Re: [Dovecot] Maildir Skeleton
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, 7 Aug 2007, Sebastian Ganschow wrote:
/var/vmal/globalsieverc:
require ["fileinto"];
# Move spam to spam folder
if exists "X-Spam-Flag" {
fileinto "spam";
# Stop here so that we do not reply on spams
stop;
}
Is there anything else I need to configure?
The compiled script needs to be written there by the user. Is it there?
If not: you might pre-compile it with sievec (as root).
If yes: I'm not sure, if Sieve errors can happen, when the script is
already compiled; I'd enable a+wx permission for testing purpose on
/var/vmail.
BTW: There are mail systems that also set "X-Spam-Flag: no" ;-)
Do you remove this flag on incoming mails?
Bye,
- --
Steffen Kaiser
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBRrlpWC9SORjhbDpvAQJ54Qf/UicG/fu5vjHzG0ATTdmhOaxiB0jujesW
IeMdZ9lACgZCAbtd/iHfeRsCfrTyB5UbT5K7gQi/qOQW+Dj0MEcsrtKaLdHLBU6G
jjSFarGnWtPHiwNN/F2vAFh7tTz7hgXW9/6d430NA1sZk2dJ4ykni4gQYaspyKCW
3aK7zHnwvgzAx6yawoYx4FbqpukTi1LKGskDHKnK5TuJ3fw+UIlp6ol59bdGKyWD
LNdb4qITwilP2Hf5JaaHj3dOUUc8AAyV/NRvkRj81FQDXpbmUyolOFLrEsRixgyd
DHBtkpn2Nh2vgr1oH5M3gMozMoVws9uIpSkuvujtx899ilT+tOsJKw==
=qZ+g
-END PGP SIGNATURE-
[Dovecot] Dovecot 1.1alpha2 - (imap) killed with signal 10
As promised, here is the bug report:
# dovecot -n
# 1.1.alpha2: /usr/local/etc/dovecot.conf
protocols: imap pop3
ssl_cert_file: /etc/postfix/server.pem
ssl_key_file: /etc/postfix/server.pem
login_dir: /usr/local/var/run/dovecot/login
login_executable(default): /usr/local/libexec/dovecot/imap-login
login_executable(imap): /usr/local/libexec/dovecot/imap-login
login_executable(pop3): /usr/local/libexec/dovecot/pop3-login
mail_location: maildir:/mnt/shared/mail/%u:INDEX=/var/indexes/%u
mail_drop_priv_before_exec: yes
mail_executable(default): /usr/local/libexec/dovecot/imap
mail_executable(imap): /usr/local/libexec/dovecot/imap
mail_executable(pop3): /usr/local/libexec/dovecot/pop3
mail_plugin_dir(default): /usr/local/lib/dovecot/imap
mail_plugin_dir(imap): /usr/local/lib/dovecot/imap
mail_plugin_dir(pop3): /usr/local/lib/dovecot/pop3
auth default:
passdb:
driver: pam
passdb:
driver: passwd
userdb:
driver: passwd
socket:
type: listen
client:
path: /usr/local/var/run/dovecot/auth-client
mode: 436
master:
path: /usr/local/var/run/dovecot/auth-master
mode: 384
user: root
group: dovecot
#uname -a
Linux ns2 2.6.21-2-sparc64 #1 Thu Jul 12 12:33:00 UTC 2007 sparc64
GNU/Linux
# cat /etc/debian_version
lenny/sid
Mailstore is NFS mounted, indexes on local disk. I'm upgrading from
dovecot 1.0.3, the client is Evolution. When accessing any directory
besides Inbox I get temporary failure and in the logs I see
Aug 8 01:23:39 ns2 dovecot: child 25167 (imap) killed with signal 10
here is a bt full of the core dump:
GNU gdb 6.4.90-debian
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you
are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for
details.
This GDB was configured as "sparc-linux-gnu"...Using host libthread_db
library "/lib/libthread_db.so.1".
Reading symbols from /lib/libdl.so.2...done.
Loaded symbols for /lib/libdl.so.2
Reading symbols from /lib/libc.so.6...done.
Loaded symbols for /lib/libc.so.6
Reading symbols from /lib/ld-linux.so.2...done.
Loaded symbols for /lib/ld-linux.so.2
Core was generated by `imap'.
Program terminated with signal 10, Bus error.
#0 mailbox_list_index_sync_write_dir (ctx=0xf75e8, sync_dir=0xf7650,
offset_pos=, partial=true) at
mailbox-list-index-sync.c:594
594 new_dir->count = nondeleted_count;
(gdb) bt full
#0 mailbox_list_index_sync_write_dir (ctx=0xf75e8, sync_dir=0xf7650,
offset_pos=, partial=true) at
mailbox-list-index-sync.c:594
dir =
recs =
i =
j =
count =
__PRETTY_FUNCTION__ = "mailbox_list_index_sync_write_dir"
#1 0x0007afdc in mailbox_list_index_sync_write (ctx=0xf75e8) at
mailbox-list-index-sync.c:867
ret =
#2 0x0007b270 in mailbox_list_index_sync_commit (_ctx=) at mailbox-list-index-sync.c:918
ctx = (struct mailbox_list_index_sync_ctx *) 0xf75e8
ret = 0
#3 0x00034384 in index_list_sync_deinit (ctx=0xe13f0, status_items=0,
status_r=) at index-mailbox-list-sync.c:204
box = (struct mailbox *) 0xe0b98
list =
ilist =
view =
tmp_status = {messages = 247, recent = 0, unseen = 0,
uidvalidity = 1179084420, uidnext = 248, first_unseen_seq = 0, keywords
= 0x0}
status = (struct mailbox_status *) 0xffb3d594
uid =
seq =
#4 0x0007f57c in mailbox_sync_deinit (_ctx=0xffb3d6b4, status_items=0,
status_r=0x0) at mail-storage.c:509
ctx = (struct mailbox_sync_context *) 0x0
#5 0x0002f078 in imap_sync_nonselected (box=0xe0b98, flags=) at imap-sync.c:210
ctx = (struct mailbox_sync_context *) 0x0
sync_rec = {seq1 = 4289976032, seq2 = 634052, type = 4289976088}
#6 0x0002745c in _cmd_select_full (cmd=0xd9338, readonly=false) at
cmd-select.c:39
client = (struct client *) 0xd7840
storage = (struct mail_storage *) 0xd5de0
box = (struct mailbox *) 0xe0b98
status = {messages = 666088, recent = 836034, unseen = 1,
uidvalidity = 585071112, uidnext = 4160102400, first_unseen_seq =
836008, keywords = 0x1e}
mailbox = 0xdc640 "Archivio.storico.2003"
#7 0x000275f8 in cmd_select (cmd=0xd9338) at cmd-select.c:93
No locals.
#8 0x00028be0 in client_command_input (cmd=0xd9338) at client.c:491
client = (struct client *) 0xd7840
__PRETTY_FUNCTION__ = "client_command_input"
#9 0x00028cd0 in client_command_input (cmd=0xd9338) at client.c:548
command =
client = (struct client *) 0xd7840
__PRETTY_FUNCTION__ = "client_command_input"
#10 0x00029348 in _client_input (client=0xd7840) at client.c:584
cmd =
__PRETTY_FUNCTION__ = "_client_input"
#11 0x00095f10 in io_loop_handler_run (ioloop=) at
ioloop-epoll.c:201
ctx =
event = (const struct epoll_
[Dovecot] dovecot-sieve vacation changes
I'd like to put forward the following patch for dovecot-sieve.
Essentially this just merges in some changes made in CMU sieve 2.3.8 and
as such brings the behaviour more in line with RFC 3834 "Recommendations
for Automatic Responses to Electronic Mail":
- fixes erroneous sender "-request" substring match
- checks for existence of a selection of list-* headers
- expands "named-as-recipient" header checks to "Resent-To", "Resent-CC"
and "Resent-BCC" fields. Note that the appended patch also includes a
fix for some missing parentheses in the "resent-to" test which resulted
in some extra work being done but was otherwise harmless. The fix has
been sent to <[EMAIL PROTECTED]>
- prefixes subject in response with "Auto: " rather than (non-expanding)
"Re: "
I also, mostly for kicks, attach two sieve-like scripts that attempt to
encapsulate the when-not-to-respond logic as implemented (if the patch
were to be applied) and as advised by RFC 3834 respectively. I wrote
these as an exercise to help me gain a better understanding of sieve and
the CMU implementation. I'm not sure they are otherwise useful.
