Re: Where can I find change logs/release notes for Dovecot EE releases?
On 10/23/2014 12:35 AM, deoren wrote: I searched for them and haven't come across them yet. Could any point me in the right direction? Specifically the Ubuntu 12.04 package notes if they're split out. On a Debian based system you should find them in /usr/share/doc/dovecot-ee-core/chagnelog.gz On a Redhat based system it is /usr/share/doc/dovecot-ee-version/ChageLog br, Teemu Huovila
Re: Where can I find change logs/release notes for Dovecot EE releases?
On 10/23/2014 10:34 AM, Teemu Huovila wrote: On 10/23/2014 12:35 AM, deoren wrote: I searched for them and haven't come across them yet. Could any point me in the right direction? Specifically the Ubuntu 12.04 package notes if they're split out. On a Debian based system you should find them in /usr/share/doc/dovecot-ee-core/chagnelog.gz /usr/share/doc/dovecot-ee-core/changelog.gz
Re: special what's my ip pop account
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 22 Oct 2014, A. Schulze wrote: I like to enable the allow_nets Feature (http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/AllowNets) for my customers. To help them knowing there own IP I imagine a special mailbox/loginuser at the pop3 server. That user could give a valid pop3 answer from a dummy pop3 server or simply throw a login error with customised answer containing the IP information. let's put aside the question, if this way is sensible or not. I would give the http://wiki2.dovecot.org/PostLoginScripting a try. Maybe you can enable it for your dummy account via ExtraFields specifically. Because I wonder, if you will be successful with throw a login error with customised answer [any MUA displays what it wants], you might prefer a MUA-independ script or program that queries your server. And if you are at it, maybe a dummy server with a self-made script that returns +OK POP3 your IP is , then return +FAIL for any further command. You need to return the greeting and keep the connection open, in order to bypass IDS firewalls. Now back to sensible or not ;-) : Of course, if you use a dummy server (IP address) for probing the IP address, an intermediate firewall could re-route the connection differently. If you use another demon [port] on the same server, the same may happen. If you or your customers do not have control over the routing and final public IP address, that IP might change any now and then anyway. So, if you've experienced problems in this regard, you probably need to implement a completely different protection scheme, that are independed on the IP address. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBVEiwU3z1H7kL/d9rAQJJxwgAxEzY+h8Yfh2xTdvwX8wuVOcMVSzK2MLC Cfq4BitXPZEZliVL4un8b5SjFOhMFS32wG4DtlUxbkL6rrJUuM6U+2pUhOE6a1hM hAMAUyZYYwhCc517XfEkp+YEb85cCgaMX6BRfnWHnFklMAtWK3WoLlfY6ZzMeTt3 zPjgRlb0JRw5CPE5r6v9GElk4QdwR8LZAMvIzx1FcMv5lG/bOqIUAkoQewwzoIP5 vpWkfR3thkT0Dh4ibcoP5Vp7ecC+EDsJobOjBkRQIbCedojk0V515xsXK9h9q6qm 3JLTWNVO/PyoClgpVmNI0ZFW8S2vijc5DVb9lxr4neehBfTMNlZ9Gg== =2mdO -END PGP SIGNATURE-
Re: What is the correct way to configure the mail_location option for Mailidr format?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 22 Oct 2014, deoren wrote: On 10/22/2014 2:29 AM, Steffen Kaiser wrote: On Tue, 21 Oct 2014, deoren wrote: What is the correct way to configure the mail_location option for Mailidr format? mail_location = maildir:path I've long had it setup this way: mail_location = maildir:/var/vmail/%d/%n Is that correct? any path is OK, as long: 1) it identifies the mail storage uniquely for the user, 2) does not store any other information in it. Here is an example error message I ran into: stat(/var/vmail/example.com/username/.dovecot.lda-dupes/tmp) failed: Not a directory That's because you use $HOME == Maildir root. Looking at some other guides/tutorials shows something more like: mail_location = maildir:/var/vmail/%d/%n/Maildir Maildir is the default name for Maildir-type mail storeage root. No more, no less. If Dovecot is automatically detecting the type of storage, it probes for this directory name in $HOME. I assume the latter is how it's supposed to be done? If so, that would No, you are not supposed to do so. I did review the official docs here: http://wiki2.dovecot.org/MailLocation/Maildir but I