AW: dovecot and ldap with problem on userdb
Hi all, I have now tried all kind of alternatives and even setup postfix config from scratch with a minimum setting, but still same result. If anyone can give me a hint how to get more information on that error or where to look at would be very helpful. Thanks Mit freundlichenGrüßen / Kind Regards Kallewirsch
Re: 2.2.25 dumps core with "Panic: file imap-client.c: line 837 (client_check_command_hangs): assertion failed: (client->io != NULL)"
Am 01.09.2016 um 14:17 schrieb Aki Tuomi: > > > On 01.09.2016 14:20, Piper Andreas wrote: >> Hello Timo, >> >> with the newly build CSW-package the crashes still occur, today already >> twice within two hours. The log shows always the same: >> >> Sep 1 11:50:13 surz113 dovecot: [ID 583609 mail.crit] imap(user): >> Panic: file imap-client.c: line 837 (client_check_command_hangs): >> assertion failed: (client->io != NULL) >> Sep 1 11:50:13 surz113 dovecot: [ID 583609 mail.error] imap(user): >> Error: Raw backtrace: 0x80ffb633d88d -> 0x80ffb636ae82 -> >> 0x41eba0 -> 0x41ecf3 -> 0x80ffb635d248 -> 0x80ffb6350d2f -> >> 0x80ffb63519e0 -> 0x80ffb6350dce -> 0x80ffb6350f90 -> >> 0x80ffb62e3ebb -> 0x42f169 -> 0x41292c >> Sep 1 11:50:13 surz113 dovecot: [ID 583609 mail.crit] imap(user): >> Fatal: master: service(imap): child 11227 killed with signal 6 (core not >> dumped - set service imap { drop_priv_before_exec=yes }) >> >> This happens with different users, the last one with a relatively small >> mailbox of 600MB. >> >> doveconf -n is attached. >> >> Dovecot 2.2.25 >> OS: Solaris 11 (SunOS 5.11 11.3 i86pc i386 i86pc) >> Virtualization: VMware >> Filesystem: ZFS >> active users: ~4000 >> >> The system was transferred at beginning of last week from an old >> SPARC-station with Solaris 10 running dovecot-2.2.15 to this virtualized >> platform under VMware. The mailboxes (maildir-format) were transferred >> without change by switching the storage-hardware to the new server. I >> had to remove all dovecot.index*-files for errors of "CPU Architecture >> changed", but after doing this all seemed to work ok except for these >> occasional crashes. >> >> If you need more information, please let me know. >> >> Thanks for any help, >> Andreas >> >>> Hi Jake, >>> >>> thanks for fixing this. I have installed now the newly built package on >>> my production system and will report, if any more core dumps occur. >>> >>> Regards, >>> Andreas >>> > > Hi! > > Is it possible for you test out a small patch (attached) to see if it > fixes this issue? > > Aki > Hello and thanks for this patch, I will try to have it implemented by the OpenCSW-maintainers for a test version as I do not have a compilation environment ready at hand. I'll report the results asap. Thanks again, Andreas smime.p7s Description: S/MIME Cryptographic Signature
Re: Dovecot 2.2.25 fails on SSL
Aki Tuomiwrote: >> ldd /usr/local/Dovecot-2.2.25/lib/dovecot/libssl_iostream_openssl.so >> linux-gate.so.1 => (0x00e8c000) >> libcrypto.so.1.0.0 => not found >> libssl.so.1.0.0 => not found >> librt.so.1 => /lib/librt.so.1 (0x00be4000) >> libc.so.6 => /lib/libc.so.6 (0x001a6000) >> libpthread.so.0 => /lib/libpthread.so.0 (0x003e4000) >> /lib/ld-linux.so.2 (0x007e7000) >> >> ldd /usr/local/Dovecot-2.2.25/lib/dovecot/libdcrypt_openssl.so >> linux-gate.so.1 => (0x00dca000) >> libcrypto.so.1.0.0 => not found >> libssl.so.1.0.0 => not found >> librt.so.1 => /lib/librt.so.1 (0x00a7a000) >> libc.so.6 => /lib/libc.so.6 (0x0016) >> libpthread.so.0 => /lib/libpthread.so.0 (0x0072f000) >> /lib/ld-linux.so.2 (0x0056) >> >> There's no libdcrypt_openssl.so in Dovecot 2.2.24, so I guess >> with the newly introduced dcrypt stuff something with SSL went wrong. >> >> Would be great if that could be fixed so that SSL works again. > > Can you try the attached patch out? Sorry for the late answer. (Away