Re: [Dovecot] dovecot and avahi

2013-01-01 Thread Benny Pedersen 

Robert Moskowitz skrev den 2013-01-01 17:07:


I can't find any information on this in the Dovecot documentation ot
googling.  Perhaps my search fu is low this year.


google "avahi dns srv record"

also search for zerroconf

case is still what clients use it

Re: [Dovecot] Vacation Notice Not Working

2013-01-01 Thread Daniel Parthey 
Ch Chai wrote:
> pigeonhole - 2.0.15

There is definitely no pigeonhole version 2.0.15, see [1].
- latest pigeonhole version for Dovecot 2.0.x is 0.2.6
- latest pigeonhole version for Dovecot 2.1.x is 0.3.3

Which mechanism are you using for delivery from your MTA to Dovecot?
dovecot-lda or any other mechanism?

Possibly, the sieve mechanism of pigeonhole does not even get
triggered, if the mail is delivered directly to the target mailbox.

According to the Sieve documentation [2] you need to use Dovecot's
Local Delivery Agent (LDA) [3] or the LMTP service [4] for
SIEVE support to work correctly on mail delivery.

Regards
Daniel

[1] http://pigeonhole.dovecot.org/download.html
[2] http://wiki2.dovecot.org/Pigeonhole/Sieve
[3] http://wiki2.dovecot.org/LDA
[4] http://wiki2.dovecot.org/LMTP
-- 
https://plus.google.com/103021802792276734820

Re: [Dovecot] Vacation Notice Not Working

2013-01-01 Thread Ch Chai 


original message-
From: "Daniel Parthey" daniel.part...@informatik.tu-chemnitz.de
To: "Ch Chai" chc...@acelsys.com
CC: dovecot@dovecot.org
Date: Tue, 1 Jan 2013 02:08:14 +0100
-


> Hi,
>
> Happy new year to everyone on this list :)
>
> Ch Chai wrote:
>> >> >> When I try to active Vacation Notice using Egroupware, I can see
>> (.sieve)
>> >> >> generated in mail server. but not working.
>> >> >
>> >> > * Which sieve related lines can you see in your dovecot logfiles?
>> > You can find the log file locations by running:
>> > doveadm log find
>> * found this path when by run this command : doveadm log find
>> Debug: /var/log/dovecot-debug.log
>> Info: /var/log/dovecot-info.log
>> Warning: /var/log/dovecot.log
>> Error: /var/log/dovecot.log
>> Fatal: /var/log/dovecot.log
>
> So what can you find in /var/log/dovecot-info.log and /var/log/dovecot.log
> when a mail is delivered to the test account?
>
>> * When I vim /var/www/web1/user/(user name)/.dovecot.sieve ,it will point
>> to my sieve file e.g
>> /var/www/web1/user/web1_test/sieve/test_felamimail.sieve
>
> Seems correct.
>
> Can you see any .dovecot.sieve.log in the same directory as .dovecot.sieve,
> there sieve related errors would be written, if any.
>
>> * I check back [test_felamimail.sieve] this line ( vacation :days 1
>> :addresses ["t...@acelsys.com "] text: ) there is no space after .com, I 
>> don't
>> know why when I 1st time paste into egroupware it will add space for me. I 
>> can
>> send/receive mail, just can't activate Vacation Notice. Whats wrong ?
>
> The vacation notice seems to be activated, but does not work.
> We will need some relevant logfile output and doveconf -n output
> as well as dovecot and pigeonhole version you are using,
> otherwise it will be difficult to help you.
>
> Regards
> Daniel
> --
> https://plus.google.com/103021802792276734820
>

Hi, Happy New Year :)

version: both come with fedora 14
dovecot - 2.0.15
pigeonhole - 2.0.15

* I didn't see any log file or any .dovecot.sieve.log in .dovecot.sieve 
directory

* doveconf -n output:

[root@server1 dovecot]# dovecot -n
# 2.0.15: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.35.14-106.fc14.i686 i686 Fedora release 14 (Laughlin)
auth_debug = yes
debug_log_path = /var/log/dovecot-debug.log
disable_plaintext_auth = no
info_log_path = /var/log/dovecot-info.log
log_path = /var/log/dovecot.log
mail_debug = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character 
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy 
include variables body enotify environment mailbox date
mbox_write_locks = fcntl
passdb {
 driver = pam
}
plugin {
 plugin = autocreate managesieve sieve
 sieve = ~/.dovecot.sieve
 sieve_dir = ~/sieve
}
protocols = sieve imap pop3
service managesieve-login {
 inet_listener sieve {
 address = *
 port = 2000
 }
}
ssl_cert =

[Dovecot] Folder names

2013-01-01 Thread James Starowitz 
Running a pretty basic setup of imap +pop3 on version 2.1.10

 

Users are able to create folders in imap that contain "&" the folder on the
backend reflects "&-" as it should, you can list folder, but then when you
relog into imap then decides it can no longer subscribe to this folder due
to invalid UTF characters. Essentially allowing users to lock themselves out
by using a very common character in a folder name.

 

Might one of the imap client compatibility plugins in imapd  cause this
quirkiness ?

 

Should I be coming at this from another direction?

 

Is this a bug?

Re: [Dovecot] Dovecot Virtual Users with Sendmail

2013-01-01 Thread dormitionsk...@hotmail.com 

On Jan 1, 2013, at 3:34 PM, Andrzej A. Filip wrote:

