[Dovecot] Error Initializing mail storage ... after upgrading to 2.2.10
Hi, I did the upgrade frpom 1.2.x to 2.2.10 and had some warnings/errors on a very few accounts/mailboxes. All of them where permission related and solved. Dovecot rocks again. But on one mailbox I do get an error: Error: user rechnnugseingang-animationsinstitut: Initialization failed: Initializing mail storage from mail_location setting failed Error: Invalid user settings. Refer to server log for more information. There is a homedirectory and the permissions are set like on all other accounts. The username is quite long (35 characters) but an other one with 34 is working fine. And before the upgrade there was no error. Thnaks for any help or hint. Regards . Götz -- Götz Reinicke IT-Koordinator Tel. +49 7141 969 82 420 E-Mail goetz.reini...@filmakademie.de Filmakademie Baden-Württemberg GmbH Akademiehof 10 71638 Ludwigsburg www.filmakademie.de Eintragung Amtsgericht Stuttgart HRB 205016 Vorsitzender des Aufsichtsrats: Jürgen Walter MdL Staatssekretär im Ministerium für Wissenschaft, Forschung und Kunst Baden-Württemberg Geschäftsführer: Prof. Thomas Schadt smime.p7s Description: S/MIME Cryptographic Signature
Re: [Dovecot] Error Initializing mail storage ... after upgrading to 2.2.10
G?tz Reinicke - IT Koordinator goetz.reini...@filmakademie.de wrote: But on one mailbox I do get an error: Error: user rechnnugseingang-animationsinstitut: Initialization failed: Initializing mail storage from mail_location setting failed Error: Invalid user settings. Refer to server log for more information. And the server logs says ...? Maybe the '-' is not one of the allowed characters (is there a missing 'e' at the end?) Joseph Tam jtam.h...@gmail.com
Re: [Dovecot] Error Initializing mail storage ... after upgrading to 2.2.10
Am 27.02.14 09:31, schrieb Joseph Tam: G?tz Reinicke - IT Koordinator goetz.reini...@filmakademie.de wrote: But on one mailbox I do get an error: Error: user rechnnugseingang-animationsinstitut: Initialization failed: Initializing mail storage from mail_location setting failed Error: Invalid user settings. Refer to server log for more information. And the server logs says ...? Maybe the '-' is not one of the allowed characters (is there a missing 'e' at the end?) Oops missed something may be, but I dont see anything in the dovecot.log or syslogs. The '-' is allowed as we do have other accounts with that character and there is no typo. May be i can increase the logging level ... /Götz -- Götz Reinicke IT-Koordinator Tel. +49 7141 969 82 420 E-Mail goetz.reini...@filmakademie.de Filmakademie Baden-Württemberg GmbH Akademiehof 10 71638 Ludwigsburg www.filmakademie.de Eintragung Amtsgericht Stuttgart HRB 205016 Vorsitzender des Aufsichtsrats: Jürgen Walter MdL Staatssekretär im Ministerium für Wissenschaft, Forschung und Kunst Baden-Württemberg Geschäftsführer: Prof. Thomas Schadt smime.p7s Description: S/MIME Cryptographic Signature
Re: [Dovecot] Error Initializing mail storage ... after upgrading to 2.2.10
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 27 Feb 2014, Götz Reinicke - IT Koordinator wrote: But on one mailbox I do get an error: Error: user rechnnugseingang-animationsinstitut: Initialization failed: Initializing mail storage from mail_location setting failed Error: Invalid user settings. Refer to server log for more information. Is above error the only error in the log? There is a homedirectory and the permissions are set like on all other accounts. The username is quite long (35 characters) but an other one with 34 is working fine. I do not have such long names ... I suggest to turn on mail_debug, then you see all paths a.s.o. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUw76OXD1/YhP6VMHAQKAHggApKCLQNsJudvrU3Y+YliFeqX6BgCXLfZU nQZ3ctdR+JZcOtbF+W1+Cxdq74gGtluFL0wFnkWiiQ7b77pJ8D8QaIFmA8U8We1I rci/3ia2+7lklYaOnI59kF/jW7gP+It1x/pM+plP4h/OTaiGygpfByUu2Lb23Lo/ BnPBQxtdDnPzfBMtkan7vWoVD1Y9GTjJecpoEY7R9/CexxSan9Ug0otu6sI1KCGC 5uCrj+fRYDUeTHTvKa5Q1YBY/O8Dx8/WrBXWAc4vZhnCPP57w8o0jXuihpghTzNN 66UvIqRLRK54j4DB1fV1RW4XWV99kAaKwv6SukJfwJLvh02OsfeC7w== =Dzhn -END PGP SIGNATURE-
Re: [Dovecot] Error Initializing mail storage ... after upgrading to 2.2.10
Am 27.02.14 09:41, schrieb Steffen Kaiser: On Thu, 27 Feb 2014, Götz Reinicke - IT Koordinator wrote: But on one mailbox I do get an error: Error: user rechnnugseingang-animationsinstitut: Initialization failed: Initializing mail storage from mail_location setting failed Error: Invalid user settings. Refer to server log for more information. Is above error the only error in the log? Yes, thats the only log for about 8 hours +- now. There is a homedirectory and the permissions are set like on all other accounts. The username is quite long (35 characters) but an other one with 34 is working fine. I do not have such long names ... I suggest to turn on mail_debug, then you see all paths a.s.o. Switched it on, but there are no more error messages. /Götz -- Götz Reinicke IT-Koordinator Tel. +49 7141 969 82 420 E-Mail goetz.reini...@filmakademie.de Filmakademie Baden-Württemberg GmbH Akademiehof 10 71638 Ludwigsburg www.filmakademie.de Eintragung Amtsgericht Stuttgart HRB 205016 Vorsitzender des Aufsichtsrats: Jürgen Walter MdL Staatssekretär im Ministerium für Wissenschaft, Forschung und Kunst Baden-Württemberg Geschäftsführer: Prof. Thomas Schadt smime.p7s Description: S/MIME Cryptographic Signature
[Dovecot] Dovecot2 vs. AD, Inactivity during authentication
Hi,
I'm trying to setup Dovecot2 for
o IMAP client access
o LDA for postfix mail delivery (with SIEVE)
... on a FreeBSD host.
The FreeBSD server has no users (by intention), so I've set up a virtual mail
domain, using LDAP lookups in Postfix. So far so good. Mail delivers into the
proper mailbox.
But I'm stuck getting Dovecot to authenticate. User- and passwd DB's are set
up for LDAP lookups to AD, using an authenticated bind (the AD server offers no
anonymous binds, yet).
I've enabled all the debugging I can find, but my logs have little information
to offer.
Any help in getting me a step further would be much appreciated. In
particular, I'd like to learn how do diagnose these userdb/passdb issues
properly.
