Re: [Dovecot] New server missing auth-worker entries in logs
On 2013-12-21 4:59 PM, Timo Sirainen t...@iki.fi wrote: On 21.12.2013, at 23.24, Charles Marcus cmar...@media-brokers.com wrote: I've looked everywhere, compared settings, etc, and can't seem to find why I get this line on the old server and odn't on the new one. http://hg.dovecot.org/dovecot-2.2/rev/33e78edac8f5 Do you never sleep Timo??? Anyway, thanks for the quick fix! -- Best regards, */Charles/*
[Dovecot] Duplicated (but only for unread) messages after second rsync pass...
Ok, I know I should probably be using dsync for this, but I'm more familiar with rsync, and didn't think this would be a problem. Here is what I am doing, and what is apparently happening (only done this once, but I'm guessing it will happen each time): rsync -avHP /mnt/vmail/example.com/user1/ /var/vmail/example.com/user1/ chown -R vmail:vmail /var/vmail/example.com Ok, so far so good, everything works fine accessing the mails (I'm using Thunderbird). Now I do another rsync, but this time I did the entire mailstore: rsync -avHP /mnt/vmail/example.com/ /var/vmail/example.com/ chown -R vmail:vmail /var/vmail/example.com Right after I started up dovecot again, I hot a bunch of these in the logs: 2013-12-22T09:52:51-05:00 newhost dovecot: imap(us...@example.com): Warning: Maildir /var/vmail/example.com/user1/: Expunged message reappeared, giving a new UID (old uid=45516, file=1387468268.Vfe02Ic1343fM845754.oldhost.sub.example.com:2,ST) 2013-12-22T09:52:51-05:00 newhost dovecot: imap(us...@example.com): Warning: Maildir /var/vmail/example.com/user1/: Expunged message reappeared, giving a new UID (old uid=45518, file=1387468645.Vfe02Ic73e0eM530539.oldhost.sub.example.com:2,ST) The problem is, it looks like every single message that was flagged as unread is now duplicated on the new system. Also - not that this is a problem, but all of the old messages have the fqdn of the old server in the individual email file names - oldhost.sub.example.com - while the new ones only have the local hostname (newhost) Did I do something wrong? Or is this going to be an unavoidable problem if I want to use rsync to do the final migration that using dsync would avoid? Thanks, -- Best regards, */Charles /*
Re: [Dovecot] Duplicated (but only for unread) messages after second rsync pass...
On 22.12.2013, at 17.13, Charles Marcus cmar...@media-brokers.com wrote: Ok, I know I should probably be using dsync for this, but I'm more familiar with rsync, and didn't think this would be a problem. Here is what I am doing, and what is apparently happening (only done this once, but I'm guessing it will happen each time): rsync -avHP /mnt/vmail/example.com/user1/ /var/vmail/example.com/user1/ chown -R vmail:vmail /var/vmail/example.com Ok, so far so good, everything works fine accessing the mails (I'm using Thunderbird). Now I do another rsync, but this time I did the entire mailstore: rsync -avHP /mnt/vmail/example.com/ /var/vmail/example.com/ chown -R vmail:vmail /var/vmail/example.com Right after I started up dovecot again, I hot a bunch of these in the logs: 2013-12-22T09:52:51-05:00 newhost dovecot: imap(us...@example.com): Warning: Maildir /var/vmail/example.com/user1/: Expunged message reappeared, giving a new UID (old uid=45516, file=1387468268.Vfe02Ic1343fM845754.oldhost.sub.example.com:2,ST) 2013-12-22T09:52:51-05:00 newhost dovecot: imap(us...