there no statistics under FreeBSD. > > Server isn?t busy yet but got at least a few connection open. > > See if there are any errors in logs. I guess mail-stats fifo doesn't have enough permissions so that imap/pop3/lmtp can connect to it. > > > > -- > Larry Rosenman http://www.lerctr.org/~ler > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com > US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 > > > > -- > Larry Rosenman http://www.lerctr.org/~ler > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com > US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From larryrtx at gmail.com Wed Nov 2 19:40:31 2016 From: larryrtx at gmail.com (Larry Rosenman) Date: Wed, 2 Nov 2016 14:40:31 -0500 Subject: doveadm index: can't index a different namespace? In-Reply-To: References: <7643DFB7-F3F9-47A8-8B28-558DD8930BFC@iki.fi> <0CE4811F-EDA3-47E8-8266-5ED5ECA53533@iki.fi> <2A752732-C8C5-459A-B47E-106EEBEF01AA@iki.fi> Message-ID: Is there anything else I can provide? On Wed, Nov 2, 2016 at 1:30 PM, Larry Rosenman wrote: > nope -- No difference > > thebighonker.lerctr.org ~ $ ls -l ~/MAILARCHIVE/ > total 176 > drwx------ 6 ler ler 7 May 25 2014 2004 > drwx------ 8 ler ler 8 Mar 3 2013 2005 > drwx------ 11 ler ler 11 Mar 3 2013 2006 > drwx------ 11 ler ler 11 May 3 2013 2007 > drwx------ 14 ler ler 14 Mar 3 2013 2008 > drwx------ 14 ler ler 14 Mar 3 2013 2009 > drwx------ 14 ler ler 14 Mar 3 2013 2010 > drwx------ 15 ler ler 15 Mar 3 2013 2011 > drwx------ 15 ler ler 15 Mar 3 2013 2012 > drwx------ 14 ler ler 14 Dec 31 2013 2013 > drwxr-xr-x 14 ler ler 14 Jan 1 2015 2014 > drwxr-xr-x 14 ler ler 14 Jan 1 2016 2015 > drwxr-xr-x 12 ler ler 12 Nov 1 00:05 2016 > -rw-r--r-- 1 ler ler 0 Nov 2 13:26 inbox > thebighonker.lerctr.org ~ $ > > doveadm(ler): Error: Mailbox #ARCHIVE/2013/04/Amplify_Mail: Status lookup > failed: Internal error occurred. Refer to server log for more information. > [2016-11-02 13:28:28] > doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't > selectable > doveadm(ler): Error: Mailbox #ARCHIVE/2013/04/clamav-rules: Status lookup > failed: Internal error occurred. Refer to server log for more information. > [2016-11-02 13:28:28] > doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't > selectable > doveadm(ler): Error: Mailbox #ARCHIVE/2013/04/SA/FN: Status lookup failed: > Internal error occurred. Refer to server log for more information. > [2016-11-02 13:28:28] > thebighonker.lerctr.org ~ $ > > thebighonker.lerctr.org ~ $ doveadm -D -vvvvv index \#ARCHIVE/\* > Debug: Loading modules from directory: /usr/local/lib/dovecot > Debug: Module loaded: /usr/local/lib/dovecot/lib15_notify_plugin.so > Debug: Module loaded: /usr/local/lib/dovecot/lib20_fts_plugin.so > Debug: Module loaded: /usr/local/lib/dovecot/lib21_fts_lucene_plugin.so > Debug: Module loaded: /usr/local/lib/dovecot/lib90_stats_plugin.so > Debug: Loading modules from directory: /usr/local/lib/dovecot/doveadm > Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: > /usr/local/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so: Undefined > symbol "acl_user_module" (this is usually intentional, so just ignore this > message) > Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: > /usr/local/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so: Undefined > symbol "expire_set_lookup" (this is usually intentional, so just ignore > this message) > Debug: Skipping module doveadm_quota_plugin, because dlopen() failed: > /usr/local/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so: Undefined > symbol "quota_user_module" (this is usually intentional, so just ignore > this message) > Debug: Module loaded: /usr/local/lib/dovecot/doveadm/lib10_doveadm_sieve_ > plugin.so > Debug: Module loaded: /usr/local/lib/dovecot/doveadm/lib20_doveadm_fts_ > lucene_plugin.so > Debug: Module loaded: /usr/local/lib/dovecot/doveadm/lib20_doveadm_fts_ > plugin.so > doveadm(ler): Debug: Effective uid=1001, gid=1001, home=/home/ler > doveadm(ler): Debug: Namespace inbox: type=private, prefix=, sep=, > inbox=yes, hidden=no, list=yes, subscriptions=yes > location=mbox:~/mail:INBOX=~/mail/INBOX > doveadm(ler): Debug: fs: root=/home/ler/mail, index=, indexpvt=, control=, > inbox=/home/ler/mail/INBOX, alt= > doveadm(ler): Debug: Namespace archive: type=private, prefix=#ARCHIVE/, > sep=/, inbox=no, hidden=no, list=no, subscriptions=yes > location=mbox:~/MAILARCHIVE > doveadm(ler): Debug: mbox: INBOX defaulted to /home/ler/MAILARCHIVE/inbox > doveadm(ler): Debug: fs: root=/home/ler/MAILARCHIVE, index=, indexpvt=, > control=, inbox=/home/ler/MAILARCHIVE/inbox, alt= > doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't > selectable > doveadm(ler): Error: Mailbox #ARCHIVE/2011/07/satelliteguys: Status > lookup failed: Internal error occurred. Refer to server log for more > information. [2016-11-02 13:27:19] > doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't > selectable > doveadm(ler): Error: Mailbox #ARCHIVE/2011/07/SA/FN: Status lookup failed: > Internal error occurred. Refer to server log for more information. > [2016-11-02 13:27:19] > doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't > selectable > doveadm(ler): Error: Mailbox #ARCHIVE/2011/07/SENT: Status lookup failed: > Internal error occurred. Refer to server log for more information. > [2016-11-02 13:27:19] > doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't > selectable > doveadm(ler): Error: Mailbox #ARCHIVE/2011/07/INBOX: Status lookup failed: > Internal error occurred. Refer to server log for more information. > [2016-11-02 13:27:19] > doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't > selectable > doveadm(ler): Error: Mailbox #ARCHIVE/2011/07/SPAM: Status lookup failed: > Internal error occurred. Refer to server log for more information. > [2016-11-02 13:27:19] > doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't > selectable > doveadm(ler): Error: Mailbox #ARCHIVE/2011/07/root-mail: Status lookup > failed: Internal error occurred. Refer to server log for more information. > [2016-11-02 13:27:19] > doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't > selectable > doveadm(ler): Error: Mailbox #ARCHIVE/2011/07/bacula: Status lookup > failed: Internal error occurred. Refer to server log for more information. > [2016-11-02 13:27:19] > doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't > selectable > doveadm(ler): Error: Mailbox #ARCHIVE/2011/07/Junk E-mail: Status lookup > failed: Internal error occurred. Refer to server log for more information. > [2016-11-02 13:27:19] > doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't > selectable > doveadm(ler): Error: Mailbox #ARCHIVE/2011/07/Amplify_Mail: Status lookup > failed: Internal error occurred. Refer to server log for more information. > [2016-11-02 13:27:19] > doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't > selectable > > On Wed, Nov 2, 2016 at 1:25 PM, Timo Sirainen wrote: > >> It looks like fts-lucene wants to write some information into INBOX's >> index files. But your archive namespace doesn't have a working INBOX. Maybe >> it would work if you create "#ARCHIVE/inbox"? >> >> On 02 Nov 2016, at 20:13, Larry Rosenman wrote: >> >> one other thing, fts_autoindex does NOT appear to be working on the >> #ARCHIVE/ NAMESPACE. >> >> I wonder if these are all interrelated? >> >> On Wed, Nov 2, 2016 at 1:10 PM, Larry Rosenman >> wrote: >> >>> FWIW it DOES work on my default NAMESPACE, just not the #ARCHIVE/ >>> NAMESPACE. >>> >>> >>> On Wed, Nov 2, 2016 at 12:32 PM, Larry Rosenman >>> wrote: >>> >>>> It's ALWAYS failed on the other NAMESPACE. >>>> >>>> Some of the logging looks weird as well for the 2nd namespace: >>>> >>>> Nov 2 12:32:03 thebighonker dovecot: imap-login: Login: user=, >>>> method=PLAIN, rip=207.231.91.36, lip=192.147.25.65, mpid=76712, TLS, >>>> session= >>>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Loading modules >>>> from directory: /usr/local/lib/dovecot >>>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: >>>> /usr/local/lib/dovecot/lib15_notify_plugin.so >>>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: >>>> /usr/local/lib/dovecot/lib20_fts_plugin.so >>>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: >>>> /usr/local/lib/dovecot/lib20_mail_log_plugin.so >>>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: >>>> /usr/local/lib/dovecot/lib21_fts_lucene_plugin.so >>>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: >>>> /usr/local/lib/dovecot/lib90_stats_plugin.so >>>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: >>>> /usr/local/lib/dovecot/lib95_imap_stats_plugin.so >>>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Effective >>>> uid=1004, gid=1004, home=/home/mrm >>>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Namespace >>>> inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, >>>> subscriptions=yes location=mbox:~/mail:INBOX=~/mail/INBOX >>>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: fs: >>>> root=/home/mrm/mail, index=, indexpvt=, control=, >>>> inbox=/home/mrm/mail/INBOX, alt= >>>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Namespace >>>> archive: type=private, prefix=#ARCHIVE/, sep=/, inbox=no, hidden=no, >>>> list=no, subscriptions=yes location=mbox:~/MAILARCHIVE >>>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: mbox: INBOX >>>> defaulted to /home/mrm/MAILARCHIVE/inbox >>>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: fs: >>>> root=/home/mrm/MAILARCHIVE, index=, indexpvt=, control=, >>>> inbox=/home/mrm/MAILARCHIVE/inbox, alt= >>>> >>>> >>>> >>>> On Wed, Nov 2, 2016 at 12:30 PM, Timo Sirainen wrote: >>>> >>>>> It's getting a bit strange. You were running 2.2.25 previously and it >>>>> was working then? Does the doveadm index always fail with the same errors? >>>>> >>>>> Also I just noticed that it's saying INBOX isn't selectable: "lucene: >>>>> Failed to sync mailbox INBOX: Mailbox isn't selectable". Which I guess >>>>> isn't true. It seems to be failing somewhat randomly.. >>>>> >>>>> On 02 Nov 2016, at 19:25, Larry Rosenman wrote: >>>>> >>>>> thebighonker.lerctr.org ~ $ doveadm mailbox status -u ler at lerctr.org >>>>> vsize \#ARCHIVE/2016/10/clamav-rules >>>>> #ARCHIVE/2016/10/clamav-rules vsize=3840752 >>>>> thebighonker.lerctr.org ~ $ >>>>> >>>>> >>>>> >>>>> On Wed, Nov 2, 2016 at 12:22 PM, Timo Sirainen wrote: >>>>> >>>>>> On 02 Nov 2016, at 19:19, Larry Rosenman wrote: >>>>>> > >>>>>> > clamav-rules is NOT a directory, nor are any of the others: >>>>>> >>>>>> Can you access these mboxes at all with Dovecot? e.g. >>>>>> >>>>>> doveadm mailbox status -u user at domain clamav-rules >>>>>> >>>>>> > thebighonker.lerctr.org ~/MAILARCHIVE $ cd 2016/10 >>>>>> > thebighonker.lerctr.org ~/MAILARCHIVE/2016/10 $ ls -l >>>>>> > total 72106 >>>>>> > -rw-r--r-- 1 ler ler 440461 Nov 1 00:05 Amplify_Mail >>>>>> > -rw-r--r-- 1 ler ler 104102478 Nov 1 14:53 INBOX >>>>>> > drwxr-xr-x 3 ler ler 4 Nov 1 00:05 SA >>>>>> > -rw-r--r-- 1 ler ler 21083767 Nov 1 00:05 SENT >>>>>> > -rw-r--r-- 1 ler ler 1850677 Nov 1 00:05 SPAM >>>>>> > -rw-r--r-- 1 ler ler 36483 Nov 1 00:05 UFCU_Mail >>>>>> > -rw-r--r-- 1 ler ler 460073 Nov 1 00:05 bacula >>>>>> > -rw-r--r-- 1 ler ler 1107098 Nov 1 00:05 bayes-update >>>>>> > -rw-r--r-- 1 ler ler 3884041 Nov 1 00:05 clamav-rules >>>>>> > -rw-r--r-- 1 ler ler 652132 Nov 1 00:05 firewall >>>>>> > drwxr-xr-x 11 ler ler 20 Nov 1 00:05 lists >>>>>> > -rw-r--r-- 1 ler ler 25122465 Nov 1 00:05 root-mail >>>>>> > -rw-r--r-- 1 ler ler 44553 Nov 1 00:05 satelliteguys >>>>>> > -rw-r--r-- 1 ler ler 625628 Nov 1 00:05 wview >>>>>> > thebighonker.lerctr.org ~/MAILARCHIVE/2016/10 $ >>>>>> > >>>>>> > On Wed, Nov 2, 2016 at 12:17 PM, Timo Sirainen wrote: >>>>>> > >>>>>> >> On 01 Nov 2016, at 20:30, Larry Rosenman >>>>>> wrote: >>>>>> >>> >>>>>> >>> doveadm -D -vvvvvv index \#ARCHIVE/\* garners the below for ALL >>>>>> >> mailboxes >>>>>> >>> in the >>>>>> >>> namespace: >>>>>> >>> doveadm(ler): Error: Mailbox #ARCHIVE/2013/04/clamav-rules: >>>>>> Status lookup >>>>>> >>> failed: Internal error occurred. Refer to server log for more >>>>>> >> information. >>>>>> >>> [2016-11-01 13:25:21] >>>>>> >>> doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: >>>>>> Mailbox isn't >>>>>> >>> selectable >>>>>> >> >>>>>> >> You're using mbox format and "clamav-rules" is a directory. I guess >>>>>> >> doveadm should be ignoring non-selectable mailboxes. >>>>>> >> >>>>>> >> >>>>>> > >>>>>> > >>>>>> > -- >>>>>> > Larry Rosenman http://www.lerctr.org/~ler >>>>>> > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com >>>>>> > US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 >>>>>> >>>>>> >>>>> >>>>> >>>>> -- >>>>> Larry Rosenman http://www.lerctr.org/~ler >>>>> Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com >>>>> US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 >>>>> >>>>> >>>>> >>>> >>>> >>>> -- >>>> Larry Rosenman http://www.lerctr.org/~ler >>>> Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com >>>> US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 >>>> >>> >>> >>> >>> -- >>> Larry Rosenman http://www.lerctr.org/~ler >>> Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com >>> US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 >>> >> >> >> >> -- >> Larry Rosenman http://www.lerctr.org/~ler >> Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com >> US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 >> >> >> > > > -- > Larry Rosenman http://www.lerctr.org/~ler > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com > US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 > -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From larryrtx at gmail.com Wed Nov 2 20:03:33 2016 From: larryrtx at gmail.com (Larry Rosenman) Date: Wed, 2 Nov 2016 15:03:33 -0500 Subject: doveadm index: can't index a different namespace? In-Reply-To: References: <7643DFB7-F3F9-47A8-8B28-558DD8930BFC@iki.fi> <0CE4811F-EDA3-47E8-8266-5ED5ECA53533@iki.fi> <2A752732-C8C5-459A-B47E-106EEBEF01AA@iki.fi> Message-ID: On Wed, Nov 2, 2016 at 3:02 PM, Larry Rosenman wrote: > why wouldn't it be able to use the ~/MAILARCHIVE/ filesystem space? > > The other indexes etc seem to get built there. > > I'll see if the current FreeBSD solr port is easier to set up than the > last time I tried. > -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From larryrtx at gmail.com Wed Nov 2 20:37:34 2016 From: larryrtx at gmail.com (Larry Rosenman) Date: Wed, 2 Nov 2016 15:37:34 -0500 Subject: doveadm index: can't index a different namespace? In-Reply-To: References: <7643DFB7-F3F9-47A8-8B28-558DD8930BFC@iki.fi> <0CE4811F-EDA3-47E8-8266-5ED5ECA53533@iki.fi> <2A752732-C8C5-459A-B47E-106EEBEF01AA@iki.fi> Message-ID: On Wed, Nov 2, 2016 at 3:15 PM, Larry Rosenman wrote: > ah. Looking into Solr. Is the wiki out of date with regard to > solr 6.2.0? there doesn't seem to be a conf/schmea.xml file any more. I started the default solr from FreeBSD ports, and there is no update URL. I'll continue investigating. -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From pch at myzel.net Wed Nov 2 21:13:38 2016 From: pch at myzel.net (Peter Chiochetti) Date: Wed, 2 Nov 2016 22:13:38 +0100 Subject: Outlook 2010 woes In-Reply-To: <20161102151653.629dd40a5d907d44cfcfd243@domain007.com> References: <4aad0d05-bc43-4fda-c4e7-544fc59557f4@shout.net> <20161013095531.00007012@seibercom.net> <1454388715.707.1476367654083@appsuite-dev.open-xchange.com> <20161013182334.f65847ce815588d05557bd94@domain007.com> <20161013185200.5aa3b7a5d485f24b2a036c84@domain007.com> <1040717331.825.1476374511077@appsuite-dev.open-xchange.com> <918e60ae-be12-6994-e397-eeb0ae11313a@shout.net> <3dd328d4-aac4-3686-d68e-50840b8d291c@shout.net> <096c351f-a2fe-b088-0800-699e29ec549f@shout.net> <20161102151653.629dd40a5d907d44cfcfd243@domain007.com> Message-ID: Am 2016-11-02 um 13:16 schrieb Konstantin Khomoutov: > On Tue, 1 Nov 2016 18:20:14 -0500 > Bryan Holloway wrote: >> >> The new (2.2) server had "auth_mechanisms" of "digest-md5" enabled >> along with "plain". This is what was causing the four-second delay, >> but only with Outlook clients. > > It's pretty amazing how far removed the problem cause can be from that > problem's manifestation ;-) > Nah, this is not far at all; a system with virtual users only and PAM configured will take even longer to authenticate than four seconds PS: I should have posted earlier ;) -- peter From tss at iki.fi Wed Nov 2 20:14:20 2016 From: tss at iki.fi (Timo Sirainen) Date: Wed, 2 Nov 2016 22:14:20 +0200 Subject: doveadm index: can't index a different namespace? In-Reply-To: References: <7643DFB7-F3F9-47A8-8B28-558DD8930BFC@iki.fi> <0CE4811F-EDA3-47E8-8266-5ED5ECA53533@iki.fi> <2A752732-C8C5-459A-B47E-106EEBEF01AA@iki.fi> Message-ID: On 02 Nov 2016, at 22:02, Larry Rosenman wrote: > > why wouldn't it be able to use the ~/MAILARCHIVE/ filesystem space? > > The other indexes etc seem to get built there. It's not about adding an index there, but about trying to open "MAILARCHIVE" itself as a folder. fts-lucene attempts to use an existing folder's indexes for tracking some (rather useless) settings information. I guess that tracking could be removed entirely as well. > > I'll see if the current FreeBSD solr port is easier to set up than the last time I tried. > > > On Wed, Nov 2, 2016 at 2:58 PM, Timo Sirainen > wrote: > I think it's simply not going to work with mbox. It's trying to open the "#ARCHIVE" namespace prefix itself, which won't work and it's too much work to try to fix it. You could try if this happens to make it work, but I'm not sure: http://wiki2.dovecot.org/MboxChildFolders > > Also instead of fts-lucene, you should switch to fts-solr. That would also fix it and in general works better. > > >> On 02 Nov 2016, at 21:40, Larry Rosenman > wrote: >> >> Is there anything else I can provide? >> >> >> On Wed, Nov 2, 2016 at 1:30 PM, Larry Rosenman > wrote: >> nope -- No difference >> >> thebighonker.lerctr.org ~ $ ls -l ~/MAILARCHIVE/ >> total 176 >> drwx------ 6 ler ler 7 May 25 2014 2004 >> drwx------ 8 ler ler 8 Mar 3 2013 2005 >> drwx------ 11 ler ler 11 Mar 3 2013 2006 >> drwx------ 11 ler ler 11 May 3 2013 2007 >> drwx------ 14 ler ler 14 Mar 3 2013 2008 >> drwx------ 14 ler ler 14 Mar 3 2013 2009 >> drwx------ 14 ler ler 14 Mar 3 2013 2010 >> drwx------ 15 ler ler 15 Mar 3 2013 2011 >> drwx------ 15 ler ler 15 Mar 3 2013 2012 >> drwx------ 14 ler ler 14 Dec 31 2013 2013 >> drwxr-xr-x 14 ler ler 14 Jan 1 2015 2014 >> drwxr-xr-x 14 ler ler 14 Jan 1 2016 2015 >> drwxr-xr-x 12 ler ler 12 Nov 1 00:05 2016 >> -rw-r--r-- 1 ler ler 0 Nov 2 13:26 inbox >> thebighonker.lerctr.org ~ $ >> >> doveadm(ler): Error: Mailbox #ARCHIVE/2013/04/Amplify_Mail: Status lookup failed: Internal error occurred. Refer to server log for more information. [2016-11-02 13:28:28] >> doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't selectable >> doveadm(ler): Error: Mailbox #ARCHIVE/2013/04/clamav-rules: Status lookup failed: Internal error occurred. Refer to server log for more information. [2016-11-02 13:28:28] >> doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't selectable >> doveadm(ler): Error: Mailbox #ARCHIVE/2013/04/SA/FN: Status lookup failed: Internal error occurred. Refer to server log for more information. [2016-11-02 13:28:28] >> thebighonker.lerctr.org ~ $ >> >> thebighonker.lerctr.org ~ $ doveadm -D -vvvvv index \#ARCHIVE/\* >> Debug: Loading modules from directory: /usr/local/lib/dovecot >> Debug: Module loaded: /usr/local/lib/dovecot/lib15_notify_plugin.so >> Debug: Module loaded: /usr/local/lib/dovecot/lib20_fts_plugin.so >> Debug: Module loaded: /usr/local/lib/dovecot/lib21_fts_lucene_plugin.so >> Debug: Module loaded: /usr/local/lib/dovecot/lib90_stats_plugin.so >> Debug: Loading modules from directory: /usr/local/lib/dovecot/doveadm >> Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: /usr/local/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so: Undefined symbol "acl_user_module" (this is usually intentional, so just ignore this message) >> Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/local/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so: Undefined symbol "expire_set_lookup" (this is usually intentional, so just ignore this message) >> Debug: Skipping module doveadm_quota_plugin, because dlopen() failed: /usr/local/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so: Undefined symbol "quota_user_module" (this is usually intentional, so just ignore this message) >> Debug: Module loaded: /usr/local/lib/dovecot/doveadm/lib10_doveadm_sieve_plugin.so >> Debug: Module loaded: /usr/local/lib/dovecot/doveadm/lib20_doveadm_fts_lucene_plugin.so >> Debug: Module loaded: /usr/local/lib/dovecot/doveadm/lib20_doveadm_fts_plugin.so >> doveadm(ler): Debug: Effective uid=1001, gid=1001, home=/home/ler >> doveadm(ler): Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=mbox:~/mail:INBOX=~/mail/INBOX >> doveadm(ler): Debug: fs: root=/home/ler/mail, index=, indexpvt=, control=, inbox=/home/ler/mail/INBOX, alt= >> doveadm(ler): Debug: Namespace archive: type=private, prefix=#ARCHIVE/, sep=/, inbox=no, hidden=no, list=no, subscriptions=yes location=mbox:~/MAILARCHIVE >> doveadm(ler): Debug: mbox: INBOX defaulted to /home/ler/MAILARCHIVE/inbox >> doveadm(ler): Debug: fs: root=/home/ler/MAILARCHIVE, index=, indexpvt=, control=, inbox=/home/ler/MAILARCHIVE/inbox, alt= >> doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't selectable >> doveadm(ler): Error: Mailbox #ARCHIVE/2011/07/satelliteguys: Status lookup failed: Internal error occurred. Refer to server log for more information. [2016-11-02 13:27:19] >> doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't selectable >> doveadm(ler): Error: Mailbox #ARCHIVE/2011/07/SA/FN: Status lookup failed: Internal error occurred. Refer to server log for more information. [2016-11-02 13:27:19] >> doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't selectable >> doveadm(ler): Error: Mailbox #ARCHIVE/2011/07/SENT: Status lookup failed: Internal error occurred. Refer to server log for more information. [2016-11-02 13:27:19] >> doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't selectable >> doveadm(ler): Error: Mailbox #ARCHIVE/2011/07/INBOX: Status lookup failed: Internal error occurred. Refer to server log for more information. [2016-11-02 13:27:19] >> doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't selectable >> doveadm(ler): Error: Mailbox #ARCHIVE/2011/07/SPAM: Status lookup failed: Internal error occurred. Refer to server log for more information. [2016-11-02 13:27:19] >> doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't selectable >> doveadm(ler): Error: Mailbox #ARCHIVE/2011/07/root-mail: Status lookup failed: Internal error occurred. Refer to server log for more information. [2016-11-02 13:27:19] >> doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't selectable >> doveadm(ler): Error: Mailbox #ARCHIVE/2011/07/bacula: Status lookup failed: Internal error occurred. Refer to server log for more information. [2016-11-02 13:27:19] >> doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't selectable >> doveadm(ler): Error: Mailbox #ARCHIVE/2011/07/Junk E-mail: Status lookup failed: Internal error occurred. Refer to server log for more information. [2016-11-02 13:27:19] >> doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't selectable >> doveadm(ler): Error: Mailbox #ARCHIVE/2011/07/Amplify_Mail: Status lookup failed: Internal error occurred. Refer to server log for more information. [2016-11-02 13:27:19] >> doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't selectable >> >> On Wed, Nov 2, 2016 at 1:25 PM, Timo Sirainen > wrote: >> It looks like fts-lucene wants to write some information into INBOX's index files. But your archive namespace doesn't have a working INBOX. Maybe it would work if you create "#ARCHIVE/inbox"? >> >>> On 02 Nov 2016, at 20:13, Larry Rosenman > wrote: >>> >>> one other thing, fts_autoindex does NOT appear to be working on the >>> #ARCHIVE/ NAMESPACE. >>> >>> I wonder if these are all interrelated? >>> >>> On Wed, Nov 2, 2016 at 1:10 PM, Larry Rosenman > wrote: >>> FWIW it DOES work on my default NAMESPACE, just not the #ARCHIVE/ NAMESPACE. >>> >>> >>> On Wed, Nov 2, 2016 at 12:32 PM, Larry Rosenman > wrote: >>> It's ALWAYS failed on the other NAMESPACE. >>> >>> Some of the logging looks weird as well for the 2nd namespace: >>> >>> Nov 2 12:32:03 thebighonker dovecot: imap-login: Login: user=, method=PLAIN, rip=207.231.91.36, lip=192.147.25.65, mpid=76712, TLS, session= >>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Loading modules from directory: /usr/local/lib/dovecot >>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: /usr/local/lib/dovecot/lib15_notify_plugin.so >>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: /usr/local/lib/dovecot/lib20_fts_plugin.so >>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: /usr/local/lib/dovecot/lib20_mail_log_plugin.so >>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: /usr/local/lib/dovecot/lib21_fts_lucene_plugin.so >>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: /usr/local/lib/dovecot/lib90_stats_plugin.so >>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Module loaded: /usr/local/lib/dovecot/lib95_imap_stats_plugin.so >>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Effective uid=1004, gid=1004, home=/home/mrm >>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=mbox:~/mail:INBOX=~/mail/INBOX >>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: fs: root=/home/mrm/mail, index=, indexpvt=, control=, inbox=/home/mrm/mail/INBOX, alt= >>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: Namespace archive: type=private, prefix=#ARCHIVE/, sep=/, inbox=no, hidden=no, list=no, subscriptions=yes location=mbox:~/MAILARCHIVE >>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: mbox: INBOX defaulted to /home/mrm/MAILARCHIVE/inbox >>> Nov 2 12:32:03 thebighonker dovecot: imap(mrm): Debug: fs: root=/home/mrm/MAILARCHIVE, index=, indexpvt=, control=, inbox=/home/mrm/MAILARCHIVE/inbox, alt= >>> >>> >>> >>> On Wed, Nov 2, 2016 at 12:30 PM, Timo Sirainen > wrote: >>> It's getting a bit strange. You were running 2.2.25 previously and it was working then? Does the doveadm index always fail with the same errors? >>> >>> Also I just noticed that it's saying INBOX isn't selectable: "lucene: Failed to sync mailbox INBOX: Mailbox isn't selectable". Which I guess isn't true. It seems to be failing somewhat randomly.. >>> >>>> On 02 Nov 2016, at 19:25, Larry Rosenman > wrote: >>>> >>>> thebighonker.lerctr.org ~ $ doveadm mailbox status -u ler at lerctr.org vsize \#ARCHIVE/2016/10/clamav-rules >>>> #ARCHIVE/2016/10/clamav-rules vsize=3840752 >>>> thebighonker.lerctr.org ~ $ >>>> >>>> >>>> >>>> On Wed, Nov 2, 2016 at 12:22 PM, Timo Sirainen > wrote: >>>> On 02 Nov 2016, at 19:19, Larry Rosenman > wrote: >>>> > >>>> > clamav-rules is NOT a directory, nor are any of the others: >>>> >>>> Can you access these mboxes at all with Dovecot? e.g. >>>> >>>> doveadm mailbox status -u user at domain clamav-rules >>>> >>>> > thebighonker.lerctr.org ~/MAILARCHIVE $ cd 2016/10 >>>> > thebighonker.lerctr.org ~/MAILARCHIVE/2016/10 $ ls -l >>>> > total 72106 >>>> > -rw-r--r-- 1 ler ler 440461 Nov 1 00:05 Amplify_Mail >>>> > -rw-r--r-- 1 ler ler 104102478 Nov 1 14:53 INBOX >>>> > drwxr-xr-x 3 ler ler 4 Nov 1 00:05 SA >>>> > -rw-r--r-- 1 ler ler 21083767 Nov 1 00:05 SENT >>>> > -rw-r--r-- 1 ler ler 1850677 Nov 1 00:05 SPAM >>>> > -rw-r--r-- 1 ler ler 36483 Nov 1 00:05 UFCU_Mail >>>> > -rw-r--r-- 1 ler ler 460073 Nov 1 00:05 bacula >>>> > -rw-r--r-- 1 ler ler 1107098 Nov 1 00:05 bayes-update >>>> > -rw-r--r-- 1 ler ler 3884041 Nov 1 00:05 clamav-rules >>>> > -rw-r--r-- 1 ler ler 652132 Nov 1 00:05 firewall >>>> > drwxr-xr-x 11 ler ler 20 Nov 1 00:05 lists >>>> > -rw-r--r-- 1 ler ler 25122465 Nov 1 00:05 root-mail >>>> > -rw-r--r-- 1 ler ler 44553 Nov 1 00:05 satelliteguys >>>> > -rw-r--r-- 1 ler ler 625628 Nov 1 00:05 wview >>>> > thebighonker.lerctr.org ~/MAILARCHIVE/2016/10 $ >>>> > >>>> > On Wed, Nov 2, 2016 at 12:17 PM, Timo Sirainen > wrote: >>>> > >>>> >> On 01 Nov 2016, at 20:30, Larry Rosenman > wrote: >>>> >>> >>>> >>> doveadm -D -vvvvvv index \#ARCHIVE/\* garners the below for ALL >>>> >> mailboxes >>>> >>> in the >>>> >>> namespace: >>>> >>> doveadm(ler): Error: Mailbox #ARCHIVE/2013/04/clamav-rules: Status lookup >>>> >>> failed: Internal error occurred. Refer to server log for more >>>> >> information. >>>> >>> [2016-11-01 13:25:21] >>>> >>> doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't >>>> >>> selectable >>>> >> >>>> >> You're using mbox format and "clamav-rules" is a directory. I guess >>>> >> doveadm should be ignoring non-selectable mailboxes. >>>> >> >>>> >> >>>> > >>>> > >>>> > -- >>>> > Larry Rosenman http://www.lerctr.org/~ler >>>> > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com >>>> > US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 >>>> >>>> >>>> >>>> >>>> -- >>>> Larry Rosenman http://www.lerctr.org/~ler >>>> Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com >>>> US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 >>> >>> >>> >>> >>> -- >>> Larry Rosenman http://www.lerctr.org/~ler >>> Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com >>> US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 >>> >>> >>> >>> -- >>> Larry Rosenman http://www.lerctr.org/~ler >>> Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com >>> US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 >>> >>> >>> >>> -- >>> Larry Rosenman http://www.lerctr.org/~ler >>> Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com >>> US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 >> >> >> >> >> -- >> Larry Rosenman http://www.lerctr.org/~ler >> Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com >> US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 >> >> >> >> -- >> Larry Rosenman http://www.lerctr.org/~ler >> Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com >> US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 > > > > > -- > Larry Rosenman http://www.lerctr.org/~ler > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com > US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From larryrtx at gmail.com Thu Nov 3 02:47:59 2016 From: larryrtx at gmail.com (Larry Rosenman) Date: Wed, 2 Nov 2016 21:47:59 -0500 Subject: doveadm index: can't index a different namespace? In-Reply-To: References: <7643DFB7-F3F9-47A8-8B28-558DD8930BFC@iki.fi> <0CE4811F-EDA3-47E8-8266-5ED5ECA53533@iki.fi> <2A752732-C8C5-459A-B47E-106EEBEF01AA@iki.fi> Message-ID: I got solr working. I'll post more info later. On Wed, Nov 2, 2016 at 3:37 PM, Larry Rosenman wrote: > > On Wed, Nov 2, 2016 at 3:15 PM, Larry Rosenman wrote: > >> ah. Looking into Solr. Is the wiki out of date with regard to >> solr 6.2.0? there doesn't seem to be a conf/schmea.xml file any more. > > > I started the default solr from FreeBSD ports, and there is no update > URL. > > I'll continue investigating. > > > > -- > Larry Rosenman http://www.lerctr.org/~ler > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com > US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 > -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From skdovecot at smail.inf.fh-brs.de Thu Nov 3 07:36:46 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 3 Nov 2016 08:36:46 +0100 (CET) Subject: Dovecot 2 LDAP "unknown user" In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 2 Nov 2016, Peter Fraser wrote: > #Custom Settings > hosts = 192.168.153.143 > dn = user at domain.com > dnpass = password > auth_bind = yes > auth_bind_userdn = %u at domain.com > ldap_version = 3 > base = dc=rpservices,dc=com > #user_filter = (&(objectclass=person)(mail=%u)) > user_filter = (&(objectclass=person)(uid=%u)) > pass_filter = (&(objectclass=person)(uid=%u)) > user_attrs = homeDirectory=/home/vmail/%u,uid=1002,gid=1002 you wrote: >> root at BSD-11:/usr/local/etc/dovecot # doveadm auth test username >>> extra fields: >>> user=username is successful. Is user=username ^^^^^^^ that same as the username in doveadm? What about: doveadm user -u username ? > When I tried to log in again using telnet 127.0.0.1 110, the error shows up > in maillog. I first tried logging in with just the username, then I tried > using username at domain.com. Using doveadm still works though. > > BSD-11 dovecot: auth: ldap(peter,127.0.0.1,): unknown > user > Nov 2 11:29:23 BSD-11 dovecot: auth: Error: > ldap(user,127.0.0.1,): user not found from userdb > Nov 2 11:29:23 BSD-11 dovecot: pop3: Error: Authenticated user not found > from userdb, auth lookup id=226492417 (client-pid=874 client-id=1) > Nov 2 11:29:23 BSD-11 dovecot: pop3-login: Internal login failure (pid=874 > id=1) (internal failure, 1 successful auths): user=, method=PLAIN > Nov 2 11:30:42 BSD-11 dovecot: auth: ldap(user at domain.com): invalid > credentials > Nov 2 14:08:17 BSD-11 dovecot: auth: > ldap(user,127.0.0.1,<4uLkKVZAvY9/AAAB>): invalid credentials > Nov 2 14:09:38 BSD-11 dovecot: auth: > ldap(user at domain.com,127.0.0.1,<4uLkKVZAvY9/AAAB>): > invalid credentials > Nov 2 14:11:00 BSD-11 dovecot: pop3-login: Disconnected: Inactivity (auth > failed, 2 attempts in 163 secs): user= > > On Wed, Nov 2, 2016 at 4:39 AM, Steffen Kaiser < > skdovecot at smail.inf.fh-brs.de> wrote: > >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> On Tue, 1 Nov 2016, Peter Fraser wrote: >> >> root at BSD-11:/usr/local/etc/dovecot # doveadm auth test username >>> Password: >>> passdb: user auth succeeded >>> extra fields: >>> user=username >>> root at BSD-11:/usr/local/etc/dovecot # >>> >>> But when I run telnet 127.0.0.1 110 and try to log in it says unknown >>> user. >>> Error below in maillog. >>> BSD-11 dovecot: pop3: Error: Authenticated user not found from userdb, >>> auth >>> lookup id=2262958081 (client-pid=2273 client-id=1) >>> Nov 1 15:15:41 BSD-11 dovecot: pop3-login: Internal login failure >>> (pid=2273 id=1) (internal failure, 1 successful auths): user= >>> >> >> passdb { >>> args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext >>> driver = ldap >>> } >>> >> >> userdb { >>> args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext >>> driver = ldap >>> } >>> >> >> #Contents of dovecot-ldap.conf.ext >>> hosts = 192.168.153.143 >>> dn = user at domain.com >>> dnpass = password >>> auth_bind = yes >>> auth_bind_userdn = domain\%u >>> ldap_version = 3 >>> base = dc=domain,dc=com >>> pass_filter = (&(objectclass=person)(uid=%u)) >>> user_attrs = homeDirectory=/home/vmail/%u,uid=1002,gid=1002 >>> >> >> duplicate pass_filter to user_filter. >> >> - -- Steffen Kaiser >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1 >> >> iQEVAwUBWBm0Onz1H7kL/d9rAQJWhQf+PRD5yd29UyL1drjlTOWD/s4qUffg8OBh >> inb8L3eCKDuSad8s9INUJSa6WxGEVdatL4PKjTcbL5IsPIob87W5jOduWFMtPlt0 >> FXxWtfc1bAjRyNLzkGe1mUT1z0EDVO22UkQSd9J3bZQ9wR+FzgeGqdcyzl+WSyzB >> Eaiea23ieCjhZRAZF/pl1gDjkap+tPQ8gZLdt4p1QQrY5Jllifu5jYEyjqPkwUXf >> YMfEiCJSInyMQ8CCuL1Aj8iM/7qLLi8pyC9KSA6NntK4mpHAaInYln6SZY+ZGJCY >> KV60nGuwwv3qQFeKchhhr+GpGDQYXJ5eBq+Ji+cKgvbypFa13NNS8A== >> =l02F >> -----END PGP SIGNATURE----- >> > - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBWBrpDnz1H7kL/d9rAQKwzggAnJz4LR0SXVWSFdSDrKYs40IEN/ko/4el D7/4q4lVBo9dntf+NeGS1JxttebiN7ng4F5pm841Z0l7acj6z8HzMCr11Voqbuy7 4WJirG2DnwmzxZRi1M86QGqXWU00jhFplSvZfWhX8uQasmp1FqV3hhUMmcTFfXTX DqtFali5ymUPV87XU2hZEtpe3jkBdjWmmHW8gVfSXVXBcRBa96+12FEOwONLVVcQ VGZRb6XxWexRcwAo4NY+NfqcM3OEGC4AZgfqBsWnZOUhijnw+ffbu4YL8aZBIGlB P78R0N0DtpRAToRJYvr00OMk27dkHU+0Ock/cFUr6H1cYXHBsfvO2A== =lz82 -----END PGP SIGNATURE----- From igoetrich at yahoo.de Thu Nov 3 10:05:55 2016 From: igoetrich at yahoo.de (E Kogler) Date: Thu, 3 Nov 2016 10:05:55 +0000 (UTC) Subject: "make install" fails References: <1323150181.423339.1478167555035.ref@mail.yahoo.com> Message-ID: <1323150181.423339.1478167555035@mail.yahoo.com> I want to install dovecot 2.2.25 on my opensuse 12.3 (yes, I know that this is an old distro). "./configure, make" run with no problems but "make install" fails with: [...] libtool: warning: 'libstats_auth.la' has not been installed in '/usr/local/lib/dovecot/stats' libtool: install: /usr/bin/install -c .libs/auth /usr/local/lib/dovecot/auth libtool: install: /usr/bin/install -c .libs/checkpassword-reply /usr/local/lib/dovecot/checkpassword-reply ?/usr/bin/mkdir -p '/usr/local/lib/dovecot/auth' /usr/bin/mkdir: can't create ?/usr/local/lib/dovecot/auth? : file exists make[3]: *** [install-auth_moduleLTLIBRARIES] Fehler 1 make[3]: Leaving directory `/root/dovecot-2.2.25/src/auth' make[2]: *** [install-am] Fehler 2 make[2]: Leaving directory `/root/dovecot-2.2.25/src/auth' make[1]: *** [install-recursive] Fehler 1 make[1]: Leaving directory `/root/dovecot-2.2.25/src' make: *** [install-recursive] Fehler 1 ------------------------ I'm stuck.Can anyone help ? Edgar From aki.tuomi at dovecot.fi Thu Nov 3 11:49:07 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Thu, 3 Nov 2016 13:49:07 +0200 Subject: "make install" fails In-Reply-To: <1323150181.423339.1478167555035@mail.yahoo.com> References: <1323150181.423339.1478167555035.ref@mail.yahoo.com> <1323150181.423339.1478167555035@mail.yahoo.com> Message-ID: <52570211-944d-cf8c-cb54-fabaef67ccc6@dovecot.fi> On 03.11.2016 12:05, E Kogler wrote: > I want to install dovecot 2.2.25 on my opensuse 12.3 (yes, I know that this is an old distro). > "./configure, make" run with no problems but "make install" fails with: > [...] > libtool: warning: 'libstats_auth.la' has not been installed in '/usr/local/lib/dovecot/stats' > libtool: install: /usr/bin/install -c .libs/auth /usr/local/lib/dovecot/auth > libtool: install: /usr/bin/install -c .libs/checkpassword-reply /usr/local/lib/dovecot/checkpassword-reply > /usr/bin/mkdir -p '/usr/local/lib/dovecot/auth' > /usr/bin/mkdir: can't create ?/usr/local/lib/dovecot/auth? : file exists > make[3]: *** [install-auth_moduleLTLIBRARIES] Fehler 1 > make[3]: Leaving directory `/root/dovecot-2.2.25/src/auth' > make[2]: *** [install-am] Fehler 2 > make[2]: Leaving directory `/root/dovecot-2.2.25/src/auth' > make[1]: *** [install-recursive] Fehler 1 > make[1]: Leaving directory `/root/dovecot-2.2.25/src' > make: *** [install-recursive] Fehler 1 > ------------------------ > I'm stuck.Can anyone help ? > Edgar Did you run it with sufficient privileges? Aki From petros.fraser at gmail.com Thu Nov 3 15:10:36 2016 From: petros.fraser at gmail.com (Peter Fraser) Date: Thu, 3 Nov 2016 10:10:36 -0500 Subject: Dovecot 2 LDAP "unknown user" In-Reply-To: References: Message-ID: Thanks for your reply again Steffen. The command doveadm user -u username successfully returns the username and any information it can for the user in AD. As a matter of fact, I entered some home directory information in AD and this command returned the User's Home Directory as well. Is it a problem though that the telnet test won't work? On Thu, Nov 3, 2016 at 2:36 AM, Steffen Kaiser < skdovecot at smail.inf.fh-brs.de> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Wed, 2 Nov 2016, Peter Fraser wrote: > > #Custom Settings >> hosts = 192.168.153.143 >> dn = user at domain.com >> dnpass = password >> auth_bind = yes >> auth_bind_userdn = %u at domain.com >> ldap_version = 3 >> base = dc=rpservices,dc=com >> #user_filter = (&(objectclass=person)(mail=%u)) >> user_filter = (&(objectclass=person)(uid=%u)) >> pass_filter = (&(objectclass=person)(uid=%u)) >> user_attrs = homeDirectory=/home/vmail/%u,uid=1002,gid=1002 >> > > you wrote: > >> root at BSD-11:/usr/local/etc/dovecot # doveadm auth test username >>> >>>> extra fields: >>>> user=username >>>> >>> > is successful. Is user=username > ^^^^^^^ that same as the username in doveadm? > > What about: > > doveadm user -u username > > ? > > > When I tried to log in again using telnet 127.0.0.1 110, the error shows up >> in maillog. I first tried logging in with just the username, then I tried >> using username at domain.com. Using doveadm still works though. >> > > >> BSD-11 dovecot: auth: ldap(peter,127.0.0.1,): unknown >> user >> Nov 2 11:29:23 BSD-11 dovecot: auth: Error: >> ldap(user,127.0.0.1,): user not found from userdb >> Nov 2 11:29:23 BSD-11 dovecot: pop3: Error: Authenticated user not found >> from userdb, auth lookup id=226492417 (client-pid=874 client-id=1) >> Nov 2 11:29:23 BSD-11 dovecot: pop3-login: Internal login failure >> (pid=874 >> id=1) (internal failure, 1 successful auths): user=, method=PLAIN >> Nov 2 11:30:42 BSD-11 dovecot: auth: ldap(user at domain.com): invalid >> credentials >> Nov 2 14:08:17 BSD-11 dovecot: auth: >> ldap(user,127.0.0.1,<4uLkKVZAvY9/AAAB>): invalid credentials >> Nov 2 14:09:38 BSD-11 dovecot: auth: >> ldap(user at domain.com,127.0.0.1,<4uLkKVZAvY9/AAAB>): >> invalid credentials >> Nov 2 14:11:00 BSD-11 dovecot: pop3-login: Disconnected: Inactivity (auth >> failed, 2 attempts in 163 secs): user= >> >> On Wed, Nov 2, 2016 at 4:39 AM, Steffen Kaiser < >> skdovecot at smail.inf.fh-brs.de> wrote: >> >> -----BEGIN PGP SIGNED MESSAGE----- >>> Hash: SHA1 >>> >>> On Tue, 1 Nov 2016, Peter Fraser wrote: >>> >>> root at BSD-11:/usr/local/etc/dovecot # doveadm auth test username >>> >>>> Password: >>>> passdb: user auth succeeded >>>> extra fields: >>>> user=username >>>> root at BSD-11:/usr/local/etc/dovecot # >>>> >>>> But when I run telnet 127.0.0.1 110 and try to log in it says unknown >>>> user. >>>> Error below in maillog. >>>> BSD-11 dovecot: pop3: Error: Authenticated user not found from userdb, >>>> auth >>>> lookup id=2262958081 (client-pid=2273 client-id=1) >>>> Nov 1 15:15:41 BSD-11 dovecot: pop3-login: Internal login failure >>>> (pid=2273 id=1) (internal failure, 1 successful auths): user= >>>> >>>> >>> passdb { >>> >>>> args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext >>>> driver = ldap >>>> } >>>> >>>> >>> userdb { >>> >>>> args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext >>>> driver = ldap >>>> } >>>> >>>> >>> #Contents of dovecot-ldap.conf.ext >>> >>>> hosts = 192.168.153.143 >>>> dn = user at domain.com >>>> dnpass = password >>>> auth_bind = yes >>>> auth_bind_userdn = domain\%u >>>> ldap_version = 3 >>>> base = dc=domain,dc=com >>>> pass_filter = (&(objectclass=person)(uid=%u)) >>>> user_attrs = homeDirectory=/home/vmail/%u,uid=1002,gid=1002 >>>> >>>> >>> duplicate pass_filter to user_filter. >>> >>> - -- Steffen Kaiser >>> -----BEGIN PGP SIGNATURE----- >>> Version: GnuPG v1 >>> >>> iQEVAwUBWBm0Onz1H7kL/d9rAQJWhQf+PRD5yd29UyL1drjlTOWD/s4qUffg8OBh >>> inb8L3eCKDuSad8s9INUJSa6WxGEVdatL4PKjTcbL5IsPIob87W5jOduWFMtPlt0 >>> FXxWtfc1bAjRyNLzkGe1mUT1z0EDVO22UkQSd9J3bZQ9wR+FzgeGqdcyzl+WSyzB >>> Eaiea23ieCjhZRAZF/pl1gDjkap+tPQ8gZLdt4p1QQrY5Jllifu5jYEyjqPkwUXf >>> YMfEiCJSInyMQ8CCuL1Aj8iM/7qLLi8pyC9KSA6NntK4mpHAaInYln6SZY+ZGJCY >>> KV60nGuwwv3qQFeKchhhr+GpGDQYXJ5eBq+Ji+cKgvbypFa13NNS8A== >>> =l02F >>> -----END PGP SIGNATURE----- >>> >>> >> > - -- Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iQEVAwUBWBrpDnz1H7kL/d9rAQKwzggAnJz4LR0SXVWSFdSDrKYs40IEN/ko/4el > D7/4q4lVBo9dntf+NeGS1JxttebiN7ng4F5pm841Z0l7acj6z8HzMCr11Voqbuy7 > 4WJirG2DnwmzxZRi1M86QGqXWU00jhFplSvZfWhX8uQasmp1FqV3hhUMmcTFfXTX > DqtFali5ymUPV87XU2hZEtpe3jkBdjWmmHW8gVfSXVXBcRBa96+12FEOwONLVVcQ > VGZRb6XxWexRcwAo4NY+NfqcM3OEGC4AZgfqBsWnZOUhijnw+ffbu4YL8aZBIGlB > P78R0N0DtpRAToRJYvr00OMk27dkHU+0Ock/cFUr6H1cYXHBsfvO2A== > =lz82 > -----END PGP SIGNATURE----- > From doug at dovecot.con.com Thu Nov 3 19:28:42 2016 From: doug at dovecot.con.com (Doug Luce) Date: Thu, 3 Nov 2016 12:28:42 -0700 (PDT) Subject: Forcibly terminated after 10 milliseconds Message-ID: After an OS upgrade (to FreeBSD 11 with pkg Dovecot 2.2.26) I'm getting this sort of thing in my logs: Nov 3 12:15:16 toma dovecot: lda(doug): Error: program `/usr/local/lib/dovecot/sieve-pipe/growlmail' was forcibly terminated with signal 15 Debugging gives a little more info: Nov 3 12:05:51 toma dovecot: lda(doug): Debug: waiting for program `/usr/local/lib/dovecot/sieve-pipe/growlmail' to finish after 0 msecs Nov 3 12:05:51 toma dovecot: lda(doug): Debug: program `/usr/local/lib/dovecot/sieve-pipe/growlmail'(11794) execution timed out after 10 milliseconds: sending TERM signal growlmail is specified via a sieve rule: pipe :try :copy "growlmail"; This would seem to be a function of input_idle_timeout_msecs in lib-program-client/program-client-local.c, but it's not clear where this is set (or why it would be 10 milliseconds by default). Is there a way to up this timeout? Thanks, Doug # 2.2.26 (54d6540): /usr/local/etc/dovecot/dovecot.conf # Pigeonhole version 0.4.15 (97b3da0) # OS: FreeBSD 11.0-RELEASE-p2 amd64 auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain login auth_verbose = yes auth_verbose_passwords = plain base_dir = /var/dovecot/ debug_log_path = /var/log/dovecot-debug.log default_login_user = nobody mail_debug = yes mail_fsync = never mail_location = maildir:~/Maildir:INDEX=/var/indexes/%u mail_plugins = " fts fts_solr" maildir_very_dirty_syncs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext vnd.dovecot.pipe vnd.dovecot.execute mbox_write_locks = fcntl passdb { args = failure_show_msg=yes dovecot driver = pam } plugin { fts = solr fts_autoindex = yes fts_solr = url=http://localhost:4949/solr/dovecot/ fts_tika = http://localhost:9998/tika sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_execute_bin_dir = /usr/local/lib/dovecot/sieve-execute sieve_extensions = +vnd.dovecot.pipe +vnd.dovecot.execute sieve_pipe_bin_dir = /usr/local/lib/dovecot/sieve-pipe sieve_plugins = sieve_extprograms sieve_vacation_dont_check_recipient = yes } protocols = imap sieve lmtp service auth { service_count = 0 unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } user = root } service imap-login { idle_kill = 0 inet_listener imap { address = 127.0.0.1 port = 143 } inet_listener imaps { address = 0.0.0.0 127.0.0.1 port = 993 } service_count = 0 user = dovecot } service lmtp { service_count = 0 unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } service managesieve-login { group = dovecot inet_listener sieve { port = 4190 } user = dovecot } ssl_cert = Hello, I try to use the plugin for my dovecot in debian. It seem that the /usr/bin/sa-learn-pipe.sh is not execute. When I run /usr/bin/sa-learn-pipe.sh from commandline logfiles are created. I also read https://johannes.sipsolutions.net/files/antispam.html In syslog you can see fist move a mail from "z_SPAM" to INBOX and then move a mail from INBOX to "z_SPAM". Can you please help? Best regards Config and log's are append. dpkg -l | grep dovecot ii dovecot-antispam 2.0+20130912-2 amd64 Dovecot plugins for training spam filters ii dovecot-core 1:2.2.13-12~deb8u1 amd64 secure POP3/IMAP server - core files ii dovecot-imapd 1:2.2.13-12~deb8u1 amd64 secure POP3/IMAP server - IMAP daemon ii dovecot-pgsql 1:2.2.13-12~deb8u1 amd64 secure POP3/IMAP server - PostgreSQL support ### log root at vsrv78105:/etc/dovecot# /etc/init.d/dovecot restart [ ok ] Restarting dovecot (via systemctl): dovecot.service. root at vsrv78105:/etc/dovecot# tail -f /var/log/syslog | grep imap Nov 3 20:02:45 vsrv78105 dovecot: imap-login: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) Nov 3 20:02:48 vsrv78105 dovecot: master: Dovecot v2.2.13 starting up for imap (core dumps disabled) Nov 3 20:03:03 vsrv78105 dovecot: imap-login: Login: user=, method=PLAIN, rip=xxx, lip=xxx, mpid=14954, TLS, session= Nov 3 20:03:03 vsrv78105 imap: antispam: plugin initialising (2.0-notgit) Nov 3 20:03:03 vsrv78105 imap: antispam: verbose debug enabled Nov 3 20:03:03 vsrv78105 imap: antispam: "Spam" is exact match spam folder Nov 3 20:03:03 vsrv78105 imap: antispam: "SPAM" is exact match spam folder Nov 3 20:03:03 vsrv78105 imap: antispam: "z_SPAM" is exact match spam folder Nov 3 20:03:03 vsrv78105 imap: antispam: no unsure folders Nov 3 20:03:03 vsrv78105 imap: antispam: "Trash" is exact match trash folder Nov 3 20:03:03 vsrv78105 imap: antispam: "trash" is exact match trash folder Nov 3 20:03:03 vsrv78105 imap: antispam: pipe backend tmpdir /tmp Nov 3 20:03:13 vsrv78105 imap: antispam: mailbox_is_unsure(INBOX): 0 Nov 3 20:03:13 vsrv78105 imap: antispam: mailbox_is_trash(z_SPAM): 0 Nov 3 20:03:13 vsrv78105 imap: antispam: mailbox_is_trash(INBOX): 0 Nov 3 20:03:13 vsrv78105 imap: antispam: mail copy: from trash: 0, to trash: 0 Nov 3 20:03:13 vsrv78105 imap: antispam: mailbox_is_spam(z_SPAM): 0 Nov 3 20:03:13 vsrv78105 imap: antispam: mailbox_is_spam(INBOX): 0 Nov 3 20:03:13 vsrv78105 imap: antispam: mailbox_is_unsure(z_SPAM): 0 Nov 3 20:03:13 vsrv78105 imap: antispam: mail copy: src spam: 0, dst spam: 0, src unsure: 0 Nov 3 20:03:14 vsrv78105 dovecot: imap-login: Login: user=, method=PLAIN, rip=xxx, lip=xxx, mpid=14959, TLS, session= Nov 3 20:03:14 vsrv78105 imap: antispam: plugin initialising (2.0-notgit) Nov 3 20:03:14 vsrv78105 imap: antispam: verbose debug enabled Nov 3 20:03:14 vsrv78105 imap: antispam: "Spam" is exact match spam folder Nov 3 20:03:14 vsrv78105 imap: antispam: "SPAM" is exact match spam folder Nov 3 20:03:14 vsrv78105 imap: antispam: "z_SPAM" is exact match spam folder Nov 3 20:03:14 vsrv78105 imap: antispam: no unsure folders Nov 3 20:03:14 vsrv78105 imap: antispam: "Trash" is exact match trash folder Nov 3 20:03:14 vsrv78105 imap: antispam: "trash" is exact match trash folder Nov 3 20:03:14 vsrv78105 imap: antispam: pipe backend tmpdir /tmp Nov 3 20:04:05 vsrv78105 imap: antispam: mailbox_is_unsure(z_SPAM): 0 Nov 3 20:04:05 vsrv78105 imap: antispam: mailbox_is_trash(INBOX): 0 Nov 3 20:04:05 vsrv78105 imap: antispam: mailbox_is_trash(z_SPAM): 0 Nov 3 20:04:05 vsrv78105 imap: antispam: mail copy: from trash: 0, to trash: 0 Nov 3 20:04:05 vsrv78105 imap: antispam: mailbox_is_spam(INBOX): 0 Nov 3 20:04:05 vsrv78105 imap: antispam: mailbox_is_spam(z_SPAM): 0 Nov 3 20:04:05 vsrv78105 imap: antispam: mailbox_is_unsure(INBOX): 0 Nov 3 20:04:05 vsrv78105 imap: antispam: mail copy: src spam: 0, dst spam: 0, src unsure: 0 ^C root at vsrv78105:/etc/dovecot# ls -la /tmp/ insgesamt 8864 drwxrwxrwt 8 root root 12288 Nov 3 20:07 . drwxr-xr-x 22 root root 4096 Jun 17 14:41 .. drwxrwxrwt 2 root root 4096 Nov 1 14:16 .font-unix drwxrwxrwt 2 root root 4096 Nov 1 14:16 .ICE-unix drwxrwxrwt 2 root root 4096 Nov 1 14:16 .Test-unix drwxrwxrwt 2 root root 4096 Nov 1 14:16 .X11-unix drwxrwxrwt 2 root root 4096 Nov 1 14:16 .XIM-unix root at vsrv78105:/etc/dovecot# ls -la /etc/dovecot/sa-learn-pipe.sh -rwxr-xr-x 1 root root 769 Nov 3 19:38 /etc/dovecot/sa-learn-pipe.sh ######################### config ### 90-plugin.conf plugin { #setting_name = value antispam_backend = pipe antispam_debug_target = syslog antispam_verbose_debug = 1 # antispam_mail_sendmail_args= --username=%u antispam_mail_spam_arg = --spam antispam_mail_notspam_arg = --ham antispam_mail_program = /etc/dovecot/sa-learn-pipe.sh antispam_spam = Spam;SPAM;z_SPAM antispam_trash = Trash;trash } ### sa-learn-pipe.sh #!/bin/bash set -x pid=$$ # remove the # from next line to background learner #( { echo "$(date) ${pid}-start ($*) /tmp/sendmail-msg-$$.txt" set -x #id -a #env cat > /tmp/sendmail-msg-${pid}.txt /usr/bin/sa-learn "$@" /tmp/sendmail-msg-${pid}.txt echo "$(date) $$-end rc=$?" } >/tmp/antispam.${pid}.log 2>&1 echo "cat antispam.${pid}.log" cat /tmp/antispam.${pid}.log >>/tmp/sa-learn-pipe.log rm -f /tmp/antispam.${pid}.log /tmp/sendmail-msg-${pid}.txt true # remove the # from next line to background learner #) & exit 0 From aki.tuomi at dovecot.fi Thu Nov 3 20:13:03 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Thu, 3 Nov 2016 22:13:03 +0200 (EET) Subject: Forcibly terminated after 10 milliseconds In-Reply-To: References: Message-ID: <664878545.743.1478203985009@appsuite-dev.open-xchange.com> Pigeonhole 0.4.15 is not compatible with 2.2.26 when using extprograms. Please upgrade to 0.4.16. Aki > On November 3, 2016 at 9:28 PM Doug Luce wrote: > > > After an OS upgrade (to FreeBSD 11 with pkg Dovecot 2.2.26) I'm getting this sort of thing in my logs: > > Nov 3 12:15:16 toma dovecot: lda(doug): Error: program `/usr/local/lib/dovecot/sieve-pipe/growlmail' was forcibly terminated with signal 15 > > Debugging gives a little more info: > > Nov 3 12:05:51 toma dovecot: lda(doug): Debug: waiting for program `/usr/local/lib/dovecot/sieve-pipe/growlmail' to finish after 0 msecs > Nov 3 12:05:51 toma dovecot: lda(doug): Debug: program `/usr/local/lib/dovecot/sieve-pipe/growlmail'(11794) execution timed out after 10 milliseconds: sending TERM signal > > growlmail is specified via a sieve rule: pipe :try :copy "growlmail"; > > This would seem to be a function of input_idle_timeout_msecs in lib-program-client/program-client-local.c, but it's not clear where this is set (or why it would be 10 milliseconds by default). > > Is there a way to up this timeout? > > Thanks, > > Doug > > > # 2.2.26 (54d6540): /usr/local/etc/dovecot/dovecot.conf > # Pigeonhole version 0.4.15 (97b3da0) > # OS: FreeBSD 11.0-RELEASE-p2 amd64 > auth_debug = yes > auth_debug_passwords = yes > auth_mechanisms = plain login > auth_verbose = yes > auth_verbose_passwords = plain > base_dir = /var/dovecot/ > debug_log_path = /var/log/dovecot-debug.log > default_login_user = nobody > mail_debug = yes > mail_fsync = never > mail_location = maildir:~/Maildir:INDEX=/var/indexes/%u > mail_plugins = " fts fts_solr" > maildir_very_dirty_syncs = yes > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext vnd.dovecot.pipe vnd.dovecot.execute > mbox_write_locks = fcntl > passdb { > args = failure_show_msg=yes dovecot > driver = pam > } > plugin { > fts = solr > fts_autoindex = yes > fts_solr = url=http://localhost:4949/solr/dovecot/ > fts_tika = http://localhost:9998/tika > sieve = ~/.dovecot.sieve > sieve_dir = ~/sieve > sieve_execute_bin_dir = /usr/local/lib/dovecot/sieve-execute > sieve_extensions = +vnd.dovecot.pipe +vnd.dovecot.execute > sieve_pipe_bin_dir = /usr/local/lib/dovecot/sieve-pipe > sieve_plugins = sieve_extprograms > sieve_vacation_dont_check_recipient = yes > } > protocols = imap sieve lmtp > service auth { > service_count = 0 > unix_listener /var/spool/postfix/private/auth { > group = postfix > mode = 0660 > user = postfix > } > user = root > } > service imap-login { > idle_kill = 0 > inet_listener imap { > address = 127.0.0.1 > port = 143 > } > inet_listener imaps { > address = 0.0.0.0 127.0.0.1 > port = 993 > } > service_count = 0 > user = dovecot > } > service lmtp { > service_count = 0 > unix_listener /var/spool/postfix/private/dovecot-lmtp { > group = postfix > mode = 0600 > user = postfix > } > } > service managesieve-login { > group = dovecot > inet_listener sieve { > port = 4190 > } > user = dovecot > } > ssl_cert = ssl_key = # hidden, use -P to show it > userdb { > driver = passwd > } > protocol imap { > imap_client_workarounds = delay-newmail tb-extra-mailbox-sep > mail_max_userip_connections = 20 > } > protocol lda { > mail_plugins = " fts fts_solr sieve" > } > protocol lmtp { > mail_plugins = " fts fts_solr sieve" > } From ben at indietorrent.org Fri Nov 4 02:07:41 2016 From: ben at indietorrent.org (Ben Johnson) Date: Thu, 3 Nov 2016 22:07:41 -0400 Subject: How does one mark all messages as read (imap4flag "seen") with sieve? Message-ID: <42dc9a57-9f93-370b-a599-2c870ff26b4e@indietorrent.org> Hello! I had hoped that marking all messages that arrive to a specific mailbox as read/seen would be as simple as applying the following sieve script to all incoming mail for that mailbox user: ######################## require ["imap4flags"]; addflag "\\Seen"; ######################## With this script in-place, mail does not appear to be marked as read/seen. It arrives as it normally would, and my email client sees it as new mail. Is something more required? Or is it a bug/limitation in my email client? I've found many examples of "addflag "\\Seen";" on the web, but all of them are wrapped in conditional logic of some variety. This is a spam-training mailbox and I simply want everything marked as seen/read upon arrival so I'm not bothered/notified every time. Thanks for any pointers here! -Ben From skdovecot at smail.inf.fh-brs.de Fri Nov 4 07:18:10 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 4 Nov 2016 08:18:10 +0100 (CET) Subject: Dovecot 2 LDAP "unknown user" In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 3 Nov 2016, Peter Fraser wrote: > The command doveadm user -u username successfully returns the username and > any information it can for the user in AD. As a matter of fact, I entered > some home directory information in AD and this command returned the User's > Home Directory as well. Is it a problem though that the telnet test won't > work? Hmm, I don't understand the question, telnet xyz 143 1 login username password must work in order to login via IMAP. But you didn't answered the other question, see below > On Thu, Nov 3, 2016 at 2:36 AM, Steffen Kaiser < > skdovecot at smail.inf.fh-brs.de> wrote: > >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> On Wed, 2 Nov 2016, Peter Fraser wrote: >> >> #Custom Settings >>> hosts = 192.168.153.143 >>> dn = user at domain.com >>> dnpass = password >>> auth_bind = yes >>> auth_bind_userdn = %u at domain.com >>> ldap_version = 3 >>> base = dc=rpservices,dc=com >>> #user_filter = (&(objectclass=person)(mail=%u)) >>> user_filter = (&(objectclass=person)(uid=%u)) >>> pass_filter = (&(objectclass=person)(uid=%u)) >>> user_attrs = homeDirectory=/home/vmail/%u,uid=1002,gid=1002 >>> >> >> you wrote: >> >>> root at BSD-11:/usr/local/etc/dovecot # doveadm auth test username >>>> >>>>> extra fields: >>>>> user=username >>>>> >>>> >> is successful. Is user=username >> ^^^^^^^ that same as the username in doveadm? Here. You've posted mangled information only, so if the extra fields return another username, other tests are different. >> What about: >> >> doveadm user -u username >> >> ? >> >> >> When I tried to log in again using telnet 127.0.0.1 110, the error shows up >>> in maillog. I first tried logging in with just the username, then I tried >>> using username at domain.com. Using doveadm still works though. >>> >> >> >>> BSD-11 dovecot: auth: ldap(peter,127.0.0.1,): unknown >>> user >>> Nov 2 11:29:23 BSD-11 dovecot: auth: Error: >>> ldap(user,127.0.0.1,): user not found from userdb what about here, is peter, appearing in the first line, the unmangled "user" here? >>> Nov 2 11:29:23 BSD-11 dovecot: pop3: Error: Authenticated user not found >>> from userdb, auth lookup id=226492417 (client-pid=874 client-id=1) >>> Nov 2 11:29:23 BSD-11 dovecot: pop3-login: Internal login failure >>> (pid=874 >>> id=1) (internal failure, 1 successful auths): user=, method=PLAIN >>> Nov 2 11:30:42 BSD-11 dovecot: auth: ldap(user at domain.com): invalid >>> credentials >>> Nov 2 14:08:17 BSD-11 dovecot: auth: >>> ldap(user,127.0.0.1,<4uLkKVZAvY9/AAAB>): invalid credentials >>> Nov 2 14:09:38 BSD-11 dovecot: auth: >>> ldap(user at domain.com,127.0.0.1,<4uLkKVZAvY9/AAAB>): >>> invalid credentials >>> Nov 2 14:11:00 BSD-11 dovecot: pop3-login: Disconnected: Inactivity (auth >>> failed, 2 attempts in 163 secs): user= >>> >>> On Wed, Nov 2, 2016 at 4:39 AM, Steffen Kaiser < >>> skdovecot at smail.inf.fh-brs.de> wrote: >>> >>> -----BEGIN PGP SIGNED MESSAGE----- >>>> Hash: SHA1 >>>> >>>> On Tue, 1 Nov 2016, Peter Fraser wrote: >>>> >>>> root at BSD-11:/usr/local/etc/dovecot # doveadm auth test username >>>> >>>>> Password: >>>>> passdb: user auth succeeded >>>>> extra fields: >>>>> user=username >>>>> root at BSD-11:/usr/local/etc/dovecot # >>>>> >>>>> But when I run telnet 127.0.0.1 110 and try to log in it says unknown >>>>> user. >>>>> Error below in maillog. >>>>> BSD-11 dovecot: pop3: Error: Authenticated user not found from userdb, >>>>> auth >>>>> lookup id=2262958081 (client-pid=2273 client-id=1) >>>>> Nov 1 15:15:41 BSD-11 dovecot: pop3-login: Internal login failure >>>>> (pid=2273 id=1) (internal failure, 1 successful auths): user= >>>>> >>>>> >>>> passdb { >>>> >>>>> args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext >>>>> driver = ldap >>>>> } >>>>> >>>>> >>>> userdb { >>>> >>>>> args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext >>>>> driver = ldap >>>>> } >>>>> >>>>> >>>> #Contents of dovecot-ldap.conf.ext >>>> >>>>> hosts = 192.168.153.143 >>>>> dn = user at domain.com >>>>> dnpass = password >>>>> auth_bind = yes >>>>> auth_bind_userdn = domain\%u >>>>> ldap_version = 3 >>>>> base = dc=domain,dc=com >>>>> pass_filter = (&(objectclass=person)(uid=%u)) >>>>> user_attrs = homeDirectory=/home/vmail/%u,uid=1002,gid=1002 >>>>> >>>>> >>>> duplicate pass_filter to user_filter. >>>> >>>> - -- Steffen Kaiser >>>> -----BEGIN PGP SIGNATURE----- >>>> Version: GnuPG v1 >>>> >>>> iQEVAwUBWBm0Onz1H7kL/d9rAQJWhQf+PRD5yd29UyL1drjlTOWD/s4qUffg8OBh >>>> inb8L3eCKDuSad8s9INUJSa6WxGEVdatL4PKjTcbL5IsPIob87W5jOduWFMtPlt0 >>>> FXxWtfc1bAjRyNLzkGe1mUT1z0EDVO22UkQSd9J3bZQ9wR+FzgeGqdcyzl+WSyzB >>>> Eaiea23ieCjhZRAZF/pl1gDjkap+tPQ8gZLdt4p1QQrY5Jllifu5jYEyjqPkwUXf >>>> YMfEiCJSInyMQ8CCuL1Aj8iM/7qLLi8pyC9KSA6NntK4mpHAaInYln6SZY+ZGJCY >>>> KV60nGuwwv3qQFeKchhhr+GpGDQYXJ5eBq+Ji+cKgvbypFa13NNS8A== >>>> =l02F >>>> -----END PGP SIGNATURE----- >>>> >>>> >>> >> - -- Steffen Kaiser >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1 >> >> iQEVAwUBWBrpDnz1H7kL/d9rAQKwzggAnJz4LR0SXVWSFdSDrKYs40IEN/ko/4el >> D7/4q4lVBo9dntf+NeGS1JxttebiN7ng4F5pm841Z0l7acj6z8HzMCr11Voqbuy7 >> 4WJirG2DnwmzxZRi1M86QGqXWU00jhFplSvZfWhX8uQasmp1FqV3hhUMmcTFfXTX >> DqtFali5ymUPV87XU2hZEtpe3jkBdjWmmHW8gVfSXVXBcRBa96+12FEOwONLVVcQ >> VGZRb6XxWexRcwAo4NY+NfqcM3OEGC4AZgfqBsWnZOUhijnw+ffbu4YL8aZBIGlB >> P78R0N0DtpRAToRJYvr00OMk27dkHU+0Ock/cFUr6H1cYXHBsfvO2A== >> =lz82 >> -----END PGP SIGNATURE----- >> > - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBWBw2Mnz1H7kL/d9rAQKpQwf/YQnMaR+j3qyQBxrMi239bgmWksieVkCb seScL3JN7pWE4PYQ9qduQW2vEmzHKplCpkmNd0Q8xLee4KR8J4aaZy45Mhbjbk4a RMSGAS1+Z11WZM/ipCiKqyaCo12zSK0/8Q+ozZ7KUR1hajDjTEZ5hoR3icUrWV8Q BQXzdGhs7DLfjDWxtnmvW2LVR640h3n855TDmDMpeFpj8BNuVh5vu4JJWxSysaYN FYj0RGuIFvUb134f1YACEF97zXGdV09hSqJw8qcVNQgtvO85/gBZwlPJfF3WNHvw CV3KcZVxk8E2wKoz6b7j6cT5nohJD1bvVgT+autGGcsgVMWWoo3WWQ== =6ZWZ -----END PGP SIGNATURE----- From cheese at nosuchhost.net Fri Nov 4 07:53:57 2016 From: cheese at nosuchhost.net (cheese at nosuchhost.net) Date: Fri, 4 Nov 2016 08:53:57 +0100 (CET) Subject: deleting indices Message-ID: hi i have dovecot 2.0.9 - the version from rhel6 - and the following setup: two imap-servers with distinct /var/indices. those directory is local only, no sharing. the users mailboxes life on a shared nfs-storage. the two servers are setup active/passive: only one server is active and in case of a problem or maintenance the second server jumps in. no director in place. we would like to upgrade to rhel7 and add a director. there would be dovecot 2.2.10, but will take some time. one application (horde + activesync which use imap to access emails) seems to have troubles during the second server being active. horde relies according to their deveolpers heavily on modseq/qresync and if we switch to the seconds side there is another set of index-files. my knowledge was that deletion/corruption of index-files would be never a problem, as dovecot recreates them automatically. is this true for QRESNC, too? * is it a problem to have a old set of index-files on the second server, as this system is only in use every 3-4 weeks? * would it be better to start with empty indices? but there we have trouble with horde. and as it seems only with horde. "normal" imap-clients seem to be fine. yours josef From mail at tomsommer.dk Fri Nov 4 08:44:30 2016 From: mail at tomsommer.dk (Tom Sommer) Date: Fri, 04 Nov 2016 09:44:30 +0100 Subject: Errors with count:User quota and NFS In-Reply-To: References: <3c824d592f58b8922de0e810c168f508@tomsommer.dk> Message-ID: On 2016-11-01 09:47, Tom Sommer wrote: > On 2016-10-31 22:04, Timo Sirainen wrote: > >>> Oct 31 10:52:37 imap(xxx at xxxx.xx): Warning: Locking transaction log >>> file /mnt/nfs/xxx.xx/xxx/indexes/dovecot.list.index.log took 31 >>> seconds (syncing) >>> Oct 31 10:52:37 imap(xxx at xxx.xx): Warning: Locking transaction log >>> file /mnt/nfs/xxx.xx/xxx/indexes/dovecot.list.index.log took 31 >>> seconds (syncing) >> >> This just means something is being slow. Not necessarily a problem. >> Although it could also indicate a deadlock. Is this Maildir? Did you >> say you were using lock_method=dotlock? > > I removed dotlock some time ago (using director) and switched to: > > lock_method = fcntl > mail_fsync = always > > With "count" as quota backend I get a lot of these errors on the > director: > > imap-login: Error: proxy(xxx at xxxx.xxx): Login for xxx.xxx.xxx.xxx:143 > timed out in state=2 (after 30 secs, local=xxxxx:58478): > user=, method=CRAM-MD5, rip=xxxx, lip=xxxxx, TLS, > session= > > on the server: > > imap(xxxx at xxxx.xxx): Warning: Locking transaction log file > /mnt/nfs/xxxx.dk/xxxxx/indexes/.INBOX/dovecot.index.log took 32 > seconds (appending) Actually this is worse than I thought. I don't know if it's because of the lock, or it's a general bug in 'count', but whenever I switch quota backend to 'count', customers complain that they aren't receiving any mails. Mails are stored correctly on the server, but it seems Dovecot doesn't show them, perhaps due to corrupt/hanging/locked indexes. So either 'count' is very I/O sensitive by design, and so useless on NFS, or there is some bug in there that breaks indexing. Using maildir and lmtp. The only errors I see in the logs, are the ones pasted here. From tom at whyscream.net Fri Nov 4 14:52:19 2016 From: tom at whyscream.net (Tom Hendrikx) Date: Fri, 4 Nov 2016 15:52:19 +0100 Subject: dovecot-antispam plugin not work In-Reply-To: References: Message-ID: <95d6c458-2f24-6143-08df-f7ba57d2283e@whyscream.net> Hi, The package in debian/ubuntu is based on http://wiki2.dovecot.org/Plugins/Antispam, which is a fork/rewrite of the plugin by johannes at sipsolutions. Try to set it again using the correct documentation :) Regards, Tom On 03-11-16 21:12, basti wrote: > Hello, > I try to use the plugin for my dovecot in debian. > It seem that the /usr/bin/sa-learn-pipe.sh is not execute. > When I run /usr/bin/sa-learn-pipe.sh from commandline logfiles are created. > I also read https://johannes.sipsolutions.net/files/antispam.html > > In syslog you can see fist move a mail from "z_SPAM" to INBOX and then > move a mail from INBOX to "z_SPAM". > > Can you please help? > Best regards > > Config and log's are append. > > dpkg -l | grep dovecot > ii dovecot-antispam 2.0+20130912-2 > amd64 Dovecot plugins for training spam filters > ii dovecot-core 1:2.2.13-12~deb8u1 > amd64 secure POP3/IMAP server - core files > ii dovecot-imapd 1:2.2.13-12~deb8u1 > amd64 secure POP3/IMAP server - IMAP daemon > ii dovecot-pgsql 1:2.2.13-12~deb8u1 > amd64 secure POP3/IMAP server - PostgreSQL support > > ### log > root at vsrv78105:/etc/dovecot# /etc/init.d/dovecot restart > [ ok ] Restarting dovecot (via systemctl): dovecot.service. > root at vsrv78105:/etc/dovecot# tail -f /var/log/syslog | grep imap > Nov 3 20:02:45 vsrv78105 dovecot: imap-login: Warning: Killed with > signal 15 (by pid=1 uid=0 code=kill) > Nov 3 20:02:48 vsrv78105 dovecot: master: Dovecot v2.2.13 starting up > for imap (core dumps disabled) > Nov 3 20:03:03 vsrv78105 dovecot: imap-login: Login: user=, > method=PLAIN, rip=xxx, lip=xxx, mpid=14954, TLS, session= > Nov 3 20:03:03 vsrv78105 imap: antispam: plugin initialising (2.0-notgit) > Nov 3 20:03:03 vsrv78105 imap: antispam: verbose debug enabled > Nov 3 20:03:03 vsrv78105 imap: antispam: "Spam" is exact match spam folder > Nov 3 20:03:03 vsrv78105 imap: antispam: "SPAM" is exact match spam folder > Nov 3 20:03:03 vsrv78105 imap: antispam: "z_SPAM" is exact match spam > folder > Nov 3 20:03:03 vsrv78105 imap: antispam: no unsure folders > Nov 3 20:03:03 vsrv78105 imap: antispam: "Trash" is exact match trash > folder > Nov 3 20:03:03 vsrv78105 imap: antispam: "trash" is exact match trash > folder > Nov 3 20:03:03 vsrv78105 imap: antispam: pipe backend tmpdir /tmp > Nov 3 20:03:13 vsrv78105 imap: antispam: mailbox_is_unsure(INBOX): 0 > Nov 3 20:03:13 vsrv78105 imap: antispam: mailbox_is_trash(z_SPAM): 0 > Nov 3 20:03:13 vsrv78105 imap: antispam: mailbox_is_trash(INBOX): 0 > Nov 3 20:03:13 vsrv78105 imap: antispam: mail copy: from trash: 0, to > trash: 0 > Nov 3 20:03:13 vsrv78105 imap: antispam: mailbox_is_spam(z_SPAM): 0 > Nov 3 20:03:13 vsrv78105 imap: antispam: mailbox_is_spam(INBOX): 0 > Nov 3 20:03:13 vsrv78105 imap: antispam: mailbox_is_unsure(z_SPAM): 0 > Nov 3 20:03:13 vsrv78105 imap: antispam: mail copy: src spam: 0, dst > spam: 0, src unsure: 0 > Nov 3 20:03:14 vsrv78105 dovecot: imap-login: Login: user=, > method=PLAIN, rip=xxx, lip=xxx, mpid=14959, TLS, session= > Nov 3 20:03:14 vsrv78105 imap: antispam: plugin initialising (2.0-notgit) > Nov 3 20:03:14 vsrv78105 imap: antispam: verbose debug enabled > Nov 3 20:03:14 vsrv78105 imap: antispam: "Spam" is exact match spam folder > Nov 3 20:03:14 vsrv78105 imap: antispam: "SPAM" is exact match spam folder > Nov 3 20:03:14 vsrv78105 imap: antispam: "z_SPAM" is exact match spam > folder > Nov 3 20:03:14 vsrv78105 imap: antispam: no unsure folders > Nov 3 20:03:14 vsrv78105 imap: antispam: "Trash" is exact match trash > folder > Nov 3 20:03:14 vsrv78105 imap: antispam: "trash" is exact match trash > folder > Nov 3 20:03:14 vsrv78105 imap: antispam: pipe backend tmpdir /tmp > Nov 3 20:04:05 vsrv78105 imap: antispam: mailbox_is_unsure(z_SPAM): 0 > Nov 3 20:04:05 vsrv78105 imap: antispam: mailbox_is_trash(INBOX): 0 > Nov 3 20:04:05 vsrv78105 imap: antispam: mailbox_is_trash(z_SPAM): 0 > Nov 3 20:04:05 vsrv78105 imap: antispam: mail copy: from trash: 0, to > trash: 0 > Nov 3 20:04:05 vsrv78105 imap: antispam: mailbox_is_spam(INBOX): 0 > Nov 3 20:04:05 vsrv78105 imap: antispam: mailbox_is_spam(z_SPAM): 0 > Nov 3 20:04:05 vsrv78105 imap: antispam: mailbox_is_unsure(INBOX): 0 > Nov 3 20:04:05 vsrv78105 imap: antispam: mail copy: src spam: 0, dst > spam: 0, src unsure: 0 > ^C > > root at vsrv78105:/etc/dovecot# ls -la /tmp/ > insgesamt 8864 > drwxrwxrwt 8 root root 12288 Nov 3 20:07 . > drwxr-xr-x 22 root root 4096 Jun 17 14:41 .. > drwxrwxrwt 2 root root 4096 Nov 1 14:16 .font-unix > drwxrwxrwt 2 root root 4096 Nov 1 14:16 .ICE-unix > drwxrwxrwt 2 root root 4096 Nov 1 14:16 .Test-unix > drwxrwxrwt 2 root root 4096 Nov 1 14:16 .X11-unix > drwxrwxrwt 2 root root 4096 Nov 1 14:16 .XIM-unix > > root at vsrv78105:/etc/dovecot# ls -la /etc/dovecot/sa-learn-pipe.sh > -rwxr-xr-x 1 root root 769 Nov 3 19:38 /etc/dovecot/sa-learn-pipe.sh > > ######################### > > config > > ### > 90-plugin.conf > > plugin { > #setting_name = value > > antispam_backend = pipe > antispam_debug_target = syslog > antispam_verbose_debug = 1 > # antispam_mail_sendmail_args= --username=%u > antispam_mail_spam_arg = --spam > antispam_mail_notspam_arg = --ham > antispam_mail_program = /etc/dovecot/sa-learn-pipe.sh > antispam_spam = Spam;SPAM;z_SPAM > antispam_trash = Trash;trash > } > > ### > > sa-learn-pipe.sh > > #!/bin/bash > set -x > pid=$$ > # remove the # from next line to background learner > #( > { > echo "$(date) ${pid}-start ($*) /tmp/sendmail-msg-$$.txt" > set -x > #id -a > #env > > cat > /tmp/sendmail-msg-${pid}.txt > /usr/bin/sa-learn "$@" /tmp/sendmail-msg-${pid}.txt > echo "$(date) $$-end rc=$?" > } >/tmp/antispam.${pid}.log 2>&1 > > echo "cat antispam.${pid}.log" > cat /tmp/antispam.${pid}.log >>/tmp/sa-learn-pipe.log > rm -f /tmp/antispam.${pid}.log /tmp/sendmail-msg-${pid}.txt > true > # remove the # from next line to background learner > #) & > exit 0 > From doctor at doctor.nl2k.ab.ca Fri Nov 4 17:29:16 2016 From: doctor at doctor.nl2k.ab.ca (The Doctor) Date: Fri, 4 Nov 2016 11:29:16 -0600 Subject: Repeat e-mail syndrome shows up in 2.2.26+ In-Reply-To: References: <20161101162637.GA26017@doctor.nl2k.ab.ca> Message-ID: <20161104172916.GA42647@doctor.nl2k.ab.ca> On Wed, Nov 02, 2016 at 07:15:17PM +0200, Timo Sirainen wrote: > On 01 Nov 2016, at 18:26, The Doctor wrote: > > > > Getting complaints from people about pop/imap > > > > issues. > > > > some people are getting repaeted e-mail. > > > > Other are not able to delete their e-mails from an IMAP lcient. > > Anything in error logs? POP3 duplicates sound like IMAP UIDs were changed (or are still changing?) Tat is what I see in the log. I did send a huge attachment. Dovecot was adding the UID by 1 for some odd reason. Can you track down why this is occuring? And even IMAP folder cannot update. I right have to revert to 2.2.25 for now until these issues are addressed. -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Time for the USA to hold a referendum on its republic and vote to dissolve!! From mailinglist at unix-solution.de Fri Nov 4 18:17:48 2016 From: mailinglist at unix-solution.de (basti) Date: Fri, 4 Nov 2016 19:17:48 +0100 Subject: dovecot-antispam plugin not work In-Reply-To: <95d6c458-2f24-6143-08df-f7ba57d2283e@whyscream.net> References: <95d6c458-2f24-6143-08df-f7ba57d2283e@whyscream.net> Message-ID: <57e7a548-0354-9298-28db-0d706fe9a094@unix-solution.de> Hello, I already use this documentation. and after I get this errors I read the man page at https://johannes.sipsolutions.net/files/antispam.html Regards, Basti On 04.11.2016 15:52, Tom Hendrikx wrote: > Hi, > > The package in debian/ubuntu is based on > http://wiki2.dovecot.org/Plugins/Antispam, which is a fork/rewrite of > the plugin by johannes at sipsolutions. Try to set it again using the > correct documentation :) > > Regards, > Tom > > On 03-11-16 21:12, basti wrote: >> Hello, >> I try to use the plugin for my dovecot in debian. >> It seem that the /usr/bin/sa-learn-pipe.sh is not execute. >> When I run /usr/bin/sa-learn-pipe.sh from commandline logfiles are created. >> I also read https://johannes.sipsolutions.net/files/antispam.html >> >> In syslog you can see fist move a mail from "z_SPAM" to INBOX and then >> move a mail from INBOX to "z_SPAM". >> >> Can you please help? >> Best regards >> >> Config and log's are append. >> >> dpkg -l | grep dovecot >> ii dovecot-antispam 2.0+20130912-2 >> amd64 Dovecot plugins for training spam filters >> ii dovecot-core 1:2.2.13-12~deb8u1 >> amd64 secure POP3/IMAP server - core files >> ii dovecot-imapd 1:2.2.13-12~deb8u1 >> amd64 secure POP3/IMAP server - IMAP daemon >> ii dovecot-pgsql 1:2.2.13-12~deb8u1 >> amd64 secure POP3/IMAP server - PostgreSQL support >> >> ### log >> root at vsrv78105:/etc/dovecot# /etc/init.d/dovecot restart >> [ ok ] Restarting dovecot (via systemctl): dovecot.service. >> root at vsrv78105:/etc/dovecot# tail -f /var/log/syslog | grep imap >> Nov 3 20:02:45 vsrv78105 dovecot: imap-login: Warning: Killed with >> signal 15 (by pid=1 uid=0 code=kill) >> Nov 3 20:02:48 vsrv78105 dovecot: master: Dovecot v2.2.13 starting up >> for imap (core dumps disabled) >> Nov 3 20:03:03 vsrv78105 dovecot: imap-login: Login: user=, >> method=PLAIN, rip=xxx, lip=xxx, mpid=14954, TLS, session= >> Nov 3 20:03:03 vsrv78105 imap: antispam: plugin initialising (2.0-notgit) >> Nov 3 20:03:03 vsrv78105 imap: antispam: verbose debug enabled >> Nov 3 20:03:03 vsrv78105 imap: antispam: "Spam" is exact match spam folder >> Nov 3 20:03:03 vsrv78105 imap: antispam: "SPAM" is exact match spam folder >> Nov 3 20:03:03 vsrv78105 imap: antispam: "z_SPAM" is exact match spam >> folder >> Nov 3 20:03:03 vsrv78105 imap: antispam: no unsure folders >> Nov 3 20:03:03 vsrv78105 imap: antispam: "Trash" is exact match trash >> folder >> Nov 3 20:03:03 vsrv78105 imap: antispam: "trash" is exact match trash >> folder >> Nov 3 20:03:03 vsrv78105 imap: antispam: pipe backend tmpdir /tmp >> Nov 3 20:03:13 vsrv78105 imap: antispam: mailbox_is_unsure(INBOX): 0 >> Nov 3 20:03:13 vsrv78105 imap: antispam: mailbox_is_trash(z_SPAM): 0 >> Nov 3 20:03:13 vsrv78105 imap: antispam: mailbox_is_trash(INBOX): 0 >> Nov 3 20:03:13 vsrv78105 imap: antispam: mail copy: from trash: 0, to >> trash: 0 >> Nov 3 20:03:13 vsrv78105 imap: antispam: mailbox_is_spam(z_SPAM): 0 >> Nov 3 20:03:13 vsrv78105 imap: antispam: mailbox_is_spam(INBOX): 0 >> Nov 3 20:03:13 vsrv78105 imap: antispam: mailbox_is_unsure(z_SPAM): 0 >> Nov 3 20:03:13 vsrv78105 imap: antispam: mail copy: src spam: 0, dst >> spam: 0, src unsure: 0 >> Nov 3 20:03:14 vsrv78105 dovecot: imap-login: Login: user=, >> method=PLAIN, rip=xxx, lip=xxx, mpid=14959, TLS, session= >> Nov 3 20:03:14 vsrv78105 imap: antispam: plugin initialising (2.0-notgit) >> Nov 3 20:03:14 vsrv78105 imap: antispam: verbose debug enabled >> Nov 3 20:03:14 vsrv78105 imap: antispam: "Spam" is exact match spam folder >> Nov 3 20:03:14 vsrv78105 imap: antispam: "SPAM" is exact match spam folder >> Nov 3 20:03:14 vsrv78105 imap: antispam: "z_SPAM" is exact match spam >> folder >> Nov 3 20:03:14 vsrv78105 imap: antispam: no unsure folders >> Nov 3 20:03:14 vsrv78105 imap: antispam: "Trash" is exact match trash >> folder >> Nov 3 20:03:14 vsrv78105 imap: antispam: "trash" is exact match trash >> folder >> Nov 3 20:03:14 vsrv78105 imap: antispam: pipe backend tmpdir /tmp >> Nov 3 20:04:05 vsrv78105 imap: antispam: mailbox_is_unsure(z_SPAM): 0 >> Nov 3 20:04:05 vsrv78105 imap: antispam: mailbox_is_trash(INBOX): 0 >> Nov 3 20:04:05 vsrv78105 imap: antispam: mailbox_is_trash(z_SPAM): 0 >> Nov 3 20:04:05 vsrv78105 imap: antispam: mail copy: from trash: 0, to >> trash: 0 >> Nov 3 20:04:05 vsrv78105 imap: antispam: mailbox_is_spam(INBOX): 0 >> Nov 3 20:04:05 vsrv78105 imap: antispam: mailbox_is_spam(z_SPAM): 0 >> Nov 3 20:04:05 vsrv78105 imap: antispam: mailbox_is_unsure(INBOX): 0 >> Nov 3 20:04:05 vsrv78105 imap: antispam: mail copy: src spam: 0, dst >> spam: 0, src unsure: 0 >> ^C >> >> root at vsrv78105:/etc/dovecot# ls -la /tmp/ >> insgesamt 8864 >> drwxrwxrwt 8 root root 12288 Nov 3 20:07 . >> drwxr-xr-x 22 root root 4096 Jun 17 14:41 .. >> drwxrwxrwt 2 root root 4096 Nov 1 14:16 .font-unix >> drwxrwxrwt 2 root root 4096 Nov 1 14:16 .ICE-unix >> drwxrwxrwt 2 root root 4096 Nov 1 14:16 .Test-unix >> drwxrwxrwt 2 root root 4096 Nov 1 14:16 .X11-unix >> drwxrwxrwt 2 root root 4096 Nov 1 14:16 .XIM-unix >> >> root at vsrv78105:/etc/dovecot# ls -la /etc/dovecot/sa-learn-pipe.sh >> -rwxr-xr-x 1 root root 769 Nov 3 19:38 /etc/dovecot/sa-learn-pipe.sh >> >> ######################### >> >> config >> >> ### >> 90-plugin.conf >> >> plugin { >> #setting_name = value >> >> antispam_backend = pipe >> antispam_debug_target = syslog >> antispam_verbose_debug = 1 >> # antispam_mail_sendmail_args= --username=%u >> antispam_mail_spam_arg = --spam >> antispam_mail_notspam_arg = --ham >> antispam_mail_program = /etc/dovecot/sa-learn-pipe.sh >> antispam_spam = Spam;SPAM;z_SPAM >> antispam_trash = Trash;trash >> } >> >> ### >> >> sa-learn-pipe.sh >> >> #!/bin/bash >> set -x >> pid=$$ >> # remove the # from next line to background learner >> #( >> { >> echo "$(date) ${pid}-start ($*) /tmp/sendmail-msg-$$.txt" >> set -x >> #id -a >> #env >> >> cat > /tmp/sendmail-msg-${pid}.txt >> /usr/bin/sa-learn "$@" /tmp/sendmail-msg-${pid}.txt >> echo "$(date) $$-end rc=$?" >> } >/tmp/antispam.${pid}.log 2>&1 >> >> echo "cat antispam.${pid}.log" >> cat /tmp/antispam.${pid}.log >>/tmp/sa-learn-pipe.log >> rm -f /tmp/antispam.