> On 01/01/2013 10:18 PM, dormitionsk...@hotmail.com wrote:
>> Thank you, Andrzej, for helping us.  I really appreciate it.
>> 
>> It no longer rejects the mail that I try to send to the virtual users.  It 
>> just tries to send it for eternity.  SquirrelMail says, "Waiting for 
>> localhost".  It does not get rejected.  It does not get sent.  It does not 
>> leave anything in any log that I can find.  It does not even seem to time 
>> out.  I think I waited at least five minutes while it tried to send a 
>> message to a virtual user @localhost.
>> 
>> I'm not sure if I did this right.  Below are my sendmail files.  Of course, 
>> I rebuilt the .mc -> .cf file, and all of the .db files.
>> 
>> ---
>> 
>> sendmail.mc
>> 
>> divert(-1)
>> #
>> # Copyright (c) 1983 Eric P. Allman
>> # Copyright (c) 1988, 1993
>> #The Regents of the University of California.  All rights reserved.
>> #
>> # Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
>> # Use is subject to license terms.
>> #
>> #  This is a configuration file for SunOS 5.8 (a.k.a. Solaris 8) and later
>> #  subsidiary machines.  It has support for local and SMTP mail.  The
>> #  confFALLBACK_SMARTHOST macro is enabled, which means that messages will
>> #  be sent to that host (which is set to mailhost.$m [$m is the local 
>> domain])
>> #  if MX records are unavailable.  A short-cut rule is also defined, which
>> #  says if the recipient host is in the local domain, send to it directly
>> #  instead of the smart host.
>> #
>> #  If you want to customize this further, copy it to a name appropriate
>> #  for your environment and do the modifications there.
>> #
>> 
>> divert(0)dnl
>> VERSIONID(`sendmail.mc (Sun)')
>> OSTYPE(`solaris8')dnl
>> DOMAIN(`solaris-generic')dnl
>> define(`confFALLBACK_SMARTHOST', `mailhost$?m.$m$.')dnl
>> 
>> define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl
>> FEATURE(local_procmail,`',`procmail -t -Y -a $h -d $u')dnl
>> 
>> FEATURE(`mailertable')
>> 
>> FEATURE(`access_db')
>> FEATURE(`blacklist_recipients')
>> 
>> 
>> MAILER(`local')dnl
>> MAILER(`smtp')dnl
>> 
>> MAILER(`procmail')dnl
>> MAILER(`dovecot')dnl
>> 
>> 
>> LOCAL_CONFIG
>> # declare DOVECOT "magic word"
>> CPDOVECOT
>> 
>> LOCAL_NET_CONFIG
>> R$* < @ $* .$m. > $* $#esmtp $@ $2.$m $: $1 < @ $2.$m. > $3
>> 
>> 
>> ---
>> 
>> access -- I am wondering if this is the problem?
>> 
>> # Check the /usr/share/doc/sendmail/README.cf file for a description
>> # of the format of this file. (search for access_db in that file)
>> # The /usr/share/doc/sendmail/README.cf is part of the sendmail-doc
>> # package.
>> #
>> 
>> to:DOVECOT REJECT
>> 
>> # by default we allow relaying from localhost...
>> localhost.localdomainRELAY
>> localhostRELAY
>> 127.0.0.1RELAY
>> dsicons.net  RELAY
>> dormitionskete.net   RELAY
>> holyapostlesconvent.org  RELAY
>> dormitionskete.info  RELAY
>> 174.32.127.90RELAY
>> 174.32.127.91RELAY
>> 174.32.127.92RELAY
>> 174.32.127.93RELAY
>> 174.32.127.94RELAY
>> 
>> 
>> ---
>> 
>> aliases
>> 
>> #
>> # Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
>> # Use is subject to license terms.
>> #
>> # CDDL HEADER START
>> #
>> # The contents of this file are subject to the terms of the
>> # Common Development and Distribution License, Version 1.0 only
>> # (the "License").  You may not use this file except in compliance
>> # with the License.
>> #
>> # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
>> # or http://www.opensolaris.org/os/licensing.
>> # See the License for the specific language governing permissions
>> # and limitations under the License.
>> #
>> # When distributing Covered Code, include this CDDL HEADER in each
>> # file and include the License file at usr/src/OPENSOLARIS.LICENSE.
>> # If applicable, add the following below this CDDL HEADER, with the
>> # fields enclosed by brackets "[]" replaced with your own identifying
>> # information: Portions Copyright [] [name of copyright owner]
>> #
>> # CDDL HEADER END
>> #
>> #
>> #ident   "%Z%%M% %I% %E% SMI"
>> 
>> ##
>> #  Aliases can have any mix of upper and lower case on the left-hand side,
>> #but the right-hand side should be proper case (usually lower)
>> #
>> #>>  The program "newaliases" must be run after
>> #>> NOTE >>  this file is updated for any changes to
>> #>>  show through to sendmail.
>> ##
>> 
>> # The following alias is required by the mail protocol, RFC 2821
>> # Set it to the address of a HUMAN who deals with this system's mail 
>> problems.
>> postmaster: root
>> 
>> # Alias for mailer daemon; returned messages from our MAILER-DAEMON
>> # should be routed to our local Postmaster.
>> MAILER-DAEMON: postma

Re: [Dovecot] Dovecot Virtual Users with Sendmail

2013-01-01 Thread Andrzej A. Filip 
On 01/01/2013 10:18 PM, dormitionsk...@hotmail.com wrote:
> Thank you, Andrzej, for helping us.  I really appreciate it.
>
> It no longer rejects the mail that I try to send to the virtual users.  It 
> just tries to send it for eternity.  SquirrelMail says, "Waiting for 
> localhost".  It does not get rejected.  It does not get sent.  It does not 
> leave anything in any log that I can find.  It does not even seem to time 
> out.  I think I waited at least five minutes while it tried to send a message 
> to a virtual user @localhost.
>
> I'm not sure if I did this right.  Below are my sendmail files.  Of course, I 
> rebuilt the .mc -> .cf file, and all of the .db files.
>
> ---
>
> sendmail.mc
>
> divert(-1)
> #
> # Copyright (c) 1983 Eric P. Allman
> # Copyright (c) 1988, 1993
> # The Regents of the University of California.  All rights reserved.
> #
> # Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
> # Use is subject to license terms.
> #
> #  This is a configuration file for SunOS 5.8 (a.k.a. Solaris 8) and later
> #  subsidiary machines.  It has support for local and SMTP mail.  The
> #  confFALLBACK_SMARTHOST macro is enabled, which means that messages will
> #  be sent to that host (which is set to mailhost.$m [$m is the local domain])
> #  if MX records are unavailable.  A short-cut rule is also defined, which
> #  says if the recipient host is in the local domain, send to it directly
> #  instead of the smart host.
> #
> #  If you want to customize this further, copy it to a name appropriate
> #  for your environment and do the modifications there.
> #
>
> divert(0)dnl
> VERSIONID(`sendmail.mc (Sun)')
> OSTYPE(`solaris8')dnl
> DOMAIN(`solaris-generic')dnl
> define(`confFALLBACK_SMARTHOST', `mailhost$?m.$m$.')dnl
>
> define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl
> FEATURE(local_procmail,`',`procmail -t -Y -a $h -d $u')dnl
>
> FEATURE(`mailertable')
>
> FEATURE(`access_db')
> FEATURE(`blacklist_recipients')
>
>
> MAILER(`local')dnl
> MAILER(`smtp')dnl
>
> MAILER(`procmail')dnl
> MAILER(`dovecot')dnl
>
>
> LOCAL_CONFIG
> # declare DOVECOT "magic word"
> CPDOVECOT
>
> LOCAL_NET_CONFIG
> R$* < @ $* .$m. > $*  $#esmtp $@ $2.$m $: $1 < @ $2.$m. > $3
>
>
> ---
>
> access -- I am wondering if this is the problem?
>
> # Check the /usr/share/doc/sendmail/README.cf file for a description
> # of the format of this file. (search for access_db in that file)
> # The /usr/share/doc/sendmail/README.cf is part of the sendmail-doc
> # package.
> #
>
> to:DOVECOT REJECT
>
> # by default we allow relaying from localhost...
> localhost.localdomain RELAY
> localhost RELAY
> 127.0.0.1 RELAY
> dsicons.net   RELAY
> dormitionskete.netRELAY
> holyapostlesconvent.org   RELAY
> dormitionskete.info   RELAY
> 174.32.127.90 RELAY
> 174.32.127.91 RELAY
> 174.32.127.92 RELAY
> 174.32.127.93 RELAY
> 174.32.127.94 RELAY
>
>
> ---
>
> aliases
>
> #
> # Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
> # Use is subject to license terms.
> #
> # CDDL HEADER START
> #
> # The contents of this file are subject to the terms of the
> # Common Development and Distribution License, Version 1.0 only
> # (the "License").  You may not use this file except in compliance
> # with the License.
> #
> # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
> # or http://www.opensolaris.org/os/licensing.
> # See the License for the specific language governing permissions
> # and limitations under the License.
> #
> # When distributing Covered Code, include this CDDL HEADER in each
> # file and include the License file at usr/src/OPENSOLARIS.LICENSE.
> # If applicable, add the following below this CDDL HEADER, with the
> # fields enclosed by brackets "[]" replaced with your own identifying
> # information: Portions Copyright [] [name of copyright owner]
> #
> # CDDL HEADER END
> #
> #
> #ident"%Z%%M% %I% %E% SMI"
>
> ##
> #  Aliases can have any mix of upper and lower case on the left-hand side,
> # but the right-hand side should be proper case (usually lower)
> #
> # >>  The program "newaliases" must be run after
> # >> NOTE >>  this file is updated for any changes to
> # >>  show through to sendmail.
> ##
>
> # The following alias is required by the mail protocol, RFC 2821
> # Set it to the address of a HUMAN who deals with this system's mail problems.
> postmaster: root
>
> # Alias for mailer daemon; returned messages from our MAILER-DAEMON
> # should be routed to our local Postmaster.
> MAILER-DAEMON: postmaster
>
> # General redirections for pseudo accounts.
> bin:  root
> daemon:   root
> system:   root
> toor: root
> uucp: root
>
> # Well-known aliases.
> manager:  root
> dumper:   root
> operator:

Re: [Dovecot] Dovecot Virtual Users with Sendmail

2013-01-01 Thread dormitionsk...@hotmail.com 
Thank you, Andrzej, for helping us.  I really appreciate it.