from computers. :-) Tried the attached patch, applies fine, compiles fine, but the ssl/crypto libraries are still not found. The additional "$(SSL_LIBS)" in both "Makefile.am" files doesn't properly make it into the resulting "Makefile" files. After "configure" is done, the resulting "Makefile" files are exactly the same in the original 2.2.25 version and patched 2.2.25 version (I guess they *should* contain the additional SSL libraries somewhere). Just let me know if there's more I can try (no longer away from computers, so response time is faster :-) Sorry for the bad news ... Andreas
Re: Dsync config help
Hi! You can either send me the new text or I can send you the "password". Aki Tuomi Dovecot oy > On September 1, 2016 at 8:58 PM Jean-Luc Wasmerwrote: > > > Looks like I'm having a conversation with myself! lol > > To avoid the timeouts, I removed the "replication_sync_timeout" setting. > It did work and also I don't get the "out of memory errors". I guess > they were related. > I also figured the "permission denied" errors: there was a typo in one > of the "mode" in my config file. > > > So to recap, here are the issues I couldn't fix: > > - replication_sync_timeout generates a lot of time out error resulting > in out of memory errors. > > - users outside the valid uid range [first_valid_uid;last_valid_uid] > won't be synced but will still generate a lot of errors > > > The wiki page is of poor quality... it would need to be rewritten. I'm > willing to do it if someone can tell me how to go about doing that. I'n > not expecting any reply though... > > Cheers, > Jean-Luc > > On 2016-08-31 21:01, Jean-Luc Wasmer wrote: > > I was able to workaround the “Error: sync: > > /var/run/dovecot/auth-userdb: Configured passdbs don’t support > > credentials lookups (to see if user is proxied, because doveadm_port > > is set)” problem: > > > > => I simply disabled “doveadm_port” and added the port number at the > > end of the remote URL in “mail_replica” > > > > > > Replication seems to work although I have regular errors (idk if they > > are related to each other or not). > > I’ve attached excerpts from the log files but here are the different > > errors: > > > > > > - out of memory errors: > > Aug 31 21:37:10 serverA dovecot: replicator: Panic: data stack: Out of > > memory when allocating 268435496 bytes > > > > > > > > - timeout errors: > > > > Aug 31 21:36:41 serverA dovecot: dsync-server(user1): Warning: > > replication(user1): Sync failure: Timeout in 2 secs > > > > Aug 31 21:37:09 serverA dovecot: dsync-local(user1): Error: Couldn't > > lock /home/user1/.dovecot-sync.lock: Timed out after 30 seconds > > > > Aug 31 21:38:34 serverA dovecot: imap(user2): Warning: > > replication(user2): Sync failure: Timeout in 2 secs > > > > > > > > - permission denied errors: > > > > Aug 31 21:37:14 serverA dovecot: dsync-server(user2): Error: > > net_connect_unix(/var/run/dovecot/replicator-doveadm) failed: > > Permission denied > > > > > > > > > > > > I also get errors for user “nobody” with uid 65534. To avoid them I > > added > > 10-mail.conf:first_valid_uid = 2000 > > 10-mail.conf:last_valid_uid = 3000 > > > > > > > > but I still get some errors, different ones now: > > > > > > Sep 1 00:13:42 shaun dovecot: doveadm(a.b.c.d,nobody): Error: Mail > > access for users with UID 65534 not permitted (see first_valid_uid in > > config file, uid from userdb lookup). > > Sep 1 00:13:42 shaun dovecot: doveadm(a.b.c.d,nobody): Error: > > dsync-server: User init failed > > Sep 1 00:14:00 shaun dovecot: doveadm(nobody): Error: sync: Failed to > > start remote dsync-server command: Remote exit_code=75 > > > > > > > > > > > > Jean-Luc > > > > > > > >> On Aug 31, 2016, at 12:02 AM, Jean-Luc Wasmer > >> wrote: > >> > >> > >> Hi, > >> > >> > >> I'm trying to sync emails between server A and B. > >> A has replicator, aggregator