Re: [Dovecot] OT: best linux imap client for dovecot

[Lev Serebryakov]

Hello, Axel.
You wrote 18 февраля 2010 г., 18:45:21:

 This is not a my-email-client-is-better-than-your-email-client thread,
 I just want to know which client(s) make proper use of imap features
 for fast searches/copies/deletions etc.
 IMHO, all existing clients suck, but not only due to IMAP4 [mis]using, but
because  UI  is  terrible.  For  example, I don't lnow any client with
proper,  accurate  text-only  quoting  (with ' ' marks). Some clients
forget  to  spilt  long  lines, some don't add ' ' when I split quote
line  by  hands,  some  don't  remove ' ' automagically when lines in
quote  are  merged  (by  deleting  CR/NL on previous line), and things
become  even  mnore  horrible  whrn  here are many quotes of different
level. I'm not mention clients, which have top-quoting-only setting or
doesn't  have  templates for  editor  (no, a signature file IS NOT A
TEMPLATE!)

Threading,  working  with  mailing  lists  (with  all these List-XXX
headers  which  are  standard  now), using diffferent From names and
e-mails   for  different  folders  (and,  yes,  different  templates),
differnet templates for different replies, good filters (Thunderbird's
filters  creation  UI is bad, IMHO), flexible but esy-to-setup-default
purging  rules,  etc,  etc,  etc  -- all these features are missing or
implemented  horribly wrong in most clients (I don't claim, that every
client has every feature from this list implemented wrong, but most of
clients has 1/2 or more of this list absent or unusable).

   There is one client which have not-so-bad-UI (I can not use EMACS
 GNU,  but I think everything COULD BE DONE in EMACS, so, may be
 THERE  ARE  TWO clients): Ritlab's The Bat!. But it works with IMAP
 terribly  wrong,  works only on Windows, costs money, and is somwhere
 buggy :(

-- 
// Black Lion AKA Lev Serebryakov l...@serebryakov.spb.ru

Re: [Dovecot] OT: best linux imap client for dovecot

[Patrick Nagel]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi Lev,

On 2010-02-22 16:04, Lev Serebryakov wrote:
 This is not a my-email-client-is-better-than-your-email-client thread,
 I just want to know which client(s) make proper use of imap features
 for fast searches/copies/deletions etc.
  IMHO, all existing clients suck, but not only due to IMAP4 [mis]using, but
 because  UI  is  terrible.

I like KMail's UI a lot, but its IMAP support is terrible. Hoping that
will change with KMail 2.

 For  example, I don't lnow any client with
 proper,  accurate  text-only  quoting  (with ' ' marks). Some clients
 forget  to  spilt  long  lines, some don't add ' ' when I split quote
 line  by  hands,  some  don't  remove ' ' automagically when lines in
 quote  are  merged  (by  deleting  CR/NL on previous line), and things
 become  even  mnore  horrible  whrn  here are many quotes of different
 level. I'm not mention clients, which have top-quoting-only setting or
 doesn't  have  templates for  editor  (no, a signature file IS NOT A
 TEMPLATE!)

I don't know so much about quoting, I think TB gets it right, doesn't
it? Also, on non-line-broken mails, you can press CTRL-R (Rewrap) and
the mail gets proper line breaks. KMail admittedly has some weirdnesses
there, at least in recent versions.

 Threading,  working  with  mailing  lists  (with  all these List-XXX
 headers  which  are  standard  now), using diffferent From names and
 e-mails   for  different  folders  (and,  yes,  different  templates),
 differnet templates for different replies, good filters (Thunderbird's
 filters  creation  UI is bad, IMHO), flexible but esy-to-setup-default
 purging  rules,  etc,  etc,  etc  -- all these features are missing or
 implemented  horribly wrong in most clients (I don't claim, that every
 client has every feature from this list implemented wrong, but most of
 clients has 1/2 or more of this list absent or unusable).

I think KMail gets all of them right, although I don't use the filter
UI, since I filter with sieve rules on the server.

Patrick.

- -- 
STAR Software (Shanghai) Co., Ltd.http://www.star-group.net/
Phone:+86 (21) 3462 7688 x 826 Fax:   +86 (21) 3462 7779

PGP key E883A005 https://stshacom1.star-china.net/keys/patrick_nagel.asc
Fingerprint:   E09A D65E 855F B334 E5C3 5386 EF23 20FC E883 A005
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/

iEYEARECAAYFAkuCQsEACgkQ7yMg/OiDoAUU3wCgimLYBXZnf/zOcfY/YNXUnqbo
gDgAn39AML0SA4vKQ+5UUUQkfeCFrnOW
=5jtD
-END PGP SIGNATURE-

[Dovecot] Migration 1.2.10 - dovecot-2.0.beta

[Frank Elsner]

Hello *,

I've a well functioning dovecot.1.2.10 installation. I'd like to migrate to 
dovecot.2.0.beta. Is it possible to use one (big) dovecot.conf or must I
split it into pieces into directory conf.d? What is the best procedure
to convert the configuration file? 

Any pointers welcome.



--Frank Elsner

[Dovecot] Replication status

[dovecot]

Hello,

I couldn't find any recent informations regarding the status of
implementing replication to Dovecot. Especially master/master is what I
am waiting for.

Is it useable yet with 2.0 or, if not, any eta?

Thanks in advance,
Michael

Re: [Dovecot] Best inode_ratio for maildir++ on ext4

[Ed W]

On 19/02/2010 23:51, Stan Hoeppner wrote:

Rodolfo Gonzalez put forth on 2/19/2010 5:18 PM:
   

Hi,

This might be a silly question: which would be
the best inode ratio for a 5 Tb filesystem dedicated to Maildir++
storage? I use ubuntu server, which has a preconfigured setting for
mkfs.ext4 called news with inode_ratio = 4096, and after formating the
fs with that setting and then with the defautl setting I see this
difference of space (wasted space, but more inodes):

4328633696 free 1K-blocks with mkfs's -T news switch = 1219493877 free
inodes
4557288800 free 1K-blocks with default mkfs settings = 304873461 free
inodes

I'll be storing e-mail messages for around 20,000 accounts on that
partition (average 512 Mb per account). Would you consider worth the
waste of about 200 Gb of the filesystem space in exchange of more inodes?
 

If your version of Ubuntu server has XFS support built in, forget ext4 and go
XFS.  It's more reliable, faster in every single benchmark I've seen especially
for large numbers of files, both large and small, has a ton of management tools
and instrumentation interfaces, and has a proven enterprise track record.

   


Someone posted about XFS some time back.  It apparently can perform 
well, but it will need some tuning (something to do with number of log 
buffers from memory?) to perform well on Maildir type operations


Search around and benchmark is my suggestion (there are some mail 
benchmarking programs)


Good luck

Ed W

Re: [Dovecot] v2.0 IMAP Capabilities announcement

[Ed W]

On 21/02/2010 19:33, Timo Sirainen wrote:

On 21.2.2010, at 21.16, Thomas Leuxner wrote:

   

I have an Android Mail App which worked fine with IDLE pushes before (K-9 Mail) 
under 1.2.10. With 2.0 beta 3 it seems to be looking for an IDLE prompt from 
the server, otherwise it will disable connection idling (whether this is valid 
or not).

Setting 'imap_capability = IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID IDLE 
ENABLE' does the trick, but is it possible to add additional values to the 
default reply like this?
 

Hmm. That's too bad. I was hoping to avoid sending any unnecessary capabilities 
before login. Perhaps IDLE could be added there as an exception.

Although .. Looks like that's an open source client. Perhaps you could report 
this as a bug and get them to fix it? Dovecot pushes the updated capabilities 
after login, the client should pick them up.

   


From memory Outlook Express/Windows Mail requests capabilities before 
login (and never after login)?


Ed W

Re: [Dovecot] Highly Performance and Availability

[Ed W]

On 19/02/2010 21:40, Wayne Thursby wrote:

Thank you to everyone who has contributed to this thread, it has been
very educational.

Since my last post, I have had several meetings, including a conference
with Dell storage specialists. I have also gathered some metrics to beat
around.

The EqualLogic units we are looking at are the baseline models, the
PS4000E. We would get two of these with 16x1TB 7200RPM SATA drives and
dual controllers for a total for 4xGbE ports dedicated to iSCSI traffic.

I have sent the following information and questions to our Dell reps,
but I figured I'd solicit opinions from the group.

