Multiple passwords for a user (SQL)
Hi everyone, I'm not sure if this has been discuessed already as I coun't find anything in the archives - maybe I'm looking for the wrong thing. I want to build something similar to googles app passwords where your use a different password (strong, auto generated) for each device / app. In general I think this is pretty easy on the database side as I just need a password table and link say the passwords with an user_id to the corresponding user in the users table - one use has many passwords (1:n). for dovecot this means that it will get multiple rows with passwords back from the password_query. is there a way to tell dovecot to check all those returned passwords and pass the request if one of those passwords match? thank you, best regards Marco
Re: v2.2.14.rc1 released
Il 03/10/2014 17:34, Timo Sirainen ha scritto: http://dovecot.org/releases/2.2/rc/dovecot-2.2.14.rc1.tar.gz http://dovecot.org/releases/2.2/rc/dovecot-2.2.14.rc1.tar.gz.sig Hi Timo, after upgrade from 2.2.13 I found this error/crash in the log: Oct 06 12:00:35 imap(myem...@mydomain.com): Error: Corrupted transaction log file /mystorage/mydomain.com/myemail/Maildir/dovecot.index.log seq 39: Invalid transaction log size (32688 vs 32812): /mystorage/mydomain.com/myemail/Maildir/dovecot.index.log (sync_offset=32688) Oct 06 12:00:35 imap(myem...@mydomain.com): Error: Log synchronization error at seq=0,offset=0 for /mystorage/mydomain.com/myemail/Maildir/dovecot.index: Append with UID 3009, but next_uid = 3010 Oct 06 12:00:35 imap(myem...@mydomain.com): Error: /mystorage/mydomain.com/myemail/Maildir/dovecot.index view syncing failed to apply changes Oct 06 12:00:35 imap(myem...@mydomain.com): Panic: file index-sync.c: line 265 (index_mailbox_sync_next_expunge): assertion failed: (range-seq2 = ctx-messages_count) Oct 06 12:00:35 imap(myem...@mydomain.com): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x743aa) [0x7f43f1f893aa] - /usr/lib/dovecot/libdovecot.so.0(+0x74426) [0x7f43f1f89426] - /usr/lib/dovecot/libdovecot.so.0(i_error+0) [0x7f43f1f3c0ff] - /usr/lib/dovecot/libdovecot-storage.so.0(+0xb159c) [0x7f43f22a359c] - dovecot/imap(imap_sync_more+0xc3) [0x41fc93] - dovecot/imap() [0x4203b7] - dovecot/imap(cmd_sync_delayed+0x209) [0x420879] - dovecot/imap(client_handle_input+0x1ed) [0x41785d] - dovecot/imap(client_input+0x6f) [0x417b1f] - /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x5b) [0x7f43f1f9a57b] - /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0xaf) [0x7f43f1f9b74f] - /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x9) [0x7f43f1f9a609] - /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x38) [0x7f43f1f9a698] - /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f43f1f40fd3] - dovecot/imap(main+0x2b0) [0x421050] - /lib/libc.so.6(__libc_start_main+0xfd) [0x7f43f1bd1cad] - dovecot/imap() [0x40be49] Oct 06 12:00:35 imap(myem...