It no longer rejects the mail that I try to send to the virtual users.  It just 
tries to send it for eternity.  SquirrelMail says, "Waiting for localhost".  It 
does not get rejected.  It does not get sent.  It does not leave anything in 
any log that I can find.  It does not even seem to time out.  I think I waited 
at least five minutes while it tried to send a message to a virtual user 
@localhost.

I'm not sure if I did this right.  Below are my sendmail files.  Of course, I 
rebuilt the .mc -> .cf file, and all of the .db files.

---

sendmail.mc

divert(-1)
#
# Copyright (c) 1983 Eric P. Allman
# Copyright (c) 1988, 1993
#   The Regents of the University of California.  All rights reserved.
#
# Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
# Use is subject to license terms.
#
#  This is a configuration file for SunOS 5.8 (a.k.a. Solaris 8) and later
#  subsidiary machines.  It has support for local and SMTP mail.  The
#  confFALLBACK_SMARTHOST macro is enabled, which means that messages will
#  be sent to that host (which is set to mailhost.$m [$m is the local domain])
#  if MX records are unavailable.  A short-cut rule is also defined, which
#  says if the recipient host is in the local domain, send to it directly
#  instead of the smart host.
#
#  If you want to customize this further, copy it to a name appropriate
#  for your environment and do the modifications there.
#

divert(0)dnl
VERSIONID(`sendmail.mc (Sun)')
OSTYPE(`solaris8')dnl
DOMAIN(`solaris-generic')dnl
define(`confFALLBACK_SMARTHOST', `mailhost$?m.$m$.')dnl

define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl
FEATURE(local_procmail,`',`procmail -t -Y -a $h -d $u')dnl

FEATURE(`mailertable')

FEATURE(`access_db')
FEATURE(`blacklist_recipients')


MAILER(`local')dnl
MAILER(`smtp')dnl

MAILER(`procmail')dnl
MAILER(`dovecot')dnl


LOCAL_CONFIG
# declare DOVECOT "magic word"
CPDOVECOT

LOCAL_NET_CONFIG
R$* < @ $* .$m. > $*$#esmtp $@ $2.$m $: $1 < @ $2.$m. > $3


---

access -- I am wondering if this is the problem?

# Check the /usr/share/doc/sendmail/README.cf file for a description
# of the format of this file. (search for access_db in that file)
# The /usr/share/doc/sendmail/README.cf is part of the sendmail-doc
# package.
#

to:DOVECOT REJECT

# by default we allow relaying from localhost...
localhost.localdomain   RELAY
localhost   RELAY
127.0.0.1   RELAY
dsicons.net RELAY
dormitionskete.net  RELAY
holyapostlesconvent.org RELAY
dormitionskete.info RELAY
174.32.127.90   RELAY
174.32.127.91   RELAY
174.32.127.92   RELAY
174.32.127.93   RELAY
174.32.127.94   RELAY


---

aliases

#
# Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
# Use is subject to license terms.
#
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License, Version 1.0 only
# (the "License").  You may not use this file except in compliance
# with the License.
#
# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
# or http://www.opensolaris.org/os/licensing.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
# If applicable, add the following below this CDDL HEADER, with the
# fields enclosed by brackets "[]" replaced with your own identifying
# information: Portions Copyright [] [name of copyright owner]
#
# CDDL HEADER END
#
#
#ident  "%Z%%M% %I% %E% SMI"

##
#  Aliases can have any mix of upper and lower case on the left-hand side,
#   but the right-hand side should be proper case (usually lower)
#
#   >>  The program "newaliases" must be run after
#   >> NOTE >>  this file is updated for any changes to
#   >>  show through to sendmail.
##

# The following alias is required by the mail protocol, RFC 2821
# Set it to the address of a HUMAN who deals with this system's mail problems.
postmaster: root

# Alias for mailer daemon; returned messages from our MAILER-DAEMON
# should be routed to our local Postmaster.
MAILER-DAEMON: postmaster

# General redirections for pseudo accounts.
bin:root
daemon: root
system: root
toor:   root
uucp:   root

# Well-known aliases.
manager:root
dumper: root
operator:   root

# trap decode to catch security attacks
decode: root

# Aliases to handle mail to programs or files, eg news or vacation
nobody: /dev/null

# Sample aliases:

# Alias for distribution list, members specified here:
#staff:wnj,mosher,sam,ecc,mckusick,sklower,olson,rwh@ernie

# Alias for distribution lis

Re: [Dovecot] dovecot and avahi

2013-01-01 Thread Robert Schetterer 
Am 01.01.2013 21:25, schrieb Reindl Harald:
> 
> 
> Am 01.01.2013 21:15, schrieb Robert Schetterer:
>> outlook has active sync included native since vers 2013, however
>> autodiscover works since vers 2007+
>>
>> thunderbirds autoconfig is different from microsoft autodiscover
>> but automx can serve both in one tool
> 
> the real problem with microsofts autodiscover is that it requires
> https and as long WinXP is not finally dead you need for each https
> host a different IP which is not really a option with IPv4 blocks
> 
> i had implemented autodisciver by myself
> 
> there was some workaround with redirection where
> "autoddiscover.domain.tld" can be non https and
> redirct to https://autodiscover.yourcompany.tld
> 
> this worked fine even with self signet certificates
> buzt in very recnet outlook versions you get the damned
> certificate warning everytime you start outlook and not
> only by configure the mail account
> 
> really braindead compared with the mozilla way
> 

Hi Harald ,your right, M$ method is really . in some points
i use the dns srv way , which has problems with ssl warnings too
or needs expensive crts, but however its always the same story,
these companies do not try provide perfect code or methods, their goal
is to make money, which is still legal


Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer
Aufsichtsratsvorsitzender: Joerg Heidrich

Re: [Dovecot] dovecot and avahi

2013-01-01 Thread Reindl Harald 


Am 01.01.2013 21:15, schrieb Robert Schetterer:
> outlook has active sync included native since vers 2013, however
> autodiscover works since vers 2007+
> 
> thunderbirds autoconfig is different from microsoft autodiscover
> but automx can serve both in one tool

the real problem with microsofts autodiscover is that it requires
https and as long WinXP is not finally dead you need for each https
host a different IP which is not really a option with IPv4 blocks

i had implemented autodisciver by myself

there was some workaround with redirection where
"autoddiscover.domain.tld" can be non https and
redirct to https://autodiscover.yourcompany.tld

this worked fine even with self signet certificates
buzt in very recnet outlook versions you get the damned
certificate warning everytime you start outlook and not
only by configure the mail account

really braindead compared with the mozilla way



signature.asc
Description: OpenPGP digital signature

Re: [Dovecot] dovecot and avahi

2013-01-01 Thread Robert Schetterer 
Am 01.01.2013 21:04, schrieb Patrick Ben Koetter:
> * Robert Schetterer :
>> Am 01.01.2013 20:08, schrieb Patrick Ben Koetter:
>>> * Robert Moskowitz :

 On 01/01/2013 01:39 PM, Patrick Ben Koetter wrote:
> * Tom Hendrikx :
>> On 01-01-13 18:01, Ben Morrow wrote:
>>> At  5PM +0100 on  1/01/13 you (Tom Hendrikx) wrote:
 If you want to advertise your mail config for easy setup over the
 internet, take a look at: http://www.automx.org/
>>> I thought most gooey mail clients supported RFC 6186 nowadays?
>>>
>>> Ben
>>>
>> As you can see from their docs, it supports a lot more than what you can
>> put in SRV DNS records AFAIK. I don't use either of the solutions
>> actively, and don't support any client setups so I don't really know
>> what is currently available in clients, and needed or superior on server
>> side.
> automx combines Mozillas autoconfig service and Microsofts autodiscover
> service in one tool. With automx you can provision SMTP/POP/IMAP and
> ActiveSync account settings (but not the services themselves).
>
> Microsoft Outlook 2007+, Thunderbird 3+, Microsoft Mobiles and other 
> mobiles
> known to support ActiveSync can make use of the automx webservice.
>>
>> typo not "activesync" they do autoconfig
> 
> Robert is wrong. automx can provision activesync accounts.

