Re: [Dovecot] Unable to use dovecot-antispam plugin
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sat, 27 Jul 2013, Xavier Claude wrote: 2.1.7), but it's not working, each time I put a mail in the Spam Turn on logging and the mail_log plugin: http://wiki2.dovecot.org/Logging http://wiki2.dovecot.org/Plugins/MailLog folder, it is send in its original folder. What bother me the most is What was the original folder? Maybe Junk? try to turn off Junk filtering by the mail client. With mail_log enabled you'll see many actions of your client. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUfYQ5V3r2wJMiz2NAQKNEQf/QkjTQK2vRnGZhVhQ9I8L7CSJsQW+Bz/F 8rlkylSt94XC2U6i1JscIx/unvFli8QMC2h+kIeWw52ahsL0gER94ak+Ya55kd3b 4Bp5rknooP6zgXFLJLVvSAp19yVFvZIshiAwFrIivrfs6Eg0OC7Igf59N6NSuQcx 8ne7/YLdVCOtMarnVzT7hPMQgCXazsroSopg5+l63uqulvZXmWOOVsMrUI398+6a u5FJDO0qa9IdTAav2ASpOir3/Nxv258f1ARs/RArC4XslDZqzXiJIgLXgcWezqDT zJdXO13zw8h5ZWGGOtDVnT94HWkB+LvC/AuYV0msAbXLBHM7zI0C+A== =gFGR -END PGP SIGNATURE-
Re: [Dovecot] Upgrading to dovecot2 broke IDLE on one mailer, but not another
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 25 Jul 2013, John Stracke wrote: Last weekend I upgraded my server (complete reinstall, actually), from Debian sarge to wheezy, which brought me from dovecot 1.x (I think) to 2.1.7. It's all working now, *except* that the MUA I use on Android, Kaiten (a fork of K-9), apparently no longer gets IDLE notifications. Before the upgrade, when mail arrived, Kaiten would pop up an Android notification immediately; now, it never does (or it might, hours later, with all the messages it notices at that time--presumably this happens when its background service gets killed off and restarted). The weird thing is that IDLE still works flawlessly with Thunderbird, which suggests this is a protocol interaction between Dovecot 2 and Kaiten. (I plan to check with the Kaiten folks next.) Has anybody here seen this? Is there something I can turn on in Dovecot to help debug it? To debug: http://wiki2.dovecot.org/Debugging/Rawlog and http://wiki2.dovecot.org/Logging Then you'll see if Kaiten issues an IDLE at all and you could also cross check with other logs. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUfYR6V3r2wJMiz2NAQLm4gf6A9p/VdJtBhF5D/emlGp/tqVFwvVTfKRb Ja3bnzxbwpgjnjoR8QES90KywdRpc00bYoCosyqsqjHV5R5IwpadNzyAHHmifii+ 7Bq7+ODKPJ6/SnJE+B02aKbjcBWplm9EbWUPooPuP/JT7jFcUqN3GnvgPFczEZR+ Vvx/X3oGb0fnixq63Wh2wl1DGhQygo+0ePErM+Jp1dd+hNZR0l9oc1tb0MniZYkG z7eUp9hjqWkS0952tpWUhqWSfVvpa1dYiAKbzk6pndV3sNEYNonc/e3v4LdyslQc fGxTshzbZ/q/hJmghYuifYZ5W9sixiR3aMJ5cf2Lwwa5Kpyt6eTU8A== =2cIp -END PGP SIGNATURE-
Re: [Dovecot] LDA vs. LMTP
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 26 Jul 2013, Martin Burgraf wrote: I'm using Dovecot together with Postfix; as I understand it, there are two ways to transfer the mail from Postfix to Dovecot. 1.) by using LDA with mailbox_command = /usr/libexec/dovecot/dovecot-lda -f $SENDER -a $RECIPIENT 2.) by using LMTP with mailbox_transport = lmtp:unix:private/dovecot-lmtp (currently using number 1) I'm interessted in the differences and the advantages/disadvantages of each of those solutions. According to http://wiki2.dovecot.org/LDA the recommended way is to use LMTP, since it's supposed to have a better performance. On the other hand, http://wiki2.dovecot.org/LMTP says, that LMTP is a backgound process, while LDA is only called when needed. I've also read, that LDA only uses the users privileges, which both means, that LDA should be better. I've also noticed, that LMTP adds an additional Recieved:-Header to the mail. Are there any other differences? LMTP also adds Delivered-To, unless I'm