and doveadm. > >> B only has doveadm for now. > >> > >> > >> I'm getting the following error: > >> > >> > >> Error: sync: /var/run/dovecot/auth-userdb: Configured passdbs don't > >> support credentials lookups (to see if user is proxied, because > >> doveadm_port is set) > >> > >> > >> I'm not sure why I'm getting this error because I authenticate using > >> PAM > >> and when I run > >> I do have a "service auth" enabled though... it's used for Postfix > >> SASL > >> to authenticate SMTP. > >> > >> > >> I'm running > >> > >> > >> # dovecot --version > >> 2.2.24 (a82c823) > >> > >> > >> > >> > >> > >> Cheers, > >> Jean-Luc > >> > >> > >> > >> > >> > >> PS: "replication_sync_timeout = 2s" doesn't work, I had to drop the > >> 's' > >> > >> > >> > >> > >> > >> On 2016-08-28 17:43, Jean-Luc Wasmer wrote: > >>> > >>> > >>> Hi, > >>> > >>> > >>> > >>> > >>> > >>> I’m having a hard time with the http://wiki2.dovecot.org/Replication > >>> page. > >>> > >>> > >>> > >>> > >>> > >>> - for a master-master setup, does the configuration need to be > >>> mirrored on both masters? > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> - after aggregating unrelated sections of the wiki page, there seems > >>> to be 3 different values for “mail_replica": > >>> - "remote”: for SSH > >>> - “remoteprefix": for SSH wrapper > >>> - “tcp”: for TCP connection using the Doveadm protocol > >>> Is this correct? > >>> > >>> > >>> > >>> > >>> > >>> - what’s the purpose of the replicator VS aggregator VS doveadm > >>> services? > >>> Who talks to who? Where can I find
Re: Dsync config help
Looks like I'm having a conversation with myself! lol To avoid the timeouts, I removed the "replication_sync_timeout" setting. It did work and also I don't get the "out of memory errors". I guess they were related. I also figured the "permission denied" errors: there was a typo in one of the "mode" in my config file. So to recap, here are the issues I couldn't fix: - replication_sync_timeout generates a lot of time out error resulting in out of memory errors. - users outside the valid uid range [first_valid_uid;last_valid_uid] won't be synced but will still generate a lot of errors The wiki page is of poor quality... it would need to be rewritten. I'm willing to do it if someone can tell me how to go about doing that. I'n not expecting any reply though... Cheers, Jean-Luc On 2016-08-31 21:01, Jean-Luc Wasmer wrote: I was able to workaround the “Error: sync: /var/run/dovecot/auth-userdb: Configured passdbs don’t support credentials lookups (to see if user is proxied, because doveadm_port is set)” problem: => I simply disabled “doveadm_port” and added the port number at the end of the remote URL in “mail_replica” Replication seems to work although I have regular errors (idk if they are related to each other or not). I’ve attached excerpts from the log files but here are the different errors: - out of memory errors: Aug 31 21:37:10 serverA dovecot: replicator: Panic: data stack: Out of memory when allocating 268435496 bytes - timeout errors: Aug 31 21:36:41 serverA dovecot: dsync-server(user1): Warning: replication(user1): Sync failure: Timeout in 2 secs Aug 31 21:37:09 serverA dovecot: dsync-local(user1): Error: Couldn't lock /home/user1/.dovecot-sync.lock: Timed out after 30 seconds Aug 31 21:38:34 serverA dovecot: imap(user2): Warning: replication(user2): Sync failure: Timeout in 2 secs - permission denied errors: Aug 31 21:37:14 serverA dovecot: dsync-server(user2): Error: net_connect_unix(/var/run/dovecot/replicator-doveadm) failed: Permission denied I also get errors for user “nobody” with uid 65534. To avoid them I added 10-mail.conf:first_valid_uid = 2000 10-mail.conf:last_valid_uid = 3000 but I still get some errors, different ones now: Sep 1 00:13:42 shaun dovecot: doveadm(a.b.c.d,nobody): Error: Mail access for users with UID 