Re: [Dovecot] OT list modification Re: nfs director
I am with Dave on this one. Dave McGuire mcgu...@neurotica.com wrote: On 8/27/10 11:15 PM, Noel Butler wrote: I dont think we are living in the 19th century now, I think its time for the html to txt conversion to be scrapped, its screwed up the paragraph formatting ( and few other things in recent times I've seen) more than once, making it look like an a5 size book page. how about it? Oh right, the 20th century is the century of protocol abuse for people who think everything on the network should be a web page, and everything on the net should be accessed with a web browser. If this change is made, I for one will ditch this list and just rely on searching the archives. I get enough HTML garbage from clueless morons all day long, I don't need more of it from a supposedly clueful group. -Dave -- Dave McGuire Port Charlotte, FL -- Richard Sent from my Dell Streak with K-9 Mail. Please excuse my brevity.
Re: [Dovecot] nfs director
Hi, If you don't mind random Dovecot errors about index corruption I guess you're fine with how it works now. I guess your mails are delivered to maildirs by qmail? If you ever switch to Dovecot LDA you'll probably start getting more errors. And if you ever plan to switch to dbox format then at latest you'll need director. Ah! This probably explains why we're not being hit as hard as some others. We dont use dovecot lda. So we only see problems when users have 2 or more clients open and happen to hit the exact same polling times. We do have plans to move to dovecot lda so good to know our problems would have increased a lot. Should start testing with the director this weekend. Got 4 servers to play with. Cor
Re: [Dovecot] nfs director
We might be a slightly larger install than you (60k users, mail on FAS 3170 Metrocluster), but we have noticed corruption issues and the director is definitely going to see use in our shop. We still use Sendmail+procmail for delivery, so no issue there... but we've got hordes of IMAP users that will leave a client running at home, at their desk, on their phone, and then will use Webmail on their laptop. Without the director, all of these sessions end up on different backend mailservers, and it's basically a crapshoot which Dovecot instance notices a new message first. NFS locking being what it is, odds are an index will get corrupted sooner or later, and when this happens the user's mail 'disappears' until Dovecot can reindex it. The users inevitably freak out and call the helpdesk, who tells them to close and reopen their mail client. Maybe you're small enough to not run into problems, or maybe your users just have lower expectations or a higher pain threshold than ours. Either way, it's unpleasant for everyone involved, and quite easy to solve with the director proxy. We are in the exact same position as Brad. We also use sendmail's LDA, we also use a metrocluster, and we also have hordes of imap and webmail users. We see the exact same thing Brad sees. And I see it myself about once a week as well. The index gets corrupted due to access by 2 different clients, and to the user it then looks like their mail disappears. The user totally freaks out, because they'll invariably have really really important mail that has to be recovered right now. Usually a law firm as well. They call the helpdesk, keeping a support person busy with something thats really just a known bug. It probably isnt much of an issue if you use POP. But in large scale IMAP setups, where people are getting used to having access to all their email server-side (and thus mailboxes growing, needing larger indexes, increasing the chances of problems) from a myriad of clients this WILL happen if you're using NFS. Ive even considered moving away from NFS again for indexes due to this problem. But it really is noticable if you have a lot of email that your index isnt up to date as you move across our dozens and dozens of imap servers. Cor
Re: [Dovecot] vpopmail auth always return unknown user
Le 28/08/2010 03:20, fakessh a écrit : you send my dovecot -n for inspiration You don't use vpopmail backend. consult the archive of the ml it's full documented Thanks but as you can imagine it's the firts thing i have done. -- Toorop - Filtrage antivirus et antispam : http://www.protecmail.com «Ils ne savaient pas que c'était impossible, alors ils l'ont fait.» Mark Twain
Re: [Dovecot] nfs director