#
# An attempt to render, as SIEVE, the actions of shouldRespond() from CMU
# sieve/bc_eval.c as distributed with cyrus-imapd 2.3.8
#
# This is not valid SIEVE; The following expansions must first be
# performed:
#
# - %myaddrs% list of valid recipient addresses
# - %envrcpt% the actual envelope recipient
#
# Example:
#
# sed -e 's/%myaddrs%/["[EMAIL PROTECTED]", "[EMAIL PROTECTED]"]/' \
# -e 's/%envrcpt%/"[EMAIL PROTECTED]"/' < vacation.sieve.in
#
require ["envelope"];
if anyof ( exists "list-id",
exists "list-help",
exists "list-subscribe",
exists "list-unsubscribe",
exists "list-post",
exists "list-owner",
exists "list-archive",
# XXX bc_eval.c also skips leading whitespace
not header :is "auto-submitted" "no",
# XXX bc_eval.c also skips leading whitespace
header :is "precedence" ["junk", "bulk", "list"],
# XXX does this really catch null sender?
envelope :all :is "from" "",
# envelope sender equals envelope recipient; redundant if we assume
# %envrcpt% is an element in %myaddrs%
envelope :all :is "from" %envrcpt%,
envelope :all :is "from" %myaddrs%,
envelope :localpart :is "from" ["mailer-daemon",
"listserv",
"majordomo"],
envelope :comparator "i;octet"
:localpart :matches "from" ["*-request",
"owner-*"],
not address :all :is ["to",
"cc",
"bcc",
"resent-to",
"resent-cc",
"resent-bcc"] %myaddrs%
) {
discard;
}
#
# An attempt to render, as SIEVE, the advice from RFC 3834 section 2 "When
# (not) to send automatic responses". Assumes we are a "Personal
# Responder".
#
# This is not valid SIEVE; The following expansions must first be
# performed:
#
# - %myaddrs%list of valid recipient addresses
# - %untrusted% list of untrusted envelope senders
#
# Example:
#
# sed -e 's/%myaddrs%/["[EMAIL PROTECTED]", "[EMAIL PROTECTED]"]/' \
# -e 's/%untrusted%/["[EMAIL PROTECTED]"]/' < rfc3834.sieve.in
#
require ["envelope"];
if anyof ( # Fails to account for syntax defined in section 5.1
# SHOULD NOT
not header :is "auto-submitted" "no",
# SHOULD NOT
not address :all :is ["to",
"cc",
"bcc",
"resent-to",
"resent-cc",
"resent-bcc"] %myaddrs%,
# MAY
envelope :all :is "from" %untrusted%,
# XXX Not clear if this correctly expresses a null sender
# MUST NOT
envelope :all :is "from" "",
# Strictly speaking localparts are case-sensitive hence the
# use of :comparator. In reality the default "i;ascii-casemap"
# comparator almost certainly make more sense.
# MAY
envelope :comparator "i;octet"
:localpart :is "from" ["MAILER-DAEMON"],
envelope :comparator "i;octet"
:localpart :matches "from" ["*-request",
"owner-*"],
# XXX no such recommendation is actually made
# MAY
header :is "precedence" "list",
# Mentions List-* and references RFC2369. Not possible to
# express "list-*" as a header match in sieve. Instead just
# enumerate the RFC2369 and RFC2919 (List-ID) defined he
Re: [Dovecot] Maildir Skeleton
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Robert Schetterer schrieb:
> so do you have any idea why global sieve-filter file
> does not work with your system?
No I've got no idea.
dovecot.conf:
protocol lda {
mail_plugin= quota, cmusieve
global_script_path = /var/vmail/globalsieverc
}
/var/vmal/globalsieverc:
require ["fileinto"];
# Move spam to spam folder
if exists "X-Spam-Flag" {
fileinto "spam";
# Stop here so that we do not reply on spams
stop;
}
Is there anything else I need to configure?
Sebastian
- --
Sebastian Ganschow
Königsberger Str. 17
45770 Marl
Germany
Phone: +49 2365 9 24 96 76
Mobile: +49 172 2 47 41 44
Mail: [EMAIL PROTECTED]
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGuNppKWhY+QthhLYRAoaZAKCWkYT9G9saoQrzzEAwFWW3x1JLvACglvdL
Z0bDAOsI3Zji4/U2bQu0eCY=
=vQOu
-END PGP SIGNATURE-
Re: [Dovecot] Maildir Skeleton
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Sebastian Ganschow schrieb: > albinootje schrieb: >> am i missing something ? i am using postfixadmin+dovecot+dovecot-LDA and >> i thought the spam-folder gets created the moment there's spam to be >> delivered >> in the spam-folder > >> so why not just simply have a global sieve-file ? > >> i used these 2 pages for my setup : >> http://wiki.dovecot.org/HowTo/DovecotLDAPostfixAdminMySQL >> http://workaround.org/articles/ispmail-etch/#sieve-filtering-out-spam > > > The global sieve-filter file won't work on my system, but if I configure a > per user sieve-file with the rule, the spam folder will be created. > > If I'll get the global filter working, it would the perfect solution. > > Sebastian > so do you have any idea why global sieve-filter file does not work with your system? - -- Mit freundlichen Gruessen Best Regards Robert Schetterer Germany/Bavaria/Munich -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFGuNbdfGH2AvR16oERAu6gAJ9opSqXewNY/1tEbm5/NBTjIFU5BwCaA02Z LV5ZxJbfjAOKCGk8QHls5Ik= =12WU -END PGP SIGNATURE-
Re: [Dovecot] Maildir Skeleton
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 albinootje schrieb: > am i missing something ? i am using postfixadmin+dovecot+dovecot-LDA and > i thought the spam-folder gets created the moment there's spam to be > delivered > in the spam-folder > > so why not just simply have a global sieve-file ? > > i used these 2 pages for my setup : > http://wiki.dovecot.org/HowTo/DovecotLDAPostfixAdminMySQL > http://workaround.org/articles/ispmail-etch/#sieve-filtering-out-spam > The global sieve-filter file won't work on my system, but if I configure a per user sieve-file with the rule, the spam folder will be created. If I'll get the global filter working, it would the perfect solution. Sebastian - -- Sebastian Ganschow Königsberger Str. 17 45770 Marl Germany Phone: +49 2365 9 24 96 76 Mobile: +49 172 2 47 41 44 Mail: [EMAIL PROTECTED] -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGuNYcKWhY+QthhLYRAjqwAJ9Rmup8RLg+M7oI3z7PguqTX2onagCeOi3t 5jAKwRFdZ5sMptklNZ7zl90= =y837 -END PGP SIGNATURE-
Re: [Dovecot] Maildir Skeleton
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
albinootje schrieb:
> Sebastian Ganschow wrote:
>
>> If the cronjob will be executed every minute, the chance for some
>> mails getting in before the maildir has been created will be very
>> low, because the created alias has to be synchronized to the
>> mailrelay first. This happens every 15 minutes.
>>
>> I think the cronjob approach will be the best solution.
>
> am i missing something ? i am using postfixadmin+dovecot+dovecot-LDA and
> i thought the spam-folder gets created the moment there's spam to be
> delivered
> in the spam-folder
>
> so why not just simply have a global sieve-file ?