@mydomain.com): Fatal: master: service(imap): child 5440 killed with signal 6 (core dumped) (gdb) bt full #0 0x7f43f1be4ed5 in raise () from /lib/libc.so.6 No symbol table info available. #1 0x7f43f1be7ce0 in abort () from /lib/libc.so.6 No symbol table info available. #2 0x7f43f1f893a0 in default_fatal_finish (type=value optimized out, status=0) at failures.c:193 backtrace = 0x16371d8 /usr/lib/dovecot/libdovecot.so.0(+0x743aa) [0x7f43f1f893aa] - /usr/lib/dovecot/libdovecot.so.0(+0x74426) [0x7f43f1f89426] - /usr/lib/dovecot/libdovecot.so.0(i_error+0) [0x7f43f1f3c0ff] - /usr/lib/d... #3 0x7f43f1f89426 in i_internal_fatal_handler (ctx=0x7fff49a9e420, format=value optimized out, args=value optimized out) at failures.c:657 status = 0 #4 0x7f43f1f3c0ff in i_panic (format=0x1540 Address 0x1540 out of bounds) at failures.c:267 ctx = {type = LOG_TYPE_PANIC, exit_status = 0, timestamp = 0x0} args = {{gp_offset = 40, fp_offset = 48, overflow_arg_area = 0x7fff49a9e4f0, reg_save_area = 0x7fff49a9e430}} #5 0x7f43f22a359c in index_mailbox_sync_next_expunge (ctx=0x166a410, sync_rec_r=value optimized out) at index-sync.c:265 range = 0x16de140 __FUNCTION__ = index_mailbox_sync_next_expunge #6 0x0041fc93 in imap_sync_more (ctx=0x16cc9c0) at imap-sync.c:536 str = 0x1637050 ret = value optimized out __FUNCTION__ = imap_sync_more #7 0x004203b7 in cmd_sync_continue (sync_cmd=0x16595f0) at imap-sync.c:658 cmd = value optimized out prev = value optimized out client = 0x16589f0 ctx = 0x16cc9c0 ret = value optimized out __FUNCTION__ = cmd_sync_continue #8 0x00420879 in cmd_sync_client (client=value optimized out) at imap-sync.c:748 ctx = 0x0 flags = value optimized out client = 0x16589f0 imap_flags = value optimized out no_newmail = value optimized out #9 cmd_sync_delayed_real (client=value optimized out) at imap-sync.c:878 cmd = value optimized out #10 cmd_sync_delayed (client=value optimized out) at imap-sync.c:886 _data_stack_cur_id = 3 ret = value optimized out #11 0x0041785d in client_handle_input (client=0x16589f0) at imap-client.c:904 ret = true remove_io = false handled_commands = true __FUNCTION__ = client_handle_input #12 0x00417b1f in client_input (client=0x16589f0) at imap-client.c:931 cmd = value optimized out output = 0x1659430 bytes = value optimized out __FUNCTION__ = client_input #13 0x7f43f1f9a57b in io_loop_call_io (io=0x16731b0) at ioloop.c:478 ioloop = 0x163f740 t_id = 2 __FUNCTION__ = io_loop_call_io #14 0x7f43f1f9b74f in
Re: Multiple passwords for a user (SQL)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 6 Oct 2014, Marco Fretz wrote: corresponding user in the users table - one use has many passwords (1:n). for dovecot this means that it will get multiple rows with passwords back from the password_query. is there a way to tell dovecot to check all those returned passwords and pass the request if one of those passwords match? I think no, but you could craft a PAM module and use the pam passdb or supply a checkpassword script: http://wiki2.dovecot.org/PasswordDatabase - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBVDKCaHz1H7kL/d9rAQLIAgf/do+D2ZVWBOaAbFB9Vv6SyYQ3mdzI19B7 hGZw3NlVpd1XAtSzb6r2zNardtH0Z/q2LvP71WjSFt5LQL4mye/N1LPsz0n8CoCf 0Vzhudo/WVUZts3W30cr6bfVnjJwfoXbhNjCKjK+evY5C6bt+q5YTGbNkCmgAMGC 2Lc0aFVkA12beSWydtjfUf3tkqXTXr8bJIoaCIuPd9YneZZX+p5b0n99MrToQwC8 WfVwogG6FEXiV7FbAcG+kMzYSB9+gIuMyFPqIr5HNVaGcjkF4PySuDHGMBbyQ8yw 9xPpR/xJ6kf6lnl76db0RJTGua42Szvv9tTu1RE4gDXWq8MepwkoNQ== =24Co -END PGP SIGNATURE-
Default file names for sent, trash, etc.
Hi, I use dovecot 2.1 with mbox (pop3 imap). For imap I want set dovecot compatibile with my webmail. My webmail use filename for mbox as sent-mail , mail-trash, etc. How I can change from default Sent to check (create) sent-mail file ? -- View this message in context: http://dovecot.2317879.n4.nabble.com/Default-file-names-for-sent-trash-etc-tp49979.html Sent from the Dovecot mailing list archive at Nabble.com.