mistaken. There is one difference, that pops up on failure: The LDA has the exit code only to return success/failure back to the MTA. LMTP uses the same mechanisms as SMTP to return success / failure incl. descriptive information. There is another difference, if you need additional hacking: With the LDA-method you can put a wrapper script between MTA and MDA, in order to alter the message, recipient, just log something, ... . Actually that self-made wrapper script [and I really mean script in the sense of bash, perl, python, C, ruby, ...] can control the delivery fully. That would be more sophisticated to do with LMTP. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUfYVuF3r2wJMiz2NAQLWwgf8CNZ+J9UmFco1dftatU95/MKN1T+70PuL w3+PpCbhCfJ3SHlnlTjRydaAYue4tL0Mu6lJ2ajm3n0SJSHukdxaWmPy6/P0dufV EQePTE3W0UD2j+zNYn57LCfF81No9c86A3Uz7DQcPhmsvCSZTo3PyEaPz0PkflTR BNQ14juGmJAQxSJDvudgCgzx7TnnGoqEx8EsKMTjSA0W3gCCng6N7MRCHuoCEZBJ AEfnwNgnw7bpeiPedI4l8gnvYEYK99Xa0ZmzjEYmbitzulTPRu8jPny7dfAHp5Bd xzEN3qWq/QZZ62wQgYSqYPT8mL8aRcwbS7ur9WbsBZHEmr0lLxnhlQ== =5twi -END PGP SIGNATURE-
Re: [Dovecot] Passing data safely in password_key?
On 07/28/13 13:49, Attila Nagy wrote: Hi, I would like to convert my custom POP/IMAP proxy to Dovecot's. In this proxy I do more than giving back user name, password and the host and I need extra information. Luckily all of them are available as variables, but more than one comes as user input (like user name and cleartext password) and I'm not sure how to pass them safely. Obviously I would need a separator, which is guaranteed not to show up either in user name and the cleartext password. Should I use escape (%E) here, or is there a better way? Just for the record, this is what I use currently: password_key = dovecot/passdb^MAuth-User: %u^MAuth-Pass: %w^MAuth-Protocol: %s^M Client-IP: %r^M
Re: [Dovecot] LDA vs. LMTP
On 07/26/2013 05:45 PM, Martin Burgraf wrote: Hi there, I'm using Dovecot together with Postfix; as I understand it, there are two ways to transfer the mail from Postfix to Dovecot. 1.) by using LDA with mailbox_command = /usr/libexec/dovecot/dovecot-lda -f $SENDER -a $RECIPIENT 2.) by using LMTP with mailbox_transport = lmtp:unix:private/dovecot-lmtp (currently using number 1) I'm interessted in the differences and the advantages/disadvantages of each of those solutions. You cannot use the LDA method if SMTP and IMAP services reside on different machines, which would be the case in larger scale mail system setups. My advice is to go with LMTP anyway! Cheers Jan -- MAX-PLANCK-INSTITUT fuer Radioastronomie Jan Behrend - Rechenzentrum Auf dem Huegel 69, D-53121 Bonn Tel: +49 (228) 525 359, Fax: +49 (228) 525 229 jbehr...@mpifr-bonn.mpg.de http://www.mpifr-bonn.mpg.de Die digitale Unterschrift dieser Mail kann durch das Zertifikat der DFN Global Hierarchie überprüft werden: https://ca.mpg.de/certs/root-DGP/deutsche-telekom-ca2-root-cert.der Weitere Informationen zur CA der MPG finden Sie unter: https://ca.mpg.de smime.p7s Description: S/MIME Cryptographic Signature
Re: [Dovecot] convert to mdbox
On Tue, Jul 23, 2013 at 10:08:57AM +0300, Birta Levente wrote: How can I convert all virtual mailboxes from maildir to mdbox? Manually, one by one, working, but I have a lot ... I've converted around 4-500.000 users from maildir to mdbox by the following on a server configured for using MDBOX as default: 1 - Search for all users with mailMessageStore attribute in LDAP 2 - Convert user to mdbox: dsync -v -u $username mirror maildir:$maildir + check returncode dsync -v -u $username mirror maildir:$maildir + check returncode 3 - Delete mailMessageStore attribute from LDAP and add mailLocation: mdbox:~/mdbox 4 - pkill -HUP -u dovecot -f dovecot/auth -- to make sure auth cache is updated 5 - doveadm kick $username -- on all servers, in case user was logged in.. 6 - Do final sync: dsync -v -u $username mirror maildir:$maildir 7 - Delete maildir. Only 26554 users left to convert.. -jf