@example.com): Warning: Maildir /var/vmail/example.com/user1/: Expunged message reappeared, giving a new UID (old uid=45518, file=1387468645.Vfe02Ic73e0eM530539.oldhost.sub.example.com:2,ST) The problem is, it looks like every single message that was flagged as unread is now duplicated on the new system. Also - not that this is a problem, but all of the old messages have the fqdn of the old server in the individual email file names - oldhost.sub.example.com - while the new ones only have the local hostname (newhost) The hostname doesn't matter. Did I do something wrong? Or is this going to be an unavoidable problem if I want to use rsync to do the final migration that using dsync would avoid? Use rsync --delete to get rid of the extra mails in destination. And of course don't deliver any new mails to destination before that is done. :)
[Dovecot] 'unknown user' using dovecot LDA
Ok, one more issue to resolve. The old server was still using the postfix/virtual for delivery, but the new one is using the dovecot LDA. Now, when an email generated locally by a cron job is delivered, this shows in the log: 2013-12-22T10:29:55-05:00 host postfix/pickup[31400]: C67FD90F676B2: uid=0 from=newsrv+rkhun...@example.com 2013-12-22T10:29:55-05:00 host postfix/cleanup[22349]: C67FD90F676B2: message-id=20131222152955.c67fd90f67...@smtp2.example.com 2013-12-22T10:29:55-05:00 host postfix/qmgr[31401]: C67FD90F676B2: from=newsrv+rkhun...@example.com, size=1555, nrcpt=1 (queue active) 2013-12-22T10:29:55-05:00 host dovecot: auth-worker(22365): passwd(us...@example.com): unknown user 2013-12-22T10:29:55-05:00 host dovecot: lda(us...@example.com): msgid=20131222152955.c67fd90f67...@smtp2.example.com: saved mail to INBOX 2013-12-22T10:29:55-05:00 host postfix/pipe[22361]: C67FD90F676B2: to=user1+rkhunter-rep...@example.com, relay=dovecot, delay=0.06, delays=0.02/0/0/0.04, dsn=2.0.0, status=sent (delivered via dovecot service) 2013-12-22T10:29:55-05:00 host postfix/qmgr[31401]: C67FD90F676B2: removed The mail was delivered (as the log also clearly shows), but what is with the 'unknown user'? I'm not sure how I can test my maps with dovecot, but testing with postfix shows: # postmap -q us...@example.com mysql:/etc/postfix/maps/mysql/vmm.cf example.com/user1/ Which is correct. And my dovecot-sql-conf.ext contains: driver = mysql connect = host=localhost dbname=db_name user=dbuser password=password default_pass_scheme = CRYPT password_query = \ SELECT username AS user, password \ FROM mailbox WHERE username = '%u' user_query = \ SELECT CONCAT('/var/vmail/', maildir) AS home \ FROM mailbox WHERE username = '%u' iterate_query = SELECT username AS user FROM mailbox I confirmed the db info is identical to what postfix is using. Oh - and in order to make sure that all usernames are lowercased, shouldn't I change '%u' above to '%Lu'? Appreciate any suggestions on where to go next... thanks -- Best regards, */Charles/*
Re: [Dovecot] Duplicated (but only for unread) messages after second rsync pass...
On 2013-12-22 10:37 AM, Timo Sirainen t...@iki.fi wrote: Use rsync --delete to get rid of the extra mails in destination. I wondered if that would do it... thanks. And of course don't deliver any new mails to destination before that is done.:) Well, at least I knew not to do that... ;) Thanks Timo. -- Best regards, */Charles/*
