Re: [Dovecot] Fatal: write() failed to info log: Interrupted system call
On Tuesday 17 March 2009 09:34:29 pm Timo Sirainen wrote: On Mar 17, 2009, at 11:06 AM, Janos Dohanics wrote: Last night Dovecot stopped, and the last message in the log was: Fatal: write() failed to info log: Interrupted system call Would you please advise? A signal got sent to dovecot process while it was writing to a log file. But why exactly that happened, I don't know. Perhaps something outside Dovecot was sending it a signal. It would be simple to just make it ignore the EINTR error and retry, but I'm not really sure if it's a good idea to do it.. Thank you - Dovecot did mysteriously stop may be 2 other times over the past 2 years or so. Never anything I noticed in /var/log/messages... Would it help if I set mail_executable = /usr/local/libexec/dovecot/gdbhelper /usr/local/libexec/dovecot/imap, should this happen again? I suppose I could expect a lot of spece needed for /tmp/gdbhelper.* files if this doesn't happen for another 6 months... -- Janos Dohanics
[Dovecot] Multiple DBs
Welcome, I'm new one here . I've switch to dovecot in order to get mysql auth to recive emails. And I am not sure about one thing : may I configure dovecot to user more then one DB to authorize users ? I have suse 11.1/postfix/mysql system where the users exist in 2 separate DBs. Delivering works well, I'm just not sure if everyone could revive the emails ? Any tips ? reagards, Sebastian
Re: [Dovecot] Multiple DBs
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 18 Mar 2009, Sebastian Chociwski wrote: You can use any number of passdb and userdb databases. They are tried in order of configuration. First the user is authentificated using the passdb configurations, then the user data is retrieved from userdb conf. It is possible to have the same user auth against database #1, but the user data is read from database #2. This is to be kept in mind, because a static userdb matches all users and, hence, must be located last. If you want to use different LDAP/SQL configurations, duplicate the appropriate conf section, duplicate the ldap/sql-conf file and specify a different conf-file per passdb section. Regards, - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBScDv4HWSIuGy1ktrAQLgBgf+JbRvoFU8BnRQv5XOGE/5gP51QN4uKm3C WjL7X/Hqy6Ew8MA2kv/iFWRS9JNdQYSgj8EbQVUbC2j16+ydGYKhxXOZZ6ciyFEy TPbQkxF1huvsmbKD8cHWYGmlyOqX1WBExGCbCUShmg5cUTx0g3xUOqE0khvBEhUq ZyGKSSaISuzOXAOHb7WYByXeed/QFkDFO2lMIHn6AsDiZZH9N9kD5pD8EyKXLJ9Q Dc+XBMGcv6cp/kQKQJw3DAP0xqfCtCvSIUG2E0qPL6xUT1v7tlRlfzziH/gDv76P 1aHBOMcMZSwP39hbUVMDscKwjI7QUvsOxporX/FUageC/Ypla5MCSw== =DOe2 -END PGP SIGNATURE-
[Dovecot] IMAP ACLs not working
Hi, I've some problems to get folder ACLs working with Dovecot. I've defined some folders (like drafts, spam etc.) for every user and created a dovecot-acl file in every folder so that users can not delete or rename these folders but this does not work as expected. Config = Debian Lenny 5.0 Dovecot 1.0.15 dovecot.conf = protocols = imap protocol imap { listen = xxx.xxx.xxx.xxx } disable_plaintext_auth = yes log_timestamp = %Y-%m-%d %H:%M:%S ssl_disable = yes mail_location = maildir:/home/vmail/%Ld/%Ln namespace private { separator = . prefix = inbox = yes } mail_privileged_group = vmail protocol imap { mail_plugins = acl } protocol lda { postmaster_address = postmas...@example.com hostname = hostn...@example.com mail_plugins = cmusieve } auth_username_translation = %Lu auth default { mechanisms = cram-md5 passdb pam { } passdb sql { args = /etc/dovecot/dovecot-sql.conf } userdb passwd { } userdb static { args = uid=5000 gid=5000 home=/home/vmail/%d/%n allow_all_users=yes } user = root socket listen { master { path = /var/run/dovecot/auth-master mode = 0600 user = vmail } client { path = /var/spool/postfix/private/auth mode = 0660 user = postfix group = postfix } } } Folder structure === (For dovecot-acl) /home/vmail/example.com/user/.Spam/dovecot-acl dovecot-acl contains === owner lrwstiek For me the config looks OK and I can't find an error... When I change the dovecot-acl to owner l for example it seems that this change has no effect. Are there an error in my setup? Seba