The two servers I'm worried about are our mail server (Postfix/Dovecot)
and our database server (PostgreSQL). Our mail server regularly (several
times an hour) hits 1 second spikes of 1400 IOPS in its current
configuration. Our database server runs aroun 100-200 IOPS during quiet
periods, and spikes up to 1200 IOPS randomly, but on average every 15
minutes.

With 4xGbE ports on the each EQL device, and also keeping in mind we'll
have two of those, is it reasonable to expect 1400 IOPS bursts? What if
both of these servers were on the same storage and required closer to
3000 IOPS?

   


That's a LOT of IOPs for 16 disks to handle?  Given you are measuring on 
your existing hardware which has 5-10 disks depending on read/write 
(RAID10) then this surely means you are trying to push more than you 
state and just maxing out at the disk capacity?


I have no experience, but some reading over the last few days suggests 
you would very much desire an Equallogic with FC if the budget is 
there.  On the other hand buying two Dell/Supermicro machines with lots 
of disks and using DRBD to make each a duplicate of the other would 
appear to satisfy your requirements also? (perhaps cheaper, but less 
scalability).  DRBD sounds really nice for scalability up to a certain size?


Good luck

Ed W

Re: [Dovecot] Highly Performance and Availability

[Ed W]

Hi


  HA, Consolidated Backup, and a couple of other technologies are what really
make this an enterprise solution, providing near 24x7x365 uptime and rapid
redeployment of an infrastructure after catastrophic loss of the datacenter.
   


Can you tell me exactly what Consolidated Backup means with respect to 
ESX please?  From the brief description on the website I'm not quite 
sure how it varies to say backing up the raw storage using some kind of 
snapshot method?



GlusterFS isn't designed as a primary storage system for servers or server
clusters.  A good description of it would be cloud storage.  It is designed to
mask, or make irrelevant, the location of data storage devices and the distance
to them.  Server and datacenter architects need to know the latency
characteristics and bandwidth of storage devices backing the servers.  GlusterFS
is the antithesis of this.
   


I can't disagree in terms of achieved performance because I haven't 
tested, but in terms of theoretical design it is supposed to vary from 
how you describe?


Glusterfs has a growing number of translaters and eventually is likely 
to have native NFS  Cifs support straight into the cluster. So *in 
theory* (difference between theory and practice? In theory nothing, in 
practice everything.) you are getting parallel NFS performance as you 
add nodes, with the option of also adding redundancy and HA for free...  
I get the impression the current implementation deviates somewhat from 
theory, but long term that's the goal...



I was giving this some thought - essentially the whole problem comes 
down to either some kind of filesharing system which offers up 
individual files, or some kind of block level sharing and you have to 
then run your own filesystem over the block device.


Now, if latency were zero and fileserver had infinite CPU/bandwidth then 
it would seem like the filesharing system wins because it centralises 
the locking and all other problems and leaves relatively thin clients


On the flip side since latency/bandwidth very much deviates from perfect 
then to me the block level storage initially seems more attractive 
because the client can be given intelligence about the constraints and 
make appropriate choices about fetching blocks, ordering, caching, 
flushing, etc.  However, if we assume active/active clusters are 
required then we need GFS or similar and we have just added a whole heap 
of latency and locking management. This plus the latency of translating 
a disk based protocol (scsi/ata) into network packets suddenly makes the 
block level option look a lot less attractive...


So the final conclusion seems like it's a hard problem and the best 
solution is going to come down to an engineering decision - ie where 
theory and practice deviate and which one actually gets the job done 
fastest in practice?


At least in theory it seems like Gluster should be able to rival the 
speed of a high end iSCSI san - whether the practical engineering 
problems are ever solved is a different matter...  (Random quote - 
http://www.voicesofit.com/blogs/blog1.php/2009/12/29/gluster-the-red-hat-of-storage 
- Gluster claim 131,000 IOPS on some random benchmark using 8 servers 
and 18TB of storage...)



Interesting seeing how this stuff is maturing though!  Sounds like the 
SAN is still the king for people just want something fast reliable and 
off the shelf today...


Ed W

Re: [Dovecot] GlusterFs - Any new progress reports?

[Ed W]

I use GlusterFS with Dovecot and it works without issues. The GlusterFS team 
has made huge progress since 2.0 and with the new 3.0 version they have again 
proved that GlusterFS can get better.
   


You have kindly shared some details of your config before - care to 
update us on what you are using now, how much storage, how many 
deliveries/hour, IOPS, etc?  Lots of stuff was quite hard work for you 
back with Glusterfs v2, what kind of stuff did you need to work around 
with v3? (I can't believe it worked out of the box!)  Any notes for 
users with small office sized setups (ie 2 servers' ish).


I presume you use gentoo on your gluster machines? Do you run gluster 
only on the storage machines or do you virtualise and use the spare CPU 
to run other services? (given the price of electricity it seems a shame 
not to load servers up these days...)


Thanks

Ed W

Re: [Dovecot] Highly Performance and Availability

[Stan Hoeppner]

Ed W put forth on 2/22/2010 7:03 AM:

 Can you tell me exactly what Consolidated Backup means with respect to
 ESX please?  From the brief description on the website I'm not quite
 sure how it varies to say backing up the raw storage using some kind of
 snapshot method?

Here's a decent write up Ed that should answer your questions:
http://www.petri.co.il/virtual-vmware-consolidated-backup-vcb.htm

 I was giving this some thought - essentially the whole problem comes
 down to either some kind of filesharing system which offers up
 individual files, or some kind of block level sharing and you have to
 then run your own filesystem over the block device.

The best solution for this currently existing on this blue planet is SGI's
CXFS.  It is the clustered version of XFS, sharing an identical on-disk
format.  It is the highest performance and most reliable parallel/cluster
filesystem available.  It was initially released simultaneously with XFS in
1994.  It is a clustered file system requiring FC SAN storage.  One host
acts as a CXFS metadata server.  All hosts in the cluster directly access
the same LUN on the disk array controller.  The metadata server coordinates
the notification of blocks that are locked for write access by a particular
node.  The performance is greater than GFS and similar parallel filesystems
due to the centralized metadata server reducing chatter and message latency,
and the fact that the on-disk filesystem is XFS, which as we've discussed is
the fastest filesystem available (aggregate across multiple benchmarks).
Unfortunately, SGI did not open source CXFS, only XFS.  CXFS must still be
licensed from SGI.  I do not know the cost.  For many environments, the cost
is irrelevant, as there simply is no other solution to meet their needs.
For something like clustering IMAP server data for redundancy, CXFS is
probably overkill.  GFS2 should be fine for clustered IMAP storage.

-- 
Stan

Re: [Dovecot] quota and lazy_expunge plugins both used: quotas go wrong with lazy_expunge'd mails

[Baptiste Malguy]

Hello,

In case my nasty changes are right, here comes the patch (including
Makefile.in  Makefile.am ... I'm not really good with automake/autoconf)
I've applied to dovecot 1.2.10 (from Debian backport repository for Lenny,
source package version 1:1.2.10-1~bpo50+1, expecting my changes won't be
different from the vanilla version).

Regards,

-- 
Baptiste MALGUY
PGP fingerprint: 49B0 4F6E 4AA8 B149 B2DF  9267 0F65 6C1C C473 6EC2
diff -ru --exclude=debian dovecot-1.2.10/src/plugins/lazy-expunge/lazy-expunge-plugin.c dovecot-1.2.10-patched/src/plugins/lazy-expunge/lazy-expunge-plugin.c
--- dovecot-1.2.10/src/plugins/lazy-expunge/lazy-expunge-plugin.c	2010-01-25 00:14:17.0 +0100
+++ dovecot-1.2.10-patched/src/plugins/lazy-expunge/lazy-expunge-plugin.c	2010-02-19 18:29:27.0 +0100
@@ -630,24 +630,11 @@
 	struct lazy_expunge_mailbox_list *llist =
 		LAZY_EXPUNGE_LIST_CONTEXT(storage-list);
 	struct lazy_expunge_mail_storage *lstorage;
-	const char *const *p;
-	unsigned int i;
-
 	if (storage-ns-type != NAMESPACE_PRIVATE) {
 		/* this works only for private namespaces. */
 		return;
 	}
 