Re: [Dovecot] LDA vs. LMTP
On Mon, 2013-07-29 at 09:30 +0200, Jan Behrend wrote: You cannot use the LDA method if SMTP and IMAP services reside on different machines, which would be the case in larger scale mail system setups. Sorry, that is incorrect. Granted, it does mean putting dovecot on the SMTP servers as well, but you certainly do not need to allow pop3/imap access. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] Expunged message reappeared, giving a new UID
On Fri, 2013-07-26 at 20:26 +0200, Daniel Parthey wrote: Hi Simon, Version 2.2.2 is not current any more. I would try to update to the latest stable version 2.2.4 first, since some dsync bugs have been fixed between 2.2.2 and 2.2.4: I've now upgraded to 2.2.4 (and pigeonhole 0.4.1 from 0.4.0 at the same time). I'm still experiencing the same problem, with both Maildir and mdbox format mailboxes. My test imap connection is to only one of the servers at a time - I can reproduce this using 'telnet server imap' and issuing store +flags (\Deleted) and expunge as well as deleting messages with a mail client. Thanks, Simon. -- The Wellcome Trust Sanger Institute is operated by Genome Research Limited, a charity registered in England with number 1021457 and a company registered in England with number 2742969, whose registered office is 215 Euston Road, London, NW1 2BE.
[Dovecot] Dovecot never release preallocated space in mdbox
Hello everyone, I am currently evaluating dovecot for our new email production servers (20k+ mailboxes) and found out something strange. I'm using those settings on Dovecot 2.2.4 (x86_64 / Slackware / compiled from sources) mdbox_rotate_size = 128M mdbox_rotate_interval = 1d mdbox_preallocate_space = yes with virtual users and location like : mail_location = mdbox:~/mdbox I don't think the remaining config is relevant but ask me if you need some other parts. Using test accounts for 2 weeks now I've figured that the 128M preallocated space is never 'hole punched (to use a similar term than man fallocate on Linux), even when rotating m.* files. From what I understand those files will never be appended again because of the mdbox_rotate_interval. Then doveadm purge creates new files so old ones would never grow again. Here is an example of a mdbox storage using ls -ls (which shows allocated VS used space) total 4065176 1884 -rw--- 1 mail mail 1926656 Jul 29 10:55 dovecot.map.index 4 -rw--- 1 mail mail 460 Jul 29 11:26 dovecot.map.index.log 48 -rw--- 1 mail mail 44304 Jul 29 10:55 dovecot.map.index.log.2 131072 -rw--- 1 mail mail 133165066 Jul 19 15:31 m.10 131072 -rw--- 1 mail mail 133507393 Jul 19 15:32 m.13 131072 -rw--- 1 mail mail 134155182 Jul 19 15:33 m.14 131072 -rw--- 1 mail mail 134213403 Jul 19 15:30 m.2 131072 -rw--- 1 mail mail 46464 Jul 21 04:30 m.21 131072 -rw--- 1 mail mail 134215030 Jul 19 15:30 m.3 131072 -rw--- 1 mail mail 25852 Jul 25 01:54 m.32 131072 -rw--- 1 mail mail 2360 Jul 26 00:05 m.34 131072 -rw--- 1 mail mail169073 Jul 27 23:18 m.35 131072 -rw--- 1 mail mail 31624 Jul 27 01:55 m.36 131072 -rw--- 1 mail mail 134216982 Jul 28 04:30 m.37 131076 -rw--- 1 mail mail 134217804 Jul 28 04:30 m.38 131072 -rw--- 1 mail mail 134217341 Jul 28 04:30 m.39 131072 -rw--- 1 mail mail 134213719 Jul 19 15:30 m.4 131072 -rw--- 1 mail mail 29740970 Jul 28 04:30 m.40 131072 -rw--- 1 mail mail 129175917 Jul 28 04:30 m.41 131072 -rw--- 1 mail mail 133174937 Jul 28 04:30 m.42 131072 -rw--- 1 mail mail633436 Jul 28 04:30 m.43 131072 -rw--- 1 mail mail 3154623 Jul 28 04:30 m.44 131072 -rw--- 1 mail mail 3676879 Jul 28 04:30 m.45 131072 -rw--- 1 mail mail468158 Jul 28 04:30 m.46 131072 -rw--- 1 mail mail 26964 Jul 28 04:30 m.47 131072 -rw--- 1 mail mail 3574599 Jul 28 04:30 m.48 131072 -rw--- 1 mail mail 3789133 Jul 28 04:30 m.49 131072 -rw--- 1 mail mail 134215016 Jul 19 15:30 m.5 131072 -rw--- 1 mail mail 1280074 Jul 28 04:30 m.50 131076 -rw--- 1 mail mail635459 Jul 28 22:47 m.51 131072 -rw--- 1 mail mail 1459418 Jul 29 10:55 m.52 131072 -rw--- 1 mail mail 132941013 Jul 29 11:26 m.53 131072 -rw--- 1 mail mail 134213475 Jul 19 15:30 m.7 131072 -rw--- 1 mail mail 132240074 Jul 19 15:31 m.9 There's a lot of lost space since preallocated space would only be reclaimed when *all* emails in m.X file have refcount=0 and after a doveadm purge call, if I read well the dovecot docs. On mailboxes patterns with low incoming mail ( 100kb / day) this would waste much space. Of course I can decrease rotate size a lot but it would then produce a lot of files and would certainly become similar performance-wise to sdbox/maildir/... There would certainly be smart to use something similar to FALLOC_FL_PUNCH_HOLE on rotation (when doing close() ?) so that when we're sure there won't be anymore data appended to file that the allocated space == used space. I will disable space preallocation for our next tests since it wastes much storage for us ; did you have any feedback on how much it may affect performance ? I found in this ML archives some messages about the implementation but didn't see anyone clearly stating how much better preallocation is. Thanks, best regards, Stephane Berthelot.
Re: [Dovecot] SOLVED for me: how to setup different quota for multiple namespaces
Am 04.02.2013 12:08, schrieb Steffen Kaiser:
On Tue, 22 Jan 2013, Timo Sirainen wrote:
Hey, it works (for me) now:
namespace {
type = private
separator = .
prefix = archive.
location = mdbox:/home/%u/archive
#subscriptions = no
#list = children
}
plugin {
quota = dict:User quota::ns=:proxy::quota
quota2 = dict:Archive quota:%u.archive:ns=archive.:proxy::quota
quota2_rule = *:storage=1048576
}
Note the %u.archive _and_ ns=archive. ! The %u.archive is used as
username in the SQL table and you require another name (primary key)
there for both namespaces, see below. Seems to work for any type of
namespace.
@Timo: I will going to document this setup in the Wiki unless you say
the syntax is wrong and/or works because of a bug only.
:-)
==
Old response with my debugging/findings for information only.
all the name spaces use one entry in the quota dict table, hence,
it does not work.
On 17.1.2013, at 16.58, Andreas Oster aos...@novanetwork.de wrote:
I just saw on important difference in the doc and this configuration:
see
http://wiki2.dovecot.org/Quota/Configuration#Quota_for_public_namespaces
the ns=name syntax is for _public_ namespaces only. I just tested it
with this setup and every message is counted for both namespaces, if
delivered into INBOX or a mailbox of the Archive namespace.
It should work for all namespaces.
plugin {
quota = dict:User quota::proxy::quota
quota2 = dict:Archive quota:ns=Archive.:proxy::quota
quota = dict:User quota::ns=:proxy::quota
quota2 = dict:Archive quota::ns=Archive.:proxy::quota
That should work? Worked at least in latest v2.1 hg.
I use these settings now:
# 2.1.14 (ea7e45c1da72+):
/usr/local/dovecot-2.1.14/etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.6
[snip]
dict {
quota =
pgsql:/usr/local/dovecot-2.1.14/etc/dovecot/dovecot-dict-sql.conf.ext
}
namespace {
location = mdbox:/home/%u/archive
prefix = archive.
separator = .
