[Dovecot] User database ldap lookups and sasl
Hello I'm currently trying to use Active Directory with Unix extensions to store UID, GID and homedir and retrieve them with ldap I don't want to allow anonymous bindings and I would rather not use TLS and manage a PKI. So I'm trying to use SASL to do a Kerberos authentication for Dovecot against AD LDAP. I'm currently getting GSSAPI errors about the lack of credentials cache. Looking at similar cases where services act as clients, like using nss_ldap for unix host accounts, I understand the credentials cache should be initiated by an external program (cron and startup script), at least with the TGT and maybe the TGS for ldap. Since usually kerberosv5 cache is based on the user id ( /tmp/krb5cc_0 for root) there's an option in ldap.conf (krb5_ccname) to set the filename (/etc/.ldapcache in nss_ldap tutorials) for this cache. Is there any way to do this with dovecot-ldap.conf or should I try to use auth user default cache filename ? Thanks in advance
Re: [Dovecot] Problem searching with thunderbird
Hi, Resending this. Does anyone have a clue? -- I downloaded the updated files and now I also upgraded to beta2 as you released late last night. Good work maintaining dovecot I have to say. :-) Unfortunatelynbsp; I still can't search using thunderbird. I get no errors in the log now but thunderbird doesn't find any messages. I have tried updating the index (in thunderbird) but still no messages found. It worked prior to updating. What could the reason be? Best Regards - Jon ps. I also now tried searching in Squirrelmail aswell. Didn't work. ds.
Re: [Dovecot] Moving email from a folder to another using IMAP isvery slow (sometimes)
Hi to all, I can confirm that if I downgrade to 1.0.5 version I have no more the slowness problem. Then I think it is a bug introduced in th 1.1.x releases. Stefano. - Original Message - From: Stefano Scalise [EMAIL PROTECTED] To: Stefano Scalise [EMAIL PROTECTED]; Timo Sirainen [EMAIL PROTECTED] Cc: dovecot@dovecot.org Sent: Tuesday, October 02, 2007 12:04 PM Subject: Re: [Dovecot] Moving email from a folder to another using IMAP isvery slow (sometimes) Hi to all, very strange! I tried to debug why imap process takes 100% CPu and it is very slow when I move an email from an imap folder to another imap folder and then I typed: strace -tt -o /log-imap.txt -p process number well, during the trace the imap process doesn't crash and it is very fast. If I stop the tracing, I have again the problem and sometimes the crash of the process. Any help? Thank you, Stefano. - Original Message - From: Stefano Scalise [EMAIL PROTECTED] To: Timo Sirainen [EMAIL PROTECTED] Cc: dovecot@dovecot.org Sent: Monday, October 01, 2007 4:21 PM Subject: Re: [Dovecot] Moving email from a folder to another using IMAP isvery slow (sometimes) Sorry, but with the new version (1.1.beta2), I still have the same problem of very slowness during moving email between two imap folders. What can I do for debugging it? Stefano. - Original Message - From: Timo Sirainen [EMAIL PROTECTED] To: Stefano Scalise [EMAIL PROTECTED] Cc: dovecot@dovecot.org Sent: Sunday, September 30, 2007 1:52 PM Subject: Re: [Dovecot] Moving email from a folder to another using IMAP isvery slow (sometimes) On Wed, 2007-09-26 at 12:05 +0200, Stefano Scalise wrote: Update to the problem: I tried to stress the server with many moving and I received: Sep 26 10:56:40 sirio3 dovecot: IMAP(email_address): Trying to allocate 0 bytes This should fix it: http://hg.dovecot.org/dovecot/rev/c6b85cf1e63a I'll probably make a beta2 release today after fixing several other things.