-	/* if this is one of our internal storages, mark it as such before
-	   quota plugin sees it */
-	p = t_strsplit_spaces(getenv(LAZY_EXPUNGE),  );
-	for (i = 0; i  LAZY_NAMESPACE_COUNT  *p != NULL; i++, p++) {
-		if (strcmp(storage-ns-prefix, *p) == 0) {
-			storage-ns-flags |= NAMESPACE_FLAG_NOQUOTA;
-			break;
-		}
-	}
-
 	llist-storage = storage;
 
 	lstorage = p_new(storage-pool, struct lazy_expunge_mail_storage, 1);
@@ -670,6 +657,18 @@
 static void lazy_expunge_mailbox_list_created(struct mailbox_list *list)
 {
 	struct lazy_expunge_mailbox_list *llist;
+	const char *const *p;
+	unsigned int i;
+
+	/* if this is one of our internal storages, mark it as such before
+	   quota plugin sees it */
+	p = t_strsplit_spaces(getenv(LAZY_EXPUNGE),  );
+	for (i = 0; i  LAZY_NAMESPACE_COUNT  *p != NULL; i++, p++) {
+		if (strcmp(list-ns-prefix, *p) == 0) {
+			list-ns-flags |= NAMESPACE_FLAG_NOQUOTA;
+			break;
+		}
+	}
 
 	if (lazy_expunge_next_hook_mailbox_list_created != NULL)
 		lazy_expunge_next_hook_mailbox_list_created(list);
diff -ru --exclude=debian dovecot-1.2.10/src/plugins/lazy-expunge/Makefile.am dovecot-1.2.10-patched/src/plugins/lazy-expunge/Makefile.am
--- dovecot-1.2.10/src/plugins/lazy-expunge/Makefile.am	2008-06-17 03:58:38.0 +0200
+++ dovecot-1.2.10-patched/src/plugins/lazy-expunge/Makefile.am	2010-02-19 19:28:15.0 +0100
@@ -8,12 +8,12 @@
 	-I$(top_srcdir)/src/lib-imap \
 	-I$(top_srcdir)/src/plugins/quota
 
-lib02_lazy_expunge_plugin_la_LDFLAGS = -module -avoid-version
+lib09_lazy_expunge_plugin_la_LDFLAGS = -module -avoid-version
 
 module_LTLIBRARIES = \
-	lib02_lazy_expunge_plugin.la
+	lib09_lazy_expunge_plugin.la
 
-lib02_lazy_expunge_plugin_la_SOURCES = \
+lib09_lazy_expunge_plugin_la_SOURCES = \
 	lazy-expunge-plugin.c
 
 noinst_HEADERS = \
@@ -22,7 +22,7 @@
 install-exec-local:
 	for d in imap pop3; do \
 	  $(mkdir_p) $(DESTDIR)$(moduledir)/$$d; \
-	  rm -f $(DESTDIR)$(moduledir)/$$d/lib02_lazy_expunge_plugin$(MODULE_SUFFIX); \
-	  $(LN_S) ../lib02_lazy_expunge_plugin$(MODULE_SUFFIX) $(DESTDIR)$(moduledir)/$$d; \
+	  rm -f $(DESTDIR)$(moduledir)/$$d/lib09_lazy_expunge_plugin$(MODULE_SUFFIX); \
+	  $(LN_S) ../lib09_lazy_expunge_plugin$(MODULE_SUFFIX) $(DESTDIR)$(moduledir)/$$d; \
 	done
 
diff -ru --exclude=debian dovecot-1.2.10/src/plugins/lazy-expunge/Makefile.in dovecot-1.2.10-patched/src/plugins/lazy-expunge/Makefile.in
--- dovecot-1.2.10/src/plugins/lazy-expunge/Makefile.in	2010-01-25 00:32:10.0 +0100
+++ dovecot-1.2.10-patched/src/plugins/lazy-expunge/Makefile.in	2010-02-19 21:00:42.0 +0100
@@ -69,13 +69,13 @@
   sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
 am__installdirs = $(DESTDIR)$(moduledir)
 LTLIBRARIES = $(module_LTLIBRARIES)
-lib02_lazy_expunge_plugin_la_LIBADD =
-am_lib02_lazy_expunge_plugin_la_OBJECTS = lazy-expunge-plugin.lo
-lib02_lazy_expunge_plugin_la_OBJECTS =  \
-	$(am_lib02_lazy_expunge_plugin_la_OBJECTS)
-lib02_lazy_expunge_plugin_la_LINK = $(LIBTOOL) --tag=CC \
+lib09_lazy_expunge_plugin_la_LIBADD =
+am_lib09_lazy_expunge_plugin_la_OBJECTS = lazy-expunge-plugin.lo
+lib09_lazy_expunge_plugin_la_OBJECTS =  \
+	$(am_lib09_lazy_expunge_plugin_la_OBJECTS)
+lib09_lazy_expunge_plugin_la_LINK = $(LIBTOOL) --tag=CC \
 	$(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \
-	$(AM_CFLAGS) $(CFLAGS) $(lib02_lazy_expunge_plugin_la_LDFLAGS) \
+	$(AM_CFLAGS) $(CFLAGS) $(lib09_lazy_expunge_plugin_la_LDFLAGS) \
 	$(LDFLAGS) -o $@
 DEFAULT_INCLUDES = -...@am__isrc@ -I$(top_builddir)
 depcomp = $(SHELL) $(top_srcdir)/depcomp
@@ -90,8 +90,8 @@
 LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
 	--mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
 	$(LDFLAGS) -o $@
-SOURCES = $(lib02_lazy_expunge_plugin_la_SOURCES)
-DIST_SOURCES = $(lib02_lazy_expunge_plugin_la_SOURCES)
+SOURCES = $(lib09_lazy_expunge_plugin_la_SOURCES)
+DIST_SOURCES = 

[Dovecot] 1/2 OT: Finger mail count

[Marcio Merlone]

Hi all,

Is there how to make the finger command retrieve mail count from maildir?

Thanks and best regards.

--
Marcio Merlone

attachment: marcio_merlone.vcf

Re: [Dovecot] v2.0 IMAP Capabilities announcement

[Timo Sirainen]

On Mon, 2010-02-22 at 11:59 +, Ed W wrote:
  Hmm. That's too bad. I was hoping to avoid sending any unnecessary 
  capabilities before login. Perhaps IDLE could be added there as an 
  exception.
 
  From memory Outlook Express/Windows Mail requests capabilities before 
 login (and never after login)?

I don't know about them, but I remember someone told me Outlook was
fine. The point anyway is that clients don't have to request anything,
the capability is pushed to them. There are two ways:

a) Clients that understand capability in resp-text-code:

* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
STARTTLS AUTH=PLAIN AUTH=DIGEST-MD5] hello localhost
1 login user pass
1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT
IDLE CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE
QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS QUOTA]
Logged in

b) Clients that don't understand them and issue CAPABILITY anyway (note
how the updated CAPABILITY is now sent in untagged CAPABILITY):

* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
STARTTLS AUTH=PLAIN AUTH=DIGEST-MD5] hello localhost
1 capability
* CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
STARTTLS AUTH=PLAIN AUTH=DIGEST-MD5
1 OK Capability completed.
2 login user pass
* CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE SORT
SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT IDLE
CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC
ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS QUOTA
2 OK Logged in



signature.asc
Description: This is a digitally signed message part

Re: [Dovecot] Replication status

[Timo Sirainen]

On Mon, 2010-02-22 at 10:15 +0100, dove...@lechtermann.net wrote:

 I couldn't find any recent informations regarding the status of
 implementing replication to Dovecot. Especially master/master is what I
 am waiting for.
 
 Is it useable yet with 2.0 or, if not, any eta?

The idea is currently this:

http://www.dovecot.org/list/dovecot/2009-August/041983.html

No ETA. Not even started. Depends on many other things that haven't been
started either.



signature.asc
Description: This is a digitally signed message part

Re: [Dovecot] v2.0.beta3 released

[Timo Sirainen]

On Sun, 2010-02-21 at 07:26 +0100, Thomas Leuxner wrote:
 Am 21.02.2010 um 07:16 schrieb Timo Sirainen:
 
  Yes, that's intentional. imaps isn't a protocol.
 
 Thanks Timo. Has the specific logging option for the LDA been dropped? I see 
 it logging to 'info_log_path=' only.