>
> i used these 2 pages for my setup :
> http://wiki.dovecot.org/HowTo/DovecotLDAPostfixAdminMySQL
> http://workaround.org/articles/ispmail-etch/#sieve-filtering-out-spam
>
Hi,
i am creating/testing existance folders with maildrop and
/etc/maildroprc as global script, this works if you use
maildrop as transport in postfix,
with deliver as transport perhaps this works,
a global sieve script
should do the job, ie test if a folder exist, if not create it,
as i.e postfixadmin sends a welcome mail to new users
the desired folders should exist/created with that mail
you may also create a standart move to spam folder sieve rule that way
from
http://wiki.dovecot.org/LDA/Sieve#head-46de5c4f4dfd63725c8cd299573cc0dcbc3faa7a
Include scripts
With v1.1 it's possible to include other Sieve scripts in your script:
require ["include"];
include :global "global-spam.sieve";
include :personal "my-own-spam.sieve";
protocol lda {
# ..
sieve_global_dir = /etc/dovecot/sieve/
}
- --
Mit freundlichen Gruessen
Best Regards
Robert Schetterer
Germany/Bavaria/Munich
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org
iD8DBQFGuNWzfGH2AvR16oERAjvgAJ4o0bUmOzTTqp66yLYfHmXcuC15lwCfc1vE
nAVMSMlpA10sO4T7Z+qO9QY=
=cmts
-END PGP SIGNATURE-
Re: [Dovecot] Maildir Skeleton
Sebastian Ganschow wrote: > If the cronjob will be executed every minute, the chance for some > mails getting in before the maildir has been created will be very > low, because the created alias has to be synchronized to the > mailrelay first. This happens every 15 minutes. > > I think the cronjob approach will be the best solution. am i missing something ? i am using postfixadmin+dovecot+dovecot-LDA and i thought the spam-folder gets created the moment there's spam to be delivered in the spam-folder so why not just simply have a global sieve-file ? i used these 2 pages for my setup : http://wiki.dovecot.org/HowTo/DovecotLDAPostfixAdminMySQL http://workaround.org/articles/ispmail-etch/#sieve-filtering-out-spam
Re: [Dovecot] Maildir Skeleton
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Udo Rader schrieb: > procmail for example could make you happy here (man procmailex). May be, but I'm using dovecots deliver. > another (more sane) option would be to write the list of newly created > users into a file/database/... and have a cronjob loop over this list, > create the skeleton things you need and finally remove the user if the > creation was successfull. Yet keep in mind that cron jobs are executed > once a minute at most, so the time between creating the user and the > cronjob running might cause some mails getting in before your user has > been correctly "initialized". If the cronjob will be executed every minute, the chance for some mails getting in before the maildir has been created will be very low, because the created alias has to be synchronized to the mailrelay first. This happens every 15 minutes. I think the cronjob approach will be the best solution. - -- Sebastian Ganschow Königsberger Str. 17 45770 Marl Germany Phone: +49 2365 9 24 96 76 Mobile: +49 172 2 47 41 44 Mail: [EMAIL PROTECTED] -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGuMbIKWhY+QthhLYRAr0oAJ95wCphT67fVKJUZS05mxKqBVlKkwCdG1IG /ble5it+wMW7rF7YVxKps9Q= =WkL8 -END PGP SIGNATURE-
Re: [Dovecot] Maildir Skeleton
Why not just do this with a post-logon script? http://wiki.dovecot.org/PostLoginScripting This would only work, if the user logs in before he gets the first mail. Ahh, right, sorry... this would not be the best way anyway, since as someone else pointed out, the script would run every time the user logged in. Then as someone else pointed out, the best way would be the user creation utility, or maybe the LDA... what do you use for deliver? -- Best regards, Charles
Re: [Dovecot] OpenBSD and too many open files
On Aug 7, 2007, at 11:15 AM, Brad wrote: I already passed this around for review and it has been commited. http://marc.info/?l=openbsd-cvs&m=118648637312063&w=2 Great! Thank you very much. Bryan
Re: [Dovecot] OpenBSD and too many open files
On Tue, 7 Aug 2007 10:05:32 -0700 Bryan Vyhmeister <[EMAIL PROTECTED]> wrote: > On Aug 1, 2007, at 4:22 PM, Bryan Vyhmeister wrote: > > > On Aug 1, 2007, at 11:09 AM, Quentin Garnier wrote: > > > >> Well, the problem is Christos did some other stuff in that commit > >> than > >> just fixing the bug. Try the attached patch. > > > > Thank you for the patch. It applied cleanly and I have a kernel > > that reflects the patch running right now. So far so good. I will > > report back if anything unusual happens. Otherwise, I will report > > back first thing next week if everything works fine from here on > > out. Thank you all for your help. > > Well, I have not had a single instance of the "Too many files" error > since. Everything is working smoothly. I'll see about getting the > patch into OpenBSD if possible. I'll get that tutorial done as well. > > Bryan I already passed this around for review and it has been commited. http://marc.info/?l=openbsd-cvs&m=118648637312063&w=2
Re: [Dovecot] What would you tell the CIO in an "ABCs of Email" overview?
The article is live... as part 1, anyway. As you'll soon see, it was impossible to do an ABCs of Email that covered both technology and people issues. So I've split these into two articles. I'll do the "POP vs IMAP" stuff separately... as soon as I recover from this one. I tried to make this document the one you want to print out and slap on an exec's desk when they do something totally dumb. (This way it's not YOU saying they were clueless.) Feel free to post anywhere you like... I'm such a slut for pageviews. Comments and corrections are welcome, particularly if they also include praise. :-) ABC: An Introduction to E-mail Management Helping nontechnical managers calibrate expectations, learn the key issues in e-mail management and identify issues in setting corporate e-mail policies. http://www.cio.com/article/128450/ ABC_An_Introduction_to_E_mail_Management Esther Schindler senior online editor, CIO.com On May 7, 2007, at 12:37 PM, Esther Schindler wrote: One of the key points that came up when I researched and wrote the "Five Things CIOs Should Know about Fighting Spam" article (http:// www.cio.com/article/28830) was that they should know the basics of how email works. Otherwise, said plenty of techies, the CIO won't have the first idea of what the email admin is complaining about. So I'm going to do my part. I'm going to write an "ABCs of Email" article (to accompany the many other ABCs articles we have on CIO.com, at http://www.cio.com/article/40242 ). I'd like your input on the topics that should be included, keeping in mind the fact that the target reader is a CIO, IT manager, or someone who wants to understand the basics, *not* actively get involved in email management. You don't need to write an essay for me or inundate me with links (though hey, if you want to make my life easier I shall not complain). What I'm looking for, primarily, are the categories of information that I should cover. In other words, if your CIO had an email ephiphany and asked you to give a half-hour presentation, what would you include? This won't be an "Expert says..." article nor will it be "Geek on the street says" I intend to compile and research the "least you need to know" for the not-necessarily-techie bosses out there. And hopefully the end result will be that you have one less dumb question to deal with in your life. So: any suggestions? (You can reply privately if you prefer.) Esther Schindler senior online editor, CIO.com her blog: http://advice.cio.com/taxonomy/term/34
Re: [Dovecot] OpenBSD and too many open files
On Aug 7, 2007, at 10:29 AM, Quentin Garnier wrote: Well, I have not had a single instance of the "Too many files" error since. Everything is working smoothly. I'll see about getting the patch into OpenBSD if possible. I'll get that tutorial done as well. I'll send a mail to [EMAIL PROTECTED] with the patch. Sounds great. Thank you. Bryan
Re: [Dovecot] Maildir Skeleton