Re: [Dovecot] 'unknown user' using dovecot LDA
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 22-12-13 16:43, Charles Marcus wrote: Ok, one more issue to resolve. The old server was still using the postfix/virtual for delivery, but the new one is using the dovecot LDA. Now, when an email generated locally by a cron job is delivered, this shows in the log: 2013-12-22T10:29:55-05:00 host postfix/pickup[31400]: C67FD90F676B2: uid=0 from=newsrv+rkhun...@example.com 2013-12-22T10:29:55-05:00 host postfix/cleanup[22349]: C67FD90F676B2: message-id=20131222152955.c67fd90f67...@smtp2.example.com 2013-12-22T10:29:55-05:00 host postfix/qmgr[31401]: C67FD90F676B2: from=newsrv+rkhun...@example.com, size=1555, nrcpt=1 (queue active) 2013-12-22T10:29:55-05:00 host dovecot: auth-worker(22365): passwd(us...@example.com): unknown user This is an error from the passwd authentication backend, not from the mysql one you're checking below. Seems that you have 2 auth backends enabled in dovecot... 2013-12-22T10:29:55-05:00 host dovecot: lda(us...@example.com): msgid=20131222152955.c67fd90f67...@smtp2.example.com: saved mail to INBOX 2013-12-22T10:29:55-05:00 host postfix/pipe[22361]: C67FD90F676B2: to=user1+rkhunter-rep...@example.com, relay=dovecot, delay=0.06, delays=0.02/0/0/0.04, dsn=2.0.0, status=sent (delivered via dovecot service) 2013-12-22T10:29:55-05:00 host postfix/qmgr[31401]: C67FD90F676B2: removed The mail was delivered (as the log also clearly shows), but what is with the 'unknown user'? I'm not sure how I can test my maps with dovecot, but testing with postfix shows: # postmap -q us...@example.com mysql:/etc/postfix/maps/mysql/vmm.cf example.com/user1/ Which is correct. And my dovecot-sql-conf.ext contains: driver = mysql connect = host=localhost dbname=db_name user=dbuser password=password default_pass_scheme = CRYPT password_query = \ SELECT username AS user, password \ FROM mailbox WHERE username = '%u' user_query = \ SELECT CONCAT('/var/vmail/', maildir) AS home \ FROM mailbox WHERE username = '%u' iterate_query = SELECT username AS user FROM mailbox I confirmed the db info is identical to what postfix is using. Oh - and in order to make sure that all usernames are lowercased, shouldn't I change '%u' above to '%Lu'? Appreciate any suggestions on where to go next... thanks -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJStwoaAAoJEJPfMZ19VO/1MkIQAK2u3lQOUI6zHGQzoO7iNjQP OAHmFyn/QnPSRGd7O+EAHSG6vvz6QBgf0qpUSym8nPu+jDaG564eZwqfQu1cIa2c uerz0ZDYk8hu4XqKHP83c/A5SsoG8QbmO0LTwr3wSSvmvOS4G1agMqpZt2r5r2pG aiAbHgQYWbp906F0absak/W4XAIJltqiIxQ1QcFhhXjovmiQTxugiCgx7RhxY5dx Li1KWzGZbl9cANQvUn8Sy7UIkYtu40qcZn150DYq3iKKT2cA18PSSPA8Rur/zigT vidhIB+h0p+qNlGKs1rUlKifX2fD9JhGa/GinotBi33PTZPsTzVzYESgBYR9/nFH ekgraAJ+xHva2K0dKartzzddHvweAub0PxXn4YZw5X4fxYyITGuWqDBsB2Pn38XW xQRjWQ2nnjNH7YHrCiwAcykU71jT6kYJwSBp1SxkWRHlk9HTDPKH0P+SRJJ03Bri 2CfkutX8GNVNXlME2G1yqDhV03XOPziEwdRUSB5t2jgZWrMYTE21zfpLLLUYhNKa JYnShmpEkRk9VpGquk1fCTMZNtTIomdcqwtfd0r0cPwXFx2KVTBJfkvwR8CCX850 QgiwlTARaLrF8VVT9ujLP2uBieoeDOIJOEAFs86BxQVmLqBkZJVn3raJikhzoHJo pxe1lAFyeF5C7zjD1i5x =rG+d -END PGP SIGNATURE-
Re: [Dovecot] Duplicated (but only for unread) messages after second rsync pass...