On Sat, 28 Aug 2010, Cor Bosman wrote: We might be a slightly larger install than you (60k users, mail on FAS 3170 Metrocluster), but we have noticed corruption issues and the director is definitely going to see use in our shop. We still use Sendmail+procmail for delivery, so no issue there... but we've got hordes of IMAP users that will leave a client running at home, at their desk, on their phone, and then will use Webmail on their laptop. Without the director, all of these sessions end up on different backend mailservers, and it's basically a crapshoot which Dovecot instance notices a new message first. NFS locking being what it is, odds are an index will get corrupted sooner or later, and when this happens the user's mail 'disappears' until Dovecot can reindex it. The users inevitably freak out and call the helpdesk, who tells them to close and reopen their mail client. Maybe you're small enough to not run into problems, or maybe your users just have lower expectations or a higher pain threshold than ours. Either way, it's unpleasant for everyone involved, and quite easy to solve with the director proxy. We are in the exact same position as Brad. We also use sendmail's LDA, we also use a metrocluster, and we also have hordes of imap and webmail users. We see the exact same thing Brad sees. And I see it myself about once a week as well. The index gets corrupted due to access by 2 different clients, and to the user it then looks like their mail disappears. The user totally freaks out, because they'll invariably have really really important mail that has to be recovered right now. Usually a law firm as well. They call the helpdesk, keeping a support person busy with something thats really just a known bug. It probably isnt much of an issue if you use POP. But in large scale IMAP setups, where people are getting used to having access to all their email server-side (and thus mailboxes growing, needing larger indexes, increasing the chances of problems) from a myriad of clients this WILL happen if you're using NFS. Ive even considered moving away from NFS again for indexes due to this problem. But it really is noticable if you have a lot of email that your index isnt up to date as you move across our dozens and dozens of imap servers. Any idea how Rackspace has implemented the director? They have to be using some kind of shared storage, it wouldn't make sense to make storage local to each host in such a large environment. Charles Cor
Re: [Dovecot] nfs director
Noel, I think you just dont quite understand the problem the director is solving. The issue is that NFS is not lock-safe over multiple servers. We have 35 imap servers accessing a central NFS cluster. (we have over a million mailboxes) We offer IMAP to end user clients, and through webmail. This means that users are more and more likely to have multiple mail clients open. 1) they have a mail client open at home, lets say Thunderbird or OSX Mail. When they go to work they leave it on, so the software keeps looking for mail. 2) At work, they open webmail, so they can access their private email through their companies firewall. They leave this webmail session open in a browser tab. 3) They also have an iphone, and it's continuously checking their mail as well. This is not farfetched. This is normal behavior when you start offering IMAP access. We of course have a hardware loadbalancer (foundry) that directs incoming connections. But this loadbalancer does not know the 3 connections above are from the same user. So each gets directed to a different imap server. All these 3 sessions want to update the index files. (im current not including dovecot LDA, which also wants to update the index files). Because of issues inherent in NFS, the 3 imap servers that handle these connections may all think they have an exclusive lock. They may end up writing to the index files at the same time because of this. So the end result is a corrupt index file, which causes problems in the clients. The chances of this happening get higher as you have more users and more servers. Now there is a workaround. NFS locking can be made to work better if all processes trying to access the NFS indexes are on the same machine. So if all 3 clients in the above example happen to end up on the same imap server, there wouldnt be a problem. That imap server can safely say 'sorry, you cant write to the index file right now, another process is already writing to it'. What the dovecot director is doing is ensuring that sessions from the same user all get directed to the same imap server, so NFS locking works safely. I wish my foundry could do this, so I wouldnt need the director, but alas, it cant. If you operate a situation like im describing above, you WILL need the director, or accept that your users may run into problems reading their mail. If you dont see this problem, you either are not running the same situation im describing, or you do have this problem but just dont know :) I am very happy that Timo implemented this, so those of us that run this setup and are experiencing this issue, have a way to work around it. Regards, Cor
[Dovecot] Problems Converting Maildir to mdbox
Hello, I would like to convert all users mail from maildir to mdbox. My Dovecot version is 2.0.1, converted from 1.2.13 but config was rewritten from scratch. http://wiki2.dovecot.org/Migration/MailFormat says following: maildir - mdbox migration. Set mail_location=mdbox:~/mdbox and run doveadm convert -u username maildir:~/Maildir but doveadm does not know a command like convert. Is there a _working_ way to convert maildir to mdbox ? How to do that with all Dovecot mail users (about 1) ? Christian
Re: [Dovecot] nfs director
On 28.8.2010, at 8.18, Cor Bosman wrote: What the dovecot director is doing is ensuring that sessions from the same user all get directed to the same imap server, so NFS locking works safely. It's actually not about locking, but about caching.