[Dovecot] v1.1 QUOTA and inbox quota
My mail agent is postfix and by default it imposes the INBOX size of 50 meg. I would like my imap mail clients (I'm using Thunderbird) to see this and warn me when my inbox fills up. I tried doing it with the old quota system but wasn't successful. With the new quota rule system it looks like per-mailbox quotas are possible, however when I do this: quota = maildir quota_rule = INBOX:storage=5 I get an error in the log: Sep 28 02:18:31 discworld dovecot: IMAP(kristian): open((null)) failed: Bad address Sep 28 02:18:31 discworld dovecot: IMAP(kristian): Internal quota calculation error Sep 28 02:20:04 discworld dovecot: IMAP(kristian): open((null)) failed: Bad address Sep 28 02:20:04 discworld dovecot: IMAP(kristian): open((null)) failed: Bad address is there any way to get the inbox quota to work properly? I guess many systems use postfix and have 50M inbox limit so it would really be helpful if this information is pushed somehow through imap to the client. thanks, K
Re: [Dovecot] global sieve script
Jorge Salamero Sanz wrote: hi all, i'm moving from a maildrop+courier setup to lda(sieve)+dovecot setup. with maildrop i had a global filter for all the users, so i could filter and archive into the spam folder spam tagged emails for users without custom filters, including them if they exist: LOGNAME=tolower($LOGNAME) `test -e $LOGNAME` if ( $RETURNCODE != 0 ) { `maildirmake $LOGNAME` `maildirmake $LOGNAME/._spam` } `test -f $LOGNAME/mailfilter` if ( $RETURNCODE == 0 ) { include $LOGNAME/mailfilter } if ( /^X-Spam-Status: YES */) { to $LOGNAME/._spam } else { to $LOGNAME/ } how could i get this behaviour with dovecot lda and sieve ? For example: /etc/dovecot/dovecot.conf: ... protocol lda { ... sieve_global_path = /etc/dovecot/sieve/ ... } /etc/dovecot/global: if header :contains X-Spam-Flag YES { fileinto Spam; stop; } ...or something similar. /L
Re: [Dovecot] global sieve script
LS == Lars Stavholm [EMAIL PROTECTED] writes: LS For example: LS /etc/dovecot/dovecot.conf: LS ... LS protocol lda { LS ... LS sieve_global_path = /etc/dovecot/sieve/ LS ... LS } LS /etc/dovecot/global: LS if header :contains X-Spam-Flag YES { LS fileinto Spam; LS stop; LS } LS ...or something similar. Definitely take the something similar option since the above likely won't work. sieve_global_path should point to a _file_ containing a sieve script and both the script _and_ the byte-compiled version (same name with 'c' appended) should exist and the compiled output file should have an mtime later than the source. If the cmusieve plugin can't find the compiled version (or the mtime of the source is later than the mtime of the compiled version) it will attempt to write it out a compiled version and filesystem permissions really ought to prevent that. So /etc/dovecot/dovecot.conf: ... protocol lda { ... sieve_global_path = /etc/dovecot/global.sieve ... } /etc/dovecot/global.sieve: if header :contains X-Spam-Flag YES { fileinto Spam; stop; } AND remember to byte-compile the script /usr/libexec/dovecot/sievec /etc/dovecot/global.sieve /etc/dovecot/global.sievec
Re: [Dovecot] undelete messages?
Timo Sirainen wrote: On Mon, 2007-10-01 at 11:51 -0400, Cory Coager wrote: The current command did not succeed. The mail server responded: Mailbox doesn't exist: .EPUNGED.Trash I copied the config exactly as its written on: http://wiki.dovecot.org/Plugins/Lazyexpunge I guess your main namespace uses '.' separator? That breaks it. All non-hidden namespaces must use the same separator. Nope, using '/' as separators. namespace private { separator = / prefix = inbox = yes }
Re: [Dovecot] graceful failure when some folders are not available...
On Sat, Oct 06, 2007 at 04:28:20AM +0300, Timo Sirainen wrote: On Wed, 2007-10-03 at 20:03 -0500, [EMAIL PROTECTED] wrote: Hi folks. Quick question in the hopes that someone knows the answer, before I dig in the code some more. In testing a new setup with some long-term archival mbox-format mailboxes stored on an NFS mount, we've found the following: if the mount is unavailable for any reason, the user cannot log into their email at all. Dovecot says: stat() failed with mbox foo and dies. This is coming from Perhaps dies was too strong. In fact, Dovecot does not die, but the client perceives such as it is told this upon trying to log in: The current command did not succeed. The mail server responded: Internal error occurred. Refer to server log for more information. And in fact your tests (below) reproduced this. The problem with this is that if even one file or directory within the user's IMAP folder space is currently unavailable (due to an NFS server being down), the user cannot log in at all to access any of their other folders. In out scenario, we would prefer that the user simply not see the folders (treat the error the same as file not found). BTW, the errno seen is ETIMEDOUT (we are soft mounting the NFS filesystem in question). Any thoughts on how we can accomplish this? We don't normally expect this NFS filesystem to become unavailable, but when it is, we don't want it to prevent all users from being able to log in, since this NFS filesystem only holds folders of an archival nature. the mbox sync checks. (It's possible the same happens with a maildir