Re: [Dovecot] IMAP ACLs not working
On 3/18/2009, Seba (free...@googlemail.com) wrote: I've some problems to get folder ACLs working with Dovecot. I've defined some folders (like drafts, spam etc.) for every user and created a dovecot-acl file in every folder so that users can not delete or rename these folders but this does not work as expected. Config = Debian Lenny 5.0 Dovecot 1.0.15 UPgrade if you want to use ACLs. 1.0.x never had them working well... -- Best regards, Charles
[Dovecot] NFS-error with dovecot 1.1.12
Hello, I'm testing version 1.1.12 and occasionally there is Mar 18 14:40:44 imap2 dovecot: [ID 107833 mail.error] IMAP(xyz): nfs_flush_file_handle_cache_dir: rmdir(/home/xyz) failed: Device busy It seems that it is related to a crash of the previous imap process of that user. And it doesn't seem to cause any problems. So can it safely be ignored ? It is on Solaris 10. Index storage is local (UFS) and mailbox storage is NFS (mail_nfs_storage=yes). Martin --- Martin Preen, Universität Freiburg, Institut für Informatik Georges-Koehler-Allee 52, Raum 00-006, 79110 Freiburg, Germany phone: ++49 761 203-8250 pr...@informatik.uni-freiburg.de fax: ++49 761 203-8242www.informatik.uni-freiburg.de
[Dovecot] panic in dovecot 1.1.12
Hello, with some mbox folders I got this error: Mar 18 14:48:12 imap2 dovecot: [ID 107833 mail.crit] Panic: IMAP(xyz): file charset-iconv.c: line 122: unreached I assume that this is related to the folder contents (and not the configration). What does that mean to me ? Martin --- Martin Preen, Universität Freiburg, Institut für Informatik Georges-Koehler-Allee 52, Raum 00-006, 79110 Freiburg, Germany phone: ++49 761 203-8250 pr...@informatik.uni-freiburg.de fax: ++49 761 203-8242www.informatik.uni-freiburg.de
Re: [Dovecot] Dovecot 1.2 beta1 in Solaris 10 for sparc, error reading maildir format?
I guess i have done well the debug, here it goes: -bash-3.00# gdb /usr/local/libexec/dovecot/imap ./core GNU gdb 6.8 Copyright (C) 2008 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type show copying and show warranty for details. This GDB was configured as sparc-sun-solaris2.10... Reading symbols from /usr/local/lib/libiconv.so.2...done. Loaded symbols for /usr/local/lib/libiconv.so.2 Reading symbols from /lib/librt.so.1...done. Loaded symbols for /lib/librt.so.1 Reading symbols from /lib/libnsl.so.1...done. Loaded symbols for /lib/libnsl.so.1 Reading symbols from /lib/libsocket.so.1...done. Loaded symbols for /lib/libsocket.so.1 Reading symbols from /lib/libsendfile.so.1...done. Loaded symbols for /lib/libsendfile.so.1 Reading symbols from /lib/libc.so.1...done. Loaded symbols for /lib/libc.so.1 Reading symbols from /usr/sfw/lib/libgcc_s.so.1...done. Loaded symbols for /usr/sfw/lib/libgcc_s.so.1 Reading symbols from /lib/libaio.so.1...done. Loaded symbols for /lib/libaio.so.1 Reading symbols from /lib/libmd.so.1...done. Loaded symbols for /lib/libmd.so.1 Reading symbols from /platform/SUNW,Sun-Fire-280R/lib/libc_psr.so.1...done. Loaded symbols for /platform/SUNW,Sun-Fire-280R/lib/libc_psr.so.1 Reading symbols from /usr/local/lib/dovecot/imap/lib10_quota_plugin.so...done. Loaded symbols for /usr/local/lib/dovecot/imap/lib10_quota_plugin.so Reading symbols from /lib/librpcsvc.so.1...done. Loaded symbols for /lib/librpcsvc.so.1 Reading symbols from /platform/SUNW,Sun-Fire-280R/lib/libmd_psr.so.1...done. Loaded symbols for /platform/SUNW,Sun-Fire-280R/lib/libmd_psr.so.1 Reading symbols from /lib/libscf.so.1...done. Loaded symbols for /lib/libscf.so.1 Reading symbols from /lib/libdoor.so.1...done. Loaded symbols for /lib/libdoor.so.1 Reading symbols from /lib/libuutil.so.1...done. Loaded symbols for /lib/libuutil.so.1 