On Tue, 2007-08-07 at 19:22 +0200, Sebastian Ganschow wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Charles Marcus schrieb: > > > > Why not just do this with a post-logon script? > > > > http://wiki.dovecot.org/PostLoginScripting > > This would only work, if the user logs in before he gets the first mail. Hmm, dovecot is all about retrieving received mail. If you need things to be done before a user retrieves mail initially, you _need_ to do it either via postfixadmin (don't know that piece) or using the LDA you are using to route the mail to the fitting (virtual) user. procmail for example could make you happy here (man procmailex). major drawback however for all those operations is that things are checked over and over again for each mail received. another (more sane) option would be to write the list of newly created users into a file/database/... and have a cronjob loop over this list, create the skeleton things you need and finally remove the user if the creation was successfull. Yet keep in mind that cron jobs are executed once a minute at most, so the time between creating the user and the cronjob running might cause some mails getting in before your user has been correctly "initialized". -- Udo Rader bestsolution.at EDV Systemhaus GmbH http://www.bestsolution.at signature.asc Description: This is a digitally signed message part
Re: [Dovecot] Maildir Skeleton
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Charles Marcus schrieb: > > Why not just do this with a post-logon script? > > http://wiki.dovecot.org/PostLoginScripting This would only work, if the user logs in before he gets the first mail. Sebastian - -- Sebastian Ganschow Königsberger Str. 17 45770 Marl Germany Phone: +49 2365 9 24 96 76 Mobile: +49 172 2 47 41 44 Mail: [EMAIL PROTECTED] -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGuKpYKWhY+QthhLYRAugAAKCKto8coVYvONIYLpZ7r+/0crDZcwCgjHuC rqSurMbqtYCoWO0xtqM4shs= =9lc4 -END PGP SIGNATURE-
Re: [Dovecot] Maildir Skeleton
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Scott Silva schrieb: > What are you using to create users? > MAybe you could add something to the user creation system. I'm using postfixAdmin but I don't want to modify it. Sebastian - -- Sebastian Ganschow Königsberger Str. 17 45770 Marl Germany Phone: +49 2365 9 24 96 76 Mobile: +49 172 2 47 41 44 Mail: [EMAIL PROTECTED] -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGuKoBKWhY+QthhLYRAgeYAKCHRZiLW/wjQ/SjpFuM+PoLSO2NUACeP0OO YEXvoEgBTB0wLA64NP9FukU= =xgOo -END PGP SIGNATURE-
Re: [Dovecot] OpenBSD and too many open files
On Aug 1, 2007, at 4:22 PM, Bryan Vyhmeister wrote: On Aug 1, 2007, at 11:09 AM, Quentin Garnier wrote: Well, the problem is Christos did some other stuff in that commit than just fixing the bug. Try the attached patch. Thank you for the patch. It applied cleanly and I have a kernel that reflects the patch running right now. So far so good. I will report back if anything unusual happens. Otherwise, I will report back first thing next week if everything works fine from here on out. Thank you all for your help. Well, I have not had a single instance of the "Too many files" error since. Everything is working smoothly. I'll see about getting the patch into OpenBSD if possible. I'll get that tutorial done as well. Bryan
Re: [Dovecot] vfile ACL's
On Sun, 5 Aug 2007, Timo Sirainen wrote: On Fri, 2007-08-03 at 09:34 -0400, Benjamin R. Haskell wrote: (Sorry for the impatience. This was one of several questions in my email from yesterday. I thought I might have better luck being more direct.) Is there a way to set ACL's, using the vfile backend, on a truly global basis? or hierarchically (i.e. .Maildir.Sub inherits from .Maildir)? I thought there was something like that, but looks like not. I don't remember if this is because there was a problem with adding support for them or if I simply haven't gotten around to implementing them yet. Thanks for the response. I worked around the actual problem (in "[Dovecot] Shared folder hierarchies, multiple groups") with the following patch: http://benizi.com/dovecot-1.0.1-namespace-hack.patch It's probably not the "correct" thing to do. (Hence "-hack".) But, it did seem to be the minimal set of changes required to accomplish what I wanted (shared folders implemented via namespaces with permissions controlled by the namespace INBOX's group). It changes the following: 1. src/imap/cmd-list.c - list_namespace_init In the IMAP LIST command, when checking namespace INBOX'es, if the INBOX folder's path exists and is not readable, it doesn't list it. 2. src/lib-storage/index/maildir/maildir-list.c - maildir_fill_readdir If it fails to open the directory because permission was denied, it sets an open_flag, but doesn't set_critial, and returns false. 3. src/lib-storage/index/maildir/maildir-list.c - maildir_mailbox_list_init If maildir_fill_readdir fails, and the HIDEYHACK flag is set, it returns in the same place as a failure would, but doesn't set .failed on the context. 4. src/lib-storage/index/maildir/maildir-storage.c - verify_inbox Checks permissions on the directory path. If the folder exists, but is unreadable, it returns 0 (= verifies OK), but logs an error to assist in actual-error debugging. If there's anything *glaringly* wrong with this approach, please let me know. Best, Ben
Re: [Dovecot] Maildir Skeleton
Sebastian Ganschow spake the following on 8/7/2007 9:38 AM: > Patrick Ben Koetter schrieb: >> * Sebastian Ganschow <[EMAIL PROTECTED]>: >>> Peter Hessler schrieb: If your OS uses /etc/skel to build new users from (many do), you can create it there. Most OSs that use /etc/skel merely copy files from there, then chown them to the appropriate user and group. Perms shouldn't be modified. >>> It would work if the users weren't virtual. There are only virtual users on >>> the mail system. >> That's no problem either. The question is: Are you looking for an automated >> process or does "cp -a template_maildir/ /srv/mail/newuser/" the job? > > It should be automated. > > A possible solution would be a cronjob, which checks every few minutes if > there is a new user without a maildir. But this requires that the user > hasn't logged on before the cronjob is executed. > > Another approach is to check every maildir for an existing .Spam folder and > a .dovecot.sieve file and create both if they don't exist. > > If dovecot couldn't do this by itself, I'm going to realize it with a cronjob. > > Sebastian > What are you using to create users? MAybe you could add something to the user creation system. -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't
Re: [Dovecot] Maildir Skeleton
That's no problem either. The question is: Are you looking for an automated process or does "cp -a template_maildir/ /srv/mail/newuser/" the job? It should be automated. A possible solution would be a cronjob, which checks every few minutes if there is a new user without a maildir. But this requires that the user hasn't logged on before the cronjob is executed. Another approach is to check every maildir for an existing .Spam folder and a .dovecot.sieve file and create both if they don't exist. If dovecot couldn't do this by itself, I'm going to realize it with a cronjob. Why not just do this with a post-logon script? http://wiki.dovecot.org/PostLoginScripting -- Best regards, Charles
Re: [Dovecot] Maildir Skeleton
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Patrick Ben Koetter schrieb: > * Sebastian Ganschow <[EMAIL PROTECTED]>: >> Peter Hessler schrieb: >>> If your OS uses /etc/skel to build new users from (many do), you can >>> create it there. Most OSs that use /etc/skel merely copy files from >>> there, then chown them to the appropriate user and group. Perms >>> shouldn't be modified. >> It would work if the users weren't virtual. There are only virtual users on >> the mail system. > > That's no problem either. The question is: Are you looking for an automated > process or does "cp -a template_maildir/ /srv/mail/newuser/" the job? It should be automated. A possible solution would be a cronjob, which checks every few minutes if there is a new user without a maildir. But this requires that the user hasn't logged on before the cronjob is executed. Another approach is to check every maildir for an existing .Spam folder and a .dovecot.sieve file and create both if they don't exist. If dovecot couldn't do this by itself, I'm going to realize it with a cronjob. Sebastian - -- Sebastian Ganschow Königsberger Str. 17 45770 Marl Germany Phone: +49 2365 9 24 96 76 Mobile: +49 172 2 47 41 44 Mail: [EMAIL PROTECTED] -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGuKAIKWhY+QthhLYRAu8fAKCGOqZP9SmTV6/evKm9iJVfYftxkgCfQaHG PP0u3V1inNrtTxBhs0WKU8w= =zytd -END PGP SIGNATURE-
Re: [Dovecot] Maildir Skeleton