@p for more clearness, thunderbird had never activesync, automx provides
propagation for activesync clients via autodiscover method a
typical active sync client is ie android mail app in exchange modus

outlook has active sync included native since vers 2013, however
autodiscover works since vers 2007+

thunderbirds autoconfig is different from microsoft autodiscover
but automx can serve both in one tool

> 
> p@rick
> 



Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer
Aufsichtsratsvorsitzender: Joerg Heidrich

Re: [Dovecot] dovecot and avahi

2013-01-01 Thread Patrick Ben Koetter 
* Robert Schetterer :
> Am 01.01.2013 20:08, schrieb Patrick Ben Koetter:
> > * Robert Moskowitz :
> >>
> >> On 01/01/2013 01:39 PM, Patrick Ben Koetter wrote:
> >>> * Tom Hendrikx :
>  On 01-01-13 18:01, Ben Morrow wrote:
> > At  5PM +0100 on  1/01/13 you (Tom Hendrikx) wrote:
> >> If you want to advertise your mail config for easy setup over the
> >> internet, take a look at: http://www.automx.org/
> > I thought most gooey mail clients supported RFC 6186 nowadays?
> >
> > Ben
> >
>  As you can see from their docs, it supports a lot more than what you can
>  put in SRV DNS records AFAIK. I don't use either of the solutions
>  actively, and don't support any client setups so I don't really know
>  what is currently available in clients, and needed or superior on server
>  side.
> >>> automx combines Mozillas autoconfig service and Microsofts autodiscover
> >>> service in one tool. With automx you can provision SMTP/POP/IMAP and
> >>> ActiveSync account settings (but not the services themselves).
> >>>
> >>> Microsoft Outlook 2007+, Thunderbird 3+, Microsoft Mobiles and other 
> >>> mobiles
> >>> known to support ActiveSync can make use of the automx webservice.
> 
> typo not "activesync" they do autoconfig

Robert is wrong. automx can provision activesync accounts.

p@rick

-- 
[*] sys4 AG
 
http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München
 
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer
Aufsichtsratsvorsitzender: Joerg Heidrich

Re: [Dovecot] dovecot and avahi

2013-01-01 Thread Robert Schetterer 
Am 01.01.2013 20:08, schrieb Patrick Ben Koetter:
> * Robert Moskowitz :
>>
>> On 01/01/2013 01:39 PM, Patrick Ben Koetter wrote:
>>> * Tom Hendrikx :
 On 01-01-13 18:01, Ben Morrow wrote:
> At  5PM +0100 on  1/01/13 you (Tom Hendrikx) wrote:
>> If you want to advertise your mail config for easy setup over the
>> internet, take a look at: http://www.automx.org/
> I thought most gooey mail clients supported RFC 6186 nowadays?
>
> Ben
>
 As you can see from their docs, it supports a lot more than what you can
 put in SRV DNS records AFAIK. I don't use either of the solutions
 actively, and don't support any client setups so I don't really know
 what is currently available in clients, and needed or superior on server
 side.
>>> automx combines Mozillas autoconfig service and Microsofts autodiscover
>>> service in one tool. With automx you can provision SMTP/POP/IMAP and
>>> ActiveSync account settings (but not the services themselves).
>>>
>>> Microsoft Outlook 2007+, Thunderbird 3+, Microsoft Mobiles and other mobiles
>>> known to support ActiveSync can make use of the automx webservice.

typo not "activesync" they do autoconfig

Outlook 2013 can do in deed activesync , but this is off topic here


>>>
>>> Apple products do not support either MS' or MZ's provisioning services. 
>>> AFAIK
>>> the only way to configure these clients is to store an XML file at a 
>>> dedicated
>>> location in advance, use the Apple Configurator or go the real hard way and
>>> use Mobile Device Management (MDM) services.
>>>
>>> The aforementioned RFC 6186 has shortcommings compared to
>>> autodiscover/autoconfig-services: You can tell the service location (URI) 
>>> and
>>> port, but you can't specify transport policies (plaintext, SSL, STARTTLS),
>>> authentication mechanisms etc. I would not want to use it in a business
>>> environment.
>>
>> thank you very much for this analysis. SRV records were only
>> intented to find the services that would then set up the policies.
>> There is considerable pushback on using DNS for a general purpose
>> database.  I had to fight for my HIP DNS RRs for holding just Host
>> Identities.
>>
>> I see that it can use SQL for some information handling.  Does it
>> work with the sql tables managed by postfixadmin?
> 
> We - Christian and I - haven't tried, but I am sure it will, because you are
> free to define any SQL query you want in automx to get what you want from
> postfixadmin.
> 
> You may also use Modoboa to manage the mailboxes. Antoine just ran a blog
> article on using automx with it:
> 
> 
> p@rick
> 
> 
> 
> 
>>
>>
> 



Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer
Aufsichtsratsvorsitzender: Joerg Heidrich

Re: [Dovecot] dovecot and avahi

2013-01-01 Thread Patrick Ben Koetter 
* Robert Moskowitz :
> 
> On 01/01/2013 01:39 PM, Patrick Ben Koetter wrote:
> >* Tom Hendrikx :
> >>On 01-01-13 18:01, Ben Morrow wrote:
> >>>At  5PM +0100 on  1/01/13 you (Tom Hendrikx) wrote:
> If you want to advertise your mail config for easy setup over the
> internet, take a look at: http://www.automx.org/
> >>>I thought most gooey mail clients supported RFC 6186 nowadays?
> >>>
> >>>Ben
> >>>
> >>As you can see from their docs, it supports a lot more than what you can
> >>put in SRV DNS records AFAIK. I don't use either of the solutions
> >>actively, and don't support any client setups so I don't really know
> >>what is currently available in clients, and needed or superior on server
> >>side.
> >automx combines Mozillas autoconfig service and Microsofts autodiscover
> >service in one tool. With automx you can provision SMTP/POP/IMAP and
> >ActiveSync account settings (but not the services themselves).
> >
> >Microsoft Outlook 2007+, Thunderbird 3+, Microsoft Mobiles and other mobiles
> >known to support ActiveSync can make use of the automx webservice.
> >
> >Apple products do not support either MS' or MZ's provisioning services. AFAIK
> >the only way to configure these clients is to store an XML file at a 
> >dedicated
> >location in advance, use the Apple Configurator or go the real hard way and
> >use Mobile Device Management (MDM) services.
> >
> >The aforementioned RFC 6186 has shortcommings compared to
> >autodiscover/autoconfig-services: You can tell the service location (URI) and
> >port, but you can't specify transport policies (plaintext, SSL, STARTTLS),
> >authentication mechanisms etc. I would not want to use it in a business
> >environment.
> 
> thank you very much for this analysis. SRV records were only
> intented to find the services that would then set up the policies.
> There is considerable pushback on using DNS for a general purpose
> database.  I had to fight for my HIP DNS RRs for holding just Host
> Identities.
> 
> I see that it can use SQL for some information handling.  Does it
> work with the sql tables managed by postfixadmin?

We - Christian and I - haven't tried, but I am sure it will, because you are
free to define any SQL query you want in automx to get what you want from
postfixadmin.