${pid}.log /tmp/sendmail-msg-${pid}.txt >> true >> # remove the # from next line to background learner >> #) & >> exit 0 >> From petros.fraser at gmail.com Fri Nov 4 19:21:43 2016 From: petros.fraser at gmail.com (Peter Fraser) Date: Fri, 4 Nov 2016 14:21:43 -0500 Subject: Dovecot 2 LDAP "unknown user" In-Reply-To: References: Message-ID: Sorry yes, peter is the unmangled user name. On Fri, Nov 4, 2016 at 2:18 AM, Steffen Kaiser < skdovecot at smail.inf.fh-brs.de> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Thu, 3 Nov 2016, Peter Fraser wrote: > > The command doveadm user -u username successfully returns the username and >> any information it can for the user in AD. As a matter of fact, I entered >> some home directory information in AD and this command returned the User's >> Home Directory as well. Is it a problem though that the telnet test won't >> work? >> > > Hmm, I don't understand the question, > > telnet xyz 143 > 1 login username password > > must work in order to login via IMAP. > > But you didn't answered the other question, see below > > On Thu, Nov 3, 2016 at 2:36 AM, Steffen Kaiser < >> skdovecot at smail.inf.fh-brs.de> wrote: >> >> -----BEGIN PGP SIGNED MESSAGE----- >>> Hash: SHA1 >>> >>> On Wed, 2 Nov 2016, Peter Fraser wrote: >>> >>> #Custom Settings >>> >>>> hosts = 192.168.153.143 >>>> dn = user at domain.com >>>> dnpass = password >>>> auth_bind = yes >>>> auth_bind_userdn = %u at domain.com >>>> ldap_version = 3 >>>> base = dc=rpservices,dc=com >>>> #user_filter = (&(objectclass=person)(mail=%u)) >>>> user_filter = (&(objectclass=person)(uid=%u)) >>>> pass_filter = (&(objectclass=person)(uid=%u)) >>>> user_attrs = homeDirectory=/home/vmail/%u,uid=1002,gid=1002 >>>> >>>> >>> you wrote: >>> >>> root at BSD-11:/usr/local/etc/dovecot # doveadm auth test username >>>> >>>>> >>>>> extra fields: >>>>>> user=username >>>>>> >>>>>> >>>>> is successful. Is user=username >>> ^^^^^^^ that same as the username in doveadm? >>> >> > > Here. You've posted mangled information only, so if the extra fields > return another username, other tests are different. > > What about: >>> >>> doveadm user -u username >>> >>> ? >>> >>> >>> When I tried to log in again using telnet 127.0.0.1 110, the error shows >>> up >>> >>>> in maillog. I first tried logging in with just the username, then I >>>> tried >>>> using username at domain.com. Using doveadm still works though. >>>> >>>> >>> >>> BSD-11 dovecot: auth: ldap(peter,127.0.0.1,): unknown >>>> user >>>> Nov 2 11:29:23 BSD-11 dovecot: auth: Error: >>>> ldap(user,127.0.0.1,): user not found from userdb >>>> >>> > what about here, is peter, appearing in the first line, the unmangled > "user" here? > > > Nov 2 11:29:23 BSD-11 dovecot: pop3: Error: Authenticated user not found >>>> from userdb, auth lookup id=226492417 (client-pid=874 client-id=1) >>>> Nov 2 11:29:23 BSD-11 dovecot: pop3-login: Internal login failure >>>> (pid=874 >>>> id=1) (internal failure, 1 successful auths): user=, method=PLAIN >>>> Nov 2 11:30:42 BSD-11 dovecot: auth: ldap(user at domain.com): invalid >>>> credentials >>>> Nov 2 14:08:17 BSD-11 dovecot: auth: >>>> ldap(user,127.0.0.1,<4uLkKVZAvY9/AAAB>): invalid credentials >>>> Nov 2 14:09:38 BSD-11 dovecot: auth: >>>> ldap(user at domain.com,127.0.0.1,<4uLkKVZAvY9/AAAB>): >>>> invalid credentials >>>> Nov 2 14:11:00 BSD-11 dovecot: pop3-login: Disconnected: Inactivity >>>> (auth >>>> failed, 2 attempts in 163 secs): user= >>>> >>>> On Wed, Nov 2, 2016 at 4:39 AM, Steffen Kaiser < >>>> skdovecot at smail.inf.fh-brs.de> wrote: >>>> >>>> -----BEGIN PGP SIGNED MESSAGE----- >>>> >>>>> Hash: SHA1 >>>>> >>>>> On Tue, 1 Nov 2016, Peter Fraser wrote: >>>>> >>>>> root at BSD-11:/usr/local/etc/dovecot # doveadm auth test username >>>>> >>>>> Password: >>>>>> passdb: user auth succeeded >>>>>> extra fields: >>>>>> user=username >>>>>> root at BSD-11:/usr/local/etc/dovecot # >>>>>> >>>>>> But when I run telnet 127.0.0.1 110 and try to log in it says unknown >>>>>> user. >>>>>> Error below in maillog. >>>>>> BSD-11 dovecot: pop3: Error: Authenticated user not found from userdb, >>>>>> auth >>>>>> lookup id=2262958081 (client-pid=2273 client-id=1) >>>>>> Nov 1 15:15:41 BSD-11 dovecot: pop3-login: Internal login failure >>>>>> (pid=2273 id=1) (internal failure, 1 successful auths): user= >>>>>> >>>>>> >>>>>> passdb { >>>>> >>>>> args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext >>>>>> driver = ldap >>>>>> } >>>>>> >>>>>> >>>>>> userdb { >>>>> >>>>> args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext >>>>>> driver = ldap >>>>>> } >>>>>> >>>>>> >>>>>> #Contents of dovecot-ldap.conf.ext >>>>> >>>>> hosts = 192.168.153.143 >>>>>> dn = user at domain.com >>>>>> dnpass = password >>>>>> auth_bind = yes >>>>>> auth_bind_userdn = domain\%u >>>>>> ldap_version = 3 >>>>>> base = dc=domain,dc=com >>>>>> pass_filter = (&(objectclass=person)(uid=%u)) >>>>>> user_attrs = homeDirectory=/home/vmail/%u,uid=1002,gid=1002 >>>>>> >>>>>> >>>>>> duplicate pass_filter to user_filter. >>>>> >>>>> - -- Steffen Kaiser >>>>> -----BEGIN PGP SIGNATURE----- >>>>> Version: GnuPG v1 >>>>> >>>>> iQEVAwUBWBm0Onz1H7kL/d9rAQJWhQf+PRD5yd29UyL1drjlTOWD/s4qUffg8OBh >>>>> inb8L3eCKDuSad8s9INUJSa6WxGEVdatL4PKjTcbL5IsPIob87W5jOduWFMtPlt0 >>>>> FXxWtfc1bAjRyNLzkGe1mUT1z0EDVO22UkQSd9J3bZQ9wR+FzgeGqdcyzl+WSyzB >>>>> Eaiea23ieCjhZRAZF/pl1gDjkap+tPQ8gZLdt4p1QQrY5Jllifu5jYEyjqPkwUXf >>>>> YMfEiCJSInyMQ8CCuL1Aj8iM/7qLLi8pyC9KSA6NntK4mpHAaInYln6SZY+ZGJCY >>>>> KV60nGuwwv3qQFeKchhhr+GpGDQYXJ5eBq+Ji+cKgvbypFa13NNS8A== >>>>> =l02F >>>>> -----END PGP SIGNATURE----- >>>>> >>>>> >>>>> >>>> - -- Steffen Kaiser >>> -----BEGIN PGP SIGNATURE----- >>> Version: GnuPG v1 >>> >>> iQEVAwUBWBrpDnz1H7kL/d9rAQKwzggAnJz4LR0SXVWSFdSDrKYs40IEN/ko/4el >>> D7/4q4lVBo9dntf+NeGS1JxttebiN7ng4F5pm841Z0l7acj6z8HzMCr11Voqbuy7 >>> 4WJirG2DnwmzxZRi1M86QGqXWU00jhFplSvZfWhX8uQasmp1FqV3hhUMmcTFfXTX >>> DqtFali5ymUPV87XU2hZEtpe3jkBdjWmmHW8gVfSXVXBcRBa96+12FEOwONLVVcQ >>> VGZRb6XxWexRcwAo4NY+NfqcM3OEGC4AZgfqBsWnZOUhijnw+ffbu4YL8aZBIGlB >>> P78R0N0DtpRAToRJYvr00OMk27dkHU+0Ock/cFUr6H1cYXHBsfvO2A== >>> =lz82 >>> -----END PGP SIGNATURE----- >>> >>> >> > - -- Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iQEVAwUBWBw2Mnz1H7kL/d9rAQKpQwf/YQnMaR+j3qyQBxrMi239bgmWksieVkCb > seScL3JN7pWE4PYQ9qduQW2vEmzHKplCpkmNd0Q8xLee4KR8J4aaZy45Mhbjbk4a > RMSGAS1+Z11WZM/ipCiKqyaCo12zSK0/8Q+ozZ7KUR1hajDjTEZ5hoR3icUrWV8Q > BQXzdGhs7DLfjDWxtnmvW2LVR640h3n855TDmDMpeFpj8BNuVh5vu4JJWxSysaYN > FYj0RGuIFvUb134f1YACEF97zXGdV09hSqJw8qcVNQgtvO85/gBZwlPJfF3WNHvw > CV3KcZVxk8E2wKoz6b7j6cT5nohJD1bvVgT+autGGcsgVMWWoo3WWQ== > =6ZWZ > -----END PGP SIGNATURE----- > From ben at indietorrent.org Sat Nov 5 17:01:06 2016 From: ben at indietorrent.org (Ben Johnson) Date: Sat, 5 Nov 2016 13:01:06 -0400 Subject: How does one mark all messages as read (imap4flag "seen") with sieve? In-Reply-To: <42dc9a57-9f93-370b-a599-2c870ff26b4e@indietorrent.org> References: <42dc9a57-9f93-370b-a599-2c870ff26b4e@indietorrent.org> Message-ID: <4714c8bb-5c9d-7818-51d1-405bb951bfb9@indietorrent.org> On 11/3/2016 10:07 PM, Ben Johnson wrote: > Hello! > > I had hoped that marking all messages that arrive to a specific mailbox > as read/seen would be as simple as applying the following sieve script > to all incoming mail for that mailbox user: > > ######################## > require ["imap4flags"]; > addflag "\\Seen"; > ######################## > > With this script in-place, mail does not appear to be marked as > read/seen. It arrives as it normally would, and my email client sees it > as new mail. > > Is something more required? Or is it a bug/limitation in my email client? > > I've found many examples of "addflag "\\Seen";" on the web, but all of > them are wrapped in conditional logic of some variety. This is a > spam-training mailbox and I simply want everything marked as seen/read > upon arrival so I'm not bothered/notified every time. > > Thanks for any pointers here! > > -Ben > I had the afterthought that perhaps the problem is that my Antispam plugin pipe-script simply writes the original message to the filesystem. It doesn't use dovecot-lda, so the Sieve filters are not being applied. I would use dovecot-lda if it didn't sefault with my pipe script. :( Will just have to live with making messages read manually, I suppose! -Ben From larryrtx at gmail.com Sat Nov 5 17:03:03 2016 From: larryrtx at gmail.com (Larry Rosenman) Date: Sat, 5 Nov 2016 12:03:03 -0500 Subject: How does one mark all messages as read (imap4flag "seen") with sieve? In-Reply-To: <4714c8bb-5c9d-7818-51d1-405bb951bfb9@indietorrent.org> References: <42dc9a57-9f93-370b-a599-2c870ff26b4e@indietorrent.org> <4714c8bb-5c9d-7818-51d1-405bb951bfb9@indietorrent.org> Message-ID: could your script be modified to use LMTP? On Sat, Nov 5, 2016 at 12:01 PM, Ben Johnson wrote: > On 11/3/2016 10:07 PM, Ben Johnson wrote: > > Hello! > > > > I had hoped that marking all messages that arrive to a specific mailbox > > as read/seen would be as simple as applying the following sieve script > > to all incoming mail for that mailbox user: > > > > ######################## > > require ["imap4flags"]; > > addflag "\\Seen"; > > ######################## > > > > With this script in-place, mail does not appear to be marked as > > read/seen. It arrives as it normally would, and my email client sees it > > as new mail. > > > > Is something more required? Or is it a bug/limitation in my email client? > > > > I've found many examples of "addflag "\\Seen";" on the web, but all of > > them are wrapped in conditional logic of some variety. This is a > > spam-training mailbox and I simply want everything marked as seen/read > > upon arrival so I'm not bothered/notified every time. > > > > Thanks for any pointers here! > > > > -Ben > > > > I had the afterthought that perhaps the problem is that my Antispam > plugin pipe-script simply writes the original message to the filesystem. > It doesn't use dovecot-lda, so the Sieve filters are not being applied. > > I would use dovecot-lda if it didn't sefault with my pipe script. :( > > Will just have to live with making messages read manually, I suppose! > > -Ben > -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From ben at indietorrent.org Sat Nov 5 17:06:19 2016 From: ben at indietorrent.org (Ben Johnson) Date: Sat, 5 Nov 2016 13:06:19 -0400 Subject: How does one mark all messages as read (imap4flag "seen") with sieve? In-Reply-To: References: <42dc9a57-9f93-370b-a599-2c870ff26b4e@indietorrent.org> <4714c8bb-5c9d-7818-51d1-405bb951bfb9@indietorrent.org> Message-ID: <72ac5cad-5aa5-bf1e-3f1f-6e30c2cf8ca9@indietorrent.org> On 11/5/2016 1:03 PM, Larry Rosenman wrote: > could your script be modified to use LMTP? That's a very interesting suggestion. Thanks, Larry! My gut feeling is that it will crash (segfault and core-dump) in the same way that dovecot-lda does, but it's worth a shot! (I've posted about my woes with the dovecot-lda crashing issue many times here... nobody seems to have any other ideas. Wish there was an official bug-tracker.) I'll give it a shot and report back! -Ben From larryrtx at gmail.com Sat Nov 5 17:22:04 2016 From: larryrtx at gmail.com (Larry Rosenman) Date: Sat, 5 Nov 2016 12:22:04 -0500 Subject: How does one mark all messages as read (imap4flag "seen") with sieve? In-Reply-To: <72ac5cad-5aa5-bf1e-3f1f-6e30c2cf8ca9@indietorrent.org> References: <42dc9a57-9f93-370b-a599-2c870ff26b4e@indietorrent.org> <4714c8bb-5c9d-7818-51d1-405bb951bfb9@indietorrent.org> <72ac5cad-5aa5-bf1e-3f1f-6e30c2cf8ca9@indietorrent.org> Message-ID: What OS/MTA are you using? Can you give me (privately if you want) a re-hash of the LDA issues? I'm using FreeBSD 10.3 / Exim for my set up and LMTP for ALL deliveries, and it works great. On Sat, Nov 5, 2016 at 12:06 PM, Ben Johnson wrote: > On 11/5/2016 1:03 PM, Larry Rosenman wrote: > > could your script be modified to use LMTP? > > That's a very interesting suggestion. Thanks, Larry! > > My gut feeling is that it will crash (segfault and core-dump) in the > same way that dovecot-lda does, but it's worth a shot! > > (I've posted about my woes with the dovecot-lda crashing issue many > times here... nobody seems to have any other ideas. Wish there was an > official bug-tracker.) > > I'll give it a shot and report back! > > -Ben > -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From jules at ispire.me Sat Nov 5 21:31:50 2016 From: jules at ispire.me (Jules) Date: Sat, 5 Nov 2016 22:31:50 +0100 Subject: Defining INDEX target to other location than maildir seems to have no effect. In-Reply-To: References: Message-ID: <6B7A7E1E-C2ED-47C9-94B1-CC85E8D9EF01@ispire.me> How can i commit this as bug report? > Am 30.10.2016 um 11:04 schrieb Julian Sternberg : > > Dovecot Version 2.2.13 > Linux Distribution: Debian Jessie > CPU Architecture: x64 > Filesystem: GlusterFS/NFS, XFS for Base System/Index Files. > Two Dovecot/Postfix nodes accessing same GlusterFS/NFS Maildir. > > Regardless what i choose in mail_location (:INDEX=MEMORY or :INDEX=/var/indexes/%d/%n) all Mailbox index files will still get created within the users mail_location maildir: ~/Maildir > > My mail_location Maildir directory is shared on GlusterFS mount so i need to get index files away from this share due locking mechanism and faster caching. > > The weird is, if i set INDEX to /var/indexes, the index files getting created sometimes but then not updated frequently and exist parallel on Maildir which are mostly newer than on /var/indexes. If you delete the dovecot.index* files from Maildir, they will get recreated immediatly on Imap access but not on the alternative set INDEX location, they are getting recreated within Maildir again. > > Here is doveconf -n Output: > > # 2.2.13: /etc/dovecot/dovecot.conf > # OS: Linux 3.16.0-4-amd64 x86_64 Debian 8.6 > auth_mechanisms = plain login cram-md5 > disable_plaintext_auth = no > first_valid_uid = 2000 > hostname = censored.hostname.com > last_valid_uid = 2000 > lda_mailbox_autocreate = yes > lda_mailbox_autosubscribe = yes > listen = * > lock_method = dotlock > mail_fsync = always > mail_gid = 2000 > mail_home = /storage/vmail/%d/%n > mail_location = maildir:~/Maildir:LAYOUT=fs:INDEX=MEMORY > mail_nfs_storage = yes > mail_privileged_group = vmail > mail_temp_dir = /var/tmp > mail_uid = 2000 > maildir_very_dirty_syncs = yes > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave > mmap_disable = yes > namespace inbox { > inbox = yes > location = > mailbox Archive { > auto = no > special_use = \Archive > } > mailbox Archives { > auto = no > special_use = \Archive > } > mailbox "Deleted Items" { > auto = no > special_use = \Trash > } > mailbox "Deleted Messages" { > auto = no > special_use = \Trash > } > mailbox Drafts { > auto = no > special_use = \Drafts > } > mailbox Sent { > auto = subscribe > special_use = \Sent > } > mailbox "Sent Items" { > auto = no > special_use = \Sent > } > mailbox "Sent Messages" { > auto = no > special_use = \Sent > } > mailbox Spam { > auto = create > special_use = \Junk > } > mailbox Trash { > auto = subscribe > special_use = \Trash > } > mailbox virtual/All { > auto = no > special_use = \All > } > prefix = > separator = / > type = private > } > passdb { > args = /etc/dovecot/dovecot-sql.conf.ext > driver = sql > } > plugin { > quota = maildir:User quota > quota_rule = *:storage=1G > quota_rule2 = Trash:storage=+100M > quota_rule3 = Sent:storage=+100M > quota_warning = storage=95%% quota-warning 95 %u > quota_warning2 = storage=80%% quota-warning 80 %u > sieve = /storage/vmail/%d/%n/sieve/dovecot.sieve > sieve_before = /storage/vmail/sieve/dovecot.sieve > sieve_dir = /storage/vmail/%d/%n/sieve > sieve_global = /storage/vmail/sieve > } > postmaster_address = postmaster at censored.hostname.com > protocols = " imap lmtp sieve pop3" > quota_full_tempfail = yes > service auth { > unix_listener /var/spool/postfix/private/auth { > group = postfix > mode = 0660 > user = postfix > } > unix_listener auth-userdb { > group = vmail > mode = 0666 > user = vmail > } > } > service imap-login { > inet_listener imaps { > port = 993 > ssl = yes > } > service_count = 0 > } > service lmtp { > unix_listener /var/spool/postfix/private/dovecot-lmtp { > group = postfix > mode = 0666 > user = postfix > } > } > service managesieve-login { > inet_listener sieve { > port = 4190 > } > service_count = 1 > } > service pop3-login { > inet_listener pop3 { > port = 110 > } > inet_listener pop3s { > port = 995 > ssl = yes > } > } > service quota-warning { > executable = script /usr/local/bin/quota-warning.sh > unix_listener quota-warning { > user = vmail > } > user = vmail > } > ssl = required > ssl_ca = ssl_cert = ssl_cipher_list = ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA > ssl_key = ssl_protocols = !SSLv2 !SSLv3 > ssl_require_crl = no > userdb { > args = uid=2000 gid=2000 home=/storage/vmail/%d/%n allow_all_users=yes > driver = static > } > protocol lmtp { > mail_plugins = " quota sieve" > } > protocol lda { > mail_plugins = " sieve quota" > } > protocol imap { > imap_client_workarounds = tb-extra-mailbox-sep > mail_plugins = " quota imap_quota" > } > protocol sieve { > mail_max_userip_connections = 10 > } > protocol pop3 { > mail_plugins = " quota" > pop3_client_workarounds = outlook-no-nuls oe-ns-eoh > pop3_uidl_format = %08Xu%08Xv > } From aki.tuomi at dovecot.fi Sat Nov 5 21:40:32 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Sat, 5 Nov 2016 23:40:32 +0200 (EET) Subject: Defining INDEX target to other location than maildir seems to have no effect. In-Reply-To: <6B7A7E1E-C2ED-47C9-94B1-CC85E8D9EF01@ispire.me> References: <6B7A7E1E-C2ED-47C9-94B1-CC85E8D9EF01@ispire.me> Message-ID: <1650017749.1313.1478382033507@appsuite-dev.open-xchange.com> Hi! Thank you for reporting this, we'll look into it. Aki Tuomi Dovecot oy. > On November 5, 2016 at 11:31 PM Jules wrote: > > > How can i commit this as bug report? > > > Am 30.10.2016 um 11:04 schrieb Julian Sternberg : > > > > Dovecot Version 2.2.13 > > Linux Distribution: Debian Jessie > > CPU Architecture: x64 > > Filesystem: GlusterFS/NFS, XFS for Base System/Index Files. > > Two Dovecot/Postfix nodes accessing same GlusterFS/NFS Maildir. > > > > Regardless what i choose in mail_location (:INDEX=MEMORY or :INDEX=/var/indexes/%d/%n) all Mailbox index files will still get created within the users mail_location maildir: ~/Maildir > > > > My mail_location Maildir directory is shared on GlusterFS mount so i need to get index files away from this share due locking mechanism and faster caching. > > > > The weird is, if i set INDEX to /var/indexes, the index files getting created sometimes but then not updated frequently and exist parallel on Maildir which are mostly newer than on /var/indexes. If you delete the dovecot.index* files from Maildir, they will get recreated immediatly on Imap access but not on the alternative set INDEX location, they are getting recreated within Maildir again. > > > > Here is doveconf -n Output: > > > > # 2.2.13: /etc/dovecot/dovecot.conf > > # OS: Linux 3.16.0-4-amd64 x86_64 Debian 8.6 > > auth_mechanisms = plain login cram-md5 > > disable_plaintext_auth = no > > first_valid_uid = 2000 > > hostname = censored.hostname.com > > last_valid_uid = 2000 > > lda_mailbox_autocreate = yes > > lda_mailbox_autosubscribe = yes > > listen = * > > lock_method = dotlock > > mail_fsync = always > > mail_gid = 2000 > > mail_home = /storage/vmail/%d/%n > > mail_location = maildir:~/Maildir:LAYOUT=fs:INDEX=MEMORY > > mail_nfs_storage = yes > > mail_privileged_group = vmail > > mail_temp_dir = /var/tmp > > mail_uid = 2000 > > maildir_very_dirty_syncs = yes > > managesieve_notify_capability = mailto > > managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave > > mmap_disable = yes > > namespace inbox { > > inbox = yes > > location = > > mailbox Archive { > > auto = no > > special_use = \Archive > > } > > mailbox Archives { > > auto = no > > special_use = \Archive > > } > > mailbox "Deleted Items" { > > auto = no > > special_use = \Trash > > } > > mailbox "Deleted Messages" { > > auto = no > > special_use = \Trash > > } > > mailbox Drafts { > > auto = no > > special_use = \Drafts > > } > > mailbox Sent { > > auto = subscribe > > special_use = \Sent > > } > > mailbox "Sent Items" { > > auto = no > > special_use = \Sent > > } > > mailbox "Sent Messages" { > > auto = no > > special_use = \Sent > > } > > mailbox Spam { > > auto = create > > special_use = \Junk > > } > > mailbox Trash { > > auto = subscribe > > special_use = \Trash > > } > > mailbox virtual/All { > > auto = no > > special_use = \All > > } > > prefix = > > separator = / > > type = private > > } > > passdb { > > args = /etc/dovecot/dovecot-sql.conf.ext > > driver = sql > > } > > plugin { > > quota = maildir:User quota > > quota_rule = *:storage=1G > > quota_rule2 = Trash:storage=+100M > > quota_rule3 = Sent:storage=+100M > > quota_warning = storage=95%% quota-warning 95 %u > > quota_warning2 = storage=80%% quota-warning 80 %u > > sieve = /storage/vmail/%d/%n/sieve/dovecot.sieve > > sieve_before = /storage/vmail/sieve/dovecot.sieve > > sieve_dir = /storage/vmail/%d/%n/sieve > > sieve_global = /storage/vmail/sieve > > } > > postmaster_address = postmaster at censored.hostname.com > > protocols = " imap lmtp sieve pop3" > > quota_full_tempfail = yes > > service auth { > > unix_listener /var/spool/postfix/private/auth { > > group = postfix > > mode = 0660 > > user = postfix > > } > > unix_listener auth-userdb { > > group = vmail > > mode = 0666 > > user = vmail > > } > > } > > service imap-login { > > inet_listener imaps { > > port = 993 > > ssl = yes > > } > > service_count = 0 > > } > > service lmtp { > > unix_listener /var/spool/postfix/private/dovecot-lmtp { > > group = postfix > > mode = 0666 > > user = postfix > > } > > } > > service managesieve-login { > > inet_listener sieve { > > port = 4190 > > } > > service_count = 1 > > } > > service pop3-login { > > inet_listener pop3 { > > port = 110 > > } > > inet_listener pop3s { > > port = 995 > > ssl = yes > > } > > } > > service quota-warning { > > executable = script /usr/local/bin/quota-warning.sh > > unix_listener quota-warning { > > user = vmail > > } > > user = vmail > > } > > ssl = required > > ssl_ca = > ssl_cert = > ssl_cipher_list = ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA > > ssl_key = > ssl_protocols = !SSLv2 !SSLv3 > > ssl_require_crl = no > > userdb { > > args = uid=2000 gid=2000 home=/storage/vmail/%d/%n allow_all_users=yes > > driver = static > > } > > protocol lmtp { > > mail_plugins = " quota sieve" > > } > > protocol lda { > > mail_plugins = " sieve quota" > > } > > protocol imap { > > imap_client_workarounds = tb-extra-mailbox-sep > > mail_plugins = " quota imap_quota" > > } > > protocol sieve { > > mail_max_userip_connections = 10 > > } > > protocol pop3 { > > mail_plugins = " quota" > > pop3_client_workarounds = outlook-no-nuls oe-ns-eoh > > pop3_uidl_format = %08Xu%08Xv > > } From larryrtx at gmail.com Sat Nov 5 22:36:34 2016 From: larryrtx at gmail.com (Larry Rosenman) Date: Sat, 5 Nov 2016 17:36:34 -0500 Subject: virtual mailbox: any way to include..... Message-ID: a namespace that starts with # in a dovecot-virtual file? \# and plain # does NOT work. -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From petros.fraser at gmail.com Sun Nov 6 04:53:41 2016 From: petros.fraser at gmail.com (Peter Fraser) Date: Sat, 5 Nov 2016 23:53:41 -0500 Subject: Dovecot 2 LDAP "unknown user" In-Reply-To: References: Message-ID: I finally managed to get this going but I have noticed in my case that: 1. I need to make sure the user logon name in AD and the samAccountname are exactly the same, case and all. It seems postfix uses the samAccountname and Dovecot the User logon name. 2. I also noticed that if the Display name for a user in AD is blank, that user cannot log in using telnet 110. I am quite willing to work with it as it is but if anyone knows if this is normal behavior or not, I would be glad to know. Not sure if some could be configured better. Just for information, I am including my current configs. Thanks for your assistance Steffen. listen = * login_greeting = Mail Server ready. mail_gid = 1002 mail_home = /home/vmail/%u mail_location = maildir:~/Maildir mail_uid = 1002 namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } service lmtp { unix_listener lmtp { user = vmail } } ssl_cert = wrote: > Sorry yes, peter is the unmangled user name. > > On Fri, Nov 4, 2016 at 2:18 AM, Steffen Kaiser < > skdovecot at smail.inf.fh-brs.de> wrote: > >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> On Thu, 3 Nov 2016, Peter Fraser wrote: >> >> The command doveadm user -u username successfully returns the username and >>> any information it can for the user in AD. As a matter of fact, I entered >>> some home directory information in AD and this command returned the >>> User's >>> Home Directory as well. Is it a problem though that the telnet test won't >>> work? >>> >> >> Hmm, I don't understand the question, >> >> telnet xyz 143 >> 1 login username password >> >> must work in order to login via IMAP. >> >> But you didn't answered the other question, see below >> >> On Thu, Nov 3, 2016 at 2:36 AM, Steffen Kaiser < >>> skdovecot at smail.inf.fh-brs.de> wrote: >>> >>> -----BEGIN PGP SIGNED MESSAGE----- >>>> Hash: SHA1 >>>> >>>> On Wed, 2 Nov 2016, Peter Fraser wrote: >>>> >>>> #Custom Settings >>>> >>>>> hosts = 192.168.153.143 >>>>> dn = user at domain.com >>>>> dnpass = password >>>>> auth_bind = yes >>>>> auth_bind_userdn = %u at domain.com >>>>> ldap_version = 3 >>>>> base = dc=rpservices,dc=com >>>>> #user_filter = (&(objectclass=person)(mail=%u)) >>>>> user_filter = (&(objectclass=person)(uid=%u)) >>>>> pass_filter = (&(objectclass=person)(uid=%u)) >>>>> user_attrs = homeDirectory=/home/vmail/%u,uid=1002,gid=1002 >>>>> >>>>> >>>> you wrote: >>>> >>>> root at BSD-11:/usr/local/etc/dovecot # doveadm auth test username >>>>> >>>>>> >>>>>> extra fields: >>>>>>> user=username >>>>>>> >>>>>>> >>>>>> is successful. Is user=username >>>> ^^^^^^^ that same as the username in doveadm? >>>> >>> >> >> Here. You've posted mangled information only, so if the extra fields >> return another username, other tests are different. >> >> What about: >>>> >>>> doveadm user -u username >>>> >>>> ? >>>> >>>> >>>> When I tried to log in again using telnet 127.0.0.1 110, the error >>>> shows up >>>> >>>>> in maillog. I first tried logging in with just the username, then I >>>>> tried >>>>> using username at domain.com. Using doveadm still works though. >>>>> >>>>> >>>> >>>> BSD-11 dovecot: auth: ldap(peter,127.0.0.1,): unknown >>>>> user >>>>> Nov 2 11:29:23 BSD-11 dovecot: auth: Error: >>>>> ldap(user,127.0.0.1,): user not found from userdb >>>>> >>>> >> what about here, is peter, appearing in the first line, the unmangled >> "user" here? >> >> >> Nov 2 11:29:23 BSD-11 dovecot: pop3: Error: Authenticated user not found >>>>> from userdb, auth lookup id=226492417 (client-pid=874 client-id=1) >>>>> Nov 2 11:29:23 BSD-11 dovecot: pop3-login: Internal login failure >>>>> (pid=874 >>>>> id=1) (internal failure, 1 successful auths): user=, >>>>> method=PLAIN >>>>> Nov 2 11:30:42 BSD-11 dovecot: auth: ldap(user at domain.com): invalid >>>>> credentials >>>>> Nov 2 14:08:17 BSD-11 dovecot: auth: >>>>> ldap(user,127.0.0.1,<4uLkKVZAvY9/AAAB>): invalid credentials >>>>> Nov 2 14:09:38 BSD-11 dovecot: auth: >>>>> ldap(user at domain.com,127.0.0.1,<4uLkKVZAvY9/AAAB>): >>>>> invalid credentials >>>>> Nov 2 14:11:00 BSD-11 dovecot: pop3-login: Disconnected: Inactivity >>>>> (auth >>>>> failed, 2 attempts in 163 secs): user= >>>>> >>>>> On Wed, Nov 2, 2016 at 4:39 AM, Steffen Kaiser < >>>>> skdovecot at smail.inf.fh-brs.de> wrote: >>>>> >>>>> -----BEGIN PGP SIGNED MESSAGE----- >>>>> >>>>>> Hash: SHA1 >>>>>> >>>>>> On Tue, 1 Nov 2016, Peter Fraser wrote: >>>>>> >>>>>> root at BSD-11:/usr/local/etc/dovecot # doveadm auth test username >>>>>> >>>>>> Password: >>>>>>> passdb: user auth succeeded >>>>>>> extra fields: >>>>>>> user=username >>>>>>> root at BSD-11:/usr/local/etc/dovecot # >>>>>>> >>>>>>> But when I run telnet 127.0.0.1 110 and try to log in it says unknown >>>>>>> user. >>>>>>> Error below in maillog. >>>>>>> BSD-11 dovecot: pop3: Error: Authenticated user not found from >>>>>>> userdb, >>>>>>> auth >>>>>>> lookup id=2262958081 (client-pid=2273 client-id=1) >>>>>>> Nov 1 15:15:41 BSD-11 dovecot: pop3-login: Internal login failure >>>>>>> (pid=2273 id=1) (internal failure, 1 successful auths): user= >>>>>>> >>>>>>> >>>>>>> passdb { >>>>>> >>>>>> args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext >>>>>>> driver = ldap >>>>>>> } >>>>>>> >>>>>>> >>>>>>> userdb { >>>>>> >>>>>> args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext >>>>>>> driver = ldap >>>>>>> } >>>>>>> >>>>>>> >>>>>>> #Contents of dovecot-ldap.conf.ext >>>>>> >>>>>> hosts = 192.168.153.143 >>>>>>> dn = user at domain.com >>>>>>> dnpass = password >>>>>>> auth_bind = yes >>>>>>> auth_bind_userdn = domain\%u >>>>>>> ldap_version = 3 >>>>>>> base = dc=domain,dc=com >>>>>>> pass_filter = (&(objectclass=person)(uid=%u)) >>>>>>> user_attrs = homeDirectory=/home/vmail/%u,uid=1002,gid=1002 >>>>>>> >>>>>>> >>>>>>> duplicate pass_filter to user_filter. >>>>>> >>>>>> - -- Steffen Kaiser >>>>>> -----BEGIN PGP SIGNATURE----- >>>>>> Version: GnuPG v1 >>>>>> >>>>>> iQEVAwUBWBm0Onz1H7kL/d9rAQJWhQf+PRD5yd29UyL1drjlTOWD/s4qUffg8OBh >>>>>> inb8L3eCKDuSad8s9INUJSa6WxGEVdatL4PKjTcbL5IsPIob87W5jOduWFMtPlt0 >>>>>> FXxWtfc1bAjRyNLzkGe1mUT1z0EDVO22UkQSd9J3bZQ9wR+FzgeGqdcyzl+WSyzB >>>>>> Eaiea23ieCjhZRAZF/pl1gDjkap+tPQ8gZLdt4p1QQrY5Jllifu5jYEyjqPkwUXf >>>>>> YMfEiCJSInyMQ8CCuL1Aj8iM/7qLLi8pyC9KSA6NntK4mpHAaInYln6SZY+ZGJCY >>>>>> KV60nGuwwv3qQFeKchhhr+GpGDQYXJ5eBq+Ji+cKgvbypFa13NNS8A== >>>>>> =l02F >>>>>> -----END PGP SIGNATURE----- >>>>>> >>>>>> >>>>>> >>>>> - -- Steffen Kaiser >>>> -----BEGIN PGP SIGNATURE----- >>>> Version: GnuPG v1 >>>> >>>> iQEVAwUBWBrpDnz1H7kL/d9rAQKwzggAnJz4LR0SXVWSFdSDrKYs40IEN/ko/4el >>>> D7/4q4lVBo9dntf+NeGS1JxttebiN7ng4F5pm841Z0l7acj6z8HzMCr11Voqbuy7 >>>> 4WJirG2DnwmzxZRi1M86QGqXWU00jhFplSvZfWhX8uQasmp1FqV3hhUMmcTFfXTX >>>> DqtFali5ymUPV87XU2hZEtpe3jkBdjWmmHW8gVfSXVXBcRBa96+12FEOwONLVVcQ >>>> VGZRb6XxWexRcwAo4NY+NfqcM3OEGC4AZgfqBsWnZOUhijnw+ffbu4YL8aZBIGlB >>>> P78R0N0DtpRAToRJYvr00OMk27dkHU+0Ock/cFUr6H1cYXHBsfvO2A== >>>> =lz82 >>>> -----END PGP SIGNATURE----- >>>> >>>> >>> >> - -- Steffen Kaiser >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1 >> >> iQEVAwUBWBw2Mnz1H7kL/d9rAQKpQwf/YQnMaR+j3qyQBxrMi239bgmWksieVkCb >> seScL3JN7pWE4PYQ9qduQW2vEmzHKplCpkmNd0Q8xLee4KR8J4aaZy45Mhbjbk4a >> RMSGAS1+Z11WZM/ipCiKqyaCo12zSK0/8Q+ozZ7KUR1hajDjTEZ5hoR3icUrWV8Q >> BQXzdGhs7DLfjDWxtnmvW2LVR640h3n855TDmDMpeFpj8BNuVh5vu4JJWxSysaYN >> FYj0RGuIFvUb134f1YACEF97zXGdV09hSqJw8qcVNQgtvO85/gBZwlPJfF3WNHvw >> CV3KcZVxk8E2wKoz6b7j6cT5nohJD1bvVgT+autGGcsgVMWWoo3WWQ== >> =6ZWZ >> -----END PGP SIGNATURE----- >> > > From aki.tuomi at dovecot.fi Sun Nov 6 06:39:54 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Sun, 6 Nov 2016 08:39:54 +0200 (EET) Subject: Dovecot 2 LDAP "unknown user" In-Reply-To: References: Message-ID: <1678711031.1699.1478414395634@appsuite-dev.open-xchange.com> You can relax case sensitivity requirements by using %Ln and %Lu instead of %u and %n. Aki > On November 6, 2016 at 6:53 AM Peter Fraser wrote: > > > I finally managed to get this going but I have noticed in my case that: > > 1. I need to make sure the user logon name in AD and the samAccountname are > exactly the same, case and all. It seems postfix > uses the samAccountname and Dovecot the User logon name. > 2. I also noticed that if the Display name for a user in AD is blank, that > user cannot log in using telnet 110. > > I am quite willing to work with it as it is but if anyone knows if this is > normal behavior or not, I would be glad to know. Not sure if some could be > configured better. > > Just for information, I am including my current configs. Thanks for your > assistance Steffen. > > listen = * > login_greeting = Mail Server ready. > mail_gid = 1002 > mail_home = /home/vmail/%u > mail_location = maildir:~/Maildir > mail_uid = 1002 > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = > } > passdb { > args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext > driver = ldap > } > service lmtp { > unix_listener lmtp { > user = vmail > } > } > ssl_cert = ssl_key = # hidden, use -P to show it > userdb { > args = /usr/local/etc/dovecot/dovecot-ldap-udb.conf.ext > driver = ldap > } > protocol lda { > mail_plugins = > } > > > dovecot-ldap-udb.conf.ext is a symlink to dovecot-ldap.conf.ext > > and dovecot-ldap.conf.ext reads as follows > > #Custom Settings > hosts = ip address > ldap_version = 3 > scope = subtree > deref = never > base = cn=users,dc=domain,dc=com > dn = cn=administrator,cn=users,dc=domain,dc=com > dnpass = password > auth_bind = yes > auth_bind_userdn = %n > ldap_version = 3 > scope = subtree > user_attrs = home=/home/vmail/%u,=uid=vmail,=gid=vmail > pass_attrs = uid=%n,userPassword=password > #pass_attrs=uid=user, userpassword=password > user_filter = (&(objectclass=person)(samaccountname=%n)) > pass_filter = (&(objectclass=inetorgperson)(mail=%u)) > > > On Fri, Nov 4, 2016 at 2:21 PM, Peter Fraser > wrote: > > > Sorry yes, peter is the unmangled user name. > > > > On Fri, Nov 4, 2016 at 2:18 AM, Steffen Kaiser < > > skdovecot at smail.inf.fh-brs.de> wrote: > > > >> -----BEGIN PGP SIGNED MESSAGE----- > >> Hash: SHA1 > >> > >> On Thu, 3 Nov 2016, Peter Fraser wrote: > >> > >> The command doveadm user -u username successfully returns the username and > >>> any information it can for the user in AD. As a matter of fact, I entered > >>> some home directory information in AD and this command returned the > >>> User's > >>> Home Directory as well. Is it a problem though that the telnet test won't > >>> work? > >>> > >> > >> Hmm, I don't understand the question, > >> > >> telnet xyz 143 > >> 1 login username password > >> > >> must work in order to login via IMAP. > >> > >> But you didn't answered the other question, see below > >> > >> On Thu, Nov 3, 2016 at 2:36 AM, Steffen Kaiser < > >>> skdovecot at smail.inf.fh-brs.de> wrote: > >>> > >>> -----BEGIN PGP SIGNED MESSAGE----- > >>>> Hash: SHA1 > >>>> > >>>> On Wed, 2 Nov 2016, Peter Fraser wrote: > >>>> > >>>> #Custom Settings > >>>> > >>>>> hosts = 192.168.153.143 > >>>>> dn = user at domain.com > >>>>> dnpass = password > >>>>> auth_bind = yes > >>>>> auth_bind_userdn = %u at domain.com > >>>>> ldap_version = 3 > >>>>> base = dc=rpservices,dc=com > >>>>> #user_filter = (&(objectclass=person)(mail=%u)) > >>>>> user_filter = (&(objectclass=person)(uid=%u)) > >>>>> pass_filter = (&(objectclass=person)(uid=%u)) > >>>>> user_attrs = homeDirectory=/home/vmail/%u,uid=1002,gid=1002 > >>>>> > >>>>> > >>>> you wrote: > >>>> > >>>> root at BSD-11:/usr/local/etc/dovecot # doveadm auth test username > >>>>> > >>>>>> > >>>>>> extra fields: > >>>>>>> user=username > >>>>>>> > >>>>>>> > >>>>>> is successful. Is user=username > >>>> ^^^^^^^ that same as the username in doveadm? > >>>> > >>> > >> > >> Here. You've posted mangled information only, so if the extra fields > >> return another username, other tests are different. > >> > >> What about: > >>>> > >>>> doveadm user -u username > >>>> > >>>> ? > >>>> > >>>> > >>>> When I tried to log in again using telnet 127.0.0.1 110, the error > >>>> shows up > >>>> > >>>>> in maillog. I first tried logging in with just the username, then I > >>>>> tried > >>>>> using username at domain.com. Using doveadm still works though. > >>>>> > >>>>> > >>>> > >>>> BSD-11 dovecot: auth: ldap(peter,127.0.0.1,): unknown > >>>>> user > >>>>> Nov 2 11:29:23 BSD-11 dovecot: auth: Error: > >>>>> ldap(user,127.0.0.1,): user not found from userdb > >>>>> > >>>> > >> what about here, is peter, appearing in the first line, the unmangled > >> "user" here? > >> > >> > >> Nov 2 11:29:23 BSD-11 dovecot: pop3: Error: Authenticated user not found > >>>>> from userdb, auth lookup id=226492417 (client-pid=874 client-id=1) > >>>>> Nov 2 11:29:23 BSD-11 dovecot: pop3-login: Internal login failure > >>>>> (pid=874 > >>>>> id=1) (internal failure, 1 successful auths): user=, > >>>>> method=PLAIN > >>>>> Nov 2 11:30:42 BSD-11 dovecot: auth: ldap(user at domain.com): invalid > >>>>> credentials > >>>>> Nov 2 14:08:17 BSD-11 dovecot: auth: > >>>>> ldap(user,127.0.0.1,<4uLkKVZAvY9/AAAB>): invalid credentials > >>>>> Nov 2 14:09:38 BSD-11 dovecot: auth: > >>>>> ldap(user at domain.com,127.0.0.1,<4uLkKVZAvY9/AAAB>): > >>>>> invalid credentials > >>>>> Nov 2 14:11:00 BSD-11 dovecot: pop3-login: Disconnected: Inactivity > >>>>> (auth > >>>>> failed, 2 attempts in 163 secs): user= > >>>>> > >>>>> On Wed, Nov 2, 2016 at 4:39 AM, Steffen Kaiser < > >>>>> skdovecot at smail.inf.fh-brs.de> wrote: > >>>>> > >>>>> -----BEGIN PGP SIGNED MESSAGE----- > >>>>> > >>>>>> Hash: SHA1 > >>>>>> > >>>>>> On Tue, 1 Nov 2016, Peter Fraser wrote: > >>>>>> > >>>>>> root at BSD-11:/usr/local/etc/dovecot # doveadm auth test username > >>>>>> > >>>>>> Password: > >>>>>>> passdb: user auth succeeded > >>>>>>> extra fields: > >>>>>>> user=username > >>>>>>> root at BSD-11:/usr/local/etc/dovecot # > >>>>>>> > >>>>>>> But when I run telnet 127.0.0.1 110 and try to log in it says unknown > >>>>>>> user. > >>>>>>> Error below in maillog. > >>>>>>> BSD-11 dovecot: pop3: Error: Authenticated user not found from > >>>>>>> userdb, > >>>>>>> auth > >>>>>>> lookup id=2262958081 (client-pid=2273 client-id=1) > >>>>>>> Nov 1 15:15:41 BSD-11 dovecot: pop3-login: Internal login failure > >>>>>>> (pid=2273 id=1) (internal failure, 1 successful auths): user= > >>>>>>> > >>>>>>> > >>>>>>> passdb { > >>>>>> > >>>>>> args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext > >>>>>>> driver = ldap > >>>>>>> } > >>>>>>> > >>>>>>> > >>>>>>> userdb { > >>>>>> > >>>>>> args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext > >>>>>>> driver = ldap > >>>>>>> } > >>>>>>> > >>>>>>> > >>>>>>> #Contents of dovecot-ldap.conf.ext > >>>>>> > >>>>>> hosts = 192.168.153.143 > >>>>>>> dn = user at domain.com > >>>>>>> dnpass = password > >>>>>>> auth_bind = yes > >>>>>>> auth_bind_userdn = domain\%u > >>>>>>> ldap_version = 3 > >>>>>>> base = dc=domain,dc=com > >>>>>>> pass_filter = (&(objectclass=person)(uid=%u)) > >>>>>>> user_attrs = homeDirectory=/home/vmail/%u,uid=1002,gid=1002 > >>>>>>> > >>>>>>> > >>>>>>> duplicate pass_filter to user_filter. > >>>>>> > >>>>>> - -- Steffen Kaiser > >>>>>> -----BEGIN PGP SIGNATURE----- > >>>>>> Version: GnuPG v1 > >>>>>> > >>>>>> iQEVAwUBWBm0Onz1H7kL/d9rAQJWhQf+PRD5yd29UyL1drjlTOWD/s4qUffg8OBh > >>>>>> inb8L3eCKDuSad8s9INUJSa6WxGEVdatL4PKjTcbL5IsPIob87W5jOduWFMtPlt0 > >>>>>> FXxWtfc1bAjRyNLzkGe1mUT1z0EDVO22UkQSd9J3bZQ9wR+FzgeGqdcyzl+WSyzB > >>>>>> Eaiea23ieCjhZRAZF/pl1gDjkap+tPQ8gZLdt4p1QQrY5Jllifu5jYEyjqPkwUXf > >>>>>> YMfEiCJSInyMQ8CCuL1Aj8iM/7qLLi8pyC9KSA6NntK4mpHAaInYln6SZY+ZGJCY > >>>>>> KV60nGuwwv3qQFeKchhhr+GpGDQYXJ5eBq+Ji+cKgvbypFa13NNS8A== > >>>>>> =l02F > >>>>>> -----END PGP SIGNATURE----- > >>>>>> > >>>>>> > >>>>>> > >>>>> - -- Steffen Kaiser > >>>> -----BEGIN PGP SIGNATURE----- > >>>> Version: GnuPG v1 > >>>> > >>>> iQEVAwUBWBrpDnz1H7kL/d9rAQKwzggAnJz4LR0SXVWSFdSDrKYs40IEN/ko/4el > >>>> D7/4q4lVBo9dntf+NeGS1JxttebiN7ng4F5pm841Z0l7acj6z8HzMCr11Voqbuy7 > >>>> 4WJirG2DnwmzxZRi1M86QGqXWU00jhFplSvZfWhX8uQasmp1FqV3hhUMmcTFfXTX > >>>> DqtFali5ymUPV87XU2hZEtpe3jkBdjWmmHW8gVfSXVXBcRBa96+12FEOwONLVVcQ > >>>> VGZRb6XxWexRcwAo4NY+NfqcM3OEGC4AZgfqBsWnZOUhijnw+ffbu4YL8aZBIGlB > >>>> P78R0N0DtpRAToRJYvr00OMk27dkHU+0Ock/cFUr6H1cYXHBsfvO2A== > >>>> =lz82 > >>>> -----END PGP SIGNATURE----- > >>>> > >>>> > >>> > >> - -- Steffen Kaiser > >> -----BEGIN PGP SIGNATURE----- > >> Version: GnuPG v1 > >> > >> iQEVAwUBWBw2Mnz1H7kL/d9rAQKpQwf/YQnMaR+j3qyQBxrMi239bgmWksieVkCb > >> seScL3JN7pWE4PYQ9qduQW2vEmzHKplCpkmNd0Q8xLee4KR8J4aaZy45Mhbjbk4a > >> RMSGAS1+Z11WZM/ipCiKqyaCo12zSK0/8Q+ozZ7KUR1hajDjTEZ5hoR3icUrWV8Q > >> BQXzdGhs7DLfjDWxtnmvW2LVR640h3n855TDmDMpeFpj8BNuVh5vu4JJWxSysaYN > >> FYj0RGuIFvUb134f1YACEF97zXGdV09hSqJw8qcVNQgtvO85/gBZwlPJfF3WNHvw > >> CV3KcZVxk8E2wKoz6b7j6cT5nohJD1bvVgT+autGGcsgVMWWoo3WWQ== > >> =6ZWZ > >> -----END PGP SIGNATURE----- > >> > > > > From larryrtx at gmail.com Sun Nov 6 16:30:22 2016 From: larryrtx at gmail.com (Larry Rosenman) Date: Sun, 6 Nov 2016 10:30:22 -0600 Subject: imapsieve pigeonhole plugin? Message-ID: How do you enable the imapsieve plugin? I added sieve_plugins = imapsieve and it whines: hebighonker.lerctr.org /usr/local/etc/dovecot/conf.d # service dovecot restart managesieve: Fatal: Plugin 'imapsieve' not found from directory /usr/local/lib/dovecot/sieve doveconf: Error: managesieve-login: dump-capability process returned 89 Stopping dovecot. Waiting for PIDS: 97491. managesieve: Fatal: Plugin 'imapsieve' not found from directory /usr/local/lib/dovecot/sieve doveconf: Error: managesieve-login: dump-capability process returned 89 Starting dovecot. managesieve: Fatal: Plugin 'imapsieve' not found from directory /usr/local/lib/dovecot/sieve doveconf: Error: managesieve-login: dump-capability process returned 89 this plugin seems to be poorly documented. :( -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From larryrtx at gmail.com Sun Nov 6 16:39:11 2016 From: larryrtx at gmail.com (Larry Rosenman) Date: Sun, 6 Nov 2016 10:39:11 -0600 Subject: imapsieve pigeonhole plugin? In-Reply-To: References: Message-ID: ok, I found: https://github.com/dovecot/pigeonhole/blob/master/doc/plugins/imapsieve.txt and that helps. Can this be added to the Wiki? On Sun, Nov 6, 2016 at 10:30 AM, Larry Rosenman wrote: > How do you enable the imapsieve plugin? I added > sieve_plugins = imapsieve > > and it whines: > hebighonker.lerctr.org /usr/local/etc/dovecot/conf.d # service dovecot > restart > managesieve: Fatal: Plugin 'imapsieve' not found from directory > /usr/local/lib/dovecot/sieve > doveconf: Error: managesieve-login: dump-capability process returned 89 > Stopping dovecot. > Waiting for PIDS: 97491. > managesieve: Fatal: Plugin 'imapsieve' not found from directory > /usr/local/lib/dovecot/sieve > doveconf: Error: managesieve-login: dump-capability process returned 89 > Starting dovecot. > managesieve: Fatal: Plugin 'imapsieve' not found from directory > /usr/local/lib/dovecot/sieve > doveconf: Error: managesieve-login: dump-capability process returned 89 > > > this plugin seems to be poorly documented. :( > > -- > Larry Rosenman http://www.lerctr.org/~ler > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com > US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 > -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From matthew.broadhead at nbmlaw.co.uk Sun Nov 6 16:44:36 2016 From: matthew.broadhead at nbmlaw.co.uk (Matthew Broadhead) Date: Sun, 6 Nov 2016 17:44:36 +0100 Subject: sieve sending vacation message from vmail@ns1.domain.tld In-Reply-To: <15a908f9-2820-d056-e221-984c0a994e77@nbmlaw.co.uk> References: <71b362e8-3a69-076d-6376-2f3bbd39d0eb@nbmlaw.co.uk> <94941225-09d0-1440-1733-3884cc6dcd67@rename-it.nl> <7cdadba3-fd03-7d8c-1235-b428018a081c@nbmlaw.co.uk> <55712b3a-4812-f0a6-c9f9-59efcdac79f7@rename-it.nl> <8260ce16-bc94-e3a9-13d1-f1204e6ae525@rename-it.nl> <344d3d36-b905-5a90-e0ea-17d556076838@nbmlaw.co.uk> <9b47cb74-0aa7-4851-11f0-5a367341a63b@nbmlaw.co.uk> <4aa89a3c-937f-a1e6-3871-1df196ac7af2@rename-it.nl> <0c0eaf7f-e65c-e31d-443f-21f3e3ae4fd2@nbmlaw.co.uk> <15a908f9-2820-d056-e221-984c0a994e77@nbmlaw.co.uk> Message-ID: it seemed like a simple configuration issue. i was hoping someone could point me in the right direction. seems i was wrong. i may as well unsubscribe this list as there is not much help here On 02/11/2016 18:29, Matthew Broadhead wrote: > is there something more i need to be doing my end? > > On 25/10/2016 09:11, Matthew Broadhead wrote: >> are there any instructions or tests i can make to check the sieve >> configuration? or does the magic all happen internally and there are >> no settings to change? >> >> On 21/10/2016 10:22, Matthew Broadhead wrote: >>> the server is using CentOS 7 and that is the package that comes >>> through yum. everything is up to date. i am hesitant to install a >>> new package manually as that could cause other compatibility >>> issues? is there another way to test the configuration on the server? >>> >>> On 21/10/2016 01:07, Stephan Bosch wrote: >>>> Op 10/20/2016 om 7:38 PM schreef Matthew Broadhead: >>>>> do i need to provide more information? >>>>> >>>> It still doesn't make sense to me. I do notice that the version you're >>>> using is ancient (dated 26-09-2013), which may well the problem. >>>> >>>> Do have the ability to upgrade? >>>> >>>> Regards, >>>> >>>> Stephan. >>>> >>>>> On 19/10/2016 14:49, Matthew Broadhead wrote: >>>>>> /var/log/maillog showed this >>>>>> Oct 19 13:25:41 ns1 postfix/smtpd[1298]: 7599A2C19C6: >>>>>> client=unknown[127.0.0.1] >>>>>> Oct 19 13:25:41 ns1 postfix/cleanup[1085]: 7599A2C19C6: >>>>>> message-id= >>>>>> Oct 19 13:25:41 ns1 postfix/qmgr[1059]: 7599A2C19C6: >>>>>> from=, size=3190, nrcpt=1 (queue >>>>>> active) >>>>>> Oct 19 13:25:41 ns1 amavis[32367]: (32367-17) Passed CLEAN >>>>>> {RelayedInternal}, ORIGINATING LOCAL [80.30.255.180]:54566 >>>>>> [80.30.255.180] -> >>>>>> , Queue-ID: BFFA62C1965, Message-ID: >>>>>> , mail_id: >>>>>> TlJQ9xQhWjQk, Hits: -2.9, size: 2235, queued_as: 7599A2C19C6, >>>>>> dkim_new=foo:nbmlaw.co.uk, 531 ms >>>>>> Oct 19 13:25:41 ns1 postfix/smtp[1135]: BFFA62C1965: >>>>>> to=, relay=127.0.0.1[127.0.0.1]:10026, >>>>>> delay=0.76, delays=0.22/0/0/0.53, dsn=2.0.0, status=sent (250 2.0.0 >>>>>> from MTA(smtp:[127.0.0.1]:10027): 250 2.0.0 Ok: queued as >>>>>> 7599A2C19C6) >>>>>> Oct 19 13:25:41 ns1 postfix/qmgr[1059]: BFFA62C1965: removed >>>>>> Oct 19 13:25:41 ns1 postfix/smtpd[1114]: connect from >>>>>> ns1.nbmlaw.co.uk[217.174.253.19] >>>>>> Oct 19 13:25:41 ns1 postfix/smtpd[1114]: NOQUEUE: filter: RCPT from >>>>>> ns1.nbmlaw.co.uk[217.174.253.19]: : Sender >>>>>> address triggers FILTER smtp-amavis:[127.0.0.1]:10026; >>>>>> from= to= >>>>>> proto=SMTP helo= >>>>>> Oct 19 13:25:41 ns1 postfix/smtpd[1114]: 8A03F2C1965: >>>>>> client=ns1.nbmlaw.co.uk[217.174.253.19] >>>>>> Oct 19 13:25:41 ns1 postfix/cleanup[1085]: 8A03F2C1965: >>>>>> message-id= >>>>>> Oct 19 13:25:41 ns1 opendmarc[2430]: implicit authentication >>>>>> service: >>>>>> ns1.nbmlaw.co.uk >>>>>> Oct 19 13:25:41 ns1 opendmarc[2430]: 8A03F2C1965: >>>>>> ns1.nbmlaw.co.uk fail >>>>>> Oct 19 13:25:41 ns1 postfix/qmgr[1059]: 8A03F2C1965: >>>>>> from=, size=1077, nrcpt=1 (queue active) >>>>>> Oct 19 13:25:41 ns1 postfix/smtpd[1114]: disconnect from >>>>>> ns1.nbmlaw.co.uk[217.174.253.19] >>>>>> Oct 19 13:25:41 ns1 sSMTP[1895]: Sent mail for >>>>>> vmail at ns1.nbmlaw.co.uk >>>>>> (221 2.0.0 Bye) uid=996 username=vmail outbytes=971 >>>>>> Oct 19 13:25:41 ns1 postfix/smtpd[1898]: connect from >>>>>> unknown[127.0.0.1] >>>>>> Oct 19 13:25:41 ns1 postfix/pipe[1162]: 7599A2C19C6: >>>>>> to=, relay=dovecot, delay=0.46, >>>>>> delays=0/0/0/0.45, dsn=2.0.0, status=sent (delivered via dovecot >>>>>> service) >>>>>> Oct 19 13:25:41 ns1 postfix/qmgr[1059]: 7599A2C19C6: removed >>>>>> Oct 19 13:25:41 ns1 postfix/smtpd[1898]: E53472C19C6: >>>>>> client=unknown[127.0.0.1] >>>>>> Oct 19 13:25:41 ns1 postfix/cleanup[1085]: E53472C19C6: >>>>>> message-id= >>>>>> Oct 19 13:25:41 ns1 postfix/qmgr[1059]: E53472C19C6: >>>>>> from=, size=1619, nrcpt=1 (queue active) >>>>>> Oct 19 13:25:41 ns1 amavis[1885]: (01885-01) Passed CLEAN >>>>>> {RelayedInternal}, ORIGINATING LOCAL [217.174.253.19]:40960 >>>>>> [217.174.253.19] -> >>>>>> , Queue-ID: 8A03F2C1965, Message-ID: >>>>>> , mail_id: >>>>>> mOMO97yjVqjM, Hits: -2.211, size: 1301, queued_as: E53472C19C6, >>>>>> 296 ms >>>>>> Oct 19 13:25:41 ns1 postfix/smtp[1217]: 8A03F2C1965: >>>>>> to=, >>>>>> relay=127.0.0.1[127.0.0.1]:10026, delay=0.38, delays=0.08/0/0/0.29, >>>>>> dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10027): >>>>>> 250 2.0.0 Ok: queued as E53472C19C6) >>>>>> Oct 19 13:25:41 ns1 postfix/qmgr[1059]: 8A03F2C1965: removed >>>>>> Oct 19 13:25:42 ns1 postfix/pipe[1303]: E53472C19C6: >>>>>> to=, relay=dovecot, delay=0.14, >>>>>> delays=0/0/0/0.14, dsn=2.0.0, status=sent (delivered via dovecot >>>>>> service) >>>>>> Oct 19 13:25:42 ns1 postfix/qmgr[1059]: E53472C19C6: removed >>>>>> >>>>>> On 19/10/2016 13:54, Stephan Bosch wrote: >>>>>>> >>>>>>> Op 19-10-2016 om 13:47 schreef Matthew Broadhead: >>>>>>>> i am not 100% sure how to give you the information you require. >>>>>>>> >>>>>>>> my current setup in /etc/postfix/master.cf is >>>>>>>> flags=DRhu user=vmail:mail argv=/usr/libexec/dovecot/deliver -d >>>>>>>> ${recipient} >>>>>>>> so recipient would presumably be user at domain.tld? or do you want >>>>>>>> the real email address of one of our users? is there some way i >>>>>>>> can output this information directly e.g. in logs? >>>>>>> I am no Postfix expert. I just need to know which values are being >>>>>>> passed to dovecot-lda with what options. I'd assume Postfix allows >>>>>>> logging the command line or at least the values of these variables. >>>>>>> >>>>>>>> the incoming email message could be anything? again i can run an >>>>>>>> example directly if you can advise the best way to do this >>>>>>> As long as the problem occurs with this message. >>>>>>> >>>>>>> BTW, it would also be helpful to have the Dovecot logs from this >>>>>>> delivery, with mail_debug configured to "yes". >>>>>>> >>>>>>> Regards, >>>>>>> >>>>>>> Stephan. >>>>>>> >>>>>>>> On 19/10/2016 12:54, Stephan Bosch wrote: >>>>>>>>> Also, please provide an example scenario; i.e., for one >>>>>>>>> problematic delivery provide: >>>>>>>>> >>>>>>>>> - The values of the variables substituted in the dovecot-lda >>>>>>>>> command line; i.e., provide that command line. >>>>>>>>> - The incoming e-mail message. >>>>>>>>> >>>>>>>>> Regards, >>>>>>>>> >>>>>>>>> Stephan. >>>>>>>>> >>>>>>>>> Op 19-10-2016 om 12:43 schreef Matthew Broadhead: >>>>>>>>>> dovecot is configured by sentora control panel to a certain >>>>>>>>>> extent. if you want those configs i can send them as well >>>>>>>>>> >>>>>>>>>> dovecot -n >>>>>>>>>> >>>>>>>>>> debug_log_path = /var/log/dovecot-debug.log >>>>>>>>>> dict { >>>>>>>>>> quotadict = >>>>>>>>>> mysql:/etc/sentora/configs/dovecot2/dovecot-dict-quota.conf >>>>>>>>>> } >>>>>>>>>> disable_plaintext_auth = no >>>>>>>>>> first_valid_gid = 12 >>>>>>>>>> first_valid_uid = 996 >>>>>>>>>> info_log_path = /var/log/dovecot-info.log >>>>>>>>>> lda_mailbox_autocreate = yes >>>>>>>>>> lda_mailbox_autosubscribe = yes >>>>>>>>>> listen = * >>>>>>>>>> lmtp_save_to_detail_mailbox = yes >>>>>>>>>> log_path = /var/log/dovecot.log >>>>>>>>>> log_timestamp = %Y-%m-%d %H:%M:%S >>>>>>>>>> mail_fsync = never >>>>>>>>>> mail_location = maildir:/var/sentora/vmail/%d/%n >>>>>>>>>> managesieve_notify_capability = mailto >>>>>>>>>> managesieve_sieve_capability = fileinto reject envelope >>>>>>>>>> encoded-character vacation subaddress comparator-i;ascii-numeric >>>>>>>>>> relational regex imap4flags copy include variables body enotify >>>>>>>>>> environment mailbox date ihave >>>>>>>>>> passdb { >>>>>>>>>> args = /etc/sentora/configs/dovecot2/dovecot-mysql.conf >>>>>>>>>> driver = sql >>>>>>>>>> } >>>>>>>>>> plugin { >>>>>>>>>> acl = vfile:/etc/dovecot/acls >>>>>>>>>> quota = maildir:User quota >>>>>>>>>> sieve = ~/dovecot.sieve >>>>>>>>>> sieve_dir = ~/sieve >>>>>>>>>> sieve_global_dir = /var/sentora/sieve/ >>>>>>>>>> sieve_global_path = /var/sentora/sieve/globalfilter.sieve >>>>>>>>>> sieve_max_script_size = 1M >>>>>>>>>> sieve_vacation_send_from_recipient = yes >>>>>>>>>> trash = /etc/sentora/configs/dovecot2/dovecot-trash.conf >>>>>>>>>> } >>>>>>>>>> protocols = imap pop3 lmtp sieve >>>>>>>>>> service auth { >>>>>>>>>> unix_listener /var/spool/postfix/private/auth { >>>>>>>>>> group = postfix >>>>>>>>>> mode = 0666 >>>>>>>>>> user = postfix >>>>>>>>>> } >>>>>>>>>> unix_listener auth-userdb { >>>>>>>>>> group = mail >>>>>>>>>> mode = 0666 >>>>>>>>>> user = vmail >>>>>>>>>> } >>>>>>>>>> } >>>>>>>>>> service dict { >>>>>>>>>> unix_listener dict { >>>>>>>>>> group = mail >>>>>>>>>> mode = 0666 >>>>>>>>>> user = vmail >>>>>>>>>> } >>>>>>>>>> } >>>>>>>>>> service imap-login { >>>>>>>>>> inet_listener imap { >>>>>>>>>> port = 143 >>>>>>>>>> } >>>>>>>>>> process_limit = 500 >>>>>>>>>> process_min_avail = 2 >>>>>>>>>> } >>>>>>>>>> service imap { >>>>>>>>>> vsz_limit = 256 M >>>>>>>>>> } >>>>>>>>>> service managesieve-login { >>>>>>>>>> inet_listener sieve { >>>>>>>>>> port = 4190 >>>>>>>>>> } >>>>>>>>>> process_min_avail = 0 >>>>>>>>>> service_count = 1 >>>>>>>>>> vsz_limit = 64 M >>>>>>>>>> } >>>>>>>>>> service pop3-login { >>>>>>>>>> inet_listener pop3 { >>>>>>>>>> port = 110 >>>>>>>>>> } >>>>>>>>>> } >>>>>>>>>> ssl_cert = >>>>>>>>> ssl_key = >>>>>>>>> ssl_protocols = !SSLv2 !SSLv3 >>>>>>>>>> userdb { >>>>>>>>>> driver = prefetch >>>>>>>>>> } >>>>>>>>>> userdb { >>>>>>>>>> args = /etc/sentora/configs/dovecot2/dovecot-mysql.conf >>>>>>>>>> driver = sql >>>>>>>>>> } >>>>>>>>>> protocol lda { >>>>>>>>>> mail_fsync = optimized >>>>>>>>>> mail_plugins = quota sieve >>>>>>>>>> postmaster_address = postmaster at ns1.nbmlaw.co.uk >>>>>>>>>> } >>>>>>>>>> protocol imap { >>>>>>>>>> imap_client_workarounds = delay-newmail >>>>>>>>>> mail_fsync = optimized >>>>>>>>>> mail_max_userip_connections = 60 >>>>>>>>>> mail_plugins = quota imap_quota trash >>>>>>>>>> } >>>>>>>>>> protocol lmtp { >>>>>>>>>> mail_plugins = quota sieve >>>>>>>>>> } >>>>>>>>>> protocol pop3 { >>>>>>>>>> mail_plugins = quota >>>>>>>>>> pop3_client_workarounds = outlook-no-nuls oe-ns-eoh >>>>>>>>>> pop3_uidl_format = %08Xu%08Xv >>>>>>>>>> } >>>>>>>>>> protocol sieve { >>>>>>>>>> managesieve_implementation_string = Dovecot Pigeonhole >>>>>>>>>> managesieve_max_compile_errors = 5 >>>>>>>>>> managesieve_max_line_length = 65536 >>>>>>>>>> } >>>>>>>>>> >>>>>>>>>> managesieve.sieve >>>>>>>>>> >>>>>>>>>> require ["fileinto","vacation"]; >>>>>>>>>> # rule:[vacation] >>>>>>>>>> if true >>>>>>>>>> { >>>>>>>>>> vacation :days 1 :subject "Vacation subject" text: >>>>>>>>>> i am currently out of the office >>>>>>>>>> >>>>>>>>>> trying some line breaks >>>>>>>>>> >>>>>>>>>> ...zzz >>>>>>>>>> . >>>>>>>>>> ; >>>>>>>>>> } >>>>>>>>>> >>>>>>>>>> On 19/10/2016 12:29, Stephan Bosch wrote: >>>>>>>>>>> Could you send your configuration (output from `dovecot -n`)? >>>>>>>>>>> >>>>>>>>>>> Also, please provide an example scenario; i.e., for one >>>>>>>>>>> problematic delivery provide: >>>>>>>>>>> >>>>>>>>>>> - The values of the variables substituted below. >>>>>>>>>>> >>>>>>>>>>> - The incoming e-mail message. >>>>>>>>>>> >>>>>>>>>>> - The Sieve script (or at least that vacation command). >>>>>>>>>>> >>>>>>>>>>> Regards, >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> Stephan. >>>>>>>>>>> >>>>>>>>>>> Op 19-10-2016 om 11:42 schreef Matthew Broadhead: >>>>>>>>>>>> hi, does anyone have any ideas about this issue? i have not >>>>>>>>>>>> had any response yet >>>>>>>>>>>> >>>>>>>>>>>> i tried changing /etc/postfix/master.cf line: >>>>>>>>>>>> dovecot unix - n n - - pipe >>>>>>>>>>>> flags=DRhu user=vmail:mail >>>>>>>>>>>> argv=/usr/libexec/dovecot/deliver -d >>>>>>>>>>>> ${recipient} >>>>>>>>>>>> >>>>>>>>>>>> to >>>>>>>>>>>> flags=DRhu user=vmail:mail >>>>>>>>>>>> argv=/usr/libexec/dovecot/dovecot-lda -f ${sender} -d >>>>>>>>>>>> ${user}@${nexthop} -a ${original_recipient} >>>>>>>>>>>> >>>>>>>>>>>> and >>>>>>>>>>>> -d ${user}@${domain} -a {recipient} -f ${sender} -m >>>>>>>>>>>> ${extension} >>>>>>>>>>>> >>>>>>>>>>>> but it didn't work >>>>>>>>>>>> >>>>>>>>>>>> On 12/10/2016 13:57, Matthew Broadhead wrote: >>>>>>>>>>>>> I have a server running >>>>>>>>>>>>> centos-release-7-2.1511.el7.centos.2.10.x86_64 with dovecot >>>>>>>>>>>>> version 2.2.10. I am also using roundcube for webmail. >>>>>>>>>>>>> when a >>>>>>>>>>>>> vacation filter (reply with message) is created in roundcube >>>>>>>>>>>>> it adds a rule to managesieve.sieve in the user's mailbox. >>>>>>>>>>>>> everything works fine except the reply comes from >>>>>>>>>>>>> vmail at ns1.domain.tld instead of user at domain.tld. >>>>>>>>>>>>> ns1.domain.tld is the fully qualified name of the server. >>>>>>>>>>>>> >>>>>>>>>>>>> it used to work fine on my old CentOS 6 server so I am not >>>>>>>>>>>>> sure what has changed. Can anyone point me in the direction >>>>>>>>>>>>> of where I can configure this behaviour? From larryrtx at gmail.com Sun Nov 6 16:48:46 2016 From: larryrtx at gmail.com (Larry Rosenman) Date: Sun, 6 Nov 2016 10:48:46 -0600 Subject: imapsieve pigeonhole plugin? In-Reply-To: References: Message-ID: it also appears that the above-captioned file is *NOT* in the tarball :( On Sun, Nov 6, 2016 at 10:39 AM, Larry Rosenman wrote: > ok, I found: > https://github.com/dovecot/pigeonhole/blob/master/doc/ > plugins/imapsieve.txt > and that helps. > > Can this be added to the Wiki? > > On Sun, Nov 6, 2016 at 10:30 AM, Larry Rosenman > wrote: > >> How do you enable the imapsieve plugin? I added >> sieve_plugins = imapsieve >> >> and it whines: >> hebighonker.lerctr.org /usr/local/etc/dovecot/conf.d # service dovecot >> restart >> managesieve: Fatal: Plugin 'imapsieve' not found from directory >> /usr/local/lib/dovecot/sieve >> doveconf: Error: managesieve-login: dump-capability process returned 89 >> Stopping dovecot. >> Waiting for PIDS: 97491. >> managesieve: Fatal: Plugin 'imapsieve' not found from directory >> /usr/local/lib/dovecot/sieve >> doveconf: Error: managesieve-login: dump-capability process returned 89 >> Starting dovecot. >> managesieve: Fatal: Plugin 'imapsieve' not found from directory >> /usr/local/lib/dovecot/sieve >> doveconf: Error: managesieve-login: dump-capability process returned 89 >> >> >> this plugin seems to be poorly documented. :( >> >> -- >> Larry Rosenman http://www.lerctr.org/~ler >> Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com >> US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 >> > > > > -- > Larry Rosenman http://www.lerctr.org/~ler > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com > US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 > -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From larryrtx at gmail.com Sun Nov 6 17:35:06 2016 From: larryrtx at gmail.com (Larry Rosenman) Date: Sun, 6 Nov 2016 11:35:06 -0600 Subject: imapsieve pigeonhole plugin? In-Reply-To: References: Message-ID: also, with NO scripts defined, but imapsieve active, marking a large virtual mailbox all seen garners: Nov 6 11:30:59 thebighonker dovecot: imap(ler): Panic: file imap-sieve-storage.c: line 616: unreached I can provide more logs, but doing the same to (one of) the base mailbox(es) does NOT garner the message. 600 can_discard = FALSE; 601 switch (isuser->cur_cmd) { 602 case IMAP_SIEVE_CMD_APPEND: 603 cause = "APPEND"; 604 can_discard = TRUE; 605 break; 606 case IMAP_SIEVE_CMD_COPY: 607 case IMAP_SIEVE_CMD_MOVE: 608 cause = "COPY"; 609 can_discard = TRUE; 610 break; 611 case IMAP_SIEVE_CMD_STORE: 612 case IMAP_SIEVE_CMD_OTHER: 613 cause = "FLAG"; 614 break; 615 default: 616 i_unreached(); 617 } On Sun, Nov 6, 2016 at 10:48 AM, Larry Rosenman wrote: > it also appears that the above-captioned file is *NOT* in the tarball :( > > On Sun, Nov 6, 2016 at 10:39 AM, Larry Rosenman > wrote: > >> ok, I found: >> https://github.com/dovecot/pigeonhole/blob/master/doc/plugin >> s/imapsieve.txt >> and that helps. >> >> Can this be added to the Wiki? >> >> On Sun, Nov 6, 2016 at 10:30 AM, Larry Rosenman >> wrote: >> >>> How do you enable the imapsieve plugin? I added >>> sieve_plugins = imapsieve >>> >>> and it whines: >>> hebighonker.lerctr.org /usr/local/etc/dovecot/conf.d # service dovecot >>> restart >>> managesieve: Fatal: Plugin 'imapsieve' not found from directory >>> /usr/local/lib/dovecot/sieve >>> doveconf: Error: managesieve-login: dump-capability process returned 89 >>> Stopping dovecot. >>> Waiting for PIDS: 97491. >>> managesieve: Fatal: Plugin 'imapsieve' not found from directory >>> /usr/local/lib/dovecot/sieve >>> doveconf: Error: managesieve-login: dump-capability process returned 89 >>> Starting dovecot. >>> managesieve: Fatal: Plugin 'imapsieve' not found from directory >>> /usr/local/lib/dovecot/sieve >>> doveconf: Error: managesieve-login: dump-capability process returned 89 >>> >>> >>> this plugin seems to be poorly documented. :( >>> >>> -- >>> Larry Rosenman http://www.lerctr.org/~ler >>> Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com >>> US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 >>> >> >> >> >> -- >> Larry Rosenman http://www.lerctr.org/~ler >> Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com >> US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 >> > > > > -- > Larry Rosenman http://www.lerctr.org/~ler > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com > US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 > -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From kremels at kreme.com Sun Nov 6 22:14:33 2016 From: kremels at kreme.com (@lbutlr) Date: Sun, 6 Nov 2016 15:14:33 -0700 Subject: virtual mailbox: any way to include..... In-Reply-To: References: Message-ID: <6714C15A-73E6-46C5-ABF0-3DCF090F2FC3@kreme.com> On 05 Nov 2016, at 16:36, Larry Rosenman wrote: > \# and plain # does NOT work. Have you tried quoting? From larryrtx at gmail.com Sun Nov 6 22:16:27 2016 From: larryrtx at gmail.com (Larry Rosenman) Date: Sun, 6 Nov 2016 16:16:27 -0600 Subject: virtual mailbox: any way to include..... In-Reply-To: <6714C15A-73E6-46C5-ABF0-3DCF090F2FC3@kreme.com> References: <6714C15A-73E6-46C5-ABF0-3DCF090F2FC3@kreme.com> Message-ID: I gave up, and changed the prefix as I didn't want to muck with it too much However, the issue should be documented, and how to use it. On Sun, Nov 6, 2016 at 4:14 PM, @lbutlr wrote: > On 05 Nov 2016, at 16:36, Larry Rosenman wrote: > > \# and plain # does NOT work. > > Have you tried quoting? > -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From nuquaquaraqua at gmail.com Mon Nov 7 00:35:05 2016 From: nuquaquaraqua at gmail.com (=?UTF-8?Q?Quaquaraqu=c3=a0?=) Date: Mon, 7 Nov 2016 01:35:05 +0100 Subject: Redirect the emails from domain2 to domain1 Message-ID: <383cd1fd-8e40-f19e-96ae-0281a7ed922a@gmail.com> Dear Dovecot and Exim users, I have a VPS using these two applications. I am transitioning from a domain_old to a domain_new. I'd like to redirect all the emails from domain_old to the local mailboxes of users @ domain_new. In exim I've assumed that it is enough to add domain_old to the list of local domains: domainlist local_domains = @ : domain_new : domain_old ... begin routers ... local_users: debug_print = "R: local_user for $local_part@$domain" driver = accept domains = +local_domains transport = dovecot_lmtp cannot_route_message = Unknown user However in Dovecot I'm checking both the username and the domain to perform the authentication: auth_username_format = %Lu passdb { driver = sql ; } password_query = SELECT username, domain, password FROM users WHERE username = '%n' AND domain = '%d' To have this system to work, I wish some special rule that rewrites the domain from domain_old to domain_new. But I'm not sure whether this needs to be done in exim or dovecot and how to add it? - Quaquaraqua' From stephan at rename-it.nl Mon Nov 7 08:37:02 2016 From: stephan at rename-it.nl (Stephan Bosch) Date: Mon, 7 Nov 2016 09:37:02 +0100 Subject: sieve sending vacation message from vmail@ns1.domain.tld In-Reply-To: References: <71b362e8-3a69-076d-6376-2f3bbd39d0eb@nbmlaw.co.uk> <94941225-09d0-1440-1733-3884cc6dcd67@rename-it.nl> <7cdadba3-fd03-7d8c-1235-b428018a081c@nbmlaw.co.uk> <55712b3a-4812-f0a6-c9f9-59efcdac79f7@rename-it.nl> <8260ce16-bc94-e3a9-13d1-f1204e6ae525@rename-it.nl> <344d3d36-b905-5a90-e0ea-17d556076838@nbmlaw.co.uk> <9b47cb74-0aa7-4851-11f0-5a367341a63b@nbmlaw.co.uk> <4aa89a3c-937f-a1e6-3871-1df196ac7af2@rename-it.nl> <0c0eaf7f-e65c-e31d-443f-21f3e3ae4fd2@nbmlaw.co.uk> <15a908f9-2820-d056-e221-984c0a994e77@nbmlaw.co.uk> Message-ID: <889af467-0586-6186-8b14-bd11e12f9767@rename-it.nl> Op 11/6/2016 om 5:44 PM schreef Matthew Broadhead: > it seemed like a simple configuration issue. i was hoping someone > could point me in the right direction. seems i was wrong. i may as > well unsubscribe this list as there is not much help here Your configuration doesn't show me something obviously wrong. As I said, it is a very old version. So, it is likely caused by some old bug. You can try turning off sieve_vacation_send_from_recipient=, which is not used very often and there have been a few bugs with that. I don't know how to help you more. Regards, Stephan. > > On 02/11/2016 18:29, Matthew Broadhead wrote: >> is there something more i need to be doing my end? >> >> On 25/10/2016 09:11, Matthew Broadhead wrote: >>> are there any instructions or tests i can make to check the sieve >>> configuration? or does the magic all happen internally and there >>> are no settings to change? >>> >>> On 21/10/2016 10:22, Matthew Broadhead wrote: >>>> the server is using CentOS 7 and that is the package that comes >>>> through yum. everything is up to date. i am hesitant to install a >>>> new package manually as that could cause other compatibility >>>> issues? is there another way to test the configuration on the server? >>>> >>>> On 21/10/2016 01:07, Stephan Bosch wrote: >>>>> Op 10/20/2016 om 7:38 PM schreef Matthew Broadhead: >>>>>> do i need to provide more information? >>>>>> >>>>> It still doesn't make sense to me. I do notice that the version >>>>> you're >>>>> using is ancient (dated 26-09-2013), which may well the problem. >>>>> >>>>> Do have the ability to upgrade? >>>>> >>>>> Regards, >>>>> >>>>> Stephan. >>>>> >>>>>> On 19/10/2016 14:49, Matthew Broadhead wrote: >>>>>>> /var/log/maillog showed this >>>>>>> Oct 19 13:25:41 ns1 postfix/smtpd[1298]: 7599A2C19C6: >>>>>>> client=unknown[127.0.0.1] >>>>>>> Oct 19 13:25:41 ns1 postfix/cleanup[1085]: 7599A2C19C6: >>>>>>> message-id= >>>>>>> Oct 19 13:25:41 ns1 postfix/qmgr[1059]: 7599A2C19C6: >>>>>>> from=, size=3190, nrcpt=1 (queue >>>>>>> active) >>>>>>> Oct 19 13:25:41 ns1 amavis[32367]: (32367-17) Passed CLEAN >>>>>>> {RelayedInternal}, ORIGINATING LOCAL [80.30.255.180]:54566 >>>>>>> [80.30.255.180] -> >>>>>>> , Queue-ID: BFFA62C1965, Message-ID: >>>>>>> , mail_id: >>>>>>> TlJQ9xQhWjQk, Hits: -2.9, size: 2235, queued_as: 7599A2C19C6, >>>>>>> dkim_new=foo:nbmlaw.co.uk, 531 ms >>>>>>> Oct 19 13:25:41 ns1 postfix/smtp[1135]: BFFA62C1965: >>>>>>> to=, relay=127.0.0.1[127.0.0.1]:10026, >>>>>>> delay=0.76, delays=0.22/0/0/0.53, dsn=2.0.0, status=sent (250 2.0.0 >>>>>>> from MTA(smtp:[127.0.0.1]:10027): 250 2.0.0 Ok: queued as >>>>>>> 7599A2C19C6) >>>>>>> Oct 19 13:25:41 ns1 postfix/qmgr[1059]: BFFA62C1965: removed >>>>>>> Oct 19 13:25:41 ns1 postfix/smtpd[1114]: connect from >>>>>>> ns1.nbmlaw.co.uk[217.174.253.19] >>>>>>> Oct 19 13:25:41 ns1 postfix/smtpd[1114]: NOQUEUE: filter: RCPT from >>>>>>> ns1.nbmlaw.co.uk[217.174.253.19]: : Sender >>>>>>> address triggers FILTER smtp-amavis:[127.0.0.1]:10026; >>>>>>> from= to= >>>>>>> proto=SMTP helo= >>>>>>> Oct 19 13:25:41 ns1 postfix/smtpd[1114]: 8A03F2C1965: >>>>>>> client=ns1.nbmlaw.co.uk[217.174.253.19] >>>>>>> Oct 19 13:25:41 ns1 postfix/cleanup[1085]: 8A03F2C1965: >>>>>>> message-id= >>>>>>> Oct 19 13:25:41 ns1 opendmarc[2430]: implicit authentication >>>>>>> service: >>>>>>> ns1.nbmlaw.co.uk >>>>>>> Oct 19 13:25:41 ns1 opendmarc[2430]: 8A03F2C1965: >>>>>>> ns1.nbmlaw.co.uk fail >>>>>>> Oct 19 13:25:41 ns1 postfix/qmgr[1059]: 8A03F2C1965: >>>>>>> from=, size=1077, nrcpt=1 (queue active) >>>>>>> Oct 19 13:25:41 ns1 postfix/smtpd[1114]: disconnect from >>>>>>> ns1.nbmlaw.co.uk[217.174.253.19] >>>>>>> Oct 19 13:25:41 ns1 sSMTP[1895]: Sent mail for >>>>>>> vmail at ns1.nbmlaw.co.uk >>>>>>> (221 2.0.0 Bye) uid=996 username=vmail outbytes=971 >>>>>>> Oct 19 13:25:41 ns1 postfix/smtpd[1898]: connect from >>>>>>> unknown[127.0.0.1] >>>>>>> Oct 19 13:25:41 ns1 postfix/pipe[1162]: 7599A2C19C6: >>>>>>> to=, relay=dovecot, delay=0.46, >>>>>>> delays=0/0/0/0.45, dsn=2.0.0, status=sent (delivered via dovecot >>>>>>> service) >>>>>>> Oct 19 13:25:41 ns1 postfix/qmgr[1059]: 7599A2C19C6: removed >>>>>>> Oct 19 13:25:41 ns1 postfix/smtpd[1898]: E53472C19C6: >>>>>>> client=unknown[127.0.0.1] >>>>>>> Oct 19 13:25:41 ns1 postfix/cleanup[1085]: E53472C19C6: >>>>>>> message-id= >>>>>>> Oct 19 13:25:41 ns1 postfix/qmgr[1059]: E53472C19C6: >>>>>>> from=, size=1619, nrcpt=1 (queue active) >>>>>>> Oct 19 13:25:41 ns1 amavis[1885]: (01885-01) Passed CLEAN >>>>>>> {RelayedInternal}, ORIGINATING LOCAL [217.174.253.19]:40960 >>>>>>> [217.174.253.19] -> >>>>>>> , Queue-ID: 8A03F2C1965, >>>>>>> Message-ID: >>>>>>> , mail_id: >>>>>>> mOMO97yjVqjM, Hits: -2.211, size: 1301, queued_as: E53472C19C6, >>>>>>> 296 ms >>>>>>> Oct 19 13:25:41 ns1 postfix/smtp[1217]: 8A03F2C1965: >>>>>>> to=, >>>>>>> relay=127.0.0.1[127.0.0.1]:10026, delay=0.38, delays=0.08/0/0/0.29, >>>>>>> dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10027): >>>>>>> 250 2.0.0 Ok: queued as E53472C19C6) >>>>>>> Oct 19 13:25:41 ns1 postfix/qmgr[1059]: 8A03F2C1965: removed >>>>>>> Oct 19 13:25:42 ns1 postfix/pipe[1303]: E53472C19C6: >>>>>>> to=, relay=dovecot, delay=0.14, >>>>>>> delays=0/0/0/0.14, dsn=2.0.0, status=sent (delivered via dovecot >>>>>>> service) >>>>>>> Oct 19 13:25:42 ns1 postfix/qmgr[1059]: E53472C19C6: removed >>>>>>> >>>>>>> On 19/10/2016 13:54, Stephan Bosch wrote: >>>>>>>> >>>>>>>> Op 19-10-2016 om 13:47 schreef Matthew Broadhead: >>>>>>>>> i am not 100% sure how to give you the information you require. >>>>>>>>> >>>>>>>>> my current setup in /etc/postfix/master.cf is >>>>>>>>> flags=DRhu user=vmail:mail argv=/usr/libexec/dovecot/deliver -d >>>>>>>>> ${recipient} >>>>>>>>> so recipient would presumably be user at domain.tld? or do you want >>>>>>>>> the real email address of one of our users? is there some way i >>>>>>>>> can output this information directly e.g. in logs? >>>>>>>> I am no Postfix expert. I just need to know which values are being >>>>>>>> passed to dovecot-lda with what options. I'd assume Postfix allows >>>>>>>> logging the command line or at least the values of these >>>>>>>> variables. >>>>>>>> >>>>>>>>> the incoming email message could be anything? again i can run an >>>>>>>>> example directly if you can advise the best way to do this >>>>>>>> As long as the problem occurs with this message. >>>>>>>> >>>>>>>> BTW, it would also be helpful to have the Dovecot logs from this >>>>>>>> delivery, with mail_debug configured to "yes". >>>>>>>> >>>>>>>> Regards, >>>>>>>> >>>>>>>> Stephan. >>>>>>>> >>>>>>>>> On 19/10/2016 12:54, Stephan Bosch wrote: >>>>>>>>>> Also, please provide an example scenario; i.e., for one >>>>>>>>>> problematic delivery provide: >>>>>>>>>> >>>>>>>>>> - The values of the variables substituted in the dovecot-lda >>>>>>>>>> command line; i.e., provide that command line. >>>>>>>>>> - The incoming e-mail message. >>>>>>>>>> >>>>>>>>>> Regards, >>>>>>>>>> >>>>>>>>>> Stephan. >>>>>>>>>> >>>>>>>>>> Op 19-10-2016 om 12:43 schreef Matthew Broadhead: >>>>>>>>>>> dovecot is configured by sentora control panel to a certain >>>>>>>>>>> extent. if you want those configs i can send them as well >>>>>>>>>>> >>>>>>>>>>> dovecot -n >>>>>>>>>>> >>>>>>>>>>> debug_log_path = /var/log/dovecot-debug.log >>>>>>>>>>> dict { >>>>>>>>>>> quotadict = >>>>>>>>>>> mysql:/etc/sentora/configs/dovecot2/dovecot-dict-quota.conf >>>>>>>>>>> } >>>>>>>>>>> disable_plaintext_auth = no >>>>>>>>>>> first_valid_gid = 12 >>>>>>>>>>> first_valid_uid = 996 >>>>>>>>>>> info_log_path = /var/log/dovecot-info.log >>>>>>>>>>> lda_mailbox_autocreate = yes >>>>>>>>>>> lda_mailbox_autosubscribe = yes >>>>>>>>>>> listen = * >>>>>>>>>>> lmtp_save_to_detail_mailbox = yes >>>>>>>>>>> log_path = /var/log/dovecot.log >>>>>>>>>>> log_timestamp = %Y-%m-%d %H:%M:%S >>>>>>>>>>> mail_fsync = never >>>>>>>>>>> mail_location = maildir:/var/sentora/vmail/%d/%n >>>>>>>>>>> managesieve_notify_capability = mailto >>>>>>>>>>> managesieve_sieve_capability = fileinto reject envelope >>>>>>>>>>> encoded-character vacation subaddress >>>>>>>>>>> comparator-i;ascii-numeric >>>>>>>>>>> relational regex imap4flags copy include variables body enotify >>>>>>>>>>> environment mailbox date ihave >>>>>>>>>>> passdb { >>>>>>>>>>> args = /etc/sentora/configs/dovecot2/dovecot-mysql.conf >>>>>>>>>>> driver = sql >>>>>>>>>>> } >>>>>>>>>>> plugin { >>>>>>>>>>> acl = vfile:/etc/dovecot/acls >>>>>>>>>>> quota = maildir:User quota >>>>>>>>>>> sieve = ~/dovecot.sieve >>>>>>>>>>> sieve_dir = ~/sieve >>>>>>>>>>> sieve_global_dir = /var/sentora/sieve/ >>>>>>>>>>> sieve_global_path = /var/sentora/sieve/globalfilter.sieve >>>>>>>>>>> sieve_max_script_size = 1M >>>>>>>>>>> sieve_vacation_send_from_recipient = yes >>>>>>>>>>> trash = /etc/sentora/configs/dovecot2/dovecot-trash.conf >>>>>>>>>>> } >>>>>>>>>>> protocols = imap pop3 lmtp sieve >>>>>>>>>>> service auth { >>>>>>>>>>> unix_listener /var/spool/postfix/private/auth { >>>>>>>>>>> group = postfix >>>>>>>>>>> mode = 0666 >>>>>>>>>>> user = postfix >>>>>>>>>>> } >>>>>>>>>>> unix_listener auth-userdb { >>>>>>>>>>> group = mail >>>>>>>>>>> mode = 0666 >>>>>>>>>>> user = vmail >>>>>>>>>>> } >>>>>>>>>>> } >>>>>>>>>>> service dict { >>>>>>>>>>> unix_listener dict { >>>>>>>>>>> group = mail >>>>>>>>>>> mode = 0666 >>>>>>>>>>> user = vmail >>>>>>>>>>> } >>>>>>>>>>> } >>>>>>>>>>> service imap-login { >>>>>>>>>>> inet_listener imap { >>>>>>>>>>> port = 143 >>>>>>>>>>> } >>>>>>>>>>> process_limit = 500 >>>>>>>>>>> process_min_avail = 2 >>>>>>>>>>> } >>>>>>>>>>> service imap { >>>>>>>>>>> vsz_limit = 256 M >>>>>>>>>>> } >>>>>>>>>>> service managesieve-login { >>>>>>>>>>> inet_listener sieve { >>>>>>>>>>> port = 4190 >>>>>>>>>>> } >>>>>>>>>>> process_min_avail = 0 >>>>>>>>>>> service_count = 1 >>>>>>>>>>> vsz_limit = 64 M >>>>>>>>>>> } >>>>>>>>>>> service pop3-login { >>>>>>>>>>> inet_listener pop3 { >>>>>>>>>>> port = 110 >>>>>>>>>>> } >>>>>>>>>>> } >>>>>>>>>>> ssl_cert = >>>>>>>>>> ssl_key = >>>>>>>>>> ssl_protocols = !SSLv2 !SSLv3 >>>>>>>>>>> userdb { >>>>>>>>>>> driver = prefetch >>>>>>>>>>> } >>>>>>>>>>> userdb { >>>>>>>>>>> args = /etc/sentora/configs/dovecot2/dovecot-mysql.conf >>>>>>>>>>> driver = sql >>>>>>>>>>> } >>>>>>>>>>> protocol lda { >>>>>>>>>>> mail_fsync = optimized >>>>>>>>>>> mail_plugins = quota sieve >>>>>>>>>>> postmaster_address = postmaster at ns1.nbmlaw.co.uk >>>>>>>>>>> } >>>>>>>>>>> protocol imap { >>>>>>>>>>> imap_client_workarounds = delay-newmail >>>>>>>>>>> mail_fsync = optimized >>>>>>>>>>> mail_max_userip_connections = 60 >>>>>>>>>>> mail_plugins = quota imap_quota trash >>>>>>>>>>> } >>>>>>>>>>> protocol lmtp { >>>>>>>>>>> mail_plugins = quota sieve >>>>>>>>>>> } >>>>>>>>>>> protocol pop3 { >>>>>>>>>>> mail_plugins = quota >>>>>>>>>>> pop3_client_workarounds = outlook-no-nuls oe-ns-eoh >>>>>>>>>>> pop3_uidl_format = %08Xu%08Xv >>>>>>>>>>> } >>>>>>>>>>> protocol sieve { >>>>>>>>>>> managesieve_implementation_string = Dovecot Pigeonhole >>>>>>>>>>> managesieve_max_compile_errors = 5 >>>>>>>>>>> managesieve_max_line_length = 65536 >>>>>>>>>>> } >>>>>>>>>>> >>>>>>>>>>> managesieve.sieve >>>>>>>>>>> >>>>>>>>>>> require ["fileinto","vacation"]; >>>>>>>>>>> # rule:[vacation] >>>>>>>>>>> if true >>>>>>>>>>> { >>>>>>>>>>> vacation :days 1 :subject "Vacation subject" text: >>>>>>>>>>> i am currently out of the office >>>>>>>>>>> >>>>>>>>>>> trying some line breaks >>>>>>>>>>> >>>>>>>>>>> ...zzz >>>>>>>>>>> . >>>>>>>>>>> ; >>>>>>>>>>> } >>>>>>>>>>> >>>>>>>>>>> On 19/10/2016 12:29, Stephan Bosch wrote: >>>>>>>>>>>> Could you send your configuration (output from `dovecot -n`)? >>>>>>>>>>>> >>>>>>>>>>>> Also, please provide an example scenario; i.e., for one >>>>>>>>>>>> problematic delivery provide: >>>>>>>>>>>> >>>>>>>>>>>> - The values of the variables substituted below. >>>>>>>>>>>> >>>>>>>>>>>> - The incoming e-mail message. >>>>>>>>>>>> >>>>>>>>>>>> - The Sieve script (or at least that vacation command). >>>>>>>>>>>> >>>>>>>>>>>> Regards, >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> Stephan. >>>>>>>>>>>> >>>>>>>>>>>> Op 19-10-2016 om 11:42 schreef Matthew Broadhead: >>>>>>>>>>>>> hi, does anyone have any ideas about this issue? i have not >>>>>>>>>>>>> had any response yet >>>>>>>>>>>>> >>>>>>>>>>>>> i tried changing /etc/postfix/master.cf line: >>>>>>>>>>>>> dovecot unix - n n - - pipe >>>>>>>>>>>>> flags=DRhu user=vmail:mail >>>>>>>>>>>>> argv=/usr/libexec/dovecot/deliver -d >>>>>>>>>>>>> ${recipient} >>>>>>>>>>>>> >>>>>>>>>>>>> to >>>>>>>>>>>>> flags=DRhu user=vmail:mail >>>>>>>>>>>>> argv=/usr/libexec/dovecot/dovecot-lda -f ${sender} -d >>>>>>>>>>>>> ${user}@${nexthop} -a ${original_recipient} >>>>>>>>>>>>> >>>>>>>>>>>>> and >>>>>>>>>>>>> -d ${user}@${domain} -a {recipient} -f ${sender} -m >>>>>>>>>>>>> ${extension} >>>>>>>>>>>>> >>>>>>>>>>>>> but it didn't work >>>>>>>>>>>>> >>>>>>>>>>>>> On 12/10/2016 13:57, Matthew Broadhead wrote: >>>>>>>>>>>>>> I have a server running >>>>>>>>>>>>>> centos-release-7-2.1511.el7.centos.2.10.x86_64 with dovecot >>>>>>>>>>>>>> version 2.2.10. I am also using roundcube for webmail. >>>>>>>>>>>>>> when a >>>>>>>>>>>>>> vacation filter (reply with message) is created in roundcube >>>>>>>>>>>>>> it adds a rule to managesieve.sieve in the user's mailbox. >>>>>>>>>>>>>> everything works fine except the reply comes from >>>>>>>>>>>>>> vmail at ns1.domain.tld instead of user at domain.tld. >>>>>>>>>>>>>> ns1.domain.tld is the fully qualified name of the server. >>>>>>>>>>>>>> >>>>>>>>>>>>>> it used to work fine on my old CentOS 6 server so I am not >>>>>>>>>>>>>> sure what has changed. Can anyone point me in the direction >>>>>>>>>>>>>> of where I can configure this behaviour? From stephan at rename-it.nl Mon Nov 7 09:30:23 2016 From: stephan at rename-it.nl (Stephan Bosch) Date: Mon, 7 Nov 2016 10:30:23 +0100 Subject: imapsieve pigeonhole plugin? In-Reply-To: References: Message-ID: <4a856d74-1c74-530e-2f89-5a56eaf611e0@rename-it.nl> Op 11/6/2016 om 5:48 PM schreef Larry Rosenman: > it also appears that the above-captioned file is *NOT* in the tarball :( Fixed: https://github.com/dovecot/pigeonhole/commit/be11698e5cf4ec24af3922c7198040f6d8ccc731 Regards, Stephan > On Sun, Nov 6, 2016 at 10:39 AM, Larry Rosenman wrote: > >> ok, I found: >> https://github.com/dovecot/pigeonhole/blob/master/doc/ >> plugins/imapsieve.txt >> and that helps. >> >> Can this be added to the Wiki? >> >> On Sun, Nov 6, 2016 at 10:30 AM, Larry Rosenman >> wrote: >> >>> How do you enable the imapsieve plugin? I added >>> sieve_plugins = imapsieve >>> >>> and it whines: >>> hebighonker.lerctr.org /usr/local/etc/dovecot/conf.d # service dovecot >>> restart >>> managesieve: Fatal: Plugin 'imapsieve' not found from directory >>> /usr/local/lib/dovecot/sieve >>> doveconf: Error: managesieve-login: dump-capability process returned 89 >>> Stopping dovecot. >>> Waiting for PIDS: 97491. >>> managesieve: Fatal: Plugin 'imapsieve' not found from directory >>> /usr/local/lib/dovecot/sieve >>> doveconf: Error: managesieve-login: dump-capability process returned 89 >>> Starting dovecot. >>> managesieve: Fatal: Plugin 'imapsieve' not found from directory >>> /usr/local/lib/dovecot/sieve >>> doveconf: Error: managesieve-login: dump-capability process returned 89 >>> >>> >>> this plugin seems to be poorly documented. :( >>> >>> -- >>> Larry Rosenman http://www.lerctr.org/~ler >>> Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com >>> US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 >>> >> >> >> -- >> Larry Rosenman http://www.lerctr.org/~ler >> Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com >> US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 >> > > From stephan at rename-it.nl Mon Nov 7 09:31:20 2016 From: stephan at rename-it.nl (Stephan Bosch) Date: Mon, 7 Nov 2016 10:31:20 +0100 Subject: imapsieve pigeonhole plugin? In-Reply-To: References: Message-ID: <64117cdc-ae1f-c0a0-4a37-1b84df8bc21d@rename-it.nl> Op 11/6/2016 om 6:35 PM schreef Larry Rosenman: > also, with NO scripts defined, but imapsieve active, marking a large virtual > mailbox all seen garners: > > Nov 6 11:30:59 thebighonker dovecot: imap(ler): Panic: file > imap-sieve-storage.c: line 616: unreached > > I can provide more logs, but doing the same to (one of) the base > mailbox(es) does NOT garner > the message. > > > 600 can_discard = FALSE; > 601 switch (isuser->cur_cmd) { > 602 case IMAP_SIEVE_CMD_APPEND: > 603 cause = "APPEND"; > 604 can_discard = TRUE; > 605 break; > 606 case IMAP_SIEVE_CMD_COPY: > 607 case IMAP_SIEVE_CMD_MOVE: > 608 cause = "COPY"; > 609 can_discard = TRUE; > 610 break; > 611 case IMAP_SIEVE_CMD_STORE: > 612 case IMAP_SIEVE_CMD_OTHER: > 613 cause = "FLAG"; > 614 break; > 615 default: > 616 i_unreached(); > 617 } Will investigate more later today. Regards, Stephan. From larryrtx at gmail.com Mon Nov 7 12:33:02 2016 From: larryrtx at gmail.com (Larry Rosenman) Date: Mon, 7 Nov 2016 06:33:02 -0600 Subject: imapsieve pigeonhole plugin? In-Reply-To: <64117cdc-ae1f-c0a0-4a37-1b84df8bc21d@rename-it.nl> References: <64117cdc-ae1f-c0a0-4a37-1b84df8bc21d@rename-it.nl> Message-ID: additional info. This happens when the mailbox definition includes the seen flag: thebighonker.lerctr.org /home/ler/MAIL-VIRTUAL $ cat list-unseen/dovecot-virtual lists/* unseen thebighonker.lerctr.org /home/ler/MAIL-VIRTUAL $ cat other-unseen/dovecot-virtual * -lists/* unseen thebighonker.lerctr.org /home/ler/MAIL-VIRTUAL $ not sure if that makes a difference. On Mon, Nov 7, 2016 at 3:31 AM, Stephan Bosch wrote: > Op 11/6/2016 om 6:35 PM schreef Larry Rosenman: > > also, with NO scripts defined, but imapsieve active, marking a large > virtual > > mailbox all seen garners: > > > > Nov 6 11:30:59 thebighonker dovecot: imap(ler): Panic: file > > imap-sieve-storage.c: line 616: unreached > > > > I can provide more logs, but doing the same to (one of) the base > > mailbox(es) does NOT garner > > the message. > > > > > > 600 can_discard = FALSE; > > 601 switch (isuser->cur_cmd) { > > 602 case IMAP_SIEVE_CMD_APPEND: > > 603 cause = "APPEND"; > > 604 can_discard = TRUE; > > 605 break; > > 606 case IMAP_SIEVE_CMD_COPY: > > 607 case IMAP_SIEVE_CMD_MOVE: > > 608 cause = "COPY"; > > 609 can_discard = TRUE; > > 610 break; > > 611 case IMAP_SIEVE_CMD_STORE: > > 612 case IMAP_SIEVE_CMD_OTHER: > > 613 cause = "FLAG"; > > 614 break; > > 615 default: > > 616 i_unreached(); > > 617 } > > Will investigate more later today. > > Regards, > > Stephan. > -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From larryrtx at gmail.com Mon Nov 7 15:56:59 2016 From: larryrtx at gmail.com (Larry Rosenman) Date: Mon, 7 Nov 2016 09:56:59 -0600 Subject: imapsieve pigeonhole plugin? In-Reply-To: References: <64117cdc-ae1f-c0a0-4a37-1b84df8bc21d@rename-it.nl> Message-ID: also, it appears to NOT matter the size of the (virtual) mailbox. -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From petros.fraser at gmail.com Mon Nov 7 19:24:31 2016 From: petros.fraser at gmail.com (Peter Fraser) Date: Mon, 7 Nov 2016 14:24:31 -0500 Subject: Dovecot and zlib Message-ID: HI All I have a dovecot 1 server up and running without zlib and I am setting up a new Dovecot 2 Server and I want to use zlib. What is the proper way to do this? Should I set up the new server, copy the mail across and then enable zlib or do I compress the current mail in place and then copy across? Thanks for any help. From doctor at doctor.nl2k.ab.ca Mon Nov 7 20:33:00 2016 From: doctor at doctor.nl2k.ab.ca (The Doctor) Date: Mon, 7 Nov 2016 13:33:00 -0700 Subject: Repeat e-mail syndrome shows up in 2.2.26+ In-Reply-To: <20161104172916.GA42647@doctor.nl2k.ab.ca> References: <20161101162637.GA26017@doctor.nl2k.ab.ca> <20161104172916.GA42647@doctor.nl2k.ab.ca> Message-ID: <20161107203300.GA74789@doctor.nl2k.ab.ca> On Fri, Nov 04, 2016 at 11:29:16AM -0600, The Doctor wrote: > On Wed, Nov 02, 2016 at 07:15:17PM +0200, Timo Sirainen wrote: > > On 01 Nov 2016, at 18:26, The Doctor wrote: > > > > > > Getting complaints from people about pop/imap > > > > > > issues. > > > > > > some people are getting repaeted e-mail. > > > > > > Other are not able to delete their e-mails from an IMAP lcient. > > > > Anything in error logs? POP3 duplicates sound like IMAP UIDs were changed (or are still changing?) > > Tat is what I see in the log. > > I did send a huge attachment. > > Dovecot was adding the UID by 1 for some odd reason. > > Can you track down why this is occuring? > > And even IMAP folder cannot update. > > I right have to revert to 2.2.25 for now until these issues > are addressed. > Reverting will not work. I have clients turning into dragons over this issue. Any fix on the horizon? -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Time for the USA to hold a referendum on its republic and vote to dissolve!! From stephan at rename-it.nl Tue Nov 8 00:52:38 2016 From: stephan at rename-it.nl (Stephan Bosch) Date: Tue, 8 Nov 2016 01:52:38 +0100 Subject: imapsieve pigeonhole plugin? In-Reply-To: References: <64117cdc-ae1f-c0a0-4a37-1b84df8bc21d@rename-it.nl> Message-ID: <90496d8a-c78d-c938-3422-35a91bec7c9c@rename-it.nl> Op 11/7/2016 om 4:56 PM schreef Larry Rosenman: > also, it appears to NOT matter the size of the (virtual) mailbox. Fixed: https://github.com/dovecot/pigeonhole/commit/00651e607c6ea9145ec565dcfd2fdf7d04bb32e9 Regards, Stephan. From larryrtx at gmail.com Tue Nov 8 02:31:36 2016 From: larryrtx at gmail.com (Larry Rosenman) Date: Mon, 7 Nov 2016 20:31:36 -0600 Subject: imapsieve pigeonhole plugin? In-Reply-To: <90496d8a-c78d-c938-3422-35a91bec7c9c@rename-it.nl> References: <64117cdc-ae1f-c0a0-4a37-1b84df8bc21d@rename-it.nl> <90496d8a-c78d-c938-3422-35a91bec7c9c@rename-it.nl> Message-ID: fixes it for me, thank you for the fast patch. I also submitted a port update to FreeBSD with it. On Mon, Nov 7, 2016 at 6:52 PM, Stephan Bosch wrote: > Op 11/7/2016 om 4:56 PM schreef Larry Rosenman: > > also, it appears to NOT matter the size of the (virtual) mailbox. > > Fixed: > > https://github.com/dovecot/pigeonhole/commit/ > 00651e607c6ea9145ec565dcfd2fdf7d04bb32e9 > > Regards, > > Stephan. > > -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From eraya at a21an.org Tue Nov 8 06:16:53 2016 From: eraya at a21an.org (Eray Aslan) Date: Tue, 8 Nov 2016 09:16:53 +0300 Subject: build failure --without-ssl Message-ID: <20161108061653.GA22171@angelfall.a21an.org> dovecot-2.2.26.0: $ ./configure --without-ssl && make [...] libtool: error: cannot find the library '../lib-ssl-iostream/libssl_iostream_openssl.la' or unhandled argument '../lib-ssl-iostream/libssl_iostream_openssl.la' make[3]: *** [Makefile:738: test-http-client] Error 1 Had a quick look. When configured without ssl, the tests were failing at run time for dovecot-2.2.25. So, this change is good but not enough. Apparently, some people do use dovecot without ssl. https://bugs.gentoo.org/show_bug.cgi?id=599024 -- Eray From doctor at doctor.nl2k.ab.ca Tue Nov 8 07:04:10 2016 From: doctor at doctor.nl2k.ab.ca (The Doctor) Date: Tue, 8 Nov 2016 00:04:10 -0700 Subject: Repeat e-mail syndrome shows up in 2.2.26+ In-Reply-To: <20161107203300.GA74789@doctor.nl2k.ab.ca> References: <20161101162637.GA26017@doctor.nl2k.ab.ca> <20161104172916.GA42647@doctor.nl2k.ab.ca> <20161107203300.GA74789@doctor.nl2k.ab.ca> Message-ID: <20161108070410.GA48029@doctor.nl2k.ab.ca> On Mon, Nov 07, 2016 at 01:33:00PM -0700, The Doctor wrote: > On Fri, Nov 04, 2016 at 11:29:16AM -0600, The Doctor wrote: > > On Wed, Nov 02, 2016 at 07:15:17PM +0200, Timo Sirainen wrote: > > > On 01 Nov 2016, at 18:26, The Doctor wrote: > > > > > > > > Getting complaints from people about pop/imap > > > > > > > > issues. > > > > > > > > some people are getting repaeted e-mail. > > > > > > > > Other are not able to delete their e-mails from an IMAP lcient. > > > > > > Anything in error logs? POP3 duplicates sound like IMAP UIDs were changed (or are still changing?) > > > > Tat is what I see in the log. > > > > I did send a huge attachment. > > > > Dovecot was adding the UID by 1 for some odd reason. > > > > Can you track down why this is occuring? > > > > And even IMAP folder cannot update. > > > > I right have to revert to 2.2.25 for now until these issues > > are addressed. > > > > Reverting will not work. > > I have clients turning into dragons over this issue. > > Any fix on the horizon? > doing some research, I did use Thunderbird in this case with IMAP Mail. In my own account I used roundcube mail delete unhidden trash and seems to have solved my problem. In another account, I see lots of white items in RoundCude as if these items are hidden from Thunderbird hance blocking the IMAP Client from deleting e-mails. Has anyone ran into this before? -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Time for the USA to hold a referendum on its republic and vote to dissolve!! From alec at alec.pl Tue Nov 8 07:24:06 2016 From: alec at alec.pl (A.L.E.C) Date: Tue, 8 Nov 2016 08:24:06 +0100 Subject: Repeat e-mail syndrome shows up in 2.2.26+ In-Reply-To: <20161108070410.GA48029@doctor.nl2k.ab.ca> References: <20161101162637.GA26017@doctor.nl2k.ab.ca> <20161104172916.GA42647@doctor.nl2k.ab.ca> <20161107203300.GA74789@doctor.nl2k.ab.ca> <20161108070410.GA48029@doctor.nl2k.ab.ca> Message-ID: On 08.11.2016 08:04, The Doctor wrote: > In another account, I see lots of white items in RoundCude as if these items are > hidden from Thunderbird hance blocking the IMAP Client from deleting e-mails. I guess these "white items" are messages marked as deleted but not expunged. It is normal with Thunderbird, it does not expunge immediately (probably can be configured to do so). -- Aleksander 'A.L.E.C' Machniak Kolab Groupware Developer [http://kolab.org] Roundcube Webmail Developer [http://roundcube.net] ---------------------------------------------------- PGP: 19359DC1 # Blog: https://kolabian.wordpress.com From wdehoog at exalondelft.nl Tue Nov 8 08:47:39 2016 From: wdehoog at exalondelft.nl (W. de Hoog) Date: Tue, 8 Nov 2016 09:47:39 +0100 Subject: Indexing failed: 500 Internal Server Error Message-ID: <379d8c39-0e3a-3a21-dc6e-10cdae50a257@exalondelft.nl> Hi, While running doveadm index on a mailbox this gets printed: doveadm(neil): Error: fts_solr: Indexing failed: 500 Internal Server Error doveadm(neil): Panic: file http-client-request.c: line 792 (http_client_request_send_payload): assertion failed: (ret == 0) doveadm(neil): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x88662) [0x7f0a52750662] -> /usr/lib/dovecot/libdovecot.so.0(+0x886d9) [0x7f0a527506d9] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f0a526e9f81] -> /usr/lib/dovecot/libdovecot.so.0(http_client_request_send_payload+0xc8) [0x7f0a52703cf8] -> /usr/lib/dovecot/modules/lib21_fts_solr_plugin.so(solr_connection_post_more+0x49) [0x7f0a518654a9] -> /usr/lib/dovecot/modules/lib21_fts_solr_plugin.so(+0x3187) [0x7f0a51861187] -> /usr/lib/dovecot/modules/lib20_fts_plugin.so(+0x8667) [0x7f0a51ec8667] -> /usr/lib/dovecot/modules/lib20_fts_plugin.so(fts_build_mail+0x4f1) [0x7f0a51ec8fb1] -> /usr/lib/dovecot/modules/lib20_fts_plugin.so(+0xefce) [0x7f0a51ecefce] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_precache+0x29) [0x7f0a52a045f9] -> /usr/bin/doveadm(+0x2e997) [0x565355d01997] -> /usr/bin/doveadm(+0x28dec) [0x565355cfbdec] -> /usr/bin/doveadm(+0x299ca) [0x565355cfc9ca] -> /usr/bin/doveadm(doveadm_cmd_ver2_to_mail_cmd_wrapper+0x209) [0x565355cfd7d9] -> /usr/bin/doveadm(doveadm_cmd_run_ver2+0x555) [0x565355d0c715] -> /usr/bin/doveadm(doveadm_cmd_try_run_ver2+0x37) [0x565355d0c767] -> /usr/bin/doveadm(main+0x1da) [0x565355cecc7a] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf0) [0x7f0a5231f830] -> /usr/bin/doveadm(_start+0x29) [0x565355ced059] $ dovecot -n # 2.2.26.0 (23d1de6): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.devel (623ae77) # OS: Linux 4.4.0-45-generic x86_64 Ubuntu 16.04.1 LTS disable_plaintext_auth = no log_path = /var/log/dovecot.log mail_plugins = fts fts_solr mail_privileged_group = mail namespace { hidden = yes inbox = yes list = no location = mbox:~/mail:INBOX=/var/mail/%u prefix = "#mbox/" separator = / } namespace { list = yes location = sdbox:/home/imapshared-sdbox prefix = shared/ separator = / subscriptions = no type = public } namespace inbox { location = sdbox:~/sdboxmail mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / } passdb { driver = pam } plugin { fts = solr fts_autoindex = yes fts_solr = break-imap-search url=http://localhost:8080/solr/ fts_squat = partial=4 full=10 sieve = file:~/sieve;active=~/.dovecot.sieve } protocols = " imap" ssl_cert = References: <379d8c39-0e3a-3a21-dc6e-10cdae50a257@exalondelft.nl> Message-ID: Yes, this happens because your SOLR server is reporting 500 Internal Server Error. Aki On 08.11.2016 10:47, W. de Hoog wrote: > Hi, > > While running doveadm index on a mailbox this gets printed: > > doveadm(neil): Error: fts_solr: Indexing failed: 500 Internal Server > Error > doveadm(neil): Panic: file http-client-request.c: line 792 > (http_client_request_send_payload): assertion failed: (ret == 0) > doveadm(neil): Error: Raw backtrace: > /usr/lib/dovecot/libdovecot.so.0(+0x88662) [0x7f0a52750662] -> > /usr/lib/dovecot/libdovecot.so.0(+0x886d9) [0x7f0a527506d9] -> > /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f0a526e9f81] -> > /usr/lib/dovecot/libdovecot.so.0(http_client_request_send_payload+0xc8) > [0x7f0a52703cf8] -> > /usr/lib/dovecot/modules/lib21_fts_solr_plugin.so(solr_connection_post_more+0x49) > [0x7f0a518654a9] -> > /usr/lib/dovecot/modules/lib21_fts_solr_plugin.so(+0x3187) > [0x7f0a51861187] -> > /usr/lib/dovecot/modules/lib20_fts_plugin.so(+0x8667) [0x7f0a51ec8667] > -> /usr/lib/dovecot/modules/lib20_fts_plugin.so(fts_build_mail+0x4f1) > [0x7f0a51ec8fb1] -> > /usr/lib/dovecot/modules/lib20_fts_plugin.so(+0xefce) [0x7f0a51ecefce] > -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_precache+0x29) > [0x7f0a52a045f9] -> /usr/bin/doveadm(+0x2e997) [0x565355d01997] -> > /usr/bin/doveadm(+0x28dec) [0x565355cfbdec] -> > /usr/bin/doveadm(+0x299ca) [0x565355cfc9ca] -> > /usr/bin/doveadm(doveadm_cmd_ver2_to_mail_cmd_wrapper+0x209) > [0x565355cfd7d9] -> /usr/bin/doveadm(doveadm_cmd_run_ver2+0x555) > [0x565355d0c715] -> /usr/bin/doveadm(doveadm_cmd_try_run_ver2+0x37) > [0x565355d0c767] -> /usr/bin/doveadm(main+0x1da) [0x565355cecc7a] -> > /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf0) > [0x7f0a5231f830] -> /usr/bin/doveadm(_start+0x29) [0x565355ced059] > > $ dovecot -n > # 2.2.26.0 (23d1de6): /etc/dovecot/dovecot.conf > # Pigeonhole version 0.4.devel (623ae77) > # OS: Linux 4.4.0-45-generic x86_64 Ubuntu 16.04.1 LTS > disable_plaintext_auth = no > log_path = /var/log/dovecot.log > mail_plugins = fts fts_solr > mail_privileged_group = mail > namespace { > hidden = yes > inbox = yes > list = no > location = mbox:~/mail:INBOX=/var/mail/%u > prefix = "#mbox/" > separator = / > } > namespace { > list = yes > location = sdbox:/home/imapshared-sdbox > prefix = shared/ > separator = / > subscriptions = no > type = public > } > namespace inbox { > location = sdbox:~/sdboxmail > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = > separator = / > } > passdb { > driver = pam > } > plugin { > fts = solr > fts_autoindex = yes > fts_solr = break-imap-search url=http://localhost:8080/solr/ > fts_squat = partial=4 full=10 > sieve = file:~/sieve;active=~/.dovecot.sieve > } > protocols = " imap" > ssl_cert = ssl_key = # hidden, use -P to show it > userdb { > driver = passwd > } > protocol imap { > imap_client_workarounds = tb-extra-mailbox-sep tb-lsub-flags > } > > From wdehoog at exalondelft.nl Tue Nov 8 09:09:54 2016 From: wdehoog at exalondelft.nl (W. de Hoog) Date: Tue, 8 Nov 2016 10:09:54 +0100 Subject: Indexing failed: 500 Internal Server Error In-Reply-To: References: <379d8c39-0e3a-3a21-dc6e-10cdae50a257@exalondelft.nl> Message-ID: <068713c3-098d-0dd7-638f-32cd6c49775e@exalondelft.nl> > Yes, this happens because your SOLR server is reporting 500 Internal > Server Error. Do you mean this is normal behaviour of dovecot? I have the impression it causes dovecot to stop indexing all other mailboxes. -- Willem-Jan de Hoog From secadm2007 at gmail.com Tue Nov 8 09:17:07 2016 From: secadm2007 at gmail.com (GP) Date: Tue, 8 Nov 2016 11:17:07 +0200 Subject: Sieve Logs Message-ID: <2650ba5c-d8fe-be32-a995-0a1b3273b30a@gmail.com> Hi all, I have installed dovecot version 2.2.13 on a debian wheezy (bakported version). I want to debug/log sieve filtering and lda if possible on a per user level (like procmail for example) , is it possible ? thanks in advance From aki.tuomi at dovecot.fi Tue Nov 8 09:43:14 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Tue, 8 Nov 2016 11:43:14 +0200 Subject: Indexing failed: 500 Internal Server Error In-Reply-To: <068713c3-098d-0dd7-638f-32cd6c49775e@exalondelft.nl> References: <379d8c39-0e3a-3a21-dc6e-10cdae50a257@exalondelft.nl> <068713c3-098d-0dd7-638f-32cd6c49775e@exalondelft.nl> Message-ID: <3de1ce9f-334b-24cc-dfc7-2fe5a34f97ed@dovecot.fi> On 08.11.2016 11:09, W. de Hoog wrote: >> Yes, this happens because your SOLR server is reporting 500 Internal >> Server Error. > Do you mean this is normal behaviour of dovecot? I have the impression > it causes dovecot to stop indexing all other mailboxes. > Well, it's not normal. It should not assert-crash there. It seems to happen because the 500 Internal Error is given before it has offloaded payload to the server. Aki From tom at talpey.com Tue Nov 8 12:38:42 2016 From: tom at talpey.com (Tom Talpey) Date: Tue, 8 Nov 2016 07:38:42 -0500 Subject: Repeat e-mail syndrome shows up in 2.2.26+ In-Reply-To: References: <20161101162637.GA26017@doctor.nl2k.ab.ca> <20161104172916.GA42647@doctor.nl2k.ab.ca> <20161107203300.GA74789@doctor.nl2k.ab.ca> <20161108070410.GA48029@doctor.nl2k.ab.ca> Message-ID: On 11/8/2016 2:24 AM, A.L.E.C wrote: > On 08.11.2016 08:04, The Doctor wrote: > >> In another account, I see lots of white items in RoundCude as if these items are >> hidden from Thunderbird hance blocking the IMAP Client from deleting e-mails. > > I guess these "white items" are messages marked as deleted but not > expunged. It is normal with Thunderbird, it does not expunge immediately > (probably can be configured to do so). > http://kb.mozillazine.org/Deleting_messages_in_IMAP_accounts From arekm at maven.pl Tue Nov 8 14:08:13 2016 From: arekm at maven.pl (Arkadiusz =?utf-8?q?Mi=C5=9Bkiewicz?=) Date: Tue, 8 Nov 2016 15:08:13 +0100 Subject: logging TLS SNI hostname In-Reply-To: <201610201521.48404.arekm@maven.pl> References: <201605300829.17351.arekm@maven.pl> <201610201521.48404.arekm@maven.pl> Message-ID: <201611081508.13839.arekm@maven.pl> On Thursday 20 of October 2016, Arkadiusz Mi?kiewicz wrote: > On Thursday 20 of October 2016, Aki Tuomi wrote: > > On 20.10.2016 15:52, Arkadiusz Mi?kiewicz wrote: > > > > ... -servername something > > > > If you want to try out, try applying this patch... > > Works, thanks! But... it's easy to log fake things Nov 8 15:04:01 mbox dovecot: pop3-login: Aborted login (no auth attempts in 1 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, local_name=whitehouse.gov, i_can=put_anything, here=etc, TLS, session=<26rEnMpAPMtb6rD0> by using openssl s_client -connect 127.0.0.1:110 -starttls pop3 -servername "whitehouse.gov, i_can=put_anything, here=etc" so some escaping here would also be needed. conf: login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e local_name=%{local_name} %c session=<%{session}> > > > From 066edb5e5c14a05c90e9ae63f0b76fcfd9c1149e Mon Sep 17 00:00:00 2001 > > From: Aki Tuomi > > Date: Thu, 20 Oct 2016 16:06:27 +0300 > > Subject: [PATCH] login-common: Include local_name in > > login_var_expand_table > > > > This way it can be used in login_log_format -- Arkadiusz Mi?kiewicz, arekm / ( maven.pl | pld-linux.org ) From arekm at maven.pl Tue Nov 8 14:41:44 2016 From: arekm at maven.pl (Arkadiusz =?utf-8?q?Mi=C5=9Bkiewicz?