* Sebastian Ganschow <[EMAIL PROTECTED]>: > > Peter Hessler schrieb: > > If your OS uses /etc/skel to build new users from (many do), you can > > create it there. Most OSs that use /etc/skel merely copy files from > > there, then chown them to the appropriate user and group. Perms > > shouldn't be modified. > > It would work if the users weren't virtual. There are only virtual users on > the mail system. That's no problem either. The question is: Are you looking for an automated process or does "cp -a template_maildir/ /srv/mail/newuser/" the job? [EMAIL PROTECTED] -- state of mind Agentur für Kommunikation, Design und Softwareentwicklung Patrick KoetterTel: 089 45227227 Echinger Strasse 3 Fax: 089 45227226 85386 Eching Web: http://www.state-of-mind.de Amtsgericht MünchenPartnerschaftsregister PR 563
Re: [Dovecot] NFS rquota support
Greetings - On 7 Aug 2007, at 14:36, Nicolas STRANSKY wrote: In fact the patch applies well, dovecot compiles well, but rquota is still not functionnal. I have this in config.log: HAVE_RQUOTA_FALSE='#' HAVE_RQUOTA_TRUE='' #define HAVE_RQUOTA But there is no RPC string in quota-fs.o. Where am I wrong ? Try a different check: search through your config.h for RQUOTA. If all is well you should have #define HAVE_RQUOTA in there. If it's not then the rquota code isn't going to get included. (Well, that's based on my empirical observations here.) If it's not there then try the sequence below... This is what I did to get the build to include the rquota code: 0. Apply the patches. 1. cd to the top level of the distribution directory tree (above "src") 2. Run: autoconf 3. Run: autoheader 4. Run: automake 5. Run: configure 6. Compile I think the following is right (forgive me if there's anything wrong)... autoconf does various tests to see if it is possible to use the rquota code (eg, required configuration files and the rpcgen command are all available); it builds the "configure" script from "configure.in" autoheader uses "configure.in" to build "config.h.in" automake builds the various Makefile.in files from the corresponding Makefile.am files. configure then builds "config.h" from "config.h.in", and the various Makefile files from the Makefile.in files Then you are ready to compile. When I first tried using the patches I simply did autoconf then automake and found, like you, that the rquota code wasn't included in the compilation. However adding the autoheader step fixed this. Cheers, Mike B-) -- The Computing Service, University of York, Heslington, York Yo10 5DD, UK Tel:+44-1904-433811 FAX:+44-1904-433740 * Unsolicited commercial e-mail is NOT welcome at this e-mail address. *
Re: [Dovecot] Maildir Skeleton
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Peter Hessler schrieb: > If your OS uses /etc/skel to build new users from (many do), you can > create it there. Most OSs that use /etc/skel merely copy files from > there, then chown them to the appropriate user and group. Perms > shouldn't be modified. It would work if the users weren't virtual. There are only virtual users on the mail system. Sebastian - -- Sebastian Ganschow Königsberger Str. 17 45770 Marl Germany Phone: +49 2365 9 24 96 76 Mobile: +49 172 2 47 41 44 Mail: [EMAIL PROTECTED] -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGuItoKWhY+QthhLYRAmdGAKCgbg2mvg8dUh14AqvMFJKnBp5YigCfWyXX 17qBtdCdl4j2q7AvuBq1jKY= =Jo8x -END PGP SIGNATURE-
Re: [Dovecot] Maildir Skeleton
If your OS uses /etc/skel to build new users from (many do), you can create it there. Most OSs that use /etc/skel merely copy files from there, then chown them to the appropriate user and group. Perms shouldn't be modified. On 2007 Aug 07 (Tue) at 14:37:03 +0200 (+0200), Sebastian Ganschow wrote: :-BEGIN PGP SIGNED MESSAGE- :Hash: SHA1 : :Hi, : :I'm setting up a new mailserver with postfix and Dovecot. : :I'd like to prepare a skeleton for the users maildir to create i.e. a spam :folder and a sieve file per default. : :Is there any chance to realize this with dovecot? : :Regards :Sebastian :- -- :Sebastian Ganschow :K??nigsberger Str. 17 :45770 Marl :Germany : :Phone: +49 2365 9 24 96 76 :Mobile: +49 172 2 47 41 44 :Mail: [EMAIL PROTECTED] :-BEGIN PGP SIGNATURE- :Version: GnuPG v1.4.7 (MingW32) :Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org : :iD8DBQFGuGdvKWhY+QthhLYRArCQAKCKLAaWetcu84vqnlr+a31K1qhKNgCfVtGL :71lFFadsY+9U1vIdNdhIcZE= :=biAm :-END PGP SIGNATURE- : -- A sine curve goes off to infinity or at least the end of the blackboard. -- Prof. Steiner
Re: [Dovecot] Best way to change PACKAGE_STRING & VERSION_STRING
On Tue, 2007-08-07 at 07:58 -0500, David Favor wrote: > Let me know the best way to change the source tree > to add in a time to be output from 'dovecot --version'. I think the only way to do that is to modify config.h after configure is run. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] NFS rquota support
In fact the patch applies well, dovecot compiles well, but rquota is still not functionnal. I have this in config.log: HAVE_RQUOTA_FALSE='#' HAVE_RQUOTA_TRUE='' #define HAVE_RQUOTA But there is no RPC string in quota-fs.o. Where am I wrong ? -- Nico
Re: [Dovecot] Maildir Skeleton
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 7 Aug 2007, Sebastian Ganschow wrote: I'd like to prepare a skeleton for the users maildir to create i.e. a spam folder and a sieve file per default. Is there any chance to realize this with dovecot? Try: http://wiki.dovecot.org/PostLoginScripting But the script runs for each login. Bye, - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBRrhy2i9SORjhbDpvAQIZiAgAlo6RC/39/mMj+rKiZ9i15fc6PF0lrK4X bvPTyhSSngC1Eeq3Ozc76J5Y4OCw4eKp9ouBECu840v81zRMe01An0zJjmrf/tjx yyWE/aJiGg4yOk3oP2pdfv8+MYawYxb6EPW+NmEyCr/6LHDfONa4PWC76iT6XZsF HOAxXE99qm4Kv9jGINKsRL1+OK+KWWzplF6hVtsrY7+8D+zk2YiQtFCKFK5SnpdA X2IMUfrYVovIJAUGPdzrLOVgeJxQJbXTqkG5dhqHZnYc6mEcrwsvRzavExz1qjmx 6uPUA7UsG/DM0Xj4rBoPXT9m+jwSouEUyM1lKNPzUsq8RyvhxOSN/g== =9nBa -END PGP SIGNATURE-
Re: [Dovecot] NFS rquota support
Greetings - On 7 Aug 2007, at 13:54, Stewart Dean wrote: Sorry to be so clueless, but all the activity about rquotad drives me to admit my puzzlement (or ignorance)... I run rquotad on my mail server that also runs DCrquotad is used by the other 3 hosts (a login/FTP server, a mailing list server and a user mgmnt server) that NFS mount the folder and inbox filesystem...which are under filesystem quota on the mail server where they are physically resident. AFAIK it is not queried on the mail server...after all, filesystem quota is running there. How/ why does DC need/use rquotad? I think you have answered your own questions actually! ... rquotad is used to allow other machines that NFS-mount a filestore. The rquotad daemon runs on the machine serving up the filestore to the other clients. You say that your mail filestore physically resides on your mail server. That means it is a locally attached disk (not mounted using NFS from some other server), and so Dovecot can, and does, obtain quotas directly from it: it does not need to ask an rquotad daemon. In contrast here we have the mailstore on a NetApp filer, and mount it over NFS on our machines running Dovecot. In this case Dovecot cannot query the quota directly because the filestore isn't on locally attached disk. Instead it must use an RPC (Remote Procedure Call) to ask the rquotad daemon running on the file server (in this case the NetApp filer) what the quota usage and limits are. Cheers, Mike B-) -- The Computing Service, University of York, Heslington, York Yo10 5DD, UK Tel:+44-1904-433811 FAX:+44-1904-433740 * Unsolicited commercial e-mail is NOT welcome at this e-mail address. *
[Dovecot] Best way to change PACKAGE_STRING & VERSION_STRING
Let me know the best way to change the source tree to add in a time to be output from 'dovecot --version'. I've tried the following with no success: mkdir -p /build/work/dovecot-1.1alpha2 cd /build/work/dovecot-1.1alpha2 export LDFLAGS='-L/common/pkgs/sqlite-3.4.1.1/lib64 -R/common/pkgs/sqlite-3.4.1.1/lib64' export PACKAGE_STRING='dovecot 1.1alpha2-2007-08-07' export PACKAGE_VERSION='1.1alpha2-2007-08-07' export CPPFLAGS='-pipe -O2 -I/common/pkgs/sqlite-3.4.1.1/include' unset CDPATH make distclean ./configure --prefix=/common/pkgs/dovecot-1.1alpha2 --disable-nls --disable-ipv6 --with-db --with-sql=plugin --with-sqlite --with-mysql --with-postgresql --with-ssl=openssl --with-ssldir=/etc/pki/dovecot --with-notify=inotify --with-ioloop=epoll --without-vpopmail --with-ldap=plugin --without-gssapi make -e make check rm -rf /common/pkgs/dovecot-1.1alpha2 make install Thanks. -- Like feeling your best ever, all day, every day? Email [EMAIL PROTECTED] for the easy way.