65534 not permitted (see first_valid_uid in config file, uid from userdb lookup). Sep 1 00:13:42 shaun dovecot: doveadm(a.b.c.d,nobody): Error: dsync-server: User init failed Sep 1 00:14:00 shaun dovecot: doveadm(nobody): Error: sync: Failed to start remote dsync-server command: Remote exit_code=75 Jean-Luc On Aug 31, 2016, at 12:02 AM, Jean-Luc Wasmerwrote: Hi, I'm trying to sync emails between server A and B. A has replicator, aggregator and doveadm. B only has doveadm for now. I'm getting the following error: Error: sync: /var/run/dovecot/auth-userdb: Configured passdbs don't support credentials lookups (to see if user is proxied, because doveadm_port is set) I'm not sure why I'm getting this error because I authenticate using PAM and when I run I do have a "service auth" enabled though... it's used for Postfix SASL to authenticate SMTP. I'm running # dovecot --version 2.2.24 (a82c823) Cheers, Jean-Luc PS: "replication_sync_timeout = 2s" doesn't work, I had to drop the 's' On 2016-08-28 17:43, Jean-Luc Wasmer wrote: Hi, I’m having a hard time with the http://wiki2.dovecot.org/Replication page. - for a master-master setup, does the configuration need to be mirrored on both masters? - after aggregating unrelated sections of the wiki page, there seems to be 3 different values for “mail_replica": - "remote”: for SSH - “remoteprefix": for SSH wrapper - “tcp”: for TCP connection using the Doveadm protocol Is this correct? - what’s the purpose of the replicator VS aggregator VS doveadm services? Who talks to who? Where can I find documentation about their configuration (i.e. not examples) - most examples are for a single vmail user setup… what should be done when using system accounts? Thanks, Jean-Luc
RE: autoexpunge clarification
Thanks Philon. In one of my situations, the potential for such old mail in accounts where the user is not receiving new mail or logging in is large. For example, one application is for an emergency auxiliary mail service. It can be heavily used during training, drills and, of course, emergencies. But otherwise, any leftover mail will likely sit there until the next training, drill, or emergency. The account is still valid and should not be removed. But we'd like the mails to be removed so this old mail isn't dumped on the user the next time they connect, especially since some may connect via lower-speed radio links. It looks like I'll definitely need to use the expunge plugin with a cron job. Thanks again for the clarifications. Michael
Re: 2.2.25 dumps core with "Panic: file imap-client.c: line 837 (client_check_command_hangs): assertion failed: (client->io != NULL)"
On 01.09.2016 14:20, Piper Andreas wrote: > Hello Timo, > > with the newly build CSW-package the crashes still occur, today already > twice within two hours. The log shows always the same: > > Sep 1 11:50:13 surz113 dovecot: [ID 583609 mail.crit] imap(user): > Panic: file imap-client.c: line 837 (client_check_command_hangs): > assertion failed: (client->io != NULL) > Sep 1 11:50:13 surz113 dovecot: [ID 583609 mail.error] imap(user): > Error: Raw backtrace: 0x80ffb633d88d -> 0x80ffb636ae82 -> > 0x41eba0 -> 0x41ecf3 -> 0x80ffb635d248 -> 0x80ffb6350d2f -> > 0x80ffb63519e0 -> 0x80ffb6350dce -> 0x80ffb6350f90 -> > 0x80ffb62e3ebb -> 0x42f169 -> 0x41292c > Sep 1 11:50:13 surz113 dovecot: [ID 583609 mail.crit] imap(user): > Fatal: master: service(imap): child 11227 killed with signal 6 (core not > dumped - set service imap { drop_priv_before_exec=yes }) > > This happens with different users, the last one with a relatively small > mailbox of 600MB. > > doveconf -n is attached. > > Dovecot 2.2.25 > OS: Solaris 11 (SunOS 5.11 11.3 i86pc i386 i86pc) > Virtualization: VMware > Filesystem: ZFS > active users: ~4000 > > The system was transferred at beginning of last week from an old > SPARC-station with Solaris 10 