=) Date: Tue, 8 Nov 2016 15:41:44 +0100 Subject: logging TLS SNI hostname In-Reply-To: <1190021673.1186.1478615615583@appsuite-dev.open-xchange.com> References: <201605300829.17351.arekm@maven.pl> <201611081508.13839.arekm@maven.pl> <1190021673.1186.1478615615583@appsuite-dev.open-xchange.com> Message-ID: <201611081541.44835.arekm@maven.pl> On Tuesday 08 of November 2016, Aki Tuomi wrote: > > On November 8, 2016 at 4:08 PM Arkadiusz Mi?kiewicz > > wrote: > > > > On Thursday 20 of October 2016, Arkadiusz Mi?kiewicz wrote: > > > On Thursday 20 of October 2016, Aki Tuomi wrote: > > > > On 20.10.2016 15:52, Arkadiusz Mi?kiewicz wrote: > > > > > > ... -servername something > > > > > > > > If you want to try out, try applying this patch... > > > > > > Works, thanks! > > > > But... it's easy to log fake things > > > > Nov 8 15:04:01 mbox dovecot: pop3-login: Aborted login (no auth attempts > > in 1 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, > > local_name=whitehouse.gov, i_can=put_anything, here=etc, TLS, > > session=<26rEnMpAPMtb6rD0> > > > > by using > > > > openssl s_client -connect 127.0.0.1:110 -starttls pop3 -servername > > "whitehouse.gov, i_can=put_anything, here=etc" > > > > so some escaping here would also be needed. > > > > conf: > > login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e > > local_name=%{local_name} %c session=<%{session}> > > > > > > From 066edb5e5c14a05c90e9ae63f0b76fcfd9c1149e Mon Sep 17 00:00:00 > > > > 2001 From: Aki Tuomi > > > > Date: Thu, 20 Oct 2016 16:06:27 +0300 > > > > Subject: [PATCH] login-common: Include local_name in > > > > login_var_expand_table > > > > > > > > This way it can be used in login_log_format > > There is escaping in the final code in 2.2.26.0. This is on 2.2.26.0. Escaping was only added to auth code, not logging one, right? -- Arkadiusz Mi?kiewicz, arekm / ( maven.pl | pld-linux.org ) From stephan at rename-it.nl Tue Nov 8 15:35:48 2016 From: stephan at rename-it.nl (Stephan Bosch) Date: Tue, 8 Nov 2016 16:35:48 +0100 Subject: Sieve Logs In-Reply-To: <2650ba5c-d8fe-be32-a995-0a1b3273b30a@gmail.com> References: <2650ba5c-d8fe-be32-a995-0a1b3273b30a@gmail.com> Message-ID: <0081e789-6f40-cf8f-d3f8-fe4e11de59ac@rename-it.nl> Op 8-11-2016 om 10:17 schreef GP: > Hi all, > > I have installed dovecot version 2.2.13 on a debian wheezy (bakported > version). > I want to debug/log sieve filtering and lda if possible on a per user > level (like procmail > for example) , is it possible ? > > thanks in advance First of all, you can define mail_debug=yes (also per-user from userdb if you like). That doesn't tell you much about the Sieve processing details though, it just provides just some additional information and the final actions performed (much of that is logged even without debugging enabled). You can put debug_log commands in your Sieve script using the vnd.dovecot.debug extension. Sieve already has a per-user log file, but that normally only includes user-caused error messages and debug_log messages. I am not sure whether LDA logs can be split per-user somehow. For a detailed per-user trace of Sieve processing, one could use the sieve_trace setting. Unfortunately, this is a very new feature only available for Dovecot 2.2.24/Pigeonhole 0.4.14 and later. Regards, Stephan. From doctor at doctor.nl2k.ab.ca Tue Nov 8 15:59:37 2016 From: doctor at doctor.nl2k.ab.ca (The Doctor) Date: Tue, 8 Nov 2016 08:59:37 -0700 Subject: Repeat e-mail syndrome shows up in 2.2.26+ In-Reply-To: References: <20161101162637.GA26017@doctor.nl2k.ab.ca> <20161104172916.GA42647@doctor.nl2k.ab.ca> <20161107203300.GA74789@doctor.nl2k.ab.ca> <20161108070410.GA48029@doctor.nl2k.ab.ca> Message-ID: <20161108155937.GA20424@doctor.nl2k.ab.ca> On Tue, Nov 08, 2016 at 07:38:42AM -0500, Tom Talpey wrote: > On 11/8/2016 2:24 AM, A.L.E.C wrote: > > On 08.11.2016 08:04, The Doctor wrote: > > > >> In another account, I see lots of white items in RoundCude as if these items are > >> hidden from Thunderbird hance blocking the IMAP Client from deleting e-mails. > > > > I guess these "white items" are messages marked as deleted but not > > expunged. It is normal with Thunderbird, it does not expunge immediately > > (probably can be configured to do so). > > > > http://kb.mozillazine.org/Deleting_messages_in_IMAP_accounts That's Mozilla. What about Entourage, MS Mail products such as Entourage, Outlook and Live Mail, and Appl based Mail products? Looks like Dovecot just picked up on something. -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Time for the USA to hold a referendum on its republic and vote to dissolve!! From jerry at seibercom.net Tue Nov 8 16:05:22 2016 From: jerry at seibercom.net (Jerry) Date: Tue, 8 Nov 2016 11:05:22 -0500 Subject: Backing up and Importing IMAP folders In-Reply-To: <20161022051607.000027fb@seibercom.net> References: <20161020091812.00006939@seibercom.net> <20161020164533.67e2d31bb0c7d641c943466d@domain007.com> <15355822.1033.1476971866443@appsuite-dev.open-xchange.com> <20161020203635.a894f7324bfc0354b581f87e@domain007.com> <20161022051607.000027fb@seibercom.net> Message-ID: <20161108110522.00001306@seibercom.net> On Sat, 22 Oct 2016 05:16:07 -0400, Jerry stated: >On Thu, 20 Oct 2016 20:36:35 +0300, Konstantin Khomoutov stated: > >>On Thu, 20 Oct 2016 16:57:45 +0300 (EEST) >>Aki Tuomi wrote: >> >>[...] >>> > Alternatively you can use `dsync` to perform backup with a native >>> > Dovecot tool. It's able to sync mailboxes of any Dovecot user -- >>> > including synchronizing a mailbox to an empty (yet) spool. >>> > You'll need to do a bit of shell scripting which would spin around >>> > calling `doveadm user *` and feeding its output to something like >>> > >>> > while read user; do \ >>> > dest="/var/backup/dovecot/$user"; >>> > mkdir -p "$dest" && chown vmail:vmail "$dest" \ >>> > && chmod 0755 "$dest" >>> > dsync -u "$user" backup "maildir:$dest" \ >>> > done >>> > >>> > Note that you will only need this if you don't want to shut down >>> > Dovecot to copy its mail spool out. >>> >>> You can also use doveadm backup -A maildir:%u/ >> >>Could you please elaborate? >> >>I have a typical "virtual users" setup where I do have >> >> mail_home = /var/local/mail/%Ln >> mail_location = maildir:~/mail >> >>and everything is stored with uid=vmail / gid=vmail (much like >>described in the wiki, that is). >> >>I'd like to use a single call to `doveadm backup -A ...` to back up >>the whole /var/local/mail/* to another location >>(say, /var/backups/dovecot/) so that is has the same structure, just >>synchronized with the spool. (The purpose is to then backup the >>replica off-site). >> >>I tried to call >> >> doveadm backup -A maildir:/var/backups/dovecot/%u >> >>and it created a directory "/var/backups/dovecot/%u" (with literal >>"%u", that is), created what appeared to be a single mailbox structure >>under it and after a while scared a heck out of me with a series of >>error messages reading >> >>dsync(user1): Error: Mailbox INBOX sync: mailbox_delete failed: INBOX >>can't be deleted. >>dsync(user2): Error: Mailbox INBOX sync: mailbox_delete failed: INBOX >>can't be deleted. >>... >> >>for each existing user. >> >>It appears that it luckily failed to delete anything in the source >>directory (though I have no idea what it actually tried to do). >> >>Reading the doveadm-backup(1) multiple times still failed to shed a >>light for me on how to actually backup the whole maildir hierarchy for >>all existing users. >> >>So, the question: how do I really should go about backing up the whole >>mailbox hierarchy in the case of virtual users? > >I am experiencing the same problem as Konstantin. Is this a bug or >expected behavior. Has anyone looked into this? From kremels at kreme.com Tue Nov 8 16:09:32 2016 From: kremels at kreme.com (@lbutlr) Date: Tue, 8 Nov 2016 09:09:32 -0700 Subject: connection to storage server failed Message-ID: <40969C0B-F258-45F9-B9B9-E7E50EB89062@kreme.com> I am getting this error after updating to dovecot2-2.2.26.0_1 under FreeBSD 10.2 when a user tries to login via roundcube webmail. I am able to login via my own mail client and there is no error in the log when roundcube fails to login. I stopped dovecot, removed all the dovecot files from the maildir folders and restarted dovecot, but get the same error. From code at tilton.co Tue Nov 8 16:13:12 2016 From: code at tilton.co (Noah Tilton) Date: Tue, 08 Nov 2016 10:13:12 -0600 Subject: Status of SMTPUTF8? Message-ID: <5263bde7738e729ca1ab0e106886546a@tilton.co> I was wondering whether there is a roadmap for adding SMTPUTF8 support to Dovecot? My delivery pattern is Postfix -> Dovecot LMTP and it is choking on utf8 messages. I might be able to volunteer some of my time as a developer. Another thread about this seemed to go unanswered: http://dovecot.org/list/dovecot/2016-September/105474.html http://unix.stackexchange.com/questions/320091/configure-postfix-and-dovecot-lmtp-to-receive-mail-via-smtputf8 -Noah From ruga at protonmail.com Tue Nov 8 16:49:39 2016 From: ruga at protonmail.com (Ruga) Date: Tue, 08 Nov 2016 11:49:39 -0500 Subject: Existing shared mailbox ... does not exist Message-ID: Hello, Dovecot 2.2.26.0 Thunderbird 45.4.0 ESR Scenario: We have a shared mailbox with e-mails in its subdirectories. There are no e-mails in the shared mailbox itself. Example: /Shared <----------------------------------- empty /Shared/call_for_papers <-------------- empty /Shared/call_for_papers/AAMAS <-- populated ...more of the same... Problem: When selecting /Shared, Thunderbird chirps this message: "The current operation on 'Shared' did not succeed. The mail server for account @example.com responded: Mailbox doesn't exist: Shared/Shared (0.000 + 0.000 secs)." From tom at talpey.com Tue Nov 8 17:17:48 2016 From: tom at talpey.com (Tom Talpey) Date: Tue, 8 Nov 2016 12:17:48 -0500 Subject: Repeat e-mail syndrome shows up in 2.2.26+ In-Reply-To: <20161108155937.GA20424@doctor.nl2k.ab.ca> References: <20161101162637.GA26017@doctor.nl2k.ab.ca> <20161104172916.GA42647@doctor.nl2k.ab.ca> <20161107203300.GA74789@doctor.nl2k.ab.ca> <20161108070410.GA48029@doctor.nl2k.ab.ca> <20161108155937.GA20424@doctor.nl2k.ab.ca> Message-ID: <049db451-5fad-221b-86a1-14435d620c0d@talpey.com> On 11/8/2016 10:59 AM, The Doctor wrote: > On Tue, Nov 08, 2016 at 07:38:42AM -0500, Tom Talpey wrote: >> On 11/8/2016 2:24 AM, A.L.E.C wrote: >>> On 08.11.2016 08:04, The Doctor wrote: >>> >>>> In another account, I see lots of white items in RoundCude as if these items are >>>> hidden from Thunderbird hance blocking the IMAP Client from deleting e-mails. >>> >>> I guess these "white items" are messages marked as deleted but not >>> expunged. It is normal with Thunderbird, it does not expunge immediately >>> (probably can be configured to do so). >>> >> >> http://kb.mozillazine.org/Deleting_messages_in_IMAP_accounts > > That's Mozilla. What about Entourage, MS Mail products such as > Entourage, Outlook and Live Mail, and Appl based Mail products? I thought the question was mainly about Thunderbird, sorry if I misunderstood. There is the Dovecot lazy expunge plugin, maybe that could help, it moves deleted mail out, instead of marking it in-place. I've not used it personally though. http://wiki2.dovecot.org/Plugins/Lazyexpunge From laska at kam.mff.cuni.cz Tue Nov 8 17:43:51 2016 From: laska at kam.mff.cuni.cz (Ladislav Laska) Date: Tue, 8 Nov 2016 18:43:51 +0100 Subject: Pigeonhole/sieve possibly corrupting mails In-Reply-To: References: <20161015185924.gt7i5jykuqu55pfc@wallaby> <1807652352.1279.1476984052294@appsuite-dev.open-xchange.com> Message-ID: Hi! So I've been running dovecot with rw dotlocks, and it seems the frequency of failures didn't drop. Do you have any more ideas on what could be going on? On Thu, Oct 20, 2016 at 07:31:20PM +0200, Ladislav Laska wrote: > Well, I tried. > > for i in {1..50}; do echo x | mail -s test krakonos+test at krakonos.org; > done > > and running lsof. Didn't catch a single lockfile. lsof runs about 1s, so > there is little chance of catching it. However, I was reading the mails > while they were being delivered, and didn't trigger the problem. > > I'll let it happen once more, so I know it's still reproducible and add > dotfile locks even for read, and see if it helps. > > Or is it possible to enable lock debugging, or perhaps run it completely > synchronized (I don't have a lot of traffic, so a little slowdown isn't > an issue). > > On Thu, Oct 20, 2016 at 08:20:51PM +0300, Aki Tuomi wrote: > > > > > On October 20, 2016 at 8:03 PM Ladislav Laska wrote: > > > > > > > > > Hi! > > > > > > > Somehow Dovecot thinks that the mbox file changed under it.. > > > > > > Yes. And it's probably right, but I wonder what could have changed it. I > > > looked around inotify and it seems there is no way to let a file being > > > watched and get program names/pids of processes accessing it. > > > > > > > These mbox corruptions are usually pretty difficult to reproduce (= impossible to fix without ability to reproduce). You could try if you can (reliably) reproduce it in some way, e.g.: > > > > > > I can reproduce them multiple times a day :-). But not on command, and > > > probably not on another machine, I know... > > > > > > > 1. Create a test folder: doveadm mailbox create -u krakonos testbox > > > > 2. Use some combination of: > > > > * Save mail(s) to test folder: cat some-mails | doveadm save -u krakonos testbox > > > > * Try to read mails from test folder: doveadm fetch -u krakonos text mailbox testbox > /dev/null > > > > > > Well, that's something. doveadm-save doesn't have a manpage, and there > > > is nothing about it on wiki. Is it something new? Also, it doesn't seem > > > to work. > > > > > > > > > > > The fetch should print similar errors to stderr in some way. I attempted to reproduce this way with your msg-error.mbox, but it worked ok. > > > > > > > > > > Thinking about it, it might be that I'm fetching the message just as > > > dovecot delivers another one. > > > > > > Is it possible that fcntl locking is just not working? I'm running a bit > > > older kernel, if that could play a role in it. I'll try to enable > > > dotlock even on read and see if the problem persists. > > > > > > -- > > > S pozdravem Ladislav "Krakono?" L?ska http://www.krakonos.org/ > > > > You could try running lsof in hopes of catching it. Might be rather difficult though. > > > > Aki > > -- > S pozdravem Ladislav "Krakono?" L?ska http://www.krakonos.org/ -- S pozdravem Ladislav "Krakono?" L?ska http://www.krakonos.org/ From kjonca at o2.pl Tue Nov 8 18:54:11 2016 From: kjonca at o2.pl (Kamil =?iso-8859-2?Q?Jo=F1ca?=) Date: Tue, 08 Nov 2016 19:54:11 +0100 Subject: A lot of duplicate GUIDS. Message-ID: <8737j1kdkc.fsf@alfa.kjonca> Recently I have in logs a LOT of messages like this: [....] Nov 06 19:39:36 IMAP(kjonca): Error: mdbox /home/kjonca/Mail/1/storage: Duplicate GUID 13511 in m.1530:845670 (size=2622) and m.1371:1831730 (size=916) Nov 06 19:39:36 IMAP(kjonca): Error: mdbox /home/kjonca/Mail/1/storage: Duplicate GUID 13512 in m.1530:847414 (size=2274) and m.1371:1832476 (size=1069) Nov 06 19:39:36 IMAP(kjonca): Error: mdbox /home/kjonca/Mail/1/storage: Duplicate GUID 13513 in m.1530:848971 (size=2339) and m.1371:1833330 (size=1202) Nov 06 19:39:36 IMAP(kjonca): Error: mdbox /home/kjonca/Mail/1/storage: Duplicate GUID 13514 in m.1530:850496 (size=2723) and m.1371:1834276 (size=1036) Nov 06 19:39:36 IMAP(kjonca): Error: mdbox /home/kjonca/Mail/1/storage: Duplicate GUID 13515 in m.1530:852219 (size=2187) and m.1371:1835108 (size=1638) Nov 06 19:39:36 IMAP(kjonca): Error: mdbox /home/kjonca/Mail/1/storage: Duplicate GUID 13516 in m.1530:853684 (size=2614) and m.1371:1836275 (size=942) Nov 06 19:39:36 IMAP(kjonca): Error: mdbox /home/kjonca/Mail/1/storage: Duplicate GUID 13517 in m.1530:855355 (size=1990) and m.1371:1837035 (size=1241) Nov 06 19:39:36 IMAP(kjonca): Error: mdbox /home/kjonca/Mail/1/storage: Duplicate GUID 13518 in m.1530:856738 (size=2724) and m.1371:1837913 (size=1772) Nov 06 19:39:36 IMAP(kjonca): Error: mdbox /home/kjonca/Mail/1/storage: Duplicate GUID 13519 in m.1530:858491 (size=2810) and m.1371:1839151 (size=1090) Nov 06 19:39:36 IMAP(kjonca): Error: mdbox /home/kjonca/Mail/1/storage: Duplicate GUID 13520 in m.1530:860313 (size=3775) and m.1371:1839988 (size=1206) Nov 06 19:39:36 IMAP(kjonca): Error: mdbox /home/kjonca/Mail/1/storage: Duplicate GUID 13521 in m.1530:862569 (size=2253) and m.1371:1840884 (size=1491) Nov 06 19:39:36 IMAP(kjonca): Error: mdbox /home/kjonca/Mail/1/storage: Duplicate GUID 13522 in m.1530:864044 (size=6491) and m.1371:1841937 (size=1335) Nov 06 19:39:36 IMAP(kjonca): Error: mdbox /home/kjonca/Mail/1/storage: Duplicate GUID 13523 in m.1530:867783 (size=1824) and m.1371:1842892 (size=1342) Nov 06 19:39:36 IMAP(kjonca): Error: mdbox /home/kjonca/Mail/1/storage: Duplicate GUID 13524 in m.1530:869032 (size=2387) and m.1371:1843849 (size=1941) Nov 06 19:39:36 IMAP(kjonca): Error: mdbox /home/kjonca/Mail/1/storage: Duplicate GUID 13526 in m.1530:872105 (size=2607) and m.1371:1845147 (size=1496) Nov 06 19:39:36 IMAP(kjonca): Error: mdbox /home/kjonca/Mail/1/storage: Duplicate GUID 13528 in m.1530:875255 (size=1967) and m.1371:1846195 (size=1214) [...] # 2.2.devel (42f5200): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.devel (623ae77) # OS: Linux 4.4.0-1-amd64 x86_64 Debian stretch/sid Only "suspected operation" was this sequence: 1. $doveadm mailbox rename RSS RSS-old 2. $doveadm mailbox create RSS 3. --------- copy mails from RSS-old to RSS, and expunge from RSS-old - this operation fails and in dovecot logs were a lot of messages about duplicated guids ---------- 4. $doveadm mailbox delete RSS-old Initially in RSS mailbox were a lot of deleted and expunged mails, but I did not "doveadm purge" I looks like "doveadm force-resync" helps, but I'm not sure if I lost some mails? KJ -- http://stopstopnop.pl/stop_stopnop.pl_o_nas.html Due to circumstances beyond your control, you are master of your fate and captain of your soul. From larryrtx at gmail.com Tue Nov 8 19:29:10 2016 From: larryrtx at gmail.com (Larry Rosenman) Date: Tue, 8 Nov 2016 13:29:10 -0600 Subject: wiki: Plugins/Virtual: SQL error? Message-ID: Is one of these supposed to be imap? Note that none of the namespaces have inbox=yes. This is because for IMAP users you want the inbox namespace to have inbox=yes, but for POP3 users you want the virtual namespace to have inbox=yes. This requires setting the inbox=yes in userdb extra fields . For example with MySQL you can can do this like: user_query = SELECT ..., \ CASE '%s' WHEN 'pop3' THEN NULL ELSE 'yes' END AS 'namespace/inbox/inbox', \ CASE '%s' WHEN 'pop3' THEN 'yes' ELSE NULL END AS 'namespace/virtual/inbox' \ WHERE ... -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From stephan at rename-it.nl Tue Nov 8 20:14:44 2016 From: stephan at rename-it.nl (Stephan Bosch) Date: Tue, 8 Nov 2016 21:14:44 +0100 Subject: imapsieve pigeonhole plugin? In-Reply-To: References: Message-ID: <388594bc-5a67-23a1-68d8-d9b100f3810b@rename-it.nl> Op 11/6/2016 om 5:39 PM schreef Larry Rosenman: > ok, I found: > https://github.com/dovecot/pigeonhole/blob/master/doc/plugins/imapsieve.txt > and that helps. > > Can this be added to the Wiki? Yes: http://wiki.dovecot.org/Pigeonhole/Sieve/Plugins/IMAPSieve > > On Sun, Nov 6, 2016 at 10:30 AM, Larry Rosenman wrote: > >> How do you enable the imapsieve plugin? I added >> sieve_plugins = imapsieve >> >> and it whines: >> hebighonker.lerctr.org /usr/local/etc/dovecot/conf.d # service dovecot >> restart >> managesieve: Fatal: Plugin 'imapsieve' not found from directory >> /usr/local/lib/dovecot/sieve >> doveconf: Error: managesieve-login: dump-capability process returned 89 >> Stopping dovecot. >> Waiting for PIDS: 97491. >> managesieve: Fatal: Plugin 'imapsieve' not found from directory >> /usr/local/lib/dovecot/sieve >> doveconf: Error: managesieve-login: dump-capability process returned 89 >> Starting dovecot. >> managesieve: Fatal: Plugin 'imapsieve' not found from directory >> /usr/local/lib/dovecot/sieve >> doveconf: Error: managesieve-login: dump-capability process returned 89 >> >> >> this plugin seems to be poorly documented. :( >> >> -- >> Larry Rosenman http://www.lerctr.org/~ler >> Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com >> US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 >> > > From larryrtx at gmail.com Tue Nov 8 20:23:08 2016 From: larryrtx at gmail.com (Larry Rosenman) Date: Tue, 8 Nov 2016 14:23:08 -0600 Subject: imapsieve pigeonhole plugin? In-Reply-To: <388594bc-5a67-23a1-68d8-d9b100f3810b@rename-it.nl> References: <388594bc-5a67-23a1-68d8-d9b100f3810b@rename-it.nl> Message-ID: Thanks! On Tue, Nov 8, 2016 at 2:14 PM, Stephan Bosch wrote: > Op 11/6/2016 om 5:39 PM schreef Larry Rosenman: > > ok, I found: > > https://github.com/dovecot/pigeonhole/blob/master/doc/ > plugins/imapsieve.txt > > and that helps. > > > > Can this be added to the Wiki? > > Yes: > > http://wiki.dovecot.org/Pigeonhole/Sieve/Plugins/IMAPSieve > > > > > On Sun, Nov 6, 2016 at 10:30 AM, Larry Rosenman > wrote: > > > >> How do you enable the imapsieve plugin? I added > >> sieve_plugins = imapsieve > >> > >> and it whines: > >> hebighonker.lerctr.org /usr/local/etc/dovecot/conf.d # service dovecot > >> restart > >> managesieve: Fatal: Plugin 'imapsieve' not found from directory > >> /usr/local/lib/dovecot/sieve > >> doveconf: Error: managesieve-login: dump-capability process returned 89 > >> Stopping dovecot. > >> Waiting for PIDS: 97491. > >> managesieve: Fatal: Plugin 'imapsieve' not found from directory > >> /usr/local/lib/dovecot/sieve > >> doveconf: Error: managesieve-login: dump-capability process returned 89 > >> Starting dovecot. > >> managesieve: Fatal: Plugin 'imapsieve' not found from directory > >> /usr/local/lib/dovecot/sieve > >> doveconf: Error: managesieve-login: dump-capability process returned 89 > >> > >> > >> this plugin seems to be poorly documented. :( > >> > >> -- > >> Larry Rosenman http://www.lerctr.org/~ler > >> Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com > >> US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 > >> > > > > > > -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From doctor at doctor.nl2k.ab.ca Tue Nov 8 20:43:55 2016 From: doctor at doctor.nl2k.ab.ca (The Doctor) Date: Tue, 8 Nov 2016 13:43:55 -0700 Subject: Repeat e-mail syndrome shows up in 2.2.26+ In-Reply-To: <20161108155937.GA20424@doctor.nl2k.ab.ca> References: <20161101162637.GA26017@doctor.nl2k.ab.ca> <20161104172916.GA42647@doctor.nl2k.ab.ca> <20161107203300.GA74789@doctor.nl2k.ab.ca> <20161108070410.GA48029@doctor.nl2k.ab.ca> <20161108155937.GA20424@doctor.nl2k.ab.ca> Message-ID: <20161108204355.GA4807@doctor.nl2k.ab.ca> On Tue, Nov 08, 2016 at 08:59:37AM -0700, The Doctor wrote: > On Tue, Nov 08, 2016 at 07:38:42AM -0500, Tom Talpey wrote: > > On 11/8/2016 2:24 AM, A.L.E.C wrote: > > > On 08.11.2016 08:04, The Doctor wrote: > > > > > >> In another account, I see lots of white items in RoundCude as if these items are > > >> hidden from Thunderbird hance blocking the IMAP Client from deleting e-mails. > > > > > > I guess these "white items" are messages marked as deleted but not > > > expunged. It is normal with Thunderbird, it does not expunge immediately > > > (probably can be configured to do so). > > > > > > > http://kb.mozillazine.org/Deleting_messages_in_IMAP_accounts > > That's Mozilla. What about Entourage, MS Mail products such as > Entourage, Outlook and Live Mail, and Appl based Mail products? > > Looks like Dovecot just picked up on something. > What about Thunderbird using POP3 ? > > -- > Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca > God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! > http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism > Time for the USA to hold a referendum on its republic and vote to dissolve!! -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Time for the USA to hold a referendum on its republic and vote to dissolve!! From mrgrim at gr1m.org Tue Nov 8 21:37:23 2016 From: mrgrim at gr1m.org (mrgrim) Date: Wed, 9 Nov 2016 00:37:23 +0300 Subject: =?utf-8?B?dGhhdCdzIGp1c3Qgc28gYW1hemluZyBhbmQgd29uZGVyZnVs?= Message-ID: <00006f582a72$53e89265$66d46203$@gr1m.org> Hi friend! Look at that amazing stuff, it is absolutely wonderful. Please take a look Speak to you later, mrgrim -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 1784 bytes Desc: not available URL: From stephan at rename-it.nl Tue Nov 8 23:56:38 2016 From: stephan at rename-it.nl (Stephan Bosch) Date: Wed, 9 Nov 2016 00:56:38 +0100 Subject: Indexing failed: 500 Internal Server Error In-Reply-To: <068713c3-098d-0dd7-638f-32cd6c49775e@exalondelft.nl> References: <379d8c39-0e3a-3a21-dc6e-10cdae50a257@exalondelft.nl> <068713c3-098d-0dd7-638f-32cd6c49775e@exalondelft.nl> Message-ID: <6b5dea81-bd07-09f7-5c86-46a1c306038c@rename-it.nl> Op 11/8/2016 om 10:09 AM schreef W. de Hoog: >> Yes, this happens because your SOLR server is reporting 500 Internal >> Server Error. > Do you mean this is normal behaviour of dovecot? I have the impression > it causes dovecot to stop indexing all other mailboxes. > Fixed. It will take a while until the fix pops up in the master branch. Regards, Stephan. From odhiambo at gmail.com Wed Nov 9 06:36:43 2016 From: odhiambo at gmail.com (Odhiambo Washington) Date: Wed, 9 Nov 2016 09:36:43 +0300 Subject: Repeat e-mail syndrome shows up in 2.2.26+ In-Reply-To: <20161108204355.GA4807@doctor.nl2k.ab.ca> References: <20161101162637.GA26017@doctor.nl2k.ab.ca> <20161104172916.GA42647@doctor.nl2k.ab.ca> <20161107203300.GA74789@doctor.nl2k.ab.ca> <20161108070410.GA48029@doctor.nl2k.ab.ca> <20161108155937.GA20424@doctor.nl2k.ab.ca> <20161108204355.GA4807@doctor.nl2k.ab.ca> Message-ID: On 8 November 2016 at 23:43, The Doctor wrote: > On Tue, Nov 08, 2016 at 08:59:37AM -0700, The Doctor wrote: > > On Tue, Nov 08, 2016 at 07:38:42AM -0500, Tom Talpey wrote: > > > On 11/8/2016 2:24 AM, A.L.E.C wrote: > > > > On 08.11.2016 08:04, The Doctor wrote: > > > > > > > >> In another account, I see lots of white items in RoundCude as if > these items are > > > >> hidden from Thunderbird hance blocking the IMAP Client from > deleting e-mails. > > > > > > > > I guess these "white items" are messages marked as deleted but not > > > > expunged. It is normal with Thunderbird, it does not expunge > immediately > > > > (probably can be configured to do so). > > > > > > > > > > http://kb.mozillazine.org/Deleting_messages_in_IMAP_accounts > > > > That's Mozilla. What about Entourage, MS Mail products such as > > Entourage, Outlook and Live Mail, and Appl based Mail products? > > > > Looks like Dovecot just picked up on something. > > > > What about Thunderbird using POP3 ? > I run Dovecot-2.2.26.0 on several FreeBSD (8.4, 9.3 though) and people mostly use Outlook (POP3/IMAP4) and I haven't heard any complaints. -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 "Oh, the cruft." From forondarena at gmail.com Wed Nov 9 07:42:04 2016 From: forondarena at gmail.com (Luis Ugalde) Date: Wed, 9 Nov 2016 08:42:04 +0100 Subject: Too many references: cannot splice In-Reply-To: <47C2075B-41BD-4929-ADC6-F4A3BC8AB420@iki.fi> References: <47C2075B-41BD-4929-ADC6-F4A3BC8AB420@iki.fi> Message-ID: Hi, I've been running the patched version for the last few days, and I can confirm that I have not seen any errors. I still have to check it with 4.x kernels, but it's working as expected with the current Debian Stable one. Regards, Luis ugalde. On Wed, Oct 26, 2016 at 12:59 PM, Timo Sirainen wrote: > On 26 Oct 2016, at 11:14, Luis Ugalde wrote: > > > > Hi, > > > > Could you please have a look at https://lkml.org/lkml/2016/2/2/538 and > see > > if this makes any sense to you? I've been checking kernel changes > > between linux_3.16.7 and linux_3.16.36, and this has popped out. Could > this > > be the reason for the "too many references" errors? > > Does the attached patch help? > > > > > > > Regards, > > > > Luis Ugalde. > > > > On Thu, Oct 13, 2016 at 3:47 PM, Luis Ugalde > wrote: > > > >> Hi, > >> > >> > >> A while ago I sent an email regarding these "*ETOOMANYREFS* Too many > >> references: cannot splice." that we've seen since Debian updated the > Jessie > >> kernel to > >> > >> 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt20-1+deb8u3 (2016-01-17) x86_64 > >> > >> while older kernels, like 3.16.0-4-amd64 #1 SMP Debian > >> 3.16.7-ckt11-1+deb8u6 (2015-11-09) x86_64 showed no errors at all. > >> > >> I was wondering if no one else is getting these errors, or if you know > any > >> workarounds that might probe useful, apart from downgrading the kernel. > >> > >> > >> I would say that the infrastructure we're running is quite standard, > with > >> directors balancing users to NFS backed dovecot servers. > >> > >> > >> Best regards, > >> > >> Luis Ugalde. > >> > >> > >> > >> > > > From wdehoog at exalondelft.nl Wed Nov 9 08:39:04 2016 From: wdehoog at exalondelft.nl (W. de Hoog) Date: Wed, 9 Nov 2016 09:39:04 +0100 Subject: Indexing failed: 500 Internal Server Error In-Reply-To: References: <379d8c39-0e3a-3a21-dc6e-10cdae50a257@exalondelft.nl> Message-ID: <99e6c939-cecc-a9e0-7964-14375af67c28@exalondelft.nl> On 2016-11-08 09:57, Aki Tuomi wrote: > Yes, this happens because your SOLR server is reporting 500 Internal > Server Error. The "Internal Server Error" was an out of memory error in solr. Solved by changing '-Xmx128m' into '-Xmx1024m' in /etc/default/tomcat7. -- Willem-Jan de Hoog From wdehoog at exalondelft.nl Wed Nov 9 08:52:09 2016 From: wdehoog at exalondelft.nl (W. de Hoog) Date: Wed, 9 Nov 2016 09:52:09 +0100 Subject: search body with wildcards Message-ID: <4410351d-427d-8bd8-3ab3-9f936326c59a@exalondelft.nl> Hi, A question. We are using fts_solr. When searching for content in BODY I noticed that dovecot only supports full words. "BODY calibration" returns results but "BODY calibra" does not. Nor "BODY calibra*". Solr does support searching with wildcards so why is it that dovecot does not? regards, -- Willem-Jan de Hoog From stephan at rename-it.nl Wed Nov 9 10:30:53 2016 From: stephan at rename-it.nl (Stephan Bosch) Date: Wed, 9 Nov 2016 11:30:53 +0100 Subject: Indexing failed: 500 Internal Server Error In-Reply-To: <6b5dea81-bd07-09f7-5c86-46a1c306038c@rename-it.nl> References: <379d8c39-0e3a-3a21-dc6e-10cdae50a257@exalondelft.nl> <068713c3-098d-0dd7-638f-32cd6c49775e@exalondelft.nl> <6b5dea81-bd07-09f7-5c86-46a1c306038c@rename-it.nl> Message-ID: <10eb7561-aada-3b8f-25e0-95fac8e622c5@rename-it.nl> Op 11/9/2016 om 12:56 AM schreef Stephan Bosch: > Op 11/8/2016 om 10:09 AM schreef W. de Hoog: >>> Yes, this happens because your SOLR server is reporting 500 Internal >>> Server Error. >> Do you mean this is normal behaviour of dovecot? I have the impression >> it causes dovecot to stop indexing all other mailboxes. >> > Fixed. It will take a while until the fix pops up in the master branch. https://github.com/dovecot/core/commit/b284962364068d5e9d60b8b1e98ba61b4b6593ec Regards, Stephan. From jerry at seibercom.net Wed Nov 9 16:50:06 2016 From: jerry at seibercom.net (Jerry) Date: Wed, 9 Nov 2016 11:50:06 -0500 Subject: Backing up dovecot mailboxes Message-ID: <20161109115006.00007ca8@seibercom.net> Does anyone have a working solution as to how I can use "doveadm backup" to back up a virtual users mailbox to a removable USB device. I keep receiving numerous errors and no files are backed up although the directories are created. -- Jerry From 24x7server at 24x7server.net Wed Nov 9 16:58:35 2016 From: 24x7server at 24x7server.net (Rajesh M) Date: Wed, 9 Nov 2016 22:28:35 +0530 Subject: question concerning junk folder Message-ID: hi using centos 6.5, qmailtoaster, dovecot, spamassassin. i found that junk folder is specified under /etc/dovecot/conf.d/15-mailboxes.conf the issue is that this folder is getting created automatically and genuine emails from both within the server and also from external domains are being routed to the Junk folder. all these emails are not scanned by spamassasin. i wish to disable to creation of Junk folder and also routing of emails to the Junk folder. help required please. ##################### # NOTE: Assumes "namespace inbox" has been defined in 10-mail.conf. namespace inbox { # These mailboxes are widely used and could perhaps be created automatically: mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Trash { special_use = \Trash } ##################### rajesh From eduardo at kalinowski.com.br Wed Nov 9 17:03:43 2016 From: eduardo at kalinowski.com.br (Eduardo M KALINOWSKI) Date: Wed, 09 Nov 2016 17:03:43 +0000 Subject: Backing up dovecot mailboxes In-Reply-To: <20161109115006.00007ca8@seibercom.net> Message-ID: <20161109170343.Horde.RIOBM-i3hctV0QHFAkji1wF@mail.kalinowski.com.br> On Qua, 09 Nov 2016, Jerry wrote: > Does anyone have a working solution as to how I can use "doveadm > backup" to back up a virtual users mailbox to a removable USB device. > > I keep receiving numerous errors and no files are backed up although > the directories are created. No, but I can recommend a solution with rsync. Just use it to copy the directories where mail is stored. Depending on the format, you may need to save the indexes too. -- Eduardo M KALINOWSKI eduardo at kalinowski.com.br From flatworm at users.sourceforge.net Wed Nov 9 19:35:12 2016 From: flatworm at users.sourceforge.net (Konstantin Khomoutov) Date: Wed, 9 Nov 2016 22:35:12 +0300 Subject: Backing up dovecot mailboxes In-Reply-To: <20161109115006.00007ca8@seibercom.net> References: <20161109115006.00007ca8@seibercom.net> Message-ID: <20161109223512.7343a0358d19c216c5c5bac6@domain007.com> On Wed, 9 Nov 2016 11:50:06 -0500 Jerry wrote: > Does anyone have a working solution as to how I can use "doveadm > backup" to back up a virtual users mailbox to a removable USB device. > > I keep receiving numerous errors and no files are backed up although > the directories are created. Well, a solution I demonstrated in our previous thread on this same topic works for me (`doveadm user *` plus `dsync`. The thread got derailed into into discussion of how to use `doveadm backup` properly to have a one-step backup of all the virtual users, but it was sadly inconclusive. All-in-all, we need to see exact commands you run and exact error messages you receive to be able to do suggestions or at least informed guesses. From brad at koe.hn Wed Nov 9 21:36:33 2016 From: brad at koe.hn (Brad Koehn) Date: Wed, 9 Nov 2016 15:36:33 -0600 Subject: post-delivery virus scan Message-ID: <9FE2457D-0105-4284-BBA8-ED1AD3ED12CD@koe.hn> I have discovered that many times the virus definitions I use for scanning messages (ClamAV, with the unofficial signatures http://sanesecurity.com/usage/linux-scripts/) are updated some time after my server has received an infected email. It seems the virus creators are trying to race the virus definition creators to see who can deliver first; more than half of the infected messages are found after they?ve been delivered. Great. To help detect and remove the infected messages after they?ve been delivered to users? mailboxes, I created a small script that iterates the INBOX and Junk mailbox directories, scans recent messages for viruses, and deletes them if found. The source of my script (run via cron) is here: https://gitlab.koehn.com/snippets/9 Unfortunately Dovecot doesn?t like it if messages are deleted (dbox) out from under it. I tried a doveadm force-resync on the folder containing the messages, but it seems Dovecot is still unhappy. At least on the new version (2.2.26.0) it doesn?t crash; 2.2.25 would panic and coredump when it discovered messages had been deleted. I?m wondering if there?s a better way to scan recent messages and eradicate them so the Dovecot isn?t upset when it happens. Maybe using doveadm search? Looking for suggestions. --- Brad From hs at schlittermann.de Wed Nov 9 22:19:21 2016 From: hs at schlittermann.de (Heiko Schlittermann) Date: Wed, 9 Nov 2016 23:19:21 +0100 Subject: <-FIN <-RST ->FIN,ACK <-RST on SSL connection shutdown Message-ID: <20161109221921.GE24533@jumper.schlittermann.de> Hello, a typical connection close, tcpdump'ed on the server side, looks as follows: 21:44:01.168131 IP xxx.xxx.3.101.143 > xxx.xxx.3.96.35518: Flags [FP.], seq 3982457856:3982457959, ack 1570044906, win 243, options [nop,nop,TS val 138698279 ecr 159494908], length 103 21:44:01.172405 IP xxx.xxx.3.101.143 > xxx.xxx.3.96.35518: Flags [R], seq 3982457960, win 0, length 0 21:44:01.172442 IP xxx.xxx.3.96.35518 > xxx.xxx.3.101.143: Flags [F.], seq 32, ack 104, win 342, options [nop,nop,TS val 159494909 ecr 138698279], length 0 21:44:01.172471 IP xxx.xxx.3.101.143 > xxx.xxx.3.96.35518: Flags [R], seq 3982457960, win 0, length 0 The server closes (FIN) the connection, and already 4.274 ms later the server sends a RST to the client. The clients response to FIN arrives some ?s later. (On the client side the order of the packages is different (FIN from Server, FIN,ACK from client, RST from Server, RST from Server) This behaviour seems to be odd (the client side firewall complains about the unexpected packages). I can reproduce it using openssl -connect ? -starttls imap .. on the client side. It happens on IMAP+STARTTLS as well as on IMAPS. It does not happen on plaintext IMAP. There I see the expected shudown handshake FIN - FIN,ACK - ACK. Dovecot version is 2.2.24 (a82c823) Best regards from Dresden/Germany Viele Gr??e aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---------------------------- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --------------- key ID: F69376CE - ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ - -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: Digital signature URL: From ben at indietorrent.org Wed Nov 9 23:49:00 2016 From: ben at indietorrent.org (Ben Johnson) Date: Wed, 9 Nov 2016 18:49:00 -0500 Subject: How does one mark all messages as read (imap4flag "seen") with sieve? In-Reply-To: References: <42dc9a57-9f93-370b-a599-2c870ff26b4e@indietorrent.org> <4714c8bb-5c9d-7818-51d1-405bb951bfb9@indietorrent.org> <72ac5cad-5aa5-bf1e-3f1f-6e30c2cf8ca9@indietorrent.org> Message-ID: On 11/5/2016 1:22 PM, Larry Rosenman wrote: > What OS/MTA are you using? Can you give me (privately if you want) a > re-hash of the LDA issues? > > I'm using FreeBSD 10.3 / Exim for my set up and LMTP for ALL deliveries, > and it works great. Thanks again for your willingness to help with this, Larry. I'm using Postfix. Regarding the OS, I'm using Ubuntu 16.04 here, which ships dovecot 2.2.22 at present. ---- Slightly off-topic, but I'll bring it full-circle... ---- Sure, a quick recap of the crashing issue I'm having with dovecot-lda: I struggled to get this working the first time (in dovecot 2.0.19), but prevailed with lots of help from this list. I described the roadblocks I encountered along the way in this thread: http://www.dovecot.org/list/dovecot/2013-June/091018.html All was well until I upgraded from Ubuntu 12.04 LTS to 14.04 LTS and thereby from Dovecot 2.0.19 to 2.2.9. To be clear (and it may be very relevant), this was a "manual" server migration and not an OS-level/package-managed upgrade. Point being, the potential to botch some aspect of the extremely fragile configuration was absolutely present! I wrote about the problems I encountered after the upgrade here: http://www.dovecot.org/list/dovecot/2014-July/097234.html The thread died-out, but I rekindled it here: http://www.dovecot.org/list/dovecot/2014-August/097385.html I ran out of steam after a soft dead-end. I wrote more about it a couple months later, mostly in the context of difficulty with dovecot-lda logging in an effort to debug the issue, but the thread received no replies: http://www.dovecot.org/list/dovecot/2014-October/098127.html Nearly two years later, I tried again: http://www.dovecot.org/list/dovecot/2016-August/105221.html The thread received some traction, and I changed the subject line to be more accurate partway through, which begins here: http://www.dovecot.org/list/dovecot/2016-August/105236.html I ended-up running with Karol's final suggestion, which was to forego the LDA in favor of a simple filesystem move/copy operation. But now the problem I'm having (to bring it full circle!) is that I can't mark the Antispam plugin's incoming emails as seen/read automatically because they aren't delivered by an LDA. And I want to get this working with an LDA again for this reason, among others, such as quotas not being enforced when a "trained" message is "copied" on the filesystem instead of "delivered" via an LDA. The more I think about this, the more I think I should go back and study the very first thread from June, 2013... maybe the solution is more or less the same! -Ben From larryrtx at gmail.com Thu Nov 10 00:04:47 2016 From: larryrtx at gmail.com (Larry Rosenman) Date: Wed, 9 Nov 2016 18:04:47 -0600 Subject: How does one mark all messages as read (imap4flag "seen") with sieve? In-Reply-To: References: <42dc9a57-9f93-370b-a599-2c870ff26b4e@indietorrent.org> <4714c8bb-5c9d-7818-51d1-405bb951bfb9@indietorrent.org> <72ac5cad-5aa5-bf1e-3f1f-6e30c2cf8ca9@indietorrent.org> Message-ID: so to summarize: postfix (what version?) dovecot-antispam plugin (version? Installed from where?) and when your script invokes deliver you get a core dump. Have you a stack-trace from that coredump? On Wed, Nov 9, 2016 at 5:49 PM, Ben Johnson wrote: > On 11/5/2016 1:22 PM, Larry Rosenman wrote: > > What OS/MTA are you using? Can you give me (privately if you want) a > > re-hash of the LDA issues? > > > > I'm using FreeBSD 10.3 / Exim for my set up and LMTP for ALL deliveries, > > and it works great. > > Thanks again for your willingness to help with this, Larry. > > I'm using Postfix. > > Regarding the OS, I'm using Ubuntu 16.04 here, which ships dovecot > 2.2.22 at present. > > ---- Slightly off-topic, but I'll bring it full-circle... ---- > > Sure, a quick recap of the crashing issue I'm having with dovecot-lda: > > I struggled to get this working the first time (in dovecot 2.0.19), but > prevailed with lots of help from this list. I described the roadblocks I > encountered along the way in this thread: > > http://www.dovecot.org/list/dovecot/2013-June/091018.html > > All was well until I upgraded from Ubuntu 12.04 LTS to 14.04 LTS and > thereby from Dovecot 2.0.19 to 2.2.9. To be clear (and it may be very > relevant), this was a "manual" server migration and not an > OS-level/package-managed upgrade. Point being, the potential to botch > some aspect of the extremely fragile configuration was absolutely present! > > I wrote about the problems I encountered after the upgrade here: > > http://www.dovecot.org/list/dovecot/2014-July/097234.html > > The thread died-out, but I rekindled it here: > > http://www.dovecot.org/list/dovecot/2014-August/097385.html > > I ran out of steam after a soft dead-end. > > I wrote more about it a couple months later, mostly in the context of > difficulty with dovecot-lda logging in an effort to debug the issue, but > the thread received no replies: > > http://www.dovecot.org/list/dovecot/2014-October/098127.html > > Nearly two years later, I tried again: > > http://www.dovecot.org/list/dovecot/2016-August/105221.html > > The thread received some traction, and I changed the subject line to be > more accurate partway through, which begins here: > > http://www.dovecot.org/list/dovecot/2016-August/105236.html > > I ended-up running with Karol's final suggestion, which was to forego > the LDA in favor of a simple filesystem move/copy operation. > > But now the problem I'm having (to bring it full circle!) is that I > can't mark the Antispam plugin's incoming emails as seen/read > automatically because they aren't delivered by an LDA. And I want to get > this working with an LDA again for this reason, among others, such as > quotas not being enforced when a "trained" message is "copied" on the > filesystem instead of "delivered" via an LDA. > > The more I think about this, the more I think I should go back and study > the very first thread from June, 2013... maybe the solution is more or > less the same! > > -Ben > -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From mick.crane at gmail.com Thu Nov 10 00:12:22 2016 From: mick.crane at gmail.com (mick crane) Date: Thu, 10 Nov 2016 00:12:22 +0000 Subject: post-delivery virus scan In-Reply-To: <9FE2457D-0105-4284-BBA8-ED1AD3ED12CD@koe.hn> References: <9FE2457D-0105-4284-BBA8-ED1AD3ED12CD@koe.hn> Message-ID: <5af033d0debc605f02c58f4e7ea22ef2@rapunzel.local> On 2016-11-09 21:36, Brad Koehn wrote: > I have discovered that many times the virus definitions I use for > scanning messages (ClamAV, with the unofficial signatures > http://sanesecurity.com/usage/linux-scripts/) are updated some time > after my server has received an infected email. It seems the virus > creators are trying to race the virus definition creators to see who > can deliver first; more than half of the infected messages are found > after they?ve been delivered. Great. > > To help detect and remove the infected messages after they?ve been > delivered to users? mailboxes, I created a small script that iterates > the INBOX and Junk mailbox directories, scans recent messages for > viruses, and deletes them if found. The source of my script (run via > cron) is here: https://gitlab.koehn.com/snippets/9 > > Unfortunately Dovecot doesn?t like it if messages are deleted (dbox) > out from under it. I tried a doveadm force-resync on the folder > containing the messages, but it seems Dovecot is still unhappy. At > least on the new version (2.2.26.0) it doesn?t crash; 2.2.25 would > panic and coredump when it discovered messages had been deleted. > > I?m wondering if there?s a better way to scan recent messages and > eradicate them so the Dovecot isn?t upset when it happens. Maybe using > doveadm search? Looking for suggestions. > leave an empty message behind with the same name as deleted message ? -- key ID: 0x4BFEBB31 From ben at indietorrent.org Thu Nov 10 00:25:16 2016 From: ben at indietorrent.org (Ben Johnson) Date: Wed, 9 Nov 2016 19:25:16 -0500 Subject: How does one mark all messages as read (imap4flag "seen") with sieve? In-Reply-To: References: <42dc9a57-9f93-370b-a599-2c870ff26b4e@indietorrent.org> <4714c8bb-5c9d-7818-51d1-405bb951bfb9@indietorrent.org> <72ac5cad-5aa5-bf1e-3f1f-6e30c2cf8ca9@indietorrent.org> Message-ID: On 11/9/2016 7:04 PM, Larry Rosenman wrote: > so to summarize: > postfix (what version?) > dovecot-antispam plugin (version? Installed from where?) > > and when your script invokes deliver you get a core dump. > Have you a stack-trace from that coredump? Yes, that summarizes it! Postfix version 3.1.0 (installed from Ubuntu 16.04 repos. Antispam plugin version 2.0+20150222-1build1, also installed from Ubuntu 16.04 repos. Regarding a stack-trace, I forgot to mention that I ran into roadblocks with that, too (the "average end-user doesn't have a chance!), as described at http://www.dovecot.org/list/dovecot/2016-September/105417.html and no one was willing and able to offer assistance. I persisted in the thread at http://www.dovecot.org/list/dovecot/2016-September/105422.html which dead-ended eventually with the stack-trace posted here: http://pastebin.com/4xdGNXa6 Thanks again, -Ben From larryrtx at gmail.com Thu Nov 10 00:42:24 2016 From: larryrtx at gmail.com (Larry Rosenman) Date: Wed, 9 Nov 2016 18:42:24 -0600 Subject: How does one mark all messages as read (imap4flag "seen") with sieve? In-Reply-To: References: <42dc9a57-9f93-370b-a599-2c870ff26b4e@indietorrent.org> <4714c8bb-5c9d-7818-51d1-405bb951bfb9@indietorrent.org> <72ac5cad-5aa5-bf1e-3f1f-6e30c2cf8ca9@indietorrent.org> Message-ID: looks to me from the coredump (although you pointed to the wrong binary) that deliver was PANIC()'ing with io_add(0x%x) called twice fd=%d, callback=%p -> %p I'm not sure what that message means, but maybe one of the dovecot folks does. Are all the packages built together? Are you averse to compiling stuff yourself? On Wed, Nov 9, 2016 at 6:25 PM, Ben Johnson wrote: > On 11/9/2016 7:04 PM, Larry Rosenman wrote: > > so to summarize: > > postfix (what version?) > > dovecot-antispam plugin (version? Installed from where?) > > > > and when your script invokes deliver you get a core dump. > > Have you a stack-trace from that coredump? > > Yes, that summarizes it! > > Postfix version 3.1.0 (installed from Ubuntu 16.04 repos. > > Antispam plugin version 2.0+20150222-1build1, also installed from Ubuntu > 16.04 repos. > > Regarding a stack-trace, I forgot to mention that I ran into roadblocks > with that, too (the "average end-user doesn't have a chance!), as > described at > > http://www.dovecot.org/list/dovecot/2016-September/105417.html > > and no one was willing and able to offer assistance. > > I persisted in the thread at > > http://www.dovecot.org/list/dovecot/2016-September/105422.html > > which dead-ended eventually with the stack-trace posted here: > > http://pastebin.com/4xdGNXa6 > > Thanks again, > > -Ben > -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From adrianp at aageneral.ro Thu Nov 10 06:34:45 2016 From: adrianp at aageneral.ro (Adrian POPA) Date: Thu, 10 Nov 2016 08:34:45 +0200 Subject: Dovecot processes turning zombie Message-ID: Hi I am running Ubuntu 14.04 (plan to go to 16.04) with Postfix and Dovecot 2.2.9 from Ubuntu repository. Dovecot configuration has not changed dramatically since the days of Ubuntu 12.04 (can't remember Dovecot version). In the last months, connection to Dovecot IMAP service become more and more dificult. First Ubuntu Thunderbird refused to connect, than Android phones. The last one connecting regularly was an old XP laptop(!). Now it's facing problems too. Again, I did not make any configuration changes lately so only system upgrades (libraries) may have caused this. The first thing to notice was that some Dovecot processes are going zombie (defunct). At startup "ssl-params", then sometimes "auth", "imap-login" and rarely "config". Turning on debug logging in Dovecot show that offending process "is ignoring idle SIGINT". And "auth client limit (1000) reached". This behavior also impacts on Postfix delivery through Dovecot LDA with "status=deferred (temporary failure)" (I turned off mail sending with -e in lda invocation). Another thing is SLL connection. Attempts to test with openssl s_client show that Dovecot is not responding after ClientHelo when it should normally send server certificate. The very same certificate is used with Postfix and it works (I can send mails through Postfix) but IMAP connections to Dovecot do not. There is no protocol mismatch because I have try a local SSL connection (same computer). Initial messages are TLS1.2 but nothing in response. So my question is: did you faced such problems and found a cause (and maybe a fix)? Upgrading to Ubuntu 16.04 with whatever Dovecot version it provides may resolve the issues? Thanks From bill at KnoxvilleChristian.org Thu Nov 10 08:46:11 2016 From: bill at KnoxvilleChristian.org (Bill Shirley) Date: Thu, 10 Nov 2016 03:46:11 -0500 Subject: How does one mark all messages as read (imap4flag "seen") with sieve? In-Reply-To: References: <42dc9a57-9f93-370b-a599-2c870ff26b4e@indietorrent.org> <4714c8bb-5c9d-7818-51d1-405bb951bfb9@indietorrent.org> <72ac5cad-5aa5-bf1e-3f1f-6e30c2cf8ca9@indietorrent.org> Message-ID: I don't use the Anti-Spam plugin; I just fire off a BASH script every four hours with crontab which iterates thru the vmail email accounts and trains Spamassassin 'per-user' accounts. If the script sounds interesting I can post it here. It probably could use a little polish though. Bill On 11/9/2016 6:49 PM, Ben Johnson wrote: > On 11/5/2016 1:22 PM, Larry Rosenman wrote: >> What OS/MTA are you using? Can you give me (privately if you want) a >> re-hash of the LDA issues? >> >> I'm using FreeBSD 10.3 / Exim for my set up and LMTP for ALL deliveries, >> and it works great. > Thanks again for your willingness to help with this, Larry. > > I'm using Postfix. > > Regarding the OS, I'm using Ubuntu 16.04 here, which ships dovecot > 2.2.22 at present. > > ---- Slightly off-topic, but I'll bring it full-circle... ---- > > Sure, a quick recap of the crashing issue I'm having with dovecot-lda: > > I struggled to get this working the first time (in dovecot 2.0.19), but > prevailed with lots of help from this list. I described the roadblocks I > encountered along the way in this thread: > > http://www.dovecot.org/list/dovecot/2013-June/091018.html > > All was well until I upgraded from Ubuntu 12.04 LTS to 14.04 LTS and > thereby from Dovecot 2.0.19 to 2.2.9. To be clear (and it may be very > relevant), this was a "manual" server migration and not an > OS-level/package-managed upgrade. Point being, the potential to botch > some aspect of the extremely fragile configuration was absolutely present! > > I wrote about the problems I encountered after the upgrade here: > > http://www.dovecot.org/list/dovecot/2014-July/097234.html > > The thread died-out, but I rekindled it here: > > http://www.dovecot.org/list/dovecot/2014-August/097385.html > > I ran out of steam after a soft dead-end. > > I wrote more about it a couple months later, mostly in the context of > difficulty with dovecot-lda logging in an effort to debug the issue, but > the thread received no replies: > > http://www.dovecot.org/list/dovecot/2014-October/098127.html > > Nearly two years later, I tried again: > > http://www.dovecot.org/list/dovecot/2016-August/105221.html > > The thread received some traction, and I changed the subject line to be > more accurate partway through, which begins here: > > http://www.dovecot.org/list/dovecot/2016-August/105236.html > > I ended-up running with Karol's final suggestion, which was to forego > the LDA in favor of a simple filesystem move/copy operation. > > But now the problem I'm having (to bring it full circle!) is that I > can't mark the Antispam plugin's incoming emails as seen/read > automatically because they aren't delivered by an LDA. And I want to get > this working with an LDA again for this reason, among others, such as > quotas not being enforced when a "trained" message is "copied" on the > filesystem instead of "delivered" via an LDA. > > The more I think about this, the more I think I should go back and study > the very first thread from June, 2013... maybe the solution is more or > less the same! > > -Ben From arekm at maven.pl Thu Nov 10 08:51:49 2016 From: arekm at maven.pl (Arkadiusz =?utf-8?q?Mi=C5=9Bkiewicz?=) Date: Thu, 10 Nov 2016 09:51:49 +0100 Subject: tons of dovecot/config processes Message-ID: <201611100951.49078.arekm@maven.pl> Hi. I've noticed that dovecot (using 2.2.26.0 here) starts dovecot/config processes that stay for long time. Example: [root at ixion-pld ~]# service dovecot restart Stopping Dovecot service.......................................................................................................................................[ DONE ] Starting Dovecot service.......................................................................................................................................[ DONE ] [root at ixion-pld ~]# ps aux|grep dovecot root 25333 0.0 0.0 13736 2480 ? Ss 09:40 0:00 /usr/sbin/dovecot dovecot 25336 0.0 0.0 9480 924 ? S 09:40 0:00 dovecot/anvil [0 connections] root 25337 0.0 0.0 9612 2416 ? S 09:40 0:00 dovecot/log root 25339 0.0 0.0 12496 3256 ? S 09:40 0:00 dovecot/config root 25341 0.0 0.0 132168 888 pts/1 S+ 09:40 0:00 grep dovecot [root at ixion-pld ~]# doveadm reload [root at ixion-pld ~]# ps aux|grep dovecot root 25333 0.0 0.0 13872 2720 ? Ss 09:40 0:00 /usr/sbin/dovecot dovecot 25336 0.0 0.0 9480 924 ? S 09:40 0:00 dovecot/anvil [0 connections] root 25344 0.0 0.0 9612 2428 ? S 09:40 0:00 dovecot/log root 25346 0.0 0.0 12496 3192 ? S 09:40 0:00 dovecot/config root 25348 0.0 0.0 132168 876 pts/1 S+ 09:40 0:00 grep dovecot so far good - only one dovecot/config. Lets connect to pop3 and keep connection [root at ixion-pld ~]# telnet localhost pop3 Trying 127.0.0.1.110... Connected to localhost. Escape character is '^]'. +OK Mail server ready. on the other console [root at ixion-pld ~]# ps aux|grep dovecot root 25333 0.0 0.0 13872 2720 ? Ss 09:40 0:00 /usr/sbin/dovecot dovecot 25336 0.0 0.0 9480 924 ? S 09:40 0:00 dovecot/anvil [2 connections] root 25344 0.0 0.0 9612 2428 ? S 09:40 0:00 dovecot/log root 25346 0.0 0.0 12496 3192 ? S 09:40 0:00 dovecot/config dovenull 25364 0.0 0.0 20908 4080 ? S 09:41 0:00 dovecot/pop3-login [127.0.0.1] dovecot 25365 0.0 0.0 100236 7776 ? S 09:41 0:00 dovecot/auth [0 wait, 0 passdb, 0 userdb] root 25368 0.0 0.0 132168 856 pts/1 S+ 09:41 0:00 grep dovecot so there is a client connected and one dovecot/config. Lets reload: [root at ixion-pld ~]# doveadm reload [root at ixion-pld ~]# ps aux|grep dovecot root 25333 0.0 0.0 13872 2752 ? Ss 09:40 0:00 /usr/sbin/dovecot dovecot 25336 0.0 0.0 9480 924 ? S 09:40 0:00 dovecot/anvil [2 connections] root 25344 0.0 0.0 9612 2428 ? S 09:40 0:00 dovecot/log root 25346 0.0 0.0 12920 3700 ? S 09:40 0:00 dovecot/config dovenull 25364 0.0 0.0 20908 4080 ? S 09:41 0:00 dovecot/pop3-login [127.0.0.1] dovecot 25365 0.0 0.0 100236 7776 ? S 09:41 0:00 dovecot/auth [0 wait, 0 passdb, 0 userdb] root 25371 0.0 0.0 9612 2196 ? S 09:41 0:00 dovecot/log root 25373 0.0 0.0 12496 3196 ? S 09:41 0:00 dovecot/config root 25375 0.0 0.0 132168 856 pts/1 S+ 09:41 0:00 grep dovecot now we have two dovecot/config processes. Second dovecot/config stays there until client disconnects (what for?). When clients disconnects we are back to single dovecot/config: [root at ixion-pld ~]# ps aux|grep dovecot root 25333 0.0 0.0 13872 2752 ? Ss 09:40 0:00 /usr/sbin/dovecot dovecot 25336 0.0 0.0 9480 924 ? S 09:40 0:00 dovecot/anvil [0 connections] root 25371 0.0 0.0 9612 2196 ? S 09:41 0:00 dovecot/log root 25373 0.0 0.0 12496 3196 ? S 09:41 0:00 dovecot/config root 25418 0.0 0.0 132168 852 pts/1 S+ 09:43 0:00 grep dovecot Now on production server where are tons of clients this looks more insane: # ps aux|grep dovecot/config | wc -l 56 Note that I'm running with shutdown_clients = no here (+ high performance auth/login variant). So looks like something is not right here. Obviously with shutdown_clients=yes this doesn't occur since clients are disconnected. doveadm reload can happen every 2 minutes (because dovecot requires reload when SSL certificates change; new domain gets added, new cert gets automatically created -> reload, certificate is renewed (every 2 months) -> reload etc) -- Arkadiusz Mi?kiewicz, arekm / ( maven.pl | pld-linux.org ) From wdehoog at exalondelft.nl Thu Nov 10 09:01:13 2016 From: wdehoog at exalondelft.nl (W. de Hoog) Date: Thu, 10 Nov 2016 10:01:13 +0100 Subject: search body with wildcards In-Reply-To: <4410351d-427d-8bd8-3ab3-9f936326c59a@exalondelft.nl> References: <4410351d-427d-8bd8-3ab3-9f936326c59a@exalondelft.nl> Message-ID: <02592986-173d-afa0-5b95-3392c7e96597@exalondelft.nl> On 2016-11-09 09:52, W. de Hoog wrote: > Hi, > > A question. We are using fts_solr. When searching for content in BODY I > noticed that dovecot only supports full words. "BODY calibration" > returns results but "BODY calibra" does not. Nor "BODY calibra*". > > Solr does support searching with wildcards so why is it that dovecot > does not? When searching: doveadm search mailbox shared/* BODY calib* solr is queried with ...body:calib%5c*... so the wildcard is escaped. Is there any way to disable this escaping? regards, -- Willem-Jan de Hoog From teemu.huovila at dovecot.fi Thu Nov 10 09:05:50 2016 From: teemu.huovila at dovecot.fi (Teemu Huovila) Date: Thu, 10 Nov 2016 11:05:50 +0200 Subject: post-delivery virus scan In-Reply-To: <9FE2457D-0105-4284-BBA8-ED1AD3ED12CD@koe.hn> References: <9FE2457D-0105-4284-BBA8-ED1AD3ED12CD@koe.hn> Message-ID: On 09.11.2016 23:36, Brad Koehn wrote: > I have discovered that many times the virus definitions I use for scanning messages (ClamAV, with the unofficial signatures http://sanesecurity.com/usage/linux-scripts/) are updated some time after my server has received an infected email. It seems the virus creators are trying to race the virus definition creators to see who can deliver first; more than half of the infected messages are found after they?ve been delivered. Great. > > To help detect and remove the infected messages after they?ve been delivered to users? mailboxes, I created a small script that iterates the INBOX and Junk mailbox directories, scans recent messages for viruses, and deletes them if found. The source of my script (run via cron) is here: https://gitlab.koehn.com/snippets/9 > > Unfortunately Dovecot doesn?t like it if messages are deleted (dbox) out from under it. I tried a doveadm force-resync on the folder containing the messages, but it seems Dovecot is still unhappy. At least on the new version (2.2.26.0) it doesn?t crash; 2.2.25 would panic and coredump when it discovered messages had been deleted. > > I?m wondering if there?s a better way to scan recent messages and eradicate them so the Dovecot isn?t upset when it happens. Maybe using doveadm search? Looking for suggestions. The removal should if possible be done with the doveadm cli tool or using the doveadm http api. br, Teemu Huovila > > > > > --- > Brad > From stephan at rename-it.nl Thu Nov 10 09:38:54 2016 From: stephan at rename-it.nl (Stephan Bosch) Date: Thu, 10 Nov 2016 10:38:54 +0100 Subject: post-delivery virus scan In-Reply-To: References: <9FE2457D-0105-4284-BBA8-ED1AD3ED12CD@koe.hn> Message-ID: <5e2f7711-e99f-c0ec-9f36-898de3ed7d31@rename-it.nl> Op 11/10/2016 om 10:05 AM schreef Teemu Huovila: > > On 09.11.2016 23:36, Brad Koehn wrote: >> I have discovered that many times the virus definitions I use for scanning messages (ClamAV, with the unofficial signatures http://sanesecurity.com/usage/linux-scripts/) are updated some time after my server has received an infected email. It seems the virus creators are trying to race the virus definition creators to see who can deliver first; more than half of the infected messages are found after they?ve been delivered. Great. >> >> To help detect and remove the infected messages after they?ve been delivered to users? mailboxes, I created a small script that iterates the INBOX and Junk mailbox directories, scans recent messages for viruses, and deletes them if found. The source of my script (run via cron) is here: https://gitlab.koehn.com/snippets/9 >> >> Unfortunately Dovecot doesn?t like it if messages are deleted (dbox) out from under it. I tried a doveadm force-resync on the folder containing the messages, but it seems Dovecot is still unhappy. At least on the new version (2.2.26.0) it doesn?t crash; 2.2.25 would panic and coredump when it discovered messages had been deleted. >> >> I?m wondering if there?s a better way to scan recent messages and eradicate them so the Dovecot isn?t upset when it happens. Maybe using doveadm search? Looking for suggestions. > The removal should if possible be done with the doveadm cli tool or using the doveadm http api. Still, Dovecot should handle external removal of messages gracefully. What exactly happens? Regards, Stephan. From brad at koe.hn Thu Nov 10 11:25:14 2016 From: brad at koe.hn (Brad Koehn) Date: Thu, 10 Nov 2016 05:25:14 -0600 Subject: post-delivery virus scan In-Reply-To: <5e2f7711-e99f-c0ec-9f36-898de3ed7d31@rename-it.nl> References: <9FE2457D-0105-4284-BBA8-ED1AD3ED12CD@koe.hn> <5e2f7711-e99f-c0ec-9f36-898de3ed7d31@rename-it.nl> Message-ID: > On Nov 10, 2016, at 3:38 AM, Stephan Bosch wrote: > > Op 11/10/2016 om 10:05 AM schreef Teemu Huovila: >> >> On 09.11.2016 23:36, Brad Koehn wrote: >>> I have discovered that many times the virus definitions I use for scanning messages (ClamAV, with the unofficial signatures http://sanesecurity.com/usage/linux-scripts/) are updated some time after my server has received an infected email. It seems the virus creators are trying to race the virus definition creators to see who can deliver first; more than half of the infected messages are found after they?ve been delivered. Great. >>> >>> To help detect and remove the infected messages after they?ve been delivered to users? mailboxes, I created a small script that iterates the INBOX and Junk mailbox directories, scans recent messages for viruses, and deletes them if found. The source of my script (run via cron) is here: https://gitlab.koehn.com/snippets/9 >>> >>> Unfortunately Dovecot doesn?t like it if messages are deleted (dbox) out from under it. I tried a doveadm force-resync on the folder containing the messages, but it seems Dovecot is still unhappy. At least on the new version (2.2.26.0) it doesn?t crash; 2.2.25 would panic and coredump when it discovered messages had been deleted. >>> >>> I?m wondering if there?s a better way to scan recent messages and eradicate them so the Dovecot isn?t upset when it happens. Maybe using doveadm search? Looking for suggestions. >> The removal should if possible be done with the doveadm cli tool or using the doveadm http api. > > Still, Dovecot should handle external removal of messages gracefully. > What exactly happens? > > Regards, > > Stephan. On Dovecot 2.2.5: Nov 9 14:32:11 ds postfix/anvil[13298]: statistics: max cache size 2 at Nov 9 14:23:08 Nov 9 14:32:29 ds dovecot: imap(user): Error: Recent flags state corrupted for mailbox Junk Nov 9 14:32:29 ds dovecot: imap(user): Error: /var/mail/user_dbox/mailboxes/Junk/dbox-Mails/dovecot.index reset, view is now inconsistent Nov 9 14:32:29 ds dovecot: imap(user): Panic: Message count decreased Nov 9 14:32:29 ds dovecot: imap(user): Error: Raw backtrace: /usr/local/lib/dovecot/libdovecot.so.0(+0x89cc0) [0x7f0b64641cc0] -> /usr/local/lib/dovecot/libdovecot.so.0(+0x89d9e) [0x7f0b646 41d9e] -> /usr/local/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f0b645e4165] -> dovecot/imap() [0x42259c] -> dovecot/imap(imap_sync_more+0x104) [0x422f14] -> dovecot/imap() [0x410720] -> do vecot/imap() [0x4108d1] -> /usr/local/lib/dovecot/libdovecot-storage.so.0(+0x52147) [0x7f0b64917147] -> /usr/local/lib/dovecot/libdovecot.so.0(io_loop_handle_timeouts+0xe2) [0x7f0b64654992] -> /usr/local/lib/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0x93) [0x7f0b64655d83] -> /usr/local/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x25) [0x7f0b64654b45] -> /usr/l ocal/lib/dovecot/libdovecot.so.0(io_loop_run+0x38) [0x7f0b64654cf8] -> /usr/local/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f0b645ea243] -> dovecot/imap(main+0x312) [0x40c612 ] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5) [0x7f0b64214f45] -> dovecot/imap() [0x40c780] Nov 9 14:32:30 ds dovecot: imap(bkc): Fatal: master: service(imap): child 8456 killed with signal 6 (core dumped) On Dovecot 2.2.6.0: Nov 10 10:35:13 ds dovecot: imap(user): Error: Recent flags state corrupted for mailbox Junk Nov 10 10:35:13 ds dovecot: imap(user): Error: /var/mail/user_dbox/mailboxes/Junk/dbox-Mails/dovecot.index reset, view is now inconsistent Nov 10 10:35:13 ds dovecot: imap(user): IMAP session state is inconsistent, please relogin. in=6212 out=49396 From brad at koe.hn Thu Nov 10 11:40:57 2016 From: brad at koe.hn (Brad Koehn) Date: Thu, 10 Nov 2016 05:40:57 -0600 Subject: post-delivery virus scan In-Reply-To: <5af033d0debc605f02c58f4e7ea22ef2@rapunzel.local> References: <9FE2457D-0105-4284-BBA8-ED1AD3ED12CD@koe.hn> <5af033d0debc605f02c58f4e7ea22ef2@rapunzel.local> Message-ID: I?ve decided to try this approach. I?ve updated my script as follows: #!/bin/bash # Scan junk folders for messages containing viruses we didn't have definitions # for when the mail was received. Truncate the body of infected messages and # replace the body with a message. cd /var/mail for dir in $( find . \( -name Junk -o -name INBOX \) -type d ) ; do files=$( find "$dir" -type f -name u.\* -mtime -14 -print ) for file in $files ; do /usr/local/bin/clamdscan --quiet --fdpass "$file" if [ $? -eq 1 ] ; then sed -i '/^$/,$d' "$file" echo "\r\n\r\n[The body of this message contained a virus and was deleted.]" >> "$file" fi done done We?ll see if that does the trick. > On Nov 9, 2016, at 6:12 PM, mick crane wrote: > > On 2016-11-09 21:36, Brad Koehn wrote: >> I have discovered that many times the virus definitions I use for >> scanning messages (ClamAV, with the unofficial signatures >> http://sanesecurity.com/usage/linux-scripts/) are updated some time >> after my server has received an infected email. It seems the virus >> creators are trying to race the virus definition creators to see who >> can deliver first; more than half of the infected messages are found >> after they?ve been delivered. Great. >> To help detect and remove the infected messages after they?ve been >> delivered to users? mailboxes, I created a small script that iterates >> the INBOX and Junk mailbox directories, scans recent messages for >> viruses, and deletes them if found. The source of my script (run via >> cron) is here: https://gitlab.koehn.com/snippets/9 >> Unfortunately Dovecot doesn?t like it if messages are deleted (dbox) >> out from under it. I tried a doveadm force-resync on the folder >> containing the messages, but it seems Dovecot is still unhappy. At >> least on the new version (2.2.26.0) it doesn?t crash; 2.2.25 would >> panic and coredump when it discovered messages had been deleted. >> I?m wondering if there?s a better way to scan recent messages and >> eradicate them so the Dovecot isn?t upset when it happens. Maybe using >> doveadm search? Looking for suggestions. > > leave an empty message behind with the same name as deleted message ? > > > > > -- > key ID: 0x4BFEBB31 From frank at moltke28.b.shuttle.de Thu Nov 10 12:47:16 2016 From: frank at moltke28.b.shuttle.de (Frank Elsner) Date: Thu, 10 Nov 2016 13:47:16 +0100 Subject: post-delivery virus scan In-Reply-To: <9FE2457D-0105-4284-BBA8-ED1AD3ED12CD@koe.hn> References: <9FE2457D-0105-4284-BBA8-ED1AD3ED12CD@koe.hn> Message-ID: <20161110134716.79a5895d05ec9299f06ed688@moltke28.b.shuttle.de> On Wed, 9 Nov 2016 15:36:33 -0600 Brad Koehn wrote: [ ... ] > To help detect and remove the infected messages after they?ve been delivered to users? mailboxes, I created a small script that iterates the INBOX and Junk mailbox directories, scans recent messages for viruses, and deletes them if found. The source of my script (run via cron) is here: https://gitlab.koehn.com/snippets/9 Bad idea. The user may already taken the action needed for infection. And what about legal aspects? In my country (Germany), information suppression would be punishable. Just my 0.02 ?, Frank From brad at koe.hn Thu Nov 10 13:08:15 2016 From: brad at koe.hn (Brad Koehn) Date: Thu, 10 Nov 2016 07:08:15 -0600 Subject: post-delivery virus scan In-Reply-To: <20161110134716.79a5895d05ec9299f06ed688@moltke28.b.shuttle.de> References: <9FE2457D-0105-4284-BBA8-ED1AD3ED12CD@koe.hn> <20161110134716.79a5895d05ec9299f06ed688@moltke28.b.shuttle.de> Message-ID: Turns out the technical part of your reasoning is correct: MUAs that have downloaded the message don?t get any updates, and hold onto the infected message. No legal ramifications here; it?s my personal server, and it?s in the US. Strange to think that deleting the content of a message would somehow be worse than deleting the content and the headers. > On Nov 10, 2016, at 6:47 AM, Frank Elsner wrote: > > On Wed, 9 Nov 2016 15:36:33 -0600 Brad Koehn wrote: > > [ ... ] > >> To help detect and remove the infected messages after they?ve been delivered to users? mailboxes, I created a small script that iterates the INBOX and Junk mailbox directories, scans recent messages for viruses, and deletes them if found. The source of my script (run via cron) is here: https://gitlab.koehn.com/snippets/9 > > Bad idea. The user may already taken the action needed for infection. And what about legal aspects? > In my country (Germany), information suppression would be punishable. > > > Just my 0.02 ?, Frank From wdehoog at exalondelft.nl Thu Nov 10 13:14:45 2016 From: wdehoog at exalondelft.nl (W. de Hoog) Date: Thu, 10 Nov 2016 14:14:45 +0100 Subject: search body with wildcards In-Reply-To: <02592986-173d-afa0-5b95-3392c7e96597@exalondelft.nl> References: <4410351d-427d-8bd8-3ab3-9f936326c59a@exalondelft.nl> <02592986-173d-afa0-5b95-3392c7e96597@exalondelft.nl> Message-ID: <441c0e3b-4369-368d-33ba-493ec67086a7@exalondelft.nl> > When searching: > > doveadm search mailbox shared/* BODY calib* > > solr is queried with > > ...body:calib%5c*... > > so the wildcard is escaped. Is there any way to disable this escaping? I removed '*' and '?' from solr_escape_chars in src/plugins/fts-solr/fts-backend-solr.c to allow to use them as wildcards. I also removed '\' to allow them to be escaped so now these work: doveadm search mailbox shared/* BODY calibrat* to find words starting with calibrat and doveadm search mailbox shared/* BODY calibrati\\*n to find "calibrati*n" In my php search form I can now use "body calibrat*" and in thunderbird search dialog as well. Searching for "calibrati*n" (using "calibrati\*n") also works for php but not in Thunderbird. One note: searching with "\*" is rather slow. I cannot estimate the implications it has on the other search actions (TO, FROM etc) so I hope someone with more knowledge can comment. regards, -- Willem-Jan de Hoog From skdovecot at smail.inf.fh-brs.de Thu Nov 10 13:16:16 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 10 Nov 2016 14:16:16 +0100 (CET) Subject: question concerning junk folder In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 9 Nov 2016, Rajesh M wrote: > using centos 6.5, qmailtoaster, dovecot, spamassassin. > > i found that junk folder is specified under > > /etc/dovecot/conf.d/15-mailboxes.conf > > the issue is that this folder is getting created automatically and genuine emails from both within the server and also from external domains are being routed to the Junk folder. all these emails are not scanned by spamassasin. > > i wish to disable to creation of Junk folder and also routing of emails to the Junk folder. the user's mail client moves the messages there, because it believe the message is SPAM. > ##################### > # NOTE: Assumes "namespace inbox" has been defined in 10-mail.conf. > namespace inbox { > # These mailboxes are widely used and could perhaps be created automatically: > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } this setting just tells a client, "Junk" *should* be used as junk folder. > mailbox Trash { > special_use = \Trash > } > ##################### > > rajesh > > - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBWCRzIHz1H7kL/d9rAQLAywgApaoJlVoFHiA3rLBl9xUYl3gdIbAMWChi PXUEUzMUEqP4nA9JmtZVyBOok5zB25VbnuscqASRUDpIllHho/G8F14RXlzM6dIS FXPJmkARD4oE6/lo7UXxB86HDD9B656Pvh2NYZs1kXK6FoFkMedecZKhiChvwrJL awMIT5AfnmRcEa5i8Ynw+MTgPg4OBoWZLQs5MqXYV2kLsel43P7s9bCq92DbLP3A SoXBdMaM2zsDbgP/Ro8gv4YfXAacq9TXVMDvl8s/OSzc0A+QbuJU1IUt1aTFWPAX XeqEo+OuyF+uh1jogBkGakwSRDU6jdJWwNhhZwsGwlDkL4amoeDLtg== =Q6YX -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Thu Nov 10 14:55:25 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 10 Nov 2016 15:55:25 +0100 (CET) Subject: Dovecot & AD (was: Dovecot 2 LDAP "unknown user") In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sat, 5 Nov 2016, Peter Fraser wrote: > 1. I need to make sure the user logon name in AD and the samAccountname > are exactly the same, case and all. It seems postfix > uses the samAccountname and Dovecot the User logon name. > 2. I also noticed that if the Display name for a user in AD is blank, > that user cannot log in using telnet 110. OK, this is something interesting > and dovecot-ldap.conf.ext reads as follows > > #Custom Settings > hosts = ip address > ldap_version = 3 > scope = subtree > deref = never > base = cn=users,dc=domain,dc=com > dn = cn=administrator,cn=users,dc=domain,dc=com > dnpass = password > auth_bind = yes > auth_bind_userdn = %n > ldap_version = 3 > scope = subtree > user_attrs = home=/home/vmail/%u,=uid=vmail,=gid=vmail > pass_attrs = uid=%n,userPassword=password > #pass_attrs=uid=user, userpassword=password > user_filter = (&(objectclass=person)(samaccountname=%n)) > pass_filter = (&(objectclass=inetorgperson)(mail=%u)) Check out your 1. and pass_filter "postfix uses samAccountname" <-> pass_filter uses "mail" to identify an user. So I suggest you use: pass_filter = (&(objectclass=inetorgperson)(|(mail=%u)(samaccountname=%n)(cn=%n))) Note: add all LDAP attributes to the LDAP query, that identify exactly one user (never more than one). If cn is not unique, use something you think is appropriate. Some examples in the net use userPrincipalName, ... Also, search the net for "dovecot active directory" and you'll find that some exclude entries with certain userAccountControl strings. That way Dovecot finds the user regardless of what s/he enters as username. You could even use something like (mail=%n at example.com) pass_attrs=samaccountname=user, userpassword=password This will return samaccountname as new username for userdb queries. user_filter = (&(objectclass=person)(samaccountname=%n)) Finally, this query must find the user's data. Because pass_attrs mangle the "user" information of Dovecot to be samaccountname, this attribute must be present. If postfix delivers to this user, too, you are done. Otherwise use a similiar approach as with pass_filter. Dovecot LDA and LMTP do not use pass_filter, but only user_filter. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBWCSKXnz1H7kL/d9rAQI2Wgf+OIFn5vssn1giLEocVSpZDvirLHLe4c1m br+PBzklJ2OtM4gYjVdcSkgOmuDGOoeIOcxZQIZwmz7413oCjmA8jloUzzYhj6Q6 6CSLHlBWMqtsnQC8+bITuEWBO+ygXT4A5HdEiJANT/oq+Jq1PXq6gN4W3CVwaq+4 f0b+H+Ejk9Xf8jjnpsvhL4SeS71fc7QwmcDZ3syxutQhWgu/urkAUqu3B0R9PD2r FOxJS+q4lF4JTni4vlWrqtuUeK9Mv675vLq1Uw8c+jLdlBgD5QKKsFNy3LTokMEm qU1g7uSISl16AmZ6arIk2ZEtBMpYlFYhxct/EMbjfgeKZ75zG9g6Fw== =S+La -----END PGP SIGNATURE----- From nerbrume at free.fr Thu Nov 10 15:09:02 2016 From: nerbrume at free.fr (nerbrume at free.fr) Date: Thu, 10 Nov 2016 16:09:02 +0100 (CET) Subject: service doveadm : ssl problems In-Reply-To: <801945778.78290734.1478790454948.JavaMail.root@zimbra59-e10.priv.proxad.net> Message-ID: <147193685.78296560.1478790542104.JavaMail.root@zimbra59-e10.priv.proxad.net> Hello, I'm using dovecot 2.2.13 on Debian stable. My users are authenticated through PAM, and stored in an LDAP backend I'm trying to set-up replication with ssl, following (mainly) this : http://wiki2.dovecot.org/Replication 1) I only diverted from the instructed setup by not setting "doveadm_port = 12345", as it would give me errors of the like: > Fatal: /var/run/dovecot/auth-userdb: Configured passdbs don't support crentials lookups (to see if user is proxied, because doveadm_port is set) but rather specifying the port in the mail_replica setting : "mail_replica = tcps:my.domain.com:1465" (following a mail from here : http://www.dovecot.org/list/dovecot/2016-September/105356.html) So far, this seems to be working for me. 2) However, I'm having ssl problems. I have a let's encrypt certificate, and have concatened the CA cert and my server cert in a fullchain.pem. Excerpt from my ssl config : > ssl = yes > ssl_cert = ssl_key = doveadm(casoli): Info: Received invalid SSL certificate: unable to get local issuer certificate: /CN=my.domain.com > doveadm(casoli): Error: doveadm server disconnected before handshake: Received invalid SSL certificate: unable to get local issuer certificate: /CN=my.domain.com > doveadm(casoli): Fatal: Disconnected from remote: Received invalid SSL certificate: unable to get local issuer certificate: /CN=my.domain.com Which I can reproduce with openssl (openssl s_client -showcerts -CApath /etc/ssl/certs -connect my.domain.com:12345) : > (...) > Verify return code: 21 (unable to verify the first certificate) Indeed, in this case, dovecot only returns the local part of the certificate (my.domain.com), and not the full chain (with the intermediate CA). While testing regular IMAPS with openssl is ok (openssl s_client -showcerts -CApath /etc/ssl/certs -connect my.domain.com:993) > (...) > Verify return code: 0 (ok) And I can see the full chain. So, it's seems to me that doveadm is somehow wrongly serving my certificate, truncating it, but I can't see why, and if this is a misconfiguratin on my part. I can post more config files or message outputs if needed, I kept them redacted here for the sake of brevity. Regards, N From skdovecot at smail.inf.fh-brs.de Thu Nov 10 15:32:47 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 10 Nov 2016 16:32:47 +0100 (CET) Subject: exim problem with Redirect the emails from domain2 to domain1 In-Reply-To: <383cd1fd-8e40-f19e-96ae-0281a7ed922a@gmail.com> References: <383cd1fd-8e40-f19e-96ae-0281a7ed922a@gmail.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 7 Nov 2016, Quaquaraqu? wrote: > > I have a VPS using these two applications. I am transitioning from a > domain_old to a domain_new. I'd like to redirect all the emails from > domain_old to the local mailboxes of users @ domain_new. In exim I've > assumed that it is enough to add domain_old to the list of local domains: I cannot help you with exim > domainlist local_domains = @ : domain_new : domain_old > ... > begin routers > ... > local_users: > debug_print = "R: local_user for $local_part@$domain" > driver = accept > domains = +local_domains > transport = dovecot_lmtp > cannot_route_message = Unknown user > However in Dovecot I'm checking both the username and the domain to perform > the authentication: > auth_username_format = %Lu > passdb { driver = sql ; } > password_query = SELECT username, domain, password FROM users WHERE username > = '%n' AND domain = '%d' > > To have this system to work, I wish some special rule that rewrites the > domain from domain_old to domain_new. But I'm not sure whether this needs to > be done in exim or dovecot and how to add it? If exim would map domain_old to domain and your users will use domain always, that would be the easiest way. More consitent, IMHO. Otherwise (if you want to support users to login with old domains, for instance): 1) add another column with domain_old and use AND (domain = '%d' OR domain_old = '%d) domain_old would contain the old domain, domain the new one. 2) if you think you get more domains per user over the time, add another table and use JOIN or sub-SELECT. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBWCSTH3z1H7kL/d9rAQJNFgf/fjfpv/v9tyU8E3QXzGeEtyb1V84t3yut 2ML1oS07soZPhs+Kbh15HqDi3a+0geLElpnMbvXV7dHqYE2az11QgFKf2krV9dVO Y/SN22Pjwn9S6T0HGpGqk+aY62FG8uN6deXZeimKnmMRXQ0b1iswtSVb1KuTml9s jMx7OPPexxiS6keKJrFU0LsSPQjqSDc7OmtuMEbWWpJL6ANYb3pYCJl9BugUHDp/ fenmJ2Ft8e8FjSpP/kXkYlgEVhs/Xw8rSz5I2XoQ+T68IICqCe+RwrazNJ8X6N3W 1bEsX9OYG4VTNasjJCLGaJ7i1ktfI5Bu1kvv1U4oeAlrd7acNpP7oA== =7dPg -----END PGP SIGNATURE----- From tobster at brain-force.ch Thu Nov 10 15:35:56 2016 From: tobster at brain-force.ch (Tobi) Date: Thu, 10 Nov 2016 16:35:56 +0100 Subject: service doveadm : ssl problems In-Reply-To: <147193685.78296560.1478790542104.JavaMail.root@zimbra59-e10.priv.proxad.net> References: <147193685.78296560.1478790542104.JavaMail.root@zimbra59-e10.priv.proxad.net> Message-ID: <9e44aaf0-29e4-4408-ebfd-650e54f2eb8c@brain-force.ch> Have you specified the path to ca-certificates? On Debian it's normally something like that #10-ssl.conf ssl_client_ca_dir = /etc/ssl/certs see http://wiki.dovecot.org/Replication#SSL Am 10.11.2016 um 16:09 schrieb nerbrume at free.fr: > Hello, > > I'm using dovecot 2.2.13 on Debian stable. > My users are authenticated through PAM, and stored in an LDAP backend > I'm trying to set-up replication with ssl, following (mainly) this : http://wiki2.dovecot.org/Replication > > 1) I only diverted from the instructed setup by not setting "doveadm_port = 12345", as it would give me errors of the like: >> Fatal: /var/run/dovecot/auth-userdb: Configured passdbs don't support crentials lookups (to see if user is proxied, because doveadm_port is set) > but rather specifying the port in the mail_replica setting : "mail_replica = tcps:my.domain.com:1465" > (following a mail from here : http://www.dovecot.org/list/dovecot/2016-September/105356.html) > So far, this seems to be working for me. > > 2) However, I'm having ssl problems. I have a let's encrypt certificate, and have concatened the CA cert and my server cert in a fullchain.pem. > Excerpt from my ssl config : >> ssl = yes >> ssl_cert = > ssl_key = > doveadm return me these errors (sudo -u dovecot doveadm -v sync -u user tcps:my.domain.com:12345) : >> doveadm(casoli): Info: Received invalid SSL certificate: unable to get local issuer certificate: /CN=my.domain.com >> doveadm(casoli): Error: doveadm server disconnected before handshake: Received invalid SSL certificate: unable to get local issuer certificate: /CN=my.domain.com >> doveadm(casoli): Fatal: Disconnected from remote: Received invalid SSL certificate: unable to get local issuer certificate: /CN=my.domain.com > > Which I can reproduce with openssl (openssl s_client -showcerts -CApath /etc/ssl/certs -connect my.domain.com:12345) : >> (...) >> Verify return code: 21 (unable to verify the first certificate) > Indeed, in this case, dovecot only returns the local part of the certificate (my.domain.com), and not the full chain (with the intermediate CA). > > While testing regular IMAPS with openssl is ok (openssl s_client -showcerts -CApath /etc/ssl/certs -connect my.domain.com:993) >> (...) >> Verify return code: 0 (ok) > And I can see the full chain. > > > So, it's seems to me that doveadm is somehow wrongly serving my certificate, truncating it, but I can't see why, and if this is a misconfiguratin on my part. > I can post more config files or message outputs if needed, I kept them redacted here for the sake of brevity. > > Regards, > N > From stephan at rename-it.nl Thu Nov 10 15:52:51 2016 From: stephan at rename-it.nl (Stephan Bosch) Date: Thu, 10 Nov 2016 16:52:51 +0100 Subject: post-delivery virus scan In-Reply-To: References: <9FE2457D-0105-4284-BBA8-ED1AD3ED12CD@koe.hn> <5e2f7711-e99f-c0ec-9f36-898de3ed7d31@rename-it.nl> Message-ID: <1be0b841-1ab1-1aee-fc64-7f8eee834c3c@rename-it.nl> Op 10-11-2016 om 12:25 schreef Brad Koehn: >> On Nov 10, 2016, at 3:38 AM, Stephan Bosch wrote: >> >> Op 11/10/2016 om 10:05 AM schreef Teemu Huovila: >>> On 09.11.2016 23:36, Brad Koehn wrote: >>> >>> I?m wondering if there?s a better way to scan recent messages and eradicate them so the Dovecot isn?t upset when it happens. Maybe using doveadm search? Looking for suggestions. >>> The removal should if possible be done with the doveadm cli tool or using the doveadm http api. >> Still, Dovecot should handle external removal of messages gracefully. >> What exactly happens? > On Dovecot 2.2.6.0: > Nov 10 10:35:13 ds dovecot: imap(user): Error: Recent flags state corrupted for mailbox Junk > Nov 10 10:35:13 ds dovecot: imap(user): Error: /var/mail/user_dbox/mailboxes/Junk/dbox-Mails/dovecot.index reset, view is now inconsistent > Nov 10 10:35:13 ds dovecot: imap(user): IMAP session state is inconsistent, please relogin. in=6212 out=49396 OK, so at least it doesn't panic anymore in the last release. Also, the mailbox is fixed upon relogin. To prevent the remaining errors from occurring, i.e. to gracefully remove messages, you can use the doveadm expunge command (it has a man page). Regards, Stephan. From dovecot-mailing-list at whyaskwhy.org Thu Nov 10 17:11:15 2016 From: dovecot-mailing-list at whyaskwhy.org (deoren) Date: Thu, 10 Nov 2016 11:11:15 -0600 Subject: Enterprise Edition: Any known access issues with the repo? Have existing accounts been expired? Message-ID: <45e5d004-f281-a7ab-8e17-f5ae55c0242a@whyaskwhy.org> Hi, I'm getting errors when attempting to run apt-get update on an Ubuntu 14.04 box where I've had an existing EE installation for some time: > W: Failed to fetch https://apt.dovecot.fi/stable-2.2/ubuntu/trusty/dists/trusty/main/binary-amd64/Packages HttpError401 > > W: Failed to fetch https://apt.dovecot.fi/stable-2.2/ubuntu/trusty/dists/trusty/main/binary-i386/Packages HttpError401 > > E: Some index files failed to download. They have been ignored, or old ones used instead. I'm running 2.2.25.5 now and when I looked at the announcement forum[1] I see a posting[2] for 2.2.26.1, but nothing about repo changes. For what it is worth, I use the EE credentials on only a single node so I am hopefully not triggering any abuse thresholds. I tried accessing the URL used in the /etc/apt/sources.list.d/FILENAME.list file via a web browser and it isn't accepting the provided username/password. Have existing credentials been expired? If so, what is the next step to restore access? Thanks. References: [1] https://forum.open-xchange.com/forumdisplay.php?35-Dovecot-Announcements [2] http://software.open-xchange.com/products/dovecot/doc/Release_Notes_for_Dovecot_Pro_2.2.26.1_2016-10-31.pdf From nerbrume at free.fr Thu Nov 10 20:04:19 2016 From: nerbrume at free.fr (nerbrume at free.fr) Date: Thu, 10 Nov 2016 21:04:19 +0100 (CET) Subject: service doveadm : ssl problems In-Reply-To: <9e44aaf0-29e4-4408-ebfd-650e54f2eb8c@brain-force.ch> Message-ID: <916831897.79666476.1478808259022.JavaMail.root@zimbra59-e10.priv.proxad.net> ----- Mail original ----- > De: "Tobi" > ?: dovecot at dovecot.org > Envoy?: Jeudi 10 Novembre 2016 16:35:56 > Objet: Re: service doveadm : ssl problems > > Have you specified the path to ca-certificates? > On Debian it's normally something like that > > #10-ssl.conf > ssl_client_ca_dir = /etc/ssl/certs Yup, I did exactly that, sorry I forgot to include that part in the excerpt from my ssl config. However, as far as I understood, this is of no impact when I test with openssl, right ? (for the record, I also tried to manually add the intermediate ca (Let?s Encrypt Authority X3) in the /etc/ssl/certs dir, without any luck) N. > see http://wiki.dovecot.org/Replication#SSL > > > Am 10.11.2016 um 16:09 schrieb nerbrume at free.fr: > > Hello, > > > > I'm using dovecot 2.2.13 on Debian stable. > > My users are authenticated through PAM, and stored in an LDAP > > backend > > I'm trying to set-up replication with ssl, following (mainly) this > > : http://wiki2.dovecot.org/Replication > > > > 1) I only diverted from the instructed setup by not setting > > "doveadm_port = 12345", as it would give me errors of the like: > >> Fatal: /var/run/dovecot/auth-userdb: Configured passdbs don't > >> support crentials lookups (to see if user is proxied, because > >> doveadm_port is set) > > but rather specifying the port in the mail_replica setting : > > "mail_replica = tcps:my.domain.com:1465" > > (following a mail from here : > > http://www.dovecot.org/list/dovecot/2016-September/105356.html) > > So far, this seems to be working for me. > > > > 2) However, I'm having ssl problems. I have a let's encrypt > > certificate, and have concatened the CA cert and my server cert in > > a fullchain.pem. > > Excerpt from my ssl config : > >> ssl = yes > >> ssl_cert = >> ssl_key = > > > doveadm return me these errors (sudo -u dovecot doveadm -v sync -u > > user tcps:my.domain.com:12345) : > >> doveadm(casoli): Info: Received invalid SSL certificate: unable to > >> get local issuer certificate: /CN=my.domain.com > >> doveadm(casoli): Error: doveadm server disconnected before > >> handshake: Received invalid SSL certificate: unable to get local > >> issuer certificate: /CN=my.domain.com > >> doveadm(casoli): Fatal: Disconnected from remote: Received invalid > >> SSL certificate: unable to get local issuer certificate: > >> /CN=my.domain.com > > > > Which I can reproduce with openssl (openssl s_client -showcerts > > -CApath /etc/ssl/certs -connect my.domain.com:12345) : > >> (...) > >> Verify return code: 21 (unable to verify the first certificate) > > Indeed, in this case, dovecot only returns the local part of the > > certificate (my.domain.com), and not the full chain (with the > > intermediate CA). > > > > While testing regular IMAPS with openssl is ok (openssl s_client > > -showcerts -CApath /etc/ssl/certs -connect my.domain.com:993) > >> (...) > >> Verify return code: 0 (ok) > > And I can see the full chain. > > > > > > So, it's seems to me that doveadm is somehow wrongly serving my > > certificate, truncating it, but I can't see why, and if this is a > > misconfiguratin on my part. > > I can post more config files or message outputs if needed, I kept > > them redacted here for the sake of brevity. > > > > Regards, > > N > > > From felipe at felipegasper.com Thu Nov 10 23:02:32 2016 From: felipe at felipegasper.com (Felipe Gasper) Date: Thu, 10 Nov 2016 18:02:32 -0500 Subject: lazy-load SNI? Message-ID: <53A06C06-374F-4267-AED6-41A1F9D57010@felipegasper.com> Hello, We?re rolling out large SNI deployments for our mail servers. Each domain gets an entry like this in the config: local_name mail.foo.com { ssl_cert = References: <42dc9a57-9f93-370b-a599-2c870ff26b4e@indietorrent.org> <4714c8bb-5c9d-7818-51d1-405bb951bfb9@indietorrent.org> <72ac5cad-5aa5-bf1e-3f1f-6e30c2cf8ca9@indietorrent.org> <741354065.4963.1478761353296@appsuite-dev.open-xchange.com> Message-ID: On 11/10/2016 2:02 AM, Aki Tuomi wrote: > Hi! > > Can you provide bt full from gbd? > > Install debug symbols and acquire core file > > Run gdb /path/to/bin /path/to/core > > Issue bt ful > > Send it to list. > > > Aki Tuomi > > Dovecot oy > > > > On November 10, 2016 at 2:42 AM Larry Rosenman > wrote: > > looks to me from the coredump (although you pointed to the wrong binary) > that > deliver was PANIC()'ing with > > io_add(0x%x) called twice fd=%d, callback=%p -> %p > > I'm not sure what that message means, but maybe one of the dovecot folks > does. > > Are all the packages built together? > > Are you averse to compiling stuff yourself? Thanks so much for the assistance here, Larry and Aki. Aki, you had asked me to send this core-dump to the list when I asked about it back in September; I did post the "bt full" output at that time, but there were no further replies: http://www.dovecot.org/list/dovecot/2016-September/105428.html And for convenience, here is the "bt full" output I posted back then: http://pastebin.com/4xdGNXa6 So, this is where I'm confused: Larry, you mentioned "although you pointed to the wrong binary", which is a concern I had asked about back in September: http://www.dovecot.org/list/dovecot/2016-September/105424.html I still don't understand how this is pointing to the wrong binary: # gdb /usr/lib/dovecot/dovecot-lda /var/vmail/tmp/core-deliver-6-5000-5000-29125-1473732949 Is /usr/lib/dovecot/dovecot-lda not the binary that segfaulted here? Sure, the gdb output says, "Core was generated by `/usr/lib/dovecot/deliver ...", but on the system in question, that is a symlink pointing to /usr/lib/dovecot/dovecot-lda: # ls -lah /usr/lib/dovecot/deliver lrwxrwxrwx 1 root root 11 Sep 21 10:29 /usr/lib/dovecot/deliver -> dovecot-lda What am I missing here? The mismatch message does say something specific about this: warning: the debug information found in "/lib64/ld-2.23.so" does not match "/lib64/ld-linux-x86-64.so.2" (CRC mismatch). Is this the result of pointing to the wrong executable when calling "gdb"? If so, where is the correct executable to pass as the fist argument? Again, for convenience, the pipe script I'm using: http://pastebin.com/zXzBDcvG And the debug output from said pipe script: http://pastebin.com/rz2f4S4G My full "doveconf -n": http://pastebin.com/hCgpA009 Thanks! -Ben From ben at indietorrent.org Fri Nov 11 01:29:02 2016 From: ben at indietorrent.org (Ben Johnson) Date: Thu, 10 Nov 2016 20:29:02 -0500 Subject: How does one mark all messages as read (imap4flag "seen") with sieve? In-Reply-To: References: <42dc9a57-9f93-370b-a599-2c870ff26b4e@indietorrent.org> <4714c8bb-5c9d-7818-51d1-405bb951bfb9@indietorrent.org> <72ac5cad-5aa5-bf1e-3f1f-6e30c2cf8ca9@indietorrent.org> Message-ID: On 11/10/2016 3:46 AM, Bill Shirley wrote: > I don't use the Anti-Spam plugin; I just fire off a BASH script every > four hours with > crontab which iterates thru the vmail email accounts and trains > Spamassassin 'per-user' > accounts. If the script sounds interesting I can post it here. It > probably could use a little polish > though. > > Bill Thanks, Bill! Sure, please do share the script, if it's not too much trouble. For my specific use-case, I've been maintaining a "corpus" of known ham/spam messages, and enjoy being able to hand classify/re-classify/ignore if necessary. But I do see the appeal of training with a single script that iterates through each user's mailbox. Heretofore, my thinking has been that combining all "submitted" spam, which is piped into the training mailbox automatically, whenever a user drags from Inbox -> Spam (or vice versa), I have a much broader sample of the the ham and spam out there. And yes, a "shared" corpus among all users does seem to "dilute" specific individuals' would-be training preferences a bit, but the trade-off seems worthwhile. Interesting quandary... I would love to see the script! No problem if it's a bit "rough around the edges"; the overall concept and approach are what's important to me. -Ben From dm at belkam.com Fri Nov 11 05:01:21 2016 From: dm at belkam.com (Dmitry Melekhov) Date: Fri, 11 Nov 2016 09:01:21 +0400 Subject: post-delivery virus scan In-Reply-To: <20161110134716.79a5895d05ec9299f06ed688@moltke28.b.shuttle.de> References: <9FE2457D-0105-4284-BBA8-ED1AD3ED12CD@koe.hn> <20161110134716.79a5895d05ec9299f06ed688@moltke28.b.shuttle.de> Message-ID: <115415fa-4a78-98cf-53df-cf0284295e83@belkam.com> 10.11.2016 16:47, Frank Elsner ?????: > On Wed, 9 Nov 2016 15:36:33 -0600 Brad Koehn wrote: > > [ ... ] > >> To help detect and remove the infected messages after they?ve been delivered to users? mailboxes, I created a small script that iterates the INBOX and Junk mailbox directories, scans recent messages for viruses, and deletes them if found. The source of my script (run via cron) is here: https://gitlab.koehn.com/snippets/9 > Bad idea. The user may already taken the action needed for infection. And what about legal aspects? Is it legal to redistribute malware in Germany? :-D > In my country (Germany), information suppression would be punishable. I guess main problem here is that this is not on access scan, i.e. even if virus can be already detected by newer virus database, it can be accessed by user before it rescanned. From aki.tuomi at dovecot.fi Fri Nov 11 07:44:36 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Fri, 11 Nov 2016 09:44:36 +0200 Subject: lazy-load SNI? In-Reply-To: <53A06C06-374F-4267-AED6-41A1F9D57010@felipegasper.com> References: <53A06C06-374F-4267-AED6-41A1F9D57010@felipegasper.com> Message-ID: <0b732051-a882-2647-e10b-83390b646064@dovecot.fi> On 11.11.2016 01:02, Felipe Gasper wrote: > Hello, > > We?re rolling out large SNI deployments for our mail servers. Each domain gets an entry like this in the config: > > local_name mail.foo.com { > ssl_cert = ssl_key = } > > There are a couple problems we?re finding with this approach: > > 1) Dovecot wants to load everything at once, which has some machines taking up many GiB of memory just for Dovecot. Is there any way to defer loading of an SSL cert until a client actually requests it? > > 2) Any time we add or remove a domain, Dovecot?s SNI config matrix needs to be rebuilt. Is there a way to handle SNI requests dynamically via some sort of configuration plugin, so we wouldn?t need to rebuild the config on domain add/remove? I looked through the docs but couldn?t see a way to do this. > > Thank you in advance! > > -Felipe Gasper > Mississauga, ON Unfortunately it's not possible now, it has been asked before though. We have this feature request in our list but cannot give any date when it would be available. Aki Tuomi Dovecot oy From libor.pavlik at ine.cz Fri Nov 11 09:06:43 2016 From: libor.pavlik at ine.cz (=?UTF-8?Q?Libor_Pavl=c3=adk?=) Date: Fri, 11 Nov 2016 10:06:43 +0100 Subject: Maildir filename has wrong S value - possible culprit Message-ID: <50755f08-c438-d4ba-c533-bb5c166126d7@ine.cz> Hi, I'm new to dovecot but as I see in mailinglist archive this issue is old and I didn't find this in archive. One of cuplrits (I believe not the only possible) is spamassassin. It's added headers make exactly the difference between S value and filesize. Probably it's in the way emails are processed in "manufactory" of Qmail+Vpopmail+Spamassassin but now I'm not able to say how can it be repaired. As mentioned above I'm using solution with Qmail+Vpopmail+Spamassassin+Dovecot, my Dovecot version is 2.2.26.0. Libor Pavl?k From sami.ketola at dovecot.fi Fri Nov 11 09:22:06 2016 From: sami.ketola at dovecot.fi (Sami Ketola) Date: Fri, 11 Nov 2016 11:22:06 +0200 Subject: Enterprise Edition: Any known access issues with the repo? Have existing accounts been expired? In-Reply-To: <45e5d004-f281-a7ab-8e17-f5ae55c0242a@whyaskwhy.org> References: <45e5d004-f281-a7ab-8e17-f5ae55c0242a@whyaskwhy.org> Message-ID: <347C17D2-DFCE-402B-B5DD-CCC0D924E94D@dovecot.fi> > On 10 Nov 2016, at 19.11, deoren wrote: > > > I'm running 2.2.25.5 now and when I looked at the announcement forum[1] I see a posting[2] for 2.2.26.1, but nothing about repo changes. > > For what it is worth, I use the EE credentials on only a single node so I am hopefully not triggering any abuse thresholds. > > I tried accessing the URL used in the /etc/apt/sources.list.d/FILENAME.list file via a web browser and it isn't accepting the provided username/password. > > Have existing credentials been expired? If so, what is the next step to restore access? > > Thanks. > Hi, Can you please contact us at support at dovecot.fi to get this issue resolved. Sami From arekm at maven.pl Fri Nov 11 10:22:50 2016 From: arekm at maven.pl (Arkadiusz =?utf-8?q?Mi=C5=9Bkiewicz?=) Date: Fri, 11 Nov 2016 11:22:50 +0100 Subject: lazy-load SNI? In-Reply-To: <53A06C06-374F-4267-AED6-41A1F9D57010@felipegasper.com> References: <53A06C06-374F-4267-AED6-41A1F9D57010@felipegasper.com> Message-ID: <201611111122.50791.arekm@maven.pl> On Friday 11 of November 2016, Felipe Gasper wrote: > Hello, > > We?re rolling out large SNI deployments for our mail servers. Each domain > gets an entry like this in the config: > > local_name mail.foo.com { > ssl_cert = ssl_key = } Lack of glob/regexp support here is also a problem (for me). I could have 50% smaller config if local_name supported regexp matching, so it would be possible to do: local_name ^(pop3|imap)\.foo\.com { ... } or even with glob like *.foo.com matching. > > There are a couple problems we?re finding with this approach: > > 1) Dovecot wants to load everything at once, which has some machines taking > up many GiB of memory just for Dovecot. Is there any way to defer loading > of an SSL cert until a client actually requests it? No - thread here http://www.dovecot.org/list/dovecot/2016-October/105855.html Memory is one thing. The other is that dovecot stops accepting clients when huge config reload happens (I guess it's a design problem since it makes no sense to do that in any case. Clients should be processed without gap using old config until new config is loaded and ready to go). And third problem is that there is hardcoded 10s limit for reloading which in case thousands of certificates is way too short limit. Anyway if you hit that limit it's already lost case due to earlier problem. > > 2) Any time we add or remove a domain, Dovecot?s SNI config matrix needs to > be rebuilt. Is there a way to handle SNI requests dynamically via some > sort of configuration plugin, so we wouldn?t need to rebuild the config on > domain add/remove? I looked through the docs but couldn?t see a way to do > this. That's unavoidable for now :-( Here we started analyzing maillog and put into dovecot config only these ssl certs for domains that are actually used with TLS. It's very ugly and short- sighted approach but hopefuly proper solution will be implemented by dovecot team before all people start to use TLS. > Thank you in advance! > > -Felipe Gasper > Mississauga, ON -- Arkadiusz Mi?kiewicz, arekm / ( maven.pl | pld-linux.org ) From aki.tuomi at dovecot.fi Fri Nov 11 10:36:28 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Fri, 11 Nov 2016 12:36:28 +0200 (EET) Subject: lazy-load SNI? In-Reply-To: <201611111122.50791.arekm@maven.pl> References: <53A06C06-374F-4267-AED6-41A1F9D57010@felipegasper.com> <201611111122.50791.arekm@maven.pl> Message-ID: <1764691363.380.1478860589329@appsuite-dev.open-xchange.com> > On November 11, 2016 at 12:22 PM Arkadiusz Mi?kiewicz wrote: > > > On Friday 11 of November 2016, Felipe Gasper wrote: > > Hello, > > > > We?re rolling out large SNI deployments for our mail servers. Each domain > > gets an entry like this in the config: > > > > local_name mail.foo.com { > > ssl_cert = > ssl_key = > } > > Lack of glob/regexp support here is also a problem (for me). I could have 50% > smaller config if local_name supported regexp matching, so it would be > possible to do: > > local_name ^(pop3|imap)\.foo\.com { > ... > } > > or even with glob like *.foo.com matching. > > > > > There are a couple problems we?re finding with this approach: > > > > 1) Dovecot wants to load everything at once, which has some machines taking > > up many GiB of memory just for Dovecot. Is there any way to defer loading > > of an SSL cert until a client actually requests it? > > No - thread here http://www.dovecot.org/list/dovecot/2016-October/105855.html > > Memory is one thing. > > The other is that dovecot stops accepting clients when huge config reload > happens (I guess it's a design problem since it makes no sense to do that in > any case. Clients should be processed without gap using old config until new > config is loaded and ready to go). > > And third problem is that there is hardcoded 10s limit for reloading which in > case thousands of certificates is way too short limit. Anyway if you hit that > limit it's already lost case due to earlier problem. > > > > > 2) Any time we add or remove a domain, Dovecot?s SNI config matrix needs to > > be rebuilt. Is there a way to handle SNI requests dynamically via some > > sort of configuration plugin, so we wouldn?t need to rebuild the config on > > domain add/remove? I looked through the docs but couldn?t see a way to do > > this. > > That's unavoidable for now :-( > > Here we started analyzing maillog and put into dovecot config only these ssl > certs for domains that are actually used with TLS. It's very ugly and short- > sighted approach but hopefuly proper solution will be implemented by dovecot > team before all people start to use TLS. > > > Thank you in advance! > > > > -Felipe Gasper > > Mississauga, ON > > > -- > Arkadiusz Mi?kiewicz, arekm / ( maven.pl | pld-linux.org ) Hi! We are going to do some changes at some point how the certs are loaded and handled to alleviate this. The idea is not yet ripe, so I won't go into too much detail, but idea is to move the cert storage from protocol login processes to elsewhere. The local_name matching can probably be fixed faster, it could use the same rules as matching cert names generally do. Aki From felipe at felipegasper.com Fri Nov 11 13:34:44 2016 From: felipe at felipegasper.com (Felipe Gasper) Date: Fri, 11 Nov 2016 08:34:44 -0500 Subject: lazy-load SNI? In-Reply-To: <1764691363.380.1478860589329@appsuite-dev.open-xchange.com> References: <53A06C06-374F-4267-AED6-41A1F9D57010@felipegasper.com> <201611111122.50791.arekm@maven.pl> <1764691363.380.1478860589329@appsuite-dev.open-xchange.com> Message-ID: > On Nov 11, 2016, at 5:36 AM, Aki Tuomi wrote: > > Hi! > > We are going to do some changes at some point how the certs are loaded and handled to alleviate this. The idea is not yet ripe, so I won't go into too much detail, but idea is to move the cert storage from protocol login processes to elsewhere. > In the other thread (http://www.dovecot.org/list/dovecot/2016-October/105855.html) there is mention of Exim. Exim actually allows a pretty flexible SNI-time cert load. Dovecot?s config doesn?t have the run-time variables that would allow this, but maybe there could be some sort of pluggable mechanism to show Dovecot where the cert for a given FQDN is? It?d be great if a little bit of logic could ?teach? Dovecot for each system, like: sub certificate_path ($fqdn) { return "$WHERE_MY_CERTS_ARE/$fqdn.pem"; } -FG From Jochen.Bern at binect.de Fri Nov 11 14:19:40 2016 From: Jochen.Bern at binect.de (Jochen Bern) Date: Fri, 11 Nov 2016 15:19:40 +0100 Subject: How to Analyze Missing UIDs (and Files) in Maildirs? Message-ID: <5825D37C.1050601@binect.de> Hello everyone, I would like pointers on how to analyze the following situation, please: I'm running one test and one production dovecot IMAPS server for one of our platforms. The clients are essentially appliances we distribute, auth by client cert, virtual users only, mailboxes in maildir format: > auth_ssl_require_client_cert = yes > auth_ssl_username_from_cert = yes > auth_mechanisms = plain > ssl = required > ssl_cert = ssl_key = ssl_ca = ssl_verify_client_cert = yes > mail_location = maildir:~ > userdb { > driver = static > args = uid=... gid=... home=/home/.../%Ld_realm/%Ln > } > passdb { > driver = static > args = password=... > } The client certs have CNs unique to the appliance and no client besides that appliance is supposed to access the mailbox. Appliances take note of the UIDs they've seen (and not yet deleted) and expect to be able to re-access e-mails by the UIDs they know. (Needless to say, I keep my hands away from the cache files so as not to cause the UIDs to be reassigned.) The dovecot version used is updated along with the CentOS 6 source RPMs - which contain a 2.0.9 plus whatever patches CentOS backported - and receives two additional patches from me, one from current dovecot sources to improve closure of inactive SSL connections and one from me that turns the IMAP CREATE command into a NOP; the appliance code doesn't expect mailboxes to have folders besides INBOX. ------- QA is looking into an upcoming new feature that requires appliances to reread old e-mails, and got errors that UIDs the test appliances expected to still be on the (test) server weren't. I verified, the UIDs are indeed absent from the dovecot-uidlist files. The mails in question arrived *sometime* over the course of the last 12 months and must've vanished *sometime* since then ... ugh. No trace of what may have happened to them in any logs, of course. On the test server, I re-enabled logging of DELETE, UNDELETE and EXPUNGE commands, in case the appliances delete mails themselves and forget to update their own cache. Are there other IMAP commands that could remove mails, and thus should be added to the list? Would it be possible to have dovecot configured so that there's a log entry whenever a client tries to retrieve a UID that dovecot doesn't have in the maildir anymore? ------- While looking into the above issue, I noticed that a large number of mailboxes (test as well as production) have UIDs that *are* listed in dovecot-uidlist, yet, no corresponding file is present anymore. Example: > # grep -c : *_realm/$EXAMPLE_USER/dovecot-uidlist > 58 > # grep : *_realm/$EXAMPLE_USER/dovecot-uidlist | sed -e '2,57d' -e 's/ .*//' > 1 > 152 > # for PAIR in `grep : *_realm/$EXAMPLE_USER/dovecot-uidlist | sed -e 's/ .*:/:/'` ; do > > IMAP_UID=`echo $PAIR | sed -e 's/:.*//'`; BASE=`echo $PAIR | sed -e 's/.*://'` > > CNT=`find *_realm/$EXAMPLE_USER -type f -name "$BASE"'*' -ls | wc -l` > > if [ $CNT -ne 1 ]; then echo "Found $CNT files for UID $IMAP_UID"; fi; done > Found 0 files for UID 135 > Found 0 files for UID 136 > Found 0 files for UID 139 > Found 0 files for UID 142 > Found 0 files for UID 143 > Found 0 files for UID 144 > Found 0 files for UID 145 > Found 0 files for UID 150 > Found 0 files for UID 151 Is that normal behaviour? If not, how would I try to find out what happens there? Kind regards, -- Jochen Bern Systemingenieur Fon: +49 6151 9067-231 Fax: +49 6151 9067-290 E-Mail: jochen.bern at binect.de www.binect.de www.facebook.de/binect Binect GmbH Robert-Koch-Stra?e 9, 64331 Weiterstadt, DE Gesch?ftsf?hrung: Christian Ladner, Dr. Frank Wermeyer, Nils Manegold Unternehmenssitz: Weiterstadt Register: Amtsgericht Darmstadt, HRB 94685 Umsatzsteuer-ID: DE 221 302 264 MAX 21-Unternehmensgruppe -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4278 bytes Desc: S/MIME Cryptographic Signature URL: From aki.tuomi at dovecot.fi Fri Nov 11 15:06:47 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Fri, 11 Nov 2016 17:06:47 +0200 Subject: lazy-load SNI? In-Reply-To: <201611111122.50791.arekm@maven.pl> References: <53A06C06-374F-4267-AED6-41A1F9D57010@felipegasper.com> <201611111122.50791.arekm@maven.pl> Message-ID: On 11.11.2016 12:22, Arkadiusz Mi?kiewicz wrote: > On Friday 11 of November 2016, Felipe Gasper wrote: >> Hello, >> >> We?re rolling out large SNI deployments for our mail servers. Each domain >> gets an entry like this in the config: >> >> local_name mail.foo.com { >> ssl_cert = > ssl_key = > } > Lack of glob/regexp support here is also a problem (for me). I could have 50% > smaller config if local_name supported regexp matching, so it would be > possible to do: > > local_name ^(pop3|imap)\.foo\.com { > ... > } > > or even with glob like *.foo.com matching. > >> There are a couple problems we?re finding with this approach: >> >> 1) Dovecot wants to load everything at once, which has some machines taking >> up many GiB of memory just for Dovecot. Is there any way to defer loading >> of an SSL cert until a client actually requests it? > No - thread here http://www.dovecot.org/list/dovecot/2016-October/105855.html > > Memory is one thing. > > The other is that dovecot stops accepting clients when huge config reload > happens (I guess it's a design problem since it makes no sense to do that in > any case. Clients should be processed without gap using old config until new > config is loaded and ready to go). > > And third problem is that there is hardcoded 10s limit for reloading which in > case thousands of certificates is way too short limit. Anyway if you hit that > limit it's already lost case due to earlier problem. > >> 2) Any time we add or remove a domain, Dovecot?s SNI config matrix needs to >> be rebuilt. Is there a way to handle SNI requests dynamically via some >> sort of configuration plugin, so we wouldn?t need to rebuild the config on >> domain add/remove? I looked through the docs but couldn?t see a way to do >> this. > That's unavoidable for now :-( > > Here we started analyzing maillog and put into dovecot config only these ssl > certs for domains that are actually used with TLS. It's very ugly and short- > sighted approach but hopefuly proper solution will be implemented by dovecot > team before all people start to use TLS. > >> Thank you in advance! >> >> -Felipe Gasper >> Mississauga, ON > If you are interested in testing, please find patch attached that allows you to specify local_name *.foo.bar { } or local_name *.*.foo.bar { } so basically you can now use certificate name matching rules for local_name. It made most sense. This should apply cleanly to 2.2.26.0. --- Aki Tuomi Dovecot oy -------------- next part -------------- A non-text attachment was scrubbed... Name: 0001-lib-dns-Add-DNS-specific-matching-algorithms.patch Type: text/x-patch Size: 4450 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: 0002-lib-dns-Add-tests-for-dns-util.patch Type: text/x-patch Size: 4020 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: 0003-config-Match-local_name-using-dns-util.patch Type: text/x-patch Size: 1487 bytes Desc: not available URL: From arekm at maven.pl Fri Nov 11 17:17:59 2016 From: arekm at maven.pl (Arkadiusz =?utf-8?q?Mi=C5=9Bkiewicz?=) Date: Fri, 11 Nov 2016 18:17:59 +0100 Subject: lazy-load SNI? In-Reply-To: References: <53A06C06-374F-4267-AED6-41A1F9D57010@felipegasper.com> <201611111122.50791.arekm@maven.pl> Message-ID: <201611111817.59968.arekm@maven.pl> On Friday 11 of November 2016, Aki Tuomi wrote: > If you are interested in testing, please find patch attached that allows > you to specify > > local_name *.foo.bar { > } > > or > > local_name *.*.foo.bar { > } > > so basically you can now use certificate name matching rules for > local_name. It made most sense. Great! Seems to be working fine for my usage and makes my configs 50% smaller (which is gigantic improvement). Will do more testing though. Thanks! What about dovecot stopping processing new clients when reload is in progress problem - is it possible to make it behave better? To minimize (or avoid) "downtime". How to reproduce - just create config file with 20 000 - 50 000 entries local_name hostX....example.com { ssl_cert = Aki Tuomi > Dovecot oy -- Arkadiusz Mi?kiewicz, arekm / ( maven.pl | pld-linux.org ) From bill at KnoxvilleChristian.org Fri Nov 11 17:52:00 2016 From: bill at KnoxvilleChristian.org (Bill Shirley) Date: Fri, 11 Nov 2016 12:52:00 -0500 Subject: How does one mark all messages as read (imap4flag "seen") with sieve? In-Reply-To: References: <42dc9a57-9f93-370b-a599-2c870ff26b4e@indietorrent.org> <4714c8bb-5c9d-7818-51d1-405bb951bfb9@indietorrent.org> <72ac5cad-5aa5-bf1e-3f1f-6e30c2cf8ca9@indietorrent.org> Message-ID: <1e66237a-5250-43d1-d875-606a9cd8a3d1@KnoxvilleChristian.org> This one is for vmail which is attached. Bill On 11/10/2016 8:29 PM, Ben Johnson wrote: > On 11/10/2016 3:46 AM, Bill Shirley wrote: >> I don't use the Anti-Spam plugin; I just fire off a BASH script every >> four hours with >> crontab which iterates thru the vmail email accounts and trains >> Spamassassin 'per-user' >> accounts. If the script sounds interesting I can post it here. It >> probably could use a little polish >> though. >> >> Bill > Thanks, Bill! > > Sure, please do share the script, if it's not too much trouble. > > For my specific use-case, I've been maintaining a "corpus" of known > ham/spam messages, and enjoy being able to hand > classify/re-classify/ignore if necessary. > > But I do see the appeal of training with a single script that iterates > through each user's mailbox. > > Heretofore, my thinking has been that combining all "submitted" spam, > which is piped into the training mailbox automatically, whenever a user > drags from Inbox -> Spam (or vice versa), I have a much broader sample > of the the ham and spam out there. > > And yes, a "shared" corpus among all users does seem to "dilute" > specific individuals' would-be training preferences a bit, but the > trade-off seems worthwhile. > > Interesting quandary... I would love to see the script! No problem if > it's a bit "rough around the edges"; the overall concept and approach > are what's important to me. > > -Ben -------------- next part -------------- #!/bin/bash # 2015-11-02 add -u to sa-learn; change delete to doveadm expunge # 2015-07-21 update executable paths and dbpath # vmail home is organized like: /home/vmail/domains/example.com/bob/Maildir MAILDIR=Maildir SPAMDIR="SystemFolders.Spam" HAMDIR="SystemFolders.Ham" VMAILHOME=/home/vmail VMAILUSER=vmail LS=/usr/bin/ls RM=/usr/bin/rm SU=/usr/bin/su FIND=/usr/bin/find DOVEADM=/usr/bin/doveadm SALEARN=/usr/bin/sa-learn for domain in `$LS "$VMAILHOME/domains"`; do for user in `$LS $VMAILHOME/domains/$domain`; do if [ "$user" = "public_html" ]; then continue; fi dbpath="$VMAILHOME/domains/$domain/$user/.spamassassin" [ ! -d "$dbpath" ] && continue prefs="$VMAILHOME/domains/$domain/$user/.spamassassin/user_prefs" [ ! -f "$prefs" ] && continue echo "$user@$domain" #echo "$user@$domain user_prefs=$prefs dbpath=$dbpath" spamdir="$VMAILHOME/domains/$domain/$user/$MAILDIR/.$SPAMDIR" hamdir="$VMAILHOME/domains/$domain/$user/$MAILDIR/.$HAMDIR" saparm='' if [ -d "$spamdir/new" ]; then saparm="$saparm --spam $spamdir/new " fi if [ -d "$spamdir/cur" ]; then saparm="$saparm --spam $spamdir/cur " fi if [ -d "$hamdir/new" ]; then saparm="$saparm --ham $hamdir/new " fi if [ -d "$hamdir/cur" ]; then saparm="$saparm --ham $hamdir/cur " fi #echo $saparm if [ x"$saparm" != x ]; then # $SU -c "$SALEARN --dbpath=$dbpath --prefspath=$prefs $saparm" $VMAILUSER # $SALEARN --dbpath=$dbpath --prefspath=$prefs $saparm $SALEARN -u "$VMAILUSER" --dbpath "$dbpath" -p "$prefs" $saparm fi # delete using find # [ -d "$spamdir/new" ] && $FIND "$spamdir/new" -type f -delete # [ -d "$spamdir/cur" ] && $FIND "$spamdir/cur" -type f -delete # [ -d "$hamdir/new" ] && $FIND "$hamdir/new" -type f -delete # [ -d "$hamdir/cur" ] && $FIND "$hamdir/cur" -type f -delete # next two lines are for testing: # $DOVEADM -f table fetch -u "$user@$domain" 'date.received' mailbox "$SPAMDIR" # $DOVEADM -f table fetch -u "$user@$domain" 'date.received' mailbox "$HAMDIR" # delete using dovecot $DOVEADM expunge -u "$user@$domain" all mailbox "$SPAMDIR" $DOVEADM expunge -u "$user@$domain" all mailbox "$HAMDIR" done done From aki.tuomi at dovecot.fi Fri Nov 11 18:00:04 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Fri, 11 Nov 2016 20:00:04 +0200 Subject: lazy-load SNI? In-Reply-To: <201611111817.59968.arekm@maven.pl> References: <53A06C06-374F-4267-AED6-41A1F9D57010@felipegasper.com> <201611111122.50791.arekm@maven.pl> <201611111817.59968.arekm@maven.pl> Message-ID: <89020211-4e95-a33c-fdf2-9ce8f60b08f9@dovecot.fi> On 11.11.2016 19:17, Arkadiusz Mi?kiewicz wrote: > On Friday 11 of November 2016, Aki Tuomi wrote: > >> If you are interested in testing, please find patch attached that allows >> you to specify >> >> local_name *.foo.bar { >> } >> >> or >> >> local_name *.*.foo.bar { >> } >> >> so basically you can now use certificate name matching rules for >> local_name. It made most sense. > Great! Seems to be working fine for my usage and makes my configs 50% smaller > (which is gigantic improvement). Will do more testing though. > > Thanks! > > > > What about dovecot stopping processing new clients when reload is in progress > problem - is it possible to make it behave better? To minimize (or avoid) > "downtime". > > How to reproduce - just create config file with 20 000 - 50 000 entries > > local_name hostX....example.com { > ssl_cert = ssl_key = } > > where cert.pem contains some full chain (CA cert + intermediate + cert + key). > > Start dovecot and then doveadm reload should take long time. Enough for > noticing that dovecot stops processing clients. > >> Aki Tuomi >> Dovecot oy That is something that will happen later. Can't give any date, but it's in our internal tasklist. Aki From arekm at maven.pl Fri Nov 11 18:12:07 2016 From: arekm at maven.pl (Arkadiusz =?utf-8?q?Mi=C5=9Bkiewicz?=) Date: Fri, 11 Nov 2016 19:12:07 +0100 Subject: lazy-load SNI? In-Reply-To: <89020211-4e95-a33c-fdf2-9ce8f60b08f9@dovecot.fi> References: <53A06C06-374F-4267-AED6-41A1F9D57010@felipegasper.com> <201611111817.59968.arekm@maven.pl> <89020211-4e95-a33c-fdf2-9ce8f60b08f9@dovecot.fi> Message-ID: <201611111912.07597.arekm@maven.pl> On Friday 11 of November 2016, Aki Tuomi wrote: > On 11.11.2016 19:17, Arkadiusz Mi?kiewicz wrote: > > On Friday 11 of November 2016, Aki Tuomi wrote: > >> If you are interested in testing, please find patch attached that allows > >> you to specify > >> > >> local_name *.foo.bar { > >> } > >> > >> or > >> > >> local_name *.*.foo.bar { > >> } > >> > >> so basically you can now use certificate name matching rules for > >> local_name. It made most sense. > > > > Great! Seems to be working fine for my usage and makes my configs 50% > > smaller (which is gigantic improvement). Will do more testing though. > > > > Thanks! > > > > > > > > What about dovecot stopping processing new clients when reload is in > > progress problem - is it possible to make it behave better? To minimize > > (or avoid) "downtime". > > > > How to reproduce - just create config file with 20 000 - 50 000 entries > > > > local_name hostX....example.com { > > > > ssl_cert = > ssl_key = > > > } > > > > where cert.pem contains some full chain (CA cert + intermediate + cert + > > key). > > > > Start dovecot and then doveadm reload should take long time. Enough for > > noticing that dovecot stops processing clients. > > > >> Aki Tuomi > >> Dovecot oy > > That is something that will happen later. Can't give any date, but it's > in our internal tasklist. Ok, thanks. Just making sure that this (stopping processing clients) and lazy-loading of thousands of SSL certs itself are treated by dovecot team as two separate issues (and tons of SSL certs simply helps to notice first issue). And was hoping that stopping processing clients issue is easy/easier to solve (but looks like that's not the case). > Aki -- Arkadiusz Mi?kiewicz, arekm / ( maven.pl | pld-linux.org ) From listeem at ksb.id.lv Fri Nov 11 18:29:02 2016 From: listeem at ksb.id.lv (KSB) Date: Fri, 11 Nov 2016 20:29:02 +0200 Subject: lazy-load SNI? In-Reply-To: <201611111912.07597.arekm@maven.pl> References: <53A06C06-374F-4267-AED6-41A1F9D57010@felipegasper.com> <201611111817.59968.arekm@maven.pl> <89020211-4e95-a33c-fdf2-9ce8f60b08f9@dovecot.fi> <201611111912.07597.arekm@maven.pl> Message-ID: <9f33e7e0-d98d-98d7-c759-21247b293ab5@ksb.id.lv> >>> >>> Great! Seems to be working fine for my usage and makes my configs 50% >>> smaller (which is gigantic improvement). Will do more testing though. >>> >>> Thanks! >>> >>> A little bit offtopic, but what is the point of using imap/pop SNI? All clients want to connect to their own domain or what? -- Kaspars From felipe at felipegasper.com Fri Nov 11 18:31:39 2016 From: felipe at felipegasper.com (Felipe Gasper) Date: Fri, 11 Nov 2016 13:31:39 -0500 Subject: lazy-load SNI? In-Reply-To: <9f33e7e0-d98d-98d7-c759-21247b293ab5@ksb.id.lv> References: <53A06C06-374F-4267-AED6-41A1F9D57010@felipegasper.com> <201611111817.59968.arekm@maven.pl> <89020211-4e95-a33c-fdf2-9ce8f60b08f9@dovecot.fi> <201611111912.07597.arekm@maven.pl> <9f33e7e0-d98d-98d7-c759-21247b293ab5@ksb.id.lv> Message-ID: <6A50A150-B25F-46DA-BCB6-9089EFCFFA34@felipegasper.com> > On Nov 11, 2016, at 1:29 PM, KSB wrote: > >>>> >>>> Great! Seems to be working fine for my usage and makes my configs 50% >>>> smaller (which is gigantic improvement). Will do more testing though. >>>> >>>> Thanks! >>>> > > A little bit offtopic, but what is the point of using imap/pop SNI? All clients want to connect to their own domain or what? > Yes. It allows more comprehensive branding via the domain name. -FG From arekm at maven.pl Fri Nov 11 18:33:19 2016 From: arekm at maven.pl (Arkadiusz =?utf-8?q?Mi=C5=9Bkiewicz?=) Date: Fri, 11 Nov 2016 19:33:19 +0100 Subject: lazy-load SNI? In-Reply-To: <9f33e7e0-d98d-98d7-c759-21247b293ab5@ksb.id.lv> References: <53A06C06-374F-4267-AED6-41A1F9D57010@felipegasper.com> <201611111912.07597.arekm@maven.pl> <9f33e7e0-d98d-98d7-c759-21247b293ab5@ksb.id.lv> Message-ID: <201611111933.19310.arekm@maven.pl> On Friday 11 of November 2016, KSB wrote: > >>> Great! Seems to be working fine for my usage and makes my configs 50% > >>> smaller (which is gigantic improvement). Will do more testing though. > >>> > >>> Thanks! > > A little bit offtopic, but what is the point of using imap/pop SNI? > All > clients want to connect to their own domain or what? Yes. -- Arkadiusz Mi?kiewicz, arekm / ( maven.pl | pld-linux.org ) From lista at xdrv.co.uk Fri Nov 11 19:10:43 2016 From: lista at xdrv.co.uk (James) Date: Fri, 11 Nov 2016 19:10:43 +0000 Subject: Redirect the emails from domain2 to domain1 In-Reply-To: <383cd1fd-8e40-f19e-96ae-0281a7ed922a@gmail.com> References: <383cd1fd-8e40-f19e-96ae-0281a7ed922a@gmail.com> Message-ID: <8dbbd38b-96d8-4c63-df9a-9fb88a4c0483@xdrv.co.uk> On 07/11/2016 00:35, Quaquaraqu? wrote: > To have this system to work, I wish some special rule that rewrites the > domain from domain_old to domain_new. But I'm not sure whether this > needs to be done in exim or dovecot and how to add it? Use a redirect router in exim, see: http://www.exim.org/exim-html-current/doc/html/spec_html/ch-the_redirect_router.html From petros.fraser at gmail.com Sat Nov 12 18:08:46 2016 From: petros.fraser at gmail.com (Peter Fraser) Date: Sat, 12 Nov 2016 13:08:46 -0500 Subject: Dovecot lmtp Message-ID: Hi All I am migrating from dovecot-1.x where I had LDA running to dovecot2-2.2.26.0_1 where I am trying to set up LMTP. I have enabled a TCP/IP socket .Setting below. service lmtp { inet_listener lmtp { address = 127.0.0.1 port = 24 } } and put this additional entry in postfix virtual_transport = lmtp:127.0.0.1:24 in 10-mail.conf my mail location is below mail_location=maildir:~/Maildir:INBOX=~/Maildir/:INDEX=~/Maildir/tmp/index My problem is that when I enable lmtp, dovecot creates a new maildir at /home/vmail/user at domain.com and delivers the email there in a Maildir instead of using the default one at /home/vmail/username I researched it but I just can't seem to figure out why this is. I would really appreciate any help on this. Thanks in advance. From aki.tuomi at dovecot.fi Sun Nov 13 07:19:58 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Sun, 13 Nov 2016 09:19:58 +0200 (EET) Subject: Dovecot lmtp In-Reply-To: References: Message-ID: <773462081.1688.1479021599374@appsuite-dev.open-xchange.com> > On November 12, 2016 at 8:08 PM Peter Fraser wrote: > > > Hi All > I am migrating from dovecot-1.x where I had LDA running > to dovecot2-2.2.26.0_1 where I am trying to set up LMTP. I have enabled a > TCP/IP socket .Setting below. > service lmtp { > inet_listener lmtp { > address = 127.0.0.1 > port = 24 > } > } > > and put this additional entry in postfix > virtual_transport = lmtp:127.0.0.1:24 > > in 10-mail.conf my mail location is below > mail_location=maildir:~/Maildir:INBOX=~/Maildir/:INDEX=~/Maildir/tmp/index > > My problem is that when I enable lmtp, dovecot creates a new maildir at > /home/vmail/user at domain.com and delivers the email there in a Maildir > instead of using the default one at /home/vmail/username > > I researched it but I just can't seem to figure out why this is. I would > really appreciate any help on this. Thanks in advance. You probably have something like mail_home=/home/vmail/%u change that to mail_home=/home/vmail/%Ln # (lowercase username) you can verify this with doveadm user username at domain.com Aki From goetz.reinicke at filmakademie.de Sun Nov 13 15:48:30 2016 From: goetz.reinicke at filmakademie.de (=?utf-8?Q?G=C3=B6tz_Reinicke?=) Date: Sun, 13 Nov 2016 16:48:30 +0100 Subject: help needed configuration of quota warning mails Message-ID: <2D92AA35-EB97-40EC-99BD-EFF51841B82A@filmakademie.de> Hi, we run dovecot 2.2.24 and from what I see, quota management with warning message is configured currently with "noenforcing". Our individual quota limit is stored in the users ldap DN which is fetched as I see from the logs and by "doveadm quota get -u" I tried to trigger the warning mail by going over the limit on my account step by step and can see that values are counted with the command above and in thunderbird by showing the orange and than red warning symbol at the bottom for me. But the warning mail script is not triggert. How may I debug this? /usr/local/bin/quota-warning.sh is owned currently by vmail and executable by vmail. Thanks for feedback and suggestion . /G?tz From andrew.mcglashan at affinityvision.com.au Sun Nov 13 16:03:38 2016 From: andrew.mcglashan at affinityvision.com.au (Andrew McGlashan) Date: Mon, 14 Nov 2016 03:03:38 +1100 Subject: Self-Signed Certificate issue In-Reply-To: References: Message-ID: <98a07e1e-4d14-4364-3048-c734b2ec0511@affinityvision.com.au> On 24/09/16 03:07, Darryl Baker wrote: > I am running a small email site which I am moving from uw-imapd and Solaris > to Ubuntu and Dovecot imaps and pop3s. I am trying to use a self-signed > certificate for this site. I am using Thunderbird as the test client. I've > tried both the pre-built snakeoil certificate and building a special one > for dovecot. In /var/log/mail.err I keep getting what I am interpreting as > a missing CA cert. The message is: Why? You can get a "proper" certificate with Letsencrypt and never have to worry about all the issues with self-signed certificates ever again! Kind Regards AndrewM -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 213 bytes Desc: OpenPGP digital signature URL: From apoikos at debian.org Sun Nov 13 18:04:27 2016 From: apoikos at debian.org (Apollon Oikonomopoulos) Date: Sun, 13 Nov 2016 20:04:27 +0200 Subject: [PATCH] Manually cleanup OpenSSL from dovecot_openssl_common_global_unref() Message-ID: <20161113180427.30426-1-apoikos@debian.org> OpenSSL 1.1 features a cleanup function that is automatically run on shutdown using atexit(3). This function frees all OpenSSL-allocated resources. In dovecot, OpenSSL is loaded indirectly using dlopen(3) against the relevant dovecot crypto module and is finally unloaded using dlclose(3). Until OpenSSL 1.0.1c this worked fine, however OpenSSL 1.0.1c makes sure[1] that the library stays loaded after the initial dlclose() so that the atexit(3) handlers can run on shutdown. This, together with the fact that dovecot uses custom allocation functions for OpenSSL and has already partially free()'d some of OpenSSL's resources in module_free(), leads to a segfault at process shutdown[2]. We fix this by explicitly calling OPENSSL_cleanup() during module unload. This is safe to do, as long as we will never want to subsequently re-initialize OpenSSL. [1] https://github.com/openssl/openssl/commit/4af9f7fe79ff82b90c16969b7e5871435056377b [2] https://buildd.debian.org/status/fetch.php?pkg=dovecot&arch=amd64&ver=1:2.2.26.0-2&stamp=1478873022 Signed-off-by: Apollon Oikonomopoulos --- src/lib-ssl-iostream/dovecot-openssl-common.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/lib-ssl-iostream/dovecot-openssl-common.c b/src/lib-ssl-iostream/dovecot-openssl-common.c index 51ea3ad..2bf6307 100644 --- a/src/lib-ssl-iostream/dovecot-openssl-common.c +++ b/src/lib-ssl-iostream/dovecot-openssl-common.c @@ -101,6 +101,9 @@ bool dovecot_openssl_common_global_unref(void) ERR_remove_thread_state(NULL); #endif ERR_free_strings(); +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + OPENSSL_cleanup(); +#endif return FALSE; } -- 2.10.1 From eggert.ehmke at ftv-spandau.de Mon Nov 14 14:13:51 2016 From: eggert.ehmke at ftv-spandau.de (Eggert Ehmke FTV Spandau) Date: Mon, 14 Nov 2016 15:13:51 +0100 Subject: save failed to open mailbox quarantine Message-ID: <8827129.efaehSnvls@wookie> I have dovecot 2.2.13 set up with spamassassin and amavis. This works fine so far, Spam emails are forwarded to "username+Quarantine at mydomain.de". The recipient_delimiter=+ is set, the Quarantine folder exists. However, Dovecot tries to deliver it to a folder quarantine, that does not exist. In the dovecot-deliver.log there are these lines: Nov 14 14:16:13 lda(username at mydomain.de): Info: msgid=<2707212.2aHC3KDWrN at wookie>: save failed to open mailbox quarantine: Mailbox doesn't exist: quarantine Nov 14 14:16:13 lda(username at mydomain.de): Info: msgid=<2707212.2aHC3KDWrN at xxxxxx>: saved mail to INBOX Indeed the message is found in the inbox. What can be done so the folder name is not converted to lower case? From skdovecot at smail.inf.fh-brs.de Mon Nov 14 14:20:40 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Mon, 14 Nov 2016 15:20:40 +0100 (CET) Subject: save failed to open mailbox quarantine In-Reply-To: <8827129.efaehSnvls@wookie> References: <8827129.efaehSnvls@wookie> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 14 Nov 2016, Eggert Ehmke FTV Spandau wrote: > I have dovecot 2.2.13 set up with spamassassin and amavis. This works fine so > far, Spam emails are forwarded to "username+Quarantine at mydomain.de". The > recipient_delimiter=+ is set, the Quarantine folder exists. However, Dovecot > tries to deliver it to a folder quarantine, that does not exist. In the > dovecot-deliver.log there are these lines: > > Nov 14 14:16:13 lda(username at mydomain.de): Info: > msgid=<2707212.2aHC3KDWrN at wookie>: save failed to open mailbox quarantine: > Mailbox doesn't exist: quarantine > Nov 14 14:16:13 lda(username at mydomain.de): Info: > msgid=<2707212.2aHC3KDWrN at xxxxxx>: saved mail to INBOX > > Indeed the message is found in the inbox. What can be done so the folder name > is not converted to lower case? which MTA you are using? sendmail? By default sendmail lowercases the local part, see mailer flags "u". - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBWCnIOHz1H7kL/d9rAQKlvQgArwppNSObhjo/hHr9WHkkda4QhBy5LsFk 6uneZUSWwuW97qou9pE8rANJJLk2AhofZx8WSFAmQXc8I8YNcGlbMOCeloeiSV3m ybzTb3Ldc2phhDTHTth2r2kSEj6U81u3T1upweyEFD16AD51ELuqUaFar8feg0aI kSESms6LyJXrkYQ90N2cwX4v+xiVLTbpzCJs46NMRpzTSYfl3y1YuG4I/vY6ZQ6e m9iKDijCRxczPjKMBPz70VkV/sKuRVntulNxf44caqvgW2RKVYIq1gyPAEvRwepy 3AYRj4S19cE6TyIzIWGnNiNDI5ZCc1Q8hFa6X0ns96AZtBLUPvJ88Q== =hnlt -----END PGP SIGNATURE----- From eggert.ehmke at ftv-spandau.de Mon Nov 14 14:23:24 2016 From: eggert.ehmke at ftv-spandau.de (Eggert Ehmke FTV Spandau) Date: Mon, 14 Nov 2016 15:23:24 +0100 Subject: save failed to open mailbox quarantine In-Reply-To: References: <8827129.efaehSnvls@wookie> Message-ID: <6109735.RJdIh0Nsrx@wookie> I use postfix. The folder name is still uppercase when forwarded to dovecot, as can be seen in /var/log/mail.log. Am Montag, 14. November 2016, 15:20:40 schrieb Steffen Kaiser: > - gpg control packet > > On Mon, 14 Nov 2016, Eggert Ehmke FTV Spandau wrote: > > I have dovecot 2.2.13 set up with spamassassin and amavis. This works fine > > so far, Spam emails are forwarded to "username+Quarantine at mydomain.de". > > The recipient_delimiter=+ is set, the Quarantine folder exists. However, > > Dovecot tries to deliver it to a folder quarantine, that does not exist. > > In the dovecot-deliver.log there are these lines: > > > > Nov 14 14:16:13 lda(username at mydomain.de): Info: > > msgid=<2707212.2aHC3KDWrN at wookie>: save failed to open mailbox quarantine: > > Mailbox doesn't exist: quarantine > > Nov 14 14:16:13 lda(username at mydomain.de): Info: > > msgid=<2707212.2aHC3KDWrN at xxxxxx>: saved mail to INBOX > > > > Indeed the message is found in the inbox. What can be done so the folder > > name is not converted to lower case? > > which MTA you are using? sendmail? > > By default sendmail lowercases the local part, see mailer flags "u". > > -- > Steffen Kaiser From skdovecot at smail.inf.fh-brs.de Mon Nov 14 14:26:54 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Mon, 14 Nov 2016 15:26:54 +0100 (CET) Subject: save failed to open mailbox quarantine In-Reply-To: <6109735.RJdIh0Nsrx@wookie> References: <8827129.efaehSnvls@wookie> <6109735.RJdIh0Nsrx@wookie> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 14 Nov 2016, Eggert Ehmke FTV Spandau wrote: > I use postfix. The folder name is still uppercase when forwarded to dovecot, as > can be seen in /var/log/mail.log. post your config, do you use %Ln or %Lu to lower-case the username somewhere in passdb? > > Am Montag, 14. November 2016, 15:20:40 schrieb Steffen Kaiser: >> - gpg control packet >> >> On Mon, 14 Nov 2016, Eggert Ehmke FTV Spandau wrote: >>> I have dovecot 2.2.13 set up with spamassassin and amavis. This works fine >>> so far, Spam emails are forwarded to "username+Quarantine at mydomain.de". >>> The recipient_delimiter=+ is set, the Quarantine folder exists. However, >>> Dovecot tries to deliver it to a folder quarantine, that does not exist. >>> In the dovecot-deliver.log there are these lines: >>> >>> Nov 14 14:16:13 lda(username at mydomain.de): Info: >>> msgid=<2707212.2aHC3KDWrN at wookie>: save failed to open mailbox quarantine: >>> Mailbox doesn't exist: quarantine >>> Nov 14 14:16:13 lda(username at mydomain.de): Info: >>> msgid=<2707212.2aHC3KDWrN at xxxxxx>: saved mail to INBOX >>> >>> Indeed the message is found in the inbox. What can be done so the folder >>> name is not converted to lower case? >> >> which MTA you are using? sendmail? >> >> By default sendmail lowercases the local part, see mailer flags "u". >> >> -- >> Steffen Kaiser > - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBWCnJrnz1H7kL/d9rAQLmlAf/X7xBDthPzpOLBgSt7U+NbZYvic7F3O0E +/+BGaLUnh6t3MEv9jXpjeFWzCjFEyTslroXf6rr6yaji0mjCuB5c0Pf9XbK8nLl sW8GBWPdXPaRW0kDAXlhW/JhxrQ3Ms6e0XIG6m05xvHB5UkXwu0W4kg9uul+ODxO 5mtUUrQxP9aB0fSFEpe3Abt4uzFApNxqcOd56dxGfma5RQrDfy+Sj8Gh+JwF7PGi JeMVtXp2BKJTuvym3ZEhM8UIwEp09z585wUbbyYx80k7Ma0iKZY1gzUn2mlKwp73 bGLXoVUTxsW63uDmCS0B96meSxlP/U5wLmeKcUXPclHVfBR1F5QBZQ== =5aLy -----END PGP SIGNATURE----- From eggert.ehmke at ftv-spandau.de Mon Nov 14 14:44:45 2016 From: eggert.ehmke at ftv-spandau.de (Eggert Ehmke FTV Spandau) Date: Mon, 14 Nov 2016 15:44:45 +0100 Subject: save failed to open mailbox quarantine In-Reply-To: References: <8827129.efaehSnvls@wookie> <6109735.RJdIh0Nsrx@wookie> Message-ID: <8018089.E1ldErKEMt@wookie> See attached. Am Montag, 14. November 2016, 15:26:54 schrieben Sie: > - gpg control packet > > On Mon, 14 Nov 2016, Eggert Ehmke FTV Spandau wrote: > > I use postfix. The folder name is still uppercase when forwarded to > > dovecot, as can be seen in /var/log/mail.log. > > post your config, do you use %Ln or %Lu to lower-case the username > somewhere in passdb? > > > Am Montag, 14. November 2016, 15:20:40 schrieb Steffen Kaiser: > >> - gpg control packet > >> > >> On Mon, 14 Nov 2016, Eggert Ehmke FTV Spandau wrote: > >>> I have dovecot 2.2.13 set up with spamassassin and amavis. This works > >>> fine > >>> so far, Spam emails are forwarded to "username+Quarantine at mydomain.de". > >>> The recipient_delimiter=+ is set, the Quarantine folder exists. However, > >>> Dovecot tries to deliver it to a folder quarantine, that does not exist. > >>> In the dovecot-deliver.log there are these lines: > >>> > >>> Nov 14 14:16:13 lda(username at mydomain.de): Info: > >>> msgid=<2707212.2aHC3KDWrN at wookie>: save failed to open mailbox > >>> quarantine: > >>> Mailbox doesn't exist: quarantine > >>> Nov 14 14:16:13 lda(username at mydomain.de): Info: > >>> msgid=<2707212.2aHC3KDWrN at xxxxxx>: saved mail to INBOX > >>> > >>> Indeed the message is found in the inbox. What can be done so the folder > >>> name is not converted to lower case? > >> > >> which MTA you are using? sendmail? > >> > >> By default sendmail lowercases the local part, see mailer flags "u". > >> > >> -- > >> Steffen Kaiser > > -- > Steffen Kaiser -------------- next part -------------- # 2.2.13: /etc/dovecot/dovecot.conf # OS: Linux 3.16.0-4-amd64 x86_64 Debian 8.6 auth_verbose_passwords = plain base_dir = /var/run/dovecot/ debug_log_path = /var/log/dovecot.log info_log_path = /var/log/dovecot.log log_path = /var/log/dovecot.err mail_access_groups = 5000 mail_gid = 5000 mail_home = /var/mail/vhosts/%d/%u mail_location = maildir:~/Maildir mail_privileged_group = 5000 mail_uid = 5000 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave editheader namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_group_events = yes recipient_delimiter = + sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = +editheader sieve_max_redirects = 32 } protocols = " imap sieve" service auth { unix_listener /var/spool/postfix/private/auth { group = vmail mode = 0666 user = vmail } unix_listener auth-userdb { group = vmail mode = 0660 user = vmail } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } } service managesieve-login { inet_listener sieve { port = 4190 } } ssl = required ssl_ca = /etc/getssl/keys/chain.crt ssl_cert = Can anyone share the proper config to get wrappers working in dovecot on FreeBSD? The dovecot examples do not seem to work, and I thought perhaps FBSD needs slightly different configs. I've compiled with: -DHAVE_LIBWRAP which I presume is the first step. The example for dovecot.conf in uncommenting: login_access_sockets = tcpwrap merely causes a log error of "imap-login: Error: connect(tcpwrap) failed: No such file or directory" Suggestions/Direction much appreciated. From larryrtx at gmail.com Mon Nov 14 17:50:13 2016 From: larryrtx at gmail.com (Larry Rosenman) Date: Mon, 14 Nov 2016 11:50:13 -0600 Subject: dovecot / tcp-wrappers / FBSD 10.3 In-Reply-To: <2ee9fd50-a1dc-e143-5a87-8c9c980850d3@paz.bz> References: <2ee9fd50-a1dc-e143-5a87-8c9c980850d3@paz.bz> Message-ID: # Space separated list of login access check sockets (e.g. tcpwrap) #login_access_sockets = login_access_sockets = tcpwrap service tcpwrap { unix_listener login/tcpwrap { group = $default_login_user mode = 0600 user = $default_login_user } } I believe that's all. I had placed it all in /usr/local/etc/dovecot/dovecot.conf. On Mon, Nov 14, 2016 at 11:45 AM, Jim Pazarena wrote: > Can anyone share the proper config to get wrappers working in dovecot on > FreeBSD? > > The dovecot examples do not seem to work, and I thought perhaps FBSD needs > slightly different configs. > > I've compiled with: -DHAVE_LIBWRAP > > which I presume is the first step. > > The example for dovecot.conf in uncommenting: > > login_access_sockets = tcpwrap > > merely causes a log error of "imap-login: Error: connect(tcpwrap) failed: > No such file or directory" > > > Suggestions/Direction much appreciated. > -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From sca at andreasschulze.de Mon Nov 14 21:01:32 2016 From: sca at andreasschulze.de (A. Schulze) Date: Mon, 14 Nov 2016 22:01:32 +0100 Subject: dovecot / tcp-wrappers / FBSD 10.3 In-Reply-To: References: <2ee9fd50-a1dc-e143-5a87-8c9c980850d3@paz.bz> Message-ID: <54fb27c3-1edf-0c13-2ff1-934cee006d28@andreasschulze.de> Am 14.11.2016 um 18:50 schrieb Larry Rosenman: > # Space separated list of login access check sockets (e.g. tcpwrap) > #login_access_sockets = > login_access_sockets = tcpwrap > > service tcpwrap { > unix_listener login/tcpwrap { > group = $default_login_user > mode = 0600 > user = $default_login_user > } > } > > > I believe that's all. I had placed it all in > /usr/local/etc/dovecot/dovecot.conf. for the record: the wiki doesn't mention the obvious part: configuring access rules. dovecot configured like mentioned on http://wiki2.dovecot.org/LoginProcess#TCP_wrappers_support look into /etc/hosts.allow and /etc/hosts.deny. that allow two use cases: 1. allow any client but deny a specific one 2. deny all clients and allow only specific one 1. $ cat /etc/hosts.deny # deny 192.0.2.143 to use imap service, deny 192.0.2.110 to use pop3 service imap: 192.0.2.143 pop3: 192.0.2.110 2. $ cat /etc/hosts.deny # deny imap access at all imap: * $ cat /etc/hosts.allow # allow imap access for that client imap: 192.0.2.143 the format is described in "man 5 hosts.allow" + "man 5 hosts.deny" Andreas From ben at indietorrent.org Mon Nov 14 22:43:56 2016 From: ben at indietorrent.org (Ben Johnson) Date: Mon, 14 Nov 2016 17:43:56 -0500 Subject: How does one mark all messages as read (imap4flag "seen") with sieve? In-Reply-To: <1e66237a-5250-43d1-d875-606a9cd8a3d1@KnoxvilleChristian.org> References: <42dc9a57-9f93-370b-a599-2c870ff26b4e@indietorrent.org> <4714c8bb-5c9d-7818-51d1-405bb951bfb9@indietorrent.org> <72ac5cad-5aa5-bf1e-3f1f-6e30c2cf8ca9@indietorrent.org> <1e66237a-5250-43d1-d875-606a9cd8a3d1@KnoxvilleChristian.org> Message-ID: <3a2def24-7bbd-8008-3a3d-a622e1a04479@indietorrent.org> On 11/11/2016 12:52 PM, Bill Shirley wrote: > This one is for vmail which is attached. > > Bill > > Thanks a lot for sharing this, Bill! I appreciate it! -Ben From sca at andreasschulze.de Mon Nov 14 23:00:22 2016 From: sca at andreasschulze.de (A. Schulze) Date: Tue, 15 Nov 2016 00:00:22 +0100 Subject: [PATCH] Manually cleanup OpenSSL from dovecot_openssl_common_global_unref() In-Reply-To: <20161113180427.30426-1-apoikos@debian.org> References: <20161113180427.30426-1-apoikos@debian.org> Message-ID: Am 13.11.2016 um 19:04 schrieb Apollon Oikonomopoulos: > OpenSSL 1.1 features a cleanup function that is automatically run on shutdown > using atexit(3). This function frees all OpenSSL-allocated resources. > > In dovecot, OpenSSL is loaded indirectly using dlopen(3) against the relevant > dovecot crypto module and is finally unloaded using dlclose(3). Until > OpenSSL 1.0.1c this worked fine, however OpenSSL 1.0.1c makes sure[1] that the > library stays loaded after the initial dlclose() so that the atexit(3) > handlers can run on shutdown. This, together with the fact that dovecot > uses custom allocation functions for OpenSSL and has already partially > free()'d some of OpenSSL's resources in module_free(), leads to a > segfault at process shutdown[2]. > > We fix this by explicitly calling OPENSSL_cleanup() during module unload. This > is safe to do, as long as we will never want to subsequently re-initialize > OpenSSL. > > [1] https://github.com/openssl/openssl/commit/4af9f7fe79ff82b90c16969b7e5871435056377b > [2] https://buildd.debian.org/status/fetch.php?pkg=dovecot&arch=amd64&ver=1:2.2.26.0-2&stamp=1478873022 > > Signed-off-by: Apollon Oikonomopoulos > --- > src/lib-ssl-iostream/dovecot-openssl-common.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/src/lib-ssl-iostream/dovecot-openssl-common.c b/src/lib-ssl-iostream/dovecot-openssl-common.c > index 51ea3ad..2bf6307 100644 > --- a/src/lib-ssl-iostream/dovecot-openssl-common.c > +++ b/src/lib-ssl-iostream/dovecot-openssl-common.c > @@ -101,6 +101,9 @@ bool dovecot_openssl_common_global_unref(void) > ERR_remove_thread_state(NULL); > #endif > ERR_free_strings(); > +#if OPENSSL_VERSION_NUMBER >= 0x10100000L > + OPENSSL_cleanup(); > +#endif > return FALSE; > } > I could at least confirm the observation (segfault on build) and the fix solve it as promised. Andreas From eggert.ehmke at ftv-spandau.de Mon Nov 14 23:11:31 2016 From: eggert.ehmke at ftv-spandau.de (Eggert Ehmke FTV Spandau) Date: Tue, 15 Nov 2016 00:11:31 +0100 Subject: save failed to open mailbox quarantine In-Reply-To: <8018089.E1ldErKEMt@wookie> References: <8827129.efaehSnvls@wookie> <8018089.E1ldErKEMt@wookie> Message-ID: <1966479.F1tQUiqLmk@wookie> I got it running. There was a missing spam-global.sieve rule in my main folder. Problem solved. Thanks Am Montag, 14. November 2016, 15:44:45 schrieb Eggert Ehmke FTV Spandau: > See attached. > > Am Montag, 14. November 2016, 15:26:54 schrieben Sie: > > - gpg control packet > > > > On Mon, 14 Nov 2016, Eggert Ehmke FTV Spandau wrote: > > > I use postfix. The folder name is still uppercase when forwarded to > > > dovecot, as can be seen in /var/log/mail.log. > > > > post your config, do you use %Ln or %Lu to lower-case the username > > somewhere in passdb? > > > > > Am Montag, 14. November 2016, 15:20:40 schrieb Steffen Kaiser: > > >> - gpg control packet > > >> > > >> On Mon, 14 Nov 2016, Eggert Ehmke FTV Spandau wrote: > > >>> I have dovecot 2.2.13 set up with spamassassin and amavis. This works > > >>> fine > > >>> so far, Spam emails are forwarded to > > >>> "username+Quarantine at mydomain.de". > > >>> The recipient_delimiter=+ is set, the Quarantine folder exists. > > >>> However, > > >>> Dovecot tries to deliver it to a folder quarantine, that does not > > >>> exist. > > >>> In the dovecot-deliver.log there are these lines: > > >>> > > >>> Nov 14 14:16:13 lda(username at mydomain.de): Info: > > >>> msgid=<2707212.2aHC3KDWrN at wookie>: save failed to open mailbox > > >>> quarantine: > > >>> Mailbox doesn't exist: quarantine > > >>> Nov 14 14:16:13 lda(username at mydomain.de): Info: > > >>> msgid=<2707212.2aHC3KDWrN at xxxxxx>: saved mail to INBOX > > >>> > > >>> Indeed the message is found in the inbox. What can be done so the > > >>> folder > > >>> name is not converted to lower case? > > >> > > >> which MTA you are using? sendmail? > > >> > > >> By default sendmail lowercases the local part, see mailer flags "u". > > >> > > >> -- > > >> Steffen Kaiser > > > > -- > > Steffen Kaiser From michael at michaelmarley.com Tue Nov 15 11:27:51 2016 From: michael at michaelmarley.com (Michael Marley) Date: Tue, 15 Nov 2016 06:27:51 -0500 Subject: Crashing when run against OpenSSL 1.1.0c Message-ID: Hi, I am running Dovecot 2.2.26.0 compiled against OpenSSL 1.1 and, since upgrading to OpenSSL 1.1.0c, the "lmtp" process has been crashing with SIGSEGV whenever it receives SIGINT. This always happens a minute or so after the lmtp process handles a message. It can also be manually reproduced by sending SIGINT to one of the running lmtp processes. I am compiling and running on an Ubuntu 17.04 x86_64 system using GCC 6.2. Here is the output of me reproducing it with gdb: (gdb) signal SIGINT Continuing with signal SIGINT. Program received signal SIGSEGV, Segmentation fault. 0x00007f6748cc2fb0 in ?? () (gdb) bt #0 0x00007f6748cc2fb0 in ?? () #1 0x00007f674872ac60 in ossl_init_thread_stop (locals=) at crypto/init.c:336 #2 0x00007f674872aee4 in OPENSSL_cleanup () at crypto/init.c:391 #3 0x00007f67491052e0 in __run_exit_handlers (status=0, listp=0x7f674948c5d8 <__exit_funcs>, run_list_atexit=run_list_atexit at entry=true, run_dtors=run_dtors at entry=true) at exit.c:83 #4 0x00007f674910533a in __GI_exit (status=) at exit.c:105 #5 0x00007f67490eb3f8 in __libc_start_main (main=0x555b35fbfbc0
, argc=1, argv=0x7ffd4ede3588, init=, fini=, rtld_fini=, stack_end=0x7ffd4ede3578) at ../csu/libc-start.c:325 #6 0x0000555b35fbfe3a in _start () Here is the output of "doveconf -n": # 2.2.26.0 (23d1de6): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.devel (623ae77) # OS: Linux 4.8.7-040807-generic x86_64 Ubuntu Zesty Zapus (development branch) auth_mechanisms = plain login auth_username_format = %Ln mail_location = mdbox:~/mdbox mailbox_list_index = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } plugin { sieve = file:~/sieve;active=~/.dovecot.sieve } postmaster_address = michael at michaelmarley.com protocols = imap sieve lmtp service auth { client_limit = 1624 unix_listener /var/spool/postfix/private/dovecot-auth { group = postfix mode = 0660 user = postfix } } service imap-login { inet_listener imaps { port = 0 } } service lmtp { process_min_avail = 5 unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } ssl = required ssl_ca = ) at crypto/init.c:336 #2 0x00007ffff6ff7ee4 in OPENSSL_cleanup () at crypto/init.c:391 #3 0x00007ffff78472e0 in ?? () from /lib/x86_64-linux-gnu/libc.so.6 #4 0x00007ffff784733a in exit () from /lib/x86_64-linux-gnu/libc.so.6 #5 0x00007ffff782d3f8 in __libc_start_main () from /lib/x86_64-linux-gnu/libc.so.6 #6 0x000055555555f68a in _start () If there is anything I have missed or if there is any other way I can help, please let me know. Thanks, Michael Marley From aki.tuomi at dovecot.fi Tue Nov 15 11:43:53 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Tue, 15 Nov 2016 13:43:53 +0200 Subject: Crashing when run against OpenSSL 1.1.0c In-Reply-To: References: Message-ID: On 15.11.2016 13:27, Michael Marley wrote: > Hi, > > I am running Dovecot 2.2.26.0 compiled against OpenSSL 1.1 and, since > upgrading to OpenSSL 1.1.0c, the "lmtp" process has been crashing with > SIGSEGV whenever it receives SIGINT. This always happens a minute or so > after the lmtp process handles a message. It can also be manually > reproduced by sending SIGINT to one of the running lmtp processes. > > I am compiling and running on an Ubuntu 17.04 x86_64 system using GCC 6.2. > > Here is the output of me reproducing it with gdb: > > (gdb) signal SIGINT > Continuing with signal SIGINT. > > Program received signal SIGSEGV, Segmentation fault. > 0x00007f6748cc2fb0 in ?? () > (gdb) bt > #0 0x00007f6748cc2fb0 in ?? () > #1 0x00007f674872ac60 in ossl_init_thread_stop (locals=) > at crypto/init.c:336 > #2 0x00007f674872aee4 in OPENSSL_cleanup () at crypto/init.c:391 > #3 0x00007f67491052e0 in __run_exit_handlers (status=0, > listp=0x7f674948c5d8 <__exit_funcs>, > run_list_atexit=run_list_atexit at entry=true, > run_dtors=run_dtors at entry=true) at exit.c:83 > #4 0x00007f674910533a in __GI_exit (status=) at exit.c:105 > #5 0x00007f67490eb3f8 in __libc_start_main (main=0x555b35fbfbc0
, > argc=1, argv=0x7ffd4ede3588, init=, > fini=, rtld_fini=, > stack_end=0x7ffd4ede3578) at ../csu/libc-start.c:325 > #6 0x0000555b35fbfe3a in _start () > > Here is the output of "doveconf -n": > > # 2.2.26.0 (23d1de6): /etc/dovecot/dovecot.conf > # Pigeonhole version 0.4.devel (623ae77) > # OS: Linux 4.8.7-040807-generic x86_64 Ubuntu Zesty Zapus (development > branch) > auth_mechanisms = plain login > auth_username_format = %Ln > mail_location = mdbox:~/mdbox > mailbox_list_index = yes > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope > encoded-character vacation subaddress comparator-i;ascii-numeric > relational regex imap4flags copy include variables body enotify > environment mailbox date index ihave duplicate mime foreverypart extracttext > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = > } > passdb { > driver = pam > } > plugin { > sieve = file:~/sieve;active=~/.dovecot.sieve > } > postmaster_address = michael at michaelmarley.com > protocols = imap sieve lmtp > service auth { > client_limit = 1624 > unix_listener /var/spool/postfix/private/dovecot-auth { > group = postfix > mode = 0660 > user = postfix > } > } > service imap-login { > inet_listener imaps { > port = 0 > } > } > service lmtp { > process_min_avail = 5 > unix_listener /var/spool/postfix/private/dovecot-lmtp { > group = postfix > mode = 0600 > user = postfix > } > } > ssl = required > ssl_ca = ssl_cert = ssl_cipher_list = HIGH !RC4 !aNULL !eNULL !3DES @STRENGTH > ssl_dh_parameters_length = 4096 > ssl_key = # hidden, use -P to show it > ssl_protocols = !SSLv3 > userdb { > driver = passwd > } > protocol lmtp { > mail_plugins = " sieve" > } > protocol lda { > mail_plugins = " sieve" > } > local_name matthewtmarley.com { > ssl_ca = ssl_cert = ssl_key = # hidden, use -P to show it > } > > I tried recompiling Dovecot to see if that might do any good, but I got > the same result. Also, I noticed that the "test-crypto" test in > src/lib-dcrypt also crashes on exit (despite the fact that all the tests > succeeded) with a very similar stacktrace: > > (gdb) run > Starting program: > /home/michael/Source/dovecot/core/src/lib-dcrypt/test-crypto > [Thread debugging using libthread_db enabled] > Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". > test_cipher_test_vectors ............................................. : ok > test_cipher_aead_test_vectors ........................................ : ok > test_hmac_test_vectors ............................................... : ok > test_load_v1_keys .................................................... : ok > test_load_v1_key ..................................................... : ok > test_load_v1_public_key .............................................. : ok > test_load_v2_key ..................................................... : ok > test_load_v2_public_key .............................................. : ok > test_get_info_v2_key ................................................. : ok > test_gen_and_get_info_rsa_pem ........................................ : ok > test_get_info_rsa_private_key ........................................ : ok > test_get_info_invalid_keys ........................................... : ok > test_get_info_key_encrypted .......................................... : ok > test_get_info_pw_encrypted ........................................... : ok > test_password_change ................................................. : ok > test_load_invalid_keys ............................................... : ok > 0 / 16 tests failed > > Program received signal SIGSEGV, Segmentation fault. > 0x00007ffff75a5480 in ?? () > (gdb) bt > #0 0x00007ffff75a5480 in ?? () > #1 0x00007ffff6ff7c60 in ossl_init_thread_stop (locals=) > at crypto/init.c:336 > #2 0x00007ffff6ff7ee4 in OPENSSL_cleanup () at crypto/init.c:391 > #3 0x00007ffff78472e0 in ?? () from /lib/x86_64-linux-gnu/libc.so.6 > #4 0x00007ffff784733a in exit () from /lib/x86_64-linux-gnu/libc.so.6 > #5 0x00007ffff782d3f8 in __libc_start_main () from > /lib/x86_64-linux-gnu/libc.so.6 > #6 0x000055555555f68a in _start () > > If there is anything I have missed or if there is any other way I can > help, please let me know. > > Thanks, > > Michael Marley Hi! This is a known problem, and we have received patch for it which we are reviewing. At the moment Dovecot is not officially compatible with OpenSSL 1.1.0. Aki From aki.tuomi at dovecot.fi Tue Nov 15 11:46:05 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Tue, 15 Nov 2016 13:46:05 +0200 Subject: [PATCH] Manually cleanup OpenSSL from dovecot_openssl_common_global_unref() In-Reply-To: <20161113180427.30426-1-apoikos@debian.org> References: <20161113180427.30426-1-apoikos@debian.org> Message-ID: <9be10da9-e08e-8d53-270c-66dee761402f@dovecot.fi> On 13.11.2016 20:04, Apollon Oikonomopoulos wrote: > OpenSSL 1.1 features a cleanup function that is automatically run on shutdown > using atexit(3). This function frees all OpenSSL-allocated resources. > > In dovecot, OpenSSL is loaded indirectly using dlopen(3) against the relevant > dovecot crypto module and is finally unloaded using dlclose(3). Until > OpenSSL 1.0.1c this worked fine, however OpenSSL 1.0.1c makes sure[1] that the > library stays loaded after the initial dlclose() so that the atexit(3) > handlers can run on shutdown. This, together with the fact that dovecot > uses custom allocation functions for OpenSSL and has already partially > free()'d some of OpenSSL's resources in module_free(), leads to a > segfault at process shutdown[2]. > > We fix this by explicitly calling OPENSSL_cleanup() during module unload. This > is safe to do, as long as we will never want to subsequently re-initialize > OpenSSL. > > [1] https://github.com/openssl/openssl/commit/4af9f7fe79ff82b90c16969b7e5871435056377b > [2] https://buildd.debian.org/status/fetch.php?pkg=dovecot&arch=amd64&ver=1:2.2.26.0-2&stamp=1478873022 > > Signed-off-by: Apollon Oikonomopoulos > --- > src/lib-ssl-iostream/dovecot-openssl-common.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/src/lib-ssl-iostream/dovecot-openssl-common.c b/src/lib-ssl-iostream/dovecot-openssl-common.c > index 51ea3ad..2bf6307 100644 > --- a/src/lib-ssl-iostream/dovecot-openssl-common.c > +++ b/src/lib-ssl-iostream/dovecot-openssl-common.c > @@ -101,6 +101,9 @@ bool dovecot_openssl_common_global_unref(void) > ERR_remove_thread_state(NULL); > #endif > ERR_free_strings(); > +#if OPENSSL_VERSION_NUMBER >= 0x10100000L > + OPENSSL_cleanup(); > +#endif > return FALSE; > } > Hi! Your patch is being reviewed. Aki From apoikos at debian.org Tue Nov 15 11:55:44 2016 From: apoikos at debian.org (Apollon Oikonomopoulos) Date: Tue, 15 Nov 2016 12:55:44 +0100 Subject: [PATCH] ssl: fix reference to SSLv2 and disable SSLv3 Message-ID: <20161115115544.28493-1-apoikos@debian.org> This is driven by the fact that OpenSSL 1.1 does not know about SSLv2 at all and dovecot's defaults simply make OpenSSL error out with "Unknown protocol 'SSLv2'"[1]. So we change the defaults to refer to SSLv2 iff OpenSSL seems to know something about it. While at it, it's also a good idea to disable SSLv3 by default as well. [1] https://bugs.debian.org/844347 Signed-off-by: Apollon Oikonomopoulos --- doc/example-config/conf.d/10-ssl.conf | 2 +- src/lib-master/master-service-ssl-settings.c | 6 +++++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/doc/example-config/conf.d/10-ssl.conf b/doc/example-config/conf.d/10-ssl.conf index 31b750c..2cd445b 100644 --- a/doc/example-config/conf.d/10-ssl.conf +++ b/doc/example-config/conf.d/10-ssl.conf @@ -46,7 +46,7 @@ ssl_key = References: <20161115115544.28493-1-apoikos@debian.org> Message-ID: <4d3cb243-2e69-0b32-a219-4b290c2c9de5@dovecot.fi> On 15.11.2016 13:55, Apollon Oikonomopoulos wrote: > This is driven by the fact that OpenSSL 1.1 does not know about SSLv2 at > all and dovecot's defaults simply make OpenSSL error out with "Unknown > protocol 'SSLv2'"[1]. So we change the defaults to refer to SSLv2 iff OpenSSL > seems to know something about it. > > While at it, it's also a good idea to disable SSLv3 by default as well. > > [1] https://bugs.debian.org/844347 > > Signed-off-by: Apollon Oikonomopoulos > --- > doc/example-config/conf.d/10-ssl.conf | 2 +- > src/lib-master/master-service-ssl-settings.c | 6 +++++- > 2 files changed, 6 insertions(+), 2 deletions(-) > > diff --git a/doc/example-config/conf.d/10-ssl.conf b/doc/example-config/conf.d/10-ssl.conf > index 31b750c..2cd445b 100644 > --- a/doc/example-config/conf.d/10-ssl.conf > +++ b/doc/example-config/conf.d/10-ssl.conf > @@ -46,7 +46,7 @@ ssl_key = #ssl_dh_parameters_length = 1024 > > # SSL protocols to use > -#ssl_protocols = !SSLv2 > +#ssl_protocols = !SSLv3 > > # SSL ciphers to use > #ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL > diff --git a/src/lib-master/master-service-ssl-settings.c b/src/lib-master/master-service-ssl-settings.c > index 4a05045..6b43f6c 100644 > --- a/src/lib-master/master-service-ssl-settings.c > +++ b/src/lib-master/master-service-ssl-settings.c > @@ -44,7 +44,11 @@ static const struct master_service_ssl_settings master_service_ssl_default_setti > .ssl_key = "", > .ssl_key_password = "", > .ssl_cipher_list = "ALL:!LOW:!SSLv2:!EXP:!aNULL", > - .ssl_protocols = "!SSLv2", > +#ifdef SSL_TXT_SSLV2 > + .ssl_protocols = "!SSLv2 !SSLv3", > +#else > + .ssl_protocols = "!SSLv3", > +#endif > .ssl_cert_username_field = "commonName", > .ssl_crypto_device = "", > .ssl_verify_client_cert = FALSE, Hi! This patch is also being reviewed. Thank you for your contributions. Aki From adrianp at aageneral.ro Tue Nov 15 17:42:19 2016 From: adrianp at aageneral.ro (Adrian POPA) Date: Tue, 15 Nov 2016 19:42:19 +0200 Subject: Crashing when run against OpenSSL 1.1.0c References: Message-ID: Hi You can't think how glad I am that SSL issues rise again in a new Dovecot version with next Ubuntu release with a new OpenSSL library. Some days ago I have posted something similar about Ubuntu 14.04 - Dovecot 2.2.9 - OpenSSL 1.0 (Dovecot processes turning zombie) but noone cared about. I still think is somehow related to ssl-param process + config + auth + ...whatever (all of them "ignoring idle SIGINT") If Dovecot SSL implementation is so dependant of a certain version of a library (OpenSSL for example) you should consider saving a copy of the "known-good" library version somewhere in Dovecot private space and use it without relaing on generic system upgrades. Don't get me wrong: I love Dovecot as IMAP server and local delivery agent. But public interface is unreliable, authentication too, so for now I am using Dovecot as an isolated server in localhost and attach other public interfaces to it. Even so, delivery agent LDA is still trying to authenticate and complains about null passwords (what?). I have destination addresses that should go to a shared mailbox and that user at domain is never allowed to login. The workaround is to set an "impossible" password for those but this is not a nice solution. LDA should care only about what counts for him (maybe using some defaults) and leave everything else for the "big boys". Sorry for any inconvenience, Adrian POPA ----- Original Message ----- From: "Aki Tuomi" To: Sent: Tuesday, November 15, 2016 1:43 PM Subject: Re: Crashing when run against OpenSSL 1.1.0c > > > On 15.11.2016 13:27, Michael Marley wrote: >> Hi, >> >> I am running Dovecot 2.2.26.0 compiled against OpenSSL 1.1 and, since >> upgrading to OpenSSL 1.1.0c, the "lmtp" process has been crashing with >> SIGSEGV whenever it receives SIGINT. This always happens a minute or so >> after the lmtp process handles a message. It can also be manually >> reproduced by sending SIGINT to one of the running lmtp processes. >> >> I am compiling and running on an Ubuntu 17.04 x86_64 system using GCC >> 6.2. >> >> Here is the output of me reproducing it with gdb: >> >> (gdb) signal SIGINT >> Continuing with signal SIGINT. >> >> Program received signal SIGSEGV, Segmentation fault. >> 0x00007f6748cc2fb0 in ?? () >> (gdb) bt >> #0 0x00007f6748cc2fb0 in ?? () >> #1 0x00007f674872ac60 in ossl_init_thread_stop (locals=) >> at crypto/init.c:336 >> #2 0x00007f674872aee4 in OPENSSL_cleanup () at crypto/init.c:391 >> #3 0x00007f67491052e0 in __run_exit_handlers (status=0, >> listp=0x7f674948c5d8 <__exit_funcs>, >> run_list_atexit=run_list_atexit at entry=true, >> run_dtors=run_dtors at entry=true) at exit.c:83 >> #4 0x00007f674910533a in __GI_exit (status=) at >> exit.c:105 >> #5 0x00007f67490eb3f8 in __libc_start_main (main=0x555b35fbfbc0