Here's what I see in the logs:
Feb 27 12:25:49 mail.info ponyboy dovecot: imap-login: Disconnected:
Inactivity during authentication (disconnected while authenticating, waited 172
secs): user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured,
session=r/ERi2HzQAB/AAAB
Feb 27 12:26:42 mail.err ponyboy dovecot: auth: Error:
PLAIN(js,127.0.0.1,r/ERi2HzQAB/AAAB): Request 74099.1 timed out after 225
secs, state=1
This logging is related to the folloging IMAP session:
ponyboy% telnet localhost 143
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE
AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
a login js suppressed
* OK Waiting for authentication process to respond..
* BYE Disconnected for inactivity during authentication.
Connection closed by foreign host.
Here's my config:
$ dovecot -n
# 2.2.10: /usr/local/etc/dovecot/dovecot.conf
# OS: FreeBSD 10.0-RELEASE amd64 ufs
auth_debug = yes
auth_mechanisms = plain login
auth_username_format = %Ln
auth_verbose = yes
first_valid_gid = 1000
first_valid_uid = 1000
imap_client_workarounds = delay-newmail
last_valid_gid = 1000
last_valid_uid = 1000
mail_gid = 1000
mail_location = maildir:/var/mail/on2it/%Ln
mail_uid = 1000
maildir_very_dirty_syncs = yes
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox Sent Messages {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
args = /usr/local/etc/dovecot/on2it-ldap-users.cfg
driver = ldap
}
protocols = imap
service auth-worker {
user = root
}
service auth {
unix_listener /var/spool/postfix/private/auth {
mode = 0666
}
unix_listener auth-userdb {
group = postfix
mode = 0666
user = postfix
}
}
service imap-login {
inet_listener imap {
port = 143
}
}
shutdown_clients = no
ssl = no
userdb {
args = /usr/local/etc/dovecot/on2it-ldap-users-userdb.cfg
driver = ldap
}
valid_chroot_dirs = /var/mail/on2it
$ cat /usr/local/etc/dovecot/on2it-ldap-users.cfg
hosts = dc2.office.on2it.net
ldap_version = 3
base = dc=office,dc=on2it,dc=net
scope=subtree
auth_bind = yes
dn = [suppressed]
dnpass = [suppressed]
pass_attrs = sAMAccountName=user
user_attrs = \
=home=/var/mail/on2it/%{ldap:sAMAccountName}, \
=mail=maildir:/var/mail/on2it/%{ldap:sAMAccountName}
user_filter = ((ObjectClass=person)(sAMAccountName=%u))
pass_filter = ((ObjectClass=person)(sAMAccountName=%u))
iterate_attrs = sAMAccountName=user
iterate_filter = (objectClass=person)
$ ls -l /usr/local/etc/dovecot/on2it-ldap-users-userdb.cfg
lrwxr-xr-x 1 root wheel 20 Feb 27 12:07
/usr/local/etc/dovecot/on2it-ldap-users-userdb.cfg - on2it-ldap-users.cfg
signature.asc
Description: OpenPGP digital signature
Re: [Dovecot] Dovecot2 vs. AD, Inactivity during authentication
Quoth Jeroen Scheerder (27 Feb 2014, 12:38): Here's what I see in the logs: Feb 27 12:25:49 mail.info ponyboy dovecot: imap-login: Disconnected: Inactivity during authentication (disconnected while authenticating, waited 172 secs): user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured, session=r/ERi2HzQAB/AAAB Feb 27 12:26:42 mail.err ponyboy dovecot: auth: Error: PLAIN(js,127.0.0.1,r/ERi2HzQAB/AAAB): Request 74099.1 timed out after 225 secs, state=1 Logging to file instead of syslog, I see a bit more: Feb 27 12:45:27 auth: Debug: Loading modules from directory: /usr/local/lib/dovecot/auth Feb 27 12:45:27 auth: Debug: Wrote new auth token secret to /var/run/dovecot/auth-token-secret.dat Feb 27 12:45:27 auth: Debug: auth client connected (pid=74241) Feb 27 12:45:31 auth: Debug: client in: AUTH1 PLAIN service=imap secured session=9QHH22HzYgB/AAABlip=127.0.0.1 rip=127.0.0.1 lport=143 rport=64354 resp=hidden Feb 27 12:45:31 auth: Debug: ldap(js,127.0.0.1,9QHH22HzYgB/AAAB): bind search: base=dc=office,dc=on2it,dc=net filter=((ObjectClass=person)(sAMAccountName=js)) Feb 27 12:48:27 imap-login: Info: Disconnected: Inactivity during authentication (disconnected while authenticating, waited 176 secs): user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured, session=9QHH22HzYgB/AAAB Feb 27 12:49:16 auth: Debug: ldap(js,127.0.0.1,9QHH22HzYgB/AAAB): result: sAMAccountName=js; sAMAccountName unused Feb 27 12:49:16 auth: Debug: ldap(js,127.0.0.1,9QHH22HzYgB/AAAB): result: sAMAccountName=js Feb 27 12:49:16 auth: Error: PLAIN(js,127.0.0.1,9QHH22HzYgB/AAAB): Request 74241.1 timed out after 225 secs, state=1 Feb 27 12:49:16 auth: Debug: client in: CANCEL 1 Feb 27 12:49:18 auth: Debug: client passdb out: FAIL1 user=js temp Using ldapsearch on this very host, I have verified that this particular ldap query, with the same authenticated bind, actually works: ponyboy% time ldapsearch -o ldif-wrap=no -x -LLL -E pr=200/noprompt -w suppressed \ -H ldap://dc2.office.on2it.net -b dc=office,dc=on2it,dc=net -D suppressed -s sub \ '((ObjectClass=person)(sAMAccountName=js))' sAMAccountName dn: CN=Jeroen Scheerder,OU=Users,OU=Netherlands,OU=ON2IT,DC=office,DC=on2it,DC=net sAMAccountName: js # refldap://DomainDnsZones.office.on2it.net/DC=DomainDnsZones,DC=office,DC=on2it,DC=net # refldap://ForestDnsZones.office.on2it.net/DC=ForestDnsZones,DC=office,DC=on2it,DC=net # refldap://office.on2it.net/CN=Configuration,DC=office,DC=on2it,DC=net # pagedresults: cookie= ldapsearch -o ldif-wrap=no -x -LLL -E pr=200/noprompt -w [...] -H0.00s user 0.00s system 19% cpu 0.019 total signature.asc Description: OpenPGP digital signature
Re: [Dovecot] Error Initializing mail storage ... after upgrading to 2.2.10
On 2/27/2014 3:48 AM, Götz Reinicke - IT Koordinator goetz.reini...@filmakademie.de wrote: Am 27.02.14 09:41, schrieb Steffen Kaiser: On Thu, 27 Feb 2014, Götz Reinicke - IT Koordinator wrote: But on one mailbox I do get an error: Error: user rechnnugseingang-animationsinstitut: Initialization failed: Initializing mail storage from mail_location setting failed Error: Invalid user settings. Refer to server log for more information. Is above error the only error in the log? Yes, thats the only log for about 8 hours +- now. There is a homedirectory and the permissions are set like on all other accounts. The username is quite long (35 characters) but an other one with 34 is working fine. I do not have such long names ... I suggest to turn on mail_debug, then you see all paths a.s.o. Switched it on, but there are no more error messages. doveconf -n output? (should have provided that in the first email)
[Dovecot] maildir quota divergence
Hello; We are using maildir quotas and have found differences in many users in respect to what system command are showing and doveadm quotas. For example, four user test, we have: doveadm quota get -u test Quota name TypeValue Limit% STORAGE 98066 102400 95 MESSAGE 883 -0 But if we check user mail_location with du system command we get he is using 70458 Kb. We are running dovecot 2.1.17 ¿any clue? Thanks in advance.