Reading symbols from /lib/libgen.so.1...done. Loaded symbols for /lib/libgen.so.1 Reading symbols from /lib/libmp.so.2...done. Loaded symbols for /lib/libmp.so.2 Reading symbols from /usr/local/lib/dovecot/imap/lib11_imap_quota_plugin.so...done. Loaded symbols for /usr/local/lib/dovecot/imap/lib11_imap_quota_plugin.so Reading symbols from /lib/ld.so.1...done. Loaded symbols for /lib/ld.so.1 Core was generated by `imap [ayacopino 127.0.0.1]'. Program terminated with signal 10, Bus error. [New process 88850] #0 0x000a0384 in mail_index_map () (gdb) bt full #0 0x000a0384 in mail_index_map () No symbol table info available. #1 0x0009c07c in mail_index_try_open () No symbol table info available. #2 0x0009c45c in mail_index_open () No symbol table info available. #3 0x000819d0 in index_storage_mailbox_open () No symbol table info available. #4 0x00081e9c in index_storage_mailbox_init () No symbol table info available. #5 0x00042330 in maildir_open () No symbol table info available. #6 0x00042654 in maildir_mailbox_open () No symbol table info available. #7 0xfefbb06c in quota_mailbox_open () from /usr/local/lib/dovecot/imap/lib10_quota_plugin.so No symbol table info available. #8 0x0008f710 in mailbox_open () No symbol table info available. #9 0x0002a74c in cmd_select_full () No symbol table info available. #10 0x0002ac70 in cmd_select () No symbol table info available. ---Type return to continue, or q return to quit--- #11 0x0002d744 in client_command_input () No symbol table info available. #12 0x0002d9b4 in client_command_input () No symbol table info available. #13 0x0002eae8 in client_handle_input () No symbol table info available. #14 0x0002ecc4 in client_input () No symbol table info available. #15 0x000efad0 in io_loop_handler_run () No symbol table info available. #16 0x000eee20 in io_loop_run () No symbol table info available. #17 0x0003a290 in main () No symbol table info available Thanks, greetings, Andrés Fernando Yacopino Infraestructura - Dpto Sistemas AcaSalud Cooperativa de Prestaciones Médico Asistenciales Limitada Tel: 0341-4208726 ayacop...@acasalud.com.ar Timo Sirainen escribió: On Mar 17, 2009, at 9:08 AM, Andrés Yacopino wrote: acamail dovecot: [ID 583609 mail.error] child 3322 (imap) killed with signal 10 Can you get gdb (or dbx) backtrace? http://dovecot.org/bugreport.html
[Dovecot] dovecot1.2beta2( hg tags yields 8834:5284f45c249a) fetch error
Steps to reproduce 1 login testuser testpw 2 select inbox 3 fetch 1 body.peek[HEADER.FIELDS (date)] I get the error 3 BAD Error in IMAP command FETCH: Unknown FETCH modifier This is AIX 5.3 with mbox files. -Jonathan smime.p7s Description: S/MIME cryptographic signature
Re: [Dovecot] NFS-error with dovecot 1.1.12
On Wed, 2009-03-18 at 16:42 +0100, Martin Preen wrote: Hello, I'm testing version 1.1.12 and occasionally there is Mar 18 14:40:44 imap2 dovecot: [ID 107833 mail.error] IMAP(xyz): nfs_flush_file_handle_cache_dir: rmdir(/home/xyz) failed: Device busy It seems that it is related to a crash of the previous imap process of that user. And it doesn't seem to cause any problems. So can it safely be ignored ? Yes, you can ignore it, although it means that Dovecot couldn't flush file handle cache. So if there are multiple servers accessing the same mbox at the same time you might have locking timeouts due to the OS caching the existence of the dotlock. I guess /home/xyz is actually the mountpoint? That's the reason it gives the EBUSY. Mails are typically stored in a directory that's not a mountpoint and this error doesn't happen then. signature.asc Description: This is a digitally signed message part
[Dovecot] mbox on NFS + automount, folder creation - mkdir_parents() failed