didn't find where it explicitly warns against setting home == maildir root. It should probably be apparent, but it wasn't to me when I first it applies to all mail storages. Thanks for the reply and for answering my questions. Just to make sure I understand properly, I have a few additional questions that I am hoping will cement really drive the point home so to speak. Regarding the guide that I followed, it suggests the following userdb and mail_location configuration: userdb { driver = static args = uid=vmail gid=vmail home=/var/mail/vhosts/%d/%n } mail_location = maildir:/var/mail/vhosts/%d/%n This results in the $HOME == Maildir root situation which you mentioned shouldn't be done, correct? Instead mail_location should point to some other directory, Yes! perhaps one of: * mail_location = /var/mail/vhosts/%d/%n/Maildir * mail_location = ~/Maildir for instance, yes. If I understand properly the mail_location doesn't have to be a subdirectory within the home directory, it just typically is in common examples? If so, Yes again. And Maildir is just common and the default, but you could name the last path component anyway you like, even mbox, sdbox, or mdbox, but such name probably would confuse any admin, that take the server over, because the dir name does imply something different than Maildir. that guide should probably be updated to use one of the above mail_location settings. If you will confirm that is the case I'll submit a GitHub pull request as previously mentioned so it can be corrected. Apologies if this is rehashing what you've already said, I'm just looking to make sure I understand this 100%. So for cases where I have made the mistake like I mentioned above, how would I (properly) fix the problem? After stopping Dovecot, I ended up doing this: #1) service dovecot stop #2) cd /var/vmail/example.com/username/ #3) mkdir Maildir #4) mv -i * Maildir/ #5) mv -i .* Maildir/ #6) chown -R vmail:vmail /var/vmail/example.com/username/ #7) service dovecot start #5 will match .., too. Better: mv -i * .??* Maildir That will move the Sieve and LDA files, too, as you found out yourself, so: mkdir Maildir ; mv -i * .??* Maildir for file in Maildir/.dovecot.*; do test -f $file mv $file . done; mv Maildir/sieve_dir . The 1st mv moves all files into Maildir, the for loop is to move the sieve files back, and the 3rd mv moves the sieve folder back - you have to adjust your name there. which moved the content into the Maildir subfolder and fixed permissions back to what is specified in the conf files. I also adjusted mail_location like so: mail_location = maildir:~/Maildir and I made sure that the home setting is configured as /var/vmail/%d/%n That seems to work fine, but I still got error messages like this when using doveadm search Error: Syncing mailbox dovecot.lda-dupes failed: Internal error occurred. In my testing I found that I could move the file from this location: /var/vmail/example.com/username/Maildir/.dovecot.ldap-dupes to this one: /var/vmail/example.com/username/.dovecot.ldap-dupes choosing to overwrite the file if it should be there and the error message would not be generated anymore. This suggests that I shouldn't have moved it in the first place. Looking through the mailing list archives I found a message thread titled Lifetime of redirect info stored by Sieve in .dovecot.lda-dupes which indicates that the Message-ID and recipient of forwarded messages are stored in .dovecot.ldap-dupes files. I do forward mail daily from the two accounts where doveadm search generates the errors, so it sounds like I would probably be OK to just nuke the file in this location:
Re: special what's my ip pop account
Steffen Kaiser: I would give the http://wiki2.dovecot.org/PostLoginScripting a try. I never used PostLoginScripting before. I have concerns about additional serverload if that scripting is executed for every pop3 login and every user. ( and there are *many* ) Maybe you can enable it for your dummy account via ExtraFields specifically. That sounds I like additional scripting could be selective enabled via ExtraFields? It' try to find documentation ... Because I wonder, if you will be successful with throw a login error with customised answer [any MUA displays what it wants], you might prefer a MUA-independ script or program that queries your server. And if you are at it, maybe a dummy server with a self-made script that returns +OK POP3 your IP is , then return +FAIL for any further command. You need to return the greeting and keep the connection open, in order to bypass IDS firewalls. I also thought about that. Thanks for your constructive statement. Andreas