Re: [Dovecot] maildir quota divergence
An addition. It might be related to a recent upgrade from 2.0 branch to 2.1.17 Thanks in advance. El 27/02/2014 14:12, Juan Carlos Sanchez escribió: Hello; We are using maildir quotas and have found differences in many users in respect to what system command are showing and doveadm quotas. For example, four user test, we have: doveadm quota get -u test Quota name TypeValue Limit% STORAGE 98066 102400 95 MESSAGE 883 -0 But if we check user mail_location with du system command we get he is using 70458 Kb. We are running dovecot 2.1.17 ¿any clue? Thanks in advance. -- -- Juan Carlos Sanchez Hernandez Responsable de Seguridad y Correo Electronico Servicio de Planificacion Informatica y Comunicaciones Universidad Politecnica de Madrid Rectorado Avda. Ramiro de Maeztu 7 28040 Madrid --
Re: [Dovecot] maildir quota divergence
On Thu Feb 27 14:12:19 2014, Juan Carlos Sanchez wrote: We are using maildir quotas and have found differences in many users in respect to what system command are showing and doveadm quotas. For example, four user test, we have: doveadm quota get -u test Quota name TypeValue Limit % STORAGE 98066 102400 95 MESSAGE 883 - 0 But if we check user mail_location with du system command we get he is using 70458 Kb. We are running dovecot 2.1.17 ¿any clue? Please show us your doveconf -n. There are a lot of possibilities, it can even be correct (if you use dbox and the user makes lots of copies of his mails). Yours Jost Krieger -- | jost.krieger+...@ruhr-uni-bochum.de Please help stamp out spam! | | Postmaster, JAPH, resident answer machineat RUB Comp. Center | | Sincere words are not sweet, sweet words are not sincere.| | Lao Tse, Tao Te King 81 |
[Dovecot] Dovecot Migration: Retrieving/Logging POP/IMAP Passwords in Plaintext
Hi List
I'm currently in the process of migrating my dovecot imap/pop users to a
new server and have to extract their passwords in order to import them into
the new system (different password encryption schemes).
I've tried enabling auth_* debug parameters in my dovecot.conf in the hope
that this would result in logging plaintext passwords to the dovecot log.
However dovecot does not log the passwords in plaintext under any debugging
configuration.
My question: Is there any other configuration of dovecot that would allow
me to capture POP/IMAP passwords at a successful login time?
Dovecot version: 1.0.7 (from dovecot-1.0.7-7.el5_7.1 rpm)
The output of dovecot -n is:
---
# 1.0.7: /etc/dovecot.conf
info_log_path: /var/log/dovecot.debug
verbose_ssl: yes
login_dir: /var/run/dovecot/login
login_executable(default): /usr/libexec/dovecot/imap-login
login_executable(imap): /usr/libexec/dovecot/imap-login
login_executable(pop3): /usr/libexec/dovecot/pop3-login
mail_location: mbox:~:INBOX=~/Mailbox
mail_debug: yes
mail_executable(default): /usr/libexec/dovecot/imap
mail_executable(imap): /usr/libexec/dovecot/imap
mail_executable(pop3): /usr/libexec/dovecot/pop3
mail_plugin_dir(default): /usr/lib64/dovecot/imap
mail_plugin_dir(imap): /usr/lib64/dovecot/imap
mail_plugin_dir(pop3): /usr/lib64/dovecot/pop3
auth default:
mechanisms: plain login
verbose: yes
debug: yes
debug_passwords: yes
passdb:
driver: pam
userdb:
driver: passwd
socket:
type: listen
client:
path: /var/run/dovecot/auth-client
mode: 438
---
My dovecot.conf is as follows:
--
info_log_path = /var/log/dovecot.debug
verbose_ssl = yes
mail_location = mbox:~:INBOX=~/Mailbox
mail_debug = yes
protocol imap {
}
protocol pop3 {
}
protocol lda {
postmaster_address = postmas...@example.com
}
auth_verbose = yes
auth_debug = yes
auth_debug_passwords = yes
auth default {
mechanisms = plain login
passdb pam {
}
userdb passwd {
}
user = root
socket listen {
client {
path = /var/run/dovecot/auth-client
mode = 0666
}
}
}
dict {
}
plugin {
}
---
Many thanks in advance!
Traiano
Re: [Dovecot] Dovecot Migration: Retrieving/Logging POP/IMAP Passwords in Plaintext
On 2/27/2014 8:47 AM, Traiano Welcome trai...@gmail.com wrote: Dovecot version: 1.0.7 (from dovecot-1.0.7-7.el5_7.1 rpm) No other response is possible except: UPGRADE. 1.x has been unsupported forfar too long for anyone to waste time on it. Best regards, Charles
Re: [Dovecot] Dovecot Migration: Retrieving/Logging POP/IMAP Passwords in Plaintext
Hi Charles Thanks for your response: On Thu, Feb 27, 2014 at 4:06 PM, Charles Marcus cmar...@media-brokers.comwrote: On 2/27/2014 8:47 AM, Traiano Welcome trai...@gmail.com wrote: Dovecot version: 1.0.7 (from dovecot-1.0.7-7.el5_7.1 rpm) No other response is possible except: UPGRADE. 1.x has been unsupported forfar too long for anyone to waste time on it. I agree. Once upgraded to a reasonably recent version, though, what configuration would I use to log plaintext passwords, then ? Best regards, Charles
Re: [Dovecot] Dovecot Migration: Retrieving/Logging POP/IMAP Passwords in Plaintext
On 2/27/2014 9:20 AM, Traiano Welcome trai...@gmail.com wrote: I agree. Once upgraded to a reasonably recent version, though, what configuration would I use to log plaintext passwords, then ? http://wiki2.dovecot.org/Logging Scroll down to the bottom... -- Best regards, Charles
Re: [Dovecot] Error Initializing mail storage ... after upgrading to 2.2.10
Am 27.02.14 13:27, schrieb Charles Marcus:
On 2/27/2014 3:48 AM, Götz Reinicke - IT Koordinator
goetz.reini...@filmakademie.de wrote:
Am 27.02.14 09:41, schrieb Steffen Kaiser:
On Thu, 27 Feb 2014, Götz Reinicke - IT Koordinator wrote:
But on one mailbox I do get an error:
Error: user rechnnugseingang-animationsinstitut: Initialization failed:
Initializing mail storage from mail_location setting failed
Error: Invalid user settings. Refer to server log for more information.