You may also use Modoboa to manage the mailboxes. Antoine just ran a blog
article on using automx with it:


p@rick




> 
> 

-- 
[*] sys4 AG
 
http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München
 
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer
Aufsichtsratsvorsitzender: Joerg Heidrich

Re: [Dovecot] dovecot and avahi

2013-01-01 Thread Robert Moskowitz 


On 01/01/2013 01:39 PM, Patrick Ben Koetter wrote:

* Tom Hendrikx :

On 01-01-13 18:01, Ben Morrow wrote:

At  5PM +0100 on  1/01/13 you (Tom Hendrikx) wrote:

If you want to advertise your mail config for easy setup over the
internet, take a look at: http://www.automx.org/

I thought most gooey mail clients supported RFC 6186 nowadays?

Ben


As you can see from their docs, it supports a lot more than what you can
put in SRV DNS records AFAIK. I don't use either of the solutions
actively, and don't support any client setups so I don't really know
what is currently available in clients, and needed or superior on server
side.

automx combines Mozillas autoconfig service and Microsofts autodiscover
service in one tool. With automx you can provision SMTP/POP/IMAP and
ActiveSync account settings (but not the services themselves).

Microsoft Outlook 2007+, Thunderbird 3+, Microsoft Mobiles and other mobiles
known to support ActiveSync can make use of the automx webservice.

Apple products do not support either MS' or MZ's provisioning services. AFAIK
the only way to configure these clients is to store an XML file at a dedicated
location in advance, use the Apple Configurator or go the real hard way and
use Mobile Device Management (MDM) services.

The aforementioned RFC 6186 has shortcommings compared to
autodiscover/autoconfig-services: You can tell the service location (URI) and
port, but you can't specify transport policies (plaintext, SSL, STARTTLS),
authentication mechanisms etc. I would not want to use it in a business
environment.


thank you very much for this analysis. SRV records were only intented to 
find the services that would then set up the policies. There is 
considerable pushback on using DNS for a general purpose database.  I 
had to fight for my HIP DNS RRs for holding just Host Identities.


I see that it can use SQL for some information handling.  Does it work 
with the sql tables managed by postfixadmin?

Re: [Dovecot] dovecot and avahi

2013-01-01 Thread Patrick Ben Koetter 
* Tom Hendrikx :
> On 01-01-13 18:01, Ben Morrow wrote:
> > At  5PM +0100 on  1/01/13 you (Tom Hendrikx) wrote:
> >>
> >> If you want to advertise your mail config for easy setup over the
> >> internet, take a look at: http://www.automx.org/
> > 
> > I thought most gooey mail clients supported RFC 6186 nowadays?
> > 
> > Ben
> > 
> 
> As you can see from their docs, it supports a lot more than what you can
> put in SRV DNS records AFAIK. I don't use either of the solutions
> actively, and don't support any client setups so I don't really know
> what is currently available in clients, and needed or superior on server
> side.

automx combines Mozillas autoconfig service and Microsofts autodiscover
service in one tool. With automx you can provision SMTP/POP/IMAP and
ActiveSync account settings (but not the services themselves).

Microsoft Outlook 2007+, Thunderbird 3+, Microsoft Mobiles and other mobiles
known to support ActiveSync can make use of the automx webservice.

Apple products do not support either MS' or MZ's provisioning services. AFAIK
the only way to configure these clients is to store an XML file at a dedicated
location in advance, use the Apple Configurator or go the real hard way and
use Mobile Device Management (MDM) services.

The aforementioned RFC 6186 has shortcommings compared to
autodiscover/autoconfig-services: You can tell the service location (URI) and
port, but you can't specify transport policies (plaintext, SSL, STARTTLS),
authentication mechanisms etc. I would not want to use it in a business
environment.

p@rick

-- 
[*] sys4 AG
 
http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München
 
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer
Aufsichtsratsvorsitzender: Joerg Heidrich

Re: [Dovecot] Dovecot Virtual Users with Sendmail

2013-01-01 Thread Andrzej A. Filip 
On 01/01/2013 06:40 PM, dormitionsk...@hotmail.com wrote:
> On Jan 1, 2013, at 10:31 AM, Andrzej A. Filip wrote:
>
>> On 12/31/2012 04:19 AM, dormitionsk...@hotmail.com wrote:
>>> [...]
>> 1) Do you use virtual users with or without domain part?
>> [virtual-user or virtual-u...@exaple.net ]
>
> Without.
>
> virtual-user
>
>
>> 2) How many entries do you have in paswdb/userdb files?
>> [<100,<1000,]
> <100
>
> Around 10.
>
>
>> 3) Is SMTP AUTH crucial for virtual users?
>>
> No.  I'd like it, but it's not crucial.
>
> We don't have it now for anyone.  The only way we access our email outside 
> the monastery is through SquirrelMail.  I was hoping to add that with this 
> server upgrade.  It'd be nice to open our email access up more, but we can 
> live without it if we have to.
Based on the above replies I would suggest first modified version of the
recipe below. There are many other ways but it seems to best fit your
case with simple and stable changes to sendmail.mc/sendmail.cf.
  http://anfi.homeunix.org/sendmail/localNalias.html

1) In *.mc file add
LOCAL_CONFIG
# declare DOVECOT "magic word"
CPDOVECOT

2) Deliver messages to *@DOVECOT using dovecot mailer [requires
FEATURE(`mailertable')].
mailertable:
DOVECOT dovecot:localhost

3) Do not accept messages to *@DOVECOT via SMTP [requires
FEATURE(`access_db') and FEATURE(`blacklist_recipients')] access:
to:DOVECOT REJECT

4) create aliases for virtualusers (one alias per one virtual user)
aliases:
virtualuser1: virtualuser1@DOVECOT
virtualuser2: virtualuser2@DOVECOT

Comments about "narrowing" questions:
1) case with domain part is usually more complex
2) sendmail may be configured to check recipient existence in dovecot's
userdb/paswdb files but it would use method I would not recommend for
bigger userdb/passwd files
3) sendmail supports cyrus-sasl, sendmail does not support dovecot-sasl

Re: [Dovecot] Dovecot Virtual Users with Sendmail

2013-01-01 Thread Reindl Harald 


Am 01.01.2013 18:40, schrieb dormitionsk...@hotmail.com:
>> 3) Is SMTP AUTH crucial for virtual users?
>>
> 
> No.  I'd like it, but it's not crucial.
> 
> We don't have it now for anyone.  The only way we access our email outside 
> the monastery is through SquirrelMail.  I was hoping to add that with this 
> server upgrade.  It'd be nice to open our email access up more, but we can 
> live without it if we have to.

get rid of sendmail
postfix supports SASL via dovecot

who in the world does a setup which allows SMTP without authentication?
if some of your user accounts get hacked and used for spam you even
have no chance to see in the smtp-log which user is affected



signature.asc
Description: OpenPGP digital signature

Re: [Dovecot] Dovecot Virtual Users with Sendmail

2013-01-01 Thread dormitionsk...@hotmail.com 

On Jan 1, 2013, at 10:31 AM, Andrzej A. Filip wrote:

> On 12/31/2012 04:19 AM, dormitionsk...@hotmail.com wrote:
>> [...]
> 
> 1) Do you use virtual users with or without domain part?
> [virtual-user or virtual-u...@exaple.net ]


Without.

virtual-user


> 2) How many entries do you have in paswdb/userdb files?
> [<100,<1000,]

<100

Around 10.


> 3) Is SMTP AUTH crucial for virtual users?
> 

No.  I'd like it, but it's not crucial.

We don't have it now for anyone.  The only way we access our email outside the 
monastery is through SquirrelMail.  I was hoping to add that with this server 
upgrade.  It'd be nice to open our email access up more, but we can live 
without it if we have to.