Am 22.12.2013 16:44, schrieb Charles Marcus: On 2013-12-22 10:37 AM, Timo Sirainen t...@iki.fi wrote: Use rsync --delete to get rid of the extra mails in destination. I wondered if that would do it... thanks in case of a 1:1 rsync you always want the parameters below to include any sort of links, permissions and attributes [harry@srv-rhsoft:~]$ which rsync.sh /usr/local/bin/rsync.sh [harry@srv-rhsoft:~]$ cat /usr/local/bin/rsync.sh #!/bin/bash # -z compress # -t timestamps # -P progress # -r recursive # -l links # -H hard-links # -p permissions # -o owner # -g group # -E executability # -A acls # -X xtended attributes # Sicherstellen dass Source UND Target uebergeben wurden if [ $1 == ] || [ $2 == ] || [ $1 == $2 ]; then echo USAGE: rsync.sh source target [bwlimit] exit fi # Standard-Parameter RSYNC_PARAMS=--no-motd --force --delete-after --devices --specials --sparse -tPrlHpogEAX # Wenn in einem der beiden Paramneter ein @ vorkommt Komprimierung einschalten # Ansonsten handelt es sich um zwei lokale Ordner und rsync wuerde die # Daten ohne Sinn komprimieren if [ `grep '@' $1` ] || [ `grep '@' $2` ]; then RSYNC_PARAMS=--compress --sockopts=SO_SNDBUF=32768,SO_RCVBUF=32768 $RSYNC_PARAMS fi if [ $3 != ]; then RSYNC_PARAMS=--bwlimit=$3 $RSYNC_PARAMS fi # Eigentliches Kommando ausfuehren nice -n 19 rsync $RSYNC_PARAMS --rsync-path='nice -n 19 rsync' $1 $2 signature.asc Description: OpenPGP digital signature
Re: [Dovecot] 'unknown user' using dovecot LDA
On 2013-12-22 10:49 AM, Tom Hendrikx t...@whyscream.net wrote: On 22-12-13 16:43, Charles Marcus wrote: 2013-12-22T10:29:55-05:00 host postfix/pickup[31400]: C67FD90F676B2: uid=0 from=newsrv+rkhun...@example.com 2013-12-22T10:29:55-05:00 host postfix/cleanup[22349]: C67FD90F676B2: message-id=20131222152955.c67fd90f67...@smtp2.example.com 2013-12-22T10:29:55-05:00 host postfix/qmgr[31401]: C67FD90F676B2: from=newsrv+rkhun...@example.com, size=1555, nrcpt=1 (queue active) 2013-12-22T10:29:55-05:00 host dovecot: auth-worker(22365): passwd(us...@example.com): unknown user This is an error from the passwd authentication backend, not from the mysql one you're checking below. Seems that you have 2 auth backends enabled in dovecot... Ah, right you are, thanks! Missed that (it was staring me in the face) - doveconf -n shows: userdb { driver = passwd } userdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } One thing about dovecots config I've learned during this process... it is confusing sometimes to determine where any given setting is coming from, given the number of different default config files.. Grepping of course will help you find it, but it would be nice if there was some way to simplify this... Maybe cut down on the number of different config files (ie, combine all of the different auth-* files into one)? Or maybe a verbose flag you could pass to doveconf -n - ie, 'doveconf -nv' - that would sort the output based on the config file that each group of settings came from, with a comment above each group of settings, ie: doveconf -nv ... # from /etc/dovecot/conf.d/auth-system.conf.ext userdb { driver = passwd } # from /etc/dovecot/conf.d/auth-sql.conf.ext userdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } But, like I said, it isn't all that difficult to find them so not a huge deal. Anyway, problem solved - thanks again Tom... -- Best regards, */Charles/*
Re: [Dovecot] 'unknown user' using dovecot LDA
Am 22.12.2013 17:24, schrieb Charles Marcus: One thing about dovecots config I've learned during this process... it is confusing sometimes to determine where any given setting is coming from, given the number of different default config files.. Grepping of course will help you find it, but it would be nice if there was some way to simplify this... Maybe cut down on the number of different config files you are free to use only one config file as below and a second one /etc/dovecot/sql.conf referred there contains the sensible autentication configuration hence my RPM-SPEC does not include a single config file [root@testserver:~]$ cat /etc/dovecot/dovecot.conf # provided services protocols = imap pop3 # configure ssl ssl= yes ssl_cert = /etc/postfix/certs/localhost.pem ssl_key= /etc/postfix/certs/localhost.pem ssl_cipher_list= ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-RSA-CAMELLIA256-SHA:CAMELLIA128-SHA:CAMELLIA256-SHA:ECDHE-RSA-DES-CBC3-SHA:DES-CBC3-SHA:!SSLv2 ssl_prefer_server_ciphers = yes ssl_parameters_regenerate = 0 # configure imap-proxy service imap-login { inet_listener imap { address= **.**.**.** port = 143 } inet_listener imaps { address= **.**.**.