running dovecot-2.2.15 to this virtualized > platform under VMware. The mailboxes (maildir-format) were transferred > without change by switching the storage-hardware to the new server. I > had to remove all dovecot.index*-files for errors of "CPU Architecture > changed", but after doing this all seemed to work ok except for these > occasional crashes. > > If you need more information, please let me know. > > Thanks for any help, > Andreas > >> Hi Jake, >> >> thanks for fixing this. I have installed now the newly built package on >> my production system and will report, if any more core dumps occur. >> >> Regards, >> Andreas >> Hi! Is it possible for you test out a small patch (attached) to see if it fixes this issue? Aki diff --git a/src/imap/imap-client.c b/src/imap/imap-client.c index 3327788..3a4a510 100644 --- a/src/imap/imap-client.c +++ b/src/imap/imap-client.c @@ -1055,9 +1055,7 @@ static bool client_handle_next_command(struct client *client, bool *remove_io_r) if (client->input_lock != NULL) { if (client->input_lock->state == - CLIENT_COMMAND_STATE_WAIT_UNAMBIGUITY || - (client->output_cmd_lock != NULL && - client->output_cmd_lock != client->input_lock)) { + CLIENT_COMMAND_STATE_WAIT_UNAMBIGUITY) *remove_io_r = TRUE; return FALSE; }
Re: autoexpunge clarification
Hi Michael you are correct I guess based on your assumptions. autoexpunge kicks in on user interaction either by email delivery or a user checking in. If both does not occour then no cleanup will happen. Question would be if there is that much to cleanup in this case. A user not logging in for long time and not receiving any emails… seems inactive to me. Ok, he might have put all his mails to the trash and this was not emptied before he went for his sabatical. But the use case seems to be in the n<10 range!? A monthly cronjob could be sufficent in this case? I’m quite happy with the expire plugin and SQL timestamping. Using this the cronjob only checks through the listed folders and not all users. Slim approach! And for me a cleanup once per day is at least currently more than enough. Philon > Am 31.08.2016 um 17:44 schrieb Michael Fox: > > Thanks Philon, > > I did read the extra bullets, as indicated in my email below. But your "When > the user quits and thus closes his mailbox/connection" is more clear than > "after the client is already disconnected", since the latter is really > anytime, rather than at the time they quit. > > I can guess that the bulletin about LMTP similarly means at the end of each > time LMTP delivers mail to the mailbox. > > Assuming that is true, then the problem I see with autoexpunge is that it > doesn't address the case of a user that has not logged in nor received mail > in that mailbox for the specified time. Those messages would apparently stay > forever. Correct? > > And, if that's true, then the cron job seems like the only way to expunge all > old messages. Correct? > > Thanks, > Michael
Re: 2.2.25 dumps core with "Panic: file imap-client.c: line 837 (client_check_command_hangs): assertion failed: (client->io != NULL)"
Hello Timo, with the newly build CSW-package the crashes still occur, today already twice within two hours. The log shows always the same: Sep 1 11:50:13 surz113 dovecot: [ID 583609 mail.crit] imap(user): Panic: file imap-client.c: line 837 (client_check_command_hangs): assertion failed: (client->io != NULL) Sep 1 11:50:13 surz113 dovecot: [ID 583609 mail.error] imap(user): Error: Raw backtrace: 0x80ffb633d88d -> 0x80ffb636ae82 -> 0x41eba0 -> 0x41ecf3 -> 0x80ffb635d248 -> 0x80ffb6350d2f -> 0x80ffb63519e0 -> 0x80ffb6350dce -> 0x80ffb6350f90 -> 0x80ffb62e3ebb -> 0x42f169 -> 0x41292c Sep 1 11:50:13 surz113 dovecot: [ID 583609 mail.crit] imap(user): Fatal: master: service(imap): child 11227 killed with signal 6 (core not dumped - set service imap { drop_priv_before_exec=yes }) This