Re: [Dovecot] Dovecot Virtual Users with Sendmail

2013-01-01 Thread Andrzej A. Filip 
On 12/31/2012 04:19 AM, dormitionsk...@hotmail.com wrote:
> [...]

1) Do you use virtual users with or without domain part?
[virtual-user or virtual-u...@exaple.net ]
2) How many entries do you have in paswdb/userdb files?
[<100,<1000,]
3) Is SMTP AUTH crucial for virtual users?

Re: [Dovecot] dovecot and avahi

2013-01-01 Thread Robert Moskowitz 


On 01/01/2013 12:01 PM, Ben Morrow wrote:

At  5PM +0100 on  1/01/13 you (Tom Hendrikx) wrote:

If you want to advertise your mail config for easy setup over the
internet, take a look at: http://www.automx.org/

I thought most gooey mail clients supported RFC 6186 nowadays?


Thunderbird does.  Much more reasonable approach over Avahi which is 
only for those Apple users on the local net anyway  ;)

Re: [Dovecot] dovecot and avahi

2013-01-01 Thread Tom Hendrikx 
On 01-01-13 18:01, Ben Morrow wrote:
> At  5PM +0100 on  1/01/13 you (Tom Hendrikx) wrote:
>>
>> If you want to advertise your mail config for easy setup over the
>> internet, take a look at: http://www.automx.org/
> 
> I thought most gooey mail clients supported RFC 6186 nowadays?
> 
> Ben
> 

As you can see from their docs, it supports a lot more than what you can
put in SRV DNS records AFAIK. I don't use either of the solutions
actively, and don't support any client setups so I don't really know
what is currently available in clients, and needed or superior on server
side.

--
Tom

Re: [Dovecot] dovecot and avahi

2013-01-01 Thread Ben Morrow 
At  5PM +0100 on  1/01/13 you (Tom Hendrikx) wrote:
> 
> If you want to advertise your mail config for easy setup over the
> internet, take a look at: http://www.automx.org/

I thought most gooey mail clients supported RFC 6186 nowadays?

Ben

Re: [Dovecot] dovecot and avahi

2013-01-01 Thread Reindl Harald 


Am 01.01.2013 17:23, schrieb Robert Moskowitz:
> Say a small business is running a local mail server, perhaps using fetchmail 
> to get their gmail accounts and such. 
> And they have a bunch of MACs in the office.  How were mail clients 
> discovering the local mail server?  Apple users
> like automagic stuff.

who cares what the users like?
in business usually the admin setup the computers

even for private users:
someone who is not able to enter servername, username and password
should not use email at all because these are usually the same sending
to their whole address book as CC





signature.asc
Description: OpenPGP digital signature

Re: [Dovecot] From Sendmail to Dovecot mdbox, what is missing.

2013-01-01 Thread Ben Morrow 
At 10AM -0600 on  1/01/13 you (Torpey List) wrote:
> 
> I was rereading man dovecot-lda and specifically the option "-d username". 
> it said that it is used typically with virutal users, but not necessarily 
> with system users.  I am doing system users; therefore I removed it from the 
> sendmail feature, but then I get the following error in maillog:
> 
> Jan  1 10:28:39 nala sendmail[23041]: r01GScR4023040: smtpquit: mailer local 
> exited with exit value 64
> 
> I googled, but did not find what value 64 meant.  Anyone have a list or a 
> clue what this error means?

/usr/include/sysexits.h:

#define EX_USAGE64  /* command line usage error */

Sendmail (and therefore other mail-processing software) is one of the
few traditional Unix programs to use these exit codes consistently, and
expect other programs to use them.

Ben

Re: [Dovecot] dovecot and avahi

2013-01-01 Thread Robert Moskowitz 


On 01/01/2013 11:24 AM, Tom Hendrikx wrote:

On 01-01-13 17:13, Reindl Harald wrote:


Am 01.01.2013 17:07, schrieb Robert Moskowitz:

I am trying to figure out if I need avahi on my mail server.  I see that POP3 
and IMAP are services that Avahi can
advertise/discover. Does Dovecot work with Avahi and how do you get POP3 and 
IMAP advertised?

And perhaps more importantly, what clients look for mail services this way?

avahi does NOT get routed to internet

since most clienst are not in the private network why would
someone advertise mail-services via avahi?


If you want to advertise your mail config for easy setup over the
internet, take a look at: http://www.automx.org/


Not something I was looking for, but very interesting!

Definitely worth a review.  AFTER I get other things done.  The number 
of users I have, I can support the old ways.  RIght now I am just 
working through what each thing does and why I MIGHT need it.

Re: [Dovecot] From Sendmail to Dovecot mdbox, what is missing.

2013-01-01 Thread Ben Morrow 
At  8AM -0600 on  1/01/13 you (Torpey List) wrote:
> -Original Message- 
> From: Ben Morrow 
> Sent: Monday, December 31, 2012 8:52 PM 
> To: Dovecot Mailing List 
> Subject: Re: [Dovecot] From Sendmail to Dovecot mdbox, what is missing. 
> 
> At  5PM -0600 on 31/12/12 you (Torpey List) wrote:
> >> Sendmail 8.14.4
> >> dovecot 2.0.9
> >>
> >> I have sendmail working and it is sending mail to /var/mail/%u.
> >> I have dovecot working in that I can move emails into IMAP folders and
> >> I can send email through IMAP. I have set up dovecot to use mdbox
> >> based on the following:
> >> mail_location = mdbox:~/mail
> >>
> >> However, I seem to be lacking a key piece of information.

> 
> >If you want to keep INBOX delivery to mboxes in /var/mail,

> 
> I am going to try an option below.

OK. That's probably best.

> >> LMTP – I could not see any difference with this added or not.
> >
> >If you had configured Dovecot to deliver into /var/mail, that's hardly
> >surprising. Otherwise, are you sure you were delivering mail to the LMTP
> >server? If you were you should have seen entries in Dovecot's log file,
> >and the delivered mail should have ended up with a Received header from
> >the LMTP server.
> 
> I have used egrep and there is no line that has /var/mail that is
> uncommented in any of the config files.
> 
> Based on your comment, then no I do not believe the new mail was going
> through LMTP.

OK. That sounds likely, since you haven't mentioned any LMTP-related
Sendmail configuration.

> >> Dovecot-lda – I have had issues getting it configured.
> >
> >What issues? If you were trying to get the LDA to deliver to /var/mail,
> >it's possible you were running into permissions problems. The best
> >solution is to deliver into the mdbox instead, or just leave Sendmail to
> >deliver to /var/mail.
> >
> >> Sendmail changes
> >> FEATURE(`local_procmail',
> >> `/usr/libexec/dovecot/dovecot-lda',`/usr/libexec/dovecot/dovecot-lda
> >> -d $u')
> >> MODIFY_MAILER_FLAGS(`LOCAL', `-f')
> >> MAILER(procmail)dnl
> >
> >I know nothing at all about Sendmail configuration, but going by the
> >Dovecot wiki that looks correct. Are you sure mail for the appropriate
> >users was actually getting routed through that mailer? What did you see
> >in the logs (you need to check both Dovecot's and Sendmail's logs,
> >wherever they may be).
> 
> The email is not being delivered by LTMP because there are no logs.
> 
> The most documentation that I have found is using dovecot-lda, but as
> you said there are permissions issues.  The wiki implied that LTMP is
> the best solution but I am not understanding enough to get it set up.

The most important part, which I can't help you with, is finding out how
to turn on Sendmail's LMTP client (assuming it has one). For that you
would need to read the Sendmail documentation, or ask on a Sendmail
list.