Re: [Dovecot] NFS rquota support
> Sorry to be so clueless, but all the activity about rquotad drives me to > admit my puzzlement (or ignorance)... > I run rquotad on my mail server that also runs DCrquotad is used by > the other 3 hosts (a login/FTP server, a mailing list server and a user > mgmnt server) that NFS mount the folder and inbox filesystem...which are > under filesystem quota on the mail server where they are physically > resident. AFAIK it is not queried on the mail server...after all, > filesystem quota is running there. How/why does DC need/use rquotad? You can have your mail spool located on an NFS server. In that case the dovecot server needs to use rquotad to get quota info from the nfs server. Cor
Re: [Dovecot] Latest 1.1 tree build failure
Timo Sirainen wrote: On Tue, 2007-08-07 at 07:23 -0500, David Favor wrote: Suggestions of how to fix this? mkdir -p /build/work/dovecot-1.1-alpha1 cd /build/work/dovecot-1.1-alpha1 export LDFLAGS='-L/common/pkgs/sqlite-3.4.1.1/lib64 -R/common/pkgs/sqlite-3.4.1.1/lib64' export CPPFLAGS='-pipe -O2 -I/common/pkgs/sqlite-3.4.1.1/include' unset CDPATH make distclean ./configure --prefix=/common/pkgs/dovecot-1.1-alpha1 --disable-nls --disable-ipv6 --with-db --with-sql=plugin --with-sqlite --with-mysql --with-postgresql --with-ssl=openssl --with-ssldir=/etc/pki/dovecot --with-notify=inotify --with-ioloop=epoll --without-vpopmail --with-ldap=plugin --without-gssapi make ... ... ... mv -f .deps/auth-master-listener.Tpo .deps/auth-master-listener.Po make[3]: *** No rule to make target `auth-module.o', needed by `dovecot-auth'. Stop. I guess you're trying to build from hg and not the real alpha1 tarball? auth-module.c was just removed, so it sounds like you have a problem with updating dependencies.. Try deleting the whole source tree and starting from a new one. Yes. Remove tree + hg clone http://hg.dovecot.org/dovecot + ./autogen.sh + build works now. -- Like feeling your best ever, all day, every day? Email [EMAIL PROTECTED] for the easy way.
Re: [Dovecot] NFS rquota support
Sorry to be so clueless, but all the activity about rquotad drives me to admit my puzzlement (or ignorance)... I run rquotad on my mail server that also runs DCrquotad is used by the other 3 hosts (a login/FTP server, a mailing list server and a user mgmnt server) that NFS mount the folder and inbox filesystem...which are under filesystem quota on the mail server where they are physically resident. AFAIK it is not queried on the mail server...after all, filesystem quota is running there. How/why does DC need/use rquotad? Timo Sirainen wrote: On Tue, 2007-08-07 at 10:29 +0200, Nicolas STRANSKY wrote: Le 06.08.2007 18:08, Timo Sirainen a écrit : So both http://hg.dovecot.org/dovecot/rev/078d9dde99c8 and http://hg.dovecot.org/dovecot/rev/abec53314897 are needed to have rquota support with 1.0.x or is there anything else ? http://hg.dovecot.org/dovecot/rev/0dda1f746d63 also. -- Stewart Dean, Unix System Admin, Henderson Computer Resources Center of Bard College, Annandale-on-Hudson, New York 12504 [EMAIL PROTECTED] voice: 845-758-7475, fax: 845-758-7035
Re: [Dovecot] Latest 1.1 tree build failure
On Tue, 2007-08-07 at 07:23 -0500, David Favor wrote: > Suggestions of how to fix this? > > mkdir -p /build/work/dovecot-1.1-alpha1 > cd /build/work/dovecot-1.1-alpha1 > export LDFLAGS='-L/common/pkgs/sqlite-3.4.1.1/lib64 > -R/common/pkgs/sqlite-3.4.1.1/lib64' > export CPPFLAGS='-pipe -O2 -I/common/pkgs/sqlite-3.4.1.1/include' > unset CDPATH > make distclean > ./configure --prefix=/common/pkgs/dovecot-1.1-alpha1 --disable-nls > --disable-ipv6 --with-db > --with-sql=plugin --with-sqlite --with-mysql --with-postgresql > --with-ssl=openssl > --with-ssldir=/etc/pki/dovecot --with-notify=inotify --with-ioloop=epoll > --without-vpopmail > --with-ldap=plugin --without-gssapi > make > ... ... ... > mv -f .deps/auth-master-listener.Tpo .deps/auth-master-listener.Po > make[3]: *** No rule to make target `auth-module.o', needed by > `dovecot-auth'. Stop. I guess you're trying to build from hg and not the real alpha1 tarball? auth-module.c was just removed, so it sounds like you have a problem with updating dependencies.. Try deleting the whole source tree and starting from a new one. signature.asc Description: This is a digitally signed message part
[Dovecot] Maildir Skeleton
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, I'm setting up a new mailserver with postfix and Dovecot. I'd like to prepare a skeleton for the users maildir to create i.e. a spam folder and a sieve file per default. Is there any chance to realize this with dovecot? Regards Sebastian - -- Sebastian Ganschow Königsberger Str. 17 45770 Marl Germany Phone: +49 2365 9 24 96 76 Mobile: +49 172 2 47 41 44 Mail: [EMAIL PROTECTED] -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGuGdvKWhY+QthhLYRArCQAKCKLAaWetcu84vqnlr+a31K1qhKNgCfVtGL 71lFFadsY+9U1vIdNdhIcZE= =biAm -END PGP SIGNATURE-
Re: [Dovecot] dovecot + LDAP-SASL ?
Timo Sirainen wrote: > > For plaintext authentication you can use authentication binds and have > the password stored on LDAP side in any way you want. > > For non-plaintext authentication Dovecot needs the secret in plaintext > or some other specific format. LDAP doesn't support "SASL forwarding". Neither one doesn't help in this particular case. I need to port a proprietary, non-publish one time password authentication method (not compatible with opie/skey) from older software into SASL or LDAP, to make it available for several unix applications. The current plan is to implement a plugin for cyrus-sasl which is used by most sasl-aware applications, and thus to have the openldap server accept sasl authentication for those applications which allow to authenticate against an LDAP server, not just with plaintext passwords, but with SASL as well. As far as I know dovecot does (or version 1.1) will support SASL methods, but does implement them itself, so does not work with a cyrus-sasl plugin and does not work against an LDAP server. Since SASL authentication is implemented as a communication protocol passing opaque byte sequences between client and servers, the idea was whether dovecot could act like a SASL proxy, i.e. passing the SASL traffic between the IMAP client on one side and the LDAP server on the other side just through without touching it and waiting for the result of the authentication process. A second method intended to be implemented is to pass web authentication (e.g. if a user authenticatis with SSL client certificates over HTTPS) through webserver - webmailer - IMAP Server -Authentication database which could also be implemented as a SASL plugin. Therefore would be nice to have a SASL pass through without the need to modify dovecot or teach dovecot new authentication methods regards Hadmut
[Dovecot] v1.1.alpha2 released
http://dovecot.org/releases/1.1/alpha/dovecot-1.1.alpha2.tar.gz http://dovecot.org/releases/1.1/alpha/dovecot-1.1.alpha2.tar.gz.sig Hopefully the next release can be v1.1.beta1. I'm not aware of any major problems and I think I'm pretty much done with new features (except for dbox). The largest changes since alpha1: * Removed THREAD indexing. It's a bit buggy and I think there's a better chance of releasing a bugfree v1.1 soon if it's not included. I'll fix it after v1.1. * Removed THREAD=X-REFERENCES2 also because it wasn't as easy to implement with the old threading code. I might put this back though if there's enough interest. * PAM always works in blocking=yes mode now. If you have problems with memory leaks, change auth_worker_max_request_count setting. + Filesystem quota backend supports inode limits, group quota and RPC quota for NFS. + SEARCH and SORT finally compare all characters case-insensitively. We use i;unicode-casemap algorithm. + Config files support splitting values to multiple lines with \ + Winbind NTLM and GSS-SPNEGO mechanism patches by Dmitry Butskoy. signature.asc Description: This is a digitally signed message part
[Dovecot] Latest 1.1 tree build failure
Suggestions of how to fix this? mkdir -p /build/work/dovecot-1.1-alpha1 cd /build/work/dovecot-1.1-alpha1 export LDFLAGS='-L/common/pkgs/sqlite-3.4.1.1/lib64 -R/common/pkgs/sqlite-3.4.1.1/lib64' export CPPFLAGS='-pipe -O2 -I/common/pkgs/sqlite-3.4.1.1/include' unset CDPATH make distclean ./configure --prefix=/common/pkgs/dovecot-1.1-alpha1 --disable-nls --disable-ipv6 --with-db --with-sql=plugin --with-sqlite --with-mysql --with-postgresql --with-ssl=openssl --with-ssldir=/etc/pki/dovecot --with-notify=inotify --with-ioloop=epoll --without-vpopmail --with-ldap=plugin --without-gssapi make ... ... ... mv -f .deps/auth-master-listener.Tpo .deps/auth-master-listener.Po make[3]: *** No rule to make target `auth-module.o', needed by `dovecot-auth'. Stop. make[3]: Leaving directory `/build/work/dovecot-1.1-alpha1/src/auth' make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory `/build/work/dovecot-1.1-alpha1/src' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/build/work/dovecot-1.1-alpha1' make: *** [all] Error 2 exp=0, got ec=2, abort=1 -- Like feeling your best ever, all day, every day? Email [EMAIL PROTECTED] for the easy way.