type = private
}
plugin {
quota = dict:User quota::ns=:proxy::quota
quota2 = dict:Archive quota::ns=archive.:proxy::quota
quota2_rule = *:storage=1048576
quota_rule = *:storage=300MB
quota_rule2 = Trash:storage=+30M
}
The problem is now, that there is one row in the quota dict SQL table,
that holds the quota of an user, e.g. doveadm quota recalc executes
these SQL statements:
2013-02-04 11:52:07 CET LOG: statement: BEGIN
2013-02-04 11:52:07 CET LOG: statement: DELETE FROM quota WHERE
username = 'dvtest1'
2013-02-04 11:52:07 CET LOG: statement: DELETE FROM quota WHERE
username = 'dvtest1'
2013-02-04 11:52:07 CET LOG: statement: INSERT INTO quota
(bytes,username) VALUES ('2173894','dvtest1')
2013-02-04 11:52:07 CET LOG: statement: INSERT INTO quota
(messages,username) VALUES ('89','dvtest1')
2013-02-04 11:52:07 CET LOG: statement: COMMIT
2013-02-04 11:52:07 CET LOG: statement: BEGIN
2013-02-04 11:52:07 CET LOG: statement: DELETE FROM quota WHERE
username = 'dvtest1'
2013-02-04 11:52:07 CET LOG: statement: DELETE FROM quota WHERE
username = 'dvtest1'
2013-02-04 11:52:07 CET LOG: statement: INSERT INTO quota
(bytes,username) VALUES ('2582','dvtest1')
2013-02-04 11:52:07 CET LOG: statement: INSERT INTO quota
(messages,username) VALUES ('2','dvtest1')
2013-02-04 11:52:07 CET LOG: statement: COMMIT
Deliveries to INBOX or a folder of archive. yields:
UPDATE quota SET bytes=bytes+1220,messages=messages+1 WHERE username =
'dvtest1'
This is true if I change the type of name spaces archive from private
into shared or public.
-- Steffen Kaiser
Hello Steffen, hello all
I am still struggling to setup quota for multiple namespaces.
In addition to the INBOX namespace I have created a namespaces
called MailArchive which should have its own quota value of 5G per user.
At first I configured quota2 like this:
quota2 = maildir:MailArchive quota:ns=MailArchive/
quota2_rule = *:storage=5G
and this seemd to work quite well. Users, accessing the MailArchive
namespace can see the 5G limit in thair mail client, unfortunately in
mail.err errors like these repeatedly appear:
Jul 29 11:40:24 mailserver dovecot: imap(testuser): Error: quota:
Unknown namespace: MailArchive/
Jul 29 11:41:43 dovecot: last message repeated 47 times
In the WIKI I have read, that in order to have quota for different
namespaces one would have to use different quota backends so I changed
the quota config for the MailArchive namespace to SQL.
namespace inbox {
disabled = no
hidden = no
ignore_on_failure = no
inbox = yes
list = yes
location =
mailbox Drafts {
auto = subscribe
driver =
special_use = \Drafts
}
mailbox Junk {
auto = subscribe
driver =
special_use = \Junk
}
mailbox Sent {
auto = subscribe
driver =
special_use = \Sent
}
mailbox Sent Messages {
auto = no
driver =
Re: [Dovecot] Dovecot never release preallocated space in mdbox
On Mon, Jul 29, 2013 at 11:48:00AM +0200, Stéphane BERTHELOT wrote: mdbox_rotate_size = 128M mdbox_rotate_interval = 1d mdbox_preallocate_space = yes On mailboxes patterns with low incoming mail ( 100kb / day) this would waste much space. Of course I can decrease rotate size a lot but it would then produce a lot of files and would certainly become similar performance-wise to sdbox/maildir/... 128MB is quite a large rotate size if you care about disk space.. We use the default 2 MB, which still packs quite a lot of messages per file compared to maildir. Single maildir-files seems to be around 5-30KB (compressed), which should amount to 50-400 messages per m-file. I don't think that should be similar to maildir/sdbox performance-wise. -jf
Re: [Dovecot] Upgrading to dovecot2 broke IDLE on one mailer, but not another
On 07/29/2013 02:55 AM, Steffen Kaiser wrote: Then you'll see if Kaiten issues an IDLE at all and you could also cross check with other logs. Thanks! -- /==\ | John Stracke | http://www.thibault.org | HTML OK | | François Thibault|---| | East Kingdom | Okay, one more time, with *vowels*. | | fran...@thibault.org | -- Ozy and Millie | \==/
[Dovecot] Maildir permissions and Solr re-indexing