, >> argc=1, argv=0x7ffd4ede3588, init=, >> fini=, rtld_fini=, >> stack_end=0x7ffd4ede3578) at ../csu/libc-start.c:325 >> #6 0x0000555b35fbfe3a in _start () >> >> Here is the output of "doveconf -n": >> >> # 2.2.26.0 (23d1de6): /etc/dovecot/dovecot.conf >> # Pigeonhole version 0.4.devel (623ae77) >> # OS: Linux 4.8.7-040807-generic x86_64 Ubuntu Zesty Zapus (development >> branch) >> auth_mechanisms = plain login >> auth_username_format = %Ln >> mail_location = mdbox:~/mdbox >> mailbox_list_index = yes >> managesieve_notify_capability = mailto >> managesieve_sieve_capability = fileinto reject envelope >> encoded-character vacation subaddress comparator-i;ascii-numeric >> relational regex imap4flags copy include variables body enotify >> environment mailbox date index ihave duplicate mime foreverypart >> extracttext >> namespace inbox { >> inbox = yes >> location = >> mailbox Drafts { >> special_use = \Drafts >> } >> mailbox Junk { >> special_use = \Junk >> } >> mailbox Sent { >> special_use = \Sent >> } >> mailbox "Sent Messages" { >> special_use = \Sent >> } >> mailbox Trash { >> special_use = \Trash >> } >> prefix = >> } >> passdb { >> driver = pam >> } >> plugin { >> sieve = file:~/sieve;active=~/.dovecot.sieve >> } >> postmaster_address = michael at michaelmarley.com >> protocols = imap sieve lmtp >> service auth { >> client_limit = 1624 >> unix_listener /var/spool/postfix/private/dovecot-auth { >> group = postfix >> mode = 0660 >> user = postfix >> } >> } >> service imap-login { >> inet_listener imaps { >> port = 0 >> } >> } >> service lmtp { >> process_min_avail = 5 >> unix_listener /var/spool/postfix/private/dovecot-lmtp { >> group = postfix >> mode = 0600 >> user = postfix >> } >> } >> ssl = required >> ssl_ca = > ssl_cert = > ssl_cipher_list = HIGH !RC4 !aNULL !eNULL !3DES @STRENGTH >> ssl_dh_parameters_length = 4096 >> ssl_key = # hidden, use -P to show it >> ssl_protocols = !SSLv3 >> userdb { >> driver = passwd >> } >> protocol lmtp { >> mail_plugins = " sieve" >> } >> protocol lda { >> mail_plugins = " sieve" >> } >> local_name matthewtmarley.com { >> ssl_ca = > ssl_cert = > ssl_key = # hidden, use -P to show it >> } >> >> I tried recompiling Dovecot to see if that might do any good, but I got >> the same result. Also, I noticed that the "test-crypto" test in >> src/lib-dcrypt also crashes on exit (despite the fact that all the tests >> succeeded) with a very similar stacktrace: >> >> (gdb) run >> Starting program: >> /home/michael/Source/dovecot/core/src/lib-dcrypt/test-crypto >> [Thread debugging using libthread_db enabled] >> Using host libthread_db library >> "/lib/x86_64-linux-gnu/libthread_db.so.1". >> test_cipher_test_vectors ............................................. : >> ok >> test_cipher_aead_test_vectors ........................................ : >> ok >> test_hmac_test_vectors ............................................... : >> ok >> test_load_v1_keys .................................................... : >> ok >> test_load_v1_key ..................................................... : >> ok >> test_load_v1_public_key .............................................. : >> ok >> test_load_v2_key ..................................................... : >> ok >> test_load_v2_public_key .............................................. : >> ok >> test_get_info_v2_key ................................................. : >> ok >> test_gen_and_get_info_rsa_pem ........................................ : >> ok >> test_get_info_rsa_private_key ........................................ : >> ok >> test_get_info_invalid_keys ........................................... : >> ok >> test_get_info_key_encrypted .......................................... : >> ok >> test_get_info_pw_encrypted ........................................... : >> ok >> test_password_change ................................................. : >> ok >> test_load_invalid_keys ............................................... : >> ok >> 0 / 16 tests failed >> >> Program received signal SIGSEGV, Segmentation fault. >> 0x00007ffff75a5480 in ?? () >> (gdb) bt >> #0 0x00007ffff75a5480 in ?? () >> #1 0x00007ffff6ff7c60 in ossl_init_thread_stop (locals=) >> at crypto/init.c:336 >> #2 0x00007ffff6ff7ee4 in OPENSSL_cleanup () at crypto/init.c:391 >> #3 0x00007ffff78472e0 in ?? () from /lib/x86_64-linux-gnu/libc.so.6 >> #4 0x00007ffff784733a in exit () from /lib/x86_64-linux-gnu/libc.so.6 >> #5 0x00007ffff782d3f8 in __libc_start_main () from >> /lib/x86_64-linux-gnu/libc.so.6 >> #6 0x000055555555f68a in _start () >> >> If there is anything I have missed or if there is any other way I can >> help, please let me know. >> >> Thanks, >> >> Michael Marley > Hi! > > This is a known problem, and we have received patch for it which we are > reviewing. At the moment Dovecot is not officially compatible with > OpenSSL 1.1.0. > > Aki > From felipe at felipegasper.com Tue Nov 15 18:38:31 2016 From: felipe at felipegasper.com (Felipe Gasper) Date: Tue, 15 Nov 2016 12:38:31 -0600 Subject: lazy-load SNI? In-Reply-To: References: <53A06C06-374F-4267-AED6-41A1F9D57010@felipegasper.com> <201611111122.50791.arekm@maven.pl> Message-ID: > On Nov 11, 2016, at 9:06 AM, Aki Tuomi wrote: > > If you are interested in testing, please find patch attached that allows you to specify > > local_name *.foo.bar { > } > > or > > local_name *.*.foo.bar { > } > Dear Aki et al., How straightforward would it be to implement the following or similar syntax: local_name foo.tld www.foo.tld mail.foo.tld bar.tld { ... } ?? Thank you! -FG From aki.tuomi at dovecot.fi Tue Nov 15 20:15:39 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Tue, 15 Nov 2016 22:15:39 +0200 (EET) Subject: Crashing when run against OpenSSL 1.1.0c In-Reply-To: References: Message-ID: <1873238503.5540.1479240940533@appsuite-dev.open-xchange.com> > On November 15, 2016 at 7:42 PM Adrian POPA wrote: > > > Hi > > You can't think how glad I am that SSL issues rise again in a new Dovecot > version with next Ubuntu release with a new OpenSSL library. > Some days ago I have posted something similar about Ubuntu 14.04 - Dovecot > 2.2.9 - OpenSSL 1.0 (Dovecot processes turning zombie) but noone cared > about. > I still think is somehow related to ssl-param process + config + auth + > ...whatever (all of them "ignoring idle SIGINT") > Well, 2.2.9 is pretty old. It was released almost 4 years ago. > If Dovecot SSL implementation is so dependant of a certain version of a > library (OpenSSL for example) you should consider saving a copy of the > "known-good" library version somewhere in Dovecot private space and use it > without relaing on generic system upgrades. > OpenSSL has breaking API changes between 1.0.0, 1.0.1, 1.0.2 and 1.1.0. > Don't get me wrong: I love Dovecot as IMAP server and local delivery agent. > But public interface is unreliable, authentication too, so for now I am > using Dovecot as an isolated server in localhost and attach other public > interfaces to it. Even so, delivery agent LDA is still trying to > authenticate and complains about null passwords (what?). I have destination > addresses that should go to a shared mailbox and that user at domain is never > allowed to login. The workaround is to set an "impossible" password for > those but this is not a nice solution. LDA should care only about what > counts for him (maybe using some defaults) and leave everything else for the > "big boys". > Perhaps you could post your doveconf -n to some new thread along with some explanation of your setup and problem you are trying to solve. > Sorry for any inconvenience, > Adrian POPA > > --- Aki Tuomi Dovecot oy From marti1234 at gmail.com Wed Nov 16 03:28:28 2016 From: marti1234 at gmail.com (Marti Markov) Date: Wed, 16 Nov 2016 03:28:28 +0000 Subject: Exim still accepting emails to nonexistent users Message-ID: <1F9CEC86-7EE0-4FD4-B68E-7AF082FE2B93@gmail.com> After adding the configuration bit: deny message = invalid recipient domains = +local_domains !verify = recipient/callout=no_cache from: http://wiki2.dovecot.org/LMTP/Exim running update-exim4.conf and service exim4 restart the server is still accepting emails to recipients that do not exist in dovecot. Any ideas? From soumitri at iitk.ac.in Wed Nov 16 09:06:22 2016 From: soumitri at iitk.ac.in (soumitri at iitk.ac.in) Date: Wed, 16 Nov 2016 14:36:22 +0530 Subject: dovecot pre-install issue Message-ID: Hello all, I am going for a dovecot director based setup (2 director+ 2 imap), more imap servers will be added later depending on demand/load. Presently I have 12000+ dovecot users with Maildir quota varying from 1 GB to 20GB. (peak hour IOPS 50000+) I am having 2 options in choosing dovecot version. 1) Old stable release. I.e RHEL, with prebuilt binary. This will be having less trouble in managing. Why RHEL still using version 2.2.10. 2) Latest release with best features and lesser known bugs. I.e CentOS7 with with latest compiled version. I have to be more involved if a bug is found. I will prefer a less admin work after the setup, with all/most features working. If you have a recent similar setup/dovecot gurus, Pl. suggest. With thanks & regards, -- Soumitri Mishra http://home.iitk.ac.in/~soumitri/ From thierry at odry.net Wed Nov 16 11:01:41 2016 From: thierry at odry.net (Thierry de Montaudry) Date: Wed, 16 Nov 2016 13:01:41 +0200 Subject: dovecot pre-install issue In-Reply-To: References: Message-ID: > On 16 Nov 2016, at 11:06, soumitri at iitk.ac.in wrote: > > Hello all, > > I am going for a dovecot director based setup (2 director+ 2 imap), more imap servers will be added later depending on demand/load. Presently I have 12000+ dovecot users with Maildir quota varying from 1 GB to 20GB. (peak hour IOPS 50000+) > > I am having 2 options in choosing dovecot version. > > 1) Old stable release. I.e RHEL, with prebuilt binary. This will be having less trouble in managing. Why RHEL still using version 2.2.10. > > 2) Latest release with best features and lesser known bugs. I.e CentOS7 with with latest compiled version. I have to be more involved if a bug is found. > > I will prefer a less admin work after the setup, with all/most features working. > > If you have a recent similar setup/dovecot gurus, Pl. suggest. > > With thanks & regards, > > -- > > Soumitri Mishra > http://home.iitk.ac.in/~soumitri/ Hi, Running since about 6 month a new setup with 2 directors and 12 IMAP/POP3/LMTP/Sieve servers for mail storage (Maildir), to handle 500K+ users, all straight of CentOS 7 (good old yum and dovecot 2.2.10). It works very well, install is straight forward, event though it needs a bit of optimisation for this kind of traffic. Each user is assigned an IP for the redirection, which dovecot handles very well. And the deployment of new storage machine can be done in less than 30mn. I didn?t have any problem with bugs up to now. But knowing that most access is done via a webmail interface (Roundcube) or POP3, we are not confronted with specific clients and IMAP problems you see now and then. Hope this help. Regards, Thierry From soumitri at iitk.ac.in Wed Nov 16 11:32:44 2016 From: soumitri at iitk.ac.in (soumitri at iitk.ac.in) Date: Wed, 16 Nov 2016 17:02:44 +0530 Subject: dovecot pre-install issue In-Reply-To: References: Message-ID: <55f35340-ef04-5f23-ac35-7ec7583c42e2@iitk.ac.in> Hi, Thanks for the reply. I guess RHEL choose v2.2.10 as it is a good release with all the things working. My source of confusion are from 1) http://dovecot.org/oldnews.html I have gone through each release update news. Lots of work and bug fix after v2.2.10 , got me confused. E.g. in v2.2.13 has a fix " copied below" director was somewhat broken when there were exactly two directors in the ring. It caused errors about "weak users" getting stuck. 2) http://wiki2.dovecot.org/Design/DoveadmProtocol/HTTP An interesting feature to explore post setup. With thanks & regards, Soumitri Mishra http://home.iitk.ac.in/~soumitri/ On Wednesday 16 November 2016 04:31 PM, Thierry de Montaudry wrote: >> On 16 Nov 2016, at 11:06, soumitri at iitk.ac.in wrote: >> >> Hello all, >> >> I am going for a dovecot director based setup (2 director+ 2 imap), more imap servers will be added later depending on demand/load. Presently I have 12000+ dovecot users with Maildir quota varying from 1 GB to 20GB. (peak hour IOPS 50000+) >> >> I am having 2 options in choosing dovecot version. >> >> 1) Old stable release. I.e RHEL, with prebuilt binary. This will be having less trouble in managing. Why RHEL still using version 2.2.10. >> >> 2) Latest release with best features and lesser known bugs. I.e CentOS7 with with latest compiled version. I have to be more involved if a bug is found. >> >> I will prefer a less admin work after the setup, with all/most features working. >> >> If you have a recent similar setup/dovecot gurus, Pl. suggest. >> >> With thanks & regards, >> >> -- >> >> Soumitri Mishra >> http://home.iitk.ac.in/~soumitri/ > Hi, > > Running since about 6 month a new setup with 2 directors and 12 IMAP/POP3/LMTP/Sieve servers for mail storage (Maildir), to handle 500K+ users, all straight of CentOS 7 (good old yum and dovecot 2.2.10). It works very well, install is straight forward, event though it needs a bit of optimisation for this kind of traffic. Each user is assigned an IP for the redirection, which dovecot handles very well. And the deployment of new storage machine can be done in less than 30mn. > I didn?t have any problem with bugs up to now. But knowing that most access is done via a webmail interface (Roundcube) or POP3, we are not confronted with specific clients and IMAP problems you see now and then. > > Hope this help. Regards, > > Thierry > > From mpeters at domblogger.net Wed Nov 16 17:14:12 2016 From: mpeters at domblogger.net (Michael A. Peters) Date: Wed, 16 Nov 2016 09:14:12 -0800 Subject: dovecot pre-install issue In-Reply-To: References: Message-ID: <1a2e921e-0254-ab4d-1faa-372e9f321ce6@domblogger.net> On 11/16/2016 01:06 AM, soumitri at iitk.ac.in wrote: > Hello all, > > I am going for a dovecot director based setup (2 director+ 2 imap), more > imap servers will be added later depending on demand/load. Presently I > have 12000+ dovecot users with Maildir quota varying from 1 GB to 20GB. > (peak hour IOPS 50000+) > > I am having 2 options in choosing dovecot version. > > 1) Old stable release. I.e RHEL, with prebuilt binary. This will be > having less trouble in managing. Why RHEL still using version 2.2.10. > > 2) Latest release with best features and lesser known bugs. I.e CentOS7 > with with latest compiled version. I have to be more involved if a bug > is found. > > I will prefer a less admin work after the setup, with all/most features > working. > > If you have a recent similar setup/dovecot gurus, Pl. suggest. > > With thanks & regards, > I only run small server but I use CentOS and build the most recent myself and do not have many issues. CentOS 7 dovecot btw is same as RHEL 7 dovecot as far as I know. From dave at flanigan.net Wed Nov 16 19:39:11 2016 From: dave at flanigan.net (David Flanigan) Date: Wed, 16 Nov 2016 14:39:11 -0500 Subject: New Gmail Android App and Dovecot Message-ID: <70da1ad047d4436373eec6bff0953c36@flanigan.net> Dovecot Users, I have a sudden new problem that has cropped up just recently and I am stumped. My implementation has been working for over a year with no issues. Version Data: Dovecot: v2.2.10 (using self signed certificates) openSSL: v1.01e Gmail Android App: v6.10.23 November 3, 2016 The issue: I use the iphone Gmail App to access my e-mail from phone and tablet. It is simple and supports multiple accounts very nicely. This has worked for better than 18 months without issue. This week I upgraded my Android app to the latest version of Gmail and I stopped getting incoming e-mail. I can still pick up via outlook and other tools I use, but just not the android version of Gmail. When I attempt to pick up mail i see the below error in my log file. _Nov 16 14:18:56 ns1 dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=10.10.10.198, lip=10.1.1.10, TLS: SSL_read() failed: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number, session=<73vF8W9BdgCmrL7G>_ Disconnect and no new e-mail. There is no error in the Gmail app that I can find. The Gmail app works fine with my other accounts (Gmail, work, etc) so I am wondering if it is a configuration issue on my side or Gmail App stopped supporting something I was using. My SSl config is RPM standard other than SSL=yes and my self signed certificates. Any thoughts would be appreciated. -- Kind Regards, David From miha.vrhovnik at cordia.si Wed Nov 16 19:44:36 2016 From: miha.vrhovnik at cordia.si (Miha Vrhovnik) Date: Wed, 16 Nov 2016 20:44:36 +0100 Subject: New Gmail Android App and Dovecot In-Reply-To: <70da1ad047d4436373eec6bff0953c36@flanigan.net> References: <70da1ad047d4436373eec6bff0953c36@flanigan.net> Message-ID: On 2016-11-16 20:39, David Flanigan wrote: > Dovecot Users, > > I have a sudden new problem that has cropped up just recently and I am > stumped. My implementation has been working for over a year with no > issues. > > Version Data: > Dovecot: v2.2.10 (using self signed certificates) > openSSL: v1.01e > Gmail Android App: v6.10.23 November 3, 2016 > > The issue: > I use the iphone Gmail App to access my e-mail from phone and tablet. > It > is simple and supports multiple accounts very nicely. This has worked > for better than 18 months without issue. > > This week I upgraded my Android app to the latest version of Gmail and > I > stopped getting incoming e-mail. I can still pick up via outlook and > other tools I use, but just not the android version of Gmail. When I > attempt to pick up mail i see the below error in my log file. > > _Nov 16 14:18:56 ns1 dovecot: imap-login: Disconnected (no auth > attempts > in 0 secs): user=<>, rip=10.10.10.198, lip=10.1.1.10, TLS: SSL_read() > failed: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version > number, session=<73vF8W9BdgCmrL7G>_ > > Disconnect and no new e-mail. There is no error in the Gmail app that I > can find. The Gmail app works fine with my other accounts (Gmail, work, > etc) so I am wondering if it is a configuration issue on my side or > Gmail App stopped supporting something I was using. > > My SSl config is RPM standard other than SSL=yes and my self signed > certificates. > > Any thoughts would be appreciated. This looks like the server or the client is trying to negotiate the SSL3. Look at the dovecot config and set the SSL protocols to TLS1.2, tls1.1 and tls1 in this order. Regards, Miha From thierry at odry.net Wed Nov 16 20:20:31 2016 From: thierry at odry.net (Thierry de Montaudry) Date: Wed, 16 Nov 2016 22:20:31 +0200 Subject: dovecot pre-install issue In-Reply-To: <55f35340-ef04-5f23-ac35-7ec7583c42e2@iitk.ac.in> References: <55f35340-ef04-5f23-ac35-7ec7583c42e2@iitk.ac.in> Message-ID: <6A30AD0A-523F-4EB7-96EA-F92E1F00784C@odry.net> > On 16 Nov 2016, at 13:32, soumitri at iitk.ac.in wrote: > > Hi, > > Thanks for the reply. I guess RHEL choose v2.2.10 as it is a good release with all the things working. > > My source of confusion are from > 1) http://dovecot.org/oldnews.html > I have gone through each release update news. Lots of work and bug fix after v2.2.10 , got me confused. > E.g. in v2.2.13 has a fix " copied below" > > director was somewhat broken when there were exactly two directors > in the ring. It caused errors about "weak users" getting stuck. > 2) http://wiki2.dovecot.org/Design/DoveadmProtocol/HTTP > An interesting feature to explore post setup. > With thanks & regards, > Soumitri Mishra > http://home.iitk.ac.in/~soumitri/ > On Wednesday 16 November 2016 04:31 PM, Thierry de Montaudry wrote: >>> On 16 Nov 2016, at 11:06, soumitri at iitk.ac.in wrote: >>> >>> Hello all, >>> >>> I am going for a dovecot director based setup (2 director+ 2 imap), more imap servers will be added later depending on demand/load. Presently I have 12000+ dovecot users with Maildir quota varying from 1 GB to 20GB. (peak hour IOPS 50000+) >>> >>> I am having 2 options in choosing dovecot version. >>> >>> 1) Old stable release. I.e RHEL, with prebuilt binary. This will be having less trouble in managing. Why RHEL still using version 2.2.10. >>> >>> 2) Latest release with best features and lesser known bugs. I.e CentOS7 with with latest compiled version. I have to be more involved if a bug is found. >>> >>> I will prefer a less admin work after the setup, with all/most features working. >>> >>> If you have a recent similar setup/dovecot gurus, Pl. suggest. >>> >>> With thanks & regards, >>> >>> -- >>> >>> Soumitri Mishra >>> http://home.iitk.ac.in/~soumitri/ >> Hi, >> >> Running since about 6 month a new setup with 2 directors and 12 IMAP/POP3/LMTP/Sieve servers for mail storage (Maildir), to handle 500K+ users, all straight of CentOS 7 (good old yum and dovecot 2.2.10). It works very well, install is straight forward, event though it needs a bit of optimisation for this kind of traffic. Each user is assigned an IP for the redirection, which dovecot handles very well. And the deployment of new storage machine can be done in less than 30mn. >> I didn?t have any problem with bugs up to now. But knowing that most access is done via a webmail interface (Roundcube) or POP3, we are not confronted with specific clients and IMAP problems you see now and then. >> >> Hope this help. Regards, >> >> Thierry >> >> > Hi, I understand your concerns about new versions and bug fixing, but after running this system for more than 3 year, trying to keep up to date all the time? needed a rest. That why we moved to the ?out of the box? version, and let?s see. And it works. About the director. There is 2 ways to use it: 1. you have multiple front end for some NFS or other single storage, it should balance the load between them. I tried it, but EMC, NetApp or other wouldn?t handle the IO/s, and that?s where there must be some limitations in remote FS (mainly on indexing). 2. you spread your users between 2 or more storage machines (that?s what we do, 12 of them currently) that each run dovecot. You can define in you DB the IP where your user?s mail is stored, and the director will redirect whatever protocol (IMAP. POP3, LMPT, Sieve) to the machine where the user belong. When we did the move from NFS to that solution, the load on all the servers were reduce by at least 50 to 60%? if not more. And it allowed us to move from 7 webmail/pop3 front end to 2, and 5 MXs to 2, using 2.2.10 from CentOS 7. About the new features? well it does look good. But 2.2.10 still allow you to run remote doveadm commands, so not ready to move yet. Even though I do like it, but so much to do, and so little time to do it... Regards, From tanstaafl at libertytrek.org Wed Nov 16 20:25:54 2016 From: tanstaafl at libertytrek.org (Tanstaafl) Date: Wed, 16 Nov 2016 15:25:54 -0500 Subject: New Gmail Android App and Dovecot In-Reply-To: <70da1ad047d4436373eec6bff0953c36@flanigan.net> References: <70da1ad047d4436373eec6bff0953c36@flanigan.net> Message-ID: <49171caa-1a41-974e-4fa0-5e34881ac0a0@libertytrek.org> On 11/16/2016 2:39 PM, David Flanigan wrote: > Dovecot: v2.2.10 (using self signed certificates) Very old. First thing on your agenda should be top upgrade... From slitt at troubleshooters.com Thu Nov 17 07:48:52 2016 From: slitt at troubleshooters.com (Steve Litt) Date: Thu, 17 Nov 2016 02:48:52 -0500 Subject: Good email client to use with Dovecot? Message-ID: <20161117024852.0758af1e@mydesk.domain.cxm> Hi all, When I use an email client, its purpose is as a window into my Dovecot IMAP, and as a mechanism to reply to and send emails. I don't do filtering or calendaring on my email client (filtering via procmail direct to Dovecot). What email clients are all of you using to look at your IMAP email? Thanks, SteveT Steve Litt November 2016 featured book: Quit Joblessness: Start Your Own Business http://www.troubleshooters.com/startbiz From skdovecot at smail.inf.fh-brs.de Thu Nov 17 07:52:11 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 17 Nov 2016 08:52:11 +0100 (CET) Subject: Good email client to use with Dovecot? In-Reply-To: <20161117024852.0758af1e@mydesk.domain.cxm> References: <20161117024852.0758af1e@mydesk.domain.cxm> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 17 Nov 2016, Steve Litt wrote: > What email clients are all of you using to look at your IMAP email? https://de.wikipedia.org/wiki/Alpine_(E-Mail-Programm) :-) - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBWC1hq3z1H7kL/d9rAQIgvAgAiPKjxwTGRzfCK/muIevIYPwybxaD0BUt ceVNEZN5NC8mu3E2hpJSG5jdNVeP8DhWQ+kV0I192GomJ/QFRs+5st9MUvlkwqz9 ahCC8hOhVnNgjPnVA/+F0cXrhARCKaHD6N5yFQkKjxcIINS5/nWFbYQMVhRTIxno 5JAIB3FU6TOb0iq7edpNbp5Uxux4yKAOcSd31jenn08HTIrqjX3caHYf4u7P/ap8 hMPlfp9+tVUL/EYxt7FEtlhk4UItPOyqDyAIhSvyhfR/mSibIkKNd8+R77LEFdtp y3sqWct20gSFUT7V9ibmjI0vTneHqE6b5Bw1Xnw5Adj1qiRIS4nZhw== =POL7 -----END PGP SIGNATURE----- From gandalf.corvotempesta at gmail.com Thu Nov 17 08:11:16 2016 From: gandalf.corvotempesta at gmail.com (Gandalf Corvotempesta) Date: Thu, 17 Nov 2016 09:11:16 +0100 Subject: Dovecot proxy In-Reply-To: References: Message-ID: Hi to all I have some *production* pop3/inappropriate server that i would like to move under a proxy Some questions: 1. Keeping the same original hostname on the proxy (in example mail.mydomain.tld) and changing the hostname on the imap server, makes some troubles like MUA redownloading all the messages? Is dovecot (running on the imap server) happy seeing the hostname change? What about maildirs, where the hostname is wrote on the mail file? 2. Dovecot proxy will proxy the whole pop3/imap traffic or only the login auth? I don't want to expose the mailservers to internet, all imap session must be proxied through the proxy. this because I'll use local IPs on each mail server. 3. Performance for the proxy server? The same as the mailserver or higher due to the missing email computation? In example, the proxy doesn't have to access disks or emails data but has only to transmit what the mailserver osd saying 4. Like question 3, any real users for the proxy? I would like to know some info about hardware and userbase (in example: dual quad xeon 5600, 32Gb ram, 10.000 concurrent sessions) In my case I'm planning for about 100 active sessions. Can i use a small EC2 instance? From arekm at maven.pl Thu Nov 17 08:14:02 2016 From: arekm at maven.pl (Arkadiusz =?utf-8?q?Mi=C5=9Bkiewicz?=) Date: Thu, 17 Nov 2016 09:14:02 +0100 Subject: BUG: nopassword doesn't work with CRAM-MD5 Message-ID: <201611170914.03006.arekm@maven.pl> Hello. dovecot 2.2.26.0 When testing nopassword extra field (http://wiki2.dovecot.org/PasswordDatabase/ExtraFields) with CRAM-MD5 dovecot doesn't allow any password (while it should) and returns " Authentication failed" while in logs: Nov 17 08:22:34 auth-worker(1551): Info: sql(pepe,127.0.0.1,): Requested CRAM-MD5 scheme, but we have a NULL password NULL is there because our sql query returns empty password just like wiki says "nopassword: you want to allow all passwords, use an empty password and this field. " If password is returned in sql query then it fails, too: Nov 17 09:00:49 auth-worker(2206): Error: sql(pepe,127.0.0.1,): nopassword set but password is non- empty So looks to be a bug. -- Arkadiusz Mi?kiewicz, arekm / ( maven.pl | pld-linux.org ) From aki.tuomi at dovecot.fi Thu Nov 17 08:19:31 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Thu, 17 Nov 2016 10:19:31 +0200 Subject: BUG: nopassword doesn't work with CRAM-MD5 In-Reply-To: <201611170914.03006.arekm@maven.pl> References: <201611170914.03006.arekm@maven.pl> Message-ID: <84438157-4481-39a4-a491-1eb70c32c792@dovecot.fi> On 17.11.2016 10:14, Arkadiusz Mi?kiewicz wrote: > Hello. > > dovecot 2.2.26.0 > > When testing nopassword extra field > (http://wiki2.dovecot.org/PasswordDatabase/ExtraFields) with CRAM-MD5 dovecot > doesn't allow any password (while it should) and returns > > " Authentication failed" > > while in logs: > > Nov 17 08:22:34 auth-worker(1551): Info: > sql(pepe,127.0.0.1,): Requested CRAM-MD5 scheme, but we have > a NULL password > > NULL is there because our sql query returns empty password just like wiki says > "nopassword: you want to allow all passwords, use an empty password and this > field. " > > > If password is returned in sql query then it fails, too: > > Nov 17 09:00:49 auth-worker(2206): Error: > sql(pepe,127.0.0.1,): nopassword set but password is non- > empty > > So looks to be a bug. It's not a bug. CRAM-MD5 does in fact require *some* password to work, you can either store it with doveadm pw -S CRAM-MD5 or as plain text password. Aki From arekm at maven.pl Thu Nov 17 08:30:44 2016 From: arekm at maven.pl (Arkadiusz =?utf-8?q?Mi=C5=9Bkiewicz?=) Date: Thu, 17 Nov 2016 09:30:44 +0100 Subject: BUG: nopassword doesn't work with CRAM-MD5 In-Reply-To: <84438157-4481-39a4-a491-1eb70c32c792@dovecot.fi> References: <201611170914.03006.arekm@maven.pl> <84438157-4481-39a4-a491-1eb70c32c792@dovecot.fi> Message-ID: <201611170930.44557.arekm@maven.pl> On Thursday 17 of November 2016, Aki Tuomi wrote: > On 17.11.2016 10:14, Arkadiusz Mi?kiewicz wrote: > > Hello. > > > > dovecot 2.2.26.0 > > > > When testing nopassword extra field > > (http://wiki2.dovecot.org/PasswordDatabase/ExtraFields) with CRAM-MD5 > > dovecot doesn't allow any password (while it should) and returns > > > > " Authentication failed" > > > > while in logs: > > > > Nov 17 08:22:34 auth-worker(1551): Info: > > sql(pepe,127.0.0.1,): Requested CRAM-MD5 scheme, but we > > have a NULL password > > > > NULL is there because our sql query returns empty password just like wiki > > says "nopassword: you want to allow all passwords, use an empty > > password and this field. " > > > > > > If password is returned in sql query then it fails, too: > > > > Nov 17 09:00:49 auth-worker(2206): Error: > > sql(pepe,127.0.0.1,): nopassword set but password is > > non- empty > > > > So looks to be a bug. > > It's not a bug. CRAM-MD5 does in fact require *some* password to work, Provide fake/random one for nopassword internally. > you can either store it with doveadm pw -S CRAM-MD5 or as plain text > password. Then I get > > sql(pepe,127.0.0.1,): nopassword set but password is > > non- empty So that doesn't help btw. doveadm pw -S is not documented, so no idea what it does > Aki -- Arkadiusz Mi?kiewicz, arekm / ( maven.pl | pld-linux.org ) From aki.tuomi at dovecot.fi Thu Nov 17 08:35:57 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Thu, 17 Nov 2016 10:35:57 +0200 Subject: BUG: nopassword doesn't work with CRAM-MD5 In-Reply-To: <201611170930.44557.arekm@maven.pl> References: <201611170914.03006.arekm@maven.pl> <84438157-4481-39a4-a491-1eb70c32c792@dovecot.fi> <201611170930.44557.arekm@maven.pl> Message-ID: <43b42664-fa19-b7c3-61e3-ae0cc7957771@dovecot.fi> On 17.11.2016 10:30, Arkadiusz Mi?kiewicz wrote: > On Thursday 17 of November 2016, Aki Tuomi wrote: >> On 17.11.2016 10:14, Arkadiusz Mi?kiewicz wrote: >>> Hello. >>> >>> dovecot 2.2.26.0 >>> >>> When testing nopassword extra field >>> (http://wiki2.dovecot.org/PasswordDatabase/ExtraFields) with CRAM-MD5 >>> dovecot doesn't allow any password (while it should) and returns >>> >>> " Authentication failed" >>> >>> while in logs: >>> >>> Nov 17 08:22:34 auth-worker(1551): Info: >>> sql(pepe,127.0.0.1,): Requested CRAM-MD5 scheme, but we >>> have a NULL password >>> >>> NULL is there because our sql query returns empty password just like wiki >>> says "nopassword: you want to allow all passwords, use an empty >>> password and this field. " >>> >>> >>> If password is returned in sql query then it fails, too: >>> >>> Nov 17 09:00:49 auth-worker(2206): Error: >>> sql(pepe,127.0.0.1,): nopassword set but password is >>> non- empty >>> >>> So looks to be a bug. >> It's not a bug. CRAM-MD5 does in fact require *some* password to work, > Provide fake/random one for nopassword internally. > >> you can either store it with doveadm pw -S CRAM-MD5 or as plain text >> password. > Then I get > >>> sql(pepe,127.0.0.1,): nopassword set but password is >>> non- empty > So that doesn't help > > btw. doveadm pw -S is not documented, so no idea what it does > >> Aki sorry, typo. Ment doveadm pw -s CRAM-MD5 How do you perceive user login works with CRAM-MD5 if you do not provide *any* password for the user? Some passdb backend must provide a password for the user, if you want to load extra attributes from alternative backend, use noauthenticate instead of nopassword, but make sure the last passdb can authenticate the user. Aki From arekm at maven.pl Thu Nov 17 08:44:30 2016 From: arekm at maven.pl (Arkadiusz =?utf-8?q?Mi=C5=9Bkiewicz?=) Date: Thu, 17 Nov 2016 09:44:30 +0100 Subject: BUG: nopassword doesn't work with CRAM-MD5 In-Reply-To: <43b42664-fa19-b7c3-61e3-ae0cc7957771@dovecot.fi> References: <201611170914.03006.arekm@maven.pl> <201611170930.44557.arekm@maven.pl> <43b42664-fa19-b7c3-61e3-ae0cc7957771@dovecot.fi> Message-ID: <201611170944.30787.arekm@maven.pl> On Thursday 17 of November 2016, Aki Tuomi wrote: > On 17.11.2016 10:30, Arkadiusz Mi?kiewicz wrote: > > On Thursday 17 of November 2016, Aki Tuomi wrote: > >> On 17.11.2016 10:14, Arkadiusz Mi?kiewicz wrote: > >>> Hello. > >>> > >>> dovecot 2.2.26.0 > >>> > >>> When testing nopassword extra field > >>> (http://wiki2.dovecot.org/PasswordDatabase/ExtraFields) with CRAM-MD5 > >>> dovecot doesn't allow any password (while it should) and returns > >>> > >>> " Authentication failed" > >>> > >>> while in logs: > >>> > >>> Nov 17 08:22:34 auth-worker(1551): Info: > >>> sql(pepe,127.0.0.1,): Requested CRAM-MD5 scheme, but > >>> we have a NULL password > >>> > >>> NULL is there because our sql query returns empty password just like > >>> wiki says "nopassword: you want to allow all passwords, use an empty > >>> password and this field. " > >>> > >>> > >>> If password is returned in sql query then it fails, too: > >>> > >>> Nov 17 09:00:49 auth-worker(2206): Error: > >>> sql(pepe,127.0.0.1,): nopassword set but password is > >>> non- empty > >>> > >>> So looks to be a bug. > >> > >> It's not a bug. CRAM-MD5 does in fact require *some* password to work, > > > > Provide fake/random one for nopassword internally. > > > >> you can either store it with doveadm pw -S CRAM-MD5 or as plain text > >> password. > > > > Then I get > > > >>> sql(pepe,127.0.0.1,): nopassword set but password is > >>> non- empty > > > > So that doesn't help > > > > btw. doveadm pw -S is not documented, so no idea what it does > > > >> Aki > > sorry, typo. > > Ment doveadm pw -s CRAM-MD5 > > How do you perceive user login works with CRAM-MD5 if you do not provide > *any* password for the user? I can provide it and I want to do that but nopassword doesn't let me. > Some passdb backend must provide a password > for the user, if you want to load extra attributes from alternative > backend, use noauthenticate instead of nopassword, but make sure the > last passdb can authenticate the user. Ok, I'll try noauthenticate. > > Aki -- Arkadiusz Mi?kiewicz, arekm / ( maven.pl | pld-linux.org ) From adrianp at aageneral.ro Thu Nov 17 08:49:48 2016 From: adrianp at aageneral.ro (Adrian POPA) Date: Thu, 17 Nov 2016 10:49:48 +0200 Subject: BUG: nopassword doesn't work with CRAM-MD5 In-Reply-To: <201611170930.44557.arekm@maven.pl> References: <201611170914.03006.arekm@maven.pl> <84438157-4481-39a4-a491-1eb70c32c792@dovecot.fi> <201611170930.44557.arekm@maven.pl> Message-ID: On 17.11.2016 10:30, Arkadiusz Mi?kiewicz wrote: > On Thursday 17 of November 2016, Aki Tuomi wrote: >> On 17.11.2016 10:14, Arkadiusz Mi?kiewicz wrote: >>> Hello. >>> >>> dovecot 2.2.26.0 >>> >>> When testing nopassword extra field >>> (http://wiki2.dovecot.org/PasswordDatabase/ExtraFields) with CRAM-MD5 >>> dovecot doesn't allow any password (while it should) and returns >>> >>> " Authentication failed" >>> >>> while in logs: >>> >>> Nov 17 08:22:34 auth-worker(1551): Info: >>> sql(pepe,127.0.0.1,): Requested CRAM-MD5 scheme, but we >>> have a NULL password >>> >>> NULL is there because our sql query returns empty password just like wiki >>> says "nopassword: you want to allow all passwords, use an empty >>> password and this field. " >>> >>> >>> If password is returned in sql query then it fails, too: >>> >>> Nov 17 09:00:49 auth-worker(2206): Error: >>> sql(pepe,127.0.0.1,): nopassword set but password is >>> non- empty >>> >>> So looks to be a bug. >> It's not a bug. CRAM-MD5 does in fact require *some* password to work, > Provide fake/random one for nopassword internally. > >> you can either store it with doveadm pw -S CRAM-MD5 or as plain text >> password. > Then I get > >>> sql(pepe,127.0.0.1,): nopassword set but password is >>> non- empty > So that doesn't help > > btw. doveadm pw -S is not documented, so no idea what it does > >> Aki Sorry to bump into your conversation but Aki is defending too hard something that is realy a bug. I have signaled myself this issue in the "very old" version 2.2.9(!) nopassword means ANY password (including none). One cannot store something like ANY with doveadm, SQL or anything. So with "nopassword" the query should simply ignore the password field (missing, NULL or set to anything else). Why would an user login with nopassword? This is an administrator decision and is not subject for comments. My problem was with LDA who refuses to store mail in INBOX if the user is not properly authenticated (nopassword) so you cannot receive mails for "hidden" users that cannot login, maybe to redirect mails later or do some other things with. Adrian From lists at sander85.eu Thu Nov 17 09:01:10 2016 From: lists at sander85.eu (Sander Lepik) Date: Thu, 17 Nov 2016 11:01:10 +0200 Subject: Panic: file dsync-brain-mailbox.c: line 814 ... Message-ID: Hi! We have 2 servers replicating each other and after upgrade to 2.2.26.0 we are seeing this in the logs: Primary server: Nov 17 09:37:39 mailhost01 dovecot: dsync-server(user at domain.ee): Panic: file dsync-brain-mailbox.c: line 814 (dsync_brain_slave_recv_mailbox): assertion failed: (memcmp(dsync_box->mailbox_guid, local_dsync_box.mailbox_guid, sizeof(dsync_box->mailbox_guid)) == 0) Nov 17 09:37:39 mailhost01 dovecot: dsync-server(user at domain.ee): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x9438e) [0x7f3ccceb238e] -> /usr/lib/dovecot/libdovecot.so.0(+0x9447c) [0x7f3ccceb247c] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f3ccce4ba4e] -> dovecot/doveadm-server(dsync_brain_slave_recv_mailbox+0x3d8) [0x7f3ccd8f66f8] -> dovecot/doveadm-server(dsync_brain_run+0x650) [0x7f3ccd8f4110] -> dovecot/doveadm-server(+0x4143b) [0x7f3ccd8f443b] -> dovecot/doveadm-server(+0x5735f) [0x7f3ccd90a35f] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x4c) [0x7f3cccec6bdc] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0x10a) [0x7f3cccec809a] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x25) [0x7f3cccec6c65] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x38) [0x7f3cccec6e08] -> dovecot/doveadm-server(+0x26b99) [0x7f3ccd8d9b99] -> dovecot/doveadm-server(+0x28efc) [0x7f3ccd8dbefc] -> dovecot/doveadm-server(+0x3daba) [0x7f3ccd8f0aba] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x4c) [0x7f3cccec6bdc] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0x10a) [0x7f3cccec809a] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x25) [0x7f3cccec6c65] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x38) [0x7f3cccec6e08] -> /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f3ccce51f53] -> dovecot/doveadm-server(main+0x19f) [0x7f3ccd8ccdef] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5) [0x7f3ccca94b45] -> dovecot/doveadm-server(+0x19ea6) [0x7f3ccd8ccea6] Nov 17 09:37:39 mailhost01 dovecot: dsync-server(user at domain.ee): Fatal: master: service(doveadm): child 42621 killed with signal 6 (core dumps disabled) Secondary server: Nov 17 09:37:40 secondarymailhost01 dovecot: dsync-local(user at domain.ee): Error: read(mailhost01.domeen.ee) failed: EOF (last sent=mailbox, last recv=mailbox_state) I'm guessing that it happens during automatic full resync, but that's just guessing. OS is Debian 8 (x86_64) and Dovecot is recompiled from Debian's unstable repository. -- Sander From soumitri at iitk.ac.in Thu Nov 17 10:18:40 2016 From: soumitri at iitk.ac.in (soumitri at iitk.ac.in) Date: Thu, 17 Nov 2016 15:48:40 +0530 Subject: dovecot pre-install issue In-Reply-To: <6A30AD0A-523F-4EB7-96EA-F92E1F00784C@odry.net> References: <55f35340-ef04-5f23-ac35-7ec7583c42e2@iitk.ac.in> <6A30AD0A-523F-4EB7-96EA-F92E1F00784C@odry.net> Message-ID: Hi, Thanks for the information. But still not sure about which dovecot version to choose. Any more help from developers/gurus can be a help. I am open to dovecot enterprise release, if it can satisfy my queries. Regarding dovecot director, I am presently planning for option1, you have mentioned. 1) 200,000 IOPS (my next 5 years requirement) is possible with NFS, as claimed by EMC, Netapp; and I am planning to go for it. I am not in favour of NFS with dovecot, but out existing setup is based on NFS and migration will be easy. I am open for any improved storage solution instead of NFS. 2) I guess, the partitioning of users requires a careful planning due to different quota demand. presently I am trying to avoid this. Any help in choosing appropriate dovecot version is appreciated. Soumitri Mishra http://home.iitk.ac.in/~soumitri/ > Hi, > > I understand your concerns about new versions and bug fixing, but > after running this system for more than 3 year, trying to keep up to > date all the time? needed a rest. That why we moved to the ?out of the > box? version, and let?s see. And it works. > > About the director. There is 2 ways to use it: > > 1. you have multiple front end for some NFS or other single storage, > it should balance the load between them. I tried it, but EMC, NetApp > or other wouldn?t handle the IO/s, and that?s where there must be some > limitations in remote FS (mainly on indexing). > > 2. you spread your users between 2 or more storage machines (that?s > what we do, 12 of them currently) that each run dovecot. You can > define in you DB the IP where your user?s mail is stored, and the > director will redirect whatever protocol (IMAP. POP3, LMPT, Sieve) to > the machine where the user belong. When we did the move from NFS to > that solution, the load on all the servers were reduce by at least 50 > to 60%? if not more. And it allowed us to move from 7 webmail/pop3 > front end to 2, and 5 MXs to 2, using 2.2.10 from CentOS 7. > > About the new features? well it does look good. But 2.2.10 still allow > you to run remote doveadm commands, so not ready to move yet. Even > though I do like it, but so much to do, and so little time to do it... > > Regards, > > > > > > From mail at marc-stuermer.de Thu Nov 17 10:41:39 2016 From: mail at marc-stuermer.de (=?UTF-8?Q?Marc_St=C3=BCrmer?=) Date: Thu, 17 Nov 2016 11:41:39 +0100 Subject: Good email client to use with Dovecot? In-Reply-To: <20161117024852.0758af1e@mydesk.domain.cxm> References: <20161117024852.0758af1e@mydesk.domain.cxm> Message-ID: <0b1934257ba5a8a4994910cd52dafaa7@marc-stuermer.de> Am 2016-11-17 08:48, schrieb Steve Litt: > When I use an email client, its purpose is as a window into my Dovecot > IMAP, and as a mechanism to reply to and send emails. I don't do > filtering or calendaring on my email client (filtering via procmail > direct to Dovecot). > > What email clients are all of you using to look at your IMAP email? Most of the day I am using the Horde Webmailer IMP (www.horde.org), because I've got my web browser running the whole time anyway and I am too lazy to wait until Thunderbird launched. Horde integrates IMAP very well and even has support for running and managing SIEVE-Scripts, PGP, S/MIME and other, fancy stuff. It is real a very well rounded, good for daily work mail client. Contra is that you cannot change the theme at all, and if you wish to extend it, you might be off better with other stuff. But until you really reach this point you've got to walk some miles... 2nd preference then, as desktop client, is Thunderbird. Hard to beat IMAP support and if it cannot do a thing you want, there already might be an extension around somewhere... What to avoid like the pest is Outlook. Microsoft crippled the IMAP support in it starting with version 2010 on purpose to promote their own server technology on many levels. Using IMAP with Outlook is no fun, so just don't do it and if you need Outlook, you are better off with Microsofts own tech stuff instead of IMAP. From dovecot-ml at seichter.de Thu Nov 17 11:47:00 2016 From: dovecot-ml at seichter.de (Ralph Seichter) Date: Thu, 17 Nov 2016 12:47:00 +0100 Subject: Good email client to use with Dovecot? In-Reply-To: <20161117024852.0758af1e@mydesk.domain.cxm> References: <20161117024852.0758af1e@mydesk.domain.cxm> Message-ID: <21b95737-f1d2-468a-533e-b43344d5c5da@seichter.de> On 17.11.2016 08:48, Steve Litt wrote: > What email clients are all of you using to look at your IMAP email? I prefer Mozilla Thunderbird. It runs on Linux, macOS and Windows; works nicely with all sorts of IMAP servers; handles mailing lists well; and the multiple-identity-support (more than one sender address per IMAP account) is very important for me as well. -Ralph From andy at andybev.com Thu Nov 17 11:50:13 2016 From: andy at andybev.com (Andrew Beverley) Date: Thu, 17 Nov 2016 11:50:13 +0000 Subject: Good email client to use with Dovecot? In-Reply-To: <20161117024852.0758af1e@mydesk.domain.cxm> References: <20161117024852.0758af1e@mydesk.domain.cxm> Message-ID: <20161117115013.a7889f0db4c5f512da06343c@andybev.com> On Thu, 17 Nov 2016 02:48:52 Steve Litt wrote: > What email clients are all of you using to look at your IMAP email? I'm currently using Sylpheed, which is lightweight and fast, but relatively basic (e.g. no HTML support). I keep meaning to try out Trojit?, which is apparently also very fast, as well as being very standards compliant. It uses an IMAP server for as much functionality as possible, so I suspect it would work well with Dovecot. Other than that, if you want something new and shiny, try Geary. Personally I didn't like it much, as it implements a "conversation mode", making traditional in-line posting and so on more difficult. I've tried Thunderbird, but it was too sluggish for my PC. Andy From Jochen.Bern at binect.de Thu Nov 17 13:11:45 2016 From: Jochen.Bern at binect.de (Jochen Bern) Date: Thu, 17 Nov 2016 14:11:45 +0100 Subject: Good email client to use with Dovecot? In-Reply-To: <20161117024852.0758af1e@mydesk.domain.cxm> References: <20161117024852.0758af1e@mydesk.domain.cxm> Message-ID: <8806bc58-c7ed-79ef-fcec-6df8b8856e74@binect.de> On 11/17/2016 08:48 AM, Steve Litt wrote: > When I use an email client, its purpose is as a window into my Dovecot > IMAP, and as a mechanism to reply to and send emails. I don't do > filtering or calendaring on my email client (filtering via procmail > direct to Dovecot). > > What email clients are all of you using to look at your IMAP email? Plaintext or HTML mails? OpenPGP? S/MIME? Do you like to see your e-mails arranged into threads, or just sorted by some property (be that sender, date, or whatever)? What's your archiving system, many or few folders, flat or hierarchical? Do you work remote, how good's the connection to the IMAP server, do you need the capability to work on a local cache while the server cannot be reached ("detached IMAP", I've seen it called)? I switched from tkRat (a.k.a. ratatosk) to Thunderbird when I had a need to do "detached IMAP" (and tkRat repeatedly trashed my entire INBOX when I tried). tkRat had interesting features (preselected primary archive folder per folder you're reading, "folders" that actually are views of a local database, minimalistic enough to bridge the distance with X11 instead of IMAP), but hasn't seen further development in ages. With Thunderbird, there's a couple plugins I wouldn't want to part with. Lightning for the calendaring, Enigmail for OpenPGP support, Allow HTML Temp to stay with a default everything-as-plaintext setup but still being able to quickly grok the occasional "my answers below in red" reply, QuickFolders to have a bar of main archive folders I can drag&drop read e-mails into. Address Close Button occupies the "not *quite that* essential" rung. Kind regards, -- Jochen Bern Systemingenieur Fon: +49 6151 9067-231 Fax: +49 6151 9067-290 E-Mail: jochen.bern at binect.de www.binect.de www.facebook.de/binect Binect GmbH Robert-Koch-Stra?e 9, 64331 Weiterstadt, DE Gesch?ftsf?hrung: Christian Ladner, Dr. Frank Wermeyer, Nils Manegold Unternehmenssitz: Weiterstadt Register: Amtsgericht Darmstadt, HRB 94685 Umsatzsteuer-ID: DE 221 302 264 MAX 21-Unternehmensgruppe ? Diese E-Mail kann vertrauliche Informationen enthalten. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrt?mlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese E-Mail. Das unerlaubte Kopieren, sowie die unbefugte Weitergabe dieser Mail oder von Teilen dieser Mail ist nicht gestattet. Jede von der Binect GmbH versendete Mail ist sorgf?ltig erstellt worden, dennoch schlie?en wir die rechtliche Verbindlichkeit aus; sie kann nicht zu einer irgendwie gearteten Verpflichtung zu Lasten der Binect GmbH ausgelegt werden. Wir haben alle verkehrs?blichen Ma?nahmen unternommen, um das Risiko der Verbreitung virenbefallener Software oder E-Mails zu minimieren, dennoch raten wir Ihnen, Ihre eigenen Virenkontrollen auf alle Anh?nge an dieser Nachricht durchzuf?hren. Wir schlie?en, au?er f?r den Fall von Vorsatz oder grober Fahrl?ssigkeit, die Haftung f?r jeglichen Verlust oder Sch?den durch virenbefallene Software oder E-Mail aus. This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of contents of this e-mail is strictly prohibited. All Binect GmbH emails are created thoroughly, nevertheless we do not accept any legal obligation for the information and wording contained herein. Binect GmbH has taken precautionary measures to reduce the risk of possible distribution of virus infected software or emails. However, we advise you to check attachments to this email for viruses. Except for cases of intent or gross negligence, we cannot accept any legal obligation for loss or damage by virus infected software. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4278 bytes Desc: S/MIME Cryptographic Signature URL: From nick at cpanel.net Thu Nov 17 15:27:00 2016 From: nick at cpanel.net (J. Nick Koston) Date: Thu, 17 Nov 2016 09:27:00 -0600 Subject: dovecot Digest, Vol 163, Issue 34 In-Reply-To: References: Message-ID: Aki, Multiple local_names would be ideal to accommodate certificates that have multiple names. The way I?m reading the code it looks like its having to pay for the memory for every name on the certificate because a unique CTX is being created for each name even if they are all on a single certificate. This would be a big memory win for anyone using a certificate with multiple names on it. Thanks -Nick cPanel Inc >> > > Dear Aki et al., > > How straightforward would it be to implement the following or similar syntax: > > local_name foo.tld www.foo.tld mail.foo.tld bar.tld { > ... > } > > ?? > > Thank you! > > -FG > > ------------------------------ > > Subject: Digest Footer > > _______________________________________________ > dovecot mailing list > dovecot at dovecot.org > http://dovecot.org/cgi-bin/mailman/listinfo/dovecot > > ------------------------------ > > End of dovecot Digest, Vol 163, Issue 34 > **************************************** -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3569 bytes Desc: not available URL: From slitt at troubleshooters.com Thu Nov 17 15:58:29 2016 From: slitt at troubleshooters.com (Steve Litt) Date: Thu, 17 Nov 2016 10:58:29 -0500 Subject: Good email client to use with Dovecot? In-Reply-To: <8806bc58-c7ed-79ef-fcec-6df8b8856e74@binect.de> References: <20161117024852.0758af1e@mydesk.domain.cxm> <8806bc58-c7ed-79ef-fcec-6df8b8856e74@binect.de> Message-ID: <20161117105829.557e5a9a@mydesk.domain.cxm> On Thu, 17 Nov 2016 14:11:45 +0100 Jochen Bern wrote: > On 11/17/2016 08:48 AM, Steve Litt wrote: > > When I use an email client, its purpose is as a window into my > > Dovecot IMAP, and as a mechanism to reply to and send emails. I > > don't do filtering or calendaring on my email client (filtering via > > procmail direct to Dovecot). > > > > What email clients are all of you using to look at your IMAP > > email? > > Plaintext or HTML mails? I like the ability to see some sort of representation of the links in incoming HTML email. I would never send HTML email. > OpenPGP? I don't use that today, but probably will in the future. > S/MIME? Not necessary. > Do you like to see your > e-mails arranged into threads, or just sorted by some property (be > that sender, date, or whatever)? I could live without the ability to thread. It seems to not work right, probably because of various senders' misuse. When I want to look at a thread, I usually just sort on subject. > What's your archiving system, many > or few folders, flat or hierarchical? Archiving is achieved in my Dovecot Maildir tree. For fast moving folders like INBOX and my local LUG (GoLUG), every year I move this year's messages to, for instance, OLDFOLDERS->GoLUG->2015. I have somewhere between 75 and 200 folders, and tend to go about 4 levels deep in the hierarchy, although most of my most active folders are 1 level down from the account itself. For backup, I use rsync to a backup server, and back up the whole Dovecot tree. > Do you work remote, Sometimes. Through a pinhole in my firewall, via dynamic dns. > how good's > the connection to the IMAP server, Varies. > do you need the capability to work > on a local cache while the server cannot be reached ("detached IMAP", > I've seen it called)? No. If I can't do email at a particular time, I'll go somewhere else where I can. > > I switched from tkRat (a.k.a. ratatosk) to Thunderbird when I had a > need to do "detached IMAP" (and tkRat repeatedly trashed my entire > INBOX when I tried). Did the corruption happen when you messed with it to try to work offline, or do you mean that usage during failure to connect caused corruption? Did it corrupt the IMAP you were trying to connect to, or just a cache? > tkRat had interesting features (preselected > primary archive folder per folder you're reading, "folders" that > actually are views of a local database, minimalistic enough to bridge > the distance with X11 instead of IMAP), but hasn't seen further > development in ages. > > With Thunderbird, Here's why I can't use Thunderbird: [slitt at mydesk Maildir]$ find ~/mail/Maildir | wc -l 625262 [slitt at mydesk Maildir]$ find ~/mail/Maildir -type d | wc -l 1241 [slitt at mydesk Maildir]$ I have over 620K emails in over 1000 folders. This turns Thunderbird into an all day affair, just to refresh its caches. Thanks, SteveT Steve Litt November 2016 featured book: Quit Joblessness: Start Your Own Business http://www.troubleshooters.com/startbiz From mpeters at domblogger.net Thu Nov 17 20:35:59 2016 From: mpeters at domblogger.net (Michael A. Peters) Date: Thu, 17 Nov 2016 12:35:59 -0800 Subject: Good email client to use with Dovecot? In-Reply-To: <20161117024852.0758af1e@mydesk.domain.cxm> References: <20161117024852.0758af1e@mydesk.domain.cxm> Message-ID: <15b863e0-b997-aa93-1c24-d164a361858c@domblogger.net> On 11/16/2016 11:48 PM, Steve Litt wrote: > Hi all, > > When I use an email client, its purpose is as a window into my Dovecot > IMAP, and as a mechanism to reply to and send emails. I don't do > filtering or calendaring on my email client (filtering via procmail > direct to Dovecot). > > What email clients are all of you using to look at your IMAP email? > > Thanks, > > SteveT Thunderbird on the Desktop and K9 on Android and roundcube for webmail. From larryrtx at gmail.com Thu Nov 17 20:37:45 2016 From: larryrtx at gmail.com (Larry Rosenman) Date: Thu, 17 Nov 2016 14:37:45 -0600 Subject: Good email client to use with Dovecot? In-Reply-To: <20161117105829.557e5a9a@mydesk.domain.cxm> References: <20161117024852.0758af1e@mydesk.domain.cxm> <8806bc58-c7ed-79ef-fcec-6df8b8856e74@binect.de> <20161117105829.557e5a9a@mydesk.domain.cxm> Message-ID: Really old, but works well with Dovecot, doesn't cache a lot, and probably would work real well is: mulberry http://www.mulberrymail.com Yes, it's dated, but still runs :) On Thu, Nov 17, 2016 at 9:58 AM, Steve Litt wrote: > On Thu, 17 Nov 2016 14:11:45 +0100 > Jochen Bern wrote: > > > On 11/17/2016 08:48 AM, Steve Litt wrote: > > > When I use an email client, its purpose is as a window into my > > > Dovecot IMAP, and as a mechanism to reply to and send emails. I > > > don't do filtering or calendaring on my email client (filtering via > > > procmail direct to Dovecot). > > > > > > What email clients are all of you using to look at your IMAP > > > email? > > > > Plaintext or HTML mails? > > I like the ability to see some sort of representation of the links in > incoming HTML email. I would never send HTML email. > > > OpenPGP? > > I don't use that today, but probably will in the future. > > > > S/MIME? > > Not necessary. > > > Do you like to see your > > e-mails arranged into threads, or just sorted by some property (be > > that sender, date, or whatever)? > > I could live without the ability to thread. It seems to not work right, > probably because of various senders' misuse. When I want to look at a > thread, I usually just sort on subject. > > > What's your archiving system, many > > or few folders, flat or hierarchical? > > Archiving is achieved in my Dovecot Maildir tree. For fast moving > folders like INBOX and my local LUG (GoLUG), every year I move this > year's messages to, for instance, OLDFOLDERS->GoLUG->2015. I have > somewhere between 75 and 200 folders, and tend to go about 4 levels deep > in the hierarchy, although most of my most active folders are 1 level > down from the account itself. For backup, I use rsync to a backup > server, and back up the whole Dovecot tree. > > > Do you work remote, > > Sometimes. Through a pinhole in my firewall, via dynamic dns. > > > how good's > > the connection to the IMAP server, > > Varies. > > > do you need the capability to work > > on a local cache while the server cannot be reached ("detached IMAP", > > I've seen it called)? > > No. If I can't do email at a particular time, I'll go somewhere else > where I can. > > > > > I switched from tkRat (a.k.a. ratatosk) to Thunderbird when I had a > > need to do "detached IMAP" (and tkRat repeatedly trashed my entire > > INBOX when I tried). > > Did the corruption happen when you messed with it to try to work > offline, or do you mean that usage during failure to connect caused > corruption? Did it corrupt the IMAP you were trying to connect to, or > just a cache? > > > tkRat had interesting features (preselected > > primary archive folder per folder you're reading, "folders" that > > actually are views of a local database, minimalistic enough to bridge > > the distance with X11 instead of IMAP), but hasn't seen further > > development in ages. > > > > With Thunderbird, > > Here's why I can't use Thunderbird: > > [slitt at mydesk Maildir]$ find ~/mail/Maildir | wc -l > 625262 > [slitt at mydesk Maildir]$ find ~/mail/Maildir -type d | wc -l > 1241 > [slitt at mydesk Maildir]$ > > I have over 620K emails in over 1000 folders. This turns Thunderbird > into an all day affair, just to refresh its caches. > > Thanks, > > SteveT > > Steve Litt > November 2016 featured book: Quit Joblessness: Start Your Own Business > http://www.troubleshooters.com/startbiz > -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From Jochen.Bern at binect.de Thu Nov 17 21:28:38 2016 From: Jochen.Bern at binect.de (Jochen Bern) Date: Thu, 17 Nov 2016 22:28:38 +0100 Subject: Good email client to use with Dovecot? In-Reply-To: <20161117105829.557e5a9a@mydesk.domain.cxm> References: <20161117024852.0758af1e@mydesk.domain.cxm> <8806bc58-c7ed-79ef-fcec-6df8b8856e74@binect.de> <20161117105829.557e5a9a@mydesk.domain.cxm> Message-ID: <6f0df441-3773-2c22-55df-d65061a87547@binect.de> On 11/17/2016 04:58 PM, Steve Litt wrote: > On Thu, 17 Nov 2016 14:11:45 +0100 Jochen Bern wrote: >> Plaintext or HTML mails? > > I like the ability to see some sort of representation of the links in > incoming HTML email. I would never send HTML email. Not quite sure what you mean with "representation" of links ... in most cases of *human typed* HTML e-mails, there's a MIME multipart/alternative text/plain part where links' URLs appear as part of the text. However, generating the plaintext part is done by the *senders'* MUAs, your own merely decides over whether the URL is recognized as such and made *clickable*, rather than needing to be copy-pasted into your browser. >> I switched from tkRat (a.k.a. ratatosk) to Thunderbird when I had a >> need to do "detached IMAP" (and tkRat repeatedly trashed my entire >> INBOX when I tried). > > Did the corruption happen when you messed with it to try to work > offline, or do you mean that usage during failure to connect caused > corruption? Did it corrupt the IMAP you were trying to connect to, or > just a cache? It had official support for the setup (might even be where I saw the term "detached IMAP"). Never had a problem with it and the original (online) IMAP mode, but within ... a little less than a year IIRC after switching, I found the server-side INBOX *completely empty* thrice. (While being connected to the server, of course.) > I have over 620K emails in over 1000 folders. This turns Thunderbird > into an all day affair, just to refresh its caches. Yeah, I can see that. I'm at about 1/6 of that, thanks to moving busy folders' back-years *off* the IMAP server and into Thunderbird-style "Local Folders" (which then can be copied to several places, as they supposedly do not *change* anymore). Takes TB a couple hours to resync when the cache has a problem - luckily, it does so in the background, and I tend to spend entire workdays sitting in just *one* place. Note that TB *does* have controls to limit the local cache by age and message size, though. And that you can disable the local cache on a folder-by-folder basis. Kind regards, -- Jochen Bern Systemingenieur Fon: +49 6151 9067-231 Fax: +49 6151 9067-290 E-Mail: jochen.bern at binect.de -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4278 bytes Desc: S/MIME Cryptographic Signature URL: From hs at schlittermann.de Thu Nov 17 21:33:49 2016 From: hs at schlittermann.de (Heiko Schlittermann) Date: Thu, 17 Nov 2016 22:33:49 +0100 Subject: Exim still accepting emails to nonexistent users In-Reply-To: <1F9CEC86-7EE0-4FD4-B68E-7AF082FE2B93@gmail.com> References: <1F9CEC86-7EE0-4FD4-B68E-7AF082FE2B93@gmail.com> Message-ID: <20161117213349.GA29010@jumper.schlittermann.de> Hi, Marti Markov (Mi 16 Nov 2016 04:28:28 CET): > After adding the configuration bit: > > deny > message = invalid recipient > domains = +local_domains > !verify = recipient/callout=no_cache > > from: http://wiki2.dovecot.org/LMTP/Exim running update-exim4.conf and service exim4 restart > > the server is still accepting emails to recipients that do not exist in dovecot. How is the router, targeting the messages to dovecot, configured? And how the transport, responsible for the delivery to dovecot? Best regards from Dresden/Germany Viele Gr??e aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---------------------------- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --------------- key ID: F69376CE - ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ - -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: Digital signature URL: From dovecot at allycomm.com Thu Nov 17 22:42:31 2016 From: dovecot at allycomm.com (Jeff Kletsky) Date: Thu, 17 Nov 2016 14:42:31 -0800 Subject: Generalized looping possible in pigeonhole sieve? Message-ID: <0baede17-0005-7c66-c0a3-4278b50dc1b7@wagsky.com> I'm struggling to achieve the kind of filtering with sieve that I was able to do with procmail. TL;DR I'd like a way to loop through a set of (address, destination) pairs in sieve so that I can maintain the (address, destination) pairs in one place and not have to explicitly write scores of nearly identical [...] if address :matches ["From", "Sender", "To", "Cc"] "address53" { fileinto "destination53" } if address :matches ["From", "Sender", "To", "Cc"] "address54" { fileinto "destination54" } [...] Longer: I've been using a table-based dispatch approach with procmail for years and it was working reasonably well. The approach uses list of pairs of address and destination boxes and doing a lookup based on the message to be delivered. With procmail, I collected the list of addresses and passed them to external scripts to do the lookup. If I just had a dozen boxes that I deal with, that would be straightforward to implement and maintain in sieve. As the list is an order of magnitude greater than that, maintaining the list of pairs in an external file and programmatically looping through it is a lot easier. I've looked at vnd.dovecot.execute and it certainly can return a destination box name given the input information. Unfortunately, the construct of (for example) address :matches "To" "*"' only returns the first address, not the list of addresses. I can't see a good way to get all the addressees from sieve to pass to the external program. If I have to pass the message (or at least the interesting headers) to the external program and then parse the address list myself, then I'm nearly all the way to just using a full-on external program to parse the whole message. While I'm not adverse to writing the whole thing in Python (or the like) and just using sieve as a thin shell, I'd like to make sure I'm not missing something in sieve. One way to achieve this would be to be able to loop through the pairs and using variable substitution for each iteration. I haven't seen anything in Dovecot Pigeonhole sieve that allows this. If you have any ideas on how to harness sieve for this, I'd appreciate it! Jeff From larryrtx at gmail.com Thu Nov 17 23:30:44 2016 From: larryrtx at gmail.com (Larry Rosenman) Date: Thu, 17 Nov 2016 17:30:44 -0600 Subject: Generalized looping possible in pigeonhole sieve? In-Reply-To: <0baede17-0005-7c66-c0a3-4278b50dc1b7@wagsky.com> References: <0baede17-0005-7c66-c0a3-4278b50dc1b7@wagsky.com> Message-ID: Sieve EXPLICITLY does NOT have a looping construct. On Thu, Nov 17, 2016 at 4:42 PM, Jeff Kletsky wrote: > I'm struggling to achieve the kind of filtering with sieve that I was able > to do with procmail. > > TL;DR > > I'd like a way to loop through a set of (address, destination) pairs in > sieve so that I can maintain the (address, destination) pairs in one place > and not have to explicitly write scores of nearly identical > > [...] > > if address :matches ["From", "Sender", "To", "Cc"] "address53" { > fileinto "destination53" > } > > if address :matches ["From", "Sender", "To", "Cc"] "address54" { > fileinto "destination54" > } > > [...] > > > Longer: > > I've been using a table-based dispatch approach with procmail for years > and it was working reasonably well. > > The approach uses list of pairs of address and destination boxes and doing > a lookup based on the message to be delivered. With procmail, I collected > the list of addresses and passed them to external scripts to do the lookup. > > If I just had a dozen boxes that I deal with, that would be > straightforward to implement and maintain in sieve. As the list is an order > of magnitude greater than that, maintaining the list of pairs in an > external file and programmatically looping through it is a lot easier. > > I've looked at vnd.dovecot.execute and it certainly can return a > destination box name given the input information. > > Unfortunately, the construct of (for example) > > address :matches "To" "*"' > > only returns the first address, not the list of addresses. > > I can't see a good way to get all the addressees from sieve to pass to the > external program. If I have to pass the message (or at least the > interesting headers) to the external program and then parse the address > list myself, then I'm nearly all the way to just using a full-on external > program to parse the whole message. > > While I'm not adverse to writing the whole thing in Python (or the like) > and just using sieve as a thin shell, I'd like to make sure I'm not missing > something in sieve. > > One way to achieve this would be to be able to loop through the pairs and > using variable substitution for each iteration. I haven't seen anything in > Dovecot Pigeonhole sieve that allows this. > > If you have any ideas on how to harness sieve for this, I'd appreciate it! > > > Jeff > -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From dovecot at allycomm.com Fri Nov 18 00:20:20 2016 From: dovecot at allycomm.com (Jeff Kletsky) Date: Thu, 17 Nov 2016 16:20:20 -0800 Subject: Any way to simplify repeated use of same string-list? Message-ID: I often use the same set of header names when doing an 'address' comparison. I would prefer to be able to specify that once, then re-use it in several places. As an example set "address_mailman_fields" "\"To\", \"Cc\", \"From\", \"Errors-To\""; if address :domain :matches ["${address_mailman_fields}"] "example.com" { [...] } if address :domain :matches ["${address_mailman_fields}"] "dovecot.org" { [...] } or the like would be quite helpful. From what I can tell, even though the variable interpolation *looks* like a string-list, it isn't parsed as such. For example, from sieve-test output: sieve-test(jeff): Debug: Mailbox Opened mail UID=1 because: header "To", "Cc", "From", "Errors-To" (Cache file is unusable) testing: line 27: info: DEBUG: address ["${address_mailman_fields}"] didn't match. sieve-test(jeff): Debug: Mailbox Opened mail UID=1 because: header ["To", "Cc", "From", "Errors-To"] (Cache file is unusable) testing: line 34: info: DEBUG: address "[${address_mailman_fields}]" didn't match. Is there any trick available to specify a string-list once, then re-use it throughout the script? Thanks, Jeff From slitt at troubleshooters.com Fri Nov 18 00:49:31 2016 From: slitt at troubleshooters.com (Steve Litt) Date: Thu, 17 Nov 2016 19:49:31 -0500 Subject: Good email client to use with Dovecot? In-Reply-To: References: <20161117024852.0758af1e@mydesk.domain.cxm> Message-ID: <20161117194931.132a0f2d@mydesk.domain.cxm> On Thu, 17 Nov 2016 08:52:11 +0100 (CET) Steffen Kaiser wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Thu, 17 Nov 2016, Steve Litt wrote: > > > What email clients are all of you using to look at your IMAP > > email? > > https://de.wikipedia.org/wiki/Alpine_(E-Mail-Programm) > > :-) Thanks Steffen, I installed Alpine and got it to work as a window to my Dovecot IMAP server, but I could only "import" one mailbox at a time, and as I mentioned earlier: [slitt at mydesk ~]$ find /home/slitt/mail/Maildir -type d | wc -l 1254 [slitt at mydesk ~]$ These mailboxes are several levels deep, such as: .OLDFOLDERS.in.2012. I have a few questions: * How does one import *all* folders from the Dovecot server at once, without repeatedly typing in 192.168.100.2/ssl/user=slitt and all the rest of the process? * Is there a way of viewing my folder hierarchy hierarchically, including collapse and expand? * How does one manually expunge an email previously marked for deletion? I know it's possible because one config item is "*only* expunge manually." Is there a way of expunging ranges of emails? * How does one switch the sort order while in the folder list or the message list? * And most important, where can I find the best, most unambiguous Alpine documentation, that doesn't assume I know anything about Alpine? Thanks, SteveT Steve Litt November 2016 featured book: Quit Joblessness: Start Your Own Business http://www.troubleshooters.com/startbiz From lists at lazygranch.com Fri Nov 18 02:07:15 2016 From: lists at lazygranch.com (lists at lazygranch.com) Date: Thu, 17 Nov 2016 18:07:15 -0800 Subject: Good email client to use with Dovecot? In-Reply-To: <15b863e0-b997-aa93-1c24-d164a361858c@domblogger.net> References: <20161117024852.0758af1e@mydesk.domain.cxm> <15b863e0-b997-aa93-1c24-d164a361858c@domblogger.net> Message-ID: <20161118020715.5501012.73904.16652@lazygranch.com> FWIW, I use claws, which is about the only one not mentioned.? I don't like Thunderbird. For one thing, it is in caretaker status. Mozilla believes Web based mail is the "future." I rather not run roundcube, given I got hacked via an unpatched roundcube ?back when I was using a hosting company. ? Webmail just increases your attack surface.? From me at junc.eu Fri Nov 18 02:35:17 2016 From: me at junc.eu (Benny Pedersen) Date: Fri, 18 Nov 2016 03:35:17 +0100 Subject: Good email client to use with Dovecot? In-Reply-To: <20161118020715.5501012.73904.16652@lazygranch.com> References: <20161117024852.0758af1e@mydesk.domain.cxm> <15b863e0-b997-aa93-1c24-d164a361858c@domblogger.net> <20161118020715.5501012.73904.16652@lazygranch.com> Message-ID: <9104f185d780cd2c22112a82b9abd4f7@junc.eu> lists at lazygranch.com skrev den 2016-11-18 03:07: > FWIW, I use claws, which is about the only one not mentioned.? lets see if dovecot will be webmail ng someday > I don't like Thunderbird. sadly > For one thing, it is in caretaker status. what ? > Mozilla believes Web based mail is the "future." do you have references for this somewhere ? > I rather not run > roundcube, given I got hacked via an unpatched roundcube unpatched is allways good, problems come when non default and mostly custom plugins is not tested, keep plain roundcube should not be a problem more then a claws client that is not patched > back when I > was using a hosting company. nothing happended since then ? > ? Webmail just increases your attack > surface.? so what is the solution ?, going offline ? From lists at lazygranch.com Fri Nov 18 04:03:37 2016 From: lists at lazygranch.com (lists at lazygranch.com) Date: Thu, 17 Nov 2016 20:03:37 -0800 Subject: Good email client to use with Dovecot? In-Reply-To: <9104f185d780cd2c22112a82b9abd4f7@junc.eu> References: <20161117024852.0758af1e@mydesk.domain.cxm> <15b863e0-b997-aa93-1c24-d164a361858c@domblogger.net> <20161118020715.5501012.73904.16652@lazygranch.com> <9104f185d780cd2c22112a82b9abd4f7@junc.eu> Message-ID: <20161118040337.5501012.51227.16656@lazygranch.com> Claws is an active project.? I became roundcube free when I set up my own mail server. ? I simply use an email client rather than a browser. Browsers can leak. Comments about the retired TB: ?https://blog.mozilla.org/thunderbird/ -------------------- Practically what this means is that in 2016, Thunderbird will finally be able to accept donations from users directed toward the update and maintenance of Thunderbird. In the long run, Thunderbird needs to rely on our users for support, and not expect to be subsidized by revenue from Firefox. We welcome this help from the Mozilla Foundation in moving toward our goal of developing independent sources of income for Thunderbird. In the technical part of that post, Mitchell reiterated that Mozilla needs to be laser-focused on Firefox, and that the burden this places on Thunderbird (as well as the burden that Thunderbird places on Firefox) is leading to unacceptable outcomes for both projects. The most immediate need is for the Thunderbird release infrastructure to be independent of that used by Firefox, and Mozilla has offered to help. In the long-term, there will be additional technical separation between Firefox and Thunderbird as a continuation of a process that has been ongoing for the last three years. ------------------ ? Original Message ? From: Benny Pedersen Sent: Thursday, November 17, 2016 6:36 PM To: dovecot at dovecot.org Reply To: Dovecot Mailing List Subject: Re: Good email client to use with Dovecot? lists at lazygranch.com skrev den 2016-11-18 03:07: > FWIW, I use claws, which is about the only one not mentioned.? lets see if dovecot will be webmail ng someday > I don't like Thunderbird. sadly > For one thing, it is in caretaker status. what ? > Mozilla believes Web based mail is the "future." do you have references for this somewhere ? > I rather not run > roundcube, given I got hacked via an unpatched roundcube unpatched is allways good, problems come when non default and mostly custom plugins is not tested, keep plain roundcube should not be a problem more then a claws client that is not patched > back when I > was using a hosting company. nothing happended since then ? > ? Webmail just increases your attack > surface.? so what is the solution ?, going offline ? From slitt at troubleshooters.com Fri Nov 18 05:31:43 2016 From: slitt at troubleshooters.com (Steve Litt) Date: Fri, 18 Nov 2016 00:31:43 -0500 Subject: Good email client to use with Dovecot? In-Reply-To: <20161118020715.5501012.73904.16652@lazygranch.com> References: <20161117024852.0758af1e@mydesk.domain.cxm> <15b863e0-b997-aa93-1c24-d164a361858c@domblogger.net> <20161118020715.5501012.73904.16652@lazygranch.com> Message-ID: <20161118003143.1b4ff1ea@mydesk.domain.cxm> On Thu, 17 Nov 2016 18:07:15 -0800 lists at lazygranch.com wrote: > FWIW, I use claws, which is about the only one not mentioned.? > > I don't like Thunderbird. For one thing, it is in caretaker status. > Mozilla believes Web based mail is the "future." I rather not run > roundcube, given I got hacked via an unpatched roundcube ?back when I > was using a hosting company. ? Webmail just increases your attack > surface.? Thanks. My reason for exploring Alpine is I'm moving away from Claws, for non-technical reasons I won't burden this list with. Thanks, SteveT Steve Litt November 2016 featured book: Quit Joblessness: Start Your Own Business http://www.troubleshooters.com/startbiz From aki.tuomi at dovecot.fi Fri Nov 18 07:02:07 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Fri, 18 Nov 2016 09:02:07 +0200 Subject: BUG: nopassword doesn't work with CRAM-MD5 In-Reply-To: References: <201611170914.03006.arekm@maven.pl> <84438157-4481-39a4-a491-1eb70c32c792@dovecot.fi> <201611170930.44557.arekm@maven.pl> Message-ID: <4ba65953-7c9b-6bbb-7860-8b0bab99102f@dovecot.fi> On 17.11.2016 10:49, Adrian POPA wrote: > On 17.11.2016 10:30, Arkadiusz Mi?kiewicz wrote: >> On Thursday 17 of November 2016, Aki Tuomi wrote: >>> On 17.11.2016 10:14, Arkadiusz Mi?kiewicz wrote: >>>> Hello. >>>> >>>> dovecot 2.2.26.0 >>>> >>>> When testing nopassword extra field >>>> (http://wiki2.dovecot.org/PasswordDatabase/ExtraFields) with CRAM-MD5 >>>> dovecot doesn't allow any password (while it should) and returns >>>> >>>> " Authentication failed" >>>> >>>> while in logs: >>>> >>>> Nov 17 08:22:34 auth-worker(1551): Info: >>>> sql(pepe,127.0.0.1,): Requested CRAM-MD5 scheme, >>>> but we >>>> have a NULL password >>>> >>>> NULL is there because our sql query returns empty password just >>>> like wiki >>>> says "nopassword: you want to allow all passwords, use an empty >>>> password and this field. " >>>> >>>> >>>> If password is returned in sql query then it fails, too: >>>> >>>> Nov 17 09:00:49 auth-worker(2206): Error: >>>> sql(pepe,127.0.0.1,): nopassword set but password is >>>> non- empty >>>> >>>> So looks to be a bug. >>> It's not a bug. CRAM-MD5 does in fact require *some* password to work, >> Provide fake/random one for nopassword internally. >> >>> you can either store it with doveadm pw -S CRAM-MD5 or as plain text >>> password. >> Then I get >> >>>> sql(pepe,127.0.0.1,): nopassword set but password is >>>> non- empty >> So that doesn't help >> >> btw. doveadm pw -S is not documented, so no idea what it does >> >>> Aki > Sorry to bump into your conversation but Aki is defending too hard > something that is realy a bug. > I have signaled myself this issue in the "very old" version 2.2.9(!) > nopassword means ANY password (including none). One cannot store > something like ANY with doveadm, SQL or anything. > So with "nopassword" the query should simply ignore the password field > (missing, NULL or set to anything else). > Why would an user login with nopassword? This is an administrator > decision and is not subject for comments. > My problem was with LDA who refuses to store mail in INBOX if the user > is not properly authenticated (nopassword) so you cannot receive mails > for "hidden" users that cannot login, maybe to redirect mails later or > do some other things with. > > Adrian You can also, if you are using nopassword flag, abstain from actually returning any field called 'password' from your SQL database. The reason this check is done is to ensure that you know what you are doing. We do not want to prevent you from logging in w/o password, that's fine for us and it will work just as you want as long as you do not return 'password' attribute from your database. Aki From Andreas.Kalex at gmx.de Fri Nov 18 07:06:04 2016 From: Andreas.Kalex at gmx.de (Andreas Kalex) Date: Fri, 18 Nov 2016 07:06:04 +0000 Subject: Good email client to use with Dovecot? In-Reply-To: <20161118003143.1b4ff1ea@mydesk.domain.cxm> References: <20161117024852.0758af1e@mydesk.domain.cxm> <15b863e0-b997-aa93-1c24-d164a361858c@domblogger.net> <20161118020715.5501012.73904.16652@lazygranch.com> <20161118003143.1b4ff1ea@mydesk.domain.cxm> Message-ID: since years mutt, 'cause it really sucks. I tried TB or claws, evolution, opera but always returned to mutt. Am 18. November 2016 06:31:43 MEZ, schrieb Steve Litt : >On Thu, 17 Nov 2016 18:07:15 -0800 >lists at lazygranch.com wrote: > >> FWIW, I use claws, which is about the only one not mentioned.? >> >> I don't like Thunderbird. For one thing, it is in caretaker status. >> Mozilla believes Web based mail is the "future." I rather not run >> roundcube, given I got hacked via an unpatched roundcube ?back when I >> was using a hosting company. ? Webmail just increases your attack >> surface.? > >Thanks. > >My reason for exploring Alpine is I'm moving away from Claws, for >non-technical reasons I won't burden this list with. > >Thanks, > >SteveT > >Steve Litt >November 2016 featured book: Quit Joblessness: Start Your Own Business >http://www.troubleshooters.com/startbiz From lists at lazygranch.com Fri Nov 18 07:16:31 2016 From: lists at lazygranch.com (lists at lazygranch.com) Date: Thu, 17 Nov 2016 23:16:31 -0800 Subject: Good email client to use with Dovecot? In-Reply-To: References: <20161117024852.0758af1e@mydesk.domain.cxm> <15b863e0-b997-aa93-1c24-d164a361858c@domblogger.net> <20161118020715.5501012.73904.16652@lazygranch.com> <20161118003143.1b4ff1ea@mydesk.domain.cxm> Message-ID: <20161118071631.5501012.84700.16662@lazygranch.com> So does mutt suck or not? ? Original Message ? From: Andreas Kalex Sent: Thursday, November 17, 2016 11:06 PM To: Dovecot Mailing List Subject: Re: Good email client to use with Dovecot? since years mutt, 'cause it really sucks. I tried TB or claws, evolution, opera but always returned to mutt. Am 18. November 2016 06:31:43 MEZ, schrieb Steve Litt : >On Thu, 17 Nov 2016 18:07:15 -0800 >lists at lazygranch.com wrote: > >> FWIW, I use claws, which is about the only one not mentioned.? >> >> I don't like Thunderbird. For one thing, it is in caretaker status. >> Mozilla believes Web based mail is the "future." I rather not run >> roundcube, given I got hacked via an unpatched roundcube ?back when I >> was using a hosting company. ? Webmail just increases your attack >> surface.? > >Thanks. > >My reason for exploring Alpine is I'm moving away from Claws, for >non-technical reasons I won't burden this list with. > >Thanks, > >SteveT > >Steve Litt >November 2016 featured book: Quit Joblessness: Start Your Own Business >http://www.troubleshooters.com/startbiz From robertkwild at gmail.com Fri Nov 18 07:22:13 2016 From: robertkwild at gmail.com (robert k Wild) Date: Fri, 18 Nov 2016 07:22:13 +0000 Subject: Good email client to use with Dovecot? In-Reply-To: <20161118071631.5501012.84700.16662@lazygranch.com> References: <20161117024852.0758af1e@mydesk.domain.cxm> <15b863e0-b997-aa93-1c24-d164a361858c@domblogger.net> <20161118020715.5501012.73904.16652@lazygranch.com> <20161118003143.1b4ff1ea@mydesk.domain.cxm> <20161118071631.5501012.84700.16662@lazygranch.com> Message-ID: Look up "roundcube", really straight forward configuration, once installed type in the IP of your server publishing it on a web browser and it will walk you through configuring it On 18 Nov 2016 07:16, wrote: > So does mutt suck or not? > > Original Message > From: Andreas Kalex > Sent: Thursday, November 17, 2016 11:06 PM > To: Dovecot Mailing List > Subject: Re: Good email client to use with Dovecot? > > since years mutt, 'cause it really sucks. > I tried TB or claws, evolution, opera but always returned to mutt. > > > > Am 18. November 2016 06:31:43 MEZ, schrieb Steve Litt < > slitt at troubleshooters.com>: > >On Thu, 17 Nov 2016 18:07:15 -0800 > >lists at lazygranch.com wrote: > > > >> FWIW, I use claws, which is about the only one not mentioned. > >> > >> I don't like Thunderbird. For one thing, it is in caretaker status. > >> Mozilla believes Web based mail is the "future." I rather not run > >> roundcube, given I got hacked via an unpatched roundcube back when I > >> was using a hosting company. ? Webmail just increases your attack > >> surface. > > > >Thanks. > > > >My reason for exploring Alpine is I'm moving away from Claws, for > >non-technical reasons I won't burden this list with. > > > >Thanks, > > > >SteveT > > > >Steve Litt > >November 2016 featured book: Quit Joblessness: Start Your Own Business > >http://www.troubleshooters.com/startbiz > From lists at lazygranch.com Fri Nov 18 07:33:30 2016 From: lists at lazygranch.com (lists at lazygranch.com) Date: Thu, 17 Nov 2016 23:33:30 -0800 Subject: Good email client to use with Dovecot? In-Reply-To: References: <20161117024852.0758af1e@mydesk.domain.cxm> <15b863e0-b997-aa93-1c24-d164a361858c@domblogger.net> <20161118020715.5501012.73904.16652@lazygranch.com> <20161118003143.1b4ff1ea@mydesk.domain.cxm> <20161118071631.5501012.84700.16662@lazygranch.com> Message-ID: <20161118073330.5501012.62894.16668@lazygranch.com> https://www.cvedetails.com/vulnerability-list/vendor_id-8905/Roundcube.html ? Original Message ? From: robert k Wild Sent: Thursday, November 17, 2016 11:22 PM To: lists at lazygranch.com Reply To: Dovecot Mailing List Cc: Andreas Kalex; dovecot at dovecot.org Subject: Re: Good email client to use with Dovecot? Look up "roundcube", really straight forward configuration, once installed type in the IP of your server publishing it on a web browser and it will walk you through configuring it On 18 Nov 2016 07:16, wrote: > So does mutt suck or not? > > Original Message > From: Andreas Kalex > Sent: Thursday, November 17, 2016 11:06 PM > To: Dovecot Mailing List > Subject: Re: Good email client to use with Dovecot? > > since years mutt, 'cause it really sucks. > I tried TB or claws, evolution, opera but always returned to mutt. > > > > Am 18. November 2016 06:31:43 MEZ, schrieb Steve Litt < > slitt at troubleshooters.com>: > >On Thu, 17 Nov 2016 18:07:15 -0800 > >lists at lazygranch.com wrote: > > > >> FWIW, I use claws, which is about the only one not mentioned. > >> > >> I don't like Thunderbird. For one thing, it is in caretaker status. > >> Mozilla believes Web based mail is the "future." I rather not run > >> roundcube, given I got hacked via an unpatched roundcube back when I > >> was using a hosting company. ? Webmail just increases your attack > >> surface. > > > >Thanks. > > > >My reason for exploring Alpine is I'm moving away from Claws, for > >non-technical reasons I won't burden this list with. > > > >Thanks, > > > >SteveT > > > >Steve Litt > >November 2016 featured book: Quit Joblessness: Start Your Own Business > >http://www.troubleshooters.com/startbiz > From lists at sander85.eu Fri Nov 18 08:01:41 2016 From: lists at sander85.eu (Sander Lepik) Date: Fri, 18 Nov 2016 10:01:41 +0200 Subject: Panic: file dsync-brain-mailbox.c: line 814 ... In-Reply-To: References: Message-ID: <9265ff35-f15c-dcde-8afe-5d3d6d22cc4e@sander85.eu> 17.11.2016 11:01 Sander Lepik kirjutas: > Hi! > > We have 2 servers replicating each other and after upgrade to 2.2.26.0 > we are seeing this in the logs: > > Primary server: > > Nov 17 09:37:39 mailhost01 dovecot: dsync-server(user at domain.ee): Panic: > file dsync-brain-mailbox.c: line 814 (dsync_brain_slave_recv_mailbox): > assertion failed: (memcmp(dsync_box->mailbox_guid, > local_dsync_box.mailbox_guid, sizeof(dsync_box->mailbox_guid)) == 0) > Nov 17 09:37:39 mailhost01 dovecot: dsync-server(user at domain.ee): Error: > Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x9438e) > [0x7f3ccceb238e] -> /usr/lib/dovecot/libdovecot.so.0(+0x9447c) > [0x7f3ccceb247c] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) > [0x7f3ccce4ba4e] -> > dovecot/doveadm-server(dsync_brain_slave_recv_mailbox+0x3d8) > [0x7f3ccd8f66f8] -> dovecot/doveadm-server(dsync_brain_run+0x650) > [0x7f3ccd8f4110] -> dovecot/doveadm-server(+0x4143b) [0x7f3ccd8f443b] -> > dovecot/doveadm-server(+0x5735f) [0x7f3ccd90a35f] -> > /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x4c) [0x7f3cccec6bdc] > -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0x10a) > [0x7f3cccec809a] -> > /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x25) > [0x7f3cccec6c65] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x38) > [0x7f3cccec6e08] -> dovecot/doveadm-server(+0x26b99) [0x7f3ccd8d9b99] -> > dovecot/doveadm-server(+0x28efc) [0x7f3ccd8dbefc] -> > dovecot/doveadm-server(+0x3daba) [0x7f3ccd8f0aba] -> > /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x4c) [0x7f3cccec6bdc] > -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0x10a) > [0x7f3cccec809a] -> > /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x25) > [0x7f3cccec6c65] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x38) > [0x7f3cccec6e08] -> > /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13) > [0x7f3ccce51f53] -> dovecot/doveadm-server(main+0x19f) [0x7f3ccd8ccdef] > -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5) > [0x7f3ccca94b45] -> dovecot/doveadm-server(+0x19ea6) [0x7f3ccd8ccea6] > Nov 17 09:37:39 mailhost01 dovecot: dsync-server(user at domain.ee): Fatal: > master: service(doveadm): child 42621 killed with signal 6 (core dumps > disabled) Looking at the logs more deeply we can see that it's pretty sure that it was automatic full resync causing this error. But if that's the case then replicator's status is giving wrong info. It shows that full sync was successful and nothing failed - the process crashed and there were no more retries in the logs - how can it be successful? -- Sander From p at sys4.de Fri Nov 18 08:14:18 2016 From: p at sys4.de (Patrick Ben Koetter) Date: Fri, 18 Nov 2016 09:14:18 +0100 Subject: Good email client to use with Dovecot? In-Reply-To: <20161118071631.5501012.84700.16662@lazygranch.com> References: <20161117024852.0758af1e@mydesk.domain.cxm> <15b863e0-b997-aa93-1c24-d164a361858c@domblogger.net> <20161118020715.5501012.73904.16652@lazygranch.com> <20161118003143.1b4ff1ea@mydesk.domain.cxm> <20161118071631.5501012.84700.16662@lazygranch.com> Message-ID: <20161118081418.GB8755@sys4.de> * lists at lazygranch.com : > So does mutt suck or not? If you work with vi and like it, chances are you will also like mutt. Personally I *love* mutt! No extra fat. Always on the spot. It is "liberal in what it receives and conservative in how it sends". Since it is command line program, I can run it almost everywhere. It supports local mailboxes, SMTP, POP and IMAP as well as S/MIME and PGP. You can highly customize it, if you want to with rules per folder, per sender adress etc. pp. Just like vi it takes a while until you have internalized the (invisible) interface. Once you've moved beyond that point you will experience an enormous boost in efficency. If you want to, ping me offline and I will share my mutt config. That should make it easier to start using it. p at rick > ? Original Message ? > From: Andreas Kalex > Sent: Thursday, November 17, 2016 11:06 PM > To: Dovecot Mailing List > Subject: Re: Good email client to use with Dovecot? > > since years mutt, 'cause it really sucks. > I tried TB or claws, evolution, opera but always returned to mutt. > > > > Am 18. November 2016 06:31:43 MEZ, schrieb Steve Litt : > >On Thu, 17 Nov 2016 18:07:15 -0800 > >lists at lazygranch.com wrote: > > > >> FWIW, I use claws, which is about the only one not mentioned.? > >> > >> I don't like Thunderbird. For one thing, it is in caretaker status. > >> Mozilla believes Web based mail is the "future." I rather not run > >> roundcube, given I got hacked via an unpatched roundcube ?back when I > >> was using a hosting company. ? Webmail just increases your attack > >> surface.? > > > >Thanks. > > > >My reason for exploring Alpine is I'm moving away from Claws, for > >non-technical reasons I won't burden this list with. > > > >Thanks, > > > >SteveT > > > >Steve Litt > >November 2016 featured book: Quit Joblessness: Start Your Own Business > >http://www.troubleshooters.com/startbiz -- [*] sys4 AG https://sys4.de, +49 (89) 30 90 46 64 Schlei?heimer Stra?e 26/MG,80333 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From lists at lazygranch.com Fri Nov 18 08:25:09 2016 From: lists at lazygranch.com (lists at lazygranch.com) Date: Fri, 18 Nov 2016 00:25:09 -0800 Subject: Good email client to use with Dovecot? In-Reply-To: <20161118081418.GB8755@sys4.de> References: <20161117024852.0758af1e@mydesk.domain.cxm> <15b863e0-b997-aa93-1c24-d164a361858c@domblogger.net> <20161118020715.5501012.73904.16652@lazygranch.com> <20161118003143.1b4ff1ea@mydesk.domain.cxm> <20161118071631.5501012.84700.16662@lazygranch.com> <20161118081418.GB8755@sys4.de> Message-ID: <20161118082509.5501012.23229.16672@lazygranch.com> I like vi (really vim), but I'm OK with Claws. I do most of my email on a BlackBerry. (No, really.) ? Original Message ? From: Patrick Ben Koetter Sent: Friday, November 18, 2016 12:15 AM To: dovecot at dovecot.org Subject: Re: Good email client to use with Dovecot? * lists at lazygranch.com : > So does mutt suck or not? If you work with vi and like it, chances are you will also like mutt. Personally I *love* mutt! No extra fat. Always on the spot. It is "liberal in what it receives and conservative in how it sends". Since it is command line program, I can run it almost everywhere. It supports local mailboxes, SMTP, POP and IMAP as well as S/MIME and PGP. You can highly customize it, if you want to with rules per folder, per sender adress etc. pp. Just like vi it takes a while until you have internalized the (invisible) interface. Once you've moved beyond that point you will experience an enormous boost in efficency. If you want to, ping me offline and I will share my mutt config. That should make it easier to start using it. p at rick > ? Original Message ? > From: Andreas Kalex > Sent: Thursday, November 17, 2016 11:06 PM > To: Dovecot Mailing List > Subject: Re: Good email client to use with Dovecot? > > since years mutt, 'cause it really sucks. > I tried TB or claws, evolution, opera but always returned to mutt. > > > > Am 18. November 2016 06:31:43 MEZ, schrieb Steve Litt : > >On Thu, 17 Nov 2016 18:07:15 -0800 > >lists at lazygranch.com wrote: > > > >> FWIW, I use claws, which is about the only one not mentioned.? > >> > >> I don't like Thunderbird. For one thing, it is in caretaker status. > >> Mozilla believes Web based mail is the "future." I rather not run > >> roundcube, given I got hacked via an unpatched roundcube ?back when I > >> was using a hosting company. ? Webmail just increases your attack > >> surface.? > > > >Thanks. > > > >My reason for exploring Alpine is I'm moving away from Claws, for > >non-technical reasons I won't burden this list with. > > > >Thanks, > > > >SteveT > > > >Steve Litt > >November 2016 featured book: Quit Joblessness: Start Your Own Business > >http://www.troubleshooters.com/startbiz -- [*] sys4 AG https://sys4.de, +49 (89) 30 90 46 64 Schlei?heimer Stra?e 26/MG,80333 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From skdovecot at smail.inf.fh-brs.de Fri Nov 18 09:45:22 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 18 Nov 2016 10:45:22 +0100 (CET) Subject: Good email client to use with Dovecot? In-Reply-To: <20161117194931.132a0f2d@mydesk.domain.cxm> References: <20161117024852.0758af1e@mydesk.domain.cxm> <20161117194931.132a0f2d@mydesk.domain.cxm> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 17 Nov 2016, Steve Litt wrote: > On Thu, 17 Nov 2016 08:52:11 +0100 (CET) > Steffen Kaiser wrote: >> On Thu, 17 Nov 2016, Steve Litt wrote: >> >>> What email clients are all of you using to look at your IMAP >>> email? >> >> https://de.wikipedia.org/wiki/Alpine_(E-Mail-Programm) >> >> :-) > > I installed Alpine and got it to work as a window to my Dovecot IMAP > server, but I could only "import" one mailbox at a time, and as I actually, Alpine does not cache anything locally, hence, it does not import. You select one mailbox and work with it. Then change the mailbox using G or L. > * How does one import *all* folders from the Dovecot server at once, > without repeatedly typing in 192.168.100.2/ssl/user=slitt and all the > rest of the process? You add a new collection via S L > * Is there a way of viewing my folder hierarchy hierarchically, > including collapse and expand? Not really. L gets you to the collection list, where you enter one hierarchie at a time. > * How does one manually expunge an email previously marked for > deletion? I know it's possible because one config item is "*only* > expunge manually." Is there a way of expunging ranges of emails? (Al)Pine is merely a front-end for IMAP, see https://tools.ietf.org/html/rfc3501#section-6.4.3 eXpunge (X) key issues this command: "The EXPUNGE command permanently removes all messages that have the \Deleted flag set from the currently selected mailbox. Before returning an OK to the client, an untagged EXPUNGE response is sent for each message that is removed." Hence, all messages, that have the \Deleted flag, are expunged by X. "expunge manually" means, that Pine does not expunge a mailbox on exit automatically. In fact, instead of mark many messages as \Deleted, move them somewhere else. Instead of using the Deleted keyword (tag, flag, ...), use another, possble self-created keyword, s. https://www.washington.edu/alpine/tech-notes/config.html#keywords . Mark them, then ;k ENTER adx ; - select k - by Keyword a - Apply (next command to all selected messages) d - mark as \Deleted x - eXpunge all messages marked as deleted > * How does one switch the sort order while in the folder list or the > message list? You mean $ in the message list? The folder list is fixed, as far as I know; maybe the global option https://www.washington.edu/alpine/tech-notes/config.html#folder-sort-rule effects this view. I usully use G to changes folders / mailboxes. > * And most important, where can I find the best, most unambiguous > Alpine documentation, that doesn't assume I know anything about > Alpine? Hmm, http://roqet.org/pine.html Getting started with config http://www.ii.com/internet/messaging/pine/ All About PINE ;-) https://www.washington.edu/alpine/ https://www.washington.edu/pine/ - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBWC7Nsnz1H7kL/d9rAQISwQf8D4JQ3zxD4RTTzjejcfEhpLqQnGIlVLjr GgXFDirv3t33BaUyCNzxzAjieEIuJxL6Kt71NclkQEhBzdt5I5xGNN1fVhp2QDFy 6QA6bPy1w1gyMi54pLlyIP0+NQi8j9cpfOubXYD3LNoFS7NB2E2kRd+4wzCJxOFc 7oMn2nACLzjQSIVawlP2PuVLif1A2a2b/eoVm0ywNy3NoSMcHnsavfwtkIxZFy5T KPFlerGc3Ha2CzvhW7o64ozNJTOBnmGMQ5+bGkmb+6sukfQYivUUfzZssTuzNksE A+h1BvcTnMGbsxF270s+PoKfvyqmyvxykN8kimEJ2cimTegd7FQbJw== =ijod -----END PGP SIGNATURE----- From mailinglist at darac.org.uk Fri Nov 18 09:49:35 2016 From: mailinglist at darac.org.uk (Darac Marjal) Date: Fri, 18 Nov 2016 09:49:35 +0000 Subject: Generalized looping possible in pigeonhole sieve? In-Reply-To: <0baede17-0005-7c66-c0a3-4278b50dc1b7@wagsky.com> References: <0baede17-0005-7c66-c0a3-4278b50dc1b7@wagsky.com> Message-ID: <20161118094935.667e7kjh45babufh@darac.org.uk> On Thu, Nov 17, 2016 at 02:42:31PM -0800, Jeff Kletsky wrote: >I'm struggling to achieve the kind of filtering with sieve that I was >able to do with procmail. A couple of options that I can think of: If the address is sufficiently like the folder name, you can use sieve's regex capabilities. For example, I convert addresses such as "user+folder at example.com" to "Tagged/Folder" using: require [ "fileinto", "mailbox", "subaddress", "variables", "regex", "envelope"]; if envelope :detail :regex "to" "(.