happens with different users, the last one with a relatively small mailbox of 600MB. doveconf -n is attached. Dovecot 2.2.25 OS: Solaris 11 (SunOS 5.11 11.3 i86pc i386 i86pc) Virtualization: VMware Filesystem: ZFS active users: ~4000 The system was transferred at beginning of last week from an old SPARC-station with Solaris 10 running dovecot-2.2.15 to this virtualized platform under VMware. The mailboxes (maildir-format) were transferred without change by switching the storage-hardware to the new server. I had to remove all dovecot.index*-files for errors of "CPU Architecture changed", but after doing this all seemed to work ok except for these occasional crashes. If you need more information, please let me know. Thanks for any help, Andreas > Hi Jake, > > thanks for fixing this. I have installed now the newly built package on > my production system and will report, if any more core dumps occur. > > Regards, > Andreas > # 2.2.25 (7be1766): /etc/opt/csw/dovecot/dovecot.conf # OS: SunOS 5.11 i86pc auth_cache_negative_ttl = 0 auth_cache_size = 10 M auth_master_user_separator = * auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_ auth_username_format = %u auth_worker_max_count = 1024 base_dir = /var/run/dovecot/ default_vsz_limit = 2 G first_valid_gid = 3 first_valid_uid = 3 mail_location = maildir:%h/.maildir mail_plugins = " mail_log notify" mail_privileged_group = mail namespace { hidden = no inbox = yes list = yes location = maildir:%h/.maildir prefix = separator = / subscriptions = yes type = private } namespace inbox { hidden = yes inbox = no list = no location = maildir:%h/.maildir prefix = mail/ separator = / subscriptions = no type = private } passdb { args = /etc/dovecot.deny deny = yes driver = passwd-file } passdb { args = /etc/opt/csw/dovecot/private/passwd.masterusers driver = passwd-file master = yes } passdb { args = blocking=yes cache_key=%u%s * driver = pam } pop3_uidl_format = %08Xv%08Xu postmaster_address = postmas...@staff.uni-marburg.de protocols = imap pop3 service auth-worker { user = $default_internal_user } service auth { client_limit = 6000 } service imap-login { process_min_avail = 64 service_count = 0 } service imap { process_limit = 6000 } ssl_cert = smime.p7s Description: S/MIME Cryptographic Signature
AW: dovecot and ldap with problem on userdb
Hi, thanks for the valuable hint. I have already tried to search for this. This is my postfix config. +++ postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no bounce_queue_lifetime = 1h command_directory = /usr/sbin compatibility_level = 2 content_filter = smtp-amavis:[127.0.0.1]:10024 daemon_directory = /usr/lib/postfix/sbin data_directory = /var/lib/postfix debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5 home_mailbox = Maildir/ inet_interfaces = all inet_protocols = all mail_spool_directory = /var/spool/mail mailbox_size_limit = 0 maximal_backoff_time = 15m maximal_queue_lifetime = 1h message_size_limit = 1024 minimal_backoff_time = 5m mydestination = $myhostname, localhost.$mydomain, localhost mydomain = av.loc myhostname = mail.av.loc mynetworks = 127.0.0.0/8, 192.168.110.0/24, 192.168.111.0/24, 192.168.114.150, 192.168.114.151 myorigin = /etc/mailname queue_run_delay = 5m readme_directory = no recipient_delimiter = + relayhost = smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/av_smtp_auth.cf smtp_sasl_security_options = noanonymous smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt smtp_tls_ciphers = high smtp_tls_protocols = !SSLv2, !SSLv3 smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) smtpd_relay_restrictions = permit_sasl_authenticated permit_mynetworks check_relay_domains reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_security_options = noanonymous smtpd_sender_restrictions = reject_unknown_sender_domain permit_mynetworks permit_sasl_authenticated warn_if_reject