I am running a very small dovecot installation with only one user (me). I use the Solr indexer for indexing. Due to complicated reasons, I was forced to remove all the indexes and need to re-index everything. All the files in my Maildir are owned by md5i:mail (I am md5i), and have 660 permissions. All directories have the same user:group permissions, and 770 with the setguid bit set. (That last may not be necessary, but I was trying several things to get my use case to work.) Unfortunately, I can't seem to get re-indexing to work. When I do doveadm fts rescan -A as root, I get the following error for each of my subgroups: doveadm(md5i): Error: fchown(/home/md5i/Maildir/.mail.test/dovecot.index.log.newlock, group=8(mail)) failed: Operation not permitted (egid=1000(md5i), group based on /home/md5i/Maildir/.mail.test - see http://wiki2.dovecot.org/Errors/ChgrpNoPerm) After this, each directory has a dovecot.index.log with md5i:md5i 600 permissions. I've read the mentioned page, and played around with the ideas on it, but haven't gotten things to work. Anyone have any clue to ship my way? -- Michael Welsh Duggan (m...@md5i.com)
Re: [Dovecot] zlib error when running doveadm
On 22.7.2013, at 18.01, Michael Long ml...@mlong.us wrote: Upgraded to dovecot 2.2.4 from 2.1.16 Error I see is: doveadm(root): Error: Module is for different ABI version 2.1.16 (we have 2.2.ABIv3(2.2.4)): /usr/local/lib/dovecot/doveadm/lib10_doveadm_zlib_plugin.so How do I resolve this? Delete that file. v2.2 no longer has doveadm_zlib plugin, because it's built in (to lib-compression).
Re: [Dovecot] Maildir permissions and Solr re-indexing
I should have mentioned: dovecot 2.1.7 from Debian unstable. Michael Welsh Duggan m...@md5i.com writes: I am running a very small dovecot installation with only one user (me). I use the Solr indexer for indexing. Due to complicated reasons, I was forced to remove all the indexes and need to re-index everything. All the files in my Maildir are owned by md5i:mail (I am md5i), and have 660 permissions. All directories have the same user:group permissions, and 770 with the setguid bit set. (That last may not be necessary, but I was trying several things to get my use case to work.) Unfortunately, I can't seem to get re-indexing to work. When I do doveadm fts rescan -A as root, I get the following error for each of my subgroups: doveadm(md5i): Error: fchown(/home/md5i/Maildir/.mail.test/dovecot.index.log.newlock, group=8(mail)) failed: Operation not permitted (egid=1000(md5i), group based on /home/md5i/Maildir/.mail.test - see http://wiki2.dovecot.org/Errors/ChgrpNoPerm) After this, each directory has a dovecot.index.log with md5i:md5i 600 permissions. I've read the mentioned page, and played around with the ideas on it, but haven't gotten things to work. Anyone have any clue to ship my way? -- Michael Welsh Duggan (m...@md5i.com)
[Dovecot] Problem switching from Dovecot LDA to LMTP - on dovecot 2.2.4
Dovecot LDA has been working fine for me but when I tried to follow the
wiki and switch to LMTP I get:
Recipient address rejected: User unknown in local recipient table;
In postfix/main.cf I went from:
mailbox_transport = dovecot-spam
to
mailbox_transport = lmtp:unix:private/dovecot-lmtp
Added this:
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
}
}
protocol lmtp {
mail_fsync = optimized
postmaster_address = postmaster@domainname
mail_plugins = sieve zlib
}
And some other pertinent parts of the config:
passdb {
args = /etc/dovecot/passdb
driver = passwd-file
}
passdb {
driver = pam
}
protocol lda {
mail_fsync = optimized
auth_socket_path = /var/run/dovecot/auth-master
deliver_log_format = msgid=%m: %$
mail_plugin_dir = /usr/local/lib/dovecot
mail_plugins = sieve zlib
postmaster_address = postmaster
quota_full_tempfail = yes
rejection_reason = Your message to %t was automatically rejected:%n%r
lda_mailbox_autocreate = yes
}
Re: [Dovecot] LDA vs. LMTP
Joseph Tam wrote: I don't know why you would consider a background process inferior to a run-on-demand executable. Well, the background process is hogging CPU and RAM while it basically does nothing. And when it's running as root there is always the danger of privilege escalation. LDA only runs when it's needed and since it uses only user rights it shoudbe more harmless. bye Martin
Re: [Dovecot] LDA vs. LMTP