What specific logging option for LDA?.. Seems to work exactly the same
as in v1.2:

protocol lda {
  info_log_path = /tmp/deliver.log
}



signature.asc
Description: This is a digitally signed message part

[Dovecot] Testing 2.0b3 - problem with pop3

[Odhiambo Washington]

I am testing the version on FreeBSD 7.3-PRELEASE (I doubt it's the issue)
and I am having a problem with pop3. Here is what I see in the log when I
attempt to connect to port 110:

Feb 22 18:15:03 master: Warning: SIGHUP received - reloading configuration
Feb 22 18:15:08 pop3-login: Panic: file login-settings.c: line 216
(login_settings_read): assertion failed: (input.roots[count] == NULL)
Feb 22 18:15:08 master: Error: service(pop3-login): child 70115 killed with
signal 6 (core dumped)
Feb 22 18:15:08 master: Error: service(pop3-login): command startup failed,
throttling

And the output of doveconf can be seen at http://62.8.64.102/~wash/2.0b3.txt

I've basically made my best effort to reflect the settings I had on 2.0b1
into this version.

What could the problem be?

-- 
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254733744121/+254722743223
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
If you have nothing good to say about someone, just shut up!.
  -- Lucky Dube

Re: [Dovecot] [AUTH] Extra @ in user and empty passwd with CRAM-MD5

[Timo Sirainen]

On Sat, 2010-02-20 at 13:56 +0100, Toorop wrote:

 password(too...@domain.tld,82.245.64.126): Generating CRAM-MD5 from user 
 'too...@domain.tld@', password ''

The @ thing is .. well, probably a bug, but it doesn't matter in this
case anyway. The problem is that password is empty. It's because
vpopmail didn't return a plaintext password. Are your passwords stored
in plaintext?



signature.asc
Description: This is a digitally signed message part

[Dovecot] (minor) bug in configure

[Sandro Tosi]

Hello,
while reading config options for dovecot v1.2.10 I've noticed a very 
small bug:


# ./configure --help  | egrep -- 'Dovecot|--with-gnu-ld'
`configure' configures Dovecot 1.2.10 to adapt to many kinds of systems.
 --with-gnu-ld   assume the C compiler uses GNU ld [default=no]
 --with-gnu-ld   assume the C compiler uses GNU ld default=no

I think the latter entry should be removed.

Thanks for considering,
Sandro

Re: [Dovecot] Testing 2.0b3 - problem with pop3

[Mark Sapiro]

Odhiambo Washington wrote:

I am testing the version on FreeBSD 7.3-PRELEASE (I doubt it's the issue)
and I am having a problem with pop3. Here is what I see in the log when I
attempt to connect to port 110:

Feb 22 18:15:03 master: Warning: SIGHUP received - reloading configuration
Feb 22 18:15:08 pop3-login: Panic: file login-settings.c: line 216
(login_settings_read): assertion failed: (input.roots[count] == NULL)
Feb 22 18:15:08 master: Error: service(pop3-login): child 70115 killed with
signal 6 (core dumped)
Feb 22 18:15:08 master: Error: service(pop3-login): command startup failed,
throttling


I see the same thing with pop3 and a different but apparently related
symptom with imap. See
http://dovecot.org/pipermail/dovecot/2010-February/046989.html

I don't have an answer though :(

-- 
Mark Sapiro m...@msapiro.netThe highway is for gamblers,
San Francisco Bay Area, Californiabetter use your sense - B. Dylan

Re: [Dovecot] Testing 2.0b3 - problem with pop3

[Charles Marcus]

On 2010-02-22 10:30 AM, Odhiambo Washington wrote:
 And the output of doveconf can be seen at http://62.8.64.102/~wash/2.0b3.txt

Please don't do that, just paste them inline...

-- 

Best regards,

Charles

Re: [Dovecot] Testing 2.0b3 - problem with pop3

[Odhiambo Washington]

On Mon, Feb 22, 2010 at 6:39 PM, Charles Marcus
cmar...@media-brokers.comwrote:

 On 2010-02-22 10:30 AM, Odhiambo Washington wrote:
  And the output of doveconf can be seen at
 http://62.8.64.102/~wash/2.0b3.txt

 Please don't do that, just paste them inline...


Sorry. Here goes..


# 2.0.beta3: /opt/dovecot2/etc/dovecot/dovecot.conf
# OS: FreeBSD 7.3-PRERELEASE i386  ufs
auth_anonymous_username = anonymous
auth_cache_negative_ttl = 86400 s
auth_cache_size = 10485760
auth_cache_ttl = 3600 s
auth_debug = no
auth_debug_passwords = no
auth_default_realm =
auth_failure_delay = 2 s
auth_gssapi_hostname =
auth_krb5_keytab =
auth_master_user_separator =
auth_mechanisms = plain
auth_realms =
auth_socket_path = /opt/dovecot2/var/run/auth-userdb
auth_ssl_require_client_cert = no
auth_ssl_username_from_cert = no
auth_use_winbind = no
auth_username_chars =
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
auth_username_format =
auth_username_translation =
auth_verbose = yes
auth_verbose_passwords = no
auth_winbind_helper_path = /usr/bin/ntlm_auth
auth_worker_max_count = 30
base_dir = /opt/dovecot2/var/run/
config_cache_size = 1048576
debug_log_path =
default_client_limit = 1000
default_internal_user = dovecot
default_login_user = dovecot
default_process_limit = 100
default_vsz_limit = 268435456
deliver_log_format = msgid=%m: %$
dict_db_config =
disable_plaintext_auth = no
dotlock_use_excl = no
first_valid_gid = 26
first_valid_uid = 26
fsync_disable = no
hostname =
imap_capability =
imap_client_workarounds =
imap_id_log =
imap_id_send =
imap_idle_notify_interval = 120 s
imap_logout_format = bytes=%i/%o
imap_max_line_length = 65536
info_log_path =
last_valid_gid = 0
last_valid_uid = 0
lda_mailbox_autocreate = no
lda_mailbox_autosubscribe = no
libexec_dir = /opt/dovecot2/libexec/dovecot
listen = *, ::
lmtp_proxy = no
lock_method = fcntl
log_path = /opt/dovecot2/var/log/dovecot.log
log_timestamp = %b %d %H:%M:%S
login_access_sockets =
login_greeting = Dovecot-2.0 ready.
login_log_format = %$: %s
login_log_format_elements = user=%u method=%m rip=%r lip=%l %c
login_trusted_networks =
mail_access_groups = mailnull
mail_cache_fields = flags
mail_cache_min_mail_count = 0
mail_chroot =
mail_debug = no
mail_full_filesystem_access = no
mail_gid =
mail_home =
mail_location = maildir:/var/spool/virtual/%d/%n/Maildir
mail_log_prefix = %s(%u):
mail_max_keyword_length = 50
mail_max_userip_connections = 10
mail_never_cache_fields = imap.envelope
mail_nfs_index = no
mail_nfs_storage = no
mail_plugin_dir = /opt/dovecot2/lib/dovecot
mail_plugins =
mail_privileged_group = mailnull
mail_save_crlf = no
mail_uid =
mailbox_idle_check_interval = 30 s
mailbox_list_index_disable = no
maildir_copy_with_hardlinks = yes
maildir_stat_dirs = no
maildir_very_dirty_syncs = no
mbox_dirty_syncs = yes
mbox_dotlock_change_timeout = 120 s
mbox_lazy_writes = yes
mbox_lock_timeout = 300 s
mbox_min_index_size = 0
mbox_read_locks = fcntl
mbox_very_dirty_syncs = no
mbox_write_locks = dotlock fcntl
mdbox_altmove = 604800 s
mdbox_max_open_files = 64
mdbox_rotate_interval = 0 s
mdbox_rotate_size = 2097152
mmap_disable = no
passdb {
  args = /opt/dovecot2/etc/dovecot/dovecot-sql.conf
  deny = no
  driver = sql
  master = no
  pass = no
}
pop3_client_workarounds =
pop3_enable_last = no
pop3_lock_session = no
pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
pop3_no_flag_updates = no
pop3_reuse_xuidl = no
pop3_save_uidl = no
pop3_uidl_format = %08Xu%08Xv
postmaster_address = postmas...@thisuglytest.name
protocols = imap pop3 lmtp
quota_full_tempfail = no
recipient_delimiter = +
rejection_reason = Your message to %t was automatically rejected:%n%r
rejection_subject = Rejected: %s
sendmail_path = /usr/sbin/sendmail
service tcpwrap {
  chroot =
  client_limit = 1
  drop_priv_before_exec = no
  executable = tcpwrap
  extra_groups =
  group =
  privileged_group =
  process_limit = 0
  process_min_avail = 0
  protocol =
  service_count = 0
  type =
  user = $default_internal_user
  vsz_limit = 4294967295
}
service ssl-params {
  chroot =
  client_limit = 0
  drop_priv_before_exec = no
  executable = ssl-params
  extra_groups =
  group =
  privileged_group =
  process_limit = 0
  process_min_avail = 0
  protocol =
  service_count = 0
  type =
  unix_listener login/ssl-params {
group =
mode = 0666
user =
  }
  user =
  vsz_limit = 4294967295
}
service config {
  chroot =
  client_limit = 0
  drop_priv_before_exec = no
  executable = config
  extra_groups =
  group =
  privileged_group =
  process_limit = 0
  process_min_avail = 0
  protocol =
  service_count = 0
  type = config
  unix_listener config {
group =
mode = 0600
user =
  }
  user =
  vsz_limit = 4294967295
}
service auth {
  chroot =
  client_limit = 0
  drop_priv_before_exec = no
  executable = auth
  extra_groups =
  group =
  privileged_group =
  process_limit = 1
  process_min_avail = 0
  protocol =
  service_count = 0
  type =
  unix_listener login/auth {