Help with shared folder
Hi dovecot guru.. I need some help configuring shared folder in my server.. This is the situation: DOVECOT 2.0.19 with POSTFIX - CLAMAV - AMAVISD - SPAMASSASSIN This is the production server and sharing folder between user work.. But i need some explanation.. 1) It's possible to share only a subfolder (E.G. = .INBOX.ESTERO) without share the main folder .INBOX? 2) Which is the best way (or best practice) to manage the dovecot-acl and dovecot-acl-list file?? Actually, i modifiy the dovecot-acl by hand (vi editor). but every time i modify it i need to restart the dovecot server to apply the configuration. And i need to reset the /var/run/dovecot/dict owner and group cause with dovecot restart the file go back in root:root owner - group Thank's in advance. Gianluca
Re: Default file names for sent, trash, etc.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 6 Oct 2014, bor400 wrote: For imap I want set dovecot compatibile with my webmail. My webmail use filename for mbox as sent-mail , mail-trash, etc. How I can change from default Sent to check (create) sent-mail file ? Dovecot does not care about the useage of the folders, but you can advice your clients with: http://wiki2.dovecot.org/MailboxSettings?highlight=%28special-use%29 - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBVDKdk3z1H7kL/d9rAQJiywgAnJ2WL7K6mWwE09tDlD6hSkl37Wa1ZvlJ igy43Q1bYbGlrzc3orXOu/aEfXxN0+4bLcMVdgAqX/2Jc8CJKlgwXdMIAO0OGMQt 3wpbhbtIwf2lvK1luCwQhdGAbFGKq9RXPX67eMPhKybk8jLSLwyzgtiOTDYVfasF mkB+mHYgoroWjDsjwOEnHz0ReMqvWcAGYbz4I+09zYCti71bShkkYhSHXecOeULc sIKL82HSOQsIlZs7sNxh0nqmYNgdIHOBdR/arur49QZvlxK0V5ztQa8754mHA21g Nd86nBdycK7IQsXcdiPYqtgGr1gsDO3GYqTIx3tShjtJl87GXsvDmA== =pqUt -END PGP SIGNATURE-
Re: Multiple passwords for a user (SQL)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Thank you Steffen, This sounds like a plan. checkpassword looks quite simple to use and I could still use default userdb with dovecot-sql for userhome, quota, etc. I'll give this a try. thanks Marco Am 06.10.2014 13:52, schrieb Steffen Kaiser: On Mon, 6 Oct 2014, Marco Fretz wrote: corresponding user in the users table - one use has many passwords (1:n). for dovecot this means that it will get multiple rows with passwords back from the password_query. is there a way to tell dovecot to check all those returned passwords and pass the request if one of those passwords match? I think no, but you could craft a PAM module and use the pam passdb or supply a checkpassword script: http://wiki2.dovecot.org/PasswordDatabase -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (MingW32) iQIcBAEBAgAGBQJUMqs9AAoJEKxm7Ju3UATuwIcP/jOLvioR1EsJCkhsHMG2GgoV bvafQznk8KOhTcTW0X3CrPRoV7D7Lmotw+2W3Z/YFR9w48ra/Tlf25PRGg7tv+KE Wx5xTFKZDzoXgW3Nn7Jg0ylBvgYTQQRFEZWBbwn+N/7hMfHagw0H66iaMqw3LV6A d6BnxjHI+Iq1w7EPPpplsMeqLMxSEbv1t7YrqC5n/ydnllRe7j4WFbkMYywAYxR5 WN8SfhuhvxFec3nSOftCVbVvVSFsAPN/n2OYxgVl5LvgLUdI9NUyqpxA/Rj2KVhb +V+/NB/TKEpIBe1Byeb1W8cLeijmgDWXiEQQhG8+3ld21cabqEyQvrRN93FJzHBx n71NTpNul98bZW4BPh4U2uzJMdDzbo8aD5WMJFwczrLwDj/CNhU2W2gh14F4AyhG W9eNRXn9ntdJ2hxhlCb8csLMf9rHd/XgzZkfGEzyvJKPRDONdD7HslP3gFAKo0du xoGe6fw3FJuGg16KkRFWE/dE25fk2y34iliqS1G3j4owMlj79pLV1JsDDI5A1heV f3JNUfMhb1b5lGAI31YoqG5/Ls/0bkMUT6p+BU2ZezYFAUSA2M3EwpsaJkwyu7Ov YTbAG7JOzp7dp/bk6R1PGg11qc9yDHBS4Rm4J+rdLFZ3ibImZ/+0Meb1pRbKLGwV iRaVYK07ag276MQqoLg3 =krqF -END PGP SIGNATURE-
Dovecot writing to mailbox user@domain
centOS 6.5, dovecot-2.0.9-7.el6_5.1.x86_64 This is frustrating, because I had it working before... I could deliver an email to a user user@domain, then connect to dovecot IMAP and see the mail, no problem! Then I was told we had to use cyrus, and I was dealing with it for a few weeks. Now we're back to dovecot, and the last backup I had of that config has postfix delivering mail to /var/vmail/username as I want and expect, but dovecot looks for and creates /var/vmail/user@domain which I DON'T want [joliver@test ~]$ dovecot -n # 2.0.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-431.el6.x86_64 x86_64 CentOS release 6.5 (Final) ext4 auth_username_format = %Lu mail_access_groups = mail mail_location = maildir:/var/vmail/%u/Maildir mail_privileged_group = mail mbox_write_locks = fcntl passdb { driver = pam } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } protocols = imap ssl_cert = /etc/pki/dovecot/certs/dovecot.pem ssl_key = /etc/pki/dovecot/private/dovecot.pem userdb { driver = passwd } userdb { args = uid=504 gid=505 home=/var/vmail/%u driver = static } [joliver@test ~]$ cat /etc/dovecot/dovecot-ldap.conf.ext hosts = localhost auth_bind = no ldap_version = 3 debug_level = 0 default_pass_scheme = SSHA base = ou=Users,dc=test,dc=com scope = subtree pass_filter = ((objectClass=user)(uid=%u)) pass_attrs = mail=user,userPassword=password -- *** * John Oliver http://www.john-oliver.net/ * * * ***
How best to confirm that dovecot LDA logging is working correctly?