Public root folder is \Noselect
I am utilizing a public namespace via http://wiki2.dovecot.org/SharedMailboxes/Public and using sdbox storage format. How can I get rid of the \Noselect flag that is set by default for this folder? IMAP output: b LIST * * LIST (\HasNoChildren \Sent) / Sent * LIST (\HasNoChildren \Trash) / Trash * LIST (\Noselect \HasNoChildren) / Public * LIST (\HasNoChildren) / INBOX If this is not possible, what is the best way to create a sub-folder in here upon system setup (one w/o a \Noselect flag)? Thanks, G H
Invoking the spam checker on the sieve script
Hi. TL/DR version: Is it advisable to invoke an spam checker from the sieve script, and then, once the message is filtered, decide if should be moved to a certain spam folder? A bit more context on why I'm considering this: I'm just a geek who wants to handle his own mail, but not a great experience as a system administrator. I don't have any corporate setup, just a simple VPS with me as the only user. Previously I fetched all my mail through POP, and in the client of my PC I moved (lots of) mailing list traffic to its folders. Then, for those remaining messages (and only those remaining) I passed the spam filter and moved to spam folder. That's a significant saving since I have many mailing list subscriptions, and now I'm even using rss2email, so I have lots of email that is not spam. I moved to IMAP and my filters are server side with sieve, but I don't have spam filtering yet. I thought I could replicate the setup easily, but it seems nobody is doing that, and everyone has the mail already scored when it reaches sieve. Seems like the extprograms extension would be a fit, but again, nobody seems to mention on documentation, so I'm fearing I'm probably wrong. Suggestions? Thank you very much! -- Alex (a.k.a. suy) | GPG ID 0x0B8B0BC2 http://barnacity.net/ | http://disperso.net
Re: Invoking the spam checker on the sieve script
Am 23.10.2014 um 17:11 schrieb Alejandro Exojo: Hi. TL/DR version: Is it advisable to invoke an spam checker from the sieve script, and then, once the message is filtered, decide if should be moved to a certain spam folder? why not use i.e spamass milter with postfix to flag, and then use sieve global rule to sort in Users Imap Junk Folder, to download SPAM Mails in imap Junk folder via pop3 to , use dovecot virtual plugin see https://sys4.de/de/blog/2013/02/11/dovecot-virtual-setup-mit-globaler-sieve-spamfilter-regel-fur-pop3-nutzer/ sorry german only but configs should speak for its own A bit more context on why I'm considering this: I'm just a geek who wants to handle his own mail, but not a great experience as a system administrator. I don't have any corporate setup, just a simple VPS with me as the only user. Previously I fetched all my mail through POP, and in the client of my PC I moved (lots of) mailing list traffic to its folders. Then, for those remaining messages (and only those remaining) I passed the spam filter and moved to spam folder. That's a significant saving since I have many mailing list subscriptions, and now I'm even using rss2email, so I have lots of email that is not spam. I moved to IMAP and my filters are server side with sieve, but I don't have spam filtering yet. I thought I could replicate the setup easily, but it seems nobody is doing that, and everyone has the mail already scored when it reaches sieve. Seems like the extprograms extension would be a fit, but again, nobody seems to mention on documentation, so I'm fearing I'm probably wrong. Suggestions? i dont get what your problem is exactly but looks like you wanna pre sort mail about other stuff ( i.e. sender ) and doing spam sort at last, should be no problem with a sieve user rule if spam score is allready in the mail ( flagged by spamassassin before) etc Thank you very much! i wouldnt use extprograms for spam scanning, i see no need for it Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein
Re: Invoking the spam checker on the sieve script