> Therefore, I am attempting to stick with dovecot-lda *using sudo* from
> the dovecot-lda wiki page.  The wiki said to put /usr/bin/sudo in
> front of path/dovecot-lda but did not say which one or both.  I could
> not get it to work.
> 
> The option that has gone the furthest is *Making dovecot-lda setuid-root*.
> However, I have errors.  Here are the permissions.
> 
>-rwxr-xr-x. 1 root secmail 26512 Aug 18  2011 
> /usr/libexec/dovecot/dovecot-lda

That is not setuid root. If it were, it would be *extremely* dangerous,
since you haven't removed the other-execute bit.

Making programs setuid root is a very very bad idea. You should not do
it unless you have absolutely no alternative. Pretty-much the same
applies to using sudo to do the same thing, although that is a little
safer since sudo makes an effort to clean the environment.

How does Sendmail invoke the LDA? Is it already running as the right
user for the delivery? Are you using system or virtual users?

> ==> /var/log/maillog <==
> Jan 01 08:24:02 lda: Error: userdb lookup:
> connect(/var/run/dovecot/auth-userdb) failed: Permission denied
> (euid=0(root) egid=0(root) missing +r perm:
> /var/run/dovecot/auth-userdb, euid is dir owner)

> ==> /var/log/messages <==
> Jan  1 08:24:02 nala kernel: type=1400 audit(1357050242.947:42): avc:
> denied  { dac_override } for  pid=20156 comm="dovecot-lda"
> capability=1  scontext=unconfined_u:system_r:dovecot_deliver_t:s0
> tcontext=unconfined_u:system_r:dovecot_deliver_t:s0 tclass=capability

OK, these two suggest to me you are using an SELinux system, and that
the system is placing unexpected limitations on the abilities of root.
While that's irritating, it isn't a problem since you shouldn't be
running the LDA as root anyway.

If you are using system users, make sure Sendmail invokes dovecot-lda as
the appropriate user, and don't pass the -d option. (This assumes your
Dovecot homedirs are the same as your /etc/passwd homedirs, and you
aren't doing anything tricky in the userdb.)

If you are using virtual users with a single uid, make Sendmail invoke
dovecot-lda as that uid, pass

Re: [Dovecot] From Sendmail to Dovecot mdbox, what is missing.

2013-01-01 Thread Torpey List 



-Original Message- 
From: Torpey List

Sent: Tuesday, January 01, 2013 9:50 AM
To: Dovecot Mailing List
Subject: Re: [Dovecot] From Sendmail to Dovecot mdbox, what is missing.



-Original Message- 
From: Thomas Leuxner

Sent: Tuesday, January 01, 2013 9:03 AM
To: Dovecot Mailing List
Subject: Re: [Dovecot] From Sendmail to Dovecot mdbox, what is missing.

Am 01.01.2013 um 15:44 schrieb "Torpey List" :

I don't use Sendmail myself so I can't really comment on its 
configuration. However the issue looks like a typical mismatch of UIDs on 
the socket:


http://wiki2.dovecot.org/LDA/Sendmail

As per the link above you could try running 'chown mail' on the LDA. This 
will match the ID to the 'userdb' socket unix_listener (user = mail):


-rwxr-xr-x. 1 root secmail 26512 Aug 18  2011 
/usr/libexec/dovecot/dovecot-lda
  srw---. 1 mail root 0 Jan  1 08:39 
/var/run/dovecot/auth-userdb


Good Luck
Thomas


I have changed the permissions to the following:
-rwxr-xr-x. 1 mail secmail 26512 Aug 18  2011 
/usr/libexec/dovecot/dovecot-lda

srw-rw-rw-. 1 mail secmail 0 Jan  1 09:41 /var/run/dovecot/auth-userdb

Then I get this error (steve is who the email is addressed to):

Jan 01 09:43:47 lda(steve): Fatal: setgid(501(steve)) failed with 
euid=0(root), gid=0(root), egid=0(root): Operation not permitted (This 
binary should probably be called with process group set to 501(steve) 
instead of 0(root))


Thanks,
Steve


I was rereading man dovecot-lda and specifically the option "-d username". 
it said that it is used typically with virutal users, but not necessarily 
with system users.  I am doing system users; therefore I removed it from the 
sendmail feature, but then I get the following error in maillog:


Jan  1 10:28:39 nala sendmail[23041]: r01GScR4023040: smtpquit: mailer local 
exited with exit value 64


I googled, but did not find what value 64 meant.  Anyone have a list or a 
clue what this error means?


Thanks,
Steve

Re: [Dovecot] dovecot and avahi

2013-01-01 Thread Tom Hendrikx 
On 01-01-13 17:13, Reindl Harald wrote:
> 
> 
> Am 01.01.2013 17:07, schrieb Robert Moskowitz:
>> I am trying to figure out if I need avahi on my mail server.  I see that 
>> POP3 and IMAP are services that Avahi can
>> advertise/discover. Does Dovecot work with Avahi and how do you get POP3 and 
>> IMAP advertised?
>>
>> And perhaps more importantly, what clients look for mail services this way?
> 
> avahi does NOT get routed to internet
> 
> since most clienst are not in the private network why would
> someone advertise mail-services via avahi?
> 

If you want to advertise your mail config for easy setup over the
internet, take a look at: http://www.automx.org/

--
Tom



signature.asc
Description: OpenPGP digital signature

Re: [Dovecot] dovecot and avahi

2013-01-01 Thread Robert Moskowitz 


On 01/01/2013 11:13 AM, Reindl Harald wrote:


Am 01.01.2013 17:07, schrieb Robert Moskowitz:

I am trying to figure out if I need avahi on my mail server.  I see that POP3 
and IMAP are services that Avahi can
advertise/discover. Does Dovecot work with Avahi and how do you get POP3 and 
IMAP advertised?

And perhaps more importantly, what clients look for mail services this way?

avahi does NOT get routed to internet

since most clienst are not in the private network why would
someone advertise mail-services via avahi?


For clients on your local net.

Why are the services POP3 and IMAP in the Avahi database?  try

ahavi-browse -b

Say a small business is running a local mail server, perhaps using 
fetchmail to get their gmail accounts and such.  And they have a bunch 
of MACs in the office.  How were mail clients discovering the local mail 
server?  Apple users like automagic stuff.


Note I have NOT used, and rarely agreed to support Apple systems since 
the Lisa.

Re: [Dovecot] dovecot and avahi

2013-01-01 Thread Reindl Harald 


Am 01.01.2013 17:07, schrieb Robert Moskowitz:
> I am trying to figure out if I need avahi on my mail server.  I see that POP3 
> and IMAP are services that Avahi can
> advertise/discover. Does Dovecot work with Avahi and how do you get POP3 and 
> IMAP advertised?
> 
> And perhaps more importantly, what clients look for mail services this way?

avahi does NOT get routed to internet

since most clienst are not in the private network why would
someone advertise mail-services via avahi?



signature.asc
Description: OpenPGP digital signature

[Dovecot] dovecot and avahi

2013-01-01 Thread Robert Moskowitz 
I am trying to figure out if I need avahi on my mail server.  I see that 
POP3 and IMAP are services that Avahi can advertise/discover. Does 
Dovecot work with Avahi and how do you get POP3 and IMAP advertised?


And perhaps more importantly, what clients look for mail services this way?

I can't find any information on this in the Dovecot documentation ot 
googling.  Perhaps my search fu is low this year.


thank you

Re: [Dovecot] From Sendmail to Dovecot mdbox, what is missing.

2013-01-01 Thread Torpey List 



-Original Message- 
From: Thomas Leuxner

Sent: Tuesday, January 01, 2013 9:03 AM
To: Dovecot Mailing List
Subject: Re: [Dovecot] From Sendmail to Dovecot mdbox, what is missing.

