Re: [Dovecot] Proxy problems with 1.0.5 !
Hi, I am trying to do a staged migration over to dovecot, but having troubles at the first hurdle. I setup the proxy feature to redirect most of our users back to the current Courier imap/pop server, and it's partly working, but I'm getting Maybe your courier server doesn't support some extensions that dovecot advertises in its CAPABILITY response, we solved some problems in a similar setup by making sure that dovecot sends the same capability as courier. (it's configurable in the config file) success, henkjan
Re: [Dovecot] Proxy problems with 1.0.5 !
HenkJan Wolthuis wrote: Hi, I am trying to do a staged migration over to dovecot, but having troubles at the first hurdle. I setup the proxy feature to redirect most of our users back to the current Courier imap/pop server, and it's partly working, but I'm getting Maybe your courier server doesn't support some extensions that dovecot advertises in its CAPABILITY response, we solved some problems in a similar setup by making sure that dovecot sends the same capability as courier. (it's configurable in the config file) No, I already checked that the only capability results are the ones from Courier (Remember that it's breaking under the Proxy setup, the capability results come directly from Courier, I don't have banner capabilities on either) Also, if you look at the two log files (or what I posted of them), then they look identical in working and non working cases. I would hazard a guess that some line breaks are getting swapped, hence breaking the length? I don't have more than a working knowledge of IMAP, but would that explain why I am getting an error from a valid looking APPEND command? Ed W
Re: [Dovecot] Dovecot v1.1.alpha4 problem
On Thu, 2007-09-13 at 07:37 -0400, Vladislav Malyshkin wrote: this is very hard for me to do. Every time this problem starts people get panicked, immediately call me, call others. This did happen twice in the last 24 hours. Maybe you should not test alpha software in production? :D ciao Luca
[Dovecot] Deliver parameter problem!
Is there anybody having idea about this problem? thanks. Original Message Subject:Deliver parameter problem Date: Tue, 11 Sep 2007 14:21:56 +0300 From: Umut Arus [EMAIL PROTECTED] To: dovecot@dovecot.org Hello, I'm using dovecot-1.0.5 with postfix. I have to use deliver from procmail because I have some filters. There is no document about how to using deliver parameters (-d) other than http://wiki.dovecot.org/LDA . If I set -d parameters manually as a username everything is ok. I can not set users' mail quota (don't lookup) with mysql db if I haven't set -d parameter as receipt username in procmail. How can I describe user (-d) parameter's variable in procmail? Procmail configuration, :0 | /usr/local/dovecot/libexec/dovecot/deliver -f $blabla -d $blabla2 Output of the configuration, # 1.0.5: /usr/local/dovecot/etc/dovecot.conf protocols: imap imaps pop3 pop3s listen: 10.1.1.168 ssl_cert_file: /usr/local/dovecot/etc/dovecot.cert.pem ssl_key_file: /usr/local/dovecot/etc/dovecot.key.pem disable_plaintext_auth: no login_dir: /usr/local/dovecot/var/run/dovecot/login login_executable(default): /usr/local/dovecot/libexec/dovecot/imap-login login_executable(imap): /usr/local/dovecot/libexec/dovecot/imap-login login_executable(pop3): /usr/local/dovecot/libexec/dovecot/pop3-login mail_location: maildir:%h/Maildir:INDEX=/var/no-quotas/index/%u:CONTROL=/var/no-quotas/control/%u mail_debug: yes mail_full_filesystem_access: yes mail_executable(default): /usr/local/dovecot/libexec/dovecot/imap mail_executable(imap): /usr/local/dovecot/libexec/dovecot/imap mail_executable(pop3): /usr/local/dovecot/libexec/dovecot/pop3 mail_plugins(default): quota imap_quota mail_plugins(imap): quota imap_quota mail_plugins(pop3): mail_plugin_dir(default): /usr/local/dovecot/lib/dovecot/imap mail_plugin_dir(imap): /usr/local/dovecot/lib/dovecot/imap mail_plugin_dir(pop3): /usr/local/dovecot/lib/dovecot/pop3 pop3_uidl_format(default): pop3_uidl_format(imap): pop3_uidl_format(pop3): %08Xv%08Xu namespace: type: private separator: / location: maildir:~/Maildir:INDEX=/var/no-quotas/index/%u:CONTROL=/var/no-quotas/control/%u inbox: yes namespace: type: private separator: / prefix: mail/ location: maildir:~/Maildir/.mail:INDEX=/var/no-quotas/index/%u:CONTROL=/var/no-quotas/control/%u auth default: verbose: yes debug: yes passdb: driver: pam userdb: driver: sql args: /usr/local/dovecot/etc/dovecot-sql.conf userdb: driver: prefetch socket: type: listen master: path: /var/run/dovecot/auth-master mode: 438 plugin: quota: maildir:storage=50:ignore=trash regards,
[Dovecot] Dovecot + virtual users
Hi,
I'm running FreeBSD, Dovecot, Postfix (virtual users), MySQL,
Squirrelmail. I have installed squirrelmail-quota_usage-plugin, but I
cannot make it work. It mentions If you have an IMAP server with QUOTA
Extension capability In dovecot.conf I have enabled mail_plugins =
quota near protocol pop3 and protocol lda, near protocol imap I have
mail_plugins = quota imap_quota. Near plugin { ... I have quota =
maildir:storage=204800. I think that the problem of why I don't see
quota in Squirrelmail is in file dovecot-sql near user_query. I have my
users mailboxes in such format: /usr/local/virtual/domain.tld/username
and my user_query looks like this:
user_query = SELECT maildir, 125 AS uid, 125 AS gid,
concat('maildir:storage=', quota) AS quota FROM mailbox WHERE username =
'%u' AND active = '1', I think that in my user_query I'm missing
something. I do not get any errors in the dovecot and dovecot-debug
logs, everything works fine, but I still can't see quota.