On 7/29/2013 2:30 AM, Jan Behrend wrote: You cannot use the LDA method if SMTP and IMAP services reside on different machines, which would be the case in larger scale mail system setups. Which brings up an interesting point. With a single LMTP daemon on the Dovecot server communicating via a single socket with the upstream MTA over the wire, it would stand to reason that message throughput rate may be limited by serialization in the LMTP request/reply chain. There is no parallelism, and thus there is relatively high latency. In the case of LDA with an SMTP MTA on the local box, the potential exists for very high parallelism, and thus elimination of the latency in serial delivery over a single socket with LMTP. So in theory, while LDA in this scenario would consume far more resources with a very high message load, one should be able to attain much higher message throughput. I say in theory because I've not tested this head to head. -- Stan
Re: [Dovecot] LDA vs. LMTP
At 4PM -0500 on 29/07/13 you (Stan Hoeppner) wrote: On 7/29/2013 2:30 AM, Jan Behrend wrote: You cannot use the LDA method if SMTP and IMAP services reside on different machines, which would be the case in larger scale mail system setups. Which brings up an interesting point. With a single LMTP daemon on the Dovecot server communicating via a single socket with the upstream MTA over the wire, it would stand to reason that message throughput rate may be limited by serialization in the LMTP request/reply chain. There is no parallelism, and thus there is relatively high latency. What makes you think an SMTP server delivering over LMTP only makes a single connection to the LMTP server? I believe Postfix by default makes a fresh connection for each delivery. Ben
Re: [Dovecot] Maildir permissions and Solr re-indexing
Michael Welsh Duggan writes: All the files in my Maildir are owned by md5i:mail (I am md5i), and have 660 permissions. All directories have the same user:group permissions, and 770 with the setguid bit set. (That last may not be necessary, but ... doveadm(md5i): Error: fchown(/home/md5i/Maildir/.mail.test/dovecot.index.log.newlock, group=8(mail)) failed: Operation not permitted (egid=1000(md5i), group based on /home/md5i/Maildir/.mail.test - see http://wiki2.dovecot.org/Errors/ChgrpNoPerm) After this, each directory has a dovecot.index.log with md5i:md5i 600 permissions. I think the cause is clear enough: you (user=md5i/uid=1000) are not part of group mail (gid=8), so the dovecot user process doing things on your behalf cannot create index files that are anlogous to the mailbox it's indexing. You can either 1) add md5i to group mail 2) remove g+w permission on your mail files (making group membership irrelevant) 3) fiddle with mail_privileged_group = mail, but I'm a little hazy on all the ramifications of this. I don't know your particular circumstances, so I don't know which is best. If (big if) nothing on your system (particularly the MTA) requires access to your mail spool files by running as group=mail, probably 2) is your best option. Joseph Tam jtam.h...@gmail.com
Re: [Dovecot] LDA vs. LMTP
On 7/29/2013 6:05 PM, Ben Morrow wrote: At 4PM -0500 on 29/07/13 you (Stan Hoeppner) wrote: On 7/29/2013 2:30 AM, Jan Behrend wrote: You cannot use the LDA method if SMTP and IMAP services reside on different machines, which would be the case in larger scale mail system setups. Which brings up an interesting point. With a single LMTP daemon on the Dovecot server communicating via a single socket with the upstream MTA over the wire, it would stand to reason that message throughput rate may be limited by serialization in the LMTP request/reply chain. There is no parallelism, and thus there is relatively high latency. You snipped the text where I stated this is a theoretical discussion, due to the high msg volume required to prove one over the other. That said, I'll gladly continue to postulate on the theoretical. What makes you think an SMTP server delivering over LMTP only makes a single connection to the LMTP server? I believe Postfix by default makes a fresh connection for each delivery. No, Postfix by default uses connection caching w/both SMTP and LMTP: http://www.postfix.org/postconf.5.html#lmtp_cache_connection If the load is sufficiently high it will open additional connections, but it attempts to reuse existing connections as much as possible to eliminate additional connection setup delays, which can be considerable with SMTP servers. For instance some OPs insert 2 minute or longer greet delays as a (very crude) anti spam bot measure. Connection caching is an SMTP optimization, and not nearly as beneficial to LMTP. The Postfix SMTP/LMTP clients are literally the same code. -- Stan