** port = 993 } vsz_limit= 128M service_count= 0 process_min_avail= 1 process_limit= 1 client_limit = 200 } # configure pop3-proxy service pop3-login { inet_listener pop3 { address= **.**.**.** port = 110 } inet_listener pop3s { address= **.**.**.** port = 995 } vsz_limit= 128M service_count= 0 process_min_avail= 1 process_limit= 1 client_limit = 200 } # default settings imap_capability= IMAP4 IMAP4rev1 ACL RIGHTS=texk NAMESPACE CHILDREN SORT QUOTA THREAD=ORDEREDSUBJECT UNSELECT IDLE login_greeting = login_log_format_elements = %u %r %m %k login_log_format = %{login_status}: %s mail_max_userip_connections= 100 auth_mechanisms= CRAM-MD5 DIGEST-MD5 SCRAM-SHA-1 APOP LOGIN PLAIN disable_plaintext_auth = no shutdown_clients = no version_ignore = yes # Logging syslog_facility= mail # authentication process auth_worker_max_count = 50 auth_cache_size= 1024 auth_cache_ttl = 600 auth_cache_negative_ttl= 600 auth_username_chars= abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@% auth_username_translation = %@AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz # debug options auth_debug = no auth_debug_passwords = no auth_verbose = no mail_debug = no verbose_ssl= no # configure proxy-database passdb { driver= sql args = /etc/dovecot/sql.conf } # we are not using local users userdb { driver= static args = static uid=1 gid=1 home=/dev/null } # configure backend for postfix sasl-auth service auth { unix_listener /var/spool/postfix/private/auth { mode = 0660 user = postfix group= postfix } } signature.asc Description: OpenPGP digital signature
Re: [Dovecot] 'unknown user' using dovecot LDA
On 2013-12-22 11:29 AM, Reindl Harald h.rei...@thelounge.net wrote: Am 22.12.2013 17:24, schrieb Charles Marcus: One thing about dovecots config I've learned during this process... it is confusing sometimes to determine where any given setting is coming from, given the number of different default config files.. Grepping of course will help you find it, but it would be nice if there was some way to simplify this... Maybe cut down on the number of different config files you are free to use only one config file as below and a second one /etc/dovecot/sql.conf referred there contains the sensible autentication configuration I know this, and indeed I do this myself. I wasn't talking about your RPM-SPEC file, I was talking about the numerous dovecot config files that are installed in a new default installation. It is very confusing for people new to dovecot (I didn't have any major problems, because I'm not new, but installing it fresh gave me a new perspective). -- Best regards, */Charles/*
Re: [Dovecot] search gives variable/different results
Hi, Still having search troubles. I expect to get 9 results in two mailboxes, 3 in the first one and six in de second one. Total mailboxes in shared/ is around 1100. doveadm search mailbox shared/Products/VIP* TO stromvers - all expected results doveadm search mailbox shared/Products/VIP/* TO stromvers - first 3 ok, from last box only the last 3. doveadm search mailbox shared/Products* TO stromvers - sometimes last 2 from 1st mailbox, last 4 from 2nd mailbox sometimes no results at all doveadm search mailbox shared/Products/* TO stromvers - some results from 2nd mailbox Is the search syntax O use wrong? I added some printf statements to see what is going on. It seems to walk all mailboxes. Unfortunately I don't know how to have doveadm use the lib21_fts_squat_plugin.so I build. It always loads the one from /usr/libs. $ dovecot -n # 2.2.9 (5c170e0786f3): /etc/dovecot/dovecot.conf # OS: Linux 3.12.0-031200-generic x86_64 Ubuntu 13.10 auth_verbose = yes disable_plaintext_auth = no log_path = /var/log/dovecot.log mail_debug = yes mail_plugins = fts fts_squat mail_privileged_group = mail namespace { hidden = yes inbox = yes list = no location = mbox:~/mail:INBOX=/var/mail/%u prefix = #mbox/ separator = / } namespace { list = yes location = sdbox:/home/imapshared-sdbox prefix = shared/ separator = / subscriptions = no type = public } namespace inbox { location = sdbox:~/sdboxmail mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox Sent Messages { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / } passdb { driver = pam } plugin { fts = squat fts_autoindex = yes fts_squat = partial=4 full=10 sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap ssl_cert = /etc/ssl/certs/dovecot.pem ssl_key = /etc/ssl/private/dovecot.pem userdb { driver = passwd } verbose_ssl = yes protocol imap { imap_client_workarounds = tb-extra-mailbox-sep tb-lsub-flags } -- Willem-Jan de Hoog
[Dovecot] Dovecot proxying with LDAP - an example?