Am 01.01.2013 um 15:44 schrieb "Torpey List" :

I don't use Sendmail myself so I can't really comment on its configuration. 
However the issue looks like a typical mismatch of UIDs on the socket:


http://wiki2.dovecot.org/LDA/Sendmail

As per the link above you could try running 'chown mail' on the LDA. This 
will match the ID to the 'userdb' socket unix_listener (user = mail):


-rwxr-xr-x. 1 root secmail 26512 Aug 18  2011 
/usr/libexec/dovecot/dovecot-lda
  srw---. 1 mail root 0 Jan  1 08:39 
/var/run/dovecot/auth-userdb


Good Luck
Thomas


I have changed the permissions to the following:
-rwxr-xr-x. 1 mail secmail 26512 Aug 18  2011 
/usr/libexec/dovecot/dovecot-lda

srw-rw-rw-. 1 mail secmail 0 Jan  1 09:41 /var/run/dovecot/auth-userdb

Then I get this error (steve is who the email is addressed to):

Jan 01 09:43:47 lda(steve): Fatal: setgid(501(steve)) failed with 
euid=0(root), gid=0(root), egid=0(root): Operation not permitted (This 
binary should probably be called with process group set to 501(steve) 
instead of 0(root))


Thanks,
Steve

Re: [Dovecot] From Sendmail to Dovecot mdbox, what is missing.

2013-01-01 Thread Thomas Leuxner 
Am 01.01.2013 um 15:44 schrieb "Torpey List" :

> ==> /var/log/maillog <==
> Jan  1 08:24:02 nala sendmail[20154]: r01EO2qc020154: from=, 
> size=5723, class=0, nrcpts=1, 
> msgid=<1357050226.83142.yahoomail...@web120205.mail.ne1.yahoo.com>, 
> proto=ESMTP, daemon=MTA, relay=mail.example.com [192.168.1.152]
> Jan 01 08:24:02 lda: Error: userdb lookup: 
> connect(/var/run/dovecot/auth-userdb) failed: Permission denied (euid=0(root) 
> egid=0(root) missing +r perm: /var/run/dovecot/auth-userdb, euid is dir owner)
> Jan 01 08:24:02 lda: Fatal: Internal error occurred. Refer to server log for 
> more information.

I don't use Sendmail myself so I can't really comment on its configuration. 
However the issue looks like a typical mismatch of UIDs on the socket:

http://wiki2.dovecot.org/LDA/Sendmail

As per the link above you could try running 'chown mail' on the LDA. This will 
match the ID to the 'userdb' socket unix_listener (user = mail):

> -rwxr-xr-x. 1 root secmail 26512 Aug 18  2011 /usr/libexec/dovecot/dovecot-lda
>   srw---. 1 mail root 0 Jan  1 08:39 /var/run/dovecot/auth-userdb

Good Luck
Thomas



smime.p7s
Description: S/MIME cryptographic signature

Re: [Dovecot] From Sendmail to Dovecot mdbox, what is missing.

2013-01-01 Thread Torpey List 


-Original Message- 
From: Ben Morrow 
Sent: Monday, December 31, 2012 8:52 PM 
To: Dovecot Mailing List 
Subject: Re: [Dovecot] From Sendmail to Dovecot mdbox, what is missing. 

At  5PM -0600 on 31/12/12 you (Torpey List) wrote:
>> Sendmail 8.14.4
>> dovecot 2.0.9
>>
>> I have sendmail working and it is sending mail to /var/mail/%u.
>> I have dovecot working in that I can move emails into IMAP folders and
>> I can send email through IMAP. I have set up dovecot to use mdbox
>> based on the following:
>> mail_location = mdbox:~/mail
>>
>> However, I seem to be lacking a key piece of information.
>> Sendmail is sending the mail to /var/mail/%u as a mbox (single file
>> for all emails) format.
>> Dovecot wants to read the mail in mdbox (Multiple messages per file,
>> but unlike mbox multiple files per mailbox.) So the two programs are
>> not working together.
>>
>> So, I cannot get dovecot to read new emails at /var/mail/%u.
>> So I tried changing to the following:
>> mail_location = mdbox:~/mail:INBOX=/var/mail/%u
>> However, dovecot complains that it is NOT a directory. That is
>> because sendmail is sending as mbox format.
>>
>> I have tried two lines of “mail_location” but that did not work.
>> example
>> mail_location = mdbox:~/mail > for dovecot
>> mail_location = mbox:INBOX=/var/mail/%u -> for sendmail
>
>No, that doesn't work: in fact, the second line will completely override
>the first. If you run 'doveconf -n' or 'doveconf mail_location' you will
>see that the first line doesn't have any effect.
>

I did not expect it to work, but I was trying all that I could before posting a 
question.

>If you want to keep INBOX delivery to mboxes in /var/mail, you can do
>this using two namespaces. One points to mdbox:~/mail, and holds the
>users' ordinary IMAP folders in mdbox format, and the other has
>INBOX=/var/mail/%u and just holds the INBOX. There is an example in
>http://wiki2.dovecot.org/Namespaces of doing this with Maildir and mbox;
>adjusting it for mdbox shouldn't be hard.
>
>You will find you need a directory for each user to hold the other
>folders in the INBOX namespace, since Dovecot doesn't know there won't
>ever be any. This directory is also used to store Dovecot's index files
>for that namespace, and it should *not* be the same as the mdbox
>directory. According to http://wiki2.dovecot.org/MailLocation/mbox , you
>can skip this if you use
>
>   location = mbox:/var/empty:INBOX=/var/mail/%u:INDEX=MEMORY
>
>(assuming /var/empty is a readonly root-owned empty directory), but
>since this tells Dovecot not to store index files on disk it may make
>INBOX access less efficient. If you use a real directory rather than
>/var/empty you may want to consider enabling the acl plugin and setting
>up a global ACL which prevents users from creating additional folders in
>the INBOX namespace.
>
>It's probably also a good idea to set mail_location = mdbox:~/mail and
>omit the location parameter from the mdbox namespace, since IIRC
>otherwise commands like 'doveadm purge' won't work correctly.
>

I am going to try an option below.

>> I have tried LMTP and dovecot-lda.
>
>If you want to deliver mail into the mdbox INBOX, and forget about
>/var/mail altogether, you will need to get one of these two working
>since Sendmail doesn't understand mdbox. This is probably the best
>option in the long run, unless you have other software which relies on
>mail being in /var/mail. If you pick this option you need to remove all
>references to /var/mail from dovecot.conf; with the two lines you had
>above Dovecot will simply carry on delivering into /var/mail just as
>Sendmail had been.
>

I would like to deliver new mail into the mdbox INBOX and forget about 
/var/mail but I did not see how to do this.  I think that was the piece of 
information that I am missing.

>> LMTP – I could not see any difference with this added or not.
>
>If you had configured Dovecot to deliver into /var/mail, that's hardly
>surprising. Otherwise, are you sure you were delivering mail to the LMTP
>server? If you were you should have seen entries in Dovecot's log file,
>and the delivered mail should have ended up with a Received header from
>the LMTP server.
>

I have used egrep and there is no line that has /var/mail that is uncommented 
in any of the config files.

Based on your comment, then no I do not believe the new mail was going through 
LMTP.

>> Dovecot-lda – I have had issues getting it configured.
>
>What issues? If you were trying to get the LDA to deliver to /var/mail,
>it's possible you were running into permissions problems. The best
>solution is to deliver into the mdbox instead, or just leave Sendmail to
>deliver to /var/mail.
>
>> Sendmail changes
>> FEATURE(`local_procmail',
>> `/usr/libexec/dovecot/dovecot-lda',`/usr/libexec/dovecot/dovecot-lda
>> -d $u')
>> MODIFY_MAILER_FLAGS(`LOCAL', `-f')
>> MAILER(procmail)dnl
>
>I know nothing at all about Sendmail configuration, but going by the
>Dovecot wiki that look