[Dovecot] Error: service(auth): child 2212 killed with signal 11
Hi, Auth always crash (segfault) using vpopmail backend. Any idea ? vpopmail 5.5.0 os: ubuntu 10.04 on rackspace cloud # dovecot -n dovecot -n # 2.0.1: /usr/local/etc/dovecot/dovecot.conf # OS: Linux 2.6.35.1-rscloud x86_64 Ubuntu 10.04.1 LTS auth_debug = yes auth_mechanisms = plain login cram-md5 auth_verbose = yes auth_verbose_passwords = plain disable_plaintext_auth = no first_valid_uid = 89 log_path = /var/log/dovecot/dovecot.log mail_debug = yes passdb { driver = vpopmail } protocols = imap pop3 service auth { unix_listener auth-userdb { group = vchkpw mode = 0600 user = vpopmail } user = root } ssl_cert = /etc/ssl/certs/dovecot.pem ssl_key = /etc/ssl/private/dovecot.pem userdb { driver = vpopmail } Log: Aug 28 10:59:48 auth: Debug: Loading modules from directory: /usr/local/lib/dovecot/auth Aug 28 10:59:48 auth: Debug: auth client connected (pid=2211) Aug 28 10:59:49 auth: Debug: client in: AUTH 1 CRAM-MD5 service=imap secured lip=184.106.217.69 rip=178.32.33.247 lport=143 rport=49099 Aug 28 10:59:49 auth: Debug: client out: CONT 1 PDM3MjI0MzQ4NjQzNTI3NjUuMTI4Mjk5MzE4OUByYWNrc3BhY2UuZGVkaW1haWwuZXU+ Aug 28 10:59:49 auth: Debug: client in: CONThidden Aug 28 10:59:49 auth: Debug: vpopmail(too...@respublica.fr,178.32.33.247): lookup user=toorop domain=respublica.fr Aug 28 10:59:49 auth: Debug: client out: OK 1 user=too...@respublica.fr Aug 28 10:59:49 auth: Debug: master in: REQUEST 1 2211 1 e4920e51f96ae453663098df19c5b374 Aug 28 10:59:49 auth: Debug: vpopmail(too...@respublica.fr,178.32.33.247): lookup user=toorop domain=respublica.fr Aug 28 10:59:49 imap-login: Info: Internal login failure (auth failed, 1 attempts): user=too...@respublica.fr, method=CRAM-MD5, rip=178.32.33.247, lip=184.106.217.69, mpid=2214, TLS Aug 28 10:59:49 master: Error: service(auth): child 2212 killed with signal 11 (core dumps disabled) strace : http://pastebin.com/kYsWHP5J Thanks, -- Toorop «Ils ne savaient pas que c'était impossible, alors ils l'ont fait.» Mark Twain
Re: [Dovecot] Error: service(auth): child 2212 killed with signal 11
On 28.8.2010, at 12.15, Toorop wrote: Auth always crash (segfault) using vpopmail backend. Any idea ? Could you get gdb backtrace? http://dovecot.org/bugreport.html
Re: [Dovecot] Error: service(auth): child 2212 killed with signal 11
Le 28/08/2010 13:25, Timo Sirainen a écrit : Could you get gdb backtrace? http://dovecot.org/bugreport.html gdb /usr/local/libexec/dovecot/auth /usr/local/var/run/dovecot/core GNU gdb (GDB) 7.1-ubuntu Copyright (C) 2010 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type show copying and show warranty for details. This GDB was configured as x86_64-linux-gnu. For bug reporting instructions, please see: http://www.gnu.org/software/gdb/bugs/... Reading symbols from /usr/local/libexec/dovecot/auth...done. [New Thread 2266] warning: Can't read pathname for load map: Input/output error. Reading symbols from /usr/local/lib/dovecot/libdovecot.so.0...done. Loaded symbols for /usr/local/lib/dovecot/libdovecot.so.0 Reading symbols from /lib/libcrypt.so.1...(no debugging symbols found)...done. Loaded symbols for /lib/libcrypt.so.1 Reading symbols from /home/vpopmail/lib/libvpopmail.so...(no debugging symbols found)...done. Loaded symbols for /home/vpopmail/lib/libvpopmail.so Reading symbols from /lib/libdl.so.2...(no debugging symbols found)...done. Loaded symbols for /lib/libdl.so.2 Reading symbols from /lib/librt.so.1...(no debugging symbols found)...done. Loaded symbols for /lib/librt.so.1 Reading symbols from /lib/libc.so.6...(no debugging symbols found)...done. Loaded symbols for /lib/libc.so.6 Reading symbols from /lib64/ld-linux-x86-64.so.2...(no debugging symbols found)...done. Loaded symbols for /lib64/ld-linux-x86-64.so.2 Reading symbols from /lib/libpthread.so.0...(no debugging symbols found)...done. Loaded symbols for /lib/libpthread.so.0 Reading symbols from /home/vpopmail/etc/vpopmail.authmodule...