Is above error the only error in the log?
Yes, thats the only log for about 8 hours +- now.
There is a homedirectory and the permissions are set like on all other
accounts.
The username is quite long (35 characters) but an other one with 34 is
working fine.
I do not have such long names ...
I suggest to turn on mail_debug, then you see all paths a.s.o.
Switched it on, but there are no more error messages.
doveconf -n output?
[root@mail ~]# doveconf -n
# 2.2.10: /etc/dovecot/dovecot.conf
doveconf: Warning: service auth { client_limit=1000 } is lower than
required under max. load (2148)
doveconf: Warning: service anvil { client_limit=1000 } is lower than
required under max. load (2151)
# OS: Linux 2.6.18-371.4.1.el5 x86_64 Red Hat Enterprise Linux Server
release 5.10 (Tikanga)
auth_mechanisms = plain login
auth_verbose = yes
disable_plaintext_auth = no
log_path = /var/log/dovecot.log
mail_location = mbox:~/:INBOX=/var/mail/%u
mail_privileged_group = mail
passdb {
driver = pam
}
protocols = imap pop3
service auth {
user = root
}
service imap-login {
process_limit = 1024
process_min_avail = 10
service_count = 1
}
service imap {
process_limit = 1024
vsz_limit = 1 G
}
service pop3-login {
process_limit = 1024
process_min_avail = 10
service_count = 1
}
service pop3 {
process_limit = 1024
vsz_limit = 1 G
}
ssl_ca = /etc/pki/tls/certs/ca-bundle_all.crt
ssl_cert = /etc/pki/tls/certs/mail_filmakademie_de.crt
ssl_cipher_list = ALL:!LOW:!SSLv2
ssl_key = /etc/pki/tls/private/mail_filmakademie_de.key
userdb {
driver = passwd
}
protocol imap {
mail_max_userip_connections = 20
}
--
Götz Reinicke
IT-Koordinator
Tel. +49 7141 969 82 420
E-Mail goetz.reini...@filmakademie.de
Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de
Eintragung Amtsgericht Stuttgart HRB 205016
Vorsitzender des Aufsichtsrats: Jürgen Walter MdL
Staatssekretär im Ministerium für Wissenschaft,
Forschung und Kunst Baden-Württemberg
Geschäftsführer: Prof. Thomas Schadt
smime.p7s
Description: S/MIME Cryptographic Signature
Re: [Dovecot] maildir quota divergence
Here it goes
# 2.1.17: /usr/local/etc/dovecot/dovecot.conf
# OS: SunOS 5.10 sun4u ufs
auth_cache_negative_ttl = 0
auth_cache_size = 1000 k
auth_cache_ttl = 2 hours
auth_master_user_separator = *
auth_verbose = yes
base_dir = /var/run/dovecot
disable_plaintext_auth = no
info_log_path = /var/log/mail/dovecot_info.log
log_path = /var/log/mail/dovecot.log
mail_gid = vmail
mail_location = maildir:/buzones/%1Mn/%n/correo
mail_plugins = quota
mail_privileged_group = mail
mail_uid = vmail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date
namespace inbox {
inbox = yes
location =
mailbox Sent {
auto = subscribe
special_use = \Sent
}
mailbox Trash {
auto = subscribe
special_use = \Trash
}
prefix =
}
passdb {
args = /path_here/file
driver = passwd-file
master = yes
pass = yes
}
passdb {
args = /usr/local/etc/dovecot-ldap.conf
driver = ldap
}
plugin {
quota = maildir
quota_rule = *:storage=100M
quota_rule2 = Trash:storage=+20M
quota_rule3 = SPAM:ignore
quota_warning = storage=95%% quota-warning 95 %u
quota_warning2 = storage=80%% quota-warning 80 %u
sieve = ~/.dovecot.sieve
sieve_global_dir = /path_here/
zlib_save = gz
zlib_save_level = 6
}
protocols = imap pop3 sieve lmtp
service anvil {
client_limit = 4611
}
service auth {
client_limit = 10852
unix_listener auth-client {
mode = 0660
}
unix_listener auth-master {
mode = 0666
}
unix_listener auth-userdb {
mode = 0777
}
user = root
}
service imap-login {
process_min_avail = 4
service_count = 0
}
service imap {
process_limit = 4096
}
service lmtp {
client_limit = 50
executable = lmtp -L
process_min_avail = 20
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0660
user = postfix
}
user = vmail
}
service managesieve-login {
inet_listener sieve_deprecated {
port = 2000
}
process_limit = 1024
}
service managesieve {
process_limit = 1536
}
service pop3-login {
process_limit = 1024
}
service pop3 {
process_limit = 1536
}
service quota-warning {
executable = script /usr/local/bin/quota-warning.sh
user = vmail
}
ssl_ca = /path/file.pem
ssl_cert = /path/file.pem
ssl_key = /path/file.pem
userdb {
args = home=/buzones/%1Mn/%n allow_all_users=yes
driver = static
}
userdb {
driver = prefetch
}
userdb {
args = /usr/local/etc/dovecot-ldap.conf
driver = ldap
}
protocol lda {
auth_socket_path = /var/run/dovecot/auth-master
info_log_path = /var/log/mail/dovecot_deliver.log
log_path = /var/log/mail/dovecot_deliver.log
mail_plugins = quota sieve zlib
sendmail_path = /usr/lib/sendmail
}
protocol imap {
imap_client_workarounds = delay-newmail
mail_max_userip_connections = 10
mail_plugins = quota imap_quota zlib
}
protocol pop3 {
mail_max_userip_connections = 5
mail_plugins = quota zlib
pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
pop3_reuse_xuidl = yes
}
protocol lmtp {
info_log_path = /var/log/mail/dovecot_deliver.log
log_path = /var/log/mail/dovecot_deliver.log
mail_plugins = quota sieve zlib
sendmail_path = /usr/lib/sendmail
}
El 27/02/2014 14:30, Jost Krieger escribió:
Please show us your doveconf -n.