Hi all, I have been struggling trying to understand the syntax to configure dovecot as a proxy against an LDAP server. As a single server dovecot works great. Now I want to add the mailHost attribute which, if present, should indicate the DNS name of the host that contains the person's mailbox. If the mailHost matches the local hostname, the mailbox should be served locally as it already does now. If the mailHost is not the local hostname, dovecot should proxy the request to the given server using SSL on port 993. The docs at http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy suggest that proxy_always is what I am looking for, but I cannot find any worked examples of how this might work. Has anyone attempted this before? What I have so far is this, but no proxying seems to take place: pass_attrs = mail=user,userPassword=password,\ mailMessageStore=userdb_mail,=proxy_always=y,mailHost=host,=ssl=yes Can anyone confirm? I am using dovecot v2.0.9 as provided out the box by RHEL6. Regards, Graham --
Re: [Dovecot] Duplicated (but only for unread) messages after second rsync pass...
On 2013-12-22 10:37 AM, Timo Sirainen t...@iki.fi wrote: Use rsync --delete to get rid of the extra mails in destination. And of course don't deliver any new mails to destination before that is done. :) Thanks Timo - but I'm curious why this only affected UNREAD messages? Even ones that were not new since the first rsync (some were over a month old, but still marked as unread, and those were duplicated too). -- Best regards, */Charles/*
[Dovecot] TLS SNI with Dovecot
Hi! I've been using Dovecot for one single Domain with SSL certificates. Now I would like to use Dovecot with several Domains and proper SSL certificates. I tried to setup TLS SNI but it does not work. What I basically did was just adding local_name imap.samsoft.at { ssl_cert = /etc/ssl/private/mailserver/imap.samsoft.at.crt ssl_key = /etc/ssl/private/mailserver/imap.samsoft.at.key } for the additional domain. When trying to login via IMAP, I see the following lines in the log file: === Dec 22 21:01:05 mx0 dovecot: imap-login: Warning: SSL alert: where=0x4004, ret=554: fatal bad certificate [151.236.5.22] Dec 22 21:01:05 mx0 dovecot: imap-login: Warning: SSL failed: where=0x2002: SSLv3 read client certificate A [151.236.5.22] Dec 22 21:01:05 mx0 dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=, rip=151.236.5.22, lip=151.38.7.25, TLS handshaking: SSL_accept() failed: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate: SSL alert number 42, session=Rg5EzyXutgCX7AaF === The actual Dovecot config is pasted below. How can I solve that and server different certificates on the same IP Address? Thanks, Michael doveconf -n # 2.2.7: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-042stab076.8 i686 CentOS release 6.5 (Final) simfs auth_mechanisms = plain login mail_location = maildir:/var/mail/vhosts/%d/%n mail_plugins = notify mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave imapflags namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox Sent Messages { special_use = \Sent } mailbox Spam { auto = subscribe special_use = \Junk } mailbox Trash { auto = subscribe special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } plugin { antispam_backend = dspam antispam_dspam_args = --source=error;--signature=%%s;--user;%u antispam_dspam_binary = /usr/bin/dspam antispam_signature = X-DSPAM-Signature antispam_signature_missing = move antispam_spam = Spam antispam_trash = trash;Trash;Deleted Items;Deleted Messages sieve = /var/mail/vhosts/sieve-scripts/%d/%n/.dovecot.sieve sieve_before = /var/mail/vhosts/sieve-scripts/before sieve_dir = /var/mail/vhosts/sieve-scripts/%d/%n/sieve sieve_extensions = +imapflags } postmaster_address = postmas...