Re: [Dovecot] Dovecot + virtual users
bichumo wrote:
Hi,
I'm running FreeBSD, Dovecot, Postfix (virtual users), MySQL,
Squirrelmail. I have installed squirrelmail-quota_usage-plugin, but I
cannot make it work. It mentions If you have an IMAP server with
QUOTA Extension capability In dovecot.conf I have enabled
mail_plugins = quota near protocol pop3 and protocol lda, near
protocol imap I have mail_plugins = quota imap_quota. Near plugin
{ ... I have quota = maildir:storage=204800. I think that the
problem of why I don't see quota in Squirrelmail is in file
dovecot-sql near user_query. I have my users mailboxes in such format:
/usr/local/virtual/domain.tld/username and my user_query looks like this:
user_query = SELECT maildir, 125 AS uid, 125 AS gid,
concat('maildir:storage=', quota) AS quota FROM mailbox WHERE username
= '%u' AND active = '1', I think that in my user_query I'm missing
something. I do not get any errors in the dovecot and dovecot-debug
logs, everything works fine, but I still can't see quota.
Solved.
Re: [Dovecot] Dovecot + virtual users
On 2007-09-13 21:00:23 +0300, bichumo wrote:
I'm running FreeBSD, Dovecot, Postfix (virtual users), MySQL,
Squirrelmail. I have installed squirrelmail-quota_usage-plugin, but I
cannot make it work. It mentions If you have an IMAP server with
QUOTA Extension capability In dovecot.conf I have enabled
mail_plugins = quota near protocol pop3 and protocol lda, near
protocol imap I have mail_plugins = quota imap_quota. Near plugin
{ ... I have quota = maildir:storage=204800. I think that the
problem of why I don't see quota in Squirrelmail is in file
dovecot-sql near user_query. I have my users mailboxes in such format:
/usr/local/virtual/domain.tld/username and my user_query looks like this:
user_query = SELECT maildir, 125 AS uid, 125 AS gid,
concat('maildir:storage=', quota) AS quota FROM mailbox WHERE username
= '%u' AND active = '1', I think that in my user_query I'm missing
something. I do not get any errors in the dovecot and dovecot-debug
logs, everything works fine, but I still can't see quota.
Solved.
maybe you want to mention how your solved the issues. others might
search the mail archive and would find your solution.
darix
--
openSUSE - SUSE Linux is my linux
openSUSE is good for you
www.opensuse.org
[Dovecot] pipe() error but not linked to kqueue
I have dovecot 1.0.5 installed on an OpenBSD 4.1 box and an OS X Server 10.4.10 box. Sure you've all heard it before, because of the pipe error, no more login processes can be launched, and I have to restart the server. dovecot: Sep 13 05:50:00 Error: pipe() failed: Too many open files I first thought this was the issue with kqueue, but I've since recompiled making sure to use poll. This also happened with 1.0.3 and 1.0.2. It also happens very specifically after a dictionary attack that lasts usually about an hour, unless I can catch it earlier. (Around 18,000 login attempts) ex: dovecot: Sep 13 05:49:58 Info: pop3-login: Aborted login: user=aaron, method=PLAIN, rip=62.161.41.32, lip=local ip dovecot: Sep 13 05:49:58 Info: pop3-login: Aborted login: user=adm, method=PLAIN, rip=62.161.41.32, lip=local ip dovecot: Sep 13 05:49:58 Info: pop3-login: Aborted login: user=account, method=PLAIN, rip=62.161.41.32, lip=local ip But after the attack has subsided for a period of time, I still have the number of file descriptors maxed out for the dovecot process. I've increased the number available to have a higher roof, but that doesn't fix the problem. Wondering if anyone else has seen this issue, and also in a generic problem. How are others dealing the the problem of being attacked in this method? Is there a max number of login tries for a given ip address within a period of time that I'm missing? :) Thanks, Patrick
Re: [Dovecot] Multiple passdb/userdb ambiguity
I wrote:
If I use userdb passwd-file with the same two files, then sometimes the
wrong userdb information will be used.