Hi, i am about to migrate some internal imapd mboxes to dovecot. Regular access is fine, just when i want to create a folder i get the following error message in the logs: Mar 18 17:36:57 pulsar dovecot: [ID 107833 mail.error] IMAP(skayser): mkdir_parents(/home/skayser) failed: Operation not applicable /home/skayser is mounted via autofs. When i set mail_location to a subdirectory within /home/skayser, folder creation works. From looking at the truss output dovecot tries to mkdir() the parent and doesn't seem to like the ENOSYS that is returned when the directoy is an autofs mountpoint. Any chance for a fix, Timo? :) 1549: poll(0x00117818, 3, 180)(sleeping...) 1549: poll(0x00117818, 3, 180)= 1 1549: read(0, a 0 0 0 8 S T A T U S.., 3832) = 38 1549: stat64(/home/skayser/foobar3, 0xFFBFF598) Err#2 ENOENT 1549: write(1, a 0 0 0 8 N O M a i.., 41) = 41 1549: poll(0x00117818, 3, 180)= 1 1549: read(0, a 0 0 0 9 U I D C O.., 3794) = 31 1549: stat64(/home/skayser/foobar3, 0xFFBFF600) Err#2 ENOENT 1549: write(1, a 0 0 0 9 N O [ T R.., 53) = 53 1549: poll(0x00117818, 3, 180)(sleeping...) 1549: poll(0x00117818, 3, 180)= 1 1549: read(0, a 0 0 1 0 C R E A T E.., 3763) = 24 1549: stat64(/home/skayser/foobar3, 0xFFBFF620) Err#2 ENOENT 1549: stat64(/home/skayser/foobar3, 0xFFBFF688) Err#2 ENOENT 1549: mkdir(/home/skayser, 0770)Err#89 ENOSYS 1549: write(2, 01 E m k d i r _ p a r e.., 64) = 64 1549: write(1, a 0 0 1 0 N O I n t.., 99) = 99 1549: poll(0x00117818, 3, 179)(sleeping...) # mount | grep skayser /home/skayser on nfs:/export/home/skayser remote/read/write/setuid/xattr/dev=49a # dovecot -n # 1.1.11: /opt/csw/etc/dovecot.conf # OS: SunOS 5.9 sun4u disable_plaintext_auth: no login_dir: /var/opt/csw/run/dovecot/login login_executable: /opt/csw/libexec/dovecot/imap-login mail_location: mbox:~/:INBOX=/mail/%u mmap_disable: yes mail_nfs_storage: yes mail_nfs_index: yes mail_drop_priv_before_exec: yes mail_executable: /usr/local/bin/dovecot-imap-wrapper.sh auth default: passdb: driver: pam userdb: driver: passwd Sebastian
[Dovecot] Staged migration from mbox to maildir
So much changes in this migration that the ideal way to do it would be to begin with a few users or a department, then migrate the users affinity group by affinity group: first an institute or so, then the faculty, then the staff, then the students, moving to bigger and bigger groupings as the bugs work out of the migration and the move becomes more assured. We use sendmail and procmail. There's no problem there, as the ~./procmailrc can be changed to over-ride the mbox default until all groups are done and it become the default. The problem comes with IMAP. While dovecot can tell if a folder is mbox or maildir, it has to be pointed to the right place (by namespace definitions in the client, IIRC), and the default of putting the inbox under ~/mail is one I'd like to embrace for various reason...but given that that means moved inbox folders and *that* means either making a global change (there goes staged migration) OR changing the namespace definitions on each PC. I can get to the early few and change the namespaces definition, but there doesn't appear to any equivalent (enlighten me, if I'm missing something) to ~/.procmailrc for imap, so that I don't have to get on the client machine. Is this correct or am I (hopefully) wrong and there *is* a way to change things on the server that allows for staged migration? Oh, I would so like to be wrong! IMAP should have an rc file. -- Eppur si muove. (But Still it moves) Galileo, leaving the Inquisition, after buckling under the threat of torture and excommunication and recanting from his proof that the heavens do not revolve around the earth -- Stewart Dean, Unix System Admin, Henderson Computer Center, Bard College, Annandale, New York 12504 sd...@bard.edu voice: 845-758-7475, fax: 845-758-7035
Re: [Dovecot] mbox on NFS + automount, folder creation - mkdir_parents() failed
On Wed, 2009-03-18 at 19:07 +0100, Sebastian Kayser wrote: Mar 18 17:36:57 pulsar dovecot: [ID 107833 mail.error] IMAP(skayser): mkdir_parents(/home/skayser) failed: Operation not applicable Looks like I broke this in v1.1.2. Fixed: http://hg.dovecot.org/dovecot-1.1/rev/c81c2506f824 signature.asc Description: This is a digitally signed message part