Re: [Dovecot] Testing 2.0b3 - problem with pop3

[Timo Sirainen]

On Mon, 2010-02-22 at 18:30 +0300, Odhiambo Washington wrote:
 Feb 22 18:15:08 pop3-login: Panic: file login-settings.c: line 216
 (login_settings_read): assertion failed: (input.roots[count] == NULL)

Looks like beta3 was a pretty horrible release. Fixed this bug too:
http://hg.dovecot.org/dovecot-2.0/rev/32d6dd7ce7cb

Also dsync was crashing at startup. I think I'll do beta4 in a few days
in case there are other bad bugs.



signature.asc
Description: This is a digitally signed message part

Re: [Dovecot] (minor) bug in configure

[Timo Sirainen]

On Mon, 2010-02-22 at 16:36 +0100, Sandro Tosi wrote:
 Hello,
 while reading config options for dovecot v1.2.10 I've noticed a very 
 small bug:
 
 # ./configure --help  | egrep -- 'Dovecot|--with-gnu-ld'
 `configure' configures Dovecot 1.2.10 to adapt to many kinds of systems.
   --with-gnu-ld   assume the C compiler uses GNU ld [default=no]
   --with-gnu-ld   assume the C compiler uses GNU ld default=no
 
 I think the latter entry should be removed.

Unfortunately I don't think it's possible. Or at least I don't know how
to. It's added separately by different autoconf macros.



signature.asc
Description: This is a digitally signed message part

Re: [Dovecot] Testing 2.0b3 - problem with pop3

[Mark Sapiro]

Timo Sirainen wrote:

On Mon, 2010-02-22 at 18:30 +0300, Odhiambo Washington wrote:
 Feb 22 18:15:08 pop3-login: Panic: file login-settings.c: line 216
 (login_settings_read): assertion failed: (input.roots[count] =3D=3D NULL)

Looks like beta3 was a pretty horrible release. Fixed this bug too:
http://hg.dovecot.org/dovecot-2.0/rev/32d6dd7ce7cb


It looks like that will fix the pop3 assertion panic, but I think I
will still have issues with imap login with messages like

Feb 21 10:51:47 sbh16 dovecot: imap-login: Fatal: Can't load ssl_cert:
There is no certificate.

Feb 21 10:51:47 sbh16 dovecot: master: service(imap-login): command
startup failed, throttling

See http://dovecot.org/pipermail/dovecot/2010-February/046989.html
for more detail on this.

I have

ssl_cert = /etc/postfix/sbh16-cert.pem
ssl_key = /etc/postfix/sbh16-key.pem

and these are the same files that work with dovecot 1.2.10

I have also tried

ssl_cert = /etc/postfix/sbh16-cert.pem
ssl_key = /etc/postfix/sbh16-key.pem

and I'm sure it didn't work, but it is possible I was confused by the
pop3 assertion panic.


Also dsync was crashing at startup. I think I'll do beta4 in a few days
in case there are other bad bugs.


I'll probably wait for beta4 before trying again.

-- 
Mark Sapiro m...@msapiro.netThe highway is for gamblers,
San Francisco Bay Area, Californiabetter use your sense - B. Dylan

Re: [Dovecot] Testing 2.0b3 - problem with pop3

[Odhiambo Washington]

On Mon, Feb 22, 2010 at 6:55 PM, Timo Sirainen t...@iki.fi wrote:

 On Mon, 2010-02-22 at 18:30 +0300, Odhiambo Washington wrote:
  Feb 22 18:15:08 pop3-login: Panic: file login-settings.c: line 216
  (login_settings_read): assertion failed: (input.roots[count] == NULL)

 Looks like beta3 was a pretty horrible release. Fixed this bug too:
 http://hg.dovecot.org/dovecot-2.0/rev/32d6dd7ce7cb

 Also dsync was crashing at startup. I think I'll do beta4 in a few days
 in case there are other bad bugs.



Now it starts normally, at least, but funnily, the auth mechanisms I am
using in beta1 don't work with the same db in beta3. Unless I missed
something, the following is what I get:

Feb 22 19:29:48 auth: Error: md5_verify(u...@domain.tld): Not a valid
MD5-CRYPT or PLAIN-MD5 password

Is there some inconsistency in my configuration I pasted earlier?


-- 
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254733744121/+254722743223
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
If you have nothing good to say about someone, just shut up!.
  -- Lucky Dube

Re: [Dovecot] Testing 2.0b3 - problem with pop3

[Timo Sirainen]

On Mon, 2010-02-22 at 19:32 +0300, Odhiambo Washington wrote:
 Now it starts normally, at least, but funnily, the auth mechanisms I am
 using in beta1 don't work with the same db in beta3. Unless I missed
 something, the following is what I get:
 
 Feb 22 19:29:48 auth: Error: md5_verify(u...@domain.tld): Not a valid
 MD5-CRYPT or PLAIN-MD5 password

What does it log with auth_debug_passwords=yes? I guess it's possible I
broke something, but .. I don't think I really touched that part of the
code..

BTW. doveconf -n output is better than the full output, no point in
printing defaults.



signature.asc
Description: This is a digitally signed message part

Re: [Dovecot] Migration 1.2.10 - dovecot-2.0.beta

[Timo Sirainen]

On Mon, 2010-02-22 at 09:46 +0100, Frank Elsner wrote:
 Hello *,
 
 I've a well functioning dovecot.1.2.10 installation. I'd like to migrate to 
 dovecot.2.0.beta. Is it possible to use one (big) dovecot.conf or must I
 split it into pieces into directory conf.d? 

You can keep using a single dovecot.conf file.

 What is the best procedure
 to convert the configuration file? 

In future there will be a program or some other automated way to do it.
Now you'll just have to do it manually somehow..


signature.asc
Description: This is a digitally signed message part

Re: [Dovecot] Dovecot v2.0.beta3 quota using userdb

[Timo Sirainen]

On Sat, 2010-02-20 at 20:02 +0100, e-frog wrote:

 I'm playing around with the new Dovecot v2.0.beta3 and don't seem to be
 able to get quotas working from userdb. I didn't change the SQL query
 which was working for 1.2.10.

Fixed: http://hg.dovecot.org/dovecot-2.0/rev/ba19f3c077a8

Looks like this has always been broken. Wonder why I never noticed it.



signature.asc
Description: This is a digitally signed message part

Re: [Dovecot] Dovecot v2.0.beta3 quota using userdb

[aledr]

Symptons are the ones we described earlier but It was not working on
1.2.10 for me until I set quota_rule on password_query.

On Mon, Feb 22, 2010 at 2:12 PM, Timo Sirainen t...@iki.fi wrote:
 On Sat, 2010-02-20 at 20:02 +0100, e-frog wrote:

 I'm playing around with the new Dovecot v2.0.beta3 and don't seem to be
 able to get quotas working from userdb. I didn't change the SQL query
 which was working for 1.2.10.

 Fixed: http://hg.dovecot.org/dovecot-2.0/rev/ba19f3c077a8

 Looks like this has always been broken. Wonder why I never noticed it.
--
[ ]'s
Aledr - Alexandre
OpenSource Solutions for SmallBusiness Problems

Re: [Dovecot] Dovecot v2.0.beta3 quota using userdb

[Timo Sirainen]

I guess you mean you added userdb_quota_rule on password_query, because you 
were using userdb prefetch.