Re: [Dovecot] NFS rquota support
It's also working here. In my RHEL4, make crashed because it didn't get any value for SED. export SED=/bin/sed before autoconf solved the issue, and now it up and running. Thanks a lot! Agur. El Martes, 7 de Agosto de 2007 13:17, Nicolas STRANSKY escribió: > Le 07.08.2007 12:37, Mike Brudenell a écrit : > > Greetings - > > > > On 7 Aug 2007, at 11:28, Nicolas STRANSKY wrote: > >> OK, thanks for the answer, but unfortunately, these don't apply well to > >> 1.0.3.. > > > > They applied just fine to 1.0.3 here. > > You are right, they applied just fine, I just couldn't use --dry-run > because these are not independent changesets. -- Joseba Torre. CIDIR Bizkaia. pgpXczwHlGMGL.pgp Description: PGP signature
Re: [Dovecot] NFS rquota support
Le 07.08.2007 12:37, Mike Brudenell a écrit : > Greetings - > > On 7 Aug 2007, at 11:28, Nicolas STRANSKY wrote: > >> OK, thanks for the answer, but unfortunately, these don't apply well to >> 1.0.3.. > > They applied just fine to 1.0.3 here. You are right, they applied just fine, I just couldn't use --dry-run because these are not independent changesets. -- Nico
Re: [Dovecot] NFS rquota support
Greetings - On 7 Aug 2007, at 11:28, Nicolas STRANSKY wrote: OK, thanks for the answer, but unfortunately, these don't apply well to 1.0.3.. They applied just fine to 1.0.3 here. I started off with pristine copies of the files from the 1.0.3 distribution then applied the patches using GNU patch in this order: http://hg.dovecot.org/dovecot/rev/078d9dde99c8 http://hg.dovecot.org/dovecot/rev/abec53314897 http://hg.dovecot.org/dovecot/rev/0dda1f746d63 They either applied cleanly, or with a small offset/fuzz factor. However there is a slight problem with the final patch above if you are compiling in a separate directory tree (eg, using GNU make's VPATH feature). In particular the final patch for src/plugins/quota/Makefile.am needs to be changed from if HAVE_RQUOTA +quota-fs.c: rquota_xdr.c + rquota_xdr.c: Makefile to if HAVE_RQUOTA +$(srcdir)/quota-fs.c: rquota_xdr.c + rquota_xdr.c: Makefile Without this change you will get a compile-time error saying that the quota-fs.c file couldn't be found. (Timo: do you want me to send you this as a separate patch, or are you happy to pick it up from the above?) Cheers, Mike B-) -- The Computing Service, University of York, Heslington, York Yo10 5DD, UK Tel:+44-1904-433811 FAX:+44-1904-433740 * Unsolicited commercial e-mail is NOT welcome at this e-mail address. *
Re: [Dovecot] NFS rquota support
Le 07.08.2007 10:36, Timo Sirainen a écrit : > On Tue, 2007-08-07 at 10:29 +0200, Nicolas STRANSKY wrote: >> Le 06.08.2007 18:08, Timo Sirainen a écrit : >> >> So both http://hg.dovecot.org/dovecot/rev/078d9dde99c8 and >> http://hg.dovecot.org/dovecot/rev/abec53314897 are needed to have rquota >> support with 1.0.x or is there anything else ? > > http://hg.dovecot.org/dovecot/rev/0dda1f746d63 also. OK, thanks for the answer, but unfortunately, these don't apply well to 1.0.3.. -- Nico
[Dovecot] Dovecot 1.0.3: mbox problems for newly created users
Hi, I am having problems with Dovecot 1.0.3 and Thunderbird 2.0.0.6 when using a new user account without any mbox files present. Directory /home/$user/.imap_mail/ does not exist when Thunderbird first tries to login using IMAP to the account. On login this directory is created with a zero byte Trash file and .subscriptions containing string "Trash", so far, so good. Now I create a new message in Thunderbird and save it as draft. A zero byte file "Drafts" is created in /home/$user/.imap_mail/ but the message I wanted to save got _lost_, /home/$user/.imap_mail/Drafts stays at zero bytes. The next message I try to save as draft finds its way to the Drafts mbox however. Please note that no /home/$user/.imap_mail/inbox has been created although a inbox is shown in Thunderbird. When I move the saved message from Drafts to the inbox folder shown in Thunderbird, it gets saved in /var/mail/$user instead of /home/$user/.imap_mail/inbox, I guess this is due to the use of the mbox_snarf plugin, right? /home/$user/.imap_mail/inbox is the maildrop for Exim, which handles incoming mails, but in this scenario the user did not receive any emails yet. If I manually create /home/$user/.imap_mail/inbox, then moving a message from Drafts to the Thunderbird-displayed inbox works. How to fix this problem? Especially messages getting lost is really bad because I am in the process of changing our mail server setup from Exim/UW-Imapd to Exim/Dovecot, where I have to move 100+ /var/mail/$user mbox files to /home/$user/.imap_mail/inbox. But when Dovecot can not properly save files to previous non-existing mbox files, like Drafts, this is really a problem. Greetings, Bernd Kuhls PS: Here are the Dovecot settings: # dovecot -n # 1.0.3: /etc/dovecot/dovecot.conf log_path: /var/log/dovecot/dovecot.main log_timestamp: %Y-%m-%d %H:%M:%S protocols: imap imaps pop3 pop3s login_dir: /var/run/dovecot/login login_executable(default): /usr/lib/dovecot/imap-login login_executable(imap): /usr/lib/dovecot/imap-login login_executable(pop3): /usr/lib/dovecot/pop3-login mail_extra_groups: mail mail_location: mbox:~/.imap_mail:INBOX=/var/mail/%u:INDEX=/var/mail/indexes/%u mail_executable(default): /usr/lib/dovecot/imap mail_executable(imap): /usr/lib/dovecot/imap mail_executable(pop3): /usr/lib/dovecot/pop3 mail_plugins(default): quota imap_quota mbox_snarf mail_plugins(imap): quota imap_quota mbox_snarf mail_plugins(pop3): mbox_snarf mail_plugin_dir(default): /usr/lib/dovecot/modules/imap mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 imap_client_workarounds(default): outlook-idle netscape-eoh tb-extra-mailbox-sep delay-newmail imap_client_workarounds(imap): outlook-idle netscape-eoh tb-extra-mailbox-sep delay-newmail imap_client_workarounds(pop3): outlook-idle pop3_uidl_format(default): pop3_uidl_format(imap): pop3_uidl_format(pop3): %08Xu%08Xv auth default: passdb: driver: pam userdb: driver: passwd plugin: quota: fs mbox_snarf: ~/.imap_mail/inbox
Re: [Dovecot] OT: Re: Ideas for Webmail/OTP
On Tue, 2007-08-07 at 11:54 +0200, Steffen Kaiser wrote: > > configuration from operating system. If you have a pam module for an > > electronic one-time > > password generator you can use it with IMAP and webmail without additional > > changes in > > IMAP- or webmail-server. > > "without additional changes" > Then no change would be required in Dovecot ;-) Well, http://hg.dovecot.org/dovecot/rev/a9c934833374 signature.asc Description: This is a digitally signed message part
[Dovecot] OT: Re: Ideas for Webmail/OTP
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 7 Aug 2007, Frank Behrens wrote: Of course, this is more sophisticated and more expensive. My proposol uses OPIE - One- time Passwords In Everything. But remember: With my proposal you use always the login Ah, OK. configuration from operating system. If you have a pam module for an electronic one-time password generator you can use it with IMAP and webmail without additional changes in IMAP- or webmail-server. "without additional changes" Then no change would be required in Dovecot ;-) But it looks nice. How do you intend to pass the passwords to the users, via print-out? Or handhelds and Java opiekey? Bye. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBRrhBYS9SORjhbDpvAQIomwf/ZEaDdZUtM2hiaZRQOecSrl+GnwzpFAnc SsRFtlU06MRpkfqQxB7Y+/PZ297lcP0dBeNDO+QNYwXOsOnNVavjhuEsszKlOvFa MI6Zzd9CgBI7fQ4j2HHwvUiOPS2gjrjS3JUWleAFcLF0XDUmp91sXytFpuiNy537 hCbxUmNiCnp1Vl4e5Hj0x7Ex0v/lQJ9GLxmWZRsfQ+Zrm3RU9zPuvjfzjZm7tjnZ 033CiHOLNSglAK40gTRHCxHAWy3NIsKWd1hydMTZpmdeV2MbM+b5AoJZ/Qt55OTj 8zZvgfn2E875I4CpvC38frR5Y7YPxPhXKt+3qhsQXfaTBJk/tOrYEQ== =oZHw -END PGP SIGNATURE-