Hello! I've posted to the list several times about a strange issue I'm having with dovecot LDA. When dovecot-lda is called in the context of a pipe script that is executed as the vmail user via the Dovecot Antispam plugin, dovecot-lda exits prematurely with status code 134. The dovecot deliver manual at http://wiki2.dovecot.org/LDA#logging states very clearly, If dovecot-lda fails to write to log files it exits with temporary failure. That's a curious note, because I believe that a temporary failure exit code may be what I'm dealing with here. When I drag an email from Inbox to SPAM to trigger Antispam, I see only this (and no further output beyond the last line) in syslog, which is the configured logging destination for LDA: imap: antispam: mailbox_is_unsure(Junk): 0 imap: antispam: mailbox_is_trash(INBOX): 0 imap: antispam: mailbox_is_trash(Junk): 0 imap: antispam: mail copy: from trash: 0, to trash: 0 imap: antispam: mailbox_is_spam(INBOX): 0 imap: antispam: mailbox_is_spam(Junk): 1 imap: antispam: mailbox_is_unsure(INBOX): 0 imap: antispam: mail copy: src spam: 0, dst spam: 1, src unsure: 0 imap: antispam: running mailtrain backend program /bin/bash imap: antispam: running mailtrain backend program /bin/bash imap: antispam: running mailtrain backend program parameter 1 /usr/local/bin/sa-learn-pipe.sh imap: antispam: running mailtrain backend program parameter 2 --spam By contrast, if I su to the vmail user and call the LDA executable with the same arguments that my pipe script does, I see all of the expected output in syslog, AND the message is delivered successfully: /usr/lib/dovecot/deliver -d sa-train...@localhost.com -m Training.SPAM -p /tmp/sendmail-msg-25169.txt lda: Debug: Loading modules from directory: /usr/lib/dovecot/modules lda: Debug: Module loaded: /usr/lib/dovecot/modules/lib10_quota_plugin.so lda: Debug: Module loaded: /usr/lib/dovecot/modules/lib90_sieve_plugin.so lda: Debug: auth input: sa-train...@localhost.com home=/var/vmail/localhost.com/sa-training mail=maildir:/var/vmail/localhost.com/sa-training/Maildir uid=5000 gid=5000 quota_rule=*:storage=0B sieve=/var/vmail/localhost.com/sa-training/.sieve lda: Debug: Added userdb setting: mail=maildir:/var/vmail/localhost.com/sa-training/Maildir lda: Debug: Added userdb setting: plugin/quota_rule=*:storage=0B lda: Debug: Added userdb setting: plugin/sieve=/var/vmail/localhost.com/sa-training/.sieve lda(sa-train...@localhost.com): Debug: Effective uid=5000, gid=5000, home=/var/vmail/localhost.com/sa-training lda(sa-train...@localhost.com): Debug: Quota root: name=user backend=dict args=:file:/var/vmail/localhost.com/sa-training/.quotausage lda(sa-train...@localhost.com): Debug: Quota rule: root=user mailbox=* bytes=0 messages=0 lda(sa-train...@localhost.com): Debug: Quota rule: root=user mailbox=Trash bytes=+104857600 messages=0 lda(sa-train...@localhost.com): Debug: Quota rule: root=user mailbox=Junk ignored lda(sa-train...@localhost.com): Debug: Quota rule: root=user mailbox=INBOX bytes=+104857600 messages=0 lda(sa-train...@localhost.com): Debug: Quota warning: bytes=0 (100%) messages=0 reverse=no command=quota-reached 100 sa-train...@localhost.com localhost.com lda(sa-train...@localhost.com): Debug: Quota warning: bytes=0 (95%) messages=0 reverse=no command=quota-warning 95 sa-train...@localhost.com localhost.com lda(sa-train...