+)" { set :upperfirst :lower "detail" "${1}"; fileinto :create "Tagged/${detail}"; stop; } Another alternative is, if your map of addresses is complex, but doesn't change very often, use a script (such as a Makefile) to generate the sieve script from the map. Then, next time you update the map, you re-run the script which re-writes the sieve file. > >TL;DR > >I'd like a way to loop through a set of (address, destination) pairs >in sieve so that I can maintain the (address, destination) pairs in >one place and not have to explicitly write scores of nearly identical > >[...] > >if address :matches ["From", "Sender", "To", "Cc"] "address53" { > fileinto "destination53" >} > >if address :matches ["From", "Sender", "To", "Cc"] "address54" { > fileinto "destination54" >} > >[...] > > >Longer: > >I've been using a table-based dispatch approach with procmail for >years and it was working reasonably well. > >The approach uses list of pairs of address and destination boxes and >doing a lookup based on the message to be delivered. With procmail, I >collected the list of addresses and passed them to external scripts to >do the lookup. > >If I just had a dozen boxes that I deal with, that would be >straightforward to implement and maintain in sieve. As the list is an >order of magnitude greater than that, maintaining the list of pairs in >an external file and programmatically looping through it is a lot >easier. > >I've looked at vnd.dovecot.execute and it certainly can return a >destination box name given the input information. > >Unfortunately, the construct of (for example) > >address :matches "To" "*"' > >only returns the first address, not the list of addresses. > >I can't see a good way to get all the addressees from sieve to pass to >the external program. If I have to pass the message (or at least the >interesting headers) to the external program and then parse the >address list myself, then I'm nearly all the way to just using a >full-on external program to parse the whole message. > >While I'm not adverse to writing the whole thing in Python (or the >like) and just using sieve as a thin shell, I'd like to make sure I'm >not missing something in sieve. > >One way to achieve this would be to be able to loop through the pairs >and using variable substitution for each iteration. I haven't seen >anything in Dovecot Pigeonhole sieve that allows this. > >If you have any ideas on how to harness sieve for this, I'd appreciate it! > > >Jeff -- For more information, please reread. From tanstaafl at libertytrek.org Fri Nov 18 13:14:02 2016 From: tanstaafl at libertytrek.org (Tanstaafl) Date: Fri, 18 Nov 2016 08:14:02 -0500 Subject: Good email client to use with Dovecot? In-Reply-To: <20161117105829.557e5a9a@mydesk.domain.cxm> References: <20161117024852.0758af1e@mydesk.domain.cxm> <8806bc58-c7ed-79ef-fcec-6df8b8856e74@binect.de> <20161117105829.557e5a9a@mydesk.domain.cxm> Message-ID: On 11/17/2016 10:58 AM, Steve Litt wrote: > I have over 620K emails in over 1000 folders. This turns Thunderbird > into an all day affair, just to refresh its caches. There are lots of knobs you can tweak to improve the situation, but the bottom line is - 1,000 folders (really?!?), 650,000 emails - well... this is going to be a problem for almost any client. From tanstaafl at libertytrek.org Fri Nov 18 13:19:12 2016 From: tanstaafl at libertytrek.org (Tanstaafl) Date: Fri, 18 Nov 2016 08:19:12 -0500 Subject: Good email client to use with Dovecot? In-Reply-To: <20161118040337.5501012.51227.16656@lazygranch.com> References: <20161117024852.0758af1e@mydesk.domain.cxm> <15b863e0-b997-aa93-1c24-d164a361858c@domblogger.net> <20161118020715.5501012.73904.16652@lazygranch.com> <9104f185d780cd2c22112a82b9abd4f7@junc.eu> <20161118040337.5501012.51227.16656@lazygranch.com> Message-ID: On 11/17/2016 11:03 PM, lists at lazygranch.com wrote: > Comments about the retired TB: > ?https://blog.mozilla.org/thunderbird/ > -------------------- > Practically what this means is that in 2016, Thunderbird will finally > be able to accept donations from users directed toward the update and > maintenance of Thunderbird. In the long run, Thunderbird needs to > rely on our users for support, and not expect to be subsidized by > revenue from Firefox. We welcome this help from the Mozilla > Foundation in moving toward our goal of developing independent > sources of income for Thunderbird. The interesting thing is that Thunderbird has seen a lot more bug fixes and improvements since Mozilla 'abandoned' development of it than it ever saw under direct Mozilla 'care'. There are some uncomfortable pain points coming up (deprecation of XUL/XPCOM being the main ones), but I'm confident Thunderbird will emerge victorious, once again. :) From skdovecot at smail.inf.fh-brs.de Fri Nov 18 13:34:11 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 18 Nov 2016 14:34:11 +0100 (CET) Subject: Good email client to use with Dovecot? In-Reply-To: References: <20161117024852.0758af1e@mydesk.domain.cxm> <8806bc58-c7ed-79ef-fcec-6df8b8856e74@binect.de> <20161117105829.557e5a9a@mydesk.domain.cxm> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 18 Nov 2016, Tanstaafl wrote: > On 11/17/2016 10:58 AM, Steve Litt wrote: >> I have over 620K emails in over 1000 folders. This turns Thunderbird >> into an all day affair, just to refresh its caches. > > There are lots of knobs you can tweak to improve the situation, but the > bottom line is - 1,000 folders (really?!?), 650,000 emails - well... > this is going to be a problem for almost any client. That is actually the area, in which a non-caching client (pine, mutt) is playing well, if there is a stable connection to the server. Some time ago, I read an article about the following setup: 1) external mail server - no matter which 2) local Dovecot and MTA - actually on some notebook or behind some slow link 3) a cron job that performs a two-way sync with the external server, if the link available 4) the user works locally only - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBWC8DU3z1H7kL/d9rAQINRAf+KTL+BwPS+3oMXnCaY0rWFLfU3Qq/r16h vZZajqmbfirmBtklWLsDKV3aLA+DdMoFPXTzYf69PUdc4zslgv3BO7whPGRy0AY7 lao5MPWGUWkyltT62nuQqy4rMoP/FAk/pogiLWh2xapgR1wCQcD7XncxkdAb+IQY OqP13nfLXuyD6DUYwq/NpGViOC/HqHEUHW0WXdXaLhJpMjHqyKc6pn6HpyZyI6ya gSEIPsrAKK/HppcSXBOzYVkJKwc1zZvWG+sRRB5IxetlSzfaWr7XguhAos7HF2Aa N3cKsStXIBSjPMFNWmgl2bnkwKbOVjO/4lacmP7ehY4K3bJXuuMOHQ== =PufZ -----END PGP SIGNATURE----- From slitt at troubleshooters.com Fri Nov 18 18:50:10 2016 From: slitt at troubleshooters.com (Steve Litt) Date: Fri, 18 Nov 2016 13:50:10 -0500 Subject: Good email client to use with Dovecot? In-Reply-To: References: <20161117024852.0758af1e@mydesk.domain.cxm> <8806bc58-c7ed-79ef-fcec-6df8b8856e74@binect.de> <20161117105829.557e5a9a@mydesk.domain.cxm> Message-ID: <20161118135010.3229eb05@mydesk.domain.cxm> On Fri, 18 Nov 2016 08:14:02 -0500 Tanstaafl wrote: > On 11/17/2016 10:58 AM, Steve Litt wrote: > > I have over 620K emails in over 1000 folders. This turns Thunderbird > > into an all day affair, just to refresh its caches. > > There are lots of knobs you can tweak to improve the situation, but > the bottom line is - 1,000 folders (really?!?), 650,000 emails - > well... this is going to be a problem for almost any client. It wasn't a problem for Kmail, before the disastrous conversion to Kmail2. It wasn't a problem with Claws-Mail (I'm leaving Claws for non-technical reasons). My experimentation with Alpine indicates that, at the single folder level, it's not a problem for Alpine: Alpine can view a huge folder within a couple seconds the first time, instantly from then on. My (probably temporary) problem with Alpine is finding and committing to muscle memory tactics to replace my Kmail/Claws chops that sped my workflow. I might end up using Alpine for my daily emailing activities, and some other program to act as a sort of "file manager" for my IMAP server. I think Steffen Kaiser's last email went a long way toward pointing me in the right direction in Alpine operations, especially his link to the IMAP specification. I'll be working with his suggestions over the next couple days. And of course I still need to investigate Mutt. Thanks everyone! SteveT Steve Litt November 2016 featured book: Quit Joblessness: Start Your Own Business http://www.troubleshooters.com/startbiz From r.wolf.conf at gmail.com Fri Nov 18 19:55:18 2016 From: r.wolf.conf at gmail.com (Robert Wolf) Date: Fri, 18 Nov 2016 20:55:18 +0100 (CET) Subject: Good email client to use with Dovecot? In-Reply-To: References: <20161117024852.0758af1e@mydesk.domain.cxm> <8806bc58-c7ed-79ef-fcec-6df8b8856e74@binect.de> <20161117105829.557e5a9a@mydesk.domain.cxm> Message-ID: On Fri, 18 Nov 2016, Steffen Kaiser wrote: > On Fri, 18 Nov 2016, Tanstaafl wrote: > > On 11/17/2016 10:58 AM, Steve Litt wrote: > > > I have over 620K emails in over 1000 folders. This turns Thunderbird > > > into an all day affair, just to refresh its caches. > > > > There are lots of knobs you can tweak to improve the situation, but the > > bottom line is - 1,000 folders (really?!?), 650,000 emails - well... > > this is going to be a problem for almost any client. > > That is actually the area, in which a non-caching client (pine, mutt) is > playing well, if there is a stable connection to the server. *** Exactly! Alpine has no problem with this size. I have only 313 folders with about 825000 files/emails. Every action is done on server (dovecot). Alpine reads only that data, which alpine needs. For email index, alpine reads only the headers of the emails, which should be displayed on the screen. For opened email, alpine reads the content, but not whole email, but only the part which should be displayed. The attachment is downloaded only if you want do display or save it. > Some time ago, I read an article about the following setup: > > 1) external mail server - no matter which > 2) local Dovecot and MTA - actually on some notebook or behind some slow link > 3) a cron job that performs a two-way sync with the external server, if the > link available > 4) the user works locally only *** Exactly this way I synchronize mail gmail and other freemail accounts to my server with dovecot using offlineimap and then accessing remotely or localy (from ssh) using alpine. Regards, Robert Wolf. From r.wolf.conf at gmail.com Fri Nov 18 20:02:55 2016 From: r.wolf.conf at gmail.com (Robert Wolf) Date: Fri, 18 Nov 2016 21:02:55 +0100 (CET) Subject: Good email client to use with Dovecot? In-Reply-To: <20161118135010.3229eb05@mydesk.domain.cxm> References: <20161117024852.0758af1e@mydesk.domain.cxm> <8806bc58-c7ed-79ef-fcec-6df8b8856e74@binect.de> <20161117105829.557e5a9a@mydesk.domain.cxm> <20161118135010.3229eb05@mydesk.domain.cxm> Message-ID: On Fri, 18 Nov 2016, Steve Litt wrote: > from then on. My (probably temporary) problem with Alpine is finding and > committing to muscle memory tactics to replace my Kmail/Claws chops > that sped my workflow. I might end up using Alpine for my daily > emailing activities, and some other program to act as a sort of "file > manager" for my IMAP server. *** I would say, Alpine is something as vim. Until you use it daily, you think "how one can work with this", but as soon as you learn it, you find it perfect simple, fast but effective (as vim:-)). > And of course I still need to investigate Mutt. *** I would tell here the Mutt vs Alpine is nearly similar to Vim vs Emacs:-D I am unable to use mutt, but I love alpine:-) And I work with vim and cannot remember all shortcuts of emacs. These sentences do not mean that emacs or mutt are worse than alpine and vim!:) And of course, once you create your perfect alpine (or vim) configuration, you keep it for years (I use nearly the same vim, alpine and windowmaker config for about 15 years:-D). Regards, Robert Wolf. From jtam.home at gmail.com Sat Nov 19 00:20:07 2016 From: jtam.home at gmail.com (Joseph Tam) Date: Fri, 18 Nov 2016 16:20:07 -0800 (PST) Subject: Good email client to use with Dovecot? In-Reply-To: References: Message-ID: Steve Litt asks > * And most important, where can I find the best, most unambiguous > Alpine documentation, that doesn't assume I know anything about > Alpine? The ~/.pinerc config file is well documented. There is a bewildering number of options, and you can tweak it just about anyway you like. Choice of mail readers tend to a religious issue. Users of a particular reader will only change when you pry their cold dead fingers off of it. Alpine is not a bad choice (I've been using it and it's predeccesor for decades), and I go through mail faster than most people I know as I can type faster than they can click buttons, scroll, and drag windows around. However, it sort of sucks when you read formatted mail HTML with lots of graphics). Joseph Tam From eric at ericabrahamsen.net Sat Nov 19 00:22:18 2016 From: eric at ericabrahamsen.net (Eric Abrahamsen) Date: Fri, 18 Nov 2016 16:22:18 -0800 Subject: Good email client to use with Dovecot? References: <20161117024852.0758af1e@mydesk.domain.cxm> Message-ID: <87mvgwl3np.fsf@ericabrahamsen.net> Steve Litt writes: > Hi all, > > When I use an email client, its purpose is as a window into my Dovecot > IMAP, and as a mechanism to reply to and send emails. I don't do > filtering or calendaring on my email client (filtering via procmail > direct to Dovecot). > > What email clients are all of you using to look at your IMAP email? Someone's got to mention Emacs and Gnus. I suppose it's unlikely anyone's going to pick up Emacs just to use the mail client, but it's a great mail client. Grossly configurable, and handles IMAP accounts well. From michael at felt.demon.nl Sat Nov 19 14:01:15 2016 From: michael at felt.demon.nl (Michael Felt) Date: Sat, 19 Nov 2016 15:01:15 +0100 Subject: dovecot, configure and documentation as hardstop In-Reply-To: <179abd19-b5bf-2b00-7ae1-038310ddba91@felt.demon.nl> References: <179abd19-b5bf-2b00-7ae1-038310ddba91@felt.demon.nl> Message-ID: <8f446e26-6936-29c7-134e-ee1bc6bc7df8@felt.demon.nl> Hi, As preparations for a port to AIX - making sure I can get it to build on linux with gcc. While it is fairly easy to add the requirements (on GNU Linux) having pandoc as a configure "hardstop", even with --without-docs or --with-docs=no is a bit worrisome as I am fearful that I amy not be able to get pandoc ported as well. Hence a request that a missing pandoc become a warnig, and just not done when pandoc is not available, or at least accept one of --without-docs and --with-docs=no (or should I be using --with-pandata=no? ) Michael From aki.tuomi at dovecot.fi Sat Nov 19 14:09:46 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Sat, 19 Nov 2016 16:09:46 +0200 (EET) Subject: dovecot, configure and documentation as hardstop In-Reply-To: <8f446e26-6936-29c7-134e-ee1bc6bc7df8@felt.demon.nl> References: <179abd19-b5bf-2b00-7ae1-038310ddba91@felt.demon.nl> <8f446e26-6936-29c7-134e-ee1bc6bc7df8@felt.demon.nl> Message-ID: <2144132787.55.1479564587894@appsuite-dev.open-xchange.com> > On November 19, 2016 at 4:01 PM Michael Felt wrote: > > > Hi, > > As preparations for a port to AIX - making sure I can get it to build on > linux with gcc. While it is fairly easy to add the requirements (on GNU > Linux) having pandoc as a configure "hardstop", even with --without-docs > or --with-docs=no is a bit worrisome as I am fearful that I amy not be > able to get pandoc ported as well. > > Hence a request that a missing pandoc become a warnig, and just not done > when pandoc is not available, or at least accept one of --without-docs > and --with-docs=no (or should I be using --with-pandata=no? ) > > Michael At the moment, pandoc is only *required* if you are building from git. And it's not even required then, just do env PANDOC=true ./configure ... Aki From michael at felt.demon.nl Sat Nov 19 14:52:24 2016 From: michael at felt.demon.nl (Michael Felt) Date: Sat, 19 Nov 2016 15:52:24 +0100 Subject: dovecot, configure and documentation as hardstop In-Reply-To: <2144132787.55.1479564587894@appsuite-dev.open-xchange.com> References: <179abd19-b5bf-2b00-7ae1-038310ddba91@felt.demon.nl> <8f446e26-6936-29c7-134e-ee1bc6bc7df8@felt.demon.nl> <2144132787.55.1479564587894@appsuite-dev.open-xchange.com> Message-ID: On 19/11/2016 15:09, Aki Tuomi wrote: >> Michael > At the moment, pandoc is only*required* if you are building from git. And it's not even required then, just do env PANDOC=true ./configure ... > > Aki Thanks! guess I should have read ./configure --help more closely. So, is there something else I have forgotten - in order to get a good summary of the results of 'make check'? Michael From michael at felt.demon.nl Sat Nov 19 15:18:24 2016 From: michael at felt.demon.nl (Michael Felt) Date: Sat, 19 Nov 2016 16:18:24 +0100 Subject: Good email client to use with Dovecot? In-Reply-To: References: <20161117024852.0758af1e@mydesk.domain.cxm> <15b863e0-b997-aa93-1c24-d164a361858c@domblogger.net> <20161118020715.5501012.73904.16652@lazygranch.com> <9104f185d780cd2c22112a82b9abd4f7@junc.eu> <20161118040337.5501012.51227.16656@lazygranch.com> Message-ID: <00683518-b51e-e97a-cd24-664780681faf@felt.demon.nl> On 18/11/2016 14:19, Tanstaafl wrote: > Comments about the retired TB: > >?https://blog.mozilla.org/thunderbird/ As far as webmail being the future - imho - I am getting away from it, and that is why dovecot is worth investigating as port to replace the imap program supplied with my server OS. As far as the blog entry above - that is dated 9 december 2015, and nothing newer. Since someone also commented "more fixes than before" - I guess Thunderbird is "blogging" elsewhere - hint to where might be good in this thread. It has certainly been an interesting read. Maybe I should use MUTT - as I have been a happy vi user for nearly 38 years (even coded it a bit in the pre-curses days - to add a new terminal ;) - ah memories :) From michael at felt.demon.nl Sat Nov 19 15:34:15 2016 From: michael at felt.demon.nl (Michael Felt) Date: Sat, 19 Nov 2016 16:34:15 +0100 Subject: Good email client to use with Dovecot? In-Reply-To: <00683518-b51e-e97a-cd24-664780681faf@felt.demon.nl> References: <20161117024852.0758af1e@mydesk.domain.cxm> <15b863e0-b997-aa93-1c24-d164a361858c@domblogger.net> <20161118020715.5501012.73904.16652@lazygranch.com> <9104f185d780cd2c22112a82b9abd4f7@junc.eu> <20161118040337.5501012.51227.16656@lazygranch.com> <00683518-b51e-e97a-cd24-664780681faf@felt.demon.nl> Message-ID: <78f96475-43e0-fa70-e7fc-1900e9e67897@felt.demon.nl> On 19/11/2016 16:18, Michael Felt wrote: > On 18/11/2016 14:19, Tanstaafl wrote: >> Comments about the retired TB: >> >?https://blog.mozilla.org/thunderbird/ > > As far as webmail being the future - imho - I am getting away from it, > and that is why dovecot is worth investigating as port to replace the > imap program supplied with my server OS. > > As far as the blog entry above - that is dated 9 december 2015, and > nothing newer. An older blog is, imho, more accurate about the relationship and hence status on the relationship of Mozilla as an 'owner' aka 'legal home' and Thunderbird as an 'owned project' - see QUOTE from blog: https://blog.lizardwrangler.com/2015/12/03/thunderbird-update/ I?ve seen some characterize this as Mozilla ?dropping? Thunderbird. This is not accurate. We are going to disentangle the technical infrastructure. We are going to assist the Thunderbird community. This includes working with organizations that want to invest in Thunderbird, several of which have stepped forward already. Mozilla Foundation will serve as a fiscal sponsor for Thunderbird donations during this time. I also noted that we should look at whether Mozilla remains the best organizational and legal home for Thunderbird. This is a separate question from the technical infrastructure. This question is much more wide open. I don?t know what the answer will be. It could be that Mozilla remains the best home, based on history, affiliation and shared community. It could also be that a home geared to open source projects of Thunderbird?s size and scope is better suited. I can imagine either being the case. We have decided to separate the technical infrastructure and to explore what is best for Thunderbird and for the Mozilla project as a whole. These discussions are at a very early stage. Finding the right solution requires some effort. This is Mozilla focusing on a more forward looking path, one aimed at longer term stability rather than continuing the status quo. ENDQUOTE > > Since someone also commented "more fixes than before" - I guess > Thunderbird is "blogging" elsewhere - hint to where might be good in > this thread. > > It has certainly been an interesting read. Maybe I should use MUTT - > as I have been a happy vi user for nearly 38 years (even coded it a > bit in the pre-curses days - to add a new terminal ;) - ah memories :) From delrio at mie.utoronto.ca Sat Nov 19 16:44:18 2016 From: delrio at mie.utoronto.ca (Oscar del Rio) Date: Sat, 19 Nov 2016 11:44:18 -0500 Subject: Good email client to use with Dovecot? In-Reply-To: <0b1934257ba5a8a4994910cd52dafaa7@marc-stuermer.de> References: <20161117024852.0758af1e@mydesk.domain.cxm> <0b1934257ba5a8a4994910cd52dafaa7@marc-stuermer.de> Message-ID: <7297977c-430c-d3f5-a1f3-8bcc4a8b5f17@mie.utoronto.ca> On 17/11/2016 5:41 AM, Marc St?rmer wrote: > What to avoid like the pest is Outlook. Microsoft crippled the IMAP > support in it starting with version 2010 on purpose to promote their > own server technology on many levels. Using IMAP with Outlook is no > fun, so just don't do it and if you need Outlook, you are better off > with Microsofts own tech stuff instead of IMAP. I use Thunderbird most of the time but I also have to use Outlook. I have noticed that IMAP support in Outlook 2016 is much better than in previous versions. It was really bad in Outlook 2010 and 2013, having to delete and reconfigure the IMAP account quite often. I haven't had any issues since upgrading to Outlook 2016. From ruga at protonmail.com Sat Nov 19 21:08:26 2016 From: ruga at protonmail.com (Ruga) Date: Sat, 19 Nov 2016 16:08:26 -0500 Subject: Good email client to use with Dovecot? In-Reply-To: <78f96475-43e0-fa70-e7fc-1900e9e67897@felt.demon.nl> References: <20161117024852.0758af1e@mydesk.domain.cxm> <15b863e0-b997-aa93-1c24-d164a361858c@domblogger.net> <20161118020715.5501012.73904.16652@lazygranch.com> <9104f185d780cd2c22112a82b9abd4f7@junc.eu> <20161118040337.5501012.51227.16656@lazygranch.com> <00683518-b51e-e97a-cd24-664780681faf@felt.demon.nl> <78f96475-43e0-fa70-e7fc-1900e9e67897@felt.demon.nl> Message-ID: TB is the closest thing to a functional Outlook replacement for office deployment. I have seen UN staff so distressed by IBM Lotus Notes that would have given someone else's left arm to have TB instead. I have mutt as a lifeboat, but is not good enough for daily use in office. On Mozilla not willing to spend on TB, I think it is a very good thing. I would rather see TB on github with a donation button than see it crippled with Firefox-like spyware. On Sat, Nov 19, 2016 at 4:34 PM, Michael Felt <'michael at felt.demon.nl'> wrote: These discussions are at a very early stage. Finding the right solution requires some effort. This is Mozilla focusing on a more forward looking path, one aimed at longer term stability rather than continuing the status quo. From nikolai at lusan.id.au Sun Nov 20 05:51:22 2016 From: nikolai at lusan.id.au (Nikolai Lusan) Date: Sun, 20 Nov 2016 15:51:22 +1000 Subject: LDAP auth problems "unknown user" Message-ID: <1479621082.11274.1.camel@lusan.id.au> Hi, I am setting up a dovecot instance to host a bunch of virtual domains, with ldap backing for auth. I am using a single hostname for test purposes, with a couple of entries in the diectory. If I use auth binds I get a result, but this does not suit the end purpose of the server. If I use ldapsearch with the same base, search filter, and credentials as the ldap auth config I get the correct attributes returned, and I have bit of perl that verifies the password hash matches the password provided. I am running out of ideas here, I had thought of putting in a custom bit of perl and using the checkpassword method, but this is sub optimal. If anyone can help with this I'd be grateful. # dovecot --version 2.2.26.0 (23d1de6) # dovecot -n # 2.2.26.0 (23d1de6): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.16 (fed8554) # OS: Linux 4.8.0-1-amd64 x86_64 Debian stretch/sid ext3 auth_cache_size = 2 M auth_debug = yes auth_debug_passwords = yes auth_default_realm = maliuta.org auth_master_user_separator = * auth_mechanisms = plain login auth_realms = maliuta.org auth_verbose = yes auth_verbose_passwords = yes first_valid_uid = 117 last_valid_uid = 117 lda_mailbox_autocreate = yes login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c mail_gid = vmail mail_location = maildir:/var/spool/vmail/%d/%n/Maildir mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded- character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext namespace inbox { ? inbox = yes ? list = yes ? location =? ? mailbox Drafts { ????special_use = \Drafts ? } ? mailbox Junk { ????special_use = \Junk ? } ? mailbox Sent { ????special_use = \Sent ? } ? mailbox "Sent Messages" { ????special_use = \Sent ? } ? mailbox Trash { ????special_use = \Trash ? } ? prefix =? } passdb { ? args = /etc/dovecot/ldap/maliuta.org-ldap.conf.ext ? driver = ldap } plugin { ? sieve = file:~/sieve;active=~/.dovecot.sieve } protocols = " imap lmtp sieve" service auth-worker { ? user = $default_internal_user } service auth { ? unix_listener /var/spool/postfix/private/auth { ????group = postfix ????mode = 0660 ????user = postfix ? } ? unix_listener auth-userdb { ????group = vmail ????mode = 0660 ????user = vmail ? } ? user = $default_internal_user } service dict { ? unix_listener dict { ????group = vmail ????mode = 0660 ????user = vmail ? } } service imap-login { ? inet_listener imap { ????port = 143 ? } ? inet_listener imaps { ????port = 0 ? } } service lmtp { ? unix_listener /var/spool/postfix/private/dovecot-lmtp { ????group = postfix ????mode = 0660 ????user = postfix ? } } ssl_cert =? # grep -v '^ *\(#.*\)\?$' /etc/dovecot/ldap/maliuta.org-ldap.conf.ext uris = ldap://localhost dn = cn=admin,dc=maliuta,dc=org dnpass = tls = yes tls_ca_cert_dir = /etc/ssl/certs auth_bind = no ldap_version = 3 base = ou=mail,dc=mailuta,dc=org scope = subtree default_pass_scheme = SSHA deref = never user_attrs = postfixDeliveryAddress=user user_filter = (&(postfixDeliveryEnabled=TRUE)(objectClass=postfixMailPerson)) pass_attrs = postfixDeliveryAddress=user,userPassword=password pass_filter = (&(postfixDeliveryEnabled=TRUE)(objectClass=postfixMailPerson)(postfixD eliveryAddress=%u)) iterate_attrs = uid=user iterate_filter = (objectClass=postfixMailPerson) # ldapsearch -H ldap://localhost:389 -x -D 'cn=admin,dc=maliuta,dc=org' -W -b "ou=mail,dc=maliuta,dc=org" -s sub -LLL -ZZ '(&(postfixDeliveryEnabled=TRUE)(objectClass=postfixMailPerson)(postfixDeliveryAddress=nikolai at test.maliuta.org))' uid userPassword Enter LDAP Password: dn: mail=nikolai at test.maliuta.org,ou=mail,dc=maliuta,dc=org uid: nikolai userPassword:: e1NTSEF9QVBZMTlaeGw1cWd0a25XeGxURXdqM2g5Yk5YL3BxOGY= ## From /var/log/mail.log Nov 20 07:24:20 kiliya dovecot: auth: Debug: auth client connected (pid=27086) Nov 20 07:24:20 kiliya dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=imap#011secured#011session=1kW2C65BFI2WZbl8#011lip=#011rip=#011lport=143#011rport=36116#011local_name=#011resp=AG5pa29sYWlAdGVzdC5tYWxpdXRhLm9yZwBmb29iYXIzMzQ0 (previous base64 data may contain sensitive data) Nov 20 07:24:20 kiliya dovecot: auth: Debug: ldap(nikolai at test.maliuta.org,,<1kW2C65BFI2WZbl8>): cache miss Nov 20 07:24:20 kiliya dovecot: auth: Debug: ldap(nikolai at test.maliuta.org,): pass search: base=ou=mail,dc=mailuta,dc=org scope=subtree filter=(&(postfixDeliveryEnabled=TRUE)(objectClass=postfixMailPerson)(postfixDeliveryAddress=nikolai at test.maliuta.org)) fields=postfixDeliveryAddress,userPassword Nov 20 07:24:20 kiliya dovecot: auth: ldap(nikolai at test.maliuta.org,,<1kW2C65BFI2WZbl8>): unknown user (given password: ) Nov 20 07:24:22 kiliya dovecot: auth: Debug: client passdb out: FAIL#0111#011user=nikolai at test.maliuta.org -- Nikolai Lusan -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: This is a digitally signed message part URL: From reuben-dovecot at reub.net Sun Nov 20 11:59:31 2016 From: reuben-dovecot at reub.net (Reuben Farrelly) Date: Sun, 20 Nov 2016 22:59:31 +1100 Subject: [PATCH] Manually cleanup OpenSSL from dovecot_openssl_common_global_unref() In-Reply-To: <9be10da9-e08e-8d53-270c-66dee761402f@dovecot.fi> References: <20161113180427.30426-1-apoikos@debian.org> <9be10da9-e08e-8d53-270c-66dee761402f@dovecot.fi> Message-ID: <361efbc5-e795-7727-43f9-934eae22b010@reub.net> Hi, This patch: On 15/11/2016 10:46 PM, Aki Tuomi wrote: > > > On 13.11.2016 20:04, Apollon Oikonomopoulos wrote: >> OpenSSL 1.1 features a cleanup function that is automatically run on shutdown >> using atexit(3). This function frees all OpenSSL-allocated resources. >> >> In dovecot, OpenSSL is loaded indirectly using dlopen(3) against the relevant >> dovecot crypto module and is finally unloaded using dlclose(3). Until >> OpenSSL 1.0.1c this worked fine, however OpenSSL 1.0.1c makes sure[1] that the >> library stays loaded after the initial dlclose() so that the atexit(3) >> handlers can run on shutdown. This, together with the fact that dovecot >> uses custom allocation functions for OpenSSL and has already partially >> free()'d some of OpenSSL's resources in module_free(), leads to a >> segfault at process shutdown[2]. >> >> We fix this by explicitly calling OPENSSL_cleanup() during module unload. This >> is safe to do, as long as we will never want to subsequently re-initialize >> OpenSSL. >> >> [1] https://github.com/openssl/openssl/commit/4af9f7fe79ff82b90c16969b7e5871435056377b >> [2] https://buildd.debian.org/status/fetch.php?pkg=dovecot&arch=amd64&ver=1:2.2.26.0-2&stamp=1478873022 >> >> Signed-off-by: Apollon Oikonomopoulos >> --- >> src/lib-ssl-iostream/dovecot-openssl-common.c | 3 +++ >> 1 file changed, 3 insertions(+) >> >> diff --git a/src/lib-ssl-iostream/dovecot-openssl-common.c b/src/lib-ssl-iostream/dovecot-openssl-common.c >> index 51ea3ad..2bf6307 100644 >> --- a/src/lib-ssl-iostream/dovecot-openssl-common.c >> +++ b/src/lib-ssl-iostream/dovecot-openssl-common.c >> @@ -101,6 +101,9 @@ bool dovecot_openssl_common_global_unref(void) >> ERR_remove_thread_state(NULL); >> #endif >> ERR_free_strings(); >> +#if OPENSSL_VERSION_NUMBER >= 0x10100000L >> + OPENSSL_cleanup(); >> +#endif >> return FALSE; >> } >> > > Hi! > > Your patch is being reviewed. > > Aki ... which was committed as c164f8afe58c8d83ef2a48aae629c72408dfea01 in master-2.2, terminally breaks the build with LibreSSL. Obviously this wasn't tested or considered ;) *** Warning: Linking the executable test-http-client against the loadable module *** libssl_iostream_openssl.so is not portable! libtool: link: x86_64-pc-linux-gnu-gcc -std=gnu99 -O0 -g -pipe -march=native -mtune=native -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -Wl,-O1 -o .libs/test-http-client test-http-client.o -Wl,--export-dynamic -Wl,--as-needed ./.libs/libhttp.a ../lib-dns/.libs/libdns.a ../lib-ssl-iostream/.libs/libssl_iostream.a ../lib-master/.libs/libmaster.a ../lib-settings/.libs/libsettings.a ../lib-test/.libs/libtest.a ../lib/.libs/liblib.a -ldl ../lib-ssl-iostream/.libs/libssl_iostream_openssl.so -lssl -lcrypto -Wl,-rpath -Wl,/usr/lib64/dovecot ../lib-ssl-iostream/.libs/libssl_iostream_openssl.so: undefined reference to `OPENSSL_cleanup' collect2: error: ld returned 1 exit status make[3]: *** [Makefile:737: test-http-client] Error 1 make[3]: *** Waiting for unfinished jobs.... libtool: link: x86_64-pc-linux-gnu-gcc -std=gnu99 -O0 -g -pipe -march=native -mtune=native -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -Wl,-O1 -o test-http-client-errors test-http-client-errors.o -Wl,--export-dynamic -Wl,--as-needed ./.libs/libhttp.a ../lib-dns/.libs/libdns.a ../lib-ssl-iostream/.libs/libssl_iostream.a ../lib-master/.libs/libmaster.a ../lib-settings/.libs/libsettings.a ../lib-test/.libs/libtest.a ../lib/.libs/liblib.a -ldl make[3]: Leaving directory '/var/tmp/portage/net-mail/dovecot-2.2.26_p20161120/work/dovecot-2.2.26_p20161120/src/lib-http' make[2]: *** [Makefile:493: all-recursive] Error 1 make[2]: Leaving directory '/var/tmp/portage/net-mail/dovecot-2.2.26_p20161120/work/dovecot-2.2.26_p20161120/src' make[1]: *** [Makefile:618: all-recursive] Error 1 make[1]: Leaving directory '/var/tmp/portage/net-mail/dovecot-2.2.26_p20161120/work/dovecot-2.2.26_p20161120' make: *** [Makefile:462: all] Error 2 * ERROR: net-mail/dovecot-2.2.26_p20161120::reub-Local-Overlay failed (compile phase): * emake failed * I am running LibreSSL-2.5.0, so I guess it may not be a supported function yet. Reuben From matwey.kornilov at gmail.com Sun Nov 20 12:43:19 2016 From: matwey.kornilov at gmail.com (Matwey V. Kornilov) Date: Sun, 20 Nov 2016 15:43:19 +0300 Subject: doveadm service: verify client cert Message-ID: Hello, I want to open a socket for connecting doveadm using tcps. I do the following: service doveadm { inet_listener { port = 5001 ssl = yes } } At the same time, I would like to verify client certificates for connections goes to port 5001. I am trying to do the following, but it doesn't work: protocol doveadm { ssl_require_crl = yes ssl_verify_client_cert = yes } How could I achieve required behavior? From michael at felt.demon.nl Sun Nov 20 13:51:30 2016 From: michael at felt.demon.nl (Michael Felt) Date: Sun, 20 Nov 2016 14:51:30 +0100 Subject: Feedback on first, i.e. novice-level, experiences with dovecot Message-ID: <78ade0be-09c4-8afe-c0ab-aa6d75dd714d@felt.demon.nl> a) google: "dovecot imap configuration" brought an article from 2005 as the first item: while I like debian and a bit of history you may want to ask yourself how to improve your site as the primary hit from google. FYI: years ago I had great results in the top of google searches - and then I made a major error - I moved my site to a new url and google forgot me. b) using your http://wiki.dovecot.org/QuickConfiguration as a guide: I built dovecot using --prefix=/opt (I abhor /usr/local these days - that is so 1984ish). The applications got installed in /opt/bin root at x066:/data/prj/aixtools/dovecot/core# ls -ltr /opt total 36 drwxr-xr-x 3 root root 4096 Nov 20 14:33 lib drwxr-xr-x 3 root root 4096 Nov 20 14:33 include drwxr-xr-x 6 root root 4096 Nov 20 14:33 share drwxr-xr-x 3 root root 4096 Nov 20 14:33 libexec drwxr-xr-x 2 root root 4096 Nov 20 14:33 sbin drwxr-xr-x 2 root root 4096 Nov 20 14:33 bin Are the directories 'make install' touched or made. root at x066:/data/prj/aixtools/dovecot/core# /opt/bin/doveconf -n # 2.3.devel (92c8109): /opt/etc/dovecot/dovecot.conf doveconf: Fatal: open(/opt/etc/dovecot/dovecot.conf) failed: No such file or directory where are example configs? root at x066:/data/prj/aixtools/dovecot/core# find /opt -name example-config root at x066:/data/prj/aixtools/dovecot/core# Not in /opt How about a default config? root at x066:/data/prj/aixtools/dovecot/core# find / -name dovecot /etc/init.d/dovecot /etc/pam.d/dovecot /etc/default/dovecot /etc/dovecot /var/lib/dovecot ^C Seems to be /etc/dovecot root at x066:/data/prj/aixtools/dovecot/core# ls -l /etc/dovecot total 40 drwxr-xr-x 2 root root 4096 Apr 30 2015 conf.d -rw-r--r-- 1 root root 4180 Jun 8 2014 dovecot.conf -rw-r----- 1 root dovecot 410 Jun 8 2014 dovecot-db.conf.ext -rw-r----- 1 root dovecot 782 Jun 8 2014 dovecot-dict-sql.conf.ext -rw-r--r-- 1 root dovecot 1363 Apr 30 2015 dovecot.pem -rw-r----- 1 root dovecot 5348 Jun 8 2014 dovecot-sql.conf.ext drwx------ 2 root root 4096 Apr 30 2015 private -rw-r--r-- 1 root root 121 Jun 8 2014 README and finally - read README to find the examples: root at x066:/data/prj/aixtools/dovecot/core# cat /etc/dovecot/README Configuration files go to this directory. See example configuration files in /usr/share/doc/dovecot-core/example-config/ Conclusion: --prefix=/opt is not applied everywhere. * More first impressions as I come to them - if you want them - as I hope this helps make dovecot better! Michael From michael at felt.demon.nl Sun Nov 20 15:36:05 2016 From: michael at felt.demon.nl (Michael Felt) Date: Sun, 20 Nov 2016 16:36:05 +0100 Subject: Feedback on first, i.e. novice-level, experiences with dovecot In-Reply-To: <78ade0be-09c4-8afe-c0ab-aa6d75dd714d@felt.demon.nl> References: <78ade0be-09c4-8afe-c0ab-aa6d75dd714d@felt.demon.nl> Message-ID: <6fe2c782-482b-7516-a9c6-8f0037578efd@felt.demon.nl> On 20/11/2016 14:51, Michael Felt wrote: > root at x066:/data/prj/aixtools/dovecot/core# cat /etc/dovecot/README > Configuration files go to this directory. See example configuration > files in > /usr/share/doc/dovecot-core/example-config/ > > Conclusion: > > --prefix=/opt is not applied everywhere. > > * More first impressions as I come to them - if you want them - as I > hope this helps make dovecot better! Next experience: root at x066:/data/prj/aixtools/dovecot/core# cp /etc/dovecot/dovecot.conf /opt/etc/dovecot/dovecot.conf root at x066:/data/prj/aixtools/dovecot/core# /opt/bin/doveconf -n # 2.3.devel (92c8109): /opt/etc/dovecot/dovecot.conf doveconf: Fatal: Error in configuration file /opt/etc/dovecot/dovecot.conf line 94: No matches So, I shall look into why no matches are found using vi More later. From michael at felt.demon.nl Sun Nov 20 15:41:53 2016 From: michael at felt.demon.nl (Michael Felt) Date: Sun, 20 Nov 2016 16:41:53 +0100 Subject: Feedback on first, i.e. novice-level, experiences with dovecot In-Reply-To: <6fe2c782-482b-7516-a9c6-8f0037578efd@felt.demon.nl> References: <78ade0be-09c4-8afe-c0ab-aa6d75dd714d@felt.demon.nl> <6fe2c782-482b-7516-a9c6-8f0037578efd@felt.demon.nl> Message-ID: On 20/11/2016 16:36, Michael Felt wrote: > More later. So, part of my confusion may be resolved - I was thinking $prefix only, where there are three: From the default config file (though still unknowing what the fatal error) contains: # options. The paths listed here are for configure --prefix=/usr # --sysconfdir=/etc --localstatedir=/var However, I still would have expected /usr/share/doc/dovecot-core/example-config/ to be behind /opt. Or is there yet another ./configure setting I skipped? From michael at felt.demon.nl Sun Nov 20 15:48:35 2016 From: michael at felt.demon.nl (Michael Felt) Date: Sun, 20 Nov 2016 16:48:35 +0100 Subject: Feedback on first, i.e. novice-level, experiences with dovecot In-Reply-To: References: <78ade0be-09c4-8afe-c0ab-aa6d75dd714d@felt.demon.nl> <6fe2c782-482b-7516-a9c6-8f0037578efd@felt.demon.nl> Message-ID: On 20/11/2016 16:41, Michael Felt wrote: > (though still unknowing what the fatal error) This is also needed: cp -rp /etc/dovecot/conf.d /opt/etc/dovecot/ as the config file contains: # Most of the actual configuration gets included below. The filenames are # first sorted by their ASCII value and parsed in that order. The 00-prefixes # in filenames are intended to make it easier to understand the ordering. !include conf.d/*.conf # A config file can also tried to be included without giving an error if # it's not found: !include_try local.conf Note: the include_try did not complain, but the include conf.d/*.conf did (relative name, not fullpath) All for today! From fred at c5consulting.net Sun Nov 20 23:28:57 2016 From: fred at c5consulting.net (Fred Turner) Date: Sun, 20 Nov 2016 18:28:57 -0500 Subject: Implementing secondary quota w/ "Archive" namespace In-Reply-To: <7A1901CE-A893-41A3-8F07-A17E29DF6BC9@c5consulting.net> References: <7A1901CE-A893-41A3-8F07-A17E29DF6BC9@c5consulting.net> Message-ID: <081E3D9B-E268-4DD3-B4DE-E98A576CE47F@c5consulting.net> Hey Everybody? Posted this to the list a couple of months ago, but didn?t get any responses. Is there a better place to ask this question about quota & namespace configuration? Seems like a lot of the discussion here is a little deeper/lower-level than my configuration question, like debugging and development? Thx, Fred > On Sep 20, 2016, at 02:28 PM, Fred Turner wrote: > > Hello folks? > > My first post, so please be gentle? :-) > > I have a client email server using SSDs for primary user mailboxes, but since the number of users keeps growing and they all seem to be very reluctant to delete anything, I?ve implemented an ?Archive? namespace that stores its mailboxes on a larger HD RAID. The idea is that, as the users approach their quota, they move messages to the Archive mailboxes to alleviate space in their primary Inbox namespace. This secondary storage part is working well, but I?m having trouble w/ getting the quotas to work right. Here are the basics of the setup: > > Mac Pro Server 2012 > Mac OS X Server 10.6.8 > Dovecot 1.1.20apple0.5 > > Here is how I?ve configured my namespaces (during testing): > > namespace private { > separator = / > prefix = > inbox = yes > } > > namespace private { > separator = / > prefix = testArchive/ > location = maildir:/Shared Items/MailArchive/%u > subscriptions = yes > } > > My quota research has led me to try this: > > quota = maildir:User quota:ns= > > quota2 = maildir:ns=testArchive/ > quota2_rule = *:storage=20G > > The first line is already in the default config, with the exception of the added ?:ns=? at the end. The 2nd line in the examples I saw had a middle component w/ the quota name, but when I tried that, like so: > > quota2 = maildir:Archive quota:ns=testArchive/ > > my server fails and shows this in the logs: > >> Fatal: IMAP(*): Quota root test backend maildir: Unknown parameter: ns=testArchive/ > > > Any idea why it doesn?t like that? Also, do I need to add a quota_rule for the primary quota? It does not have one normally in the Mac OS X Server config? > > Thus far in my testing, I?ve been able to get the 2 quotas to show up in Roundcube and Mac Mail.app. It?s a little messy?the first shows up as ?User quota?, the 2nd as ?ns=testArchive/?, presumably because I cannot leave the description field in there. > > Unfortunately, both quotas show the same amount of space in use. If I drop the primary quota to a mere 4MB for testing, and if I have 5.2MB of messages in a testArchive folder, the space used for ?User quota? shows as 5.2MB (>100%), as does the ?ns=testArchive/? quota (which is 20GB). In actuality, the Inbox namespace is really only using a few KB? the 5.2MB is in the testArchive namespace. This means that I cannot move messages between either set of namespaces, and new messages are not delivered. So, the quota trouble here is negating the whole point of having the Archive namespace... > > Is there a way to get Dovecot to ?see? the 2 quotas as unique/discrete? It seems like I?m close to accomplishing what I want, but just can?t quite get it to cooperate. And that ?Unknown parameter? error is bewildering. Any ideas? > > Thx, > Fred > > P.S. I can add my Dovecot config to the thread upon request?didn?t want to make this initial message even longer. From marti1234 at gmail.com Mon Nov 21 02:52:54 2016 From: marti1234 at gmail.com (Marti Markov) Date: Mon, 21 Nov 2016 02:52:54 +0000 Subject: Exim still accepting emails to nonexistent users In-Reply-To: <20161117213349.GA29010@jumper.schlittermann.de> References: <1F9CEC86-7EE0-4FD4-B68E-7AF082FE2B93@gmail.com> <20161117213349.GA29010@jumper.schlittermann.de> Message-ID: <79EABAB5-835A-4E7B-ADBD-5801EEC587F4@gmail.com> Hi Heiko, Here is the router: virtual_aliases: driver = redirect debug_print = "R: Check address using virtual_aliases for $local_part@$domain" allow_fail allow_defer hide data = CHECK_VIRTUAL_ALIASES user = vmail group = mail local_user: debug_print = "R: local_user for $local_part@$domain" driver = accept domains = +local_domains #Dovecot auth check # check_local_user local_parts = ! root transport = dovecot_lmtp cannot_route_message = Unknown user And this is the transport: dovecot_lmtp: driver = lmtp socket = /var/run/dovecot/lmtp #return_path_add #maximum number of deliveries per batch, default 1 batch_max = 200 This might also be helpful (this is with check_local_user commented out in the router) --------> local_user router <-------- local_part=nosuchuser domain=domainproblem.com checking domains cached yes match for +local_domains cached lookup data = NULL domainproblem.com in "+local_domains"? yes (matched "+local_domains" - cached) checking local_parts NoSuchUser in "! root"? yes (end of list) R: local_user for nosuchuser at domainproblem.com calling local_user router local_user router called for NoSuchUser at domainproblem.com domain = domainproblem.com queued for dovecot_lmtp transport: local_part = nosuchuser domain = domainproblem.com errors_to=NULL domain_data=NULL localpart_data=NULL routed by local_user router envelope to: NoSuchUser at domainproblem.com transport: dovecot_lmtp Cannot do callout: neither router nor transport provided a host list ----------- end verify ------------ deny: condition test failed in ACL "acl_check_rcpt" processing "accept" check domains = +relay_to_domains domainproblem.com in "empty"? no (end of list) domainproblem.com in "+relay_to_domains"? no (end of list) accept: condition test failed in ACL "acl_check_rcpt" processing "accept" accept: condition test succeeded in ACL "acl_check_rcpt" SMTP>> 250 Accepted 250 Accepted This is when it?s not commented out: --------> local_user router <-------- local_part=m.markov domain=domainproblem.com checking domains cached yes match for +local_domains cached lookup data = NULL domainproblem.com in "+local_domains"? yes (matched "+local_domains" - cached) checking local_parts m.markov in "! root"? yes (end of list) checking for local user seeking password data for user "m.markov": using cached result getpwnam() returned NULL (user not found) local_user router skipped: m.markov is not a local user I currently have check_local_user disabled because nobody will be able to receive emails. > On 17 Nov 2016, at 21:33, Heiko Schlittermann wrote: > > Hi, > > Marti Markov (Mi 16 Nov 2016 04:28:28 CET): >> After adding the configuration bit: >> >> deny >> message = invalid recipient >> domains = +local_domains >> !verify = recipient/callout=no_cache >> >> from: http://wiki2.dovecot.org/LMTP/Exim running update-exim4.conf and service exim4 restart >> >> the server is still accepting emails to recipients that do not exist in dovecot. > > How is the router, targeting the messages to dovecot, configured? And > how the transport, responsible for the delivery to dovecot? > > Best regards from Dresden/Germany > Viele Gr??e aus Dresden > Heiko Schlittermann > -- > SCHLITTERMANN.de ---------------------------- internet & unix support - > Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - > gnupg encrypted messages are welcome --------------- key ID: F69376CE - > ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ - From lista at xdrv.co.uk Mon Nov 21 10:27:12 2016 From: lista at xdrv.co.uk (James) Date: Mon, 21 Nov 2016 10:27:12 +0000 Subject: Feedback on first, i.e. novice-level, experiences with dovecot In-Reply-To: <78ade0be-09c4-8afe-c0ab-aa6d75dd714d@felt.demon.nl> References: <78ade0be-09c4-8afe-c0ab-aa6d75dd714d@felt.demon.nl> Message-ID: <15e8558a-1c04-9be2-e5f6-0679e1e104fb@xdrv.co.uk> On 20/11/2016 13:51, Michael Felt wrote: > I built dovecot using --prefix=/opt (I abhor /usr/local these days - > that is so 1984ish). The applications got installed in /opt/bin Well done but I urge you to go a step further. You should put your builds in a sub level of /opt/ to distinguish and avoid clashes with other people's builds in /opt. eg, if you choose "felt" as your [not guaranteed unique but you are not a commercial vendor] identifier then your will install into /opt/felt. --prefix=/opt/felt > # 2.3.devel (92c8109): /opt/etc/dovecot/dovecot.conf > doveconf: Fatal: open(/opt/etc/dovecot/dovecot.conf) failed: No such > file or directory > > where are example configs? > > root at x066:/data/prj/aixtools/dovecot/core# find /opt -name example-config > root at x066:/data/prj/aixtools/dovecot/core# > > Not in /opt > > How about a default config? > > root at x066:/data/prj/aixtools/dovecot/core# find / -name dovecot > /etc/init.d/dovecot > /etc/pam.d/dovecot > /etc/default/dovecot > /etc/dovecot > /var/lib/dovecot > ^C > > Seems to be /etc/dovecot I apply [the equivalent of]: VID=... <- eg "felt" ./configure \ --prefix=/opt/${VID} \ --mandir=/opt/${VID}/share/man \ --docdir=/opt/${VID}/share/doc/dovecot \ --sysconfdir=/etc/opt/${VID} \ --localstatedir=/var/opt/${VID} \ ... other options Using /etc/opt/${VID} and /var/opt/${VID} and not /opt/${VID}/etc/ keeps things consistent with the case where /opt is read only. Mine isn't but I don't have to think. Your dovecot.conf will be: /etc/opt/${VID}/dovecot/dovecot.conf James. From hs at schlittermann.de Mon Nov 21 10:50:13 2016 From: hs at schlittermann.de (Heiko Schlittermann) Date: Mon, 21 Nov 2016 11:50:13 +0100 Subject: Exim still accepting emails to nonexistent users In-Reply-To: <79EABAB5-835A-4E7B-ADBD-5801EEC587F4@gmail.com> References: <1F9CEC86-7EE0-4FD4-B68E-7AF082FE2B93@gmail.com> <20161117213349.GA29010@jumper.schlittermann.de> <79EABAB5-835A-4E7B-ADBD-5801EEC587F4@gmail.com> Message-ID: <20161121105013.GM29010@jumper.schlittermann.de> Hi Marti, (Please do not send CC to my private account) Marti Markov (Mo 21 Nov 2016 03:52:54 CET): > > Here is the router: > > virtual_aliases: ? > hide data = CHECK_VIRTUAL_ALIASES > local_user: > debug_print = "R: local_user for $local_part@$domain" > driver = accept > domains = +local_domains > #Dovecot auth check > # check_local_user > local_parts = ! root > transport = dovecot_lmtp > > And this is the transport: > > dovecot_lmtp: > driver = lmtp > socket = /var/run/dovecot/lmtp > #return_path_add > #maximum number of deliveries per batch, default 1 > batch_max = 200 Ok, the router cannot check the existence of the user. check_local_user won't help you, as long as the $local_part is not a system user locally. Basically you got 2 possibilities: a) check in the routing stage by accessing the user database -> testable with: exim -bv user at exampl.com b) check in the transport stage by using a callout -> testable with: swaks ? --pipe 'exim -bhc i.i.i.i' a) Routing stage You need to interact with the user database dovecot uses. Either you access the user database directory (flat file, LDAP, whatever) or you use the ${readsocket?} feature of Exim to talk to dovecot. b) Transport stage You need to configure the dovecot LMTP to refuse messages to unknown uses. This you can test using swaks (it's capable of talking LMTP). Once this LMTP works (refusing unknown users) you can use callouts for verification during SMTP time. (exim -bv ? will still tell you, that the message is *routable*, but exim -bh and the pipe mode of swaks may help you. Ha ?. > transport: dovecot_lmtp > Cannot do callout: neither router nor transport provided a host list This can be 'fixed' if you use (not tested) dovecot_lmtp: driver = smtp protocol = lmtp host = localhost port = 2525 and have the dovecot LMTP run on a local TCP port Best regards from Dresden/Germany Viele Gr??e aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---------------------------- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --------------- key ID: F69376CE - ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ - -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: Digital signature URL: From hs at schlittermann.de Mon Nov 21 11:16:55 2016 From: hs at schlittermann.de (Heiko Schlittermann) Date: Mon, 21 Nov 2016 12:16:55 +0100 Subject: Exim still accepting emails to nonexistent users In-Reply-To: <20161121105013.GM29010@jumper.schlittermann.de> References: <1F9CEC86-7EE0-4FD4-B68E-7AF082FE2B93@gmail.com> <20161117213349.GA29010@jumper.schlittermann.de> <79EABAB5-835A-4E7B-ADBD-5801EEC587F4@gmail.com> <20161121105013.GM29010@jumper.schlittermann.de> Message-ID: <20161121111655.GN29010@jumper.schlittermann.de> Hi, Heiko Schlittermann (Mo 21 Nov 2016 11:50:13 CET): > a) Routing stage > You need to interact with the user database dovecot uses. > Either you access the user database directory (flat file, LDAP, > whatever) or you use the ${readsocket?} feature of Exim to talk to > dovecot. The readsocket trick doesn't seem to work anymore. Using $ socat STDIO UNIX:/run/dovecot/auth-master < VERSION 1 1 < SPID 16290 > VERSION 1 1 > USER 42 hs12 service=imap < USER 1 hs12 uid=500 gid=500 home=/var/vmail/home/h/hs12 (the spaces are tabs). But using Exim exim -be '${readsocket{/run/dovecot/auth-userdb}{VERSION\t1\t1\nUSER\t1\hs12\tservice=imap\n}}' does not work. Exim closes the sending side right after the final \n with shutdown(2). Dovecot seems to see this as if the connection should be closed now and closes the connection, w/o any response. As it's not unusual to shutdown(2) the sender if the message is sent, I'd see this as a bug on the dovecot side. There is no reason to consider the connection as dead, just because the sender closed its sending side of the connection. Best regards from Dresden/Germany Viele Gr??e aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---------------------------- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --------------- key ID: F69376CE - ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ - -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: Digital signature URL: From mail at tomsommer.dk Mon Nov 21 12:43:06 2016 From: mail at tomsommer.dk (Tom Sommer) Date: Mon, 21 Nov 2016 13:43:06 +0100 Subject: Index-cache sizes Message-ID: <5f96e00c2c0e2398e61ed146ea235142@tomsommer.dk> I had a customer with an INBOX cache of 400MB+ (5.5GB maildir) which gave me "Error: mmap_anon(474165248) failed: Cannot allocate memory" errors, then I deleted the cache files and ran 'doveadm index -u xxx at example.com "*"', now the INBOX cache is 7MB What is up with that? Is the cache now missing something or does it make sense to wipe cache files and reindex cache every-so-often? -- Tom From apoikos at debian.org Mon Nov 21 14:21:14 2016 From: apoikos at debian.org (Apollon Oikonomopoulos) Date: Mon, 21 Nov 2016 16:21:14 +0200 Subject: [PATCH] Manually cleanup OpenSSL from dovecot_openssl_common_global_unref() In-Reply-To: <361efbc5-e795-7727-43f9-934eae22b010@reub.net> References: <20161113180427.30426-1-apoikos@debian.org> <9be10da9-e08e-8d53-270c-66dee761402f@dovecot.fi> <361efbc5-e795-7727-43f9-934eae22b010@reub.net> Message-ID: <20161121142114.eczeerkixr3ul4zk@marvin.dmesg.gr> Hi, On 22:59 Sun 20 Nov , Reuben Farrelly wrote: > Hi, > > This patch: > > > ... which was committed as c164f8afe58c8d83ef2a48aae629c72408dfea01 in > master-2.2, terminally breaks the build with LibreSSL. Obviously this > wasn't tested or considered ;) Yes, unfortunately LibreSSL fakes OpenSSL version numbers and reports a version much bigger than 1.1 while actually providing the API of 1.0.x. I will submit an additional patch to fix the guard condition there. Regards, Apollon From arekm at maven.pl Mon Nov 21 14:39:39 2016 From: arekm at maven.pl (Arkadiusz =?utf-8?q?Mi=C5=9Bkiewicz?=) Date: Mon, 21 Nov 2016 15:39:39 +0100 Subject: nologin + reason -> logging reason Message-ID: <201611211539.39291.arekm@maven.pl> Hi. I'm using nologin with own reason [1]. That works fine. For example pop3 client gets nice message like "-ERR [AUTH] Account is locked. Please contact support." Unfortunately maillog lacks information details about why user was not allowed to log in. pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=, method=LOGIN, rip=1.1.1.1, lip=2.2.2.2, session= Is it possible to log "reason" there, too? (whether it is default/internal dovecot reason or my custom one). reason is the only thing in maillog that allows to distinguish why user was not allowed to log in. 1. http://wiki2.dovecot.org/PasswordDatabase/ExtraFields -- Arkadiusz Mi?kiewicz, arekm / ( maven.pl | pld-linux.org ) From jon at thefiverivers.co.uk Mon Nov 21 15:31:58 2016 From: jon at thefiverivers.co.uk (Jon Cutting) Date: Mon, 21 Nov 2016 15:31:58 +0000 Subject: Clients creating folders in root when using shared namespace Message-ID: <3206796e16ba09a8277f6370eb009563@blaxhall.com> We have set up dovecot to use a shared namespace, and it works well. However, when a client attempts to create a folder in the namespace, although dovecot responds with permission denied, it still goes on to create a folder, but in the root of our virtual mailbox folder (more confusingly, even issuing a LIST command for a non-existent subfolder creates the folder in the root). I've checked through the documentation for a misconfiguration but so far to no avail. Our steps to reproduce are as follows: * Create shared namespace (in our case we've used prefix Users/%%u/) * Share folder from one user to another so that the shared folder displays in LIST * Create a folder as a subfolder of the shared folder (i.e. . CREATE Users/testfolder) Expected behaviour: permission is denied and no folder is created Actual behaviour: permission is denied, but folder is created at the root of our vmail store (in the above example a folder /mnt/storage/vmail/testfolder would be created) Thanks, Jon Output from doveconf -n # 2.2.13: /etc/dovecot/dovecot.conf # OS: Linux 3.16.0-4-amd64 x86_64 Debian 8.6 ext4 mail_location = maildir:/mnt/storage/vmail/%d/%n/Maildir mail_plugins = " quota zlib acl" managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace Users { list = children location = maildir:/mnt/storage/vmail/%%d/%%n/Maildir:INDEX=/mnt/storage/vmail/%d/%n/sharedindex/%%d/%%n/ prefix = Users/%%u/ separator = / subscriptions = no type = shared } namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / type = private } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { acl = vfile acl_shared_dict = file:/mnt/storage/vmail/%d/shared-mailboxes.db quota = maildir:User quota quota_rule = *:storage=50GB sieve = /mnt/storage/vmail/%d/%n/.dovecot.sieve sieve_before = /mnt/storage/vmail/dovecot.sieve sieve_dir = /mnt/storage/vmail/%d/%n/sieve zlib_save = gz zlib_save_level = 6 } protocols = imap lmtp sieve service imap-login { inet_listener imaps { port = 993 ssl = yes } } service lmtp { inet_listener lmtp { address = 0.0.0.0 port = 2003 } user = vmail } service managesieve-login { inet_listener sieve { port = 4190 } service_count = 1 vsz_limit = 64 M } ssl = required ssl_ca = References: <7A1901CE-A893-41A3-8F07-A17E29DF6BC9@c5consulting.net> <081E3D9B-E268-4DD3-B4DE-E98A576CE47F@c5consulting.net> Message-ID: On Sun, Nov 20, 2016 at 3:28 PM, Fred Turner wrote: > Hey Everybody? > > Posted this to the list a couple of months ago, but didn?t get any > responses. Is there a better place to ask this question about quota & > namespace configuration? Seems like a lot of the discussion here is a > little deeper/lower-level than my configuration question, like debugging > and development? > > Thx, > Fred > > > > On Sep 20, 2016, at 02:28 PM, Fred Turner wrote: > > > > Hello folks? > > > > My first post, so please be gentle? :-) > > > > I have a client email server using SSDs for primary user mailboxes, but > since the number of users keeps growing and they all seem to be very > reluctant to delete anything, I?ve implemented an ?Archive? namespace that > stores its mailboxes on a larger HD RAID. The idea is that, as the users > approach their quota, they move messages to the Archive mailboxes to > alleviate space in their primary Inbox namespace. This secondary storage > part is working well, but I?m having trouble w/ getting the quotas to work > right. Here are the basics of the setup: > > > > Mac Pro Server 2012 > > Mac OS X Server 10.6.8 > > Dovecot 1.1.20apple0.5 > > > > Here is how I?ve configured my namespaces (during testing): > > > > namespace private { > > separator = / > > prefix = > > inbox = yes > > } > > > > namespace private { > > separator = / > > prefix = testArchive/ > > location = maildir:/Shared Items/MailArchive/%u > > subscriptions = yes > > } > > > > My quota research has led me to try this: > > > > quota = maildir:User quota:ns= > > > > quota2 = maildir:ns=testArchive/ > > quota2_rule = *:storage=20G > > > > The first line is already in the default config, with the exception of > the added ?:ns=? at the end. The 2nd line in the examples I saw had a > middle component w/ the quota name, but when I tried that, like so: > > > > quota2 = maildir:Archive quota:ns=testArchive/ > > > > my server fails and shows this in the logs: > > > >> Fatal: IMAP(*): Quota root test backend maildir: Unknown parameter: > ns=testArchive/ > > > > > > Any idea why it doesn?t like that? Also, do I need to add a quota_rule > for the primary quota? It does not have one normally in the Mac OS X Server > config? > > > > Thus far in my testing, I?ve been able to get the 2 quotas to show up in > Roundcube and Mac Mail.app. It?s a little messy?the first shows up as ?User > quota?, the 2nd as ?ns=testArchive/?, presumably because I cannot leave the > description field in there. > > > > Unfortunately, both quotas show the same amount of space in use. If I > drop the primary quota to a mere 4MB for testing, and if I have 5.2MB of > messages in a testArchive folder, the space used for ?User quota? shows as > 5.2MB (>100%), as does the ?ns=testArchive/? quota (which is 20GB). In > actuality, the Inbox namespace is really only using a few KB? the 5.2MB is > in the testArchive namespace. This means that I cannot move messages > between either set of namespaces, and new messages are not delivered. So, > the quota trouble here is negating the whole point of having the Archive > namespace... > > > > Is there a way to get Dovecot to ?see? the 2 quotas as unique/discrete? > It seems like I?m close to accomplishing what I want, but just can?t quite > get it to cooperate. And that ?Unknown parameter? error is bewildering. Any > ideas? > > > > Thx, > > Fred > > > > P.S. I can add my Dovecot config to the thread upon request?didn?t want > to make this initial message even longer. > I beat my head against basically the same wall a few years back (and similarly felt like I was almost in reach but could never quite get it working), so I'm highly interested in the same topic. But I'd love to hear from someone smarter than me if this is even possible. I don't mind beating my head against a wall if it's not for no reason. Can anyone verify if this is even possible? Timo? From kremels at kreme.com Mon Nov 21 21:39:54 2016 From: kremels at kreme.com (@lbutlr) Date: Mon, 21 Nov 2016 14:39:54 -0700 Subject: nologin + reason -> logging reason In-Reply-To: <201611211539.39291.arekm@maven.pl> References: <201611211539.39291.arekm@maven.pl> Message-ID: <6FBC1DBE-F2B7-4ED2-AA97-1E2B62EFDB3B@kreme.com> On Nov 21, 2016, at 7:39 AM, Arkadiusz Mi?kiewicz wrote: > reason is the only thing in maillog that allows to distinguish why user was > not allowed to log in. Um? the only thing? How about where you set the reason in the first place? I think the assumption with nologin is that the admin knows the reason, especially considering that nologin is drastic and is almost certain to confuse the user?s MUA, so should only be used in dire cases. From arekm at maven.pl Mon Nov 21 21:49:06 2016 From: arekm at maven.pl (Arkadiusz =?utf-8?q?Mi=C5=9Bkiewicz?=) Date: Mon, 21 Nov 2016 22:49:06 +0100 Subject: nologin + reason -> logging reason In-Reply-To: <6FBC1DBE-F2B7-4ED2-AA97-1E2B62EFDB3B@kreme.com> References: <201611211539.39291.arekm@maven.pl> <6FBC1DBE-F2B7-4ED2-AA97-1E2B62EFDB3B@kreme.com> Message-ID: <201611212249.06817.arekm@maven.pl> On Monday 21 of November 2016, @lbutlr wrote: > On Nov 21, 2016, at 7:39 AM, Arkadiusz Mi?kiewicz wrote: > > reason is the only thing in maillog that allows to distinguish why user > > was not allowed to log in. > > Um? the only thing? How about where you set the reason in the first place? That "first" place is constantly changing (database) and I'm looking at logs from X days/weeks ago, so database doesn't even have old info. log it the only place where it would make sense to store a reason. > I think the assumption with nologin is that the admin knows the reason, > especially considering that nologin is drastic and is almost certain to > confuse the user?s MUA, so should only be used in dire cases. 4 different and dynamically changing reasons possible, so it's not that simple. -- Arkadiusz Mi?kiewicz, arekm / ( maven.pl | pld-linux.org ) From tss at iki.fi Mon Nov 21 22:49:56 2016 From: tss at iki.fi (Timo Sirainen) Date: Tue, 22 Nov 2016 00:49:56 +0200 Subject: nologin + reason -> logging reason In-Reply-To: <201611211539.39291.arekm@maven.pl> References: <201611211539.39291.arekm@maven.pl> Message-ID: On 21 Nov 2016, at 16.39, Arkadiusz Mi?kiewicz wrote: > > > Hi. > > I'm using nologin with own reason [1]. That works fine. For example pop3 > client gets nice message like "-ERR [AUTH] Account is locked. Please contact > support." > > > Unfortunately maillog lacks information details about why user was not allowed > to log in. > > pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=, > method=LOGIN, rip=1.1.1.1, lip=2.2.2.2, session= > > Is it possible to log "reason" there, too? (whether it is default/internal > dovecot reason or my custom one). Does it work if you add: login_log_format_elements = $login_log_format_elements reason=%{passdb:reason} From tss at iki.fi Mon Nov 21 22:53:13 2016 From: tss at iki.fi (Timo Sirainen) Date: Tue, 22 Nov 2016 00:53:13 +0200 Subject: Implementing secondary quota w/ "Archive" namespace In-Reply-To: <7A1901CE-A893-41A3-8F07-A17E29DF6BC9@c5consulting.net> References: <7A1901CE-A893-41A3-8F07-A17E29DF6BC9@c5consulting.net> Message-ID: <55B9483E-3A6D-492C-82FA-B0B0292865FA@iki.fi> On 20 Sep 2016, at 21.28, Fred Turner wrote: > > Mac Pro Server 2012 > Mac OS X Server 10.6.8 > Dovecot 1.1.20apple0.5 That's an old one.. > quota = maildir:User quota:ns= > > quota2 = maildir:ns=testArchive/ > quota2_rule = *:storage=20G > > The first line is already in the default config, with the exception of the added ?:ns=? at the end. The 2nd line in the examples I saw had a middle component w/ the quota name, but when I tried that, like so: > > quota2 = maildir:Archive quota:ns=testArchive/ > > my server fails and shows this in the logs: > >> Fatal: IMAP(*): Quota root test backend maildir: Unknown parameter: ns=testArchive/ > > > Any idea why it doesn?t like that? Also, do I need to add a quota_rule for the primary quota? It does not have one normally in the Mac OS X Server config? You're trying to use Dovecot v2.x configuration in Dovecot v1.x. Sorry, won't work without upgrade. From kremels at kreme.com Tue Nov 22 00:16:38 2016 From: kremels at kreme.com (@lbutlr) Date: Mon, 21 Nov 2016 17:16:38 -0700 Subject: nologin + reason -> logging reason In-Reply-To: <201611212249.06817.arekm@maven.pl> References: <201611211539.39291.arekm@maven.pl> <6FBC1DBE-F2B7-4ED2-AA97-1E2B62EFDB3B@kreme.com> <201611212249.06817.arekm@maven.pl> Message-ID: On Nov 21, 2016, at 2:49 PM, Arkadiusz Mi?kiewicz wrote: > On Monday 21 of November 2016, @lbutlr wrote: >> On Nov 21, 2016, at 7:39 AM, Arkadiusz Mi?kiewicz wrote: >>> reason is the only thing in maillog that allows to distinguish why user >>> was not allowed to log in. >> >> Um? the only thing? How about where you set the reason in the first place? > > That "first" place is constantly changing (database) and I'm looking at logs > from X days/weeks ago, so database doesn't even have old info. I strongly suspect that nologin is the wrong way to do this. From kremels at kreme.com Tue Nov 22 00:22:22 2016 From: kremels at kreme.com (@lbutlr) Date: Mon, 21 Nov 2016 17:22:22 -0700 Subject: Implementing secondary quota w/ "Archive" namespace In-Reply-To: <081E3D9B-E268-4DD3-B4DE-E98A576CE47F@c5consulting.net> References: <7A1901CE-A893-41A3-8F07-A17E29DF6BC9@c5consulting.net> <081E3D9B-E268-4DD3-B4DE-E98A576CE47F@c5consulting.net> Message-ID: On Nov 20, 2016, at 4:28 PM, Fred Turner wrote: >> Mac Pro Server 2012 >> Mac OS X Server 10.6.8 >> Dovecot 1.1.20apple0.5 The 2012 Mac Pro Server shipped with 10.7.3. Did you seriously hack 10.6.8 onto it? From fred at c5consulting.net Tue Nov 22 02:20:17 2016 From: fred at c5consulting.net (Fred Turner) Date: Mon, 21 Nov 2016 21:20:17 -0500 Subject: Implementing secondary quota w/ "Archive" namespace In-Reply-To: <55B9483E-3A6D-492C-82FA-B0B0292865FA@iki.fi> References: <7A1901CE-A893-41A3-8F07-A17E29DF6BC9@c5consulting.net> <55B9483E-3A6D-492C-82FA-B0B0292865FA@iki.fi> Message-ID: <6934C0A8-0A9F-4DA8-952B-742029E23277@c5consulting.net> Yeah, I gradually figured out it wouldn't work yesterday when delving back into this and testing. No separate quotas per namespaces until 2.1 or something, I think? So, got any suggestions on getting it to work with v2.x? I found an old thread from 2013 by Andreas (I think?) and he didn't seem to quite be able to get it to work. Actually, though, I'd be happy to even be able to apply a quota to the primary Inbox namespace and none to the secondary "Archive" namespace, but my testing on a 10.10 Server wasn't having much success either. Thanks for the responses and input! Fred > On Nov 21, 2016, at 17:53, Timo Sirainen wrote: > >> On 20 Sep 2016, at 21.28, Fred Turner wrote: >> >> Mac Pro Server 2012 >> Mac OS X Server 10.6.8 >> Dovecot 1.1.20apple0.5 > > That's an old one.. > >> quota = maildir:User quota:ns= >> >> quota2 = maildir:ns=testArchive/ >> quota2_rule = *:storage=20G >> >> The first line is already in the default config, with the exception of the added ?:ns=? at the end. The 2nd line in the examples I saw had a middle component w/ the quota name, but when I tried that, like so: >> >> quota2 = maildir:Archive quota:ns=testArchive/ >> >> my server fails and shows this in the logs: >> >>> Fatal: IMAP(*): Quota root test backend maildir: Unknown parameter: ns=testArchive/ >> >> >> Any idea why it doesn?t like that? Also, do I need to add a quota_rule for the primary quota? It does not have one normally in the Mac OS X Server config? > > You're trying to use Dovecot v2.x configuration in Dovecot v1.x. Sorry, won't work without upgrade. From fred at c5consulting.net Tue Nov 22 02:34:21 2016 From: fred at c5consulting.net (Fred Turner) Date: Mon, 21 Nov 2016 21:34:21 -0500 Subject: Implementing secondary quota w/ "Archive" namespace In-Reply-To: References: <7A1901CE-A893-41A3-8F07-A17E29DF6BC9@c5consulting.net> <081E3D9B-E268-4DD3-B4DE-E98A576CE47F@c5consulting.net> Message-ID: Lol, may actually be a 2010...which is essentially no different than a 2012. Mac OS X 10.6.8 would work just fine on that hardware. And probably 10.5.8 as well! FT > On Nov 21, 2016, at 19:22, @lbutlr wrote: > > On Nov 20, 2016, at 4:28 PM, Fred Turner wrote: >>> Mac Pro Server 2012 >>> Mac OS X Server 10.6.8 >>> Dovecot 1.1.20apple0.5 > > The 2012 Mac Pro Server shipped with 10.7.3. Did you seriously hack 10.6.8 onto it? From arekm at maven.pl Tue Nov 22 06:15:02 2016 From: arekm at maven.pl (Arkadiusz =?utf-8?q?Mi=C5=9Bkiewicz?=) Date: Tue, 22 Nov 2016 07:15:02 +0100 Subject: nologin + reason -> logging reason In-Reply-To: References: <201611211539.39291.arekm@maven.pl> Message-ID: <201611220715.02999.arekm@maven.pl> On Monday 21 of November 2016, Timo Sirainen wrote: > On 21 Nov 2016, at 16.39, Arkadiusz Mi?kiewicz wrote: > > Hi. > > > > I'm using nologin with own reason [1]. That works fine. For example pop3 > > client gets nice message like "-ERR [AUTH] Account is locked. Please > > contact support." > > > > > > Unfortunately maillog lacks information details about why user was not > > allowed to log in. > > > > pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): > > user=, method=LOGIN, rip=1.1.1.1, lip=2.2.2.2, > > session= > > > > Is it possible to log "reason" there, too? (whether it is > > default/internal dovecot reason or my custom one). > > Does it work if you add: > > login_log_format_elements = $login_log_format_elements > reason=%{passdb:reason} Unfortunately with this empty reason is always logged (for both - allowed and nologin users) Nov 22 07:09:08 mbox dovecot[31261]: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=, method=LOGIN, rip=1.1.1.1, lip=2.2.2.2, session=, reason= while user got -ERR [AUTH] Account is locked. Please contact support. and I had: login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e local_name=%{local_name} %c session=<%{session}> reason=%{passdb:reason} -- Arkadiusz Mi?kiewicz, arekm / ( maven.pl | pld-linux.org ) From xenadmin at meinekleinefarm.net Tue Nov 22 10:46:30 2016 From: xenadmin at meinekleinefarm.net (Marco Hofmann (XenAdmin)) Date: Tue, 22 Nov 2016 11:46:30 +0100 Subject: Maildir migration from Dovecot to Dovecot Message-ID: Hello everbody, I'm a proud user of Dovecot 2.2.9 on Ubuntu 14.04 LTS. I currently migrate all my Linux services to a new Debian 8 Jessie Server. On this server I installed and configured Dovecot 2.2.24. Now I search a way to migrate the two IMAP users I have on this server preserving all timestamps, folders and flags. Yes, only two ;-) I read the following two articles: http://wiki2.dovecot.org/Tools/Doveadm/Sync http://wiki2.dovecot.org/Migration/Dsync But I must say, that either these articles are not so good, or I act quite dumb. I understand that I have to use "doveadm backup" against my old server to make a one sync with all properties of each mail. What I miss are proper examples and that there are so many options, I could set. But what confuses me most is the the configuration file in (http://wiki2.dovecot.org/Migration/Dsync) which I don't know how to reference? Am I using the wrong guides, are the article someway misleading or is there anything else I'm overlooking? Thank you so much! -- Marco Hofmann https://www.meinekleinefarm.net/ Twitter: @ZomboBrain From aki.tuomi at dovecot.fi Tue Nov 22 11:08:17 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Tue, 22 Nov 2016 13:08:17 +0200 Subject: Maildir migration from Dovecot to Dovecot In-Reply-To: References: Message-ID: <959c4e60-037e-0a29-f1ad-05d00806ea8c@dovecot.fi> On 22.11.2016 12:46, Marco Hofmann (XenAdmin) wrote: > Hello everbody, > > I'm a proud user of Dovecot 2.2.9 on Ubuntu 14.04 LTS. I currently > migrate all my Linux services to a new Debian 8 Jessie Server. On this > server I installed and configured Dovecot 2.2.24. > > Now I search a way to migrate the two IMAP users I have on this server > preserving all timestamps, folders and flags. Yes, only two ;-) > I read the following two articles: > http://wiki2.dovecot.org/Tools/Doveadm/Sync > http://wiki2.dovecot.org/Migration/Dsync > > But I must say, that either these articles are not so good, or I act > quite dumb. > I understand that I have to use "doveadm backup" against my old server > to make a one sync with all properties of each mail. > What I miss are proper examples and that there are so many options, I > could set. > But what confuses me most is the the configuration file in > (http://wiki2.dovecot.org/Migration/Dsync) which I don't know how to > reference? > Am I using the wrong guides, are the article someway misleading or is > there anything else I'm overlooking? > > Thank you so much! > Hi! here's a quick guide for easy sync: Make sure your config is up to date. # first round doveadm -o imapc_hostname=hostname -o imapc_password=password -o imapc_username=username backup -u local-username imapc: if you want to use master password, use imapc_username *and* imapc_master_username. # second round doveadm -o imapc_hostname=hostname -o imapc_password=password -o imapc_username=username sync -1 -u local-username imapc: This all assumes that doveadm user local-username produces valid results --- Aki Tuomi Dovecot oy From skdovecot at smail.inf.fh-brs.de Tue Nov 22 13:57:16 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Tue, 22 Nov 2016 14:57:16 +0100 (CET) Subject: LDAP auth problems "unknown user" In-Reply-To: <1479621082.11274.1.camel@lusan.id.au> References: <1479621082.11274.1.camel@lusan.id.au> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sun, 20 Nov 2016, Nikolai Lusan wrote: > # grep -v '^ *\(#.*\)\?$' /etc/dovecot/ldap/maliuta.org-ldap.conf.ext > uris = ldap://localhost > dn = cn=admin,dc=maliuta,dc=org > dnpass = > tls = yes > tls_ca_cert_dir = /etc/ssl/certs > auth_bind = no > ldap_version = 3 > base = ou=mail,dc=mailuta,dc=org > scope = subtree > default_pass_scheme = SSHA > deref = never > user_attrs = postfixDeliveryAddress=user > user_filter = > (&(postfixDeliveryEnabled=TRUE)(objectClass=postfixMailPerson)) > pass_attrs = postfixDeliveryAddress=user,userPassword=password > pass_filter = > (&(postfixDeliveryEnabled=TRUE)(objectClass=postfixMailPerson)(postfixD > eliveryAddress=%u)) Your userdb and passdb filter differ, user_filter is missing the (a / some) %u part > iterate_attrs = uid=user > iterate_filter = (objectClass=postfixMailPerson) > > > # ldapsearch -H ldap://localhost:389 -x -D 'cn=admin,dc=maliuta,dc=org' -W -b "ou=mail,dc=maliuta,dc=org" -s sub -LLL -ZZ '(&(postfixDeliveryEnabled=TRUE)(objectClass=postfixMailPerson)(postfixDeliveryAddress=nikolai at test.maliuta.org))' uid userPassword > Enter LDAP Password: > dn: mail=nikolai at test.maliuta.org,ou=mail,dc=maliuta,dc=org > uid: nikolai > userPassword:: e1NTSEF9QVBZMTlaeGw1cWd0a25XeGxURXdqM2g5Yk5YL3BxOGY= > > ## From /var/log/mail.log > Nov 20 07:24:20 kiliya dovecot: auth: Debug: auth client connected (pid=27086) > Nov 20 07:24:20 kiliya dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=imap#011secured#011session=1kW2C65BFI2WZbl8#011lip=#011rip=#011lport=143#011rport=36116#011local_name=#011resp=AG5pa29sYWlAdGVzdC5tYWxpdXRhLm9yZwBmb29iYXIzMzQ0 (previous base64 data may contain sensitive data) > Nov 20 07:24:20 kiliya dovecot: auth: Debug: ldap(nikolai at test.maliuta.org,,<1kW2C65BFI2WZbl8>): cache miss > Nov 20 07:24:20 kiliya dovecot: auth: Debug: ldap(nikolai at test.maliuta.org,): pass search: base=ou=mail,dc=mailuta,dc=org scope=subtree filter=(&(postfixDeliveryEnabled=TRUE)(objectClass=postfixMailPerson)(postfixDeliveryAddress=nikolai at test.maliuta.org)) fields=postfixDeliveryAddress,userPassword > Nov 20 07:24:20 kiliya dovecot: auth: ldap(nikolai at test.maliuta.org,,<1kW2C65BFI2WZbl8>): unknown user (given password: ) > Nov 20 07:24:22 kiliya dovecot: auth: Debug: client passdb out: FAIL#0111#011user=nikolai at test.maliuta.org > > - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBWDROvHz1H7kL/d9rAQIujAgAumoghZV5Wo7ONK/Uncoa6iVB30NP0D5m SdU/a++El5bLeiyKcdKoLkIqD74ZcFGjwImhRtd2Y8jroaGA15lK8HRRgJCERBKf Nr/ZQ5B4Nhbig8ETwYYrJi2KOGkKMGQyXaSHxxlXmVKNFBrWmxo8SRqa0V39KYUB pH9hVSNheHCkqpV6iS6JXnOmjXvguVtyB8ezA1zdrVfytMLL04oRKmK3Zn5s5JrO M3mfArDdVitTad5r7stf9QOBR6xMG6rNBs+2WaEuJZV7/Dlln6fcd5IbhO/X0poN pJIJ42VLirIMqAMLCRA7OWDjQcxbBFEAPAbaDh3O/pPRL/IXPJxjyw== =AxPt -----END PGP SIGNATURE----- From tanstaafl at libertytrek.org Tue Nov 22 14:48:11 2016 From: tanstaafl at libertytrek.org (Tanstaafl) Date: Tue, 22 Nov 2016 09:48:11 -0500 Subject: Good email client to use with Dovecot? In-Reply-To: <20161118135010.3229eb05@mydesk.domain.cxm> References: <20161117024852.0758af1e@mydesk.domain.cxm> <8806bc58-c7ed-79ef-fcec-6df8b8856e74@binect.de> <20161117105829.557e5a9a@mydesk.domain.cxm> <20161118135010.3229eb05@mydesk.domain.cxm> Message-ID: <605efd5b-5a4f-1f16-c9f1-ae62781e639d@libertytrek.org> On 11/18/2016 1:50 PM, Steve Litt wrote: > On Fri, 18 Nov 2016 08:14:02 -0500 > Tanstaafl wrote: >> On 11/17/2016 10:58 AM, Steve Litt wrote: >>> I have over 620K emails in over 1000 folders. This turns Thunderbird >>> into an all day affair, just to refresh its caches. >> >> There are lots of knobs you can tweak to improve the situation, but >> the bottom line is - 1,000 folders (really?!?), 650,000 emails - >> well... this is going to be a problem for almost any client. > It wasn't a problem for Kmail, before the disastrous conversion to > Kmail2. It wasn't a problem with Claws-Mail (I'm leaving Claws for > non-technical reasons). Let me clarify - I have no way of knowing if Thunderbird would choke due to the incredibly large number of folders. The number of emails is much less the problem. I have maybe 50 folders, and maybe 200,000 total emails, and don't have any performance issues, unless (and even then they are minor and temporary) I'm setting up a new/fresh profile (takes a while for header downloads), or repairing a folder with a lot of messages. I'm trying for the life of me to see a use case for anywhere close to 1,000 folders, and am failing. That would be a major problem just from the human side. How do you find anything? But, to each their own, you must have a way of dealing with it that suits you. From kremels at kreme.com Tue Nov 22 15:31:51 2016 From: kremels at kreme.com (@lbutlr) Date: Tue, 22 Nov 2016 08:31:51 -0700 Subject: Implementing secondary quota w/ "Archive" namespace In-Reply-To: References: <7A1901CE-A893-41A3-8F07-A17E29DF6BC9@c5consulting.net> <081E3D9B-E268-4DD3-B4DE-E98A576CE47F@c5consulting.net> Message-ID: <6768C610-3009-4CE0-AEF1-6F46536CA98F@kreme.com> On Nov 21, 2016, at 7:34 PM, Fred Turner wrote: > Lol, may actually be a 2010...which is essentially no different than a 2012. Mac OS X 10.6.8 would work just fine on that hardware. And probably 10.5.8 as well! It is generally not possible o install an older OS on a Mac than it shipped with. That machine, even if it?s a 2010, will run 10.7, 10.8, 10.8, 10.10, 10.11, or even 10.12. You might have better luck with a support OS. From kremels at kreme.com Tue Nov 22 15:35:52 2016 From: kremels at kreme.com (@lbutlr) Date: Tue, 22 Nov 2016 08:35:52 -0700 Subject: Good email client to use with Dovecot? In-Reply-To: <605efd5b-5a4f-1f16-c9f1-ae62781e639d@libertytrek.org> References: <20161117024852.0758af1e@mydesk.domain.cxm> <8806bc58-c7ed-79ef-fcec-6df8b8856e74@binect.de> <20161117105829.557e5a9a@mydesk.domain.cxm> <20161118135010.3229eb05@mydesk.domain.cxm> <605efd5b-5a4f-1f16-c9f1-ae62781e639d@libertytrek.org> Message-ID: <0CDC6C58-E6D3-4E8C-87E8-081C229B4FE5@kreme.com> On Nov 22, 2016, at 7:48 AM, Tanstaafl wrote: > I'm trying for the life of me to see a use case for anywhere close to > 1,000 folders, and am failing. That would be a major problem just from > the human side. How do you find anything? I can see it, though I think it?s excessive. List Mail Dovecot 2011-06 2011-07 2011-08 ? 2016-11 Postfix 2001-09 2001-10 ? 2016-11 (repeat for a hundred lists. Add folders for each friend or family member. Add folders for ever domain that sends mail. It?s certainly possible, and someone might even convince themselves it?s ?organized?.) From larryrtx at gmail.com Tue Nov 22 16:05:01 2016 From: larryrtx at gmail.com (Larry Rosenman) Date: Tue, 22 Nov 2016 10:05:01 -0600 Subject: Good email client to use with Dovecot? In-Reply-To: <0CDC6C58-E6D3-4E8C-87E8-081C229B4FE5@kreme.com> References: <20161117024852.0758af1e@mydesk.domain.cxm> <8806bc58-c7ed-79ef-fcec-6df8b8856e74@binect.de> <20161117105829.557e5a9a@mydesk.domain.cxm> <20161118135010.3229eb05@mydesk.domain.cxm> <605efd5b-5a4f-1f16-c9f1-ae62781e639d@libertytrek.org> <0CDC6C58-E6D3-4E8C-87E8-081C229B4FE5@kreme.com> Message-ID: I keep a separate ARCHIVE/YYYY-MM/ namespace for old mail and move the mail on the first of the month. That way most clients don't load it, but I can get to them. I keep one box per mailing list and other "things". So, yes, I can see multi-hundreds of folders. thebighonker.lerctr.org /home/ler/MAIL-ARCHIVE $ find . -type d | grep -v .imap |wc -l 1958 thebighonker.lerctr.org /home/ler/MAIL-ARCHIVE $ On Tue, Nov 22, 2016 at 9:35 AM, @lbutlr wrote: > On Nov 22, 2016, at 7:48 AM, Tanstaafl wrote: > > I'm trying for the life of me to see a use case for anywhere close to > > 1,000 folders, and am failing. That would be a major problem just from > > the human side. How do you find anything? > > I can see it, though I think it?s excessive. > > List Mail > Dovecot > 2011-06 > 2011-07 > 2011-08 > ? > 2016-11 > Postfix > 2001-09 > 2001-10 > ? > 2016-11 > > (repeat for a hundred lists. Add folders for each friend or family member. > Add folders for ever domain that sends mail. It?s certainly possible, and > someone might even convince themselves it?s ?organized?.) > -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From martin.wheldon at greenhills-it.co.uk Tue Nov 22 16:39:47 2016 From: martin.wheldon at greenhills-it.co.uk (Martin Wheldon) Date: Tue, 22 Nov 2016 16:39:47 +0000 Subject: Problem with multiple ldap passdb Message-ID: <7e4136873db8a4127bd2ebbe06face3d@mail.greenhills-it.co.uk> Hi mailing list, I'm currently running dovecot 2.2.13 from Debian Jessie, all is running fine. However I am attempting to merge 2 LDAP authentication sources. I would like to attempt to authenticate against the first authentication source, if that fails either by password fail or user not found, then attempt the next LDAP server. I've added the a passdb and userdb entry for the new ldap server. As you can see from the log below the user isn't found in the first LDAP query, but is in the second one. However the authentication fails: Nov 22 13:59:38 he01-imap-01 dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=imap#011secured#011session=WTLjLuRB9QBRlIlQ#011lip=51.254.222.112#011rip=81.148.137.80#011lport=143#011rport=56821#011resp=AG1hcnRpbi53aGVsZG9uQGdyXWVuaGlsbHMtaXQuY28udWsAQ3JhY2spbk4wdw== (previous base64 data may contain sensitive data) Nov 22 13:59:38 he01-imap-01 dovecot: auth: Debug: ldap(martin.wheldon at greenhills-it.co.uk,81.148.137.80,): bind search: base=dc=greenhills-it,dc=co,dc=uk filter=(&(&(ukFirmGhITAccSrvcs=Email)(ukFirmGhITAccLocked=Email-FALSE))(|(uidNumber=martin.wheldon at greenhills-it.co.uk)(mail=martin.wheldon at greenhills-it.co.uk))) Nov 22 13:59:38 he01-imap-01 dovecot: auth: Error: ldap(martin.wheldon at greenhills-it.co.uk,81.148.137.80,): ldap_search(base=dc=greenhills-it,dc=co,dc=uk filter=(&(&(ukFirmGhITAccSrvcs=Email)(ukFirmGhITAccLocked=Email-FALSE))(|(uidNumber=martin.wheldon at greenhills-it.co.uk)(mail=martin.wheldon at greenhills-it.co.uk)))) failed: No such object Nov 22 13:59:38 he01-imap-01 dovecot: auth: Debug: ldap(martin.wheldon at greenhills-it.co.uk,81.148.137.80,): bind search: base=dc=greenhills-it,dc=co,dc=uk filter=(|(uid=martin.wheldon at greenhills-it.co.uk)(mail=martin.wheldon at greenhills-it.co.uk)) Nov 22 13:59:38 he01-imap-01 dovecot: auth: Debug: ldap(martin.wheldon at greenhills-it.co.uk,81.148.137.80,): result: uid=00000001; uid unused Nov 22 13:59:38 he01-imap-01 dovecot: auth: Debug: ldap(martin.wheldon at greenhills-it.co.uk,81.148.137.80,): username changed martin.wheldon at greenhills-it.co.uk -> 00000001 Nov 22 13:59:38 he01-imap-01 dovecot: auth: Debug: ldap(00000001,81.148.137.80,): result: uid=00000001 Nov 22 13:59:40 he01-imap-01 dovecot: auth: Debug: client passdb out: FAIL#0111#011user=00000001#011temp#011original_user=martin.wheldon at greenhills-it.co.uk I know that the password was entered correctly because if I disable the new ldap config and login I get authenticated properly. Nov 22 14:00:38 he01-imap-01 dovecot: auth: Debug: auth client connected (pid=2626) Nov 22 14:00:39 he01-imap-01 dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=imap#011secured#011session=ipKBMuRBBQBRlIlQ#011lip=51.254.222.112#011rip=81.148.137.80#011lport=143#011rport=38149#011resp=AG1hcnRpbi53aGVsZG9uQGdyXWVuaGlsbHMtaXQuY28udWsAQ3JhY2spbk4wdw== (previous base64 data may contain sensitive data) Nov 22 14:00:39 he01-imap-01 dovecot: auth: Debug: ldap(martin.wheldon at greenhills-it.co.uk,81.148.137.80,): bind search: base=dc=greenhills-it,dc=co,dc=uk filter=(|(uid=martin.wheldon at greenhills-it.co.uk)(mail=martin.wheldon at greenhills-it.co.uk)) Nov 22 14:00:39 he01-imap-01 dovecot: auth: Debug: ldap(martin.wheldon at greenhills-it.co.uk,81.148.137.80,): result: uid=00000001; uid unused Nov 22 14:00:39 he01-imap-01 dovecot: auth: Debug: ldap(martin.wheldon at greenhills-it.co.uk,81.148.137.80,): username changed martin.wheldon at greenhills-it.co.uk -> 00000001 Nov 22 14:00:39 he01-imap-01 dovecot: auth: Debug: ldap(00000001,81.148.137.80,): result: uid=00000001 Nov 22 14:00:39 he01-imap-01 dovecot: auth: Debug: client passdb out: OK#0111#011user=00000001#011original_user=martin.wheldon at greenhills-it.co.uk I've done loads of googling and I believe that this is possible so I must either have misread the documentation or am triggering a bug. Neither of which I seem to be able to confirm. Any help would be much appreciated. My broken configuration is below: # 2.2.13: /etc/dovecot/dovecot.conf # OS: Linux 3.16.0-4-amd64 x86_64 Debian 8.6 auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain login default_vsz_limit = 512 M lmtp_rcpt_check_quota = yes lmtp_save_to_detail_mailbox = yes mail_location = maildir:~/Maildir mail_plugins = " quota" managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-ldap-new.conf.ext driver = ldap } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap skip = authenticated } plugin { antispam_backend = pipe antispam_pipe_program = /usr/sbin/sendmail antispam_pipe_program_args = -f;%{auth_user};-r;%{auth_user} antispam_pipe_program_notspam_arg = retrain-as-ham at greenhills-it.co.uk antispam_pipe_program_spam_arg = retrain-as-spam at greenhills-it.co.uk antispam_spam = Spam antispam_trash = Trash quota = maildir:User quota quota_rule = *:storage=1G quota_rule2 = Trash:ignore quota_rule3 = Spam:ignore sieve = ~/.dovecot.sieve sieve_before = /var/lib/dovecot/sieve/move-spam.sieve sieve_dir = ~/sieve } protocols = " imap lmtp sieve pop3" service imap-login { process_min_avail = 20 service_count = 1 } service imap { process_min_avail = 20 } service lmtp { inet_listener lmtp { address = he01-imap-01.greenhills-it.co.uk 127.0.0.1 port = 2003 } } service pop3 { process_min_avail = 20 } ssl = required ssl_cert = References: <1479621082.11274.1.camel@lusan.id.au> Message-ID: <1479833384.25019.1.camel@lusan.id.au> Hi, Thanks for the response - I had be bashing my head against the wall on this for a few weeks. I even wrote a perl script to do the job for me (hours of my life wasted). But I did get it to work with LDAP using a corrected version of this config. On Tue, 2016-11-22 at 14:57 +0100, Steffen Kaiser wrote: > On Sun, 20 Nov 2016, Nikolai Lusan wrote: > > > dn = cn=admin,dc=maliuta,dc=org > > base = ou=mail,dc=mailuta,dc=org ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Spot the problem ... one misplaced character, and enough alike that only a second, third, or nth pair of eyes would have picked it up. > > user_attrs = postfixDeliveryAddress=user > > user_filter = > > (&(postfixDeliveryEnabled=TRUE)(objectClass=postfixMailPerson)) > > pass_attrs = postfixDeliveryAddress=user,userPassword=password > > pass_filter = > > (&(postfixDeliveryEnabled=TRUE)(objectClass=postfixMailPerson)(post > > fixD > > eliveryAddress=%u)) > > Your userdb and passdb filter differ, user_filter is missing the (a > /? > some) %u part Yeah, I am aware of that. I think I have it fixed in the final config - once I turn on a heavy slapd debug load to see what dovecot was actually sending to the LDAP server. :) Now that the testing is over with a dummy host name I just have to go back to fighting with LDAP to get my main domain working before transferring all my mail to the new server, then setting up other domains for clients. This was not a real problem - it was a PEBKAC error. One that any programmer/sysadmin is familiar with and suffers from at some point :) -- Nikolai Lusan -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: This is a digitally signed message part URL: From kremels at kreme.com Tue Nov 22 16:53:16 2016 From: kremels at kreme.com (@lbutlr) Date: Tue, 22 Nov 2016 09:53:16 -0700 Subject: Good email client to use with Dovecot? In-Reply-To: References: <20161117024852.0758af1e@mydesk.domain.cxm> <8806bc58-c7ed-79ef-fcec-6df8b8856e74@binect.de> <20161117105829.557e5a9a@mydesk.domain.cxm> <20161118135010.3229eb05@mydesk.domain.cxm> <605efd5b-5a4f-1f16-c9f1-ae62781e639d@libertytrek.org> <0CDC6C58-E6D3-4E8C-87E8-081C229B4FE5@kreme.com> Message-ID: <449B0F13-7C30-4676-92FD-FC1994CFFEE3@kreme.com> On Nov 22, 2016, at 9:05 AM, Larry Rosenman wrote: > I keep a separate ARCHIVE/YYYY-MM/ namespace for old mail and move > the mail on the first of the month. That way most clients don't load it, > but > I can get to them. I keep one box per mailing list and other "things?. WhenI did that I would combine every year into a single year folder and only keep the last 3-4 months in separate folders. From fred at c5consulting.net Tue Nov 22 17:02:08 2016 From: fred at c5consulting.net (Fred Turner) Date: Tue, 22 Nov 2016 12:02:08 -0500 Subject: Implementing secondary quota w/ "Archive" namespace In-Reply-To: <6768C610-3009-4CE0-AEF1-6F46536CA98F@kreme.com> References: <7A1901CE-A893-41A3-8F07-A17E29DF6BC9@c5consulting.net> <081E3D9B-E268-4DD3-B4DE-E98A576CE47F@c5consulting.net> <6768C610-3009-4CE0-AEF1-6F46536CA98F@kreme.com> Message-ID: <5ABE002F-A539-4987-8CC5-1EF905CAD40A@c5consulting.net> Sorry, but that is not correct. 