--
--
Juan Carlos Sanchez Hernandez
Responsable de Seguridad y Correo Electronico
Servicio de Planificacion Informatica y Comunicaciones
Universidad Politecnica de Madrid
Rectorado
Avda. Ramiro de Maeztu 7
28040 Madrid
--
Re: [Dovecot] Error Initializing mail storage ... after upgrading to 2.2.10
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Götz Reinicke - IT Koordinator wrote: Am 27.02.14 09:41, schrieb Steffen Kaiser: I suggest to turn on mail_debug, then you see all paths a.s.o. Switched it on, but there are no more error messages. But you'll see lines with home= mail= a.s.o. Are these settings correct? Maybe, post them, too. - -- Steffen -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (Darwin) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iQEVAwUBUw9ib3D1/YhP6VMHAQJLzgf/YzhiwRXvJ+2ntinaFPLEEgBKp5lcah7m 6j+ElZgf1c0ChsJF0V6GOTsYw7UbioLPug+Y0g0i1Sw7+LQO1991xn9OQkD+z1X0 JmaOokoZY/uaHcAZ2+v1s475Ha6HBZd853YGylgvshlo90dqSmcUquHwcTfr0XqT pzPaM8lb663iT8WIw7xQIePWmA5zJA7hEbAMTHmxYUmtcmbyphNzaWXLlEKl9qx1 bBBJdhHbAsCmT7GsgfcQgW1NTvtWoQe+ZCwRC7KOvUPpZaqy1vArMmkubyOPjmUe Za7/0OX1s7dNVEbJMGGcKuG9yPdtr8bYzXZHnLkP+D2LMvsc023YXw== =KLkd -END PGP SIGNATURE-
Re: [Dovecot] maildir quota divergence
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Juan Carlos Sanchez wrote:
Hello;
We are using maildir quotas and have found differences in many
users in respect to what system command are showing and doveadm
quotas.
For example, four user test, we have:
doveadm quota get -u test Quota name TypeValue Limit
% STORAGE 98066 102400
95 MESSAGE 883 -
0
But if we check user mail_location with du system command we get
he is using 70458 Kb.
We are running dovecot 2.1.17
¿any clue?
Did you already tried: doveadm quota recalc -u user?
Did you started du right in Maildir? Use:
cd .../Maildir
du -cs cur new .*/{cur,new}
in order to count message files only.
You do not seem to have activated the hardlink feature. If you did,
you need to count each link, too.
untested size in KB:
find cur new .*/{cur,new} -type f -printf '%k\n' | \
awk ' END { print n } { n=n+$1 } '
- --
Steffen
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (Darwin)
Comment: Using GnuPG with undefined - http://www.enigmail.net/
iQEVAwUBUw9kiHD1/YhP6VMHAQLh7Af/U4gqXDaE/9wJOdp/KvpIX9CvJIUPuX8L
Is/iAS2U/vLbZgh2o26NIsOfd+4cr+uR1OIrtPeUjDkvxFL17qo4SaZf0Sn8TTX5
BVX2b2OG1M6k+cxRmt+mV3UeRAzvzSoKUIhXTju7QbwcIG/SL1w8pCyLrBPIK0w1
O7sPl+eR2cF9cvY5M1pmfb+CBc/p1djn2bkeOT4lZf8BjRSqTxUbNP7HXIT9743A
vGBjCi7HsDSKHK4EaDlmtgsH3q9L5MtJQzL0ScDEcghzedhfsk4vf/96ipmhnfAQ
dXuBgWrztaNyNKxpg0IkHWlA7nUS9IWLEz6EjHG17yxuI/jRhHEnLQ==
=9aHd
-END PGP SIGNATURE-
Re: [Dovecot] Error Initializing mail storage ... after upgrading to 2.2.10
Am 27.02.14 17:06, schrieb Steffen: Götz Reinicke - IT Koordinator wrote: Am 27.02.14 09:41, schrieb Steffen Kaiser: I suggest to turn on mail_debug, then you see all paths a.s.o. Switched it on, but there are no more error messages. But you'll see lines with home= mail= a.s.o. Are these settings correct? Maybe, post them, too. I just realised, that I used just a basic configuration (from the migration); I just added and started with the big conf.d and added my setting. There is still the same problem/error in the log, but with some more text: E.g. the rechnungseingang-finanzbuchhaltung looks like: Feb 27 16:59:55 imap(rechnungseingang-finanzbuchhaltung): Debug: Effective uid=3473, gid=1182, home=/home/misc_accounts/rechnungseingang-finanzbuchhaltung Feb 27 17:02:11 imap(rechnungseingang-animationsinstitut): Debug: Effective uid=3474, gid=1182, home= Feb 27 17:02:11 auth-worker(19896): Debug: pam(rechnungseingang-animationsinstitut,172.17.25.85): lookup service=dovecot Feb 27 17:02:11 auth-worker(19896): Debug: pam(rechnungseingang-animationsinstitut,172.17.25.85): #1/1 style=1 msg=Password: Feb 27 17:02:11 auth: Debug: client passdb out: OK 1 user=rechnungseingang-animationsinstitut Feb 27 17:02:11 auth-worker(19896): Debug: passwd(rechnungseingang-animationsinstitut,172.17.25.85): lookup Feb 27 17:02:11 auth: Debug: master userdb out: USER3536191489 rechnungseingang-animationsinstitut system_groups_user=rechnungseingang-animationsinstitut uid=3474 gid=1182homeauth_token=58932681706c22720023a40104779c049ae2ac42 Feb 27 17:02:11 imap-login: Info: Login: user=rechnungseingang-animationsinstitut, method=PLAIN, rip=172.17.25.85, lip=193.196.129.3, mpid=21531, TLS, session=dAWscWXzyQCsERlV Feb 27 17:02:11 imap(rechnungseingang-animationsinstitut): Debug: Effective uid=3474, gid=1182, home= Feb 27 17:02:11 imap(rechnungseingang-animationsinstitut): Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=mbox:~/:INBOX=/var/mail/rechnungseingang-animationsinstitut Feb 27 17:02:11 imap(rechnungseingang-animationsinstitut): Error: user rechnungseingang-animationsinstitut: Initialization failed: Namespace '': Home directory not set for user. Can't expand ~/ for mail root dir in: ~/:INBOX=/var/mail/rechnungseingang-animationsinstitut Feb 27 17:02:11 imap(rechnungseingang-animationsinstitut): Error: Invalid user settings. Refer to server log for more information. -- Götz Reinicke IT-Koordinator Tel. +49 7141 969 82 420 E-Mail goetz.reini...@filmakademie.de Filmakademie Baden-Württemberg GmbH Akademiehof 10 71638 Ludwigsburg www.filmakademie.de Eintragung Amtsgericht Stuttgart HRB 205016 Vorsitzender des Aufsichtsrats: Jürgen Walter MdL Staatssekretär im Ministerium für Wissenschaft, Forschung und Kunst Baden-Württemberg Geschäftsführer: Prof. Thomas Schadt smime.p7s Description: S/MIME Cryptographic Signature
Re: [Dovecot] Dovecot2 vs. AD, Inactivity during authentication