El Thursday 23 October 2014, Robert Schetterer escribió: i dont get what your problem is exactly but looks like you wanna pre sort mail about other stuff ( i.e. sender ) and doing spam sort at last, should be no problem with a sieve user rule if spam score is allready in the mail ( flagged by spamassassin before) etc That most of my mail comes from 100% assured not spam sources: mailing lists that are already filtered or rss2email (the second probably can be skipped easily because it comes locally). I only have a small VPS, so I'm trying to save some resources if possible. Spamassassin consumes quite a lot, AFAIK. -- Alex (a.k.a. suy) | GPG ID 0x0B8B0BC2 http://barnacity.net/ | http://disperso.net
Re: Invoking the spam checker on the sieve script
Am 23.10.2014 um 18:19 schrieb Alejandro Exojo: El Thursday 23 October 2014, Robert Schetterer escribió: i dont get what your problem is exactly but looks like you wanna pre sort mail about other stuff ( i.e. sender ) and doing spam sort at last, should be no problem with a sieve user rule if spam score is allready in the mail ( flagged by spamassassin before) etc That most of my mail comes from 100% assured not spam sources: mailing lists that are already filtered or rss2email (the second probably can be skipped easily because it comes locally). I only have a small VPS, so I'm trying to save some resources if possible. Spamassassin consumes quite a lot, AFAIK. anyway if you want classify spam by your own you need some spam score software, if you know senders bypass them from spam scoring Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein
Re: special what's my ip pop account
Steffen Kaiser writes: let's put aside the question, if this way is sensible or not. [... continuing in nonsensible mode ...] And if you are at it, maybe a dummy server with a self-made script that returns +OK POP3 your IP is , then return +FAIL for any further command. Been there, done that (for a different problem). Not all mail readers will show you banners; to make this really work, you have to implement USER and PASS (accepts anything), STAT and LIST (one message available), RETR (dump your informational message payload), QUIT (disconnect), maybe TOP, and everything else is an +OK no-op. I patched Qualcomm's qpopper to do this. As to whether the OP *should* do this, definitely not. Find a better solution. Joseph Tam jtam.h...@gmail.com
Re: Invoking the spam checker on the sieve script
Am 2014-10-23 um 17:11 schrieb Alejandro Exojo: I moved to IMAP and my filters are server side with sieve, but I don't have spam filtering yet. I understand, that you do not want spamassassin (SA) to check lots of messages that are clean anyways. If you can call SA from sieve, as a condtion in an if clause, filtering should be no problem, should it? MUAs, e.g. Thunderbird (TB) also have good junk filters, so that might be an option too. In one account of mine, mail is filtered on the server and I later have TB filter the SPAM folder locally and occasionally they both disagree ;) False SA positives are more rare than false SA negatives. SA and TB score about the same, though TB seems to me to be more accustomed to my spool. On a server I administer, quite similar to your setup, very few users, I recently had to turn on greylisting, which proved exceptionally well in reducing SA load: Checking is done there during SMTP time. Of course this will not help in your case when the bulk will pass... I thought I could replicate the setup easily, but it seems nobody is doing that, and everyone has the mail already scored when it reaches sieve. Seems like the extprograms extension would be a fit, but again, nobody seems to mention on documentation, so I'm fearing I'm probably wrong. You can use this list to provide the missing documentation ;) -- peter
Sieve Advice Needed, Please