Re: [Dovecot] Dovecot 1.2 beta1 in Solaris 10 for sparc, error reading maildir format?
On Wed, 2009-03-18 at 13:38 -0300, Andrés Yacopino wrote: I guess i have done well the debug, here it goes: Almost. #0 0x000a0384 in mail_index_map () (gdb) bt full #0 0x000a0384 in mail_index_map () This gives some kind of an idea, but still there's a lot of code that makes it difficult to guess where the problem is without debugging symbols. Especially because I'm using Dovecot with Solaris 10 Sparc without problems. Could you compile Dovecot without -O2 (or whatever optimization flags if you're using Sun CC) and without stripping debugging symbols from the binaries? For example with gcc I'd do: CFLAGS=-g ./configure signature.asc Description: This is a digitally signed message part
Re: [Dovecot] dovecot1.2beta2( hg tags yields 8834:5284f45c249a) fetch error
On Mar 18, 2009, at 2:00 PM, Timo Sirainen wrote: On Wed, 2009-03-18 at 13:06 -0400, Jonathan Siegle wrote: Steps to reproduce 1 login testuser testpw 2 select inbox 3 fetch 1 body.peek[HEADER.FIELDS (date)] I get the error 3 BAD Error in IMAP command FETCH: Unknown FETCH modifier So it seems. Strange that no one had noticed it before. I thought Evolution did that, at least it used to.. Anyway, fixed: http://hg.dovecot.org/dovecot-1.2/rev/dc6880dcbbba I've noticed it for a little. But I didn't want to send noise. pine/ alpine use this when you go get a message that is postponed. I've just taken the time to learn howto fire up pine in debug and get that fetch statement out of the .pine-debug files.. Thanks this works now. 2 fetch 1 body.peek[HEADER.FIELDS (date)] * 1 FETCH (BODY[HEADER.FIELDS (DATE)] {41} Date: Wed, 18 Feb 2009 15:28:46 + smime.p7s Description: S/MIME cryptographic signature
Re: [Dovecot] IMAP ACLs not working
Timo Sirainen wrote: On Wed, 2009-03-18 at 16:20 +0100, Seba wrote: dovecot.conf = dovecot -n is preferred to copypasting the actual config file. Anyway it looks like you're missing: plugin { acl = vfile: } thanks Timo. I've added the above section and now it's OK. Seba
Re: [Dovecot] fchown() error with Public Folders
On Sun, Mar 15, 2009 at 11:34 PM, Timo Sirainen t...@iki.fi wrote: On Mar 16, 2009, at 2:06 AM, Stephen Carville wrote: Do you have dovecot-shared file in the .Incoming/ directory? Dovecot tries to use that file's group. If you don't want it to do that, you can chmod g+s dovecot-shared and it's not preserved. I have dovecot-shared in the directory. The part that kept throwing me was that the user was a member if the group (cs). I finally discovered that adding a user to the group must be accompanied by adding userdb_system_user=username to the imap.passwd file. Yes, if all your users are also system users. Another possibility would have been to set userdb_mail_access_groups=groupname. Or just change the primary gid to that group. I considered that but I cannot be sure that there will just be one group. I am trying to recreate a public folder structure that is being used fro work flow management and is implemented using Exchange. Right now every user in the company has read/write access to every public folder and I was told to change that on the IMAP server so there may be two or three different groups. To be honest I am not very optimistic about the prognosis since I have to use Outlook as the IMAP client. No matter, that -- Even if the project here flops I know enough now that I can migrate other clients from courier to dovecot when the time comes. That alone made the time worth it. -- Stephen Carville
Re: [Dovecot] fchown() error with Public Folders
On Wed, 2009-03-18 at 12:15 -0700, Stephen Carville wrote: Yes, if all your users are also system users. Another possibility would have been to set userdb_mail_access_groups=groupname. Or just change the primary gid to that group. I considered that but I cannot be sure that there will just be one group. You can have multiple: userdb_mail_access_groups=group1,group2,group3 signature.asc Description: This is a digitally signed message part