smtpd_tls_CAfile = /etc/ssl/certs/ca-certificates.crt smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key smtpd_tls_loglevel = 3 smtpd_tls_received_header = yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_tls_session_cache_timeout = 3600s smtpd_use_tls = yes tls_high_cipherlist = EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA256:EECDH:+CAMELLIA128 :+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDE A:!ECDSA:kEDH:CAMELLIA128-SHA:AES128-SHA tls_random_source = dev:/dev/urandom tls_ssl_options = NO_COMPRESSION unknown_local_recipient_reject_code = 550 unverified_sender_reject_reason = "av - Address verification failed" virtual_alias_maps = hash:/etc/postfix/av_aliases.cf virtual_mailbox_base = /var/av_vmail virtual_mailbox_domains = /etc/postfix/av_domains.cf virtual_mailbox_limit = 0 virtual_mailbox_maps = ldap:/etc/postfix/av_accounts.cf virtual_transport = lmtp:unix:private/dovecot-lmtp postconf: warning: /etc/postfix/main.cf: unused parameter: i#setgid_group= +++ Could you probably identify the area based on your knowledge where it could be? ldap:/etc/postfix/av_accounts.cf = +++ # # check recipient mailbox destination # server_host = localhost search_base = ou=people,dc=av,dc=loc bind = yes bind_dn = cn=xxx bind_pw = xxx query_filter = (&(objectClass=posixAccount)(mail=%s)) result_attribute = mail result_format = %s/Maildir/ debuglevel = 1 +++ Mit freundlichenGrüßen / Kind Regards Kallewirsch -Ursprüngliche Nachricht- Von: dovecot [mailto:dovecot-boun...@dovecot.org] Im Auftrag von Aki Tuomi Gesendet: Donnerstag, 1. September 2016 08:02 An: dovecot@dovecot.org Betreff: Re: dovecot and ldap with problem on userdb On 31.08.2016 19:24, Averlon GmbH (in Gründung) wrote: > Hi, > I have setup a new ubuntu on 16.04.. > I have already a running system on 14.04 but wanted to migrate. > > I get an error when checking user in ldap. > > I get another error with some file permissions on auth-userdb which I > was not able to overcome sofar. > > Help appreciated. > > > Mit freundlichenGrüßen / Kind Regards > Kallewirsch Your problem is in postfix config, possibly some virtual user mapping or aliasing. Aki
Re: Use of obox2 and AWS S3
On 01.09.2016 04:59, Raymond Sellars wrote: > Hi > > Has anyone used or is using dovecot obox and S3 storage? I see very little > chatter or documentation on it. > > Interested in how mature it is and technical items such as high availability > and region replication. > > I'm guessing that multiple updates to a S3 mailbox is mitigated via the > standard dovecot pattern of Director pointing multiple user sessions to a > single/common dovecot node. > > And for disaster recovery - that's out of scope of dovecot and more reliant > on S3 replication? > > > Any one running a dovecot solution within AWS in general? Interested in best > practice for the storage layer. Although NFS is possible its not really > optimised for elastic cloud type hosting. > > Thanks > Raymond Hi! Obox2 is a commercial product not available as open source, which is probably why there is very little chatter about it. Obox2 itself is used in many large installations at the moment and is considered mature. S3 is not that widely used. If you are interested to find out more about obox2 I invite you to contact our sales for more discussion. Aki Tuomi Dovecot oy
Re: dovecot and ldap with problem on userdb
On 31.08.2016 19:24, Averlon GmbH (in Gründung) wrote: > Hi, > I have setup a new ubuntu on 16.04.. > I have already a running system on 14.04 but wanted to migrate. > > I get an error when checking user in ldap. > > I get another error with some file permissions on auth-userdb which I was > not able to overcome sofar. > > Help appreciated. > > > Mit freundlichenGrüßen / Kind Regards > Kallewirsch Your problem is in postfix config, possibly some virtual user mapping or aliasing. Aki