@changed.at protocols = imap pop3 lmtp sieve service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } unix_listener auth-userdb { mode = 0600 user = vmail } user = dovecot } service dict { unix_listener dict { user = vmail } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } service managesieve-login { inet_listener sieve { port = 4190 } } ssl = required ssl_ca = /etc/ssl/private/mailserver/ca-bundle.crt ssl_cert = /etc/ssl/private/mailserver/mx0.domain1.at.pem ssl_key = /etc/ssl/private/mailserver/mx0.domain1.at.key userdb { driver = prefetch } userdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } protocol lmtp { mail_plugins = sieve } protocol lda { mail_plugins = sieve } protocol imap { mail_plugins = antispam } local_name imap.samsoft.at { ssl_cert = /etc/ssl/private/mailserver/imap.samsoft.at.crt ssl_key = /etc/ssl/private/mailserver/imap.samsoft.at.key }
Re: [Dovecot] TLS SNI with Dovecot
Am 22.12.2013 22:07, schrieb Michael Neurohr: I've been using Dovecot for one single Domain with SSL certificates. Now I would like to use Dovecot with several Domains and proper SSL certificates. I tried to setup TLS SNI but it does not work. What I basically did was just adding forget it - SNI is relevant for webservers because different vhosts with different contents, typically not for mailservers why do you start the burden of different certs instead mail.your-company.tld and give that hostname to any user? __ there are good reasons that other hosters are doing the same http://www.df.eu/at/service/df-faq/e-mail/pop3-imap-postfaecher/mail-programme/ unencrypted: imap.your-domain.tld encrypted: sslmailpool.ispgateway.de while the unencrpyted from is also stupid from maintaince point of view we did that for some years and it did not work out in any sense signature.asc Description: OpenPGP digital signature
Re: [Dovecot] TLS SNI with Dovecot
On 12/22/2013 04:26 PM, Reindl Harald wrote: forget it - SNI is relevant for webservers because different vhosts with different contents, typically not for mailservers why do you start the burden of different certs instead mail.your-company.tld and give that hostname to any user? While it's true that there is no strictly technical benefit to SNI in IMAP, it can perhaps have benefits in terms of presentability. Hosted domain customers might want to be able to use their own certificates issued to them rather than using Subject Alternate Names etc, for purely cosmetic reasons.
Re: [Dovecot] TLS SNI with Dovecot
Am 22.12.2013 23:09, schrieb Gedalya: On 12/22/2013 04:26 PM, Reindl Harald wrote: forget it - SNI is relevant for webservers because different vhosts with different contents, typically not for mailservers why do you start the burden of different certs instead mail.your-company.tld and give that hostname to any user? While it's true that there is no strictly technical benefit to SNI in IMAP, it can perhaps have benefits in terms of presentability. Hosted domain customers might want to be able to use their own certificates issued to them rather than using Subject Alternate Names etc, for purely cosmetic reasons. hopefully they pay for that cosmetic reasons or leave technical things to techs keep in mind that you need a certificate with each used domain as SAN (subject alternative name) which means each time you host a new domain you need to change the certificate - Thawte calculates 169,- per jear and SAN - have fun :-) then there are mail-clients - which of them do not support SNI, or in case of mail clients which of them do support it properly and how is the presentability in case of certificate warnings for the one which does not 169,- for cosmetic reasons - well, i would prefer a chiropody instead. signature.asc Description: OpenPGP digital signature
[Dovecot] move mailbox to LAYOUT=fs