@localhost.com): Debug: Quota warning: bytes=0 (80%) messages=0 reverse=no command=quota-warning 80 sa-train...@localhost.com localhost.com lda(sa-train...@localhost.com): Debug: Quota warning: bytes=0 (100%) messages=0 reverse=yes command=quota-below below sa-train...@localhost.com localhost.com lda(sa-train...@localhost.com): Debug: Quota grace: root=user bytes=0 (10%) lda(sa-train...@localhost.com): Debug: dict quota: user=sa-train...@localhost.com, uri=file:/var/vmail/localhost.com/sa-training/.quotausage, noenforcing=0 lda(sa-train...@localhost.com): Debug: maildir++: root=/var/vmail/localhost.com/sa-training/Maildir, index=, indexpvt=, control=, inbox=/var/vmail/localhost.com/sa-training/Maildir, alt= lda(sa-train...@localhost.com): Debug: Quota root: name=user backend=dict args=:file:/var/vmail//raw mail user/.quotausage lda(sa-train...@localhost.com): Debug: Quota warning: bytes=0 (100%) messages=0 reverse=no command=quota-reached 100 raw mail user lda(sa-train...@localhost.com): Debug: Quota warning: bytes=0 (95%) messages=0 reverse=no command=quota-warning 95 raw mail user lda(sa-train...@localhost.com): Debug: Quota warning: bytes=0 (80%) messages=0 reverse=no command=quota-warning 80 raw mail user lda(sa-train...@localhost.com): Debug: Quota warning: bytes=0 (100%) messages=0 reverse=yes command=quota-below below raw mail user lda(sa-train...@localhost.com): Debug: Quota grace: root=user bytes=0 (10%) lda(sa-train...@localhost.com): Debug: dict quota: user=raw mail user, uri=file:/var/vmail//raw mail user/.quotausage, noenforcing=0 lda(sa-train...@localhost.com): Debug: none: root=,
Re: Dovecot writing to mailbox user@domain
Hi John, I'm guessing your problem is: mail_location = maildir:/var/vmail/%u/Maildir %u means 'username', and perhaps this serves you better: %n: User part in user@domain, same as %u if there's no domain. so: mail_location = maildir:/var/vmail/%n/Maildir I've had this same problem too MJ On 10/06/2014 06:38 PM, John Oliver wrote: centOS 6.5, dovecot-2.0.9-7.el6_5.1.x86_64 This is frustrating, because I had it working before... I could deliver an email to a user user@domain, then connect to dovecot IMAP and see the mail, no problem! Then I was told we had to use cyrus, and I was dealing with it for a few weeks. Now we're back to dovecot, and the last backup I had of that config has postfix delivering mail to /var/vmail/username as I want and expect, but dovecot looks for and creates /var/vmail/user@domain which I DON'T want [joliver@test ~]$ dovecot -n # 2.0.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-431.el6.x86_64 x86_64 CentOS release 6.5 (Final) ext4 auth_username_format = %Lu mail_access_groups = mail mail_location = maildir:/var/vmail/%u/Maildir mail_privileged_group = mail mbox_write_locks = fcntl passdb { driver = pam } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } protocols = imap ssl_cert = /etc/pki/dovecot/certs/dovecot.pem ssl_key = /etc/pki/dovecot/private/dovecot.pem userdb { driver = passwd } userdb { args = uid=504 gid=505 home=/var/vmail/%u driver = static } [joliver@test ~]$ cat /etc/dovecot/dovecot-ldap.conf.ext hosts = localhost auth_bind = no ldap_version = 3 debug_level = 0 default_pass_scheme = SSHA base = ou=Users,dc=test,dc=com scope = subtree pass_filter = ((objectClass=user)(uid=%u)) pass_attrs = mail=user,userPassword=password