[Dovecot] v1.1.13 and v1.2.beta3 released
http://dovecot.org/releases/1.1/dovecot-1.1.13.tar.gz http://dovecot.org/releases/1.1/dovecot-1.1.13.tar.gz.sig http://dovecot.org/releases/1.2/beta/dovecot-1.2.beta3.tar.gz http://dovecot.org/releases/1.2/beta/dovecot-1.2.beta3.tar.gz.sig Looks like Friday the 13th isn't the best day to make releases. :) These releases fix two bad bugs in v1.1.12. - v1.1.12's MAILBOXDIR changes broke accessing mails in some setups - v1.1.12's login_executable -D checking changes caused dovecot to crash at startup if protocols setting contained only pop3. - mbox: pop3_lock_session=yes was broken with mail_privileged_group. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] v1.1.13 and v1.2.beta3 released
Timo Sirainen wrote: http://dovecot.org/releases/1.1/dovecot-1.1.13.tar.gz http://dovecot.org/releases/1.1/dovecot-1.1.13.tar.gz.sig http://dovecot.org/releases/1.2/beta/dovecot-1.2.beta3.tar.gz http://dovecot.org/releases/1.2/beta/dovecot-1.2.beta3.tar.gz.sig Looks like Friday the 13th isn't the best day to make releases. :) These releases fix two bad bugs in v1.1.12. - v1.1.12's MAILBOXDIR changes broke accessing mails in some setups - v1.1.12's login_executable -D checking changes caused dovecot to crash at startup if protocols setting contained only pop3. - mbox: pop3_lock_session=yes was broken with mail_privileged_group. Oh, that's just typical! The _day_ I upgrade from 1.0 to 1.1 (which took almost 0 effort, and went unnoticed :) you release a new version! :) This email is more to thank you for making upgrades so smooth and simple, than anything else :) -- Curtis Maloney cmalo...@cardgate.net
[Dovecot] Enabling even more debug info for SSL/TLS handling during handshaking?
Hi, I'm working with a an IMAP client for a S60 (Nokia) phone and we are having a small problem (not in Dovecot!) but somewhere deep in our own system which has to do with certificates that are self signed. Somehow in some circumstance if you accept a self-signed certificate as an exception then the client will send a strange command to the imap-login which it doesn't recognize. We are quite sure this is a problem in our own system and not with Dovecot Since we have no access to the certificate (SSL/TLS) handling code we are a bit at loss here and have to proof to the other guys in Finland that it's there fault :-) The type of errors that show up in Dovecot in these circumstances are (with the real username and IP address removed) imap-login: Disconnected (no auth attempts): rip=some.ip.address user_name=192.168.0.2, TLS handshaking: SSL_accept() failed: error:140943F2:SSL routines:SSL3_READ_BYTES:sslv3 alert unexpectedmessage Is there some more debugging we could enable to see exactly the type of wrong command the SSL/certificate handling are send in the handshake procedure ? (We have all the debug and/or the auth_* flags in dovecot.conf enabled already) Any idea? Johan
Re: [Dovecot] Staged migration from mbox to maildir
Words by Stewart Dean [Wed, Mar 18, 2009 at 02:10:53PM -0400]: So much changes in this migration that the ideal way to do it would be to begin with a few users or a department, then migrate the users affinity group by affinity group: first an institute or so, then the faculty, then the staff, then the students, moving to bigger and bigger groupings as the bugs work out of the migration and the move becomes more assured. Tell me about it, we have to plan the migration of 6 million accounts (many tens of TB) from Maildir to dbox in the near time :) -- Jose Celestino | http://japc.uncovering.org/files/japc-pgpkey.asc One man’s theology is another man’s belly laugh. -- Robert A. Heinlein
Re: [Dovecot] Enabling even more debug info for SSL/TLS handling during handshaking?