Hi, have you verified from you AD logs that dovecot is sending the same thing as your ldapsearch? -- Computerisms Bob Miller 867-334-7117 / 867-633-3760 http://computerisms.ca On Thu, 2014-02-27 at 12:58 +0100, Jeroen Scheerder wrote: Quoth Jeroen Scheerder (27 Feb 2014, 12:38): Here's what I see in the logs: Feb 27 12:25:49 mail.info ponyboy dovecot: imap-login: Disconnected: Inactivity during authentication (disconnected while authenticating, waited 172 secs): user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured, session=r/ERi2HzQAB/AAAB Feb 27 12:26:42 mail.err ponyboy dovecot: auth: Error: PLAIN(js,127.0.0.1,r/ERi2HzQAB/AAAB): Request 74099.1 timed out after 225 secs, state=1 Logging to file instead of syslog, I see a bit more: Feb 27 12:45:27 auth: Debug: Loading modules from directory: /usr/local/lib/dovecot/auth Feb 27 12:45:27 auth: Debug: Wrote new auth token secret to /var/run/dovecot/auth-token-secret.dat Feb 27 12:45:27 auth: Debug: auth client connected (pid=74241) Feb 27 12:45:31 auth: Debug: client in: AUTH1 PLAIN service=imap secured session=9QHH22HzYgB/AAABlip=127.0.0.1 rip=127.0.0.1 lport=143 rport=64354 resp=hidden Feb 27 12:45:31 auth: Debug: ldap(js,127.0.0.1,9QHH22HzYgB/AAAB): bind search: base=dc=office,dc=on2it,dc=net filter=((ObjectClass=person)(sAMAccountName=js)) Feb 27 12:48:27 imap-login: Info: Disconnected: Inactivity during authentication (disconnected while authenticating, waited 176 secs): user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured, session=9QHH22HzYgB/AAAB Feb 27 12:49:16 auth: Debug: ldap(js,127.0.0.1,9QHH22HzYgB/AAAB): result: sAMAccountName=js; sAMAccountName unused Feb 27 12:49:16 auth: Debug: ldap(js,127.0.0.1,9QHH22HzYgB/AAAB): result: sAMAccountName=js Feb 27 12:49:16 auth: Error: PLAIN(js,127.0.0.1,9QHH22HzYgB/AAAB): Request 74241.1 timed out after 225 secs, state=1 Feb 27 12:49:16 auth: Debug: client in: CANCEL 1 Feb 27 12:49:18 auth: Debug: client passdb out: FAIL1 user=js temp Using ldapsearch on this very host, I have verified that this particular ldap query, with the same authenticated bind, actually works: ponyboy% time ldapsearch -o ldif-wrap=no -x -LLL -E pr=200/noprompt -w suppressed \ -H ldap://dc2.office.on2it.net -b dc=office,dc=on2it,dc=net -D suppressed -s sub \ '((ObjectClass=person)(sAMAccountName=js))' sAMAccountName dn: CN=Jeroen Scheerder,OU=Users,OU=Netherlands,OU=ON2IT,DC=office,DC=on2it,DC=net sAMAccountName: js # refldap://DomainDnsZones.office.on2it.net/DC=DomainDnsZones,DC=office,DC=on2it,DC=net # refldap://ForestDnsZones.office.on2it.net/DC=ForestDnsZones,DC=office,DC=on2it,DC=net # refldap://office.on2it.net/CN=Configuration,DC=office,DC=on2it,DC=net # pagedresults: cookie= ldapsearch -o ldif-wrap=no -x -LLL -E pr=200/noprompt -w [...] -H0.00s user 0.00s system 19% cpu 0.019 total
Re: [Dovecot] Dovecot Migration: Retrieving/Logging POP/IMAP Passwords in Plaintext
On Thu, Feb 27, 2014 at 4:32 PM, Charles Marcus
cmar...@media-brokers.comwrote:
On 2/27/2014 9:20 AM, Traiano Welcome trai...@gmail.com wrote:
I agree. Once upgraded to a reasonably recent version, though, what
configuration would I use to log plaintext passwords, then ?
http://wiki2.dovecot.org/Logging
Scroll down to the bottom...
From the wiki:
auth_debug_passwords=yes does everything that auth_debug=yes does, but it
also removes password hiding (but only if you are not using PAM, since PAM
errors aren't written to Dovecot's own logs).
Looks like upgrading won't help either, as I'm using pam:
---
passdb pam {
}
userdb passwd {
}
---
--
Best regards,
Charles
Re: [Dovecot] Quota-Status issue
Thanks for the help. For some reason I couldn't find the dovecot log
before, but there it was staring me in the face, haha.
Here's the error I was getting:
Feb 27 14:55:06 auth-worker(30525): Error: sql(t...@example.com): User
query failed: Unknown column 'mailbox.enablequota-status' in 'where
clause'
Feb 27 14:55:06 quota-status: Error: user t...@example.com: Auth USER
lookup failed
Looks like it was missing a column in the table. Was able to fix it by
adding:
ALTER TABLE vmail.umailbox ADD `enablequota-status` tinyint(1) DEFAULT 1
AFTER `enablelib-storage`;
Now it works as expected!
printf recipient=t...@example.com\nsize=12304\n\n | nc 127.0.0.1
12340
action=552 5.2.2 Mailbox is full
Once again, thanks for the help. Everything is working smoothly now.
On Mon, Feb 24, 2014 at 5:56 PM, Charles Sprickman sp...@bway.net wrote:
On Feb 20, 2014, at 5:12 PM, Cyberonic Turbo wrote:
Following this guide:
http://sys4.de/en/blog/2013/04/08/postfix-dovecot-mailbox-quota/ I can't
seem to get it to work, as soon as I add the smtpd_recipient_restrictions
setting to postfix I can no longer send mail at all. I get the message
SMTP
Error (450): Failed to add recipient postmas...@example.com (4.7.1 :
Recipient address rejected: Internal error occurred. Refer to server log
for more information.). I googled around and found this command to test
the
quota-status service: printf recipient=postmaster at
example.com\nsize=1234\n\n
| nc 127.0.0.1 12340
It seems to always return the quota_status_nouser message. I'm really
stumped here. What logs do I need to check for errors and does anyone
have
any experience with this?
I'm not an expert, I just followed the same guide a few days ago
while preparing to front an old vpopmail system with postfix. It
did work for me.
Before moving on to enabling the check in postfix, verify that the
dovecot side is working.
Your example test should work, I did the same here:
[root@util-b /usr/local/etc/postfix]# printf
recipient=c...@test.bway.net\nsize=12304\n\n
| nc mbox.i 25001
action=DUNNO
[root@util-b /usr/local/etc/postfix]# printf
recipient=c...@test.bway.net\nsize=1234\n\n
| nc mbox.i
25001 action=552 5.2.2 Mailbox is full
If that fails for you, examine the dovecot log. In my case, I did
have to provide the full path to the quota-status binary and
dovecot complained about not being able to find it. Make sure you
actually have quota-status installed. Full dovecot snippet for this
below:
# report quota to postfix
# see http://sys4.de/en/blog/2013/04/08/postfix-dovecot-mailbox-quota/
plugin {
quota_status_success = DUNNO
quota_status_nouser = DUNNO
quota_status_overquota = 552 5.2.2 Mailbox is full
}
service quota-status {
executable = /usr/local/libexec/dovecot/quota-status -p postfix
inet_listener {
address = 10.x.x.19 # In my case I want it listening on a
particular IP
port = 25001
}
client_limit = 5
}
If the dovecot portion is working, then move on to your postfix logs...