Shortly after reporting this issue, I came across two configuration
solutions for my problem (please read below for details). I haven't
tested the first one yet:
Assume I have the current passdb setup:
passdb passwd-file {
args = snip/%l.passwd
}
passdb passwd-file {
args = snip/virtual.passwd
}
One way to make it impossible to log in to usernames found in %l.passwd
if the password doesn't match %l.passwd is to add a deny passdb:
passdb passwd-file {
args = snip/%l.passwd
}
passdb passwd-file {
args = snip/%l.passwd
deny = yes
}
passdb passwd-file {
args = snip/virtual.passwd
}
This seems like it should allow users in %l.passwd to log in, but if the
password doesn't match, they'll be denied before an ambiguous username/password
in virtual.passwd is tried.
The solution I settled on, and which I confirmed works for my setup, is
to set the user= field in %l.passwd to change IP-based virtual
usernames into fully qualified usernames, and then only use
virtual.passwd for all userdb lookups.
For example, consider username testguy in %l.passwd, which also exists
in virtual.passwd. In all cases, for virtual user [EMAIL PROTECTED], I
set up a %l.passwd entry for testguy with example.com's IP, and also
an entry in virtual.passwd for [EMAIL PROTECTED].
My solution adds [EMAIL PROTECTED] to testguy's passwd-file
entry in %l.passwd file.
Now, I can stop using %l.passwd as a userdb file, and all userdb info
for virtual users will be looked up by the fully qualified username in
virtual.passwd. There is no ambiguity when a non-virtual user logs in,
because the per-IP names are always looked up with their canonical
domain even if they match system usernames.
Thanks for your time,
Alan Ferrency
pair Networks, Inc.
[EMAIL PROTECTED]
On Thu, 13 Sep 2007, Alan Ferrency wrote:
On Mon, 10 Sep 2007, Timo Sirainen wrote:
On Mon, 2007-09-10 at 11:42 -0400, Alan Ferrency wrote:
(Snip: I use userdb prefetch and a bunch of userdb_* settings in the
passdb file, and Timo suggested it was not necessary. I then recalled an
incorrect explanation for why I might have done this...)
I think this may have been related to file permissions: we didn't want
to give all users read access to the userdb file after they've logged
in, and prefetching allowed us to limit access to only the login/auth
user. Running an smtpauth port for deliver kind of makes that a moot
point anyway, though, so maybe we can clean things up a bit.
Only dovecot-auth process accesses the userdb file.
I now remember (rediscovered) why I had to use userdb prefetch in
our setup.
I'm using multiple passdb passwd-file files, one of which provides local
IP based virtual mail hosting. Usernames are not guaranteed to be unique
across both files.
If I use userdb passwd-file with the same two files, then sometimes the
wrong userdb information will be used. If I log in to a username which
is in both the first and second passdb file, and use the password for
the second passdb's version of the username, it will log in correctly
but use the username's userdb information in the _first_ userdb file
that matches (instead of the second).
This is, needless to say, Very Bad. I fixed it using userdb prefetch,
but I would prefer a better solution.
In this case, our preferred behavior is unambiguous, but I couldn't
figure out how to configure it. If the username exists in the first
passdb, but the incorrect password is used, login should be denied,
instead of checking the second passdb file. The second passdb should
only be used if the username doesn't exist in the first passdb.
This would avoid the possibility of accidentally using the second passdb
for login, but the first userdb file for user information, and would
remove ambiguity from setups such as ours.
Is the current behavior considered correct? Is this configurable to do
what I need instead? I didn't find anything addressing it in the wiki.
Thanks,
Alan Ferrency
pair Networks, Inc.
[EMAIL PROTECTED]
[Dovecot] problem migrating uw imap to dovecot on suse 9.3
hi all, after i successed in install / configure dovecot, and transform mbox to maildir i got error in outlook expres. outlook expres is authenticated . dovecot accep user/passwd. when i try to receive folder list is giving me error: downloading folder from server.ro one or more problems occurred downloading your list of folders from your account. The folder list may be inaccurate. any ideea? thanks.