Hello, I think about migrating small servers storage to LAYOUT=fs (http://wiki2.dovecot.org/MailLocation/Maildir#Directory_layout) Is there a smooth way to adjust the existing folders? Andreas
[Dovecot] auth: Error: net_accept() failed: Too many open files
Hi All, I got below errors when I do some 2000 users concurrency test against dovecot 2.1.7. Dec 23 10:18:52 auth: Error: net_accept() failed: Too many open files Dec 23 10:18:52 auth: Error: net_accept() failed: Too many open files Dec 23 10:18:52 auth: Error: net_accept() failed: Too many open files Dec 23 10:18:52 auth: Error: net_accept() failed: Too many open files Dec 23 10:18:52 auth: Error: net_accept() failed: Too many open files Dec 23 10:18:52 auth: Error: net_accept() failed: Too many open files Dec 23 10:18:52 auth: Error: net_accept() failed: Too many open files Dec 23 10:18:52 auth: Error: net_accept() failed: Too many open files Dec 23 10:18:52 auth: Error: net_accept() failed: Too many open files Dec 23 10:18:52 auth: Error: net_accept() failed: Too many open files Dec 23 10:18:52 auth: Error: net_accept() failed: Too many open files I seems the auth process become the bottleneck as there is only one auth process. service auth-worker { process_limit = 1000 } service imap-login { process_min_avail = 48 service_count = 0 } service imap { process_limit = 10240 process_min_avail = 8 } I find that the auth process does not open too many files with lsof, and my limit is very big(100). How to fix this? Thanks!
Re: [Dovecot] Horde + dovecot metadata support
Am 19.12.2013 11:23 schrieb Andreas Schulze: Horde (http://horde.org) has the ability to store its preferences direct into a users imap mailbox using imap metadata extension. There are two implementations of the imap extension. 1. a dovecot plugin: http://hg.dovecot.org/dovecot-metadata-plugin 2. dovecot itself: http://www.dovecot.org/list/dovecot/2013-November/093243.html Hello, thanks to Timo to fix the issue in Version dovecot-2.2.10. With minimal configuration¹ Horde-5.1.5 can now store its preferences in an IMAP folder. ¹ in dovecot.conf: imap_metadata = yes mail_attribute_dict = file:Maildir/dovecot-metadata -- Andreas Schulze Internetdienste | P252 DATEV eG 90329 Nürnberg | Telefon +49 911 319-0 | Telefax +49 911 319-3196 E-Mail info @datev.de | Internet www.datev.de Sitz: 90429 Nürnberg, Paumgartnerstr. 6-14 | Registergericht Nürnberg, GenReg Nr.70 Vorstand Prof. Dieter Kempf (Vorsitzender) Dipl.-Kfm. Wolfgang Stegmann (stellvertretender Vorsitzender) Dipl.-Kfm. Michael Leistenschneider Dipl.-Kfm. Dr. Robert Mayr Jörg Rabe v. Pappenheim Dipl.-Vw. Eckhard Schwarzer Vorsitzender des Aufsichtsrates: Reinhard Verholen
Re: [Dovecot] [dovecot-2.2.5] Duplicates in mdbox
Hi, radek radekbu...@tlen.pl escribió: Hi I have strange situation with one of mailboxes in mdbox format. Some messages are duplicated, not all. I am sure that is not sieve or another mail client issue, because access is via roundcube without sieve plugin. In maillog I have not found any suspicious information about this problem and i can see that from postfix do dovecot-lda was piped only one copy of message. I have a similar problem, but not the same (if this could give you a clue). In my case I think that is fault of the email client (thunderbird). I have some users with a lot of emails in some folders. These emails are received from web applications that send a lot of of them. In my case, the user receives them in his inbox folder and with a filter in his client they are moved to another folder. This is where I think that duplication are done (since one user move the filter from his client to a sieve script in the server, there are no more duplications ) -- Angel L. Mateo Martínez Sección de Telemática Área de Tecnologías de la Información y las Comunicaciones Aplicadas (ATICA) http://www.um.es/atica Tfo: 868889150 Fax: 86337