On 22.2.2010, at 19.19, aledr wrote:

 Symptons are the ones we described earlier but It was not working on
 1.2.10 for me until I set quota_rule on password_query.
 
 On Mon, Feb 22, 2010 at 2:12 PM, Timo Sirainen t...@iki.fi wrote:
 On Sat, 2010-02-20 at 20:02 +0100, e-frog wrote:
 
 I'm playing around with the new Dovecot v2.0.beta3 and don't seem to be
 able to get quotas working from userdb. I didn't change the SQL query
 which was working for 1.2.10.
 
 Fixed: http://hg.dovecot.org/dovecot-2.0/rev/ba19f3c077a8
 
 Looks like this has always been broken. Wonder why I never noticed it.
 --
 [ ]'s
 Aledr - Alexandre
 OpenSource Solutions for SmallBusiness Problems
 

Re: [Dovecot] segfault - (imap|pop3)-login during nessus scan

[Todd Rinaldo]

On Feb 19, 2010, at 9:23 PM, Timo Sirainen wrote:

 On Fri, 2010-02-19 at 15:28 -0600, Todd Rinaldo wrote:
 pop3-login[24451]: segfault at 000c rip 003c7de610a2 rsp 
 7fff07116968 error 4
 
 I'm having a really hard time getting a core dump
 
 Yeah, it's difficult to get login processes to core dump. In v1.2 it's
 easier though. But there's an alternative way to get the backtrace:
 
 First set login_process_per_connection=no. Then:
 
 gdb -p `pidof imap-login`
 cont
 wait for crash
 bt full

Tim, Thanks for the feedback. In the other email you sent about re-producing 
with nessus, note that we're using the checkpassword system, however from 
strace info so far we think the error happens before any fork happens to the 
custon auth program.

Your suggestion for trapping with gdb worked for me! Though I had to do this in 
gdb first cause I kept getting sigpipe breaks:
handle SIGPIPE nostop noprint pass

This is my stack trace without debug symbols. How much would symbols help you 
here?

Program received signal SIGSEGV, Segmentation fault.
0x003c7de610a2 in krb5_is_referral_realm () from /usr/lib64/libkrb5.so.3
(gdb) bt full
#0  0x003c7de610a2 in krb5_is_referral_realm () from /usr/lib64/libkrb5.so.3
No symbol table info available.
#1  0x003c7de48ade in krb5_kt_get_entry () from /usr/lib64/libkrb5.so.3
No symbol table info available.
#2  0x003c7fe3871e in kssl_keytab_is_available () from /lib64/libssl.so.6
No symbol table info available.
#3  0x003c7fe1e345 in ssl3_choose_cipher () from /lib64/libssl.so.6
No symbol table info available.
#4  0x003c7fe19aeb in ssl3_get_client_hello () from /lib64/libssl.so.6
No symbol table info available.
#5  0x003c7fe1a465 in ssl3_accept () from /lib64/libssl.so.6
No symbol table info available.
#6  0x003c7fe22602 in ssl23_get_client_hello () from /lib64/libssl.so.6
No symbol table info available.
#7  0x003c7fe22d99 in ssl23_accept () from /lib64/libssl.so.6
No symbol table info available.
#8  0x004093f9 in ssl_step ()
No symbol table info available.
#9  0x004095e4 in ssl_proxy_new ()
No symbol table info available.
#10 0x004073b7 in login_accept_ssl ()
No symbol table info available.
#11 0x00411dc8 in io_loop_handler_run ()
No symbol table info available.
#12 0x00410edd in io_loop_run ()
No symbol table info available.
#13 0x0040706e in main ()
No symbol table info available.

Re: [Dovecot] v2.0.beta3 released

[Thomas Leuxner]

Am 22.02.2010 um 16:29 schrieb Timo Sirainen:
 What specific logging option for LDA?.. Seems to work exactly the same
 as in v1.2:
 
 protocol lda {
  info_log_path = /tmp/deliver.log
 }

Ah ok. Thought all logging ought to be configured in 'logging.conf' as there 
was no example in 'lda.conf'. Since I switched to lmtp delivery yesterday, 
would it also be possible to have a different logging path for that?

Thanks
Thomas 

Re: [Dovecot] v2.0.beta3 released

[Timo Sirainen]

On 22.2.2010, at 19.49, Thomas Leuxner wrote:

 Am 22.02.2010 um 16:29 schrieb Timo Sirainen:
 What specific logging option for LDA?.. Seems to work exactly the same
 as in v1.2:
 
 protocol lda {
 info_log_path = /tmp/deliver.log
 }
 
 Ah ok. Thought all logging ought to be configured in 'logging.conf' as there 
 was no example in 'lda.conf'.

No, the config files were split only to hopefully make them easier to manage. 
You can put any settings anywhere you want.

 Since I switched to lmtp delivery yesterday, would it also be possible to 
 have a different logging path for that?

Nope. It would be now much simpler to implement it though. log daemon would 
just need to support reading/using separate config for each service. Maybe it 
could even be implemented in less than 50 lines of code..

Re: [Dovecot] v2.0.beta3 released

[Thomas Leuxner]

Am 22.02.2010 um 18:53 schrieb Timo Sirainen:
 Since I switched to lmtp delivery yesterday, would it also be possible to 
 have a different logging path for that?
 
 Nope. It would be now much simpler to implement it though. log daemon would 
 just need to support reading/using separate config for each service. Maybe it 
 could even be implemented in less than 50 lines of code..

Maybe an option going forward.

Thanks

Re: [Dovecot] segfault - (imap|pop3)-login during nessus scan

[Timo Sirainen]

On 22.2.2010, at 19.49, Todd Rinaldo wrote:

 gdb -p `pidof imap-login`
 cont
 wait for crash
 bt full
 
 Tim, Thanks for the feedback. In the other email you sent about re-producing 
 with nessus, note that we're using the checkpassword system, however from 
 strace info so far we think the error happens before any fork happens to the 
 custon auth program.

The crash comes from login process. All authentication is done by dovecot-auth 
process, so it doesn't matter what kind of auth stuff you're using.

 Program received signal SIGSEGV, Segmentation fault.
 0x003c7de610a2 in krb5_is_referral_realm () from /usr/lib64/libkrb5.so.3
 (gdb) bt full
 #0  0x003c7de610a2 in krb5_is_referral_realm () from 
 /usr/lib64/libkrb5.so.3
 No symbol table info available.
 #1  0x003c7de48ade in krb5_kt_get_entry () from /usr/lib64/libkrb5.so.3
 No symbol table info available.
 #2  0x003c7fe3871e in kssl_keytab_is_available () from /lib64/libssl.so.6
 No symbol table info available.
 #3  0x003c7fe1e345 in ssl3_choose_cipher () from /lib64/libssl.so.6
 No symbol table info available.

Well, that's coming from Kerberos library, which is called by OpenSSL for some 
reason.. Are you using Kerberos? Anyway it looks to me more like OpenSSL or 
Kerberos bug.

Re: [Dovecot] v2.0.beta3 released

[Timo Sirainen]

On 22.2.2010, at 19.53, Timo Sirainen wrote:

 Nope. It would be now much simpler to implement it though. log daemon would 
 just need to support reading/using separate config for each service. Maybe it 
 could even be implemented in less than 50 lines of code..

Oh, actually not. The difficult part is that Dovecot just doesn't support 
logging to multiple files (with same severity) in a same process. The logging 
code would have to be abstracted out before that would be possible.

Re: [Dovecot] v2.0.beta3 released

[Thomas Leuxner]

Am 22.02.2010 um 18:59 schrieb Timo Sirainen:

 Oh, actually not. The difficult part is that Dovecot just doesn't support 
 logging to multiple files (with same severity) in a same process. The logging 
 code would have to be abstracted out before that would be possible.

Actually I like the idea of having a separate delivery log with lmtp. Any idea?

Re: [Dovecot] sieve vacation

[Lampa]

So if i understand this fully, you must define ALL potentional aliases
which user is member of ?

When create new alias ali...@domain.tld and it is alias for
u...@domain.tld i must edit vacation script and add :address
ali...@domain.tld ? If yes, is little stupid and unmaintainable. Can
be used some wildcard * or something similar ?

