Re: Good email client to use with Dovecot?

[lists]

https://www.cvedetails.com/vulnerability-list/vendor_id-8905/Roundcube.html

  Original Message  
From: robert k Wild
Sent: Thursday, November 17, 2016 11:22 PM
To: li...@lazygranch.com
Reply To: Dovecot Mailing List
Cc: Andreas Kalex; dovecot@dovecot.org
Subject: Re: Good email client to use with Dovecot?

Look up "roundcube", really straight forward configuration, once installed
type in the IP of your server publishing it on a web browser and it will
walk you through configuring it

On 18 Nov 2016 07:16,  wrote:

> So does mutt suck or not?
>
> Original Message
> From: Andreas Kalex
> Sent: Thursday, November 17, 2016 11:06 PM
> To: Dovecot Mailing List
> Subject: Re: Good email client to use with Dovecot?
>
> since years mutt, 'cause it really sucks.
> I tried TB or claws, evolution, opera but always returned to mutt.
>
>
>
> Am 18. November 2016 06:31:43 MEZ, schrieb Steve Litt <
> sl...@troubleshooters.com>:
> >On Thu, 17 Nov 2016 18:07:15 -0800
> >li...@lazygranch.com wrote:
> >
> >> FWIW, I use claws, which is about the only one not mentioned.
> >>
> >> I don't like Thunderbird. For one thing, it is in caretaker status.
> >> Mozilla believes Web based mail is the "future." I rather not run
> >> roundcube, given I got hacked via an unpatched roundcube back when I
> >> was using a hosting company. ‎ Webmail just increases your attack
> >> surface.
> >
> >Thanks.
> >
> >My reason for exploring Alpine is I'm moving away from Claws, for
> >non-technical reasons I won't burden this list with.
> >
> >Thanks,
> >
> >SteveT
> >
> >Steve Litt
> >November 2016 featured book: Quit Joblessness: Start Your Own Business
> >http://www.troubleshooters.com/startbiz
>

Re: Good email client to use with Dovecot?

[robert k Wild]

Look up "roundcube", really straight forward configuration, once installed
type in the IP of your server publishing it on a web browser and it will
walk you through configuring it

On 18 Nov 2016 07:16,  wrote:

> So does mutt suck or not?
>
>   Original Message
> From: Andreas Kalex
> Sent: Thursday, November 17, 2016 11:06 PM
> To: Dovecot Mailing List
> Subject: Re: Good email client to use with Dovecot?
>
> since years mutt, 'cause it really sucks.
> I tried TB or claws, evolution, opera but always returned to mutt.
>
>
>
> Am 18. November 2016 06:31:43 MEZ, schrieb Steve Litt <
> sl...@troubleshooters.com>:
> >On Thu, 17 Nov 2016 18:07:15 -0800
> >li...@lazygranch.com wrote:
> >
> >> FWIW, I use claws, which is about the only one not mentioned.
> >>
> >> I don't like Thunderbird. For one thing, it is in caretaker status.
> >> Mozilla believes Web based mail is the "future." I rather not run
> >> roundcube, given I got hacked via an unpatched roundcube  back when I
> >> was using a hosting company. ‎ Webmail just increases your attack
> >> surface.
> >
> >Thanks.
> >
> >My reason for exploring Alpine is I'm moving away from Claws, for
> >non-technical reasons I won't burden this list with.
> >
> >Thanks,
> >
> >SteveT
> >
> >Steve Litt
> >November 2016 featured book: Quit Joblessness: Start Your Own Business
> >http://www.troubleshooters.com/startbiz
>

Re: Good email client to use with Dovecot?

[lists]

So does mutt suck or not?

  Original Message  
From: Andreas Kalex
Sent: Thursday, November 17, 2016 11:06 PM
To: Dovecot Mailing List
Subject: Re: Good email client to use with Dovecot?

since years mutt, 'cause it really sucks. 
I tried TB or claws, evolution, opera but always returned to mutt. 