(no debugging symbols found)...done. Loaded symbols for /home/vpopmail/etc/vpopmail.authmodule Core was generated by `dovecot/auth'. Program terminated with signal 11, Segmentation fault. #0 0x in ?? () (gdb) bt full #0 0x in ?? () No symbol table info available. #1 0x0041f735 in vpopmail_lookup (auth_request=0x23c4358, callback=0x410770 auth_request_userdb_callback) at userdb-vpopmail.c:99 _module = 0x23b13f0 vpop_user = toorop, '\000' repeats 74 times vpop_domain = respublica.fr, '\000' repeats 67 times vpw = 0x7fd8cdf51ce0 quota = value optimized out uid = value optimized out gid = value optimized out #2 0x004109d6 in auth_request_lookup_user (request=0x23c4358, callback=value optimized out) at auth-request.c:826 userdb = 0x23b13f0 cache_key = value optimized out #3 0x00411473 in auth_request_handler_master_request (handler=0x23c26a8, master=0x23c02a0, id=1, client_id=value optimized out) at auth-request-handler.c:613 request = 0x23c4358 reply = 0x23a8478 #4 0x0040d864 in master_input_request (conn=0x23c02a0) at auth-master-connection.c:103 client_id = 1 cookie = \376\\\305!\273$\246\227\306\061vA\237\021\vb buf = {data = 0x7fff84848860, used = 16, priv = {0x7fff84848860, 0x0, 0x10, 0x0, 0x0}} client_conn = 0x23a8538 id = 1 client_pid = 2265 #5 auth_master_input_line (conn=0x23c02a0) at auth-master-connection.c:413 No locals. #6 master_input (conn=0x23c02a0) at auth-master-connection.c:466 _data_stack_cur_id = 3 line = value optimized out ret = value optimized out #7 0x7fd8ceda6e85 in io_loop_handler_run (ioloop=value optimized out) at ioloop-epoll.c:212 ctx = 0x23bc0a0 event = 0x23bc110 list = 0x23c5170 io = 0x23c5130 tv = {tv_sec = 149, tv_usec = 995353} t_id = 2 msecs = value optimized out ret = 1 i = 0 call = value optimized out #8 0x7fd8ceda5f88 in io_loop_run (ioloop=0x23b05e0) at ioloop.c:350 No locals. #9 0x7fd8ced958a3 in master_service_run (service=0x23b04b0, callback=0x7fff84848660) at master-service.c:496 No locals. #10 0x004163d4 in main (argc=1, argv=0x23b0370) at main.c:282 c = value optimized out If you want i can give you root acces, it's a testing VPS. -- Toorop «Ils ne savaient pas que c'était impossible, alors ils l'ont fait.» Mark Twain
Re: [Dovecot] dovecot - mac firewall problem
Hi, I am running dovecot 1.2.11 on mac osx 1.5.8. Everything works perfectly with the application-level firewall off, but enabling the application firewall prevents dovecot connections. I have tried explicitly authorizing dovecot in the firewall, but it does not work. I have searched everywhere I can think of to look, and haven't found a solution, but have seen a couple other reports of what seems to be the same problem. The firewall logs the activity with what looks like a corrupt process name: a typical appfirewall.log entry looks like: Aug 26 20:43:45 hostname Firewall[55]: Deny ^L connecting from XX.XX.XX.XX:37310 uid = 0 proto=6 Aug 26 20:43:53 hostname Firewall[55]: Deny ^H?^U???^Z connecting from XX.XX.XX.XX:37310 uid = 0 proto=6 Aug 26 20:44:09 hostname Firewall[55]: Deny ^L connecting from XX.XX.XX.XX:37310 uid = 0 proto=6 Aug 26 20:44:34 hostname Firewall[55]: Deny ^L connecting from XX.XX.XX.XX:37312 uid = 0 proto=6 Aug 26 20:44:45: --- last message repeated 6 times --- where hostname is my server name and the XX's are my client's IP address. For all of the other services I've used, the process name (e.g. dovecot) should appear after Deny when blocking traffic, instead of the funny characters. Any advice on how I could resolve this issue would be greatly appreciated. Thanks! The application level firewall in OSX is aimed at _client_ use, not server use. It's similar to Novell's AppArmor, etc. Leave it turned off. Simply because a piece of software (in this case an OS) offers any given option does not mean every system needs it. Can you offer a compelling reason why you _need_ the OSX application level firewall enabled? Please point us to documentation that advises using it for any of your services/daemons. -- Stan Hi was hoping to use the application firewall because this machine gets used both as a server as well as a client machine for more general use. I haven't been able to find any specific documentation for it, but I have found that the firewall works fine with postfix and several file services I use (enabling/disabling works as expected, process names get logged as expected, etc). Thanks! Patrick
Re: [Dovecot] Problems Converting Maildir to mdbox