2010/2/12 Martin F. Foster martin_fos...@pacific.net.au:
 Following from Steffen Kaiser's response, RFC5230 explains the conditions
 necessary for the Sieve Vacation extension to trigger a response.
 This says:

 Vacation MUST NOT respond to a message unless the recipient user's
 email address is in a To, Cc, Bcc, Resent-To, Resent-Cc, or
 Resent-Bcc line of the original message.


 So your scenario 4 happens when the sender is only in the envelope, and not
 in the headers.

 For example: this transaction will get a response because the mailbox
 address is in the To: header

 ehlo there.com
 mail from: d...@there.com
 rcpt to: u...@domain.tld  envelope recipient, mailsystem routes with
 this information
 data
 To: Some User u...@domain.tld  header recipient must be correlated for
 Sieve Vacation to send a response
 From: Dude d...@there.com
 Subject: message

 Hi there
 .

 This transaction will not get a response, and will trigger the discarding
 vacation response for message implicitly delivered to u...@domain.tld 
 log:

 ehlo there.com
 mail from: d...@there.com
 rcpt to: u...@domain.tld
 data
 Subject: message

 Hi there
 .


 Cheers,

 -Martin Foster


 Le 12-Feb-10 21:00, dovecot-requ...@dovecot.org a écrit :

 Message: 9
 Date: Fri, 12 Feb 2010 09:18:23 +0100
 From: Lampalamp...@gmail.com
 Subject: [Dovecot] sieve vacation
 To: Dovecot Mailing Listdovecot@dovecot.org
 Message-ID:
        9aef75b11002120018v69f185b5hb0a9e0f7dad1e...@mail.gmail.com
 Content-Type: text/plain; charset=ISO-8859-1

 Hello,

 scenario:

 OK 1. created vacation script (see below)
 OK 2. send message fromu...@anotherdomain.tld  tou...@domain.tld  =
 got auto vacation response (2010-02-11T19:42:13)
 OK 3. send message fromu...@anotherdomain.tld  tou...@domain.tld  =
 no response (is ok because :days 1 settings) (2010-02-11T19:47:46)
 BAD 4. send message fromanotheru...@anotherdomain.tld  to
 u...@domain.tld  =  no response (2010-02-11T19:48:04)


 Why is discarding vacation response for message implicitly delivered
 tou...@domain.tld  ?

 log:
 2010-02-11T19:42:13.669321+01:00 hermes dovecot:
 deliver(u...@domain.tld): sieve:
 msgid=052a01caab49$ec4752e0$c4d5f8...@tld: sent vacation response to
 u...@anotherdomain.tld
 2010-02-11T19:42:13.732541+01:00 hermes dovecot:
 deliver(u...@domain.tld): sieve:
 msgid=052a01caab49$ec4752e0$c4d5f8...@tld: stored mail into mailbox
 'INBOX'
 2010-02-11T19:47:46.271534+01:00 hermes dovecot:
 deliver(u...@domain.tld): sieve:
 msgid=053201caab4a$b295ece0$17c1c6...@tld: discarded duplicate
 vacation response tou...@anotherdomain.tld
 2010-02-11T19:47:46.275891+01:00 hermes dovecot:
 deliver(u...@domain.tld): sieve:
 msgid=053201caab4a$b295ece0$17c1c6...@tld: stored mail into mailbox
 'INBOX'
 2010-02-11T19:48:04.958622+01:00 hermes dovecot:
 deliver(u...@domain.tld): sieve:
 msgid=053701caab4a$bda90220$38fb06...@tld: discarding vacation
 response for message implicitly delivered tou...@domain.tld
 2010-02-11T19:48:04.965875+01:00 hermes dovecot:
 deliver(u...@domain.tld): sieve:
 msgid=053701caab4a$bda90220$38fb06...@tld: stored mail into mailbox
 'INBOX'

 vacation script:
 ---
 require vacation;

 vacation
 :days 1
 :subject Auto reply

 auto reply message;
 --

 Thank you
 -- Lampa --





-- 
Lampa

Re: [Dovecot] v2.0.beta3 released

[Timo Sirainen]

On 22.2.2010, at 20.19, Thomas Leuxner wrote:

 Am 22.02.2010 um 18:59 schrieb Timo Sirainen:
 
 Oh, actually not. The difficult part is that Dovecot just doesn't support 
 logging to multiple files (with same severity) in a same process. The 
 logging code would have to be abstracted out before that would be possible.
 
 Actually I like the idea of having a separate delivery log with lmtp. Any 
 idea?

Some syslog could do that.

Re: [Dovecot] [AUTH] Extra @ in user and empty passwd with CRAM-MD5

[Toorop]

Timo Sirainen a écrit :


password(too...@domain.tld,82.245.64.126): Generating CRAM-MD5 from user 
'too...@domain.tld@', password ''



The @ thing is .. well, probably a bug, but it doesn't matter in this
case anyway. The problem is that password is empty. It's because
vpopmail didn't return a plaintext password. Are your passwords stored
in plaintext?


Hum... no

Thanks Timo ;)

--
Toorop

Re: [Dovecot] Dovecot v2.0.beta3 quota using userdb

[e-frog]

Timo Sirainen wrote:
 On Sat, 2010-02-20 at 20:02 +0100, e-frog wrote:
 
 I'm playing around with the new Dovecot v2.0.beta3 and don't seem to be
 able to get quotas working from userdb. I didn't change the SQL query
 which was working for 1.2.10.
 
 Fixed: http://hg.dovecot.org/dovecot-2.0/rev/ba19f3c077a8
 
 Looks like this has always been broken. Wonder why I never noticed it.
 

Hmm. This patch doesn't seem to fix it for me. There is still no Quota
rule in the logs as before...

[Dovecot] show only subscribed folders

[Frank Cusack]

is there a plugin or some other method by which i could have a user
ONLY have access to subscribed folders?  having a separate login or
a separate instance of dovecot is ok if necessary.

the iPhone always shows ALL folders, not just subscribed ones.  i'd
like to be able to see only the subscribed folders.

Re: [Dovecot] v2.0 IMAP Capabilities announcement

[reg9009]

   From memory Outlook Express/Windows Mail requests capabilities before
login (and never after login)?
 

I don't know about them, but I remember someone told me Outlook was
fine. The point anyway is that clients don't have to request anything,
the capability is pushed to them. There are two ways:
   

this was me, and dovecot 2.0 was still in alpha status... :)

Anyway, I tested Outlook only, not Outlook Express. There always were 
some differences between those, so maybe they behave different with 
login capabilities, too.


Regards,
Sebastian

Re: [Dovecot] segfault - (imap|pop3)-login during nessus scan

[Todd Rinaldo]

On Feb 22, 2010, at 11:57 AM, Timo Sirainen wrote:

 
 Well, that's coming from Kerberos library, which is called by OpenSSL for 
 some reason.. Are you using Kerberos? Anyway it looks to me more like OpenSSL 
 or Kerberos bug.

Tim, 

Below  is the stack trace with symbols. The bug appears to manifest only in 
64bit redhat/centos 5 only but happens against multiple versions of openssl 
that existed over 5's life. Unfortunately, RedHat decided to compile in 
kerberos so I can't control that. We played around but couldn't find a way to 
make it stop by manipulating ssl_cipher_list.

I have seen dovecot crash when the following packages are installed: 
openssl-0.9.8e-12.el5, openssl-0.9.8e-12.el5_4.1

I've reduced the test case to this:

31705 (SSL Cipher Suites Supported) - 
http://www.nessus.org/plugins/index.php?view=singleid=21643
When run manually from command line, I had to replace 443 with 993 or 995 
inside the ssl_supported_ciphers.nasl script.
Then I can just run this to make it happen: nasl -t target_host 
ssl_supported_ciphers.nasl

While this is clearly an openssl bug, I cannot reproduce this on courier, but I 
did find a reference to a similar backtrace with stunnel: 
http://tinyurl.com/yeyo7t9

Can you think of any way I could disable kerberos for dovecot so this does not 
segfault? Is there any check we could put in the code to prevent the segfault?