Am 18. November 2016 06:31:43 MEZ, schrieb Steve Litt 
:
>On Thu, 17 Nov 2016 18:07:15 -0800
>li...@lazygranch.com wrote:
>
>> FWIW, I use claws, which is about the only one not mentioned. 
>> 
>> I don't like Thunderbird. For one thing, it is in caretaker status.
>> Mozilla believes Web based mail is the "future." I rather not run
>> roundcube, given I got hacked via an unpatched roundcube  back when I
>> was using a hosting company. ‎ Webmail just increases your attack
>> surface. 
>
>Thanks.
>
>My reason for exploring Alpine is I'm moving away from Claws, for
>non-technical reasons I won't burden this list with.
>
>Thanks,
>
>SteveT
>
>Steve Litt 
>November 2016 featured book: Quit Joblessness: Start Your Own Business
>http://www.troubleshooters.com/startbiz

Re: Good email client to use with Dovecot?

[Andreas Kalex]

since years mutt, 'cause it really sucks. 
I tried TB or claws, evolution, opera but always returned to mutt. 



Am 18. November 2016 06:31:43 MEZ, schrieb Steve Litt 
:
>On Thu, 17 Nov 2016 18:07:15 -0800
>li...@lazygranch.com wrote:
>
>> FWIW, I use claws, which is about the only one not mentioned. 
>> 
>> I don't like Thunderbird. For one thing, it is in caretaker status.
>> Mozilla believes Web based mail is the "future." I rather not run
>> roundcube, given I got hacked via an unpatched roundcube  back when I
>> was using a hosting company. ‎ Webmail just increases your attack
>> surface. 
>
>Thanks.
>
>My reason for exploring Alpine is I'm moving away from Claws, for
>non-technical reasons I won't burden this list with.
>
>Thanks,
>
>SteveT
>
>Steve Litt 
>November 2016 featured book: Quit Joblessness: Start Your Own Business
>http://www.troubleshooters.com/startbiz

Re: BUG: nopassword doesn't work with CRAM-MD5

[Aki Tuomi]

On 17.11.2016 10:49, Adrian POPA wrote:
> On 17.11.2016 10:30, Arkadiusz Miśkiewicz wrote:
>> On Thursday 17 of November 2016, Aki Tuomi wrote:
>>> On 17.11.2016 10:14, Arkadiusz Miśkiewicz wrote:
 Hello.

 dovecot 2.2.26.0

 When testing nopassword extra field
 (http://wiki2.dovecot.org/PasswordDatabase/ExtraFields) with CRAM-MD5
 dovecot doesn't allow any password (while it should) and returns

 " Authentication failed"

 while in logs:

 Nov 17 08:22:34 auth-worker(1551): Info:
 sql(pepe,127.0.0.1,): Requested CRAM-MD5 scheme,
 but we
 have a NULL password

 NULL is there because our sql query returns empty password just
 like wiki
 says "nopassword:  you want to allow all passwords, use an empty
 password and this field. "


 If password is returned in sql query then it fails, too:

 Nov 17 09:00:49 auth-worker(2206): Error:
 sql(pepe,127.0.0.1,): nopassword set but password is
 non- empty

 So looks to be a bug.
>>> It's not a bug. CRAM-MD5 does in fact require *some* password to work,
>> Provide fake/random one for nopassword internally.
>>
>>> you can either store it with doveadm pw -S CRAM-MD5 or as plain text
>>> password.
>> Then I get
>>
 sql(pepe,127.0.0.1,): nopassword set but password is
 non- empty
>> So that doesn't help
>>
>> btw. doveadm pw -S is not documented, so no idea what it does
>>
>>> Aki
> Sorry to bump into your conversation but Aki is defending too hard
> something that is realy a bug.
> I have signaled myself this issue in the "very old" version 2.2.9(!)
> nopassword means ANY password (including none). One cannot store
> something like ANY with doveadm, SQL or anything.
> So with "nopassword" the query should simply ignore the password field
> (missing, NULL or set to anything else).
> Why would an user login with nopassword? This is an administrator
> decision and is not subject for comments.
> My problem was with LDA who refuses to store mail in INBOX if the user
> is not properly authenticated (nopassword) so you cannot receive mails
> for "hidden" users that cannot login, maybe to redirect mails later or
> do some other things with.
>
> Adrian