Re: [Dovecot] Ideas for Webmail/OTP
Steffen Kaiser <[EMAIL PROTECTED]> wrote on 7 Aug 2007 10:26: > You mean, the client issues LOGIN (with a dummy password), because Dovecot > needs to aquire the OTP challenge first, this LOGIN attempt is failed, > but the username can be used to aquire the OTP challenge. It is reported > back, via the LOGIN failure string and, secondly, another LOGIN attempt > is sent, this time with the same username and a real password. Yes, this was my intention. > I guess, you'll need to tweak the webmail interface a bit, that this > sequence is working well. It's easy: If a login fails the webmailer has to write an error message in any case. Simply include the IMAP error response. > There are time-related OTPs, where the sequence number is derived from the > current time. When a client tries a logon, the server calculates plenty of > OTPs in the "near" of the current time and adjust itself to the client, in > case the device's clock is running too slow or fast. Of course, this is more sophisticated and more expensive. My proposol uses OPIE - One- time Passwords In Everything. But remember: With my proposal you use always the login configuration from operating system. If you have a pam module for an electronic one-time password generator you can use it with IMAP and webmail without additional changes in IMAP- or webmail-server. > > Solution 3: > > My proposal: Create a new IMAP command "XSETREMOTEIP". With this IMAP > > extension a > > client can set the real IP address of remote client. The access to this > > command is restricted > > to the webserver with a new configuration parameter "trusted clients", > > which holds an IP > > address with mask. > > Hmm, any clients accessing webmail via the same proxy or from the same > NATed organisation will use the same IP, dial-up IPs switch the users more > often than anything else. I don't think that restricting by IPs you have > no knowlegde about is save. I meant it inversely. You can allow the usage of "normal" passwords for all IMAP and webmail clients in local network and restrict external clients to OTP. With pam configuration you make this decision for all logins (ssh, ftp), not only for IMAP with dovecot. Regards, Frank -- Frank Behrens, Osterwieck, Germany PGP-key 0x5B7C47ED on public servers available.
Re: [Dovecot] A few dovecot 1.1 bugs - sort, flag reset and etc.
On Sat, 2007-08-04 at 11:25 -0400, wenjie zheng wrote: > BUG #2: Some flags are reset after they were set a while ago, > like messages that has been read are randomly becoming unread again. Fixed: http://hg.dovecot.org/dovecot/rev/65e12fa51d4d signature.asc Description: This is a digitally signed message part
Re: [Dovecot] NFS rquota support
On Tue, 2007-08-07 at 10:29 +0200, Nicolas STRANSKY wrote: > Le 06.08.2007 18:08, Timo Sirainen a écrit : > > So both http://hg.dovecot.org/dovecot/rev/078d9dde99c8 and > http://hg.dovecot.org/dovecot/rev/abec53314897 are needed to have rquota > support with 1.0.x or is there anything else ? http://hg.dovecot.org/dovecot/rev/0dda1f746d63 also. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] NFS rquota support
Le 06.08.2007 18:08, Timo Sirainen a écrit : So both http://hg.dovecot.org/dovecot/rev/078d9dde99c8 and http://hg.dovecot.org/dovecot/rev/abec53314897 are needed to have rquota support with 1.0.x or is there anything else ? Thanks -- Nico
Re: [Dovecot] Ideas for Webmail/OTP
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 23 Jul 2007, Frank Behrens wrote: Solution 1: When PAM is configured for IMAP the user can use a one-time-password in the same way as before. The problem is, that the user must know the sequence number for the password (otp challenge), so we need a way to display it. The PAM module supplies the otp challenge in the conversation function, but the challenge is not processed by the IMAP server. My proposal: The IMAP server stores the challenge from the conversation function and includes it in the LOGIN response, when the login was not successful. So a user can try a login with a wrong dummy password and get knowlegdge about the current otp sequence. You mean, the client issues LOGIN (with a dummy password), because Dovecot needs to aquire the OTP challenge first, this LOGIN attempt is failed, but the username can be used to aquire the OTP challenge. It is reported back, via the LOGIN failure string and, secondly, another LOGIN attempt is sent, this time with the same username and a real password. I guess, you'll need to tweak the webmail interface a bit, that this sequence is working well. There are time-related OTPs, where the sequence number is derived from the current time. When a client tries a logon, the server calculates plenty of OTPs in the "near" of the current time and adjust itself to the client, in case the device's clock is running too slow or fast. I would say, this kind is more suitable for this purpose. However, one requires some sort of electronical device for it. Solution 2: Webmail clients do not use persistent connections in most cases. A OTP login needs different passwords for every displayed web page. My proposal: Use dovecot's login cache and do not ask the os for every login. :-) This will definitely a must then. Solution 3: My proposal: Create a new IMAP command "XSETREMOTEIP". With this IMAP extension a client can set the real IP address of remote client. The access to this command is restricted to the webserver with a new configuration parameter "trusted clients", which holds an IP address with mask. Hmm, any clients accessing webmail via the same proxy or from the same NATed organisation will use the same IP, dial-up IPs switch the users more often than anything else. I don't think that restricting by IPs you have no knowlegde about is save. Bye, - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBRrgspy9SORjhbDpvAQIJmAgA06boNvZrFTS4kNyky6ywUiYv9CHu99tI GT4iQNezyZz0PensPgGJp6ZAJGDdlAZ1ZxWBth1JCvpVZSBCwnbmbEbWnYtCi9OR v/eynzRFta/11nFy0+AB1Pf2BuoFFPtXy+hC6DnpPcLutD4Q+bvm3Kqdry72PmyQ lBUg8TxTwuDZ0sY0TTAP6VaJCmTG1RvnC5dZp4f6C3yN7kwXbcgS1rkHGr8V6Frs z9ZXMkRYUCpG/ufCQqFB9YTAAOxWM8DrKsmQZNClmkypc+q+v0w11BfcF6SK7v9I cdQqSca7AmXR4q2UYoyvAGGn7rF0cDJJXKI0iQWfWr2nchnx0/PoUA== =wZxi -END PGP SIGNATURE-
Re: [Dovecot] dovecot + LDAP-SASL ?
On Tue, 2007-08-07 at 08:38 +0200, Hadmut Danisch wrote: > Hi, > > just a question: > > I know that dovecot supports SASL authentication and supports LDAP. > Which means that dovecot performs the SASL methods itself and stores the > plaintext secret on LDAP. > > But it is also possible to have the LDAP do the SASL work and dovecot just > pass SASL messages through? Even when the LDAP server uses a proprietary > SASL method not supported by dovecot? For plaintext authentication you can use authentication binds and have the password stored on LDAP side in any way you want. For non-plaintext authentication Dovecot needs the secret in plaintext or some other specific format. LDAP doesn't support "SASL forwarding". signature.asc Description: This is a digitally signed message part
Re: [Dovecot] Subfolders
Hello Azher, Azher Amin, 05.08.2007 (d.m.y): > Thnx for the replies. I am using 1.0.2 and mbox, but from which option > you choose that this folder will have subfolders or will it contain only > files ?? I used the New SubFolder Option. Our mail server is running with mbox files. Whenever I want to create a folder that is designated to contain subfolders, its (the folder's) name needs to end with a trailing slash. Tested with Thunderbird and Outlook. Gruss/Regards, Christian Schmidt -- No violence, gentlemen -- no violence, I beg of you! Consider the furniture! -- Sherlock Holmes