Words by Johan Persson [Thu, Mar 19, 2009 at 12:37:25AM +0100]: Hi, I'm working with a an IMAP client for a S60 (Nokia) phone and we are having a small problem (not in Dovecot!) but somewhere deep in our own system which has to do with certificates that are self signed. Hmm, this must be thread highjacking month or something. -- Jose Celestino | http://japc.uncovering.org/files/japc-pgpkey.asc One man’s theology is another man’s belly laugh. -- Robert A. Heinlein
Re: [Dovecot] Enabling even more debug info for SSL/TLS handling during handshaking?
On Thu, 2009-03-19 at 00:37 +0100, Johan Persson wrote: I'm working with a an IMAP client for a S60 (Nokia) phone and we are having a small problem (not in Dovecot!) but somewhere deep in our own system which has to do with certificates that are self signed. Somehow in some circumstance if you accept a self-signed certificate as an exception then the client will send a strange command to the imap-login which it doesn't recognize. We are quite sure this is a problem in our own system and not with Dovecot So it's not easily reproducible? Since we have no access to the certificate (SSL/TLS) handling code we are a bit at loss here and have to proof to the other guys in Finland that it's there fault :-) You mean a bug in S60 libraries? imap-login: Disconnected (no auth attempts): rip=some.ip.address user_name=192.168.0.2, TLS handshaking: SSL_accept() failed: error:140943F2:SSL routines:SSL3_READ_BYTES:sslv3 alert unexpectedmessage .. Is there some more debugging we could enable to see exactly the type of wrong command the SSL/certificate handling are send in the handshake procedure ? (We have all the debug and/or the auth_* flags in dovecot.conf enabled already) verbose_ssl=yes makes Dovecot log all errors/warnings that OpenSSL can tell (AFAIK). Perhaps you could use this: http://crypto.stanford.edu/~eujin/sslsniffer/index.html signature.asc Description: This is a digitally signed message part
Re: [Dovecot] Staged migration from mbox to maildir
* Stewart Dean sd...@bard.edu wrote: So much changes in this migration that the ideal way to do it would be to begin with a few users or a department, then migrate the users affinity group by affinity group: first an institute or so, then the faculty, then the staff, then the students, moving to bigger and bigger groupings as the bugs work out of the migration and the move becomes more assured. We use sendmail and procmail. There's no problem there, as the ~./procmailrc can be changed to over-ride the mbox default until all groups are done and it become the default. The problem comes with IMAP. While dovecot can tell if a folder is mbox or maildir, it has to be pointed to the right place (by namespace definitions in the client, IIRC), and the default of putting the inbox under ~/mail is one I'd like to embrace for various reason...but given that that means moved inbox folders and *that* means either making a global change (there goes staged migration) OR changing the namespace definitions on each PC. I can get to the early few and change the namespaces definition, but there doesn't appear to any equivalent (enlighten me, if I'm missing something) to ~/.procmailrc for imap, so that I don't have to get on the client machine. I don't know whether i fully understand what you are trying to achieve, but dovecot can work with a per user mail_location (passed via userdb) [1] that might help in your situation. Furthermore you can get _very_ flexible in determining the mail location (or even doing a lot of other things) by using a wrapper script to mail_executable [2]. Sebastian [1] http://wiki.dovecot.org/MailLocation [2] http://wiki.dovecot.org/PostLoginScripting