> On 04/05/2023 21:28 EEST efeizbu...@disroot.org wrote: > > > On 2023-05-04 21:25, Aki Tuomi wrote: > >> On 04/05/2023 21:20 EEST efeizbu...@disroot.org wrote: > >> > >> > >> On 2023-05-04 21:16, Aki Tuomi wrote: > >> >> On 04/05/2023 21:09 EEST Aki Tuomi via dovecot <dovecot@dovecot.org> > >> >> wrote: > >> >> > >> >> > >> >> > On 04/05/2023 21:08 EEST efeizbu...@disroot.org wrote: > >> >> > > >> >> > > >> >> > On 2023-05-04 20:53, Aki Tuomi via dovecot wrote: > >> >> > >> On 04/05/2023 20:11 EEST efeizbudak--- via dovecot > >> >> > >> <dovecot@dovecot.org> wrote: > >> >> > >> > >> >> > >> > >> >> > >> Hi all, > >> >> > >> > >> >> > >> So recently google has been trying to send email to > >> >> > >> dm...@domain.com > >> >> > >> on > >> >> > >> my server but I'm using encrypted storage and since the dmarc user > >> >> > >> has > >> >> > >> no password the email is being rejected with the error: > >> >> > >> > >> >> > >> May 4 16:51:50 domain dovecot: > >> >> > >> lda(dmarc)<3326><l0J9NabiU2T+DAAA1iAyAg>: Error: sieve: > >> >> > >> msgid=<10341808348719730...@google.com>: failed to store into > >> >> > >> mailbox > >> >> > >> 'INBOX': generate_keypair(INBOX) failed: > >> >> > >> mail_crypt_require_encrypted_user_key set, cannot generate user > >> >> > >> keypair > >> >> > >> without password or key > >> >> > >> > >> >> > >> How can I fix this, or at least read what the mail says? Would it > >> >> > >> be > >> >> > >> safe to just give dmarc user a strong password? > >> >> > > > >> >> > > You can run > >> >> > > > >> >> > > doveadm mailbox cryptokey generate -U dmarc -N > >> >> > > > >> >> > > so the user will have a keypair generated. Then it should work. > >> >> > > > >> >> > > Aki > >> >> > > >> >> > I'm getting > >> >> > > >> >> > generate: invalid option -- 'N' > >> >> > > >> >> > should I just run it without -N ? > >> >> > > >> >> > Thank you! > >> >> > >> >> Please keep responses on the list. > >> >> > >> >> Try -n password? I have a faint recall of a buggy version like this. > >> >> > >> >> Aki > >> > > >> >> Sorry for replying twice, I'm getting > >> >> doveadm(root): Error: Couldn't drop privileges: User is missing UID > >> >> (see > >> > mail_uid setting) > >> >> when I try to run it without the -N op > >> > > >> > Sorry, my bad. > >> > > >> > doveadm mailbox cryptokey generate -U -u dmarc -n password > >> > > >> > Aki > >> This too gives me > >> > >> generate: invalid option -- 'n' > > > > So it seems. Have to investigate this. > > > > In the mean time, can you try just > > > > doveadm mailbox cryptokey generate -U -u dmarc > > > > If you want, you can do > > > > doveadm mailbox cryptokey password -u user -U -N > > > > which hopefully should work. > > > > Aki > First one gives, > > doveadm(dmarc): Error: mail_crypt_user_generate_keypair(dmarc) failed: > mail_crypt_require_encrypted_user_key set, cannot generate user keypair > without password or key > doveadm(dmarc): Warning: mailbox cryptokey generate: Nothing was > matched. Use -U or specify mask? > doveadm(dmarc): Panic: file mail-user.c: line 229 (mail_user_deinit): > assertion failed: ((*user)->refcount == 1) > doveadm(dmarc): Error: Raw backtrace: > /usr/lib/dovecot/libdovecot.so.0(backtrace_append+0x42) [0x7fe3f93e04e2] > -> /usr/lib/dovecot/libdovecot.so.0(backtrace_get+0x1e) [0x7fe3f93e05fe] > -> /usr/lib/dovecot/libdovecot.so.0(+0xfc49b) [0x7fe3f93ec49b] -> > /usr/lib/dovecot/libdovecot.so.0(+0xfc4d1) [0x7fe3f93ec4d1] -> > /usr/lib/dovecot/libdovecot.so.0(+0x53aee) [0x7fe3f9343aee] -> > /usr/lib/dovecot/libdovecot-storage.so.0(+0x407c9) [0x7fe3f94f47c9] -> > doveadm(+0x31bcd) [0x55c2ab3d7bcd] -> doveadm(+0x32632) [0x55c2ab3d8632] > -> doveadm(doveadm_cmd_ver2_to_mail_cmd_wrapper+0x22d) [0x55c2ab3d94ad] > -> doveadm(doveadm_cmd_run_ver2+0x4c8) [0x55c2ab3e9b88] -> > doveadm(doveadm_cmd_try_run_ver2+0x3a) [0x55c2ab3e9bda] -> > doveadm(main+0x1d0) [0x55c2ab3c8450] -> > /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xea) [0x7fe3f8f9fd0a] > -> doveadm(_start+0x2a) [0x55c2ab3c892a] > Aborted > > And the second one gives, > > password: invalid option -- 'U' > > Thank you for looking into it!
Sorry, this is bit annoying issue. Seems there was a slight oversight when this option was added.. anyways... try doveadm -o plugin/mail_crypt_require_encrypted_user_key=no mailbox cryptokey generate -U -u dmarc maybe it works? Aki _______________________________________________ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org