10.7 Lion was not released until July 2011. Mac Pro 2010 would obviously not have included it, but rather 10.6 Snow Leopard. And again, there is negligible difference between 2009-2010-2012 Mac Pros, such that they all will likely run anything from 10.5 onward through 10.11 equally well (actually 10.12 too even on the 2009s with a firmware update), whether Apple explicitly specified support or not. And I am not running an older system than this machine shipped with, as it shipped with 10.6. In any case, my difficulty here is not related to OS hardware support or lack of, but rather this version of Dovecot (v1.1) not being able to do separate quotas for separate namespaces. Dovecot v2 might be able to, but there had apparently been difficulties with that as well, from I've read. FT > On Nov 22, 2016, at 10:31, @lbutlr wrote: > >> On Nov 21, 2016, at 7:34 PM, Fred Turner wrote: >> Lol, may actually be a 2010...which is essentially no different than a 2012. Mac OS X 10.6.8 would work just fine on that hardware. And probably 10.5.8 as well! > > It is generally not possible o install an older OS on a Mac than it shipped with. > > That machine, even if it?s a 2010, will run 10.7, 10.8, 10.8, 10.10, 10.11, or even 10.12. > > You might have better luck with a support OS. From tanstaafl at libertytrek.org Tue Nov 22 17:34:01 2016 From: tanstaafl at libertytrek.org (Tanstaafl) Date: Tue, 22 Nov 2016 12:34:01 -0500 Subject: Good email client to use with Dovecot? In-Reply-To: <0CDC6C58-E6D3-4E8C-87E8-081C229B4FE5@kreme.com> References: <20161117024852.0758af1e@mydesk.domain.cxm> <8806bc58-c7ed-79ef-fcec-6df8b8856e74@binect.de> <20161117105829.557e5a9a@mydesk.domain.cxm> <20161118135010.3229eb05@mydesk.domain.cxm> <605efd5b-5a4f-1f16-c9f1-ae62781e639d@libertytrek.org> <0CDC6C58-E6D3-4E8C-87E8-081C229B4FE5@kreme.com> Message-ID: On 11/22/2016 10:35 AM, @lbutlr wrote: > On Nov 22, 2016, at 7:48 AM, Tanstaafl wrote: >> I'm trying for the life of me to see a use case for anywhere close to >> 1,000 folders, and am failing. That would be a major problem just from >> the human side. How do you find anything? > I can see it, though I think it?s excessive. > > List Mail > Dovecot > 2011-06 > 2011-07 > 2011-08 Like I said, I simply don't see it. There is simply zero reason to split things up like this. It is trivial to limit your view to just what you want with filters or just plain sorting (by date in this case). Just not enough bang for the buck. Again, this is jut my opinion, if this makes someone else feel better/more organized or whatever, obviously they are free to have as many folders as they want. From tanstaafl at libertytrek.org Tue Nov 22 17:36:28 2016 From: tanstaafl at libertytrek.org (Tanstaafl) Date: Tue, 22 Nov 2016 12:36:28 -0500 Subject: Good email client to use with Dovecot? In-Reply-To: References: <20161117024852.0758af1e@mydesk.domain.cxm> <8806bc58-c7ed-79ef-fcec-6df8b8856e74@binect.de> <20161117105829.557e5a9a@mydesk.domain.cxm> <20161118135010.3229eb05@mydesk.domain.cxm> <605efd5b-5a4f-1f16-c9f1-ae62781e639d@libertytrek.org> <0CDC6C58-E6D3-4E8C-87E8-081C229B4FE5@kreme.com> Message-ID: <84841093-affe-a26f-b1f2-fcb057a37d87@libertytrek.org> On 11/22/2016 11:05 AM, Larry Rosenman wrote: > I keep a separate ARCHIVE/YYYY-MM/ namespace for old mail and move > the mail on the first of the month. That way most clients don't load it, > but I can get to them. I keep one box per mailing list and other "things". I keep a single 'Old Mail' folder, where I file anything that I want to keep but doesn't fit into any of my 20 or 30 specific folders I've created. > So, yes, I can see multi-hundreds of folders. Again, I can't, it is much easier, in my opinion, to only have to search a single folder, rather than try to figure out which folder something is more likely to be in - but whatever works for you... From ruga at protonmail.com Tue Nov 22 17:54:57 2016 From: ruga at protonmail.com (Ruga) Date: Tue, 22 Nov 2016 12:54:57 -0500 Subject: Good email client to use with Dovecot? In-Reply-To: References: <20161117024852.0758af1e@mydesk.domain.cxm> <8806bc58-c7ed-79ef-fcec-6df8b8856e74@binect.de> <20161117105829.557e5a9a@mydesk.domain.cxm> <20161118135010.3229eb05@mydesk.domain.cxm> <605efd5b-5a4f-1f16-c9f1-ae62781e639d@libertytrek.org> <0CDC6C58-E6D3-4E8C-87E8-081C229B4FE5@kreme.com> Message-ID: Anyone using the default (TB) approach /Archive/YYYY-MM will eventually meet the problem of having too many folders and a slow service. The alternative, for the user, is to write their own filters. From the server side, it would be useful if dovecot would filter certain e-mails automatically. For example, it could move any e-mail from "dovecot at dovecot.org" into /Lists/dovecot at dovecot_org/. On Tue, Nov 22, 2016 at 6:34 PM, Tanstaafl <'tanstaafl at libertytrek.org'> wrote: On 11/22/2016 10:35 AM, @lbutlr wrote: > On Nov 22, 2016, at 7:48 AM, Tanstaafl wrote: >> I'm trying for the life of me to see a use case for anywhere close to >> 1,000 folders, and am failing. That would be a major problem just from >> the human side. How do you find anything? > I can see it, though I think it?s excessive. > > List Mail > Dovecot > 2011-06 > 2011-07 > 2011-08 Like I said, I simply don't see it. There is simply zero reason to split things up like this. It is trivial to limit your view to just what you want with filters or just plain sorting (by date in this case). Just not enough bang for the buck. Again, this is jut my opinion, if this makes someone else feel better/more organized or whatever, obviously they are free to have as many folders as they want. From slitt at troubleshooters.com Tue Nov 22 21:06:54 2016 From: slitt at troubleshooters.com (Steve Litt) Date: Tue, 22 Nov 2016 16:06:54 -0500 Subject: Good email client to use with Dovecot? In-Reply-To: <605efd5b-5a4f-1f16-c9f1-ae62781e639d@libertytrek.org> References: <20161117024852.0758af1e@mydesk.domain.cxm> <8806bc58-c7ed-79ef-fcec-6df8b8856e74@binect.de> <20161117105829.557e5a9a@mydesk.domain.cxm> <20161118135010.3229eb05@mydesk.domain.cxm> <605efd5b-5a4f-1f16-c9f1-ae62781e639d@libertytrek.org> Message-ID: <20161122160654.5d5261bf@mydesk.domain.cxm> On Tue, 22 Nov 2016 09:48:11 -0500 Tanstaafl wrote: > I'm trying for the life of me to see a use case for anywhere close to > 1,000 folders, and am failing. That would be a major problem just from > the human side. How do you find anything? Hierarchy/drilldown. I'm on what, maybe 70 mailing lists like this one. Many I've been on for more than a decade, so I have an OLDFOLDERS folder containing subfolders for each mailing list, each of which have their own subfolder by year. The three email clients I ever used: Eudora (on Windows 98), Kmail and Claws-Mail had a collapsible outline view of all my folders and subfolders, making drilldown trivial. They all also had recursive searches. So 90% of the time, I just went to the current folder for the mailing list. The rest of the time, I used drilldown and recursive search. In less than 1% of cases was I unable to find an email I knew existed. I imagine if I'd started with Alpine, I might have had fewer folders with more messages. But given the ease my past email clients had with viewing my folders as a drillable hierarchy, doing it the way I did it was trivial. And from a human point of view, the best way to organize things is in a hierarchy, like a room of file cabinets, a Linux filesystem, or a computer menu. SteveT Steve Litt November 2016 featured book: Quit Joblessness: Start Your Own Business http://www.troubleshooters.com/startbiz From moseleymark at gmail.com Tue Nov 22 22:49:02 2016 From: moseleymark at gmail.com (Mark Moseley) Date: Tue, 22 Nov 2016 14:49:02 -0800 Subject: Implementing secondary quota w/ "Archive" namespace In-Reply-To: <6934C0A8-0A9F-4DA8-952B-742029E23277@c5consulting.net> References: <7A1901CE-A893-41A3-8F07-A17E29DF6BC9@c5consulting.net> <55B9483E-3A6D-492C-82FA-B0B0292865FA@iki.fi> <6934C0A8-0A9F-4DA8-952B-742029E23277@c5consulting.net> Message-ID: On Mon, Nov 21, 2016 at 6:20 PM, Fred Turner wrote: > Yeah, I gradually figured out it wouldn't work yesterday when delving back > into this and testing. No separate quotas per namespaces until 2.1 or > something, I think? > > So, got any suggestions on getting it to work with v2.x? I found an old > thread from 2013 by Andreas (I think?) and he didn't seem to quite be able > to get it to work. Actually, though, I'd be happy to even be able to apply > a quota to the primary Inbox namespace and none to the secondary "Archive" > namespace, but my testing on a 10.10 Server wasn't having much success > either. > > Thanks for the responses and input! > Fred > > > On Nov 21, 2016, at 17:53, Timo Sirainen wrote: > > > >> On 20 Sep 2016, at 21.28, Fred Turner wrote: > >> > >> Mac Pro Server 2012 > >> Mac OS X Server 10.6.8 > >> Dovecot 1.1.20apple0.5 > > > > That's an old one.. > > > >> quota = maildir:User quota:ns= > >> > >> quota2 = maildir:ns=testArchive/ > >> quota2_rule = *:storage=20G > >> > >> The first line is already in the default config, with the exception of > the added ?:ns=? at the end. The 2nd line in the examples I saw had a > middle component w/ the quota name, but when I tried that, like so: > >> > >> quota2 = maildir:Archive quota:ns=testArchive/ > >> > >> my server fails and shows this in the logs: > >> > >>> Fatal: IMAP(*): Quota root test backend maildir: Unknown parameter: > ns=testArchive/ > >> > >> > >> Any idea why it doesn?t like that? Also, do I need to add a quota_rule > for the primary quota? It does not have one normally in the Mac OS X Server > config? > > > > You're trying to use Dovecot v2.x configuration in Dovecot v1.x. Sorry, > won't work without upgrade. > So I've been playing with this and I mostly have things working. It's 2.2.26.0, btw. In all the below, both namespaces are working and I can copy/move messages back and forth between them. One thing that I've not figured out yet (though I'm sure I'm just missing something scouring the docs): If I move messages between namespaces, it appears to ignore the quotas I've set on them. A *copy* will trigger the quota error. But a *move* just happily piles on to the overquota namespace. Is that normal? E.g., here's the maildirsize from the 'archive' namespace (with quotas set absurdly low for testing) and I just moved some messages into it from INBOX: 20000S,10C 32252 31 2809 1 and it'll just keep tacking on. As you can see it's over on bytes and # of messages. But it will successfully block a copy. This behavior of ignoring the quota for moves goes in both directions, from INBOX to 'archive' and vice versa. And note that the values above are what I set, so it *is* seeing the quota just fine (and like I said, when I copy a message, it gets appropriately blocked due to quota). Is this the normal behavior for message moves? Oh, and it's definitely a move: A0004 UID MOVE 180 Archive.archive1.. * OK [COPYUID 1268932143 180 53] Moved UIDs...* 69 EXPUNGE..A0004 OK Move completed (0.042 + 0.000 + 0.041 secs)... BTW, since I spent a good deal of time before I figured this out, if you're using SQL prefetch, the syntax for overrding the location in passdb password_query becomes (with the example ns of 'archive'): userdb_namespace/archive/location instead of namespace/archive/location I couldn't for the life of me figure out why dovecot was ignoring 'namespace/archive/location'. Writing this email helped me figure it out, as usual :) ===================================== doveconf -n: # 2.2.26 (54d6540): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.16 (fed8554) # OS: Linux 3.14.77 x86_64 Ubuntu 12.04.5 LTS auth_cache_negative_ttl = 1 mins auth_cache_size = 10 M auth_cache_ttl = 10 mins auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain login base_dir = /var/run/dovecot/ debug_log_path = /var/log/dovecot/debug.log default_client_limit = 3005 default_internal_user = doveauth default_process_limit = 1500 deliver_log_format = M=%m, F=%f, S="%s" B="%p/%w" => %$ disable_plaintext_auth = no first_valid_uid = 199 imap_capability = +UNSELECT last_valid_uid = 201 listen = * log_path = /var/log/dovecot/mail.log mail_debug = yes mail_location = maildir:~/Maildir mail_nfs_storage = yes mail_privileged_group = mail mail_uid = 200 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext namespace { hidden = no inbox = yes list = yes location = prefix = INBOX. separator = . subscriptions = yes type = private } namespace archive { inbox = no list = children location = maildir:~/Archive prefix = Archive. separator = . subscriptions = yes type = private } passdb { args = /etc/dovecot/include/sql.conf driver = sql } plugin { quota = maildir:User quota quota2 = maildir:User2 quota:ns=Archive. quota2_rule = *:bytes=20000 quota2_rule2 = *:messages=10 quota_rule = *:bytes=400000 quota_rule2 = INBOX.Trash:bytes=+10%% quota_rule3 = *:messages=2000 } protocols = imap sieve service auth-worker { unix_listener auth-worker { mode = 0666 } user = doveauth } service auth { client_limit = 8000 unix_listener login/auth { mode = 0666 } user = doveauth } service imap-login { inet_listener imap { port = 143 } process_min_avail = 20 service_count = 1000 vsz_limit = 256 M } service imap { client_limit = 10 idle_kill = 5 mins process_limit = 2000 process_min_avail = 10 service_count = 1000 vsz_limit = 512 M } service managesieve-login { inet_listener sieve { port = 4190 } } ssl = no userdb { driver = prefetch } userdb { args = /etc/dovecot/include/sql.conf driver = sql } verbose_proctitle = yes protocol imap { mail_max_userip_connections = 10000 mail_plugins = zlib quota imap_quota stats imap_stats } protocol lda { debug_log_path = /var/log/dovecot/lda/lda-quotawarning.log log_path = /var/log/dovecot/lda/lda-quotawarning.log } From marti1234 at gmail.com Tue Nov 22 22:54:54 2016 From: marti1234 at gmail.com (Marti Markov) Date: Tue, 22 Nov 2016 22:54:54 +0000 Subject: Single user to have lrw to all mailboxes Message-ID: <22F9BB55-5F85-43D4-8D8B-CA5A4735F4AF@gmail.com> I have implemented a global acl: * owner lrwstipkae INBOX.Spam owner lrwstipeka .Trash owner lrwsti INBOX.Trash owner lrw * user=master-user at mydomain.com lrs * owner lrwstipkae But the master-user then loses all other permissions on his own mailbox, he is left only with: lrs Any pointers on how to fix this? From slitt at troubleshooters.com Wed Nov 23 06:26:45 2016 From: slitt at troubleshooters.com (Steve Litt) Date: Wed, 23 Nov 2016 01:26:45 -0500 Subject: Updated my Dovecot certificate for the first time Message-ID: <20161123012645.07a928ab@mydesk.domain.cxm> Hi all, I've used Dovecot since February 2012, but because I kept reinstalling Linux with every major version, I never had a Dovecot self-signed certificate go bad on me before. Til now. I started using rolling release Void Linux about a year ago, and my Dovecot self-signed certificate just expired. The solution I used is contained in these documents: http://wiki2.dovecot.org/SSL/CertificateCreation http://wiki2.dovecot.org/SSL/CertificateClientImporting file:///etc/ssl/dovecot-openssl.cnf http://www.faqforge.com/linux/renew-the-dovecot-ssl-certificate-on-ubuntu-linux/ I basically moved my old /etc/ssl/certs/dovecot.pem and /etc/ssl/private/dovecot.pem, then edited /etc/ssl/dovecot-openssl.cnf specifically to give myself the common name of 192.168.100.2. I had earlier used my hostname, but that produced a conflict, so I just used the ip address. Then I ran dovecot-mkcert.sh to create the new self-signed cert, and finally, configured Claws-Mail to use /etc/ssl/certs/dovecot.pem as its cert. Obviously, if my Claws-Mail were on a different machine than my Dovecot, I would have had Claws-Mail point to a local copy. Alpine still gives me a bad cert warning, saying I should either fix it or disable checking. I haven't yet found a way to get Alpine to discriminate between a valid self-signed cert and a bad one. Anyway, all's good. SteveT Steve Litt November 2016 featured book: Quit Joblessness: Start Your Own Business http://www.troubleshooters.com/startbiz From steve at degga.net Wed Nov 23 08:03:22 2016 From: steve at degga.net (Steven Mainor) Date: Wed, 23 Nov 2016 03:03:22 -0500 Subject: Active sieve script symbolic link doesn't update when changed. Message-ID: While setting up sieve on my email server I mistakenly setup a symlink (~/sieve/myfilter.svbin > ~/.dovecot.sieve) but I think that that should have been (~/sieve/myfilter.sieve > ~/.dovecot.sieve). I have fixed the mistake but dovecot/sieve still throws an error saying that the symlink still links to the wrong file. I have made sure the symlink is fixed (it links to ~/sieve/myfilter.sieve) and I tried restarting dovecot and the server but nothing works. I still get the error and my sieve filters aren't processed. Any help would be greatly appreciated. ~# grep sieve /var/log/syslog | nano temp.save Nov 23 01:32:09 1 dovecot: lda(steve at degga.net): Warning: sieve: file storage: Active Sieve script symlink /var/mail/vmail/degga.net/steve/.dovecot.sieve is broken: Invalid scriptname (points to myfilter.svbin). vmail at 1:/var/mail/vmail/degga.net/steve/mail$ ls -l -a #redacted irrelevant stuff lrwxrwxrwx 1 vmail vmail 14 Nov 23 02:43 .dovecot.sieve -> myfilter.sieve vmail at 1:/var/mail/vmail$ dovecot -n # 2.2.22 (fe789d2): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.13 (7b14904) # OS: Linux 4.4.0-47-generic x86_64 Ubuntu 16.04.1 LTS ext4 auth_mechanisms = plain login auth_verbose = yes mail_home =/var/mail/vmail/%d/%n mail_location = maildir:/var/mail/vmail/%d/%n/mail:LAYOUT=fs managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext namespace inbox { inbox = yes location = mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Junk { auto = subscribe special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { auto = subscribe special_use = \Trash } prefix = } passdb { args = username_format=%u scheme=ssha512 /etc/dovecot/passwd.db driver = passwd-file } plugin { sieve = ~/.dovecot.sieve sieve_after = /var/mail/vmail/sieve-after sieve_before = /var/mail/vmail/sieve-before sieve_dir = ~/sieve } protocols = imap sieve service auth { unix_listener /var/spool/postfix/private/dovecot-auth { group = postfix mode = 0660 user = postfix } } # SSL information redacted here. userdb { args = uid=vmail gid=vmail home=/var/mail/vmail/%d/%n driver = static } protocol lda { deliver_log_format = msgid=%m: %$ mail_plugins = sieve postmaster_address =postmaster at degga.net quota_full_tempfail = yes rejection_reason = Your message to <%t> was automatically rejected:%n% r } protocol imap { imap_client_workarounds = delay-newmail tb-extra-mailbox-sep mail_max_userip_connections = 10 } From marti.markov at gmail.com Wed Nov 23 08:21:07 2016 From: marti.markov at gmail.com (Marti Markov) Date: Wed, 23 Nov 2016 08:21:07 +0000 Subject: Exim still accepting emails to nonexistent users In-Reply-To: <20161121111655.GN29010@jumper.schlittermann.de> References: <1F9CEC86-7EE0-4FD4-B68E-7AF082FE2B93@gmail.com> <20161117213349.GA29010@jumper.schlittermann.de> <79EABAB5-835A-4E7B-ADBD-5801EEC587F4@gmail.com> <20161121105013.GM29010@jumper.schlittermann.de> <20161121111655.GN29010@jumper.schlittermann.de> Message-ID: Hi Heiko, Sorry for using your private email address. :/ I managed to get this working using local_user changes by adding ldap user verification there: local_user: debug_print = "R: local_user LDAP lookup for $local_part@$domain" driver = accept domains = +local_domains condition = CHECK_VIRTUAL_USER transport = dovecot_lmtp cannot_route_message = Unknown user Where CHECK_VIRTUAL_USER is: # Query that tests the existence of the user CHECK_VIRTUAL_USER = \ ${lookup ldap{user="cn=exim4,ou=dsa,dc=mydomain,dc=com" pass=PASS \ ldap:///dc=mydomain,dc=com?mail?sub?(&(objectClass=inetOrgPerson)(mail=$local_part@ $domain))}{$value}fail} Thanks again for all the support. You pointed me in the right direction. :) 2016-11-21 11:16 GMT+00:00 Heiko Schlittermann : > Hi, > > Heiko Schlittermann (Mo 21 Nov 2016 11:50:13 CET): > > a) Routing stage > > You need to interact with the user database dovecot uses. > > Either you access the user database directory (flat file, LDAP, > > whatever) or you use the ${readsocket?} feature of Exim to talk to > > dovecot. > > The readsocket trick doesn't seem to work anymore. > > Using > $ socat STDIO UNIX:/run/dovecot/auth-master > < VERSION 1 1 > < SPID 16290 > > VERSION 1 1 > > USER 42 hs12 service=imap > < USER 1 hs12 uid=500 gid=500 home=/var/vmail/home/h/hs12 > > (the spaces are tabs). > > But using Exim > > exim -be '${readsocket{/run/dovecot/auth-userdb}{VERSION\t1\t1\ > nUSER\t1\hs12\tservice=imap\n}}' > > does not work. Exim closes the sending side right after the final \n > with shutdown(2). Dovecot seems to see this as if the connection should > be closed now and closes the connection, w/o any response. > > As it's not unusual to shutdown(2) the sender if the message is sent, > I'd see this as a bug on the dovecot side. There is no reason to > consider the connection as dead, just because the sender closed > its sending side of the connection. > > Best regards from Dresden/Germany > Viele Gr??e aus Dresden > Heiko Schlittermann > -- > SCHLITTERMANN.de ---------------------------- internet & unix support - > Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - > gnupg encrypted messages are welcome --------------- key ID: F69376CE - > ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ - > -- Marti Markov Pursuing a Bachelor Degree of Science in Computer Science at the University of Southampton Cell phone: +359886621454 Twitter: https://twitter.com/martimarkov Facebook: https://facebook.com/Marti.Markov From skdovecot at smail.inf.fh-brs.de Wed Nov 23 08:28:23 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Wed, 23 Nov 2016 09:28:23 +0100 (CET) Subject: Active sieve script symbolic link doesn't update when changed. In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 23 Nov 2016, Steven Mainor wrote: > Any help would be greatly appreciated. > > ~# grep sieve /var/log/syslog | nano temp.save > > Nov 23 01:32:09 1 dovecot: lda(steve at degga.net): Warning: sieve: file > storage: Active Sieve script symlink > /var/mail/vmail/degga.net/steve/.dovecot.sieve is broken: Invalid scriptname > (points to myfilter.svbin). ^^^ no mail here > > vmail at 1:/var/mail/vmail/degga.net/steve/mail$ ls -l -a ^^^ mail here > #redacted irrelevant stuff > lrwxrwxrwx 1 vmail vmail 14 Nov 23 02:43 .dovecot.sieve -> > myfilter.sieve I guess, you changed the symlink at the wrong place. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBWDVTJ3z1H7kL/d9rAQJumwgAro6oLt0nS3MXpWqxsM3pLX2o3xXlTbxv jqq4il/y7+m1xm2SiHOKeDvYFMyhhl7G4rLoB3KcVsixidGcsVQtsiI7HiouD0bf Ds4AFiLyYLPv09bBYOJJ/HGvwt11MCgiC9hS3wrWtMsNEu3LGFoq2+n0kHLIG2Ey TcqzSpW19ohxUK0pMxVnPn1MAABJRxWsfmhrzNkUSuIaSfDggrMylkIxYgXB0ahX UlL6JzJjegpH6s3MxJEnhwpovQF3gRwcz1beFCKiukn+0DW/O5Ho4rx8X2XcybFo vAhmptTCq5ag12Q+mj7mfT6NugWM/ICWHG0MI3gZZ7IzKzGg8/8cSg== =nfU8 -----END PGP SIGNATURE----- From hs at schlittermann.de Wed Nov 23 09:18:23 2016 From: hs at schlittermann.de (Heiko Schlittermann) Date: Wed, 23 Nov 2016 10:18:23 +0100 Subject: Exim still accepting emails to nonexistent users In-Reply-To: References: <1F9CEC86-7EE0-4FD4-B68E-7AF082FE2B93@gmail.com> <20161117213349.GA29010@jumper.schlittermann.de> <79EABAB5-835A-4E7B-ADBD-5801EEC587F4@gmail.com> <20161121105013.GM29010@jumper.schlittermann.de> <20161121111655.GN29010@jumper.schlittermann.de> Message-ID: <20161123091823.GS29010@jumper.schlittermann.de> Hi Marti, Marti Markov (Mi 23 Nov 2016 09:21:07 CET): > Hi Heiko, > > Sorry for using your private email address. :/ ? the problem is the duplicat suppression on our mailsystem, normally it passes the 'unicasted' message and supresses the 'broadcasted' messages (as the unicasted message comes first). The unicasted message doesn't carry all the list headers. That's one reason, why duplicate suppression is a bad thing. > I managed to get this working using local_user changes by adding ldap user > verification there: ? > ldap:///dc=mydomain,dc=com?mail?sub?(&(objectClass=inetOrgPerson)(mail=$local_part@ > $domain))}{$value}fail} > > Thanks again for all the support. You pointed me in the right direction. :) You're welcome. Best regards from Dresden/Germany Viele Gr??e aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---------------------------- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --------------- key ID: F69376CE - ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ - -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: Digital signature URL: From steve at degga.net Wed Nov 23 09:27:51 2016 From: steve at degga.net (Steven Mainor) Date: Wed, 23 Nov 2016 04:27:51 -0500 Subject: Active sieve script symbolic link doesn't update when changed. In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Wow, that was the problem. I can't believe I overlooked that so many times. Thank you so much. I was ready to pull my hair out. On November 23, 2016 3:28:23 AM EST, Steffen Kaiser wrote: >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > >On Wed, 23 Nov 2016, Steven Mainor wrote: > >> Any help would be greatly appreciated. >> >> ~# grep sieve /var/log/syslog | nano temp.save >> >> Nov 23 01:32:09 1 dovecot: lda(steve at degga.net): Warning: sieve: file > >> storage: Active Sieve script symlink >> /var/mail/vmail/degga.net/steve/.dovecot.sieve is broken: Invalid >scriptname >> (points to myfilter.svbin). > ^^^ no mail here > >> >> vmail at 1:/var/mail/vmail/degga.net/steve/mail$ ls -l -a > ^^^ mail here >> #redacted irrelevant stuff >> lrwxrwxrwx 1 vmail vmail 14 Nov 23 02:43 .dovecot.sieve -> >> myfilter.sieve > >I guess, you changed the symlink at the wrong place. > >- -- >Steffen Kaiser >-----BEGIN PGP SIGNATURE----- >Version: GnuPG v1 > >iQEVAwUBWDVTJ3z1H7kL/d9rAQJumwgAro6oLt0nS3MXpWqxsM3pLX2o3xXlTbxv >jqq4il/y7+m1xm2SiHOKeDvYFMyhhl7G4rLoB3KcVsixidGcsVQtsiI7HiouD0bf >Ds4AFiLyYLPv09bBYOJJ/HGvwt11MCgiC9hS3wrWtMsNEu3LGFoq2+n0kHLIG2Ey >TcqzSpW19ohxUK0pMxVnPn1MAABJRxWsfmhrzNkUSuIaSfDggrMylkIxYgXB0ahX >UlL6JzJjegpH6s3MxJEnhwpovQF3gRwcz1beFCKiukn+0DW/O5Ho4rx8X2XcybFo >vAhmptTCq5ag12Q+mj7mfT6NugWM/ICWHG0MI3gZZ7IzKzGg8/8cSg== >=nfU8 >-----END PGP SIGNATURE----- - -- Steven Mainor -----BEGIN PGP SIGNATURE----- Version: APG v1.1.1 iQI9BAEBCgAnBQJYNWEXIBxTdGV2ZW4gTWFpbm9yIDxzdGV2ZUBkZWdnYS5uZXQ+ AAoJEHEwUCz4iIxrOfYP/jDdni9PjCcEFrWEMHHJ2TyiDFHb64ZJ4gFQP05tHMWd ZGISluMuq1wfP2IqcnuuT9fEuhEZ/p45RJVCJrb5J8HcGrPaqnbMXgpWMZbnnIb2 IbjOaxYQp8SN0D6jUDvFTNMiZFFf9u6A427hWRNR9p96UA0d69JKZcR3Okp7yiwo GOtfuVlsyYPYXpAArZQSWiIyHvhQNLFmBBSC+RCfk5W2fpTdL5YRO5wwlKS49POg 8ASGEOQsCbxoLaoBqhZrMe+maXI/7puvJRUXRhoAhR+MIfINsQ+KQ10fqPoHLV9j 5B4GIaekzPcBHe/ucFd5mR2Ru0GB/18g8q3B7jcQlGn2QjLYhkEZGgZAJFfIULD6 xMr2zXVqBt8VFoz06rwMCiZTz8BjjEwcBRBNhJSaQTptXWdV5prikhqjiVdRw9dz Z4o/zwe2YBjaCT+MwaMWB4LNHNAyJ5/deeVvrtnL8p0/pGOJc7oQsJSPmOtQz67/ z4KXqr08phmX2B4CgdCLCQ/GlpB5s1Ncjo/6Bcu9A23GkJNoTiiavGnSzlDaDcok 40t+F4TXy5XLlllYtczAyeuPBxboOClAyRmpjBJI1yjyS5lif/Y9jA7bK8vdLdYi XPHML/y2TKsVFaQbUO9oekJfw87Tg9PqmXZyWdvk3JUV1zlZJCac+YrgmWj9RFAE =FGSK -----END PGP SIGNATURE----- From fzielcke at z-51.de Wed Nov 23 17:53:27 2016 From: fzielcke at z-51.de (Felix Zielcke) Date: Wed, 23 Nov 2016 18:53:27 +0100 Subject: antispam plugin not working correctly Message-ID: <1479923607.1406.2.camel@z-51.de> Hi, I've configured the antispam plugin like in the wiki to use the sa- learn-pipe.sh shell script. But it's not creating the log file in /tmp. Even if I add a "touch /tmp/x" in sa-learn-pipe.sh it's not created. So how I can check if it works correctly? dovecot version 2.2.26.0 /var/log/debug although contains: Nov 23 18:36:49 daedalus imap [fzielcke at z-51.de 80.187.96.201 UID MOVE]: antispam: mail copy: src spam: 1, dst spam: 0, src unsure: 0 Nov 23 18:36:49 daedalus imap [fzielcke at z-51.de 80.187.96.201 UID MOVE]: antispam: running mailtrain backend program /usr/bin/sa-learn-pipe.sh Nov 23 18:36:49 daedalus imap [fzielcke at z-51.de 80.187.96.201 UID MOVE]: antispam: running mailtrain backend program /usr/bin/sa-learn-pipe.sh Nov 23 18:36:49 daedalus imap [fzielcke at z-51.de 80.187.96.201 UID MOVE]: antispam: running mailtrain backend program parameter 1 --ham # doveconf -n |grep antispam antispam_backend = pipe antispam_debug_target = syslog antispam_pipe_program = /usr/bin/sa-learn-pipe.sh antispam_pipe_program_notspam_arg = --ham antispam_pipe_program_spam_arg = --spam antispam_pipe_tmpdir = /tmp antispam_spam_pattern_ignorecase = SPAM antispam_trash_pattern_ignorecase = trash;Deleted * antispam_verbose_debug = 1 mail_plugins = acl zlib quota imap_zlib imap_acl imap_quota antispam From gcr+dovecot at tharned.org Wed Nov 23 22:04:22 2016 From: gcr+dovecot at tharned.org (Greg Rivers) Date: Wed, 23 Nov 2016 16:04:22 -0600 (CST) Subject: Updated my Dovecot certificate for the first time In-Reply-To: <20161123012645.07a928ab@mydesk.domain.cxm> References: <20161123012645.07a928ab@mydesk.domain.cxm> Message-ID: On Wed, 23 Nov 2016, Steve Litt wrote: > [snip] > > Alpine still gives me a bad cert warning, saying I should either fix it > or disable checking. I haven't yet found a way to get Alpine to > discriminate between a valid self-signed cert and a bad one. > Like a number of applications, alpine checks the system certificates directory for a file containing the server certificate to be validated that's named according to its x509 hash. If it finds it, it trusts it. I don't know where Linux distros keep their certs, but on FreeBSD it's in /etc/ssl/certs/. If you've no other way to find out, a brute force search of the alpine binary should locate it, e.g.: $ strings $(whence alpine) | grep '^/.*certs$' /etc/ssl/certs You can fetch the certificate from a remote IMAP server and install it in your system certs directory like this: # cd /path/to/certs && > openssl s_client -connect remote.server:143 -starttls imap -showcerts &0 | > H=$(openssl x509 -hash -out imap.pem) && > ln -sf imap.pem ${H}.0 # ls -l total 5 lrwxr-xr-x 1 root wheel 11 Nov 23 15:34 3a82ab1a.0 -> imap.pem -rw-r--r-- 1 root wheel 1371 Nov 23 15:34 imap.pem -- Greg Rivers From slitt at troubleshooters.com Wed Nov 23 22:31:50 2016 From: slitt at troubleshooters.com (Steve Litt) Date: Wed, 23 Nov 2016 17:31:50 -0500 Subject: Updated my Dovecot certificate for the first time In-Reply-To: References: <20161123012645.07a928ab@mydesk.domain.cxm> Message-ID: <20161123173150.65b6718a@mydesk.domain.cxm> On Wed, 23 Nov 2016 16:04:22 -0600 (CST) Greg Rivers wrote: > On Wed, 23 Nov 2016, Steve Litt wrote: > > [snip] > > > > Alpine still gives me a bad cert warning, saying I should either > > fix it or disable checking. I haven't yet found a way to get Alpine > > to discriminate between a valid self-signed cert and a bad one. > > > Like a number of applications, alpine checks the system certificates > directory for a file containing the server certificate to be > validated that's named according to its x509 hash. If it finds it, it > trusts it. > > I don't know where Linux distros keep their certs, but on FreeBSD > it's in /etc/ssl/certs/. If you've no other way to find out, a brute > force search of the alpine binary should locate it, e.g.: > > $ strings $(whence alpine) | grep '^/.*certs$' > /etc/ssl/certs The directory or the certs isn't the problem. Alpine sees the self-signed cert I just made, but complains because it's self-signed, and gives me the choice between saying "yes" every time, and just not checking for certs at all. SteveT Steve Litt November 2016 featured book: Quit Joblessness: Start Your Own Business http://www.troubleshooters.com/startbiz From dopsi at dopsi.ch Wed Nov 23 22:56:26 2016 From: dopsi at dopsi.ch (Simon Doppler) Date: Wed, 23 Nov 2016 23:56:26 +0100 Subject: Updated my Dovecot certificate for the first time In-Reply-To: <20161123173150.65b6718a@mydesk.domain.cxm> References: <20161123012645.07a928ab@mydesk.domain.cxm> <20161123173150.65b6718a@mydesk.domain.cxm> Message-ID: <1987895.Vb9KTu0zrA@dopsi-thinkpad-t430> On mercredi, 23 novembre 2016 17.31:50 h CET Steve Litt wrote: > On Wed, 23 Nov 2016 16:04:22 -0600 (CST) > > Greg Rivers wrote: > > On Wed, 23 Nov 2016, Steve Litt wrote: > > > [snip] > > > > > > Alpine still gives me a bad cert warning, saying I should either > > > fix it or disable checking. I haven't yet found a way to get Alpine > > > to discriminate between a valid self-signed cert and a bad one. > > > > Like a number of applications, alpine checks the system certificates > > directory for a file containing the server certificate to be > > validated that's named according to its x509 hash. If it finds it, it > > trusts it. > > > > I don't know where Linux distros keep their certs, but on FreeBSD > > it's in /etc/ssl/certs/. If you've no other way to find out, a brute > > force search of the alpine binary should locate it, e.g.: > > > > $ strings $(whence alpine) | grep '^/.*certs$' > > /etc/ssl/certs > > The directory or the certs isn't the problem. Alpine sees the > self-signed cert I just made, but complains because it's self-signed, > and gives me the choice between saying "yes" every time, and just not > checking for certs at all. > > SteveT > > Steve Litt > November 2016 featured book: Quit Joblessness: Start Your Own Business > http://www.troubleshooters.com/startbiz One solution would be to use a Let's Encrypt certificate (that's what I do). Documentation can be found here : * https://certbot.eff.org/docs/using.html#standalone * https://community.letsencrypt.org/t/use-on-non-web-servers/425 -- Simon Doppler (dopsi) -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: This is a digitally signed message part. URL: From jtam.home at gmail.com Thu Nov 24 00:02:10 2016 From: jtam.home at gmail.com (Joseph Tam) Date: Wed, 23 Nov 2016 16:02:10 -0800 (PST) Subject: Updated my Dovecot certificate for the first time In-Reply-To: References: Message-ID: > Alpine still gives me a bad cert warning, saying I should either fix it > or disable checking. I haven't yet found a way to get Alpine to > discriminate between a valid self-signed cert and a bad one. Well, it can't discriminate since any certificate (except those in your trusted store) that asserts its own validity is suspect. You can either get alpine to not complain e.g. inbox-path={192.168.100.2:143/user=whatever/tls/novalidate-cert} or add the public part of the cert into your system's trusted CA store. Joseph Tam From tss at iki.fi Thu Nov 24 02:05:40 2016 From: tss at iki.fi (Timo Sirainen) Date: Thu, 24 Nov 2016 04:05:40 +0200 Subject: Implementing secondary quota w/ "Archive" namespace In-Reply-To: References: <7A1901CE-A893-41A3-8F07-A17E29DF6BC9@c5consulting.net> <55B9483E-3A6D-492C-82FA-B0B0292865FA@iki.fi> <6934C0A8-0A9F-4DA8-952B-742029E23277@c5consulting.net> Message-ID: <26D5AD33-92E0-4879-846A-BA5ACC86C128@iki.fi> On 23 Nov 2016, at 0.49, Mark Moseley wrote: > > If I move messages between namespaces, it appears to ignore the quotas I've > set on them. A *copy* will trigger the quota error. But a *move* just > happily piles on to the overquota namespace. Is that normal? Probably needs a bit more thinking, but I guess the attached patch would help. -------------- next part -------------- A non-text attachment was scrubbed... Name: diff Type: application/octet-stream Size: 1775 bytes Desc: not available URL: -------------- next part -------------- From skdovecot at smail.inf.fh-brs.de Thu Nov 24 06:52:51 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 24 Nov 2016 07:52:51 +0100 (CET) Subject: Updated my Dovecot certificate for the first time In-Reply-To: <20161123173150.65b6718a@mydesk.domain.cxm> References: <20161123012645.07a928ab@mydesk.domain.cxm> <20161123173150.65b6718a@mydesk.domain.cxm> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 23 Nov 2016, Steve Litt wrote: >On Wed, 23 Nov 2016 16:04:22 -0600 (CST) Greg Rivers wrote: >> $ strings $(whence alpine) | grep '^/.*certs$' >> /etc/ssl/certs > > The directory or the certs isn't the problem. Alpine sees the > self-signed cert I just made, but complains because it's self-signed, > and gives me the choice between saying "yes" every time, and just not > checking for certs at all. "sees the self-signed cert"? Did you've added it as trusted to the CA as Greg said and wrote what to do? - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBWDaOQ3z1H7kL/d9rAQLRMQgAtKeIMWG+aLn+y9D3EQMUfd21P7oS2xCS 6JuEUo9DfA4DqaoR8f29JiNk9Hjv0LArda3rGCGHKA+XhXrsZLe4FviXJ8ZPxPFp wiA8PnfaXiHi4ctQqz9SjpDr3DpbVlZ/XY563lkQoTlXYrR4ZL9y9wXDqeJKSTth nKwv0ORCi89lVUrRLCZycjZaCJZ9DvuiBftxBl5IUJY8S9/elSgbClcZroF0ej4c ReHp6uiBJzIrtDc3Vm3IfYoUl9C+IpLjhX3C7yQgac28eZ2TbY2tpxycGDOoTTdl saL/qS9MEND6XgKq9pffPcPlTiVWjrwzpHDA2nMbQvloJQ50+gALvA== =uLed -----END PGP SIGNATURE----- From moseleymark at gmail.com Thu Nov 24 07:33:05 2016 From: moseleymark at gmail.com (Mark Moseley) Date: Wed, 23 Nov 2016 23:33:05 -0800 Subject: Implementing secondary quota w/ "Archive" namespace In-Reply-To: <26D5AD33-92E0-4879-846A-BA5ACC86C128@iki.fi> References: <7A1901CE-A893-41A3-8F07-A17E29DF6BC9@c5consulting.net> <55B9483E-3A6D-492C-82FA-B0B0292865FA@iki.fi> <6934C0A8-0A9F-4DA8-952B-742029E23277@c5consulting.net> <26D5AD33-92E0-4879-846A-BA5ACC86C128@iki.fi> Message-ID: On Wed, Nov 23, 2016 at 6:05 PM, Timo Sirainen wrote: > On 23 Nov 2016, at 0.49, Mark Moseley wrote: > > > > If I move messages between namespaces, it appears to ignore the quotas > I've > > set on them. A *copy* will trigger the quota error. But a *move* just > > happily piles on to the overquota namespace. Is that normal? > > Probably needs a bit more thinking, but I guess the attached patch would > help. > > I appreciate the patch! Esp on a Weds night. I applied and rerolled dovecot, but I can still move messages into the over-quota namespace. I threw some i_debug's into quota_roots_equal() (and one right at the top), but I don't ever see them in the debug logs. But both "ctx->moving" and "src_box == NULL" are true, so it never calls quota_roots_equal anyway in that patched 'if' clause in quota_check. I threw the following into quota_check and it printed to the debug log for both if's: if (ctx->moving ) i_debug("quota: quota_check: YES to ctx->moving" ); if (src_box == NULL) i_debug("quota: quota_check: YES to src_box == NULL" ); Out of curiosity, in the Quota wiki page, it mentions that 'in theory there could be e.g. "user quota" and "domain quota" roots'. That's also super interesting to me. Does anyone have any experience with that? I.e. any gotchas? From kremels at kreme.com Thu Nov 24 14:40:12 2016 From: kremels at kreme.com (@lbutlr) Date: Thu, 24 Nov 2016 07:40:12 -0700 Subject: Updated my Dovecot certificate for the first time In-Reply-To: References: Message-ID: On Nov 23, 2016, at 5:02 PM, Joseph Tam wrote: > add the public part of the cert into your system's trusted CA store. Silly question, but how would you do that? From slitt at troubleshooters.com Thu Nov 24 15:37:48 2016 From: slitt at troubleshooters.com (Steve Litt) Date: Thu, 24 Nov 2016 10:37:48 -0500 Subject: Updated my Dovecot certificate for the first time In-Reply-To: References: <20161123012645.07a928ab@mydesk.domain.cxm> <20161123173150.65b6718a@mydesk.domain.cxm> Message-ID: <20161124103748.4a231114@mydesk.domain.cxm> On Thu, 24 Nov 2016 07:52:51 +0100 (CET) Steffen Kaiser wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Wed, 23 Nov 2016, Steve Litt wrote: > > >On Wed, 23 Nov 2016 16:04:22 -0600 (CST) Greg Rivers > > wrote: > >> $ strings $(whence alpine) | grep '^/.*certs$' > >> /etc/ssl/certs > > > > The directory or the certs isn't the problem. Alpine sees the > > self-signed cert I just made, but complains because it's > > self-signed, and gives me the choice between saying "yes" every > > time, and just not checking for certs at all. > > "sees the self-signed cert"? > Did you've added it as trusted to the CA as Greg said and wrote what > to do? No. I don't want to deal with a third party "Trusted Party": I want it self-signed. What I was looking for was a way Alpine could be set to check for a cert, warn if the cert is conflicting, but not warn if it's self-signed. Thanks, SteveT Steve Litt November 2016 featured book: Quit Joblessness: Start Your Own Business http://www.troubleshooters.com/startbiz From andrew.mcglashan at affinityvision.com.au Thu Nov 24 15:55:10 2016 From: andrew.mcglashan at affinityvision.com.au (Andrew McGlashan) Date: Fri, 25 Nov 2016 02:55:10 +1100 Subject: Updated my Dovecot certificate for the first time In-Reply-To: <20161124103748.4a231114@mydesk.domain.cxm> References: <20161123012645.07a928ab@mydesk.domain.cxm> <20161123173150.65b6718a@mydesk.domain.cxm> <20161124103748.4a231114@mydesk.domain.cxm> Message-ID: On 25/11/16 02:37, Steve Litt wrote: >> "sees the self-signed cert"? >> Did you've added it as trusted to the CA as Greg said and wrote what >> to do? > > No. I don't want to deal with a third party "Trusted Party": I want it > self-signed. What I was looking for was a way Alpine could be set to > check for a cert, warn if the cert is conflicting, but not warn if it's > self-signed. I used self-signed certs for ages, when I did so, I installed MY OWN root CA in to various machines as needed -- sometimes that meant in multiple locations (one for IE and Chrome in Winblows world and another place for Firefox). Anyway, that has all stopped now as I use Let's Encrypt certs everywhere without any problems. My exim4 has the updated cert, the same cert goes to my webserver and gets pointed to for dovecot. No more issues of self-signed certs, I can every have lots of related sub-domains to make it even better without needing lots of different certs. There is one advantage of using self-signed, that is, you get to trust yourself and the certs 100%, but others won't do so; so, all in all, it is better to use official certs that are widely accepted. I sure understand that the world of zillions of CAs to trust is a woeful one, but it works better than the trouble of using self-signed certs. NB: I don't do full auto certs, I have a process where I put servers in maintenance mode and manually update the certs, put them in place and restart all the services that use them.... apache2, exim4, dovecot, ejabber -- all using LE certs. Cheers AndrewM -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 213 bytes Desc: OpenPGP digital signature URL: From martin.wheldon at greenhills-it.co.uk Thu Nov 24 15:56:12 2016 From: martin.wheldon at greenhills-it.co.uk (Martin Wheldon) Date: Thu, 24 Nov 2016 15:56:12 +0000 Subject: Updated my Dovecot certificate for the first time In-Reply-To: <20161124103748.4a231114@mydesk.domain.cxm> References: <20161123012645.07a928ab@mydesk.domain.cxm> <20161123173150.65b6718a@mydesk.domain.cxm> <20161124103748.4a231114@mydesk.domain.cxm> Message-ID: <19c6b7fab10c9bd8d9fe35088db6fdd5@mail.greenhills-it.co.uk> Hi Steve, You could create your own private CA then sign your Dovecot certificate with the CA cert and alpine should then trust it. Best Regards Martin On 2016-11-24 15:37, Steve Litt wrote: > On Thu, 24 Nov 2016 07:52:51 +0100 (CET) > Steffen Kaiser wrote: > >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> On Wed, 23 Nov 2016, Steve Litt wrote: >> >> >On Wed, 23 Nov 2016 16:04:22 -0600 (CST) Greg Rivers >> > wrote: >> >> $ strings $(whence alpine) | grep '^/.*certs$' >> >> /etc/ssl/certs >> > >> > The directory or the certs isn't the problem. Alpine sees the >> > self-signed cert I just made, but complains because it's >> > self-signed, and gives me the choice between saying "yes" every >> > time, and just not checking for certs at all. >> >> "sees the self-signed cert"? >> Did you've added it as trusted to the CA as Greg said and wrote what >> to do? > > No. I don't want to deal with a third party "Trusted Party": I want it > self-signed. What I was looking for was a way Alpine could be set to > check for a cert, warn if the cert is conflicting, but not warn if it's > self-signed. > > Thanks, > > SteveT > > Steve Litt > November 2016 featured book: Quit Joblessness: Start Your Own Business > http://www.troubleshooters.com/startbiz From tss at iki.fi Thu Nov 24 18:52:50 2016 From: tss at iki.fi (Timo Sirainen) Date: Thu, 24 Nov 2016 20:52:50 +0200 Subject: Implementing secondary quota w/ "Archive" namespace In-Reply-To: References: <7A1901CE-A893-41A3-8F07-A17E29DF6BC9@c5consulting.net> <55B9483E-3A6D-492C-82FA-B0B0292865FA@iki.fi> <6934C0A8-0A9F-4DA8-952B-742029E23277@c5consulting.net> <26D5AD33-92E0-4879-846A-BA5ACC86C128@iki.fi> Message-ID: <12B174AF-788B-4D1C-962F-11F7FF50F1C3@iki.fi> On 24 Nov 2016, at 9.33, Mark Moseley wrote: > > On Wed, Nov 23, 2016 at 6:05 PM, Timo Sirainen wrote: > >> On 23 Nov 2016, at 0.49, Mark Moseley wrote: >>> >>> If I move messages between namespaces, it appears to ignore the quotas >> I've >>> set on them. A *copy* will trigger the quota error. But a *move* just >>> happily piles on to the overquota namespace. Is that normal? >> >> Probably needs a bit more thinking, but I guess the attached patch would >> help. >> >> > I appreciate the patch! Esp on a Weds night. I applied and rerolled > dovecot, but I can still move messages into the over-quota namespace. How about this updated patch? > Out of curiosity, in the Quota wiki page, it mentions that 'in theory there > could be e.g. "user quota" and "domain quota" roots'. That's also super > interesting to me. Does anyone have any experience with that? I.e. any > gotchas? There's no automatic quota recalculation for domain quotas, because it would have to somehow sum up all the users' quotas. Also I think that it still does do the automatic quota recalculation if it gets into a situation where it realizes that quotas are wrong, but it'll then just use the single user's quota as the entire domain quota. So maybe it would work if you externally sum up all the users' quotas and update it to the domain quota in cronjob, e.g. once per hour. I guess it would be also nice if the internal quota recalculation could be disabled and maybe execute an external script to do it (similar to quota-warnings). -------------- next part -------------- A non-text attachment was scrubbed... Name: diff Type: application/octet-stream Size: 4104 bytes Desc: not available URL: -------------- next part -------------- From f-u.s at gmx.net Thu Nov 24 19:22:26 2016 From: f-u.s at gmx.net (Frank-Ulrich Sommer) Date: Thu, 24 Nov 2016 20:22:26 +0100 Subject: Updated my Dovecot certificate for the first time In-Reply-To: <20161124103748.4a231114@mydesk.domain.cxm> References: <20161123012645.07a928ab@mydesk.domain.cxm> <20161123173150.65b6718a@mydesk.domain.cxm> <20161124103748.4a231114@mydesk.domain.cxm> Message-ID: What would be the use of a self signed cert that is not automatically checked? If you see a warning how can you be sure that the cryptographic key used is correct? Just manually checking the common name displayed lowers the security to almost zero. A big additional disadvantage is that one gets used to ignoring security warnings. Setting up a "CA" is quite easy and installing the new root certificate in the root store of the devices used is also quite easy. I switched to a certificate from startssl and of course I generated the key pair on my own and transferred only the CSR (certificate signing request). Am 24. November 2016 16:37:48 MEZ, schrieb Steve Litt : >On Thu, 24 Nov 2016 07:52:51 +0100 (CET) >Steffen Kaiser wrote: > >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> On Wed, 23 Nov 2016, Steve Litt wrote: >> >> >On Wed, 23 Nov 2016 16:04:22 -0600 (CST) Greg Rivers >> > wrote: >> >> $ strings $(whence alpine) | grep '^/.*certs$' >> >> /etc/ssl/certs >> > >> > The directory or the certs isn't the problem. Alpine sees the >> > self-signed cert I just made, but complains because it's >> > self-signed, and gives me the choice between saying "yes" every >> > time, and just not checking for certs at all. >> >> "sees the self-signed cert"? >> Did you've added it as trusted to the CA as Greg said and wrote what >> to do? > >No. I don't want to deal with a third party "Trusted Party": I want it >self-signed. What I was looking for was a way Alpine could be set to >check for a cert, warn if the cert is conflicting, but not warn if it's >self-signed. > >Thanks, > >SteveT > >Steve Litt >November 2016 featured book: Quit Joblessness: Start Your Own Business >http://www.troubleshooters.com/startbiz -- Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail gesendet. From news at mefox.org Thu Nov 24 19:53:25 2016 From: news at mefox.org (Michael Fox) Date: Thu, 24 Nov 2016 11:53:25 -0800 Subject: shared/public mailbox application Message-ID: <00dc01d2468c$6bd56a80$43803f80$@mefox.org> I'm new to Dovecot and I need help configuring a shared or public mailbox - I'm not sure which is appropriate. I've read the wiki and Peer's book and neither appears to cover what I'd like to do. So I could use some specific help on how to configure a solution for the following: I'd like to create two real mailboxes, let's call them AAA and BBB. Let's call the domain "mydomain". Anyone user can send mail to them, just like any other address: aaa at mydomain or bbb at mydomain. I'd like all IMAP users in mydomain to be able to read the messages in those mailboxes. I'd like all POP users in mydomain to also see those messages. (But I don't think I need help with the virtual part). I'd like only a few designated IMAP users to be able to delete the messages in those mailboxes, including dummy users AAA and BBB themselves. Ideally, I'd like them to appear in the client under a separate namespace from shared mailboxes. Example: INBOX +--- the normal stuff. Shared +--- user1 +--- user2 Special +--- AAA +--- BBB My confusion: 1) I don't know if this requires a shared namespace or a public namespace. It "feels" like it's "public", since all users would have access. But Peer's book and the wiki describe manually creating folders for public namespaces and controlling the contents with manual file manipulation, which leads me to believe that they can't be used for regular mail (although the book and the wiki never say one way or the other). I don't want to manually control files. I want to send mail to the mailbox and delete (see above) it with a client. 2) There are several examples in Peer's book and the wiki, but none seem to match what I want. (This is the problem with documentation that is predominantly example-based). I guess I need more explanation of the mechanical differences between shared and public and why one would pick one over the other. Can someone help? Please be as specific as you can. Thanks much, Michael From jtam.home at gmail.com Thu Nov 24 21:00:42 2016 From: jtam.home at gmail.com (Joseph Tam) Date: Thu, 24 Nov 2016 13:00:42 -0800 (PST) Subject: Updated my Dovecot certificate for the first time In-Reply-To: References: Message-ID: On Thu, 24 Nov 2016, Steve Litt wrote >> add the public part of the cert into your system's trusted CA store. > > Silly question, but how would you do that? You didn't say which OS you're running on (alpine runs on Windows as well), but I'll assume *nix. A previous poster showed you how to do it with a real certificate, and the steps are the same. However, the way I found out without too much fuss was to process trace my alpine process and see where it tied to load a cert $ strace -o trace.out alpine ... quit after connection $ grep -F cert traceout /1: open64("/etc/openssl/cert.pem", O_RDONLY) Err#2 ENOENT /1: stat("/etc/openssl/certs/cbf06781.0", 0xFFBF8E54) Err#2 ENOENT ... Your output will be different of course. The first load is the default pre-loaded root CAs (Thawte, etc.) supplied by OpenSSL, and the second, etc. are chained certificate lookups. You would replace the missing cert with your own self-signed public pem file. e.g. cp mypub.pem /etc/openssl/certs/cbf06781.0 For Windows, I don't know where it fetches it from. Joseph Tam From moseleymark at gmail.com Fri Nov 25 05:10:54 2016 From: moseleymark at gmail.com (Mark Moseley) Date: Thu, 24 Nov 2016 21:10:54 -0800 Subject: Implementing secondary quota w/ "Archive" namespace In-Reply-To: <12B174AF-788B-4D1C-962F-11F7FF50F1C3@iki.fi> References: <7A1901CE-A893-41A3-8F07-A17E29DF6BC9@c5consulting.net> <55B9483E-3A6D-492C-82FA-B0B0292865FA@iki.fi> <6934C0A8-0A9F-4DA8-952B-742029E23277@c5consulting.net> <26D5AD33-92E0-4879-846A-BA5ACC86C128@iki.fi> <12B174AF-788B-4D1C-962F-11F7FF50F1C3@iki.fi> Message-ID: On Thu, Nov 24, 2016 at 10:52 AM, Timo Sirainen wrote: > On 24 Nov 2016, at 9.33, Mark Moseley wrote: > > > > On Wed, Nov 23, 2016 at 6:05 PM, Timo Sirainen wrote: > > > >> On 23 Nov 2016, at 0.49, Mark Moseley wrote: > >>> > >>> If I move messages between namespaces, it appears to ignore the quotas > >> I've > >>> set on them. A *copy* will trigger the quota error. But a *move* just > >>> happily piles on to the overquota namespace. Is that normal? > >> > >> Probably needs a bit more thinking, but I guess the attached patch would > >> help. > >> > >> > > I appreciate the patch! Esp on a Weds night. I applied and rerolled > > dovecot, but I can still move messages into the over-quota namespace. > > How about this updated patch? > > Nope, still lets me move messages into the over-quota namespace. Both these are true in quota_check: ctx->moving quota_move_requires_check > > Out of curiosity, in the Quota wiki page, it mentions that 'in theory > there > > could be e.g. "user quota" and "domain quota" roots'. That's also super > > interesting to me. Does anyone have any experience with that? I.e. any > > gotchas? > > > There's no automatic quota recalculation for domain quotas, because it > would have to somehow sum up all the users' quotas. Also I think that it > still does do the automatic quota recalculation if it gets into a situation > where it realizes that quotas are wrong, but it'll then just use the single > user's quota as the entire domain quota. So maybe it would work if you > externally sum up all the users' quotas and update it to the domain quota > in cronjob, e.g. once per hour. I guess it would be also nice if the > internal quota recalculation could be disabled and maybe execute an > external script to do it (similar to quota-warnings). > > > > > > From skdovecot at smail.inf.fh-brs.de Fri Nov 25 07:26:44 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 25 Nov 2016 08:26:44 +0100 (CET) Subject: Updated my Dovecot certificate for the first time In-Reply-To: <20161124103748.4a231114@mydesk.domain.cxm> References: <20161123012645.07a928ab@mydesk.domain.cxm> <20161123173150.65b6718a@mydesk.domain.cxm> <20161124103748.4a231114@mydesk.domain.cxm> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 24 Nov 2016, Steve Litt wrote: > On Thu, 24 Nov 2016 07:52:51 +0100 (CET) > Steffen Kaiser wrote: >> On Wed, 23 Nov 2016, Steve Litt wrote: >> >>> On Wed, 23 Nov 2016 16:04:22 -0600 (CST) Greg Rivers >>> wrote: >>>> $ strings $(whence alpine) | grep '^/.*certs$' >>>> /etc/ssl/certs >>> >>> The directory or the certs isn't the problem. Alpine sees the >>> self-signed cert I just made, but complains because it's >>> self-signed, and gives me the choice between saying "yes" every >>> time, and just not checking for certs at all. >> >> "sees the self-signed cert"? >> Did you've added it as trusted to the CA as Greg said and wrote what >> to do? > > No. I don't want to deal with a third party "Trusted Party": I want it > self-signed. What I was looking for was a way Alpine could be set to > check for a cert, warn if the cert is conflicting, but not warn if it's > self-signed. Er, question: what is a self-signed cert? A cert signed with a CA that is itself. How can a client trust a cert? Because beginning with the cert presented by the server, the client walks up the cert chain, until it reaches either a missing cert or a trusted cert. In latter case, trust is given -> no warning. In first case, no trust -> warning. So, because there is just one certificate involved with self-signed certs, you have to follow Greg's advice and make it trusted on your system. Maybe, Frank-Ulrich's suggestion is even better. Roll your own CA. Mark the CA cert as trusted on your system and sign as many certs with it, as you wish. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBWDfntHz1H7kL/d9rAQJjDAgAj4xJEFD+j9o+UMn+gKOFR/6fqYn/L3kz YwueoBi0+WSZR1rv3V1sZhCsfQDcU7zcrYIwt7ZhxOj9RE0g+20jo0qTPYHrX8ym m0cfv87az/UjZuK2HeKJL6u8ywoGQUQL0TxTiXOCdiQfKQwdPtIYJmtOSmNvyNce NlWNAZEgn1bJRJCbASWDIPypSnBNrAiMssjheEPV8XV7AZYR/ShjnqXCKoxohjY3 DCPwDqe53t3znwoqtAsocecqXVk6oentDiUbrcu9y9zBAeqBR/ScSR+p3+N45l16 NFIkeySHEIqmUiv+iagt6dy+XdFg/Wk6HHzvO3YC4c2S3RSrrUPm7g== =kva+ -----END PGP SIGNATURE----- From jonas at wielicki.name Fri Nov 25 10:43:41 2016 From: jonas at wielicki.name (Jonas Wielicki) Date: Fri, 25 Nov 2016 11:43:41 +0100 Subject: Patch for dovecot-antispam-plugin to support IMAP Flags indicating Junk status Message-ID: <28474798.7KPzLI3CPz@sinistra> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Dear list, I made a patch which extends dovecot-antispam-plugin with support to take the addition and removal of a specific set of flags as trigger for learning. This allows for very tight integration with Thunderbird and KMail, which both set flags for Junk messages (Thunderbird sets "Junk", KMail sets "JUNK"). With this patch and according configuration, dovecot-antispam-plugin can trigger on the addition (learn as spam) and removal (learn as ham) of these flags. Combined with a sieve script which sets these flags for incoming mail which has been classified as spam, this allows for a tight and intuitive feedback loop between users and the server-side spam classification system. I tested that patch with dovecot 2.2 from Debian stretch and so far it works pretty well. I realise that dovecot-antispam-plugin has not been updated since 2013. It also has not been migrated to Github yet. If it is to be migrated there, I would be happy to submit a pull request there for discussion and merging. Otherwise, someone would have to indicate how to go forward with applying this patch to the official version, if that is desired. The patch is based on current tip and feedback is appreciated. I took some inspiration from dovecot-core/src/plugins/notify/notify-storage.c -- this requires the use of struct mail_private to be able to override the vfunc for mail_update_keywords, which I actually do not like. However, when I tried to make this patch base on the use of the notify plugin (via notify_register), I ran into the issue that the transaction is partially freed before the transaction_commit event from notify is emitted, which is unfortunate and breaks at least the mailtrain backend (which I use). This is in theory fixable, but I wanted to keep the patch as small as possible, as I have no idea whether this will eventually end up upstream or whether I?ll have to maintain that for myself. If upstream is not interested in this patch, please let me know! In that case, I would consider making an own plugin, which fewer backends (possibly only a mailtrain-like one) out of this, but frankly, I would consider that a waste of resources. In the hope that this is useful for others and hoping for feedback, Jonas Wielicki -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEG/EPV+Xzd5wEoQQIwGIDJZdiWIoFAlg4Fd0ACgkQwGIDJZdi WIpM3Q//TWVHDFx5LK14y0jOnxzE7kGthc6hakILnWqYgl7B/wlljD1HLrec//hg 9LEancjURnv3sPU/kEEpl6RRDX5kDMbXXKXMq7/1R7bNdmeMz5NEebAo7ktlCii7 ikk7MPL0F8UViY7IoW7y5NxfqMUldYseejn0GwKiVkEyqlyGLRbP7ijyzMWjpIWp eqOg/b5bNX6ARMC1O/hKhvHw4AhvSO2j73da60Xchu39gvDa2kC+MTU/kX4wb6po kPOEgFxGhpxG0+UMzUEBPLYwY3Q9x+R/PzlpUF6xEjYxgE7leVRVfCHiZLsMUGH1 itozwSzoAyDYV+Rbzk8OEBL6EGBJQHqYmNybULZsJkxhUenNeC4GRf7NcJ0jAisG rSfwr/+kD9+ErKNgtNJzfceLYGNWti44whV6kXxRxqGlIfJsJB7ZMdrj8+wSdn0p slXUoyHMUkRkN92tIPqZF5cb+5Ke+O+5hHE07Wohxw3eNoBSqtQWo81aigjaCraC ivcZX3HswTapyKtpgWMzjoWqp982crr+wtAI+AlEUKoCEqF54EnxM1kB1qoe0HcH nMgMdIkXI4VzPaUNUK206ffEtlnKNIqF3SkOkBX263L0ZJgXyCFRRj6W3z78VDdP He62tN/FPPBtmeVrmCj2ZDE+6gqtMQN52FsN4mpaq4BrCYlYB7g= =3+CU -----END PGP SIGNATURE----- -------------- next part -------------- A non-text attachment was scrubbed... Name: 0001-Trigger-learning-on-change-of-configurable-IMAP-Flag.patch Type: text/x-patch Size: 7147 bytes Desc: not available URL: From nayuhz at gmail.com Fri Nov 25 12:11:33 2016 From: nayuhz at gmail.com (eSX) Date: Fri, 25 Nov 2016 20:11:33 +0800 Subject: Could the index of dovecot be stored in database? Message-ID: Hi dovecot, I have a question about the index of dovecot. I had read the wiki, and saw that I can custom a Input streams to do read/seek/sync...by implementing a istream-*.c file. Thus maybe dovecot can read mail from a http server or any others. But I found that the index of maildir can't extend very well. There is no extern API for developer? For example, I want to put the index to database(maybe, MySQL) or any else, But I found I have no way to implement it, Unless a heavy modification? -- eSX From aki.tuomi at dovecot.fi Fri Nov 25 12:17:20 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Fri, 25 Nov 2016 14:17:20 +0200 Subject: (build) crash in dcrypt when "-Bsymbolic-functions" is used on linking In-Reply-To: <22e28706-ea4a-0ce7-b7ce-d3ba16b1ad5d@dovecot.fi> References: <22e28706-ea4a-0ce7-b7ce-d3ba16b1ad5d@dovecot.fi> Message-ID: <29a3d0a3-0fb8-5dae-4415-7412bd670e3f@dovecot.fi> On 26.10.2016 15:29, Aki Tuomi wrote: > > > On 26.10.2016 13:48, Christian Ehrhardt wrote: >> Hi, >> I was wondering about a crash when building dovecot 2.2.25 on latest >> Ubuntu. >> I wondered as I've had the same source building on Debian just fine. >> >> Some debugging led me to this weird behavior: >> Using this gdb command file called autoreportissue in my case: >> break dcrypt_initialize >> commands >> p dcrypt_vfs >> p &dcrypt_vfs >> watch dcrypt_vfs >> c >> end >> break dcrypt_set_vfs >> commands >> p dcrypt_vfs >> p &dcrypt_vfs >> c >> end >> r >> >> Running test-crypto on Debian and Ubuntu reported those two behaviours: >> gdb -d /root/dovecot-2.2.25/src/ -x autoreportissue ./test-crypto >> >> Good: >> Breakpoint 1, dcrypt_initialize (backend=0x555555587c02 "openssl", >> set=0x0, error_r=0x0) at dcrypt.c:15 >> 15 if (dcrypt_vfs != NULL) { >> $1 = (struct dcrypt_vfs *) 0x0 >> $2 = (struct dcrypt_vfs **) 0x555555796370 >> Hardware watchpoint 3: dcrypt_vfs >> Breakpoint 2, dcrypt_set_vfs (vfs=0x7ffff7835020 >> ) at dcrypt.c:56 >> 56 dcrypt_vfs = vfs; >> $3 = (struct dcrypt_vfs *) 0x0 >> $4 = (struct dcrypt_vfs **) 0x555555796370 >> Hardware watchpoint 3: dcrypt_vfs >> Old value = (struct dcrypt_vfs *) 0x0 >> New value = (struct dcrypt_vfs *) 0x7ffff7835020 >> dcrypt_set_vfs (vfs=0x7ffff7835020 ) at dcrypt.c:57 >> 57 } >> >> Bad: >> Breakpoint 1, dcrypt_initialize (backend=0x555555589f02 "openssl", >> set=0x0, error_r=0x0) at dcrypt.c:11 >> 11 { >> $1 = (struct dcrypt_vfs *) 0x0 >> $2 = (struct dcrypt_vfs **) 0x555555798370 >> Hardware watchpoint 3: dcrypt_vfs >> Breakpoint 2, dcrypt_set_vfs (vfs=0x7ffff780a020 >> ) at dcrypt.c:56 >> 56 dcrypt_vfs = vfs; >> $3 = (struct dcrypt_vfs *) 0x0 >> $4 = (struct dcrypt_vfs **) 0x7ffff780a890 >> Panic: file dcrypt.c: line 34 (dcrypt_initialize): assertion failed: >> (dcrypt_vfs != NULL) >> Error: Raw backtrace: >> /root/dovecot-2.2.25/src/lib-dcrypt/test-crypto(+0x15f7c) >> [0x555555569f7c] -> >> /root/dovecot-2.2.25/src/lib-dcrypt/test-crypto(default_error_handler+0) >> [0x55555556a030] -> >> /root/dovecot-2.2.25/src/lib-dcrypt/test-crypto(i_fatal+0) >> [0x55555556a2ff] -> >> /root/dovecot-2.2.25/src/lib-dcrypt/test-crypto(dcrypt_initialize+0x140) >> [0x55555555f030] -> >> /root/dovecot-2.2.25/src/lib-dcrypt/test-crypto(main+0x23) >> [0x55555556706d] -> >> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf1) >> [0x7ffff782d3f1] -> >> /root/dovecot-2.2.25/src/lib-dcrypt/test-crypto(_start+0x2a) >> [0x55555555edea] >> Program received signal SIGABRT, Aborted. >> >> One can see that in the bad case the pointer of dcrypt_vfs is >> pointing to something of the scope of the .libs/libdcrypt_openssl.so >> file and not the dcrypt_initialize of test-crypto. >> >> That made me wonder even more - where would this issue of variable >> scope come from. After more debugging I found that the linker flag >> "-Bsymbolic-functions" is the reason. This is default on recent >> Ubuntu, but not on Debian (?yet?). >> >> Eventually what happens is that the dcrypt_vfs becomes part of the >> .libs/libdcrypt_openssl.so. So the call from there to dcrypt_set_vfs >> ends up setting not the expected variable. >> I was unable to come up with a reasonable fix since I'm not enough >> into your sublib structure. >> >> For now I assume I'm gonna build the package stripping this flag in >> Ubuntu. >> But long term I think dovecot should fix it to work with that >> compiler flag. >> Therefore the report to make you aware. >> >> >> P.S. thanks to the dovecot community for having unit tests that find >> this at build time! >> >> -- >> Christian Ehrhardt >> Software Engineer, Ubuntu Server >> Canonical Ltd > > > Hi! > > Thank you for reporting this, we'll look into it. > > Aki Tuomi > Dovecot oy Hi! We believe this is fixed in 2.2.26, with https://github.com/dovecot/core/commit/452d0005a47c6872590346f5ea8b247974689ac9, can you please retry with -Bsymbolic? Aki From miloslav.hula at gmail.com Fri Nov 25 13:29:03 2016 From: miloslav.hula at gmail.com (=?UTF-8?Q?Miloslav_H=c5=afla?=) Date: Fri, 25 Nov 2016 14:29:03 +0100 Subject: CPU for Dovecot Message-ID: Hi, we are planning to change hardware for our standalone Dovecot instance handling ~5800 IMAP users with 1TB mailboxes on local RAID. Is there some recommendation about CPU? We can choose from: - Intel Xeon E5-2620v4 - 2,1GHz at 8,0GT 20MB cache, 8core, HT, 85W, LGA2011 - Intel Xeon E5-2623v4 - 2,6GHz at 8,0GT 10MB cache, 4core, HT, 85W, LGA2011 The difference is about more cores vs. hi frequency. Thank you, Miloslav From leolistas at solutti.com.br Fri Nov 25 15:15:34 2016 From: leolistas at solutti.com.br (Leonardo Rodrigues) Date: Fri, 25 Nov 2016 13:15:34 -0200 Subject: CPU for Dovecot In-Reply-To: References: Message-ID: <7da9b8b9-17f1-f406-59ea-9dc64eaec5d7@solutti.com.br> Em 25/11/16 11:29, Miloslav H?la escreveu: > Hi, > > we are planning to change hardware for our standalone Dovecot instance > handling ~5800 IMAP users with 1TB mailboxes on local RAID. Is there > some recommendation about CPU? > > We can choose from: > - Intel Xeon E5-2620v4 - 2,1GHz at 8,0GT 20MB cache, 8core, HT, 85W, > LGA2011 > - Intel Xeon E5-2623v4 - 2,6GHz at 8,0GT 10MB cache, 4core, HT, 85W, > LGA2011 > > The difference is about more cores vs. hi frequency. Generally speaking, servers will benefith from more cores instead of faster cores. Servers usually are doing LOTS of things, and thus more cores use to be better. Unless you know you'll be doing something heavily CPU intensive, which generally mail related things are not. Even more important than choosing more cores x higher frequency, you should focus on faster I/O. This, specially on mail servers, can do a REAL difference ! -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, N?O mandem email gertrudes at solutti.com.br My SPAMTRAP, do not email it From ruga at protonmail.com Sat Nov 26 14:01:58 2016 From: ruga at protonmail.com (Ruga) Date: Sat, 26 Nov 2016 09:01:58 -0500 Subject: CPU for Dovecot In-Reply-To: References: Message-ID: > Xeon E5-2620v4 - 2,1GHz at 8,0GT 20MB cache, 8core, HT, 85W, LGA2011 passmark: 16825 cost: 417$ > Xeon E5-2623v4 - 2,6GHz at 8,0GT 10MB cache, 4core, HT, 85W, LGA2011 passmark: 8302 cost: 444$ I would get the first one. On Fri, Nov 25, 2016 at 2:29 PM, Miloslav H?la <'miloslav.hula at gmail.com'> wrote: Hi, we are planning to change hardware for our standalone Dovecot instance handling ~5800 IMAP users with 1TB mailboxes on local RAID. Is there some recommendation about CPU? We can choose from: - Intel Xeon E5-2620v4 - 2,1GHz at 8,0GT 20MB cache, 8core, HT, 85W, LGA2011 - Intel Xeon E5-2623v4 - 2,6GHz at 8,0GT 10MB cache, 4core, HT, 85W, LGA2011 The difference is about more cores vs. hi frequency. Thank you, Miloslav From hakon at alstadheim.priv.no Sat Nov 26 16:22:18 2016 From: hakon at alstadheim.priv.no (=?UTF-8?Q?H=c3=a5kon_Alstadheim?=) Date: Sat, 26 Nov 2016 17:22:18 +0100 Subject: CPU for Dovecot In-Reply-To: References: Message-ID: Den 25. nov. 2016 14:29, skrev Miloslav H?la: > Hi, > > we are planning to change hardware for our standalone Dovecot instance > handling ~5800 IMAP users with 1TB mailboxes on local RAID. Is there > some recommendation about CPU? > > We can choose from: > - Intel Xeon E5-2620v4 - 2,1GHz at 8,0GT 20MB cache, 8core, HT, 85W, > LGA2011 > - Intel Xeon E5-2623v4 - 2,6GHz at 8,0GT 10MB cache, 4core, HT, 85W, > LGA2011 > > The difference is about more cores vs. hi frequency. As far as I can see, high frequency costs more than more cores, so the 2623 is more geared towards interactive use, or single-threaded servers (like a single java thread). 50% reduction in number of cores gets you only a few percent increase in frequency. Go with 2620 for mail server. From andrew at mykolab.com Sat Nov 26 18:43:56 2016 From: andrew at mykolab.com (Andrew Jones) Date: Sat, 26 Nov 2016 18:43:56 +0000 Subject: JMAP support in Dovecot Message-ID: Hi there, I understand there were discussions to try and develop JMAP support for Dovecot. Is this still in the pipeline for Dovecot 2.5? Regards Andrew Sent from my iPhone From bill-dovecot at carpenter.org Sat Nov 26 19:07:00 2016 From: bill-dovecot at carpenter.org (WJCarpenter) Date: Sat, 26 Nov 2016 11:07:00 -0800 Subject: JMAP support in Dovecot In-Reply-To: References: Message-ID: <5839DD54.2060705@carpenter.org> I don't know the answer to that question, but I am curious about something. What client are you thinking about using with JMAP? I haven't found much. (And much of the demo stuff at jmap.io seems to be busted in various ways.) Andrew Jones wrote on 11/26/2016 10:43 AM: > Hi there, > > I understand there were discussions to try and develop JMAP support for Dovecot. > > Is this still in the pipeline for Dovecot 2.5? > > Regards > Andrew > > Sent from my iPhone From darix at opensu.se Sat Nov 26 19:16:25 2016 From: darix at opensu.se (Marcus Rueckert) Date: Sat, 26 Nov 2016 20:16:25 +0100 Subject: JMAP support in Dovecot In-Reply-To: <5839DD54.2060705@carpenter.org> References: <5839DD54.2060705@carpenter.org> Message-ID: <20161126191625.2js5gzt5zuoq4sm6@nordisch.org> On 2016-11-26 11:07:00 -0800, WJCarpenter wrote: > I don't know the answer to that question, but I am curious about something. > What client are you thinking about using with JMAP? I haven't found much. > (And much of the demo stuff at jmap.io seems to be busted in various ways.) roundcube-next builds on top of it. darix -- openSUSE - SUSE Linux is my linux openSUSE is good for you www.opensuse.org From gandalf.corvotempesta at gmail.com Sat Nov 26 19:46:34 2016 From: gandalf.corvotempesta at gmail.com (Gandalf Corvotempesta) Date: Sat, 26 Nov 2016 20:46:34 +0100 Subject: Dovecot proxy In-Reply-To: References: Message-ID: 2016-11-17 9:11 GMT+01:00 Gandalf Corvotempesta : > Hi to all > I have some *production* pop3/inappropriate server that i would like to move > under a proxy > > Some questions: > 1. Keeping the same original hostname on the proxy (in example > mail.mydomain.tld) > and changing the hostname on the imap server, makes some troubles like MUA > redownloading all the messages? > Is dovecot (running on the imap server) happy seeing the hostname change? > What about maildirs, where the hostname is wrote on the mail file? > > 2. Dovecot proxy will proxy the whole pop3/imap traffic or only the login > auth? > I don't want to expose the mailservers to internet, all imap session must be > proxied through the proxy. > this because I'll use local IPs on each mail server. Any advice on this, particurally on question 2 ? The only way to get the real mailserver IP address is doing a succesfull auth via proxy or even in case of login failure the response is caming from the real mail server ? From andrew at mykolab.com Sat Nov 26 21:17:31 2016 From: andrew at mykolab.com (Andrew Jones) Date: Sat, 26 Nov 2016 21:17:31 +0000 Subject: JMAP support in Dovecot In-Reply-To: <20161126191625.2js5gzt5zuoq4sm6@nordisch.org> References: <5839DD54.2060705@carpenter.org> <20161126191625.2js5gzt5zuoq4sm6@nordisch.org> Message-ID: Hi Marcus Thanks for your helpful reply. Do you know what is going on with JMAP development into Dovecot 2.5? It's difficult to get any sort of information from the roadmap and there are no Dovecot forums. One of the main reasons I'm interested in JMAP is because of Roundcube Next and also the other clients it will power. Sadly, there has been little going on and having emailed Thomas, he is no longer involved in Roundcube Next - which is a shame. The Kolab guys are really taking liberties here, and trying their product, the thing is littered with bugs everywhere. Are you able to comment on what is going on with JMAP development into Dovecot? Thanks Andrew Sent from my iPhone > On 26 Nov 2016, at 19:16, Marcus Rueckert wrote: > >> On 2016-11-26 11:07:00 -0800, WJCarpenter wrote: >> I don't know the answer to that question, but I am curious about something. >> What client are you thinking about using with JMAP? I haven't found much. >> (And much of the demo stuff at jmap.io seems to be busted in various ways.) > > roundcube-next builds on top of it. > > darix > > -- > openSUSE - SUSE Linux is my linux > openSUSE is good for you > www.opensuse.org From ruga at protonmail.com Sat Nov 26 21:49:23 2016 From: ruga at protonmail.com (Ruga) Date: Sat, 26 Nov 2016 16:49:23 -0500 Subject: JMAP support in Dovecot In-Reply-To: References: Message-ID: I am happy with IMAPS. Most of JMAP can be implemented as IMAPS incremental revisions. From aki.tuomi at dovecot.fi Sun Nov 27 10:28:36 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Sun, 27 Nov 2016 12:28:36 +0200 (EET) Subject: JMAP support in Dovecot In-Reply-To: References: <5839DD54.2060705@carpenter.org> <20161126191625.2js5gzt5zuoq4sm6@nordisch.org> Message-ID: <385273315.256.1480242517370@appsuite-dev.open-xchange.com> Hi! We are working on including JMAP support to Dovecot. At this moment I cannot give any promise for exact version, but hopefully it will be part of v2.3 Aki Tuomi Dovecot Oy > On November 26, 2016 at 11:17 PM Andrew Jones wrote: > > > Hi Marcus > > Thanks for your helpful reply. > > Do you know what is going on with JMAP development into Dovecot 2.5? > > It's difficult to get any sort of information from the roadmap and there are no Dovecot forums. > > One of the main reasons I'm interested in JMAP is because of Roundcube Next and also the other clients it will power. Sadly, there has been little going on and having emailed Thomas, he is no longer involved in Roundcube Next - which is a shame. The Kolab guys are really taking liberties here, and trying their product, the thing is littered with bugs everywhere. > > Are you able to comment on what is going on with JMAP development into Dovecot? > > Thanks > > Andrew > > > > > Sent from my iPhone > > > On 26 Nov 2016, at 19:16, Marcus Rueckert wrote: > > > >> On 2016-11-26 11:07:00 -0800, WJCarpenter wrote: > >> I don't know the answer to that question, but I am curious about something. > >> What client are you thinking about using with JMAP? I haven't found much. > >> (And much of the demo stuff at jmap.io seems to be busted in various ways.) > > > > roundcube-next builds on top of it. > > > > darix > > > > -- > > openSUSE - SUSE Linux is my linux > > openSUSE is good for you > > www.opensuse.org From mailinglist at darac.org.uk Sun Nov 27 20:41:23 2016 From: mailinglist at darac.org.uk (Darac Marjal) Date: Sun, 27 Nov 2016 20:41:23 +0000 Subject: Rebuild UIDs for mdbox Message-ID: <104a5aba-c1c5-f60f-f118-b828c471b46a@darac.org.uk> Hello all, I think I'm hitting an issue with overly large UIDs in one of my mailboxes. I initially thought it was a problem with claws-mail hitting an infinite loop. Claws-mail /seems/ to work fine, until it gets to this one mailbox, wherein the following is logged: [20:23:04] IMAP> 86 SELECT LocalCron [20:23:04] IMAP< * OK [CLOSED] Previous mailbox closed. [20:23:04] IMAP< * FLAGS (\Answered \Flagged \Deleted \Seen \Draft Junk NonJunk) [20:23:04] IMAP< * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft Junk NonJunk \*)] Flags permitted. [20:23:04] IMAP< * 399 EXISTS [20:23:04] IMAP< * 0 RECENT [20:23:04] IMAP< * OK [UNSEEN 399] First unseen. [20:23:04] IMAP< * OK [UIDVALIDITY 1163720154] UIDs valid [20:23:04] IMAP< * OK [UIDNEXT 3069273506] Predicted next UID [20:23:04] IMAP< * OK [HIGHESTMODSEQ 120748] Highest [20:23:04] IMAP< 86 OK [READ-WRITE] Select completed (0.000 + 0.000 secs). imap-thread.c:1344:imap select run - end 0 imap-thread.c:388:generic_cb imap-thread.c:372:found imap 0x22c8f60 imap-thread.c:1431:imap select - end imap.c:3961:select: exists 399 recent 0 expunge 0 uid_validity 1163720154 can_create_flags 1 imap-thread.c:2018:imap fetch_uid - begin imap-thread.c:372:found imap 0x22c8f60 imap-thread.c:372:found imap 0x22c8f60 [20:23:04] IMAP- [fetching UIDs...] [20:23:04] IMAP> 87 UID FETCH 1:* (UID) [20:23:04] IMAP< [FETCH data - 1024 bytes] [20:23:04] IMAP< [FETCH data - 1024 bytes] [20:23:04] IMAP< [20:23:04] IMAP< [FETCH data - 1024 bytes] [20:23:04] IMAP< [FETCH data - 1024 bytes] [20:23:04] IMAP< FETCH (UID 3069273244) [20:23:04] IMAP< [FETCH data - 1024 bytes] [20:23:04] IMAP< [FETCH data - 1024 bytes] [20:23:04] IMAP< TCH (UID 3069273313) [20:23:04] IMAP< [FETCH data - 1024 bytes] [20:23:04] IMAP< [FETCH data - 1024 bytes] [20:23:04] IMAP< TCH (UID 3069273382) [20:23:04] IMAP< [FETCH data - 1024 bytes] [20:23:04] IMAP< [FETCH data - 1024 bytes] [20:23:04] IMAP< TCH (UID 3069273451) [20:23:04] IMAP< [FETCH data - 1024 bytes] [20:23:04] IMAP< [FETCH data - 551 bytes] imap-thread.c:2008:imap fetch_uid run - end 0 imap-thread.c:388:generic_cb imap-thread.c:372:found imap 0x22c8f60 imap-thread.c:2029:imap fetch_uid - end imap.c:542:unlocking session 0x22e4c00 imap.c:4663:get_num_list: got 399 msgs imap.c:4673:removing old messages from /home/darac/.claws-mail/imapcache/mail.darac.org.uk/darac at darac.org.uk/LocalCron imap.c:4677:get_num_list - ok - 399 folder.c:2265:Removed message 2147483647 from cache. That last line (Removed message 2147483647 from cache) is repeated ad infinitum. Now, I happened to spot that that number is 2^31 - 1 so started looking to see if claws-mail was handling UIDs incorrectly. That lead me to http://wiki.dovecot.org/Clients/NegativeUIDs. Firstly, that page states that UIDs should be 32-bit integers. If so, why do there appear to be UIDs greater than 3 billion in the mailbox? Secondly, that page gives instructions on how to fix the problem with mbox and maildir backends. However, my mail is stored in mdboxes. Is there a way to re-generate UIDs for mdbox mailboxes? Thanks in advance! -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: OpenPGP digital signature URL: From brong at fastmail.fm Sun Nov 27 22:25:05 2016 From: brong at fastmail.fm (Bron Gondwana) Date: Mon, 28 Nov 2016 09:25:05 +1100 Subject: JMAP support in Dovecot In-Reply-To: <5839DD54.2060705@carpenter.org> References: <5839DD54.2060705@carpenter.org> Message-ID: <1480285505.2632854.800535841.166B8532@webmail.messagingengine.com> On Sun, 27 Nov 2016, at 06:07, WJCarpenter wrote: > I don't know the answer to that question, but I am curious about > something. What client are you thinking about using with JMAP? I haven't > found much. (And much of the demo stuff at jmap.io seems to be busted in > various ways.) The demo proxy was a pretty quick hack and isn't very efficient, but it should be working. It does a fairly slow background import for existing accounts, so I'd recommend using small tests accounts. What particular bit is broken for you? (apart from the known not-working authentication flow) Bron. -- Bron Gondwana brong at fastmail.fm From bill-dovecot at carpenter.org Mon Nov 28 01:36:15 2016 From: bill-dovecot at carpenter.org (WJCarpenter) Date: Sun, 27 Nov 2016 17:36:15 -0800 Subject: JMAP support in Dovecot In-Reply-To: <1480285505.2632854.800535841.166B8532@webmail.messagingengine.com> References: <5839DD54.2060705@carpenter.org> <1480285505.2632854.800535841.166B8532@webmail.messagingengine.com> Message-ID: <583B8A0F.3080209@carpenter.org> Bron Gondwana wrote on 11/27/2016 02:25 PM: > The demo proxy was a pretty quick hack and isn't very efficient, but > it should be working. It does a fairly slow background import for > existing accounts, so I'd recommend using small tests accounts. What > particular bit is broken for you? (apart from the known not-working > authentication flow) Bron. I don't know what you mean by the "known not working authentication flow", so possibly that is what I am hitting. On the "Set Hosts" screen with either Chrome or FireFox, I see two boxes each for IMAP and SMTP and a drop-down to toggle plaintext, SSL, or STARTLS. The fields are populated initially with "IMAP: 993/1/SSL" and "SMTP: 587/1/STARTLS". I don't know what that "1" is supposed to mean, so I replaced it with the relevant server names. I got an error "UNABLE TO CONNECT for ". To try again, I swapped those two fields around. Same result. (I was watching my server logs at the same time and saw no connection attempts.) I could not figure out how to go further. From kremels at kreme.com Mon Nov 28 06:45:10 2016 From: kremels at kreme.com (@lbutlr) Date: Sun, 27 Nov 2016 23:45:10 -0700 Subject: Rebuild UIDs for mdbox In-Reply-To: <104a5aba-c1c5-f60f-f118-b828c471b46a@darac.org.uk> References: <104a5aba-c1c5-f60f-f118-b828c471b46a@darac.org.uk> Message-ID: <42E683CD-E0E2-4324-B042-09A85AAE15A2@kreme.com> On Nov 27, 2016, at 1:41 PM, Darac Marjal wrote: > Firstly, that page states that UIDs should be 32-bit integers. If so, > why do there appear to be UIDs greater than 3 billion in the mailbox? Because 32 bits hold 4 billion decimal? 2^32 = 4,294,967,296 (this is why FAT32 has a 4GB file size limit). From miloslav.hula at gmail.com Mon Nov 28 09:17:55 2016 From: miloslav.hula at gmail.com (=?UTF-8?Q?Miloslav_H=c5=afla?=) Date: Mon, 28 Nov 2016 10:17:55 +0100 Subject: CPU for Dovecot In-Reply-To: References: Message-ID: Hi, thanks to all for advices. We will choose the 8core variant. About IO notes... there will be local 10k SASes in RAID 10, similar configuration as we have now and works fine. Kind regards, Miloslav Dne 25.11.2016 v 14:29 Miloslav H?la napsal(a): > we are planning to change hardware for our standalone Dovecot instance > handling ~5800 IMAP users with 1TB mailboxes on local RAID. Is there > some recommendation about CPU? > > We can choose from: > - Intel Xeon E5-2620v4 - 2,1GHz at 8,0GT 20MB cache, 8core, HT, 85W, LGA2011 > - Intel Xeon E5-2623v4 - 2,6GHz at 8,0GT 10MB cache, 4core, HT, 85W, LGA2011 > > The difference is about more cores vs. hi frequency. From mailinglist at darac.org.uk Mon Nov 28 09:59:05 2016 From: mailinglist at darac.org.uk (Darac Marjal) Date: Mon, 28 Nov 2016 09:59:05 +0000 Subject: Rebuild UIDs for mdbox In-Reply-To: <42E683CD-E0E2-4324-B042-09A85AAE15A2@kreme.com> References: <104a5aba-c1c5-f60f-f118-b828c471b46a@darac.org.uk> <42E683CD-E0E2-4324-B042-09A85AAE15A2@kreme.com> Message-ID: <20161128095905.35xwl2cfxr4sthif@darac.org.uk> On Sun, Nov 27, 2016 at 11:45:10PM -0700, @lbutlr wrote: >On Nov 27, 2016, at 1:41 PM, Darac Marjal wrote: >> Firstly, that page states that UIDs should be 32-bit integers. If so, >> why do there appear to be UIDs greater than 3 billion in the mailbox? > >Because 32 bits hold 4 billion decimal? > >2^32 = 4,294,967,296 Ah, yes. It's a bug in claws-mail then. It *IS* storing the UID in an unsigned int, but then comparing it to G_MAXINT which is the signed maximum. Sorry for the noise. > >(this is why FAT32 has a 4GB file size limit). -- For more information, please reread. From news at mefox.org Mon Nov 28 14:38:36 2016 From: news at mefox.org (Michael Fox) Date: Mon, 28 Nov 2016 06:38:36 -0800 Subject: FW: shared/public mailbox application In-Reply-To: <00dc01d2468c$6bd56a80$43803f80$@mefox.org> References: <00dc01d2468c$6bd56a80$43803f80$@mefox.org> Message-ID: <00d901d24985$1a78ad40$4f6a07c0$@mefox.org> No answer. Trying again. Surely someone with experience with public mailboxes can offer some insight on whether the application below should be a public or shared namespace ... Thanks Michael -----Original Message----- From: dovecot [mailto:dovecot-bounces at dovecot.org] On Behalf Of Michael Fox Sent: Thursday, November 24, 2016 11:53 AM To: Dovecot Mailing List Subject: shared/public mailbox application I'm new to Dovecot and I need help configuring a shared or public mailbox - I'm not sure which is appropriate. I've read the wiki and Peer's book and neither appears to cover what I'd like to do. So I could use some specific help on how to configure a solution for the following: I'd like to create two real mailboxes, let's call them AAA and BBB. Let's call the domain "mydomain". By "real", I mean that users aaa at mydomain and bbb at mydomain can log into their own mailbox. Anyone user can send mail to them, just like any other address: aaa at mydomain or bbb at mydomain. I'd like all IMAP users in mydomain to be able to read the messages in those mailboxes. I'd like all POP users in mydomain to also see those messages. (But I don't think I need help with the virtual part). I'd like only a few designated IMAP users to be able to delete the messages in those mailboxes, including dummy users AAA and BBB themselves. Ideally, I'd like them to appear in the client under a separate namespace from shared mailboxes. Example: INBOX +--- the normal stuff. Shared +--- user1 +--- user2 Special +--- AAA +--- BBB My confusion: 1) I don't know if this requires a shared namespace or a public namespace. It "feels" like it's "public", since all users would have access. But Peer's book and the wiki describe manually creating folders for public namespaces and controlling the contents with manual file manipulation, which leads me to believe that they can't be used for regular mail (although the book and the wiki never say one way or the other). I don't want to manually control files. I want to send mail to the mailbox and delete (see above) it with a client. 