folder--I'm just specifying mbox because that's what we've tested with so far). It shouldn't die. Maybe your client kills the connection? I tested this by making the stat() call always fail with EIO: x select inbox x NO Internal error occurred. Refer to server log for more information. [2007-10-06 04:24:48] x status foo (messages) x NO Internal error occurred. Refer to server log for more information. [2007-10-06 04:24:58] Or even if the mailbox is successfully opened and after that: x noop * NO Internal error occurred. Refer to server log for more information. [2007-10-06 04:27:31] x OK NOOP completed. -- Steven F. Siirila Office: Univ Park Plaza, Room 750 Internet Services E-mail: [EMAIL PROTECTED] Office of Information TechnologyVoice: (612) 626-0244 University of Minnesota Fax: (612) 626-7593
[Dovecot] API problem (noob)
I'm a bit of a newbie, especially when it comes to dovecot internals, but nevertheless, I need some help: I'm working on a dovecot plugin, and I would like to copy a mail message from the mail store out to a temporary file, less a few headers: static const char *const exclude_headers[] = { X-DSPAM-Signature } strcpy(fname, mktemp(fname)); fd = creat(fname, 0600); mail_get_stream(mail, NULL, NULL, input); output = o_stream_create_fd_file(fd, 0, TRUE); input = i_stream_create_header_filter(input, HEADER_FILTER_EXCLUDE | HEADER_FILTER_NO_CR, exclude_headers, N_ELEMENTS(exclude_headers), null_header_filter_callback, NULL); o_stream_send_istream(output, input); But all I get in the temp file is the message body, i.e. no headers at all. What am I doing wrong here? My understanding (or hope:) of what the function i_stream_create_header_filter() is supposed to do might not be accurate: I was hoping that it would exclude the aforementioned headers, but leave the rest of the headers as is. Any help appreciated /Lars
[Dovecot] Mail client kill imap-login process
Hi, In my env we have quite a number of old PC which are running windows95. I have installed the thunderbird and outlook97 with the right configuration to dovecot. Everytime I starts the mail client it shows the following, dovecot: Oct 09 10:56:45 Info: imap-login: Disconnected: rip=172.24.65.60, lip=172.24.66.24 only then it shows the login screen. After submit the password, it doesn't seems to login properly. If I use the Outlook Express, it runs ok on the same machine? I can send and read email. I trace the process using strace but it failed since the pid got killed everytime I starts that two mail client. In order to make sure my dovecot run correctly, I run all mail clients from XP and it works like charm. Can someone share with my what should I do next or how to debug further? Thanks.
[Dovecot] Dovecot hanging up with many defunct processes
Hi, I am in a very awkward situation and need some kind of immediate fix up. I had installed dovecot in my organization as part of migration of email server. The setup involves sendmail, dovecot (imaps+pop3s) and webmail (squirrelmail) running on apache webserver. All was working fine until one day I found a lot of defunct processes on system related to dovecot. dovecot-auth, imap-login and imap were all defunct. The system is using pam_ldap and nss_ldap to authenticate users to a Windows 2003 Active Directory. Immediate restart of dovecot solved the problem for me that day, however since then it's been about 3 times that I've faced this problem. After visiting various forums I came to know one thing, that it has something to do with pam_ldap and nss_ldap. However with UW-IMAP we were using the same setup and we didn't find any problems there. It would be very kind of you, if you can help me out on this front as apart from these mishaps the mail server is running perfectly fine and we wish to continue using Dovecot for our setup in future as well. Following is the system details: 1) OS: RHEL4 (Kernel - 2.6.9-5.ELsmp) 2) Dovecot: Dovecot (Version - 1.0.3) 3) Following is dovecot configuration: log_path: /var/log/dovecot.log protocols: imaps pop3s ssl_cert_file: /usr/share/ssl/certs/imapd.pem ssl_key_file: /usr/share/ssl/private/imapd.pem login_dir: /usr/local/var/run/dovecot/login login_executable(default): /usr/local/libexec/dovecot/imap-login login_executable(imap): /usr/local/libexec/dovecot/imap-login login_executable(pop3): /usr/local/libexec/dovecot/pop3-login max_mail_processes: 10240 mail_location: mbox:~/mail:INBOX=/var/mail/%u mail_executable(default): /usr/local/libexec/dovecot/imap mail_executable(imap): /usr/local/libexec/dovecot/imap mail_executable(pop3): /usr/local/libexec/dovecot/pop3 mail_plugin_dir(default): /usr/local/lib/dovecot/imap mail_plugin_dir(imap): /usr/local/lib/dovecot/imap mail_plugin_dir(pop3): /usr/local/lib/dovecot/pop3 pop3_uidl_format(default): pop3_uidl_format(imap): pop3_uidl_format(pop3): %08Xu%08Xv auth default: passdb: driver: pam userdb: driver: passwd 4) Dovecot's PAM file (/etc/pam.d/dovecot) #%PAM-1.0 authrequired pam_ldap.so account required pam_ldap.so session required pam_mkhomedir.so skel=/etc/skel umask=0077 session required pam_ldap.so As far as I feel it's problem with pam_ldap not able to authenticate against Windows 2003 Active Directory due to some reason or the other. However I'm not sure why is this happening. Regards, Mayank Joshi.