On 8/28/2010 5:35 AM, Christian Felsing wrote: I would like to convert all users mail from maildir to mdbox. My Dovecot version is 2.0.1, converted from 1.2.13 but config was rewritten from scratch. http://wiki2.dovecot.org/Migration/MailFormat says following: maildir - mdbox migration. Set mail_location=mdbox:~/mdbox and run doveadm convert -u username maildir:~/Maildir but doveadm does not know a command like convert. Is there a _working_ way to convert maildir to mdbox ? How to do that with all Dovecot mail users (about 1) ? Hmmm. not sure why that page is still around, but I'm fairly sure the proper way to convert is using dsync... http://wiki2.dovecot.org/Tools/Dsync Towards the bottom you find: Converting: Assuming that the mail_location setting in /etc/dovecot/conf.d/10-mail.conf is set to: mail_location = mdbox:~/mdbox, a logged in system user may convert her/his mails from its Maildir in her/his home directory to the mdbox mailbox format. The user has to execute the command: dsync mirror maildir:~/Maildir If you want to do this without any downtime, you can do the conversion one user at a time. Initially: * Configuration uses mail_location = maildir:~/Maildir * Set up the possibility of doing per-user mail location using userdb extra fields. Then for each user: 1. Run dsync mirror once to do the initial conversion. 2. Run dsync mirror again, because the initial conversion could have taken a while and new changes could have occurred during it. This second time only applies changes, so it should be fast. 3. Update mail extra field in userdb to mdbox:~/mdbox. If you're using auth cache, you need to flush it. 4. Wait for a few seconds and then kill the user's all existing imap and pop3 sessions (that are still using maildir). 5. Run dsync mirror once more to apply final changes that were possibly done. After this there should be no changes to Maildir, because the user's mail location has been changed and all existing processes using it have been killed. Once all users have been converted, you can set the default mail_location to mdbox and remove the per-user mail locations from userdb. -- Best regards, Charles
Re: [Dovecot] Can't get dovecot to see email folders
Charles, Thanks for much for your tips...I have gotten further! I did have a userdb section, but I commented it out because it didn't seem to do anything. I've added it back in, and now home= is filled in appropriately. Now my mail clients aren't complaining! However, Thunderbird, Outloook, etc, are still not able to list private folders. If I make a new folder, it gets created in /home/%u/mail as it should, but Thunderbird removes it again on the next refresh. If I use the mail client on my Android phone which does a raw directory listing, I'm put into the correct /home/%u/mail folder, so that part is working. So this seems to be a foldering listing problem? I've copied in the UW-IMAP namespace section from the WIKI. HEre's my current config file, any thoughts as to why Thunderbird isn't picking up the private folders? # /opt/sbin/dovecot -n # 2.0.1: /opt/etc/dovecot/dovecot.conf # OS: SunOS 5.11 i86pc base_dir = /var/run/dovecot/ first_valid_uid = 100 mail_debug = yes mail_gid = mail mail_location = mbox:/home/%u/mail:INBOX=/var/mail/%u mail_privileged_group = mail mail_uid = dovecot namespace { inbox = yes location = prefix = separator = / } namespace { hidden = yes list = yes location = prefix = mail/ separator = / } namespace { hidden = yes list = yes location = prefix = ~/mail/ separator = / } namespace { hidden = yes list = yes location = prefix = /home/%u/mail/ separator = / } passdb { driver = pam } plugin { home = /home/%u } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { address = * port = 993 } } service pop3-login { inet_listener pop3 { address = * port = 0 } inet_listener pop3s { address = * port = 0 } } ssl_cert = /usr/local/ssl/certs/dovecot.pem ssl_key = /usr/local/ssl/private/dovecot.pem userdb { driver = passwd }
Re: [Dovecot] Problems Converting Maildir to mdbox