Thanks,
Todd

---

Program received signal SIGSEGV, Segmentation fault.
0x003adf4610a2 in krb5_is_referral_realm () from /usr/lib64/libkrb5.so.3
(gdb) bt full
#0  0x003adf4610a2 in krb5_is_referral_realm () from /usr/lib64/libkrb5.so.3
No symbol table info available.
#1  0x003adf448ade in krb5_kt_get_entry () from /usr/lib64/libkrb5.so.3
No symbol table info available.
#2  0x003ae083876e in kssl_keytab_is_available () from /lib64/libssl.so.6
No symbol table info available.
#3  0x003ae081e385 in ssl3_choose_cipher () from /lib64/libssl.so.6
No symbol table info available.
#4  0x003ae0819b2b in ssl3_get_client_hello () from /lib64/libssl.so.6
No symbol table info available.
#5  0x003ae081a4a5 in ssl3_accept () from /lib64/libssl.so.6
No symbol table info available.
#6  0x003ae0822642 in ssl23_get_client_hello () from /lib64/libssl.so.6
No symbol table info available.
#7  0x003ae0822dd9 in ssl23_accept () from /lib64/libssl.so.6
No symbol table info available.
#8  0x0040a8b2 in ssl_handshake (proxy=0x1a793920) at 
ssl-proxy-openssl.c:399
ret = 0
#9  0x0040ab50 in ssl_step (proxy=0x1a793920) at ssl-proxy-openssl.c:456
No locals.
#10 0x00417927 in io_loop_handler_run (ioloop=0x1a789d70) at 
ioloop-epoll.c:209
ctx = (struct ioloop_handler_context *) 0x1a78bf00
events = (struct epoll_event *) 0x1a78d670
event = (const struct epoll_event *) 0x1a78d670
list = (struct io_list *) 0x1a7907f0
io = (struct io_file *) 0x1a795e50
tv = {tv_sec = 179, tv_usec = 999415}
events_count = 7
t_id = 2
msecs = 18
ret = 1
i = 0
j = 0
call = true
#11 0x00416b32 in io_loop_run (ioloop=0x1a789d70) at ioloop.c:336
No locals.
#12 0x00408dbd in main (argc=1, argv=0x7fffeae55498, 
envp=0x7fffeae554a8) at main.c:482

[Dovecot] managesieve build error

[Bradley Giesbrecht]

Hello,


dovecot-1.2.10
dovecot-sieve-0.1.14
dovecot-managesieve-0.11.11

I believe I patched dovecot successfully and compiled the dovecot and  
dovecot-sieve source tress.


patching file README.managesieve
patching file dovecot-example.conf
patching file src/master/child-process.c
patching file src/master/child-process.h
patching file src/master/listener.c
patching file src/master/login-process.c
patching file src/master/mail-process.c
patching file src/master/main.c
patching file src/master/master-settings-defs.c
patching file src/master/master-settings.c
patching file src/master/master-settings.h


Then I configure dovecot-managesieve and this completes without error.

But when I make dovecot-managesieve I get this error:
#
Making all in managesieve

main.c:195: error: variable 'managesieve_sieve_env' has initializer  
but incomplete type

#


Where should I be looking for a solution?


Thank you,

Bradley Giesbrecht

Re: [Dovecot] Dovecot 2.0.beta3 Configuration issue (SOLVED)

[Mark Sapiro]

 Timo Sirainen wrote in another thread:

Looks like beta3 was a pretty horrible release. Fixed this bug too:
http://hg.dovecot.org/dovecot-2.0/rev/32d6dd7ce7cb


That solved my pop3 assertion panic. Once I got past that, I again tried
changing from

ssl_cert = /etc/postfix/sbh16-cert.pem
ssl_key = /etc/postfix/sbh16-key.pem

to

ssl_cert = /etc/postfix/sbh16-cert.pem
ssl_key = /etc/postfix/sbh16-key.pem

and that fixed the ssl cretificate problem.

-- 
Mark Sapiro m...@msapiro.netThe highway is for gamblers,
San Francisco Bay Area, Californiabetter use your sense - B. Dylan

[Dovecot] panic in istream-raw-mbox.c - 2.0.beta3+

[Mark Sapiro]

Saw the following in the log after shutting down my client.

Feb 22 20:44:47 sbh16 dovecot: imap(mark): Disconnected: Logged out
bytes=1755/9765

Feb 22 20:44:47 sbh16 dovecot: imap(mark): Panic: file
istream-raw-mbox.c: line503 (istream_raw_mbox_get_start_offset):
assertion failed: (rstream-seeked)

Feb 22 20:44:47 sbh16 dovecot: imap(mark): Raw backtrace:
/usr/local/lib/dovecot/libdovecot.so.0 [0x5ad950] -
/usr/local/lib/dovecot/libdovecot.so.0 [0x5ad9a5] -
/usr/local/lib/dovecot/libdovecot.so.0 [0x5ad008] -
/usr/local/lib/dovecot/libdovecot-storage.so.0 [0xe387a7] -
/usr/local/lib/dovecot/libdovecot-storage.so.0 [0xe406e4] -
/usr/local/lib/dovecot/libdovecot-storage.so.0(mail_get_special+0x1d)
[0xdcaaed] -
/usr/local/lib/dovecot/libdovecot-storage.so.0(index_mail_expunge+0x34)
[0xe0aed4] -
/usr/local/lib/dovecot/libdovecot-storage.so.0(mail_expunge+0xf)
[0xdcab9f] - dovecot/imap(imap_expunge+0xc5) [0x8056eb5] -
dovecot/imap(cmd_close+0x73) [0x804eab3] - dovecot/imap [0x80550cc]
- dovecot/imap [0x805517b] - dovecot/imap(client_handle_input+0x33)
[0x80552d3] - dovecot/imap(client_continue_pending_input+0x79)
[0x8055529] -
/usr/local/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x110)
[0x5b98d0] - /usr/local/lib/dovecot/libdovecot.so.0(io_loop_run+0x2f)
[0x5b858f] - /usr/local/lib/dovec

(the above appears truncated, but that's all that was logged)

Feb 22 20:44:47 sbh16 dovecot: master: service(imap): child 27281
killed with signal 6 (core dumps disabled)

Feb 22 20:44:47 sbh16 dovecot: imap(gpc): Disconnected: Logged out
bytes=274/1356

This is 2.0.beta3 plus
http://hg.dovecot.org/dovecot-2.0/rev/32d6dd7ce7cb

[r...@sbh16 dovecot]# dovecot -n
# 2.0.beta3: /usr/local/etc/dovecot/dovecot.conf
# OS: Linux 2.6.18-8.1.14.el5 i686 CentOS release 5 (Final)
auth_mechanisms = plain apop login
auth_worker_max_count = 5
mail_location = mbox:~/Mail:INBOX=/var/spool/mail/%u
mail_privileged_group = mail
mbox_write_locks = fcntl dotlock
passdb {
  args = /usr/local/etc/dovecot.passwd
  deny = no
  driver = passwd-file
  master = no
  pass = no
}
passdb {
  deny = no
  driver = pam
  master = no
  pass = no
}
protocols = imap pop3
service auth {
  unix_listener /var/spool/postfix/private/auth {
mode = 0666
  }
}
ssl_cert = /etc/postfix/sbh16-cert.pem
ssl_key = /etc/postfix/sbh16-key.pem
userdb {
  driver = passwd
}
[r...@sbh16 dovecot]#


-- 
Mark Sapiro m...@msapiro.netThe highway is for gamblers,
San Francisco Bay Area, Californiabetter use your sense - B. Dylan

Re: [Dovecot] show only subscribed folders

[Steffen Kaiser]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Mon, 22 Feb 2010, Frank Cusack wrote:


having a separate login or
is ok if necessary.


This is more or less share via symlink:
http://wiki.dovecot.org/SharedMailboxes/Symlinks

Then have a daily cron job or postlogin script to setup the symlinks.

Regards,

- -- 
Steffen Kaiser

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)

iQEVAwUBS4OKbL+Vh58GPL/cAQI0Dwf/TZ4Fl3LD9KdYm4kHPIytakUBhMlJniWO
7AooU6CUKQCU0RuPE59vVt+S9hFbwIs/XJl6JC3M7txGtkoM51/3IBFzcHx8KOyr
rJTHx4Fi+FWYLiJ/F0GVeIC7tUGwVsc4pGmtNWdcjAVgwUJfg1QGIuWPwbU5iKl1
NcIt3/3ohgA9K5x7yjqgeIkA0o7Zkx/rNrseiPWFzzHmQRZsiyElCFHUVihASHKj
5LeeVWKBuDmHKzY+B1N1KMuin6PZKjxoTPXx/Fi2QXMjskg3RwSrSNzM3EXAmb6Q
dR2yBsW75HGAQHeaBAwkdUzoUcJn2o/O8dV80aYizHLN1kcvM9Egnw==
=pga/
-END PGP SIGNATURE-