Anybody here familiar with the Sieve language? I'm rebuilding my mail server, and I am working with the sieve language to automatically filter spam into a separate account. However, I've hit a snag that I can't get around. BTW, I'm using a clean install of dovecot, postfix, spamassassin on Debian 7.5. I want to do server-side spam filtering, so I've got spamasassin identifying spam, and then have sieve sorting the mail to a special spam folder. I can easily send spam to special folder in the inbox for each mail user, but I wanted to have a single mail account for spam. I can use the redirect sieve command to send anything with the X-spam-flag set, but this triggers an error and bounces the offending mail. The bounce message is: From: mailer-dae...@nerdworld.org (Mail Delivery System) To: ca...@vmailservertest.nerdworld.org Subject: Undelivered Mail Returned to Sender Date: Sun, 19 Oct 2014 16:41:49 -0400 (EDT) This is the mail system at host VMailServerTest.NerdWorld.org. I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below. For further assistance, please send mail to postmaster. If you do so, please include this problem report. You can delete your own text from the attached returned message. The mail system s...@vmailservertest.nerdworld.org: mail forwarding loop for s...@vmailservertest.nerdworld.org From: ca...@vmailservertest.nerdworld.org Date: Sun, 19 Oct 2014 16:41:20 -0400 (EDT) viagra www.viagra.com I think this is a recursion problem, since the redirected mail has to go through the spamassassin check and sieve again. I tried to get clever and prevent the recursion, but I'm not clever enough. Here is my sieve rule file. # # # A rule to move spam to the spam user # based on spamassassin setting the spam flag # # # require [redirect]; (Not needed, since it is part of the basis sieve spec) # # rule:[SPAM] if header :contains X-Spam-Flag [YES] { if address :is to s...@vmailservertest.nerdworld.org { keep; } else { redirect s...@vmailservertest.nerdworld.org; } } # # # Anybody able to give me any advice? TIA -- Casey Bralla Chief Nerd in Residence The NerdWorld Organisation www.NerdWorld.org
Error renaming folders with spaces
Hi All, I am getting frequent errors of the form below. In most cases the path has spaces in it. Oct 24 07:27:08 mailstore03 dovecot: imap(s...@userdomain.com.au): Error: rename(/home8/rs7-username/mail/xyzmortgages.com.au/sam/.Valuations - ABC, /home8/rs7-username/mail/xyzmortgages.com.au/sam/.Valuations - ABC/Subfolder) failed: Invalid argument The user home directories are on NFSv3 and are the user attributes are stored in ldap. My config is below. Any ideas what is causing these errors? Thanks Murray # doveconf -n # 2.2.9: /etc/dovecot/dovecot.conf doveconf: Warning: service auth { client_limit=40960 } is lower than required under max. load (41280) doveconf: Warning: service anvil { client_limit=40970 } is lower than required under max. load (41183) # OS: Linux 3.14-0.bpo.2-amd64 x86_64 Debian 7.5 auth_cache_size = 64 M auth_cache_ttl = 2 hours auth_failure_delay = 0 auth_mechanisms = plain login auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!#$-=?^_{}~./@+% auth_username_translation = +@ auth_worker_max_count = 256 base_dir = /var/run/dovecot/ disable_plaintext_auth = no first_valid_gid = 1001 first_valid_uid = 1001 mail_fsync = always mail_location = maildir:~/ maildir_very_dirty_syncs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mmap_disable = yes namespace { inbox = yes location = prefix = INBOX. type = private } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { acl = vfile quota = maildir quota_rule = INBOX.Trash:ignore } protocols = imap lmtp sieve pop3 service anvil { client_limit = 40970 } service auth-worker { user = dovecot } service auth { client_limit = 40960 unix_listener auth-userdb { group = mail mode = 0666 user = dovecot } } service imap-login { chroot = login inet_listener imap { address = *, [::] port = 143 } inet_listener imaps { address = * port = 993 ssl = yes } process_limit = 20480 process_min_avail = 32 service_count = 0 user = dovecot vsz_limit = 256 M } service imap { process_limit = 40960 vsz_limit = 512 M } service lmtp { inet_listener lmtp { address = 27.54.95.43 port = 24 } process_min_avail = 32 } service managesieve-login { client_limit = 40960 process_limit = 120 process_min_avail = 5 service_count = 0 vsz_limit = 64 M } service managesieve { process_limit = 4096 vsz_limit = 256 M } service pop3-login { chroot = login inet_listener pop3 { address = *, [::] port = 110 } inet_listener pop3s { address = * port = 995 ssl = yes } process_limit = 20480 process_min_avail = 32 service_count = 0 user = dovecot vsz_limit = 256 M } service pop3 { process_limit = 40960 vsz_limit = 256 M } ssl_cert =