On 28-08-2010 16:30, Charles Marcus wrote: dsync mirror maildir:~/Maildir I am just trying to do that now (just testing so far). Using this command ($1 is substituted for the user): dsync -u $1 -o mail_location=maildir:/data/mail/$1/mdir mirror mdbox:/data/mail/$1/mdbox After having learned that I need to create the destination directory first, I got this error: dsync(root): Fatal: Mail locations must use the same virtual mailbox hierarchy separator (specify separator for the default namespace) Which I am afraid does not help me much - tried to set separator to '.' in namespace but that only ended in lda/deliver refusing to deliver mail. :-( Thanks in advance! Kim
Re: [Dovecot] Problems Converting Maildir to mdbox
On 8/28/2010 11:17 AM, Kim Bisgaard wrote: After having learned that I need to create the destination directory first, I got this error: dsync(root): Fatal: Mail locations must use the same virtual mailbox hierarchy separator (specify separator for the default namespace) doveconf -n output? -- Best regards, Charles
Re: [Dovecot] Error: service(auth): child 2212 killed with signal 11
Le 28/08/2010 13:25, Timo Sirainen a écrit : Auth always crash (segfault) using vpopmail backend. Any idea ? Could you get gdb backtrace? http://dovecot.org/bugreport.html It works with vpopmail 5.4.30 (Same config, same host). -- Toorop «Ils ne savaient pas que c'était impossible, alors ils l'ont fait.» Mark Twain
Re: [Dovecot] Can't get dovecot to see email folders
On 8/28/2010 11:08 AM, Blaster wrote: I've copied in the UW-IMAP namespace section from the WIKI. snip namespace { inbox = yes location = I don't understand namespaces real well, but the wiki examples didn't have a location = setting at all... so maybe try removing that? -- Best regards, Charles
Re: [Dovecot] Problems Converting Maildir to mdbox
On 28-08-2010 17:21, Charles Marcus wrote: On 8/28/2010 11:17 AM, Kim Bisgaard wrote: After having learned that I need to create the destination directory first, I got this error: dsync(root): Fatal: Mail locations must use the same virtual mailbox hierarchy separator (specify separator for the default namespace) doveconf -n output? # 2.0.1: /etc/dovecot/dovecot.conf # OS: Linux 2.6.33.6-147.2.4.fc13.i686 i686 Fedora release 13 (Goddard) ext3 mail_location = maildir:/data/mail/%u/mdir mbox_write_locks = fcntl passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = +imapflags sieve_subaddress_sep = + } postmaster_address = postmas...@alleroedderne.adsl.dk protocols = imap ssl_cert = /etc/pki/dovecot/certs/dovecot.pem ssl_key = /etc/pki/dovecot/private/dovecot.pem userdb { driver = passwd } protocol lda { mail_plugins = $mail_plugins sieve }
Re: [Dovecot] When should dictionary entries for the expire plugin be added/updated?
On 25.08.10 18:52, Timo Sirainen wrote: So you want to drop the domain? I'm not sure if you can do this on Postfix's side [...] I don't think so, based on the e-mails I received. It has been rightly pointed that LMTP requires fully qualified e-mail addresses. Now I try to find a LDAP-only setup for passdb and userdb. I have experimented with both user_filter = ((objectClass=posixAccount)(uid=%n)) and/or pass_filter = ((objectClass=posixAccount)(uid=%n)) but this only works as long as I enable auth_username_format = %Ln aswell. I was hoping that using %n instead of the default %u would help, but alas, no. It is frustrating that this how-to-drop-the-domain business is only an issue with LMTP. When I use dovecot-lda, auth_username_format is not required. -Ralph
Re: [Dovecot] Problems Converting Maildir to mdbox
On 8/28/2010 11:17 AM, Kim Bisgaard wrote: After having learned that I need to create the destination directory first, I got this error: dsync(root): Fatal: Mail locations must use the same virtual mailbox hierarchy separator (specify separator for the default namespace) Which I am afraid does not help me much - tried to set separator to '.' in namespace but that only ended in lda/deliver refusing to deliver mail. :-( All I know now is, since you're using the default namespace (according to your -n output), the separator must be the same as the mailbox list layout separator... I'm traveling and without access to any system for testing anything, so can't help further... sorry... -- Best regards, Charles
Re: [Dovecot] When should dictionary entries for the expire plugin be added/updated?