Charles
I'm running Dovect 2.2.10 with Postfix 2.6.6
Here's my dovecot -n result:
# 2.2.10: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-431.5.1.el6.x86_64 x86_64 CentOS release 6.5 (Final)
auth_master_user_separator = *
auth_mechanisms = PLAIN LOGIN
dict {
acl = mysql:/etc/dovecot/dovecot-share-folder.conf
quotadict = mysql:/etc/dovecot/dovecot-used-quota.conf
}
first_valid_uid = 2000
last_valid_uid = 2000
listen = *
log_path = /var/log/dovecot.log
mail_gid = 2000
mail_location = maildir:/%Lh/Maildir/:INDEX=/%Lh/Maildir/
mail_plugins = quota
mail_uid = 2000
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character
vacation subaddress comparator-i;ascii-numeric relational regex
imap4flags
copy include variables body enotify environment mailbox date ihave
namespace {
inbox = yes
location =
prefix =
separator = /
type = private
}
namespace {
list = children
location = maildir:/%%Lh/Maildir/:INDEX=/%%Lh/Maildir/Shared/%%u
prefix = Shared/%%u/
separator = /
subscriptions = yes
type = shared
}
passdb {
args = /etc/dovecot/dovecot-mysql.conf
driver = sql
}
passdb {
args = /etc/dovecot/dovecot-master-users-password
driver = passwd-file
master = yes
}
plugin {
acl = vfile
acl_shared_dict = proxy::acl
auth_socket_path = /var/run/dovecot/auth-master
autocreate = INBOX
autocreate2 = Sent
autocreate3 = Trash
autocreate4 = Drafts
autocreate5 = Junk
autosubscribe = INBOX
autosubscribe2 = Sent
autosubscribe3 = Trash
autosubscribe4 = Drafts
autosubscribe5 = Junk
quota = dict:user::proxy::quotadict
quota_grace = 10%%
quota_rule = *:storage=1G
quota_status_nouser = DUNNO
quota_status_overquota = 552 5.2.2 Mailbox is full
quota_status_success = DUNNO
quota_warning
[Dovecot] Converting old emails to compressed format
Hello, I know this question has already been asked, but I would really like a solution here as I tried all I could find on the wiki or mail archives I am now running dovecot 2.2.12 Compression works fine for new mails, so zlib works Mails are currently stored using dbox So I tried for testing dsync -D -v mirror -u user -m Archives dbox:~/temp dsync -o plugin/zlib_save=xz -D -v mirror -u user -m Archives dbox:~/temp dsync -o plugin/zlib_save= -D -v mirror -u user -m Archives dbox:~/temp dsync -o plugin/zlib_save= -D -v mirror -u user -m Archives maildir:~/temp dsync -o plugin/zlib_save=xz -D -v mirror -u user -m Archives maildir:~/temp And also converting again those maildir messages to dbox (just in case it wouldn't work from dbox format) And also with backup instead of mirror None of this actually works, mails are indeed copied, but not compressed So I am wondering if there is a way to compress those mails? Thank you smime.p7s Description: S/MIME Cryptographic Signature
Re: [Dovecot] Error Initializing mail storage ... after upgrading to 2.2.10
G?tz Reinicke writes: mail_location = mbox:~/:INBOX=/var/mail/%u ... Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=mbox:~/:INBOX=/var/mail/rechnungseingang-animationsinstitut Feb 27 17:02:11 imap(rechnungseingang-animationsinstitut): Error: user rechnungseingang-animationsinstitut: Initialization failed: Namespace '': Home directory not set for user. Can't expand ~/ for mail root dir in: ~/:INBOX=/var/mail/rechnungseingang-animationsinstitut Hmm, I don't have a trialing '/' in my mail_location, so maybe you can try leaving it off too just to check. mbox:~:INBOX=/var/mail/%u Also, is your home directory well defined in your userdb? Check output of doveadm user rechnungseingang-animationsinstitut Joseph Tam jtam.h...@gmail.com
[Dovecot] Logging authentication failures when Dovecot's auth service used to authenticate postfix smtpd
Hello,
tl;dr: Is there a way to get dovecot's auth to log failed smtp
authentications without having to switch on auth_verbose?
postfix version 2.11.0 and dovecot version 2.2.12
I'm currently migrating my postfix+courier to postfix+dovecot and so
far it's working as expected. Except for logging smtp login failures.
Despite Postfix logging successful authentications (see sample below),
it doesn't log failed smtp logins.
Feb 25 22:28:53 mailer2 postfix/submission[20274]: C981B20198:
client=A-B-C-D.*.net[A.B.C.D]:63107, sasl_method=PLAIN,
sasl_username=j...@example.net
And since my postfix setup authenticates virtual users through
Dovecot's auth, I thought maybe dovecot could report smtp login
failures the same way it reports imap and pop3 login failures.
Below is a sample extracted from info_log_path after several imap
and pop3 login failures. (Obviously the IP 255 is made up and
irrelevant for this mater).
# begin extract /var/log/dovecot-info.log
2014-02-27 21:14:26 auth: Info:
passwd-file(j...@example.net,255.255.255.255,Y0lbzmnzfwAuQV80):
Password mismatch
2014-02-27 21:16:46 auth: Info:
passwd-file(foobar,255.255.255.255,Y0lbzmnzfwAuQV80): unknown user
2014-02-27 21:52:00 auth: Info:
passwd-file(f...@example.net,255.255.255.255,0Su6VGrzGwAuQV80):
unknown user
2014-02-27 21:53:35 auth: Info:
plain(?,255.255.255.255,0Su6VGrzGwAuQV80): Empty username
2014-02-27 21:53:55 auth: Info:
plain(?,255.255.255.255,0Su6VGrzGwAuQV80): Username character
disallowed by auth_username_chars: 0x5c (username: \0)
2014-02-27 22:08:05 auth: Info: plain(?,255.255.255.255): invalid input
2014-02-27 22:09:36 auth: Info:
passwd-file(j...@example.net,255.255.255.255): Password mismatch
2014-02-27 22:09:53 auth: Info: login(?,255.255.255.255): Empty username
# end extract
I've tried adding -L -o info_log_path=/var/log/dovecot-info.log to
the both auth and auth-worker services but that yield nothing.