2) There are several examples in Peer's book and the wiki, but none seem to match what I want. (This is the problem with documentation that is predominantly example-based). I guess I need more explanation of the mechanical differences between shared and public and why one would pick one over the other. Can someone help? Please be as specific as you can. Thanks much, Michael From martin.wheldon at greenhills-it.co.uk Mon Nov 28 15:10:28 2016 From: martin.wheldon at greenhills-it.co.uk (Martin Wheldon) Date: Mon, 28 Nov 2016 15:10:28 +0000 Subject: Problem with multiple ldap passdb In-Reply-To: <7e4136873db8a4127bd2ebbe06face3d@mail.greenhills-it.co.uk> References: <7e4136873db8a4127bd2ebbe06face3d@mail.greenhills-it.co.uk> Message-ID: <133d6f7758a0391186dd2213bb581766@mail.greenhills-it.co.uk> Hi, In case anyone is experiencing the same issue in the future, seems that this probably is a bug. I've upgraded to dovecot 2.2.24 from Jessie backports and it works as documented with no configuration changes. Hope someone else finds this useful. Best Regards Martin On 2016-11-22 16:39, Martin Wheldon wrote: > Hi mailing list, > > I'm currently running dovecot 2.2.13 from Debian Jessie, all is > running fine. However I am attempting to merge 2 LDAP authentication > sources. > > I would like to attempt to authenticate against the first > authentication source, if that fails either by password fail or user > not found, > then attempt the next LDAP server. > > I've added the a passdb and userdb entry for the new ldap server. As > you can see from the log below the user isn't found in the first LDAP > query, but > is in the second one. However the authentication fails: > > Nov 22 13:59:38 he01-imap-01 dovecot: auth: Debug: client in: > AUTH#0111#011PLAIN#011service=imap#011secured#011session=WTLjLuRB9QBRlIlQ#011lip=51.254.222.112#011rip=81.148.137.80#011lport=143#011rport=56821#011resp=AG1hcnRpbi53aGVsZG9uQGdyXWVuaGlsbHMtaXQuY28udWsAQ3JhY2spbk4wdw== > (previous base64 data may contain sensitive data) > Nov 22 13:59:38 he01-imap-01 dovecot: auth: Debug: ldap(martin.wheldon > at greenhills-it.co.uk,81.148.137.80,): bind search: > base=dc=greenhills-it,dc=co,dc=uk > filter=(&(&(ukFirmGhITAccSrvcs=Email)(ukFirmGhITAccLocked=Email-FALSE))(|(uidNumber=martin.wheldon > at greenhills-it.co.uk)(mail=martin.wheldon at greenhills-it.co.uk))) > Nov 22 13:59:38 he01-imap-01 dovecot: auth: Error: ldap(martin.wheldon > at greenhills-it.co.uk,81.148.137.80,): > ldap_search(base=dc=greenhills-it,dc=co,dc=uk > filter=(&(&(ukFirmGhITAccSrvcs=Email)(ukFirmGhITAccLocked=Email-FALSE))(|(uidNumber=martin.wheldon > at greenhills-it.co.uk)(mail=martin.wheldon at greenhills-it.co.uk)))) > failed: No such object > Nov 22 13:59:38 he01-imap-01 dovecot: auth: Debug: ldap(martin.wheldon > at greenhills-it.co.uk,81.148.137.80,): bind search: > base=dc=greenhills-it,dc=co,dc=uk filter=(|(uid=martin.wheldon at > greenhills-it.co.uk)(mail=martin.wheldon at greenhills-it.co.uk)) > Nov 22 13:59:38 he01-imap-01 dovecot: auth: Debug: ldap(martin.wheldon > at greenhills-it.co.uk,81.148.137.80,): result: > uid=00000001; uid unused > Nov 22 13:59:38 he01-imap-01 dovecot: auth: Debug: ldap(martin.wheldon > at greenhills-it.co.uk,81.148.137.80,): username > changed martin.wheldon at greenhills-it.co.uk -> 00000001 > Nov 22 13:59:38 he01-imap-01 dovecot: auth: Debug: > ldap(00000001,81.148.137.80,): result: uid=00000001 > Nov 22 13:59:40 he01-imap-01 dovecot: auth: Debug: client passdb out: > FAIL#0111#011user=00000001#011temp#011original_user=martin.wheldon at > greenhills-it.co.uk > > > I know that the password was entered correctly because if I disable > the new ldap config and login I get authenticated properly. > > > Nov 22 14:00:38 he01-imap-01 dovecot: auth: Debug: auth client > connected (pid=2626) > Nov 22 14:00:39 he01-imap-01 dovecot: auth: Debug: client in: > AUTH#0111#011PLAIN#011service=imap#011secured#011session=ipKBMuRBBQBRlIlQ#011lip=51.254.222.112#011rip=81.148.137.80#011lport=143#011rport=38149#011resp=AG1hcnRpbi53aGVsZG9uQGdyXWVuaGlsbHMtaXQuY28udWsAQ3JhY2spbk4wdw== > (previous base64 data may contain sensitive data) > Nov 22 14:00:39 he01-imap-01 dovecot: auth: Debug: ldap(martin.wheldon > at greenhills-it.co.uk,81.148.137.80,): bind search: > base=dc=greenhills-it,dc=co,dc=uk filter=(|(uid=martin.wheldon at > greenhills-it.co.uk)(mail=martin.wheldon at greenhills-it.co.uk)) > Nov 22 14:00:39 he01-imap-01 dovecot: auth: Debug: ldap(martin.wheldon > at greenhills-it.co.uk,81.148.137.80,): result: > uid=00000001; uid unused > Nov 22 14:00:39 he01-imap-01 dovecot: auth: Debug: ldap(martin.wheldon > at greenhills-it.co.uk,81.148.137.80,): username > changed martin.wheldon at greenhills-it.co.uk -> 00000001 > Nov 22 14:00:39 he01-imap-01 dovecot: auth: Debug: > ldap(00000001,81.148.137.80,): result: uid=00000001 > Nov 22 14:00:39 he01-imap-01 dovecot: auth: Debug: client passdb out: > OK#0111#011user=00000001#011original_user=martin.wheldon at > greenhills-it.co.uk > > > I've done loads of googling and I believe that this is possible so I > must either have misread the documentation or am triggering a bug. > Neither of which I seem to be able to confirm. > > Any help would be much appreciated. > > My broken configuration is below: > > # 2.2.13: /etc/dovecot/dovecot.conf > # OS: Linux 3.16.0-4-amd64 x86_64 Debian 8.6 > auth_debug = yes > auth_debug_passwords = yes > auth_mechanisms = plain login > default_vsz_limit = 512 M > lmtp_rcpt_check_quota = yes > lmtp_save_to_detail_mailbox = yes > mail_location = maildir:~/Maildir > mail_plugins = " quota" > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope > encoded-character vacation subaddress comparator-i;ascii-numeric > relational regex imap4flags copy include variables body enotify > environment mailbox date ihave > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = > } > passdb { > args = /etc/dovecot/dovecot-ldap-new.conf.ext > driver = ldap > } > passdb { > args = /etc/dovecot/dovecot-ldap.conf.ext > driver = ldap > skip = authenticated > } > plugin { > antispam_backend = pipe > antispam_pipe_program = /usr/sbin/sendmail > antispam_pipe_program_args = -f;%{auth_user};-r;%{auth_user} > antispam_pipe_program_notspam_arg = > retrain-as-ham at greenhills-it.co.uk > antispam_pipe_program_spam_arg = retrain-as-spam at greenhills-it.co.uk > antispam_spam = Spam > antispam_trash = Trash > quota = maildir:User quota > quota_rule = *:storage=1G > quota_rule2 = Trash:ignore > quota_rule3 = Spam:ignore > sieve = ~/.dovecot.sieve > sieve_before = /var/lib/dovecot/sieve/move-spam.sieve > sieve_dir = ~/sieve > } > protocols = " imap lmtp sieve pop3" > service imap-login { > process_min_avail = 20 > service_count = 1 > } > service imap { > process_min_avail = 20 > } > service lmtp { > inet_listener lmtp { > address = he01-imap-01.greenhills-it.co.uk 127.0.0.1 > port = 2003 > } > } > service pop3 { > process_min_avail = 20 > } > ssl = required > ssl_cert = ssl_cipher_list = > ALL:HIGH:!MEDIUM:!LOW:!SSLv2:!EXPORT:!PSK:!DES:!3DES:!MD5:!DES+MD5:!RC4:!SEED+SHA:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!eNULL:!aNULL:@STRENGTH > ssl_dh_parameters_length = 2048 > ssl_key = ssl_prefer_server_ciphers = yes > ssl_protocols = !SSLv2 !SSLv3 > userdb { > args = /etc/dovecot/dovecot-ldap-new.conf.ext > driver = ldap > } > userdb { > args = /etc/dovecot/dovecot-ldap.conf.ext > driver = ldap > } > protocol lmtp { > mail_plugins = " quota sieve" > } > protocol imap { > mail_plugins = " quota imap_quota" > } > > > # Working LDAP configuration > # /etc/dovecot/dovecot-ldap.conf.ext > uris = ldap://he01-auth-01.greenhills-it.co.uk > dn = uid=dovecot,ou=people,ou=SRV_Accounts,dc=greenhills-it,dc=co,dc=uk > dnpass = VerySecret > sasl_bind = no > auth_bind = yes > ldap_version = 3 > base = dc=greenhills-it,dc=co,dc=uk > scope = subtree > user_attrs = > homeDirectory=home,uidNumber=uid,gidNumber=gid,gosaMailQuota=quota_rule=*:storage=%$M > user_filter = (|(uid=%u)(mail=%u)(gosaMailAlternateAddress=%u)) > pass_attrs = uid=user,userPassword=password > pass_filter = (|(uid=%u)(mail=%u)) > default_pass_scheme = CRYPT > > > # Non working LDAP configuration > # /etc/dovecot/dovecot-ldap-new.conf.ext > uris = ldap://dir.greenhills-it.co.uk > dn = "cn=dovecot,ou=search > accounts,ou=services,dc=greenhills-it,dc=co,dc=uk" > dnpass = VerySecret > sasl_bind = no > tls = yes > tls_ca_cert_file = /etc/ssl/certs/GreenhillsCACert.pem > tls_require_cert = demand > debug_level = -1 > auth_bind = yes > ldap_version = 3 > base = ou=customers,dc=greenhills-it,dc=co,dc=uk > scope = subtree > user_attrs = > homeDirectory=home,uidNumber=uid,gidNumber=gid,ukFirmGhITAccMailQuota=quota_rule=*:storage=%$M > user_filter = > (&(&(ukFirmGhITAccSrvcs=Email)(ukFirmGhITAccLocked=Email-FALSE))(|(uidNumber=%u)(mail=%u)(ukFirmGhITAccMailAlias=%u))) > pass_attrs = uidNumber=user > pass_filter = > (&(&(ukFirmGhITAccSrvcs=Email)(ukFirmGhITAccLocked=Email-FALSE))(|(uidNumber=%u)(mail=%u))) > default_pass_scheme = SSHA > > > Best Regards From jcea at jcea.es Mon Nov 28 15:14:39 2016 From: jcea at jcea.es (Jesus Cea) Date: Mon, 28 Nov 2016 16:14:39 +0100 Subject: what user to use for SIS deduplication? Message-ID: <8f302ac3-f27c-e395-2f3c-c1663b690d4d@jcea.es> Running Dovecot 2.2.25. I have the following line in my root crontab: "/usr/local/bin/doveadm sis deduplicate /home/dovecot/buzones/attachments /home/dovecot/buzones/attachments/queue" This line is execute each hour and the plan is to deduplicate attachments stored in the SIS system. This works well most of the time, but from time to time cron complains with this error: """ Error: mkdir(/home/dovecot/buzones/attachments/bb/f8/hashes) failed: No such file or directory """ In those situations I just create the directory by hand and set the right permissions. Interestingly, most of the time everything works fine, dovecot creates the needed directories and everything is fine. But I get that error every few days and I must create the directory by hand. Am I running the deduplication process correctly?. It is launched as "root" and I would expect it to "setgid()" to the right user/group (dovemail). Should I run it in the dovemail cron?. I have a faint memory of getting the very same error in that case, a missing hash directory, but I am not sure I am recalling correctly. Any advice?. Thanks. -- Jes?s Cea Avi?n _/_/ _/_/_/ _/_/_/ jcea at jcea.es - http://www.jcea.es/ _/_/ _/_/ _/_/ _/_/ _/_/ Twitter: @jcea _/_/ _/_/ _/_/_/_/_/ jabber / xmpp:jcea at jabber.org _/_/ _/_/ _/_/ _/_/ _/_/ "Things are not so easy" _/_/ _/_/ _/_/ _/_/ _/_/ _/_/ "My name is Dump, Core Dump" _/_/_/ _/_/_/ _/_/ _/_/ "El amor es poner tu felicidad en la felicidad de otro" - Leibniz -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: OpenPGP digital signature URL: From tobias at kirchhofer.net Mon Nov 28 15:18:31 2016 From: tobias at kirchhofer.net (Tobias Kirchhofer) Date: Mon, 28 Nov 2016 16:18:31 +0100 Subject: shared/public mailbox application In-Reply-To: <00d901d24985$1a78ad40$4f6a07c0$@mefox.org> References: <00dc01d2468c$6bd56a80$43803f80$@mefox.org> <00d901d24985$1a78ad40$4f6a07c0$@mefox.org> Message-ID: <16F1AF47-49CA-4E34-94BE-491DB2725A48@kirchhofer.net> Hi Michael, we migrated from Cyrus Shared Folders to Dovecot Public Folder. Our setup with Dovecot: - Public Namespace type=public - prefix=NAMESPACE - location=maildir:/var/vmail/public/domain.com/folder:INDEXPVT=~/public/domain.com/NAME - list=children to show NAMESPACE only if acl is given - Restart Dovecot - cd /var/vmail/public/domain.com/NAMESPACE - mkdir .NAME - We utilise one user doveadm at domain.com to control acl - doveadm acl set -u doveadm at domain.com NAMESPACE/NAME user=doveadm at domain.com all (this creates also the Maildir) - doveadm mailbox subscribe -u doveadm at domain.com NAMESPACE/NAME - dm acl set -u doveadm at domain.com NAMESPACE/NAME user=firstname.lastname at domain.com lookup read write write-seen write-deleted insert post expunge User firstname.lastname at domain.com can now subscribe to the public folder ?NAMESPACE/NAME?. With this base you could create a more specific setup which more precisely fits your need. There are also other strategies achieving Shared Folders the Cyrus way. :) Hope that helps. Tobias On 28 Nov 2016, at 15:38, Michael Fox wrote: > No answer. Trying again. Surely someone with experience with public > mailboxes can offer some insight on whether the application below should be > a public or shared namespace ... > > Thanks > Michael > > > -----Original Message----- > From: dovecot [mailto:dovecot-bounces at dovecot.org] On Behalf Of Michael Fox > Sent: Thursday, November 24, 2016 11:53 AM > To: Dovecot Mailing List > Subject: shared/public mailbox application > > I'm new to Dovecot and I need help configuring a shared or public mailbox - > I'm not sure which is appropriate. I've read the wiki and Peer's book and > neither appears to cover what I'd like to do. So I could use some specific > help on how to configure a solution for the following: > > > > I'd like to create two real mailboxes, let's call them AAA and BBB. Let's > call the domain "mydomain". By "real", I mean that users aaa at mydomain and > bbb at mydomain can log into their own mailbox. > > Anyone user can send mail to them, just like any other address: > aaa at mydomain or bbb at mydomain. > > I'd like all IMAP users in mydomain to be able to read the messages in those > mailboxes. > > I'd like all POP users in mydomain to also see those messages. (But I don't > think I need help with the virtual part). > > I'd like only a few designated IMAP users to be able to delete the messages > in those mailboxes, including dummy users AAA and BBB themselves. > > Ideally, I'd like them to appear in the client under a separate namespace > from shared mailboxes. Example: > > > > INBOX > > +--- the normal stuff. > > Shared > > +--- user1 > > +--- user2 > > Special > > +--- AAA > > +--- BBB > > > > My confusion: > > 1) I don't know if this requires a shared namespace or a public > namespace. It "feels" like it's "public", since all users would have > access. But Peer's book and the wiki describe manually creating folders for > public namespaces and controlling the contents with manual file > manipulation, which leads me to believe that they can't be used for regular > mail (although the book and the wiki never say one way or the other). I > don't want to manually control files. I want to send mail to the mailbox > and delete (see above) it with a client. > > 2) There are several examples in Peer's book and the wiki, but none > seem to match what I want. (This is the problem with documentation that is > predominantly example-based). I guess I need more explanation of the > mechanical differences between shared and public and why one would pick one > over the other. > > > > Can someone help? Please be as specific as you can. > > > > Thanks much, > > Michael -- Tobias Kirchhofer tobias at kirchhofer.net -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 842 bytes Desc: OpenPGP digital signature URL: From adrianp at aageneral.ro Mon Nov 28 15:45:28 2016 From: adrianp at aageneral.ro (Adrian POPA) Date: Mon, 28 Nov 2016 17:45:28 +0200 Subject: shared/public mailbox application References: <00dc01d2468c$6bd56a80$43803f80$@mefox.org> <00d901d24985$1a78ad40$4f6a07c0$@mefox.org> Message-ID: <1FDAD38E9A8A4655848D6666BE36CF37@adiportable> > -----Original Message----- > From: dovecot [mailto:dovecot-bounces at dovecot.org] On Behalf Of Michael > Fox > Sent: Thursday, November 24, 2016 11:53 AM > To: Dovecot Mailing List > Subject: shared/public mailbox application > > I'm new to Dovecot and I need help configuring a shared or public > mailbox - > I'm not sure which is appropriate. I've read the wiki and Peer's book and > neither appears to cover what I'd like to do. So I could use some > specific > help on how to configure a solution for the following: > > > > I'd like to create two real mailboxes, let's call them AAA and BBB. Let's > call the domain "mydomain". By "real", I mean that users aaa at mydomain and > bbb at mydomain can log into their own mailbox. > > Anyone user can send mail to them, just like any other address: > aaa at mydomain or bbb at mydomain. > > I'd like all IMAP users in mydomain to be able to read the messages in > those > mailboxes. > > I'd like all POP users in mydomain to also see those messages. (But I > don't > think I need help with the virtual part). > > I'd like only a few designated IMAP users to be able to delete the > messages > in those mailboxes, including dummy users AAA and BBB themselves. > > Ideally, I'd like them to appear in the client under a separate namespace > from shared mailboxes. Example: > > > > INBOX > > +--- the normal stuff. > > Shared > > +--- user1 > > +--- user2 > > Special > > +--- AAA > > +--- BBB > > > > My confusion: > > 1) I don't know if this requires a shared namespace or a public > namespace. It "feels" like it's "public", since all users would have > access. But Peer's book and the wiki describe manually creating folders > for > public namespaces and controlling the contents with manual file > manipulation, which leads me to believe that they can't be used for > regular > mail (although the book and the wiki never say one way or the other). I > don't want to manually control files. I want to send mail to the mailbox > and delete (see above) it with a client. > > 2) There are several examples in Peer's book and the wiki, but none > seem to match what I want. (This is the problem with documentation that > is > predominantly example-based). I guess I need more explanation of the > mechanical differences between shared and public and why one would pick > one > over the other. > > > > Can someone help? Please be as specific as you can. > > > > Thanks much, > > Michael > Hi, I did that in Linux (Ubuntu) by using symbolic links. In the INBOX of users that you want to see shared emails place a symlink to the shared INBOX. | | | ...INBOX | | .Drafts (folder) | | .Trash (folder | | ... | | ~.Shared AAA --> ../aaa | | ~.Shared BBB --> ../bbb | | | ...INBOX | | ... | | ~.Shared AAA --> ../aaa | | ~.Shared BBB --> ../bbb | | | ...INBOX | | ... | | | ...INBOX | | ... The only thing that could create problems are permissions. I use the same UID/GID for all users (vmail:vmail) so I don't have such problems. If you want special permissions for groups of users (some can delete emails in shared folders) you need to define the permission groups, add users you want to those groups and set rw permission and set group bit on shared folders. If you're not using Linux I cannot help. Adrian From post at volker-wysk.de Mon Nov 28 20:28:08 2016 From: post at volker-wysk.de (Volker Wysk) Date: Mon, 28 Nov 2016 21:28:08 +0100 Subject: Antispam plugin: insufficent error messages Message-ID: <4985521.DvuYhMxLoT@desktop> Hi! "Dovecot always logs a detailed error message if something goes wrong. If it doesn't, it's considered a bug and will be fixed." (http:// wiki2.dovecot.org/Logging) I'm trying to set up a spam filter with dovecot-antispam and dspam as backend. When I move a spam message from INBOX to Spam, I get this in syslog: Nov 28 21:15:58 desktop imap: antispam: mailbox_is_unsure(Spam): 0 Nov 28 21:15:58 desktop imap: antispam: mailbox_is_trash(INBOX): 0 Nov 28 21:15:58 desktop imap: antispam: mailbox_is_trash(Spam): 0 Nov 28 21:15:58 desktop imap: antispam: mail copy: from trash: 0, to trash: 0 Nov 28 21:15:58 desktop imap: antispam: mailbox_is_spam(INBOX): 0 Nov 28 21:15:58 desktop imap: antispam: mailbox_is_spam(Spam): 1 Nov 28 21:15:58 desktop imap: antispam: mailbox_is_unsure(INBOX): 0 Nov 28 21:15:58 desktop imap: antispam: mail copy: src spam: 0, dst spam: 1, src unsure: 0 There are no log entries about how dspam is called, or what goes on. Indeed, dspam doesn't get called at all. I know, because I've examined the antispam- plugin source code. There would be a log message if dspam was called. It's hard to study the source code, because there are hardly any comments. I have been able to trace the problem to function signature_extract_to_list() in signature.c. There, -1 is returned: int signature_extract_to_list(const struct signature_config *cfg, struct mailbox_transaction_context *t, struct mail *mail, struct siglist **list, enum classification wanted) { const char *const *signatures; struct siglist *item; signatures = get_mail_headers(mail, cfg->signature_hdr); if (!signatures || !signatures[0]) { if (!cfg->signature_nosig_ignore) { mail_storage_set_error(t->box->storage, ME(NOTPOSSIBLE) "antispam signature not found"); return -1; /* <-- HERE */ } else { return 0; } } while (signatures[1]) signatures++; item = i_new(struct siglist, 1); item->next = *list; item->wanted = wanted; item->sig = i_strdup(signatures[0]); *list = item; return 0; } So, what's happening is "antispam signature not found". My question: What does this mean? What's going on? My "dovecot -n" output is attached. Bye Volker -------------- next part -------------- # 2.2.22 (fe789d2): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.13 (7b14904) # OS: Linux 4.4.0-47-generic x86_64 Ubuntu 16.04.1 LTS auth_username_format = %n auth_verbose = yes hostname = volker-wysk.de log_path = /var/log/dovecot.log mail_debug = yes mail_location = mdbox:~/lib/Dovecot-Mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Entw?rfe { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Papierkorb { special_use = \Trash } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } mailbox "Versendete Nachrichten" { special_use = \Sent } prefix = separator = . } passdb { driver = pam } plugin { antispam_backend = dspam antispam_debug_target = syslog antispam_dspam_binary = /usr/bin/dspam antispam_dspam_env = HOME=%h;USER=%u antispam_signature = X-DSPAM-Signature antispam_signature_missing = error antispam_spam = Spam antispam_trash = Papierkorb antispam_verbose_debug = 1 sieve = ~/.dovecot.sieve sieve_dir = ~/lib/Sieve } postmaster_address = post at volker-wysk.de protocols = imap lmtp sieve ssl = required ssl_cert = References: <4985521.DvuYhMxLoT@desktop> Message-ID: <5852373.EqnE2vgdsX@desktop> One more point: The spam message, which has been moved to the Spam folder for training dspam, doesn't get moved. When I refresh (in KMail), the message reappears in INBOX. Bye V.W. From chibi at gol.com Tue Nov 29 00:57:50 2016 From: chibi at gol.com (Christian Balzer) Date: Tue, 29 Nov 2016 09:57:50 +0900 Subject: auth client limit versus service count of mail processes Message-ID: <20161129095750.7b046a77@batzmaru.gol.ad.jp> Hello, We've got a pretty substantial dovecot installation (versions 2.1.7 and 2.2.13 on the backends, but tested with 2.2.24 as well) and this is the relevant config snippet from 10-master.conf: --- default_process_limit = 1024 default_client_limit = 16384 [...] service imap { # Most of the memory goes to mmap()ing files. You may need to increase this # limit if you have huge mailboxes. #vsz_limit = $default_vsz_limit vsz_limit = 512M # Max. number of IMAP processes (connections) #process_limit = 1024 process_limit = 524288 } service pop3 { # Max. number of POP3 processes (connections) process_limit = 2048 # Reduce spawns from hell service_count = 100 } --- The above works fine, no warnings. Since 2 of our mailbox servers get a high number (2million/day) of IMAP logins and resulting mail process spawns, I pondered doing the service count bit for IMAP as well. But adding a "service_count = 100" line (any value larger than 1 really) to the imap section we get the dreaded: --- Nov 28 17:05:40 mbx09 dovecot: config: Warning: service auth { client_limit=16384} is lower than required under max. load (528384) --- And that's quite true, once reaching that limit auth will pile up and fail eventually. Clearly the pop3 part with a max of 2048 processes (we see about 300 at peak times) neatly fits into the client limit of 16384. Now setting the client limit in the auth section to the required value of course will do no real good in this scenario, as the fd limit becomes the next bottleneck and I'm not going to raise that to 500k, thank you very much. ^o^ So basically my questions here are: 1. Where's the difference in Dovecot's logic between a mail service that has a service count of 1 versus one with >1? 2. Any way to get the process recycling for IMAP going w/o setting the fd limit to a ridiculous amount? Thanks, Christian -- Christian Balzer Network/Systems Engineer chibi at gol.com Global OnLine Japan/Rakuten Communications http://www.gol.com/ From news at mefox.org Tue Nov 29 05:34:09 2016 From: news at mefox.org (Michael Fox) Date: Mon, 28 Nov 2016 21:34:09 -0800 Subject: shared/public mailbox application In-Reply-To: <1FDAD38E9A8A4655848D6666BE36CF37@adiportable> References: <00dc01d2468c$6bd56a80$43803f80$@mefox.org> <00d901d24985$1a78ad40$4f6a07c0$@mefox.org> <1FDAD38E9A8A4655848D6666BE36CF37@adiportable> Message-ID: <04ab01d24a02$36265ec0$a2731c40$@mefox.org> > > Hi, > I did that in Linux (Ubuntu) by using symbolic links. > In the INBOX of users that you want to see shared emails place a symlink > to > the shared INBOX. > > | > | | ...INBOX > | | .Drafts (folder) > | | .Trash (folder > | | ... > | | ~.Shared AAA --> ../aaa > | | ~.Shared BBB --> ../bbb > | > | | ...INBOX > | | ... > | | ~.Shared AAA --> ../aaa > | | ~.Shared BBB --> ../bbb > | > | | ...INBOX > | | ... > | > | | ...INBOX > | | ... > The only thing that could create problems are permissions. I use the same > UID/GID for all users (vmail:vmail) so I don't have such problems. > If you want special permissions for groups of users (some can delete > emails > in shared folders) you need to define the permission groups, add users you > want to those groups and set rw permission and set group bit on shared > folders. Thanks Adrian. That's an interesting idea. I don't think it will fit what I'm trying to do. But thanks for taking the time to respond. Every little bit helps me learn how things work. Michael From news at mefox.org Tue Nov 29 05:34:09 2016 From: news at mefox.org (Michael Fox) Date: Mon, 28 Nov 2016 21:34:09 -0800 Subject: shared/public mailbox application In-Reply-To: <16F1AF47-49CA-4E34-94BE-491DB2725A48@kirchhofer.net> References: <00dc01d2468c$6bd56a80$43803f80$@mefox.org> <00d901d24985$1a78ad40$4f6a07c0$@mefox.org> <16F1AF47-49CA-4E34-94BE-491DB2725A48@kirchhofer.net> Message-ID: <04ac01d24a02$3656bd90$a30438b0$@mefox.org> Thanks Tobias. Thanks for the detailed reply. I think I see what you?re doing. But I?m unclear on something (since I?m a nube): Can anyone send mail to NAME at domain.com and have it appear in the public mailbox? If not, would it be enough to create a userdb entry which defines a pseudo-user NAME, including its home directory, such that imcoming mail addressed to NAME at domain.com could be delivered into that mailbox? Thanks, Michael From: Tobias Kirchhofer [mailto:tobias at kirchhofer.net] Sent: Monday, November 28, 2016 7:19 AM To: Michael Fox Cc: Dovecot Mailing List Subject: Re: shared/public mailbox application Hi Michael, we migrated from Cyrus Shared Folders to Dovecot Public Folder. Our setup with Dovecot: * Public Namespace type=public * prefix=NAMESPACE * location=maildir:/var/vmail/public/domain.com/folder:INDEXPVT=~/public/domain.com/NAME * list=children to show NAMESPACE only if acl is given * Restart Dovecot * cd /var/vmail/public/domain.com/NAMESPACE * mkdir .NAME * We utilise one user doveadm at domain.com to control acl * doveadm acl set -u doveadm at domain.com NAMESPACE/NAME user= doveadm at domain.com all (this creates also the Maildir) * doveadm mailbox subscribe -u doveadm at domain.com NAMESPACE/NAME * dm acl set -u doveadm at domain.com NAMESPACE/NAME user= firstname.lastname at domain.com lookup read write write-seen write-deleted insert post expunge User firstname.lastname at domain.com can now subscribe to the public folder ?NAMESPACE/NAME?. With this base you could create a more specific setup which more precisely fits your need. There are also other strategies achieving Shared Folders the Cyrus way. :) Hope that helps. Tobias On 28 Nov 2016, at 15:38, Michael Fox wrote: No answer. Trying again. Surely someone with experience with public mailboxes can offer some insight on whether the application below should be a public or shared namespace ... Thanks Michael -----Original Message----- From: dovecot [mailto: dovecot-bounces at dovecot.org] On Behalf Of Michael Fox Sent: Thursday, November 24, 2016 11:53 AM To: Dovecot Mailing List dovecot at dovecot.org Subject: shared/public mailbox application I'm new to Dovecot and I need help configuring a shared or public mailbox - I'm not sure which is appropriate. I've read the wiki and Peer's book and neither appears to cover what I'd like to do. So I could use some specific help on how to configure a solution for the following: I'd like to create two real mailboxes, let's call them AAA and BBB. Let's call the domain "mydomain". By "real", I mean that users aaa at mydomain and bbb at mydomain can log into their own mailbox. Anyone user can send mail to them, just like any other address: aaa at mydomain or bbb at mydomain. I'd like all IMAP users in mydomain to be able to read the messages in those mailboxes. I'd like all POP users in mydomain to also see those messages. (But I don't think I need help with the virtual part). I'd like only a few designated IMAP users to be able to delete the messages in those mailboxes, including dummy users AAA and BBB themselves. Ideally, I'd like them to appear in the client under a separate namespace from shared mailboxes. Example: INBOX +--- the normal stuff. Shared +--- user1 +--- user2 Special +--- AAA +--- BBB My confusion: 1) I don't know if this requires a shared namespace or a public namespace. It "feels" like it's "public", since all users would have access. But Peer's book and the wiki describe manually creating folders for public namespaces and controlling the contents with manual file manipulation, which leads me to believe that they can't be used for regular mail (although the book and the wiki never say one way or the other). I don't want to manually control files. I want to send mail to the mailbox and delete (see above) it with a client. 2) There are several examples in Peer's book and the wiki, but none seem to match what I want. (This is the problem with documentation that is predominantly example-based). I guess I need more explanation of the mechanical differences between shared and public and why one would pick one over the other. Can someone help? Please be as specific as you can. Thanks much, Michael -- Tobias Kirchhofer tobias at kirchhofer.net From tobias at kirchhofer.net Tue Nov 29 07:21:31 2016 From: tobias at kirchhofer.net (Tobias Kirchhofer) Date: Tue, 29 Nov 2016 08:21:31 +0100 Subject: shared/public mailbox application In-Reply-To: <04ac01d24a02$3656bd90$a30438b0$@mefox.org> References: <00dc01d2468c$6bd56a80$43803f80$@mefox.org> <00d901d24985$1a78ad40$4f6a07c0$@mefox.org> <16F1AF47-49CA-4E34-94BE-491DB2725A48@kirchhofer.net> <04ac01d24a02$3656bd90$a30438b0$@mefox.org> Message-ID: <57396E2C-0148-4B1B-B044-F9B631FC1B87@kirchhofer.net> Basically we alias NAME at domain.com to doveadm at domain.com. doveadm@ has a sieve-Script which files into the public folder. You could also configure a postfix transport which does the job. Its necessary to overlook the whole process chain to properly configure everything. And a lot of try out :) On 29 Nov 2016, at 6:34, Michael Fox wrote: > Thanks Tobias. Thanks for the detailed reply. > > > > I think I see what you?re doing. But I?m unclear on something (since I?m a nube): > > > > Can anyone send mail to NAME at domain.com and have it appear in the public mailbox? > > > > If not, would it be enough to create a userdb entry which defines a pseudo-user NAME, including its home directory, such that imcoming mail addressed to NAME at domain.com could be delivered into that mailbox? > > > > Thanks, > > Michael > > > > > > > > From: Tobias Kirchhofer [mailto:tobias at kirchhofer.net] > Sent: Monday, November 28, 2016 7:19 AM > To: Michael Fox > Cc: Dovecot Mailing List > Subject: Re: shared/public mailbox application > > > > Hi Michael, > > we migrated from Cyrus Shared Folders to Dovecot Public Folder. > > Our setup with Dovecot: > > * Public Namespace type=public > * prefix=NAMESPACE > * location=maildir:/var/vmail/public/domain.com/folder:INDEXPVT=~/public/domain.com/NAME > * list=children to show NAMESPACE only if acl is given > * Restart Dovecot > * cd /var/vmail/public/domain.com/NAMESPACE > * mkdir .NAME > * We utilise one user doveadm at domain.com to control acl > * doveadm acl set -u doveadm at domain.com NAMESPACE/NAME user= doveadm at domain.com all (this creates also the Maildir) > * doveadm mailbox subscribe -u doveadm at domain.com NAMESPACE/NAME > * dm acl set -u doveadm at domain.com NAMESPACE/NAME user= firstname.lastname at domain.com lookup read write write-seen write-deleted insert post expunge > > User firstname.lastname at domain.com can now subscribe to the public folder ?NAMESPACE/NAME?. > > With this base you could create a more specific setup which more precisely fits your need. > > There are also other strategies achieving Shared Folders the Cyrus way. :) > > Hope that helps. > > Tobias > > On 28 Nov 2016, at 15:38, Michael Fox wrote: > > No answer. Trying again. Surely someone with experience with public > mailboxes can offer some insight on whether the application below should be > a public or shared namespace ... > > Thanks > Michael > > -----Original Message----- > From: dovecot [mailto: dovecot-bounces at dovecot.org] On Behalf Of Michael Fox > Sent: Thursday, November 24, 2016 11:53 AM > To: Dovecot Mailing List dovecot at dovecot.org > Subject: shared/public mailbox application > > I'm new to Dovecot and I need help configuring a shared or public mailbox - > I'm not sure which is appropriate. I've read the wiki and Peer's book and > neither appears to cover what I'd like to do. So I could use some specific > help on how to configure a solution for the following: > > I'd like to create two real mailboxes, let's call them AAA and BBB. Let's > call the domain "mydomain". By "real", I mean that users aaa at mydomain and > bbb at mydomain can log into their own mailbox. > > Anyone user can send mail to them, just like any other address: > aaa at mydomain or bbb at mydomain. > > I'd like all IMAP users in mydomain to be able to read the messages in those > mailboxes. > > I'd like all POP users in mydomain to also see those messages. (But I don't > think I need help with the virtual part). > > I'd like only a few designated IMAP users to be able to delete the messages > in those mailboxes, including dummy users AAA and BBB themselves. > > Ideally, I'd like them to appear in the client under a separate namespace > from shared mailboxes. Example: > > INBOX > > +--- the normal stuff. > > Shared > > +--- user1 > > +--- user2 > > Special > > +--- AAA > > +--- BBB > > My confusion: > > 1) I don't know if this requires a shared namespace or a public > namespace. It "feels" like it's "public", since all users would have > access. But Peer's book and the wiki describe manually creating folders for > public namespaces and controlling the contents with manual file > manipulation, which leads me to believe that they can't be used for regular > mail (although the book and the wiki never say one way or the other). I > don't want to manually control files. I want to send mail to the mailbox > and delete (see above) it with a client. > > 2) There are several examples in Peer's book and the wiki, but none > seem to match what I want. (This is the problem with documentation that is > predominantly example-based). I guess I need more explanation of the > mechanical differences between shared and public and why one would pick one > over the other. > > Can someone help? Please be as specific as you can. > > Thanks much, > > Michael > > -- > Tobias Kirchhofer > tobias at kirchhofer.net -- Tobias Kirchhofer tobias at kirchhofer.net -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 842 bytes Desc: OpenPGP digital signature URL: From thorsten.hater at gmail.com Tue Nov 29 08:50:09 2016 From: thorsten.hater at gmail.com (Thorsten Hater) Date: Tue, 29 Nov 2016 09:50:09 +0100 Subject: Dovecot seems to open extra namespaces Message-ID: Dear all, I am slightly confused by the following log entries ...: imap(...): Debug: Namespace inbox: type=private, prefix=INBOX., sep=., inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:~/Maildir ...: imap(...): Debug: maildir++: root=~/Maildir, index=, indexpvt=, control=, inbox=~/Maildir, alt= ...: imap(...): Debug: Namespace : type=private, prefix=, sep=, inbox=no, hidden=yes, list=no, subscriptions=no location=fail::LAYOUT=none ...: imap(...): Debug: none: root=, index=, indexpvt=, control=, inbox=, alt= It seems that Dovecot opens two different namespaces, despite only one being configured in 10-mail.conf/15-mailboxes.conf. Is this normal and intended? Further, what is the purpose of the line starting with 'none'? Best regards, Thorsten Dovecot version: 2.2.26.0 on Debian Jessie From skdovecot at smail.inf.fh-brs.de Tue Nov 29 09:01:25 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Tue, 29 Nov 2016 10:01:25 +0100 (CET) Subject: Dovecot seems to open extra namespaces In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 29 Nov 2016, Thorsten Hater wrote: > I am slightly confused by the following log entries > > ...: imap(...): Debug: Namespace inbox: type=private, prefix=INBOX., sep=., ^^^^^ > inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:~/Maildir > ...: imap(...): Debug: maildir++: root=~/Maildir, index=, indexpvt=, > control=, inbox=~/Maildir, alt= > ...: imap(...): Debug: Namespace : type=private, prefix=, sep=, inbox=no, ^^^ > hidden=yes, list=no, subscriptions=no location=fail::LAYOUT=none > ...: imap(...): Debug: none: root=, index=, indexpvt=, control=, inbox=, > alt= > > It seems that Dovecot opens two different namespaces, despite only one > being configured in > 10-mail.conf/15-mailboxes.conf. Is this normal and intended? Check out doveconf -a, you will see two namespace definitions, one namespace inbox { and the 2nd one namespace { Name equally. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBWD1D5Xz1H7kL/d9rAQLG5wgAkk+ShnTH2VZGUIamQsEr0+SNQrXZjyNS BQKO2W1WTeEwyRT9GTPH7DCFJu7URf3PN4uIZEYtc3m2X3yG4snFtnQ/MM/rH5Hd e2IX/r4sJrm3F0EFuPT6sjrGE9rcr3tmEWUzAqh22yqkaWEQfUZImAP3sefkZxAM rSN2kPOA5v+ydn+xKO8OxHRKXygyQnR7TDaf9kCEbdkdzS7kGv/vKUKKuuN+krey dWS0VDkYV6ho6kKMr+xv60HqkBwWXGMoHRKSndYncfd21e2Fem0LReOIw5BA3a4v zmAj7n+J2mqVC4cvzVk+B4DBjPWB4fCQw4Hiju1roClrlO34v2O0AQ== =C1YS -----END PGP SIGNATURE----- From thorsten.hater at gmail.com Tue Nov 29 09:05:22 2016 From: thorsten.hater at gmail.com (Thorsten Hater) Date: Tue, 29 Nov 2016 10:05:22 +0100 Subject: Dovecot seems to open extra namespaces In-Reply-To: References: Message-ID: Hi Steffen, that is not the problem # doveconf -a | grep -i namespace namespace inbox { Thorsten On Tue, Nov 29, 2016 at 10:01 AM, Steffen Kaiser < skdovecot at smail.inf.fh-brs.de> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Tue, 29 Nov 2016, Thorsten Hater wrote: > > I am slightly confused by the following log entries >> >> ...: imap(...): Debug: Namespace inbox: type=private, prefix=INBOX., >> sep=., >> > ^^^^^ > >> inbox=yes, hidden=no, list=yes, subscriptions=yes >> location=maildir:~/Maildir >> ...: imap(...): Debug: maildir++: root=~/Maildir, index=, indexpvt=, >> control=, inbox=~/Maildir, alt= >> ...: imap(...): Debug: Namespace : type=private, prefix=, sep=, inbox=no, >> > ^^^ > >> hidden=yes, list=no, subscriptions=no location=fail::LAYOUT=none >> ...: imap(...): Debug: none: root=, index=, indexpvt=, control=, inbox=, >> alt= >> >> It seems that Dovecot opens two different namespaces, despite only one >> being configured in >> 10-mail.conf/15-mailboxes.conf. Is this normal and intended? >> > > Check out doveconf -a, you will see two namespace definitions, one > > namespace inbox { > > and the 2nd one > > namespace { > > Name equally. > > - -- Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iQEVAwUBWD1D5Xz1H7kL/d9rAQLG5wgAkk+ShnTH2VZGUIamQsEr0+SNQrXZjyNS > BQKO2W1WTeEwyRT9GTPH7DCFJu7URf3PN4uIZEYtc3m2X3yG4snFtnQ/MM/rH5Hd > e2IX/r4sJrm3F0EFuPT6sjrGE9rcr3tmEWUzAqh22yqkaWEQfUZImAP3sefkZxAM > rSN2kPOA5v+ydn+xKO8OxHRKXygyQnR7TDaf9kCEbdkdzS7kGv/vKUKKuuN+krey > dWS0VDkYV6ho6kKMr+xv60HqkBwWXGMoHRKSndYncfd21e2Fem0LReOIw5BA3a4v > zmAj7n+J2mqVC4cvzVk+B4DBjPWB4fCQw4Hiju1roClrlO34v2O0AQ== > =C1YS > -----END PGP SIGNATURE----- > From tss at iki.fi Tue Nov 29 12:17:45 2016 From: tss at iki.fi (Timo Sirainen) Date: Tue, 29 Nov 2016 14:17:45 +0200 Subject: Dovecot seems to open extra namespaces In-Reply-To: References: Message-ID: <1B82FB39-48C5-4F37-B4FA-77F62847BC29@iki.fi> On 29 Nov 2016, at 10.50, Thorsten Hater wrote: > > Dear all, > > I am slightly confused by the following log entries > > ...: imap(...): Debug: Namespace inbox: type=private, prefix=INBOX., sep=., > inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:~/Maildir > ...: imap(...): Debug: maildir++: root=~/Maildir, index=, indexpvt=, > control=, inbox=~/Maildir, alt= You have a prefix=INBOX. configured. > ...: imap(...): Debug: Namespace : type=private, prefix=, sep=, inbox=no, > hidden=yes, list=no, subscriptions=no location=fail::LAYOUT=none > ...: imap(...): Debug: none: root=, index=, indexpvt=, control=, inbox=, > alt= Since you didn't configure an empty-prefix namespace, Dovecot autocreates one for you. It's not actually accessible. Only used for making Dovecot's internal life easier and provide errors if you try to access it. From tss at iki.fi Tue Nov 29 12:30:37 2016 From: tss at iki.fi (Timo Sirainen) Date: Tue, 29 Nov 2016 14:30:37 +0200 Subject: auth client limit versus service count of mail processes In-Reply-To: <20161129095750.7b046a77@batzmaru.gol.ad.jp> References: <20161129095750.7b046a77@batzmaru.gol.ad.jp> Message-ID: On 29 Nov 2016, at 2.57, Christian Balzer wrote: > > service imap { > # Most of the memory goes to mmap()ing files. You may need to increase this > # limit if you have huge mailboxes. > #vsz_limit = $default_vsz_limit > vsz_limit = 512M > > # Max. number of IMAP processes (connections) > #process_limit = 1024 > process_limit = 524288 > } .. > But adding a "service_count = 100" line (any value larger than 1 really) to > the imap section we get the dreaded: > --- > Nov 28 17:05:40 mbx09 dovecot: config: Warning: service auth { client_limit=16384} is lower than required under max. load (528384) > --- > > 1. Where's the difference in Dovecot's logic between a mail service that > has a service count of 1 versus one with >1? With service_count=1 it disconnects from auth immediately after logging in. With service_count>0 the auth connection is kept open for the entire existence of the imap process. This is mainly because after dropping privileges it wouldn't be able to connect to the auth-master socket again. In theory if the socket permissions were changed, it could keep reconnecting to auth-master and not keep connections open all the time. > 2. Any way to get the process recycling for IMAP going w/o setting the fd > limit to a ridiculous amount? How about shrinking the imap process_limit? I highly doubt you can actually run 500k imap processes per server and have it still working. The largest I've ever heard people running has been 50k processes per server. From stephan at rename-it.nl Tue Nov 29 12:59:52 2016 From: stephan at rename-it.nl (Stephan Bosch) Date: Tue, 29 Nov 2016 13:59:52 +0100 Subject: Antispam plugin: insufficent error messages In-Reply-To: <4985521.DvuYhMxLoT@desktop> References: <4985521.DvuYhMxLoT@desktop> Message-ID: <175f4d85-ebb1-2807-94a7-84736f689450@rename-it.nl> Op 28-11-2016 om 21:28 schreef Volker Wysk: > Hi! > > "Dovecot always logs a detailed error message if something goes wrong. > If it doesn't, it's considered a bug and will be fixed." (http:// > wiki2.dovecot.org/Logging) Yes, that is indeed what Dovecot and Pigeonhole do. However, AntiSpam is not part of the normal Dovecot distribution, nor is it a plugin created by Dovecot developers. From what I know, Dovecot has mirrored/hosted the AntiSpam Mercurial repository in the past and contributed a few small fixes, but nothing more. Also, it doesn't look like it is actively maintained at the moment. Pigeonhole Sieve recently gained support for the IMAPSieve extension (http://wiki2.dovecot.org/Pigeonhole/Sieve/Plugins/IMAPSieve). When combined with the exprograms plugin (http://wiki2.dovecot.org/Pigeonhole/Sieve/Plugins/Extprograms), you should be able achieve something quite similar using a Sieve script, although I have never tried that myself. Regards, Stephan. From chibi at gol.com Tue Nov 29 13:07:28 2016 From: chibi at gol.com (Christian Balzer) Date: Tue, 29 Nov 2016 22:07:28 +0900 Subject: auth client limit versus service count of mail processes In-Reply-To: References: <20161129095750.7b046a77@batzmaru.gol.ad.jp> Message-ID: <20161129220728.117357a2@batzmaru.gol.ad.jp> On Tue, 29 Nov 2016 14:30:37 +0200 Timo Sirainen wrote: > On 29 Nov 2016, at 2.57, Christian Balzer wrote: > > > > service imap { > > # Most of the memory goes to mmap()ing files. You may need to increase this > > # limit if you have huge mailboxes. > > #vsz_limit = $default_vsz_limit > > vsz_limit = 512M > > > > # Max. number of IMAP processes (connections) > > #process_limit = 1024 > > process_limit = 524288 > > } > .. > > But adding a "service_count = 100" line (any value larger than 1 really) to > > the imap section we get the dreaded: > > --- > > Nov 28 17:05:40 mbx09 dovecot: config: Warning: service auth { client_limit=16384} is lower than required under max. load (528384) > > --- > > > > 1. Where's the difference in Dovecot's logic between a mail service that > > has a service count of 1 versus one with >1? > > With service_count=1 it disconnects from auth immediately after logging in. With service_count>0 the auth connection is kept open for the entire existence of the imap process. This is mainly because after dropping privileges it wouldn't be able to connect to the auth-master socket again. In theory if the socket permissions were changed, it could keep reconnecting to auth-master and not keep connections open all the time. > Alright then, that's what I was suspecting. Too bad, but totally understandable. > > 2. Any way to get the process recycling for IMAP going w/o setting the fd > > limit to a ridiculous amount? > > > How about shrinking the imap process_limit? I highly doubt you can actually run 500k imap processes per server and have it still working. The largest I've ever heard people running has been 50k processes per server. > Well, that's the limit these servers could theoretically take IOPS wise, other things like memory might curtail that earlier. Also this is the fail-over level of this cluster pair, a single node normally would only have to handle half of this. Incidentally these 2 servers are currently running about 45k IMAP processes each and the most busy process is (unsurprisingly) dovecot, the master. But that's only using about 20% of one core and the system is currently operating with the on-demand CPU governor, so that core is only at half speed typically. It's a pure SSD system, I/O utilization tends to peak around 3% and averages less than 1%. Memory is still half "free" (page cache) and an upgrade of that is planned. So from where I'm standing 100k per server (200k in fail-over) at the least should be achievable easily. Guess cranking up the fd limit it is then, still got 10 million spares after all. Thanks for the feedback, Christian -- Christian Balzer Network/Systems Engineer chibi at gol.com Global OnLine Japan/Rakuten Communications http://www.gol.com/ From news at mefox.org Tue Nov 29 16:58:18 2016 From: news at mefox.org (Michael Fox) Date: Tue, 29 Nov 2016 08:58:18 -0800 Subject: shared/public mailbox application In-Reply-To: <57396E2C-0148-4B1B-B044-F9B631FC1B87@kirchhofer.net> References: <00dc01d2468c$6bd56a80$43803f80$@mefox.org> <00d901d24985$1a78ad40$4f6a07c0$@mefox.org> <16F1AF47-49CA-4E34-94BE-491DB2725A48@kirchhofer.net> <04ac01d24a02$3656bd90$a30438b0$@mefox.org> <57396E2C-0148-4B1B-B044-F9B631FC1B87@kirchhofer.net> Message-ID: <012201d24a61$c9454950$5bcfdbf0$@mefox.org> > Basically we alias NAME at domain.com to doveadm at domain.com. doveadm@ has a > sieve-Script which files into the public folder. You could also configure > a postfix transport which does the job. Ah. OK. That may be more complexity than I need for my situation. So please bear with me as I try to understand this. IF: Postfix is already configured to deliver mail destined for the virtual domain "domain.com" to Dovecot --and-- I create the NAMESPACE and NAME setup as you described --and-- I create a Dovecot userdb entry for NAME at domain.com (but no passdb entry) --and-- I configure ACLs so that all domain.com users can read NAME's mailbox but only admin users can delete messages in NAME's mailbox --and-- I configure the virtual INBOX for POP users to include "RealMails" and "NAME" THEN, I'm thinking that: Because there is no passdb entry, user NAME at domain.com cannot log in --and-- Because userdb defines NAME's home directory, incoming mail to NAME at domain.com would be delivered to the NAME mailbox, just like any other user in domain.com, without the need for aliasing or sieve --and-- Because of the ACLs, IMAP admin users would be able to delete/manage NAME's messages and everyone else would be able to read NAME's messages --and-- Because of the virtual INBOX, POP users would be able to read the NAME messages. Does that make sense? Am I missing something? > Its necessary to overlook the whole process chain to properly configure > everything. Yes! Agreed! That's why I'm trying to think through the whole thing before diving down a rabbit hole that leads to a dead end. > And a lot of try out :) For sure. (Just as soon as I understand what I'm trying to do.) ;-) Michael From kevin at my.walr.us Tue Nov 29 18:29:55 2016 From: kevin at my.walr.us (KT Walrus) Date: Tue, 29 Nov 2016 13:29:55 -0500 Subject: use IMAPSIEVE to update database with last_read date Message-ID: Just noticed the Dovecot support IMAPSIEVE extension? Could I use this extension to update an external database with the date that the user last read the message? My app sends certain ?notification? messages to the user?s dovecot mail address. The user reads the messages in their dovecot mailboxes only using IMAP. I want to update my app?s database to record this read time for all ?notification? messages sent by the app. Seems to me I could write a short sieve script to send a ?notify? message to an app specific address that my app ?watches? and updates the appropriate database record with the last_read time. Is this workable for production deploy? Or, is there a better way for a sender to be notified when the recipient actually reads the message? The sender will be my app and the recipient is a dovecot mailbox accessed by IMAP. Kevin From tss at iki.fi Tue Nov 29 22:43:30 2016 From: tss at iki.fi (Timo Sirainen) Date: Wed, 30 Nov 2016 00:43:30 +0200 Subject: v2.2.27 release candidate released Message-ID: <45A9483C-2966-43DA-8CA7-8816F0D1A1AF@iki.fi> http://dovecot.org/releases/2.2/rc/dovecot-2.2.27.rc1.tar.gz http://dovecot.org/releases/2.2/rc/dovecot-2.2.27.rc1.tar.gz.sig Most interestingly there's a new mail_crypt plugin. It would be nice if crypto gurus could check through it for any issues. Director's tagging fix was also quite a large change, but the new code is already used in production and appears to be working fine. * dovecot.list.index.log rotation sizes/times were changed so that the .log file stays smaller and .log.2 is deleted sooner. + Added mail_crypt plugin that allows encryption of stored emails. See http://wiki2.dovecot.org/Plugins/MailCrypt + stats: Global stats can be sent to Carbon server by setting stats_carbon_server=ip:port + imap/pop3 proxy: If passdb returns proxy_not_trusted, don't send ID/XCLIENT + Added generic hash modifier for %variables: %{;rounds=,truncate=,salt=s>:field} Hash algorithm is any of the supported ones, e.g. md5, sha1, sha256. Also "pkcs5" is supported using SHA256. For example: %{sha256:user} or %{md5;truncate=32:user}. + Added support for SHA3-256 and SHA3-512 hashes. + config: Support DNS wildcards in local_name, e.g. local_name *.example.com { .. } matches anything.example.com, but not multiple.anything.example.com. - Fixed crash in auth process when auth-policy was configured and authentication was aborted/failed without a username set. - director: If two users had different tags but the same hash, the users may have been redirected to the wrong tag's hosts. - Index files may have been thought incorrectly lost, causing "Missing middle file seq=.." to be logged and index rebuild. This happened more easily with IMAP hibernation enabled. - Various fixes to restoring state correctly in un-hibernation. - dovecot.index files were commonly 4 bytes per email too large. This is because 3 bytes per email were being wasted that could have been used for IMAP keywords. - Various fixes to handle dovecot.list.index corruption better. - lib-fts: Fixed assert-crash in address tokenizer with specific input. - Fixed assert-crash in HTML to text parsing with specific input (e.g. for FTS indexing or snippet generation) - doveadm sync -1: Fixed handling mailbox GUID conflicts. - sdbox, mdbox: Perform full index rebuild if corruption is detected inside lib-index, which runs index fsck. From tobias at kirchhofer.net Wed Nov 30 07:21:02 2016 From: tobias at kirchhofer.net (Tobias Kirchhofer) Date: Wed, 30 Nov 2016 08:21:02 +0100 Subject: shared/public mailbox application In-Reply-To: <012201d24a61$c9454950$5bcfdbf0$@mefox.org> References: <00dc01d2468c$6bd56a80$43803f80$@mefox.org> <00d901d24985$1a78ad40$4f6a07c0$@mefox.org> <16F1AF47-49CA-4E34-94BE-491DB2725A48@kirchhofer.net> <04ac01d24a02$3656bd90$a30438b0$@mefox.org> <57396E2C-0148-4B1B-B044-F9B631FC1B87@kirchhofer.net> <012201d24a61$c9454950$5bcfdbf0$@mefox.org> Message-ID: <94D272FB-1536-49DD-ACA3-A483ED4795F9@kirchhofer.net> Sounds good - this could do the trick. Post the final and working concept :) On 29 Nov 2016, at 17:58, Michael Fox wrote: >> Basically we alias NAME at domain.com to doveadm at domain.com. doveadm@ has a >> sieve-Script which files into the public folder. You could also configure >> a postfix transport which does the job. > > Ah. OK. That may be more complexity than I need for my situation. So please bear with me as I try to understand this. > > IF: > > Postfix is already configured to deliver mail destined for the virtual domain "domain.com" to Dovecot > --and-- > I create the NAMESPACE and NAME setup as you described > --and-- > I create a Dovecot userdb entry for NAME at domain.com (but no passdb entry) > --and-- > I configure ACLs so that all domain.com users can read NAME's mailbox but only admin users can delete messages in NAME's mailbox > --and-- > I configure the virtual INBOX for POP users to include "RealMails" and "NAME" > > THEN, I'm thinking that: > > Because there is no passdb entry, user NAME at domain.com cannot log in > --and-- > Because userdb defines NAME's home directory, incoming mail to NAME at domain.com would be delivered to the NAME mailbox, just like any other user in domain.com, without the need for aliasing or sieve > --and-- > Because of the ACLs, IMAP admin users would be able to delete/manage NAME's messages and everyone else would be able to read NAME's messages > --and-- > Because of the virtual INBOX, POP users would be able to read the NAME messages. > > Does that make sense? Am I missing something? > > >> Its necessary to overlook the whole process chain to properly configure >> everything. > > Yes! Agreed! That's why I'm trying to think through the whole thing before diving down a rabbit hole that leads to a dead end. > >> And a lot of try out :) > > For sure. (Just as soon as I understand what I'm trying to do.) ;-) > > Michael -- Tobias Kirchhofer tobias at kirchhofer.net -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 842 bytes Desc: OpenPGP digital signature URL: From thorsten.hater at gmail.com Wed Nov 30 07:57:52 2016 From: thorsten.hater at gmail.com (Thorsten Hater) Date: Wed, 30 Nov 2016 08:57:52 +0100 Subject: Dovecot seems to open extra namespaces In-Reply-To: <1B82FB39-48C5-4F37-B4FA-77F62847BC29@iki.fi> References: <1B82FB39-48C5-4F37-B4FA-77F62847BC29@iki.fi> Message-ID: Thanks for the clarification, this makes sense now. On Tue, Nov 29, 2016 at 1:17 PM, Timo Sirainen wrote: > On 29 Nov 2016, at 10.50, Thorsten Hater wrote: > > > > Dear all, > > > > I am slightly confused by the following log entries > > > > ...: imap(...): Debug: Namespace inbox: type=private, prefix=INBOX., > sep=., > > inbox=yes, hidden=no, list=yes, subscriptions=yes > location=maildir:~/Maildir > > ...: imap(...): Debug: maildir++: root=~/Maildir, index=, indexpvt=, > > control=, inbox=~/Maildir, alt= > > You have a prefix=INBOX. configured. > > > ...: imap(...): Debug: Namespace : type=private, prefix=, sep=, inbox=no, > > hidden=yes, list=no, subscriptions=no location=fail::LAYOUT=none > > ...: imap(...): Debug: none: root=, index=, indexpvt=, control=, inbox=, > > alt= > > Since you didn't configure an empty-prefix namespace, Dovecot autocreates > one for you. It's not actually accessible. Only used for making Dovecot's > internal life easier and provide errors if you try to access it. > > From steve at degga.net Wed Nov 30 08:47:57 2016 From: steve at degga.net (Steven Mainor) Date: Wed, 30 Nov 2016 03:47:57 -0500 Subject: Sieve script won't compile. Compiler output isn't helpful. Message-ID: <53eded60-dae5-072c-a1ed-fa5cbade2080@degga.net> Hello! I hope you will forgive my ignorance but I have a problem I have been trying to solve for a week and I'm not sure where else to turn. I'm trying to write a sieve script to sort all of my mail. I was writing this script to replace the one I am currently using but I can't seem to get it to compile. I don't know a lot about sieve or really scripting of any kind and I just can't figure out what I'm doing wrong. The compiler just puts out a bunch of output that doesn't make sense. like "unexpected character" when I know the character works there because I am already running a script with some of the same lines. I'm attaching the script with some names and addresses changed and the sieve output to this email. I would greatly appreciate any help anyone could offer. -------------- next part -------------- require ["envelope", "fileinto", "mailbox", "imap4flags", "regex"]; if anyof (header :contains "List-ID" "", header :contains "List-Id" "Dovecot", envelope :domain "From" "lists.ubuntu.com", envelope :domain "from" "debian.org", envelope :domain "From" "1.example.com", envelope :domain "From" "2.example.com", envelope :domain "From" "3.example.com", envelope :domain "From" "4.example.com", envelope :domain "From" "5.example.com", envelope :domain "From" "6.example.com", envelope "From" "person at 7.example.com", envelope :domain "From" "8.example.com", envelope :domain "From" "9.example.com", envelope :domain "From" "10.example.com", envelope :domain "From" "11.example.com", envelope :domain "From" "12.example.com", envelope :domain "From" "13.example.com", envelope :domain "From" "14.example.com", envelope :domain "From" "15.example.com", envelope :domain "From" "16.ecample.com") { if header :contains "List-ID" "" { fileinto :create "Lists/Kernel"; stop; } if header :contains "List-Id" "Dovecot" { fileinto :create "Lists/Dovecot"; stop; } if envelope :domain "From" "lists.ubuntu.com" { if envelope "from" "ubuntu-users-bounces at lists.ubuntu.com" { fileinto :create "Lists/Ubuntu/Users"; stop; } if envelope "From" "ubuntu-security-announce-bounces at lists.ubuntu.com" { fileinto :create "Lists/Ubuntu/Security"; stop; } else { fileinto :create "Lists/Ubuntu"; stop; } } if envelope :domain "From" "debian.org" { if envelope :contains "From" "debian-user" { fileinto :create "Lists/Debian/User"; stop; } if envelope :contains "From" "debain-security" { fileinto :create "Lists/Debain/Security"; stop; } if envelope :contains "From" "debain-security-announce" { fileinto :create "Lists/Debain/SecurityAnnounce"; stop; } if envelope :contains "From" "debian-news" { fileinto :create "Lists/Debain/News; stop; } if envelope :contains "From" "debian-lts" { fileinto :create "Lists/Debian/LtsAnnounce"; stop; } if envelope :contains "From" "debian-photo" { fileinto :create "Lists/Debian/Photo"; stop; } else { fileinto :create "Lists/Debain"; stop; } } if anyof (envelope :domain "From" "1.example.com", envelope :domain "From" "2.example.com", envelope :domain "From" "3.example.com", envelope :domain "From" "4.example.com", envelope :domain "From" "5.example.com", envelope :domain "From" "6.example.com", envelope "From" "person at 7.example.com", envelope :domain "From" "8.example.com", envelope :domain "From" "9.example.com", envelope :domain "From" "10.example.com", envelope :domain "From" "11.example.com", envelope :domain "From" "11.example.com", envelope :domain "From" "12.example.com", envelope :domain "From" "13.example.com", envelope :domain "From" "14.example.com", envelope :domain "From" "15.example.com") { fileinto :create "Lists/Bulk"; stop; } else { fileinto :create "Lists"; stop; } } if anyof (header "From" "store-news at amazon.com", envelope :contains "From" "menswearhouse.com", envelope :contains "From" "officedepot.com", envelope :contains "From" "walgreens.com", header "From" "promo at email.newegg.com") { fileinto :create "Promo"; stop; } if envelope :contains "From" "facebookmail.com" { fileinto :create "SocialMedia"; stop; } if anyof (envelope :contains "From" "creditonemail.com", envelope :contains "From" "statefarm.com", envelope :contains "From" "capitalone.com") { fileinto :create "Banking"; stop; } -------------- next part -------------- newfilter: line 100: error: unexpected character(s) starting with '-'. newfilter: line 100: error: expected end of command ';' or the beginning of a compound block '{', but found unknown characters. newfilter: line 104: error: unexpected character(s) starting with '-'. newfilter: line 113: error: unexpected character(s) starting with '.'. newfilter: line 113: error: unexpected character(s) starting with '.'. newfilter: line 114: error: unexpected character(s) starting with '.'. newfilter: line 114: error: unexpected character(s) starting with '.'. newfilter: line 115: error: unexpected character(s) starting with '.'. newfilter: line 115: error: unexpected character(s) starting with '.'. newfilter: line 116: error: unexpected character(s) starting with '.'. newfilter: line 116: error: unexpected character(s) starting with '.'. newfilter: line 117: error: unexpected character(s) starting with '.'. newfilter: line 117: error: unexpected character(s) starting with '.'. newfilter: line 118: error: unexpected character(s) starting with '.'. newfilter: line 118: error: unexpected character(s) starting with '.'. newfilter: line 119: error: unexpected character(s) starting with '@'. newfilter: line 119: error: unexpected character(s) starting with '.'. newfilter: line 119: error: unexpected character(s) starting with '.'. newfilter: line 120: error: unexpected character(s) starting with '.'. newfilter: line 120: error: unexpected character(s) starting with '.'. newfilter: line 121: error: unexpected character(s) starting with '.'. newfilter: line 121: error: unexpected character(s) starting with '.'. newfilter: line 122: error: unexpected character(s) starting with '.'. newfilter: line 122: error: unexpected character(s) starting with '.'. newfilter: line 123: error: unexpected character(s) starting with '.'. newfilter: line 123: error: unexpected character(s) starting with '.'. newfilter: line 124: error: unexpected character(s) starting with '.'. newfilter: line 124: error: unexpected character(s) starting with '.'. newfilter: line 125: error: unexpected character(s) starting with '.'. newfilter: line 125: error: unexpected character(s) starting with '.'. newfilter: line 126: error: unexpected character(s) starting with '.'. newfilter: line 126: error: unexpected character(s) starting with '.'. newfilter: line 127: error: unexpected character(s) starting with '.'. newfilter: line 127: error: unexpected character(s) starting with '.'. newfilter: line 128: error: unexpected character(s) starting with '.'. newfilter: line 128: error: unexpected character(s) starting with '.'. newfilter: line 137: error: unexpected character(s) starting with '-'. newfilter: line 137: error: unexpected character(s) starting with '@'. newfilter: line 137: error: unexpected character(s) starting with '.'. newfilter: line 138: error: unexpected character(s) starting with '.'. newfilter: line 139: error: unexpected character(s) starting with '.'. newfilter: line 140: error: unexpected character(s) starting with '.'. newfilter: line 141: error: unexpected character(s) starting with '@'. newfilter: line 141: error: unexpected character(s) starting with '.'. newfilter: line 141: error: unexpected character(s) starting with '.'. newfilter: line 145: error: unexpected character(s) starting with '.'. newfilter: line 149: error: unexpected character(s) starting with '.'. newfilter: line 150: error: unexpected character(s) starting with '.'. newfilter: line 151: error: unexpected character(s) starting with '.'. newfilter: line 155: error: end of file before end of quoted string started at line 152. newfilter: error: parse failed. From martin.wheldon at greenhills-it.co.uk Wed Nov 30 09:10:17 2016 From: martin.wheldon at greenhills-it.co.uk (Martin Wheldon) Date: Wed, 30 Nov 2016 09:10:17 +0000 Subject: Sieve script won't compile. Compiler output isn't helpful. In-Reply-To: <53eded60-dae5-072c-a1ed-fa5cbade2080@degga.net> References: <53eded60-dae5-072c-a1ed-fa5cbade2080@degga.net> Message-ID: Hi Steven, I think you may be missing the :contains from the two header lines below: > if anyof (header "From" "store-news at amazon.com", > envelope :contains "From" "menswearhouse.com", > envelope :contains "From" "officedepot.com", > envelope :contains "From" "walgreens.com", > header "From" "promo at email.newegg.com") { > fileinto :create "Promo"; > stop; if anyof (header :contains "From" "store-news at amazon.com", envelope :contains "From" "menswearhouse.com", envelope :contains "From" "officedepot.com", envelope :contains "From" "walgreens.com", header :contains "From" "promo at email.newegg.com") { fileinto :create "Promo"; stop; Hope that helps Best Regards Martin On 2016-11-30 08:47, Steven Mainor wrote: > Hello! I hope you will forgive my ignorance but I have a problem I > have been trying to solve for a week and I'm not sure where else to > turn. > > I'm trying to write a sieve script to sort all of my mail. I was > writing this script to replace the one I am currently using but I > can't seem to get it to compile. I don't know a lot about sieve or > really scripting of any kind and I just can't figure out what I'm > doing wrong. > > The compiler just puts out a bunch of output that doesn't make sense. > like "unexpected character" when I know the character works there > because I am already running a script with some of the same lines. > > I'm attaching the script with some names and addresses changed and the > sieve output to this email. > > I would greatly appreciate any help anyone could offer. From steve at degga.net Wed Nov 30 09:30:37 2016 From: steve at degga.net (Steven Mainor) Date: Wed, 30 Nov 2016 04:30:37 -0500 Subject: Sieve script won't compile. Compiler output isn't helpful. In-Reply-To: References: <53eded60-dae5-072c-a1ed-fa5cbade2080@degga.net> Message-ID: Hey martin, Thanks for the reply! I made the changes you suggested but I got the same results. According to my understanding, #header "from" "person at example.com"# is correct for an exact match. On 11/30/2016 04:10 AM, Martin Wheldon wrote: > Hi Steven, > > I think you may be missing the :contains from the two header lines below: > >> if anyof (header "From" "store-news at amazon.com", >> envelope :contains "From" "menswearhouse.com", >> envelope :contains "From" "officedepot.com", >> envelope :contains "From" "walgreens.com", >> header "From" "promo at email.newegg.com") { >> fileinto :create "Promo"; >> stop; > > if anyof (header :contains "From" "store-news at amazon.com", > envelope :contains "From" "menswearhouse.com", > envelope :contains "From" "officedepot.com", > envelope :contains "From" "walgreens.com", > header :contains "From" "promo at email.newegg.com") { > fileinto :create "Promo"; > stop; > > Hope that helps > > Best Regards > > Martin > > On 2016-11-30 08:47, Steven Mainor wrote: >> Hello! I hope you will forgive my ignorance but I have a problem I >> have been trying to solve for a week and I'm not sure where else to >> turn. >> >> I'm trying to write a sieve script to sort all of my mail. I was >> writing this script to replace the one I am currently using but I >> can't seem to get it to compile. I don't know a lot about sieve or >> really scripting of any kind and I just can't figure out what I'm >> doing wrong. >> >> The compiler just puts out a bunch of output that doesn't make sense. >> like "unexpected character" when I know the character works there >> because I am already running a script with some of the same lines. >> >> I'm attaching the script with some names and addresses changed and the >> sieve output to this email. >> >> I would greatly appreciate any help anyone could offer. From martin.wheldon at greenhills-it.co.uk Wed Nov 30 09:48:54 2016 From: martin.wheldon at greenhills-it.co.uk (Martin Wheldon) Date: Wed, 30 Nov 2016 09:48:54 +0000 Subject: Sieve script won't compile. Compiler output isn't helpful. In-Reply-To: References: <53eded60-dae5-072c-a1ed-fa5cbade2080@degga.net> Message-ID: <8b82c4c503dfd96ee0f0de7e07f47020@mail.greenhills-it.co.uk> Hi Steven, OK a on closer inspection :) You are missing a closing double quote on line 59: > fileinto :create "Lists/Debain/News; should be: fileinto :create "Lists/Debain/News"; Best Regards Martin On 2016-11-30 09:30, Steven Mainor wrote: > Hey martin, > > Thanks for the reply! I made the changes you suggested but I got the > same results. > > According to my understanding, #header "from" "person at example.com"# is > correct for an exact match. > > > On 11/30/2016 04:10 AM, Martin Wheldon wrote: >> Hi Steven, >> >> I think you may be missing the :contains from the two header lines >> below: >> >>> if anyof (header "From" "store-news at amazon.com", >>> envelope :contains "From" "menswearhouse.com", >>> envelope :contains "From" "officedepot.com", >>> envelope :contains "From" "walgreens.com", >>> header "From" "promo at email.newegg.com") { >>> fileinto :create "Promo"; >>> stop; >> >> if anyof (header :contains "From" "store-news at amazon.com", >> envelope :contains "From" "menswearhouse.com", >> envelope :contains "From" "officedepot.com", >> envelope :contains "From" "walgreens.com", >> header :contains "From" "promo at email.newegg.com") { >> fileinto :create "Promo"; >> stop; >> >> Hope that helps >> >> Best Regards >> >> Martin >> >> On 2016-11-30 08:47, Steven Mainor wrote: >>> Hello! I hope you will forgive my ignorance but I have a problem I >>> have been trying to solve for a week and I'm not sure where else to >>> turn. >>> >>> I'm trying to write a sieve script to sort all of my mail. I was >>> writing this script to replace the one I am currently using but I >>> can't seem to get it to compile. I don't know a lot about sieve or >>> really scripting of any kind and I just can't figure out what I'm >>> doing wrong. >>> >>> The compiler just puts out a bunch of output that doesn't make sense. >>> like "unexpected character" when I know the character works there >>> because I am already running a script with some of the same lines. >>> >>> I'm attaching the script with some names and addresses changed and >>> the >>> sieve output to this email. >>> >>> I would greatly appreciate any help anyone could offer. From steve at degga.net Wed Nov 30 10:04:05 2016 From: steve at degga.net (Steven Mainor) Date: Wed, 30 Nov 2016 05:04:05 -0500 Subject: Sieve script won't compile. Compiler output isn't helpful. In-Reply-To: <8b82c4c503dfd96ee0f0de7e07f47020@mail.greenhills-it.co.uk> References: <53eded60-dae5-072c-a1ed-fa5cbade2080@degga.net> <8b82c4c503dfd96ee0f0de7e07f47020@mail.greenhills-it.co.uk> Message-ID: Hello Martin, Wow. That was indeed the problem. I have been staring at that small script for a week and I just couldn't see it. I even had a friend look at it and he couldn't find it either. I feel a bit ridiculous now. Thanks so much for your help, Steven On 11/30/2016 04:48 AM, Martin Wheldon wrote: > Hi Steven, > > OK a on closer inspection :) > > You are missing a closing double quote on line 59: > >> fileinto :create "Lists/Debain/News; > > should be: > > fileinto :create "Lists/Debain/News"; > > Best Regards > > Martin > > On 2016-11-30 09:30, Steven Mainor wrote: >> Hey martin, >> >> Thanks for the reply! I made the changes you suggested but I got the >> same results. >> >> According to my understanding, #header "from" "person at example.com"# is >> correct for an exact match. >> >> >> On 11/30/2016 04:10 AM, Martin Wheldon wrote: >>> Hi Steven, >>> >>> I think you may be missing the :contains from the two header lines >>> below: >>> >>>> if anyof (header "From" "store-news at amazon.com", >>>> envelope :contains "From" "menswearhouse.com", >>>> envelope :contains "From" "officedepot.com", >>>> envelope :contains "From" "walgreens.com", >>>> header "From" "promo at email.newegg.com") { >>>> fileinto :create "Promo"; >>>> stop; >>> >>> if anyof (header :contains "From" "store-news at amazon.com", >>> envelope :contains "From" "menswearhouse.com", >>> envelope :contains "From" "officedepot.com", >>> envelope :contains "From" "walgreens.com", >>> header :contains "From" "promo at email.newegg.com") { >>> fileinto :create "Promo"; >>> stop; >>> >>> Hope that helps >>> >>> Best Regards >>> >>> Martin >>> >>> On 2016-11-30 08:47, Steven Mainor wrote: >>>> Hello! I hope you will forgive my ignorance but I have a problem I >>>> have been trying to solve for a week and I'm not sure where else to >>>> turn. >>>> >>>> I'm trying to write a sieve script to sort all of my mail. I was >>>> writing this script to replace the one I am currently using but I >>>> can't seem to get it to compile. I don't know a lot about sieve or >>>> really scripting of any kind and I just can't figure out what I'm >>>> doing wrong. >>>> >>>> The compiler just puts out a bunch of output that doesn't make sense. >>>> like "unexpected character" when I know the character works there >>>> because I am already running a script with some of the same lines. >>>> >>>> I'm attaching the script with some names and addresses changed and the >>>> sieve output to this email. >>>> >>>> I would greatly appreciate any help anyone could offer. From stephan at rename-it.nl Wed Nov 30 10:37:28 2016 From: stephan at rename-it.nl (Stephan Bosch) Date: Wed, 30 Nov 2016 11:37:28 +0100 Subject: use IMAPSIEVE to update database with last_read date In-Reply-To: References: Message-ID: <19a52a30-cce2-4fa3-4411-f66b3a0216ac@rename-it.nl> Op 29-11-2016 om 19:29 schreef KT Walrus: > Just noticed the Dovecot support IMAPSIEVE extension? > > Could I use this extension to update an external database with the date that the user last read the message? No, IMAPSieve is only triggered by modifications: APPEND, COPY, MOVE and STORE. > My app sends certain ?notification? messages to the user?s dovecot mail address. The user reads the messages in their dovecot mailboxes only using IMAP. I want to update my app?s database to record this read time for all ?notification? messages sent by the app. > > Seems to me I could write a short sieve script to send a ?notify? message to an app specific address that my app ?watches? and updates the appropriate database record with the last_read time. > > Is this workable for production deploy? > > Or, is there a better way for a sender to be notified when the recipient actually reads the message? The sender will be my app and the recipient is a dovecot mailbox accessed by IMAP. I don't see a solution at this time. You'd need to use some derivative of the notify plugin to do something like this. But afaik it doesn't exist. The push-notification plugin comes close though. Regards, Stephan. From stephan at rename-it.nl Wed Nov 30 10:44:55 2016 From: stephan at rename-it.nl (Stephan Bosch) Date: Wed, 30 Nov 2016 11:44:55 +0100 Subject: Sieve script won't compile. Compiler output isn't helpful. In-Reply-To: References: <53eded60-dae5-072c-a1ed-fa5cbade2080@degga.net> <8b82c4c503dfd96ee0f0de7e07f47020@mail.greenhills-it.co.uk> Message-ID: Op 30-11-2016 om 11:04 schreef Steven Mainor: > Hello Martin, > > Wow. That was indeed the problem. I have been staring at that small > script for a week and I just couldn't see it. I even had a friend look > at it and he couldn't find it either. I feel a bit ridiculous now. Making the handling/reporting of unterminated quoted strings better has been on my list for a while now. You're the first to actually complain about it so far. :) The main problem is that Sieve quoted strings are allowed to contain newlines, which means that a string doesn't necessarily end before the end of the line. Regards, Stephan. > > On 11/30/2016 04:48 AM, Martin Wheldon wrote: >> Hi Steven, >> >> OK a on closer inspection :) >> >> You are missing a closing double quote on line 59: >> >>> fileinto :create "Lists/Debain/News; >> >> should be: >> >> fileinto :create "Lists/Debain/News"; >> >> Best Regards >> >> Martin >> >> On 2016-11-30 09:30, Steven Mainor wrote: >>> Hey martin, >>> >>> Thanks for the reply! I made the changes you suggested but I got the >>> same results. >>> >>> According to my understanding, #header "from" "person at example.com"# is >>> correct for an exact match. >>> >>> >>> On 11/30/2016 04:10 AM, Martin Wheldon wrote: >>>> Hi Steven, >>>> >>>> I think you may be missing the :contains from the two header lines >>>> below: >>>> >>>>> if anyof (header "From" "store-news at amazon.com", >>>>> envelope :contains "From" "menswearhouse.com", >>>>> envelope :contains "From" "officedepot.com", >>>>> envelope :contains "From" "walgreens.com", >>>>> header "From" "promo at email.newegg.com") { >>>>> fileinto :create "Promo"; >>>>> stop; >>>> >>>> if anyof (header :contains "From" "store-news at amazon.com", >>>> envelope :contains "From" "menswearhouse.com", >>>> envelope :contains "From" "officedepot.com", >>>> envelope :contains "From" "walgreens.com", >>>> header :contains "From" "promo at email.newegg.com") { >>>> fileinto :create "Promo"; >>>> stop; >>>> >>>> Hope that helps >>>> >>>> Best Regards >>>> >>>> Martin >>>> >>>> On 2016-11-30 08:47, Steven Mainor wrote: >>>>> Hello! I hope you will forgive my ignorance but I have a problem I >>>>> have been trying to solve for a week and I'm not sure where else to >>>>> turn. >>>>> >>>>> I'm trying to write a sieve script to sort all of my mail. I was >>>>> writing this script to replace the one I am currently using but I >>>>> can't seem to get it to compile. I don't know a lot about sieve or >>>>> really scripting of any kind and I just can't figure out what I'm >>>>> doing wrong. >>>>> >>>>> The compiler just puts out a bunch of output that doesn't make sense. >>>>> like "unexpected character" when I know the character works there >>>>> because I am already running a script with some of the same lines. >>>>> >>>>> I'm attaching the script with some names and addresses changed and >>>>> the >>>>> sieve output to this email. >>>>> >>>>> I would greatly appreciate any help anyone could offer. From steve at degga.net Wed Nov 30 11:39:47 2016 From: steve at degga.net (Steven Mainor) Date: Wed, 30 Nov 2016 06:39:47 -0500 Subject: Sieve script won't compile. Compiler output isn't helpful. In-Reply-To: References: <53eded60-dae5-072c-a1ed-fa5cbade2080@degga.net> <8b82c4c503dfd96ee0f0de7e07f47020@mail.greenhills-it.co.uk> Message-ID: <34D20DB2-78EB-4090-8405-985571A96E88@degga.net> Hey Stephan, Its okay I should have been able to spot that as many times as I read it. I feel very silly about it. I just recently started using sieve but already I love how powerful it is. Thanks, Steven On November 30, 2016 5:44:55 AM EST, Stephan Bosch wrote: > > >Op 30-11-2016 om 11:04 schreef Steven Mainor: >> Hello Martin, >> >> Wow. That was indeed the problem. I have been staring at that small >> script for a week and I just couldn't see it. I even had a friend >look >> at it and he couldn't find it either. I feel a bit ridiculous now. > >Making the handling/reporting of unterminated quoted strings better has > >been on my list for a while now. You're the first to actually complain >about it so far. :) > >The main problem is that Sieve quoted strings are allowed to contain >newlines, which means that a string doesn't necessarily end before the >end of the line. > >Regards, > >Stephan. > >> >> On 11/30/2016 04:48 AM, Martin Wheldon wrote: >>> Hi Steven, >>> >>> OK a on closer inspection :) >>> >>> You are missing a closing double quote on line 59: >>> >>>> fileinto :create "Lists/Debain/News; >>> >>> should be: >>> >>> fileinto :create "Lists/Debain/News"; >>> >>> Best Regards >>> >>> Martin >>> >>> On 2016-11-30 09:30, Steven Mainor wrote: >>>> Hey martin, >>>> >>>> Thanks for the reply! I made the changes you suggested but I got >the >>>> same results. >>>> >>>> According to my understanding, #header "from" "person at example.com"# >is >>>> correct for an exact match. >>>> >>>> >>>> On 11/30/2016 04:10 AM, Martin Wheldon wrote: >>>>> Hi Steven, >>>>> >>>>> I think you may be missing the :contains from the two header lines > >>>>> below: >>>>> >>>>>> if anyof (header "From" "store-news at amazon.com", >>>>>> envelope :contains "From" "menswearhouse.com", >>>>>> envelope :contains "From" "officedepot.com", >>>>>> envelope :contains "From" "walgreens.com", >>>>>> header "From" "promo at email.newegg.com") { >>>>>> fileinto :create "Promo"; >>>>>> stop; >>>>> >>>>> if anyof (header :contains "From" "store-news at amazon.com", >>>>> envelope :contains "From" "menswearhouse.com", >>>>> envelope :contains "From" "officedepot.com", >>>>> envelope :contains "From" "walgreens.com", >>>>> header :contains "From" "promo at email.newegg.com") { >>>>> fileinto :create "Promo"; >>>>> stop; >>>>> >>>>> Hope that helps >>>>> >>>>> Best Regards >>>>> >>>>> Martin >>>>> >>>>> On 2016-11-30 08:47, Steven Mainor wrote: >>>>>> Hello! I hope you will forgive my ignorance but I have a problem >I >>>>>> have been trying to solve for a week and I'm not sure where else >to >>>>>> turn. >>>>>> >>>>>> I'm trying to write a sieve script to sort all of my mail. I was >>>>>> writing this script to replace the one I am currently using but I >>>>>> can't seem to get it to compile. I don't know a lot about sieve >or >>>>>> really scripting of any kind and I just can't figure out what I'm >>>>>> doing wrong. >>>>>> >>>>>> The compiler just puts out a bunch of output that doesn't make >sense. >>>>>> like "unexpected character" when I know the character works there >>>>>> because I am already running a script with some of the same >lines. >>>>>> >>>>>> I'm attaching the script with some names and addresses changed >and >>>>>> the >>>>>> sieve output to this email. >>>>>> >>>>>> I would greatly appreciate any help anyone could offer. From giles at coochey.net Wed Nov 30 11:50:56 2016 From: giles at coochey.net (Giles Coochey) Date: Wed, 30 Nov 2016 11:50:56 +0000 Subject: Sieve script won't compile. Compiler output isn't helpful. In-Reply-To: <34D20DB2-78EB-4090-8405-985571A96E88@degga.net> References: <53eded60-dae5-072c-a1ed-fa5cbade2080@degga.net> <8b82c4c503dfd96ee0f0de7e07f47020@mail.greenhills-it.co.uk> <34D20DB2-78EB-4090-8405-985571A96E88@degga.net> Message-ID: <5e78f649-a2f1-c8d6-150b-1bf7090594c6@coochey.net> On 30/11/16 11:39, Steven Mainor wrote: > Hey Stephan, > > Its okay I should have been able to spot that as many times as I read it. I feel very silly about it. > > I just recently started using sieve but already I love how powerful it is. > > Thanks, > Steven An easy way to spot these types of errors is to use a context sensitive editor with highlighting, they can often highlight these issues and make them easier to spot. -- Regards, Giles Coochey +44 (0) 7584 634 135 +44 (0) 1803 529 451 giles at coochey.net -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3819 bytes Desc: S/MIME Cryptographic Signature URL: From stephan at rename-it.nl Wed Nov 30 12:07:59 2016 From: stephan at rename-it.nl (Stephan Bosch) Date: Wed, 30 Nov 2016 13:07:59 +0100 Subject: use IMAPSIEVE to update database with last_read date In-Reply-To: <19a52a30-cce2-4fa3-4411-f66b3a0216ac@rename-it.nl> References: <19a52a30-cce2-4fa3-4411-f66b3a0216ac@rename-it.nl> Message-ID: Op 30-11-2016 om 11:37 schreef Stephan Bosch: > > > Op 29-11-2016 om 19:29 schreef KT Walrus: >> Just noticed the Dovecot support IMAPSIEVE extension? >> >> Could I use this extension to update an external database with the >> date that the user last read the message? > > No, IMAPSieve is only triggered by modifications: APPEND, COPY, MOVE > and STORE. > BTW, if you're instead interested in the date that the user *first* read the message, you could capture the STORE \Seen event. Regards, Stephan. From prakash.autade at gmail.com Wed Nov 30 12:38:14 2016 From: prakash.autade at gmail.com (Prakash Autade) Date: Wed, 30 Nov 2016 18:08:14 +0530 Subject: Quota Clone not tracking unlimited quota Message-ID: We are configuring 'Count quota' with 'Quota Clone Plugin' Everything is working perfectly when we set limit in quota_rule(quota_rule = *:bytes=500M). In case of unlimited quota(quota_rule = *:bytes=0) - Count quota is updating values * - Quota Clone plugin is not updating values in redis.* We have configured dovecot as mail_plugins = $mail_plugins quota quota_clone mail_log notify mailbox_list_index = yes plugin { quota = count:User quota quota_vsizes = yes quota_rule = *:bytes=0 quota_clone_dict = redis:host=127.0.0.1:port=6379 } -- Sincerely, Prakash P. Autade. From skdovecot at smail.inf.fh-brs.de Wed Nov 30 13:03:11 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Wed, 30 Nov 2016 14:03:11 +0100 (CET) Subject: Sieve script won't compile. Compiler output isn't helpful. In-Reply-To: References: <53eded60-dae5-072c-a1ed-fa5cbade2080@degga.net> <8b82c4c503dfd96ee0f0de7e07f47020@mail.greenhills-it.co.uk> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 30 Nov 2016, Stephan Bosch wrote: > Op 30-11-2016 om 11:04 schreef Steven Mainor: > The main problem is that Sieve quoted strings are allowed to contain > newlines, which means that a string doesn't necessarily end before the end of > the line. perl does display a comment in this case: (Might be a runaway multi-line "" string starting on line 2) I find this info very helpful. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBWD7OD3z1H7kL/d9rAQL8cgf+MfppUhPQrN+gPaNGfK/PZnqp0wv2G2ax B9Ik5IkmjPuiQJkrdYOCEPRsibXKlEcG9Hzm99u0lYJMupMduFH7UoXE8Ve48Scz YuFixqEccfkIsfy2HIIbtcE4IuhDFcvf6g6DaGPNSkJlDHqXqwLlyOHbznz9J1f7 HQBAbZRINJoX4GmfeiHPU3bg2GEBpzPTD6RWGio7lsNmQgH74QIQKJXC/y4EyB9P XqQLjKt0b92n3QYsIKvM62CLZ2LqU3zwbWw/H7g/PY74xddTOXThldJVWHBw1RcL RWDgdV2x8FEKO1nsOh8wyHfVTzltYIIMbk5pA+FZzQC6hCjSod2Ylw== =za9p -----END PGP SIGNATURE----- From post at volker-wysk.de Wed Nov 30 15:23:13 2016 From: post at volker-wysk.de (Volker Wysk) Date: Wed, 30 Nov 2016 16:23:13 +0100 Subject: Antispam plugin: insufficent error messages In-Reply-To: <175f4d85-ebb1-2807-94a7-84736f689450@rename-it.nl> References: <4985521.DvuYhMxLoT@desktop> <175f4d85-ebb1-2807-94a7-84736f689450@rename-it.nl> Message-ID: <3461889.jzsa6BOmbo@desktop> Am Dienstag, 29. November 2016, 13:59:52 CET schrieb Stephan Bosch: > However, AntiSpam is > not part of the normal Dovecot distribution, nor is it a plugin created > by Dovecot developers. From what I know, Dovecot has mirrored/hosted the > AntiSpam Mercurial repository in the past and contributed a few small > fixes, but nothing more. Also, it doesn't look like it is actively > maintained at the moment. So, if I would debug the antispam plugin, adding more log messages, finding the reason it doesn't work now, would my changes be included in the antispam distribution? Do you know any documentation about the Dovecot plugin API? I couldn't find any. > Pigeonhole Sieve recently gained support for the IMAPSieve extension > (http://wiki2.dovecot.org/Pigeonhole/Sieve/Plugins/IMAPSieve). When > combined with the exprograms plugin > (http://wiki2.dovecot.org/Pigeonhole/Sieve/Plugins/Extprograms), you > should be able achieve something quite similar using a Sieve script, > although I have never tried that myself. Thanks for the hint. This looks interesing, but also quite complicated. I've read the two pages you specified. Is there any good documentation? I have Peer Heinlein's Dovecot book. But there isn't much in it about plugins. Bye Volker From post at volker-wysk.de Wed Nov 30 15:52:17 2016 From: post at volker-wysk.de (Volker Wysk) Date: Wed, 30 Nov 2016 16:52:17 +0100 Subject: Antispam plugin: insufficent error messages In-Reply-To: <3461889.jzsa6BOmbo@desktop> References: <4985521.DvuYhMxLoT@desktop> <175f4d85-ebb1-2807-94a7-84736f689450@rename-it.nl> <3461889.jzsa6BOmbo@desktop> Message-ID: <4244912.2ujIlrgrSA@desktop> Am Mittwoch, 30. November 2016, 16:23:13 CET schrieb Volker Wysk: > Do you know any documentation about the Dovecot > plugin API? I couldn't find any. I've found it. No need to tell me. Volker From kevin at my.walr.us Wed Nov 30 17:34:24 2016 From: kevin at my.walr.us (KT Walrus) Date: Wed, 30 Nov 2016 12:34:24 -0500 Subject: use IMAPSIEVE to update database with last_read date In-Reply-To: References: <19a52a30-cce2-4fa3-4411-f66b3a0216ac@rename-it.nl> Message-ID: <69BF3CEA-64B2-44FD-8AF5-A9F44373D68F@my.walr.us> > if you're instead interested in the date that the user *first* read the message, you could capture the STORE \Seen event. Yes. That is what I intend to do. That is, the sieve script will run on change of FLAGs. I really just want to verify that the user is reading certain emails that I send. I don?t need to track every time the user reads the message (which the mail server would never see anyway since the message is fetched on first read and then stored locally in the client). I?m also planning on delivering most messages by IMAP to a ?next day? mailstore and use doveadm sync (during the early morning) of the ?next day? mailstore to the ?current day? mailstore that the clients connect to. Some messages will be delivered directly to the ?current day? mailstore via Postfix/LMTP which should be copied into the ?next day? mailstore during the morning sync. I?m hoping that doveadm sync is really bullet-proof and won?t add to my administration burden. Using IMAPSIEVE to track user?s modification of their mailboxes will really help keeping the website?s mysql database up to date with changes to Dovecot side of the website. Kevin > On Nov 30, 2016, at 7:07 AM, Stephan Bosch wrote: > > > > Op 30-11-2016 om 11:37 schreef Stephan Bosch: >> >> >> Op 29-11-2016 om 19:29 schreef KT Walrus: >>> Just noticed the Dovecot support IMAPSIEVE extension? >>> >>> Could I use this extension to update an external database with the date that the user last read the message? >> >> No, IMAPSieve is only triggered by modifications: APPEND, COPY, MOVE and STORE. >> > > BTW, > if you're instead interested in the date that the user *first* read the message, you could capture the STORE \Seen event. > > Regards, > > Stephan.