On 8/28/2010 11:46 AM, Ralph Seichter wrote: When I use dovecot-lda, auth_username_format is not required. So... why not just use LDA? -- Best regards, Charles
[Dovecot] dsync mirror duplicates problem
Im trying to sync 2 mailserver with dsync mirror functionality. Problem occurs when mails arrive in the same folder on both sides then dsync sometimes runs into problems and duplicates that entrys on both side(2mails then with same content). After running again the same happens again(now 4 mails with same content on every side). And then duplicates this mails on both sides on every run :( Anyone with same problem or is something that could cause this? I tried dsync with and without -f option but no change. Im running dovecot 2.0.1 together with dovecot sieve (latest hg version). thanks, Waldemar
Re: [Dovecot] When should dictionary entries for the expire plugin be added/updated?
On 28.08.10 17:55, Charles Marcus wrote: So... why not just use LDA? I you read the complete thread, you'll find that Timo suggested using LMTP instead of LDA to avoid the need for a world-writeable socket.
Re: [Dovecot] When should dictionary entries for the expire plugin be added/updated?
On 8/28/2010 12:05 PM, Ralph Seichter wrote: On 28.08.10 17:55, Charles Marcus wrote: So... why not just use LDA? I you read the complete thread, you'll find that Timo suggested using LMTP instead of LDA to avoid the need for a world-writeable socket. Oh, right - I recall seeing that and intended to ask if/why this was necessary, and how much of a security risk it was... One of the stated goals of dovecot is to be 100% secure, so I'm very curious about the answer... -- Best regards, Charles
Re: [Dovecot] dovecot - mac firewall problem
Patrick Fay put forth on 8/28/2010 7:15 AM: Hi was hoping to use the application firewall because this machine gets used both as a server as well as a client machine for more general use. I haven't been able to find any specific documentation for it, but I have found that the firewall works fine with postfix and several file services I use (enabling/disabling works as expected, process names get logged as expected, etc). Thanks! So, you're running Dovecot and Postfix on a laptop? WTF? -- Stan
Re: [Dovecot] Can't get dovecot to see email folders
Your Thunderbird clients are set to show only subscribed folders. Dovecot by default is not looking got the same subscriptions file that uw-imap was. So, thunderbird shows no mailboxes because the (new) subscription file is empty. This is one of the many reasons why subscriptions are bad, especially come migration time. Another? It's likely you'll need to tweak your namespaces once you do get thunderbird using the right subs, because each client has it's own heinous way of mid-handling subs which result in disgusting interactions with the imap root setting and namespaces. And by tweak I mean re-do over and over till you quit and move to the Bahamas to panhandle on the beach. Take this as a golden opportunity to start fresh. At the very least, get your clients set to the same imap root and have them re-sub to the folders they want after you stabilize your namespaces. Better yet, disable the show only subscribed folders setting and teach your users the magic that is hierarchical folders. They don't have to see everything at once. :) -Brian On Aug 28, 2010, at 10:08 AM, Blaster blas...@556nato.com wrote: Charles, Thanks for much for your tips...I have gotten further! I did have a userdb section, but I commented it out because it didn't seem to do anything. I've added it back in, and now home= is filled in appropriately. Now my mail clients aren't complaining! However, Thunderbird, Outloook, etc, are still not able to list private folders. If I make a new folder, it gets created in /home/%u/mail as it should, but Thunderbird removes it again on the next refresh. If I use the mail client on my Android phone which does a raw directory listing, I'm put into the correct /home/%u/mail folder, so that part is working. So this seems to be a foldering listing problem? I've copied in the UW-IMAP namespace section from the WIKI. HEre's my current config file, any thoughts as to why Thunderbird isn't picking up the private folders? # /opt/sbin/dovecot -n # 2.0.1: /opt/etc/dovecot/dovecot.conf # OS: SunOS 5.11 i86pc