--%
auth_mechanisms = plain login
auth_verbose = yes
base_dir = /var/run/dovecot/
info_log_path = /var/log/dovecot-info.log
log_path = /var/log/dovecot.log
log_timestamp = %Y-%m-%d %H:%M:%S
passdb {
args = scheme=CRYPT username_format=%u /etc/dovecot/virtual_users
driver = passwd-file
}
userdb {
args = username_format=%u /etc/dovecot/virtual_users
default_fields = uid=vmail gid=vmail
driver = passwd-file
override_fields = home=/home/vmail/%d/%u
result_failure = return-fail
result_internalfail = return-fail
}
service auth-worker {
executable = auth -w -L -o info_log_path=/var/log/dovecot-info.log
}
service auth {
executable = auth -L -o info_log_path=/var/log/dovecot-info.log
unix_listener /var/spool/postfix/private/dovecot-auth {
group = postfix
user = postfix
mode = 0660
}
}
service lmtp {
executable = lmtp -L -o info_log_path=/var/log/dovecot-info.log
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
user = postfix
mode = 0660
}
}
--%
The relevant postfix config is ...
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/dovecot-auth
virtual_transport = lmtp:unix:private/dovecot-lmtp
Re: [Dovecot] Dovecot2 vs. AD, Inactivity during authentication
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, 27 Feb 2014, Jeroen Scheerder wrote:
passdb {
args = /usr/local/etc/dovecot/on2it-ldap-users.cfg
driver = ldap
}
userdb {
args = /usr/local/etc/dovecot/on2it-ldap-users-userdb.cfg
driver = ldap
}
$ cat /usr/local/etc/dovecot/on2it-ldap-users.cfg
hosts = dc2.office.on2it.net
ldap_version = 3
base = dc=office,dc=on2it,dc=net
scope=subtree
auth_bind = yes
dn = [suppressed]
dnpass = [suppressed]
pass_attrs = sAMAccountName=user
user_attrs = \
=home=/var/mail/on2it/%{ldap:sAMAccountName}, \
=mail=maildir:/var/mail/on2it/%{ldap:sAMAccountName}
you must not use home dir == mail dir, search list about what wired
things can happen, if you do. But this has nothing to do with your auth
problem.
user_filter = ((ObjectClass=person)(sAMAccountName=%u))
pass_filter = ((ObjectClass=person)(sAMAccountName=%u))
iterate_attrs = sAMAccountName=user
iterate_filter = (objectClass=person)
$ ls -l /usr/local/etc/dovecot/on2it-ldap-users-userdb.cfg
lrwxr-xr-x 1 root wheel 20 Feb 27 12:07
/usr/local/etc/dovecot/on2it-ldap-users-userdb.cfg - on2it-ldap-users.cfg
Feb 27 12:49:16 auth: Debug: ldap(js,127.0.0.1,9QHH22HzYgB/AAAB): result:
sAMAccountName=js; sAMAccountName unused
Feb 27 12:49:16 auth: Debug: ldap(js,127.0.0.1,9QHH22HzYgB/AAAB): result:
sAMAccountName=js
This puzzles me, sAMAccountName unused should mean that Dovecot does not
use the attribute, which contradicts the definition of pass_attrs. Do you
have wiered characters in/around the line pass_attrs =
sAMAccountName=user? Maybe a Windows linebreak ^M / \r or something? A
Unicode non-breakable space? Did you stopped, killed any remaining Dovecot
processes and restarted Dovecot - just to be sure?
Maybe, add sAMAccountName=user to user_attrs, too.
- --
Steffen Kaiser
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
iQEVAwUBUxA7WXD1/YhP6VMHAQKX4ggA1Zn7M3ADyVmqxtYT3aiNW429RiFLnKrX
ql8YZUS+ZPAKP7aBzEFZqUFKc3UkP9yR6QfZPoJC/x3DJqnKZZTW6dJl2vDkXVth
KUA1OotQVE21E85mbZR8zUYwKGl05saYwJb/4HpfP56xX8PbaItAUPISwPa5LAYK
aShfHZ/dD0Qq49eEMqa/ErG/3ntUQfD162UCiKMspUh91i4enEt1WQ2j4cSRN3BV
iSwx3U337uFYyUCqAhiUG7dtHU8CH2GD6RNFM/m3JXYZWg91zgKveBNJ4pGzV8mU
bb5pJ2KAhUQIjXnCgZrSSVIkgUr6KOMr0gkztACNvwhm78TF45WAbg==
=Y/0n
-END PGP SIGNATURE-
Re: [Dovecot] Error Initializing mail storage ... after upgrading to 2.2.10
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 27 Feb 2014, Götz Reinicke - IT Koordinator wrote: Am 27.02.14 17:06, schrieb Steffen: Götz Reinicke - IT Koordinator wrote: Am 27.02.14 09:41, schrieb Steffen Kaiser: I suggest to turn on mail_debug, then you see all paths a.s.o. Switched it on, but there are no more error messages. But you'll see lines with home= mail= a.s.o. Are these settings correct? Maybe, post them, too. I just realised, that I used just a basic configuration (from the migration); I just added and started with the big conf.d and added my setting. There is still the same problem/error in the log, but with some more text: E.g. the rechnungseingang-finanzbuchhaltung looks like: Feb 27 16:59:55 imap(rechnungseingang-finanzbuchhaltung): Debug: Effective uid=3473, gid=1182, home=/home/misc_accounts/rechnungseingang-finanzbuchhaltung Feb 27 17:02:11 imap(rechnungseingang-animationsinstitut): Debug: Effective uid=3474, gid=1182, home= list=yes, subscriptions=yes location=mbox:~/:INBOX=/var/mail/rechnungseingang-animationsinstitut See that next Info line: Home directory not set for user. Can't expand ~/ for mail root dir in: ~/ In contrast to rechnungseingang-finanzbuchhaltung your userdb does not return no home dir for rechnungseingang-animationsinstitut, therefore your mail_location ~/ expands to the root directory /. You have to correct your userdb. Maybe you need to clean the cache: doveadm auth cache flush - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUxA8zHD1/YhP6VMHAQLexQgAjIEJcpptztDfWUt+P/T5jOC6GNgZLGKw BqCLrlwfmFFmSKiwqrNee2mSTjIHtAE15doeBrTclh1Hhmdgq+rdRNydBc6TRbXe eXqZujdutDJPL1iZdNP3yT1p1lALKNPlqIraey7URUTQqSRwMymDmjHF4woY2VR4 wYnZb+PCcgWhIgLykTaV7gu7L1jVwzf7mH9liFZkTjOt0zHYzOXZ1jJ+K3X7TvBA jLQmxUp0ygCmAgd1Wl10El5e5RxMyZXvCOGiF++Rv4TJAJSxer1hgzSSY9EEv6wM kN3qkcGfXlmySYwNihk4Cf4xqqKryr364EIkBlEmYli5VLvxpY8WLg== =RgoZ -END PGP SIGNATURE-