base_dir = /var/run/dovecot/ first_valid_uid = 100 mail_debug = yes mail_gid = mail mail_location = mbox:/home/%u/mail:INBOX=/var/mail/%u mail_privileged_group = mail mail_uid = dovecot namespace { inbox = yes location = prefix = separator = / } namespace { hidden = yes list = yes location = prefix = mail/ separator = / } namespace { hidden = yes list = yes location = prefix = ~/mail/ separator = / } namespace { hidden = yes list = yes location = prefix = /home/%u/mail/ separator = / } passdb { driver = pam } plugin { home = /home/%u } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { address = * port = 993 } } service pop3-login { inet_listener pop3 { address = * port = 0 } inet_listener pop3s { address = * port = 0 } } ssl_cert = /usr/local/ssl/certs/dovecot.pem ssl_key = /usr/local/ssl/private/dovecot.pem userdb { driver = passwd }
[Dovecot] dovecot - mac firewall problem
Hi, I am running dovecot 1.2.11 on mac osx 1.5.8. Everything works perfectly with the application-level firewall off, but enabling the application firewall prevents dovecot connections. I have tried explicitly authorizing dovecot in the firewall, but it does not work. I have searched everywhere I can think of to look, and haven't found a solution, but have seen a couple other reports of what seems to be the same problem. The firewall logs the activity with what looks like a corrupt process name: a typical appfirewall.log entry looks like: Aug 26 20:43:45 hostname Firewall[55]: Deny ^L connecting from XX.XX.XX.XX:37310 uid = 0 proto=6 Aug 26 20:43:53 hostname Firewall[55]: Deny ^H?^U???^Z connecting from XX.XX.XX.XX:37310 uid = 0 proto=6 Aug 26 20:44:09 hostname Firewall[55]: Deny ^L connecting from XX.XX.XX.XX:37310 uid = 0 proto=6 Aug 26 20:44:34 hostname Firewall[55]: Deny ^L connecting from XX.XX.XX.XX:37312 uid = 0 proto=6 Aug 26 20:44:45: --- last message repeated 6 times --- where hostname is my server name and the XX's are my client's IP address. For all of the other services I've used, the process name (e.g. dovecot) should appear after Deny when blocking traffic, instead of the funny characters. Any advice on how I could resolve this issue would be greatly appreciated. Thanks! I was hoping to use the application firewall because this machine gets used both as a server as well as a client machine for more general use. I haven't been able to find any specific documentation for it, but I have found that the firewall works fine with postfix and several file services I use (enabling/disabling works as expected, process names get logged as expected, etc). Thanks! Patrick So, you're running Dovecot and Postfix on a laptop? WTF? -- Stan Hi, Sorry for the confusion--no laptop involved. Postfix, dovecot, etc, all running on intel-based desktop mac (a mac pro). Patrick
Re: [Dovecot] dovecot - mac firewall problem
Patrick Fay put forth on 8/28/2010 7:57 PM: I was hoping to use the application firewall because this machine gets used both as a server as well as a client machine for more general use. I haven't been able to find any specific documentation for it, but I have found that the firewall works fine with postfix and several file services I use (enabling/disabling works as expected, process names get logged as expected, etc). Thanks! Patrick So, you're running Dovecot and Postfix on a laptop? WTF? Sorry for the confusion--no laptop involved. Postfix, dovecot, etc, all running on intel-based desktop mac (a mac pro). Same difference. You're running a full blown MTA and an IMAP server on a client machine. Why? Is this a production level setup? Or do you have these server daemons installed merely for testing purposes before putting a dedicated server box into production? Running a production setup of an MTA and IMAP server on one's workstation, with an MX record etc pointed at the box, is very, very... odd, rare. -- Stan
Re: [Dovecot] dovecot - mac firewall problem
On 8/28/2010 9:22 PM, Stan Hoeppner wrote: Running a production setup of an MTA and IMAP server on one's workstation, with an MX record etc pointed at the box, is very, very... odd, rare. Not really... no reason you can't run your own personal setup for your own personal email, use getmail to retrieve all of your other mail, and have it all in one place served up by dovecot... -- Best regards, Charles