You can also, if you are using nopassword flag, abstain from actually
returning any field called 'password' from your SQL database. The reason
this check is done is to ensure that you know what you are doing. We do
not want to prevent you from logging in w/o password, that's fine for us
and it will work just as you want as long as you do not return
'password' attribute from your database.

Aki

Re: Good email client to use with Dovecot?

[Steve Litt]

On Thu, 17 Nov 2016 18:07:15 -0800
li...@lazygranch.com wrote:

> FWIW, I use claws, which is about the only one not mentioned. 
> 
> I don't like Thunderbird. For one thing, it is in caretaker status.
> Mozilla believes Web based mail is the "future." I rather not run
> roundcube, given I got hacked via an unpatched roundcube  back when I
> was using a hosting company. ‎ Webmail just increases your attack
> surface. 

Thanks.

My reason for exploring Alpine is I'm moving away from Claws, for
non-technical reasons I won't burden this list with.

Thanks,

SteveT

Steve Litt 
November 2016 featured book: Quit Joblessness: Start Your Own Business
http://www.troubleshooters.com/startbiz

Re: Good email client to use with Dovecot?

[lists]

Claws is an active project. 

I became roundcube free when I set up my own mail server.  

I simply use an email client rather than a browser. Browsers can leak.

Comments about the retired TB:
‎https://blog.mozilla.org/thunderbird/

Practically what this means is that in 2016, Thunderbird will finally be able 
to accept donations from users directed toward the update and maintenance of 
Thunderbird. In the long run, Thunderbird needs to rely on our users for 
support, and not expect to be subsidized by revenue from Firefox. We welcome 
this help from the Mozilla Foundation in moving toward our goal of developing 
independent sources of income for Thunderbird.

In the technical part of that post, Mitchell reiterated that Mozilla needs to 
be laser-focused on Firefox, and that the burden this places on Thunderbird (as 
well as the burden that Thunderbird places on Firefox) is leading to 
unacceptable outcomes for both projects. The most immediate need is for the 
Thunderbird release infrastructure to be independent of that used by Firefox, 
and Mozilla has offered to help. In the long-term, there will be additional 
technical separation between Firefox and Thunderbird as a continuation of a 
process that has been ongoing for the last three years.
--

  Original Message  
From: Benny Pedersen
Sent: Thursday, November 17, 2016 6:36 PM
To: dovecot@dovecot.org
Reply To: Dovecot Mailing List
Subject: Re: Good email client to use with Dovecot?

li...@lazygranch.com skrev den 2016-11-18 03:07:
> FWIW, I use claws, which is about the only one not mentioned. 

lets see if dovecot will be webmail ng someday

> I don't like Thunderbird.

sadly

> For one thing, it is in caretaker status.

what ?

> Mozilla believes Web based mail is the "future."

do you have references for this somewhere ?

> I rather not run
> roundcube, given I got hacked via an unpatched roundcube

unpatched is allways good, problems come when non default and mostly 
custom plugins is not tested, keep plain roundcube should not be a 
problem more then a claws client that is not patched

> back when I
> was using a hosting company.

nothing happended since then ?

> ‎ Webmail just increases your attack
> surface. 

so what is the solution ?, going offline ?

Re: Good email client to use with Dovecot?

[Benny Pedersen]

li...@lazygranch.com skrev den 2016-11-18 03:07:

FWIW, I use claws, which is about the only one not mentioned. 


lets see if dovecot will be webmail ng someday


I don't like Thunderbird.


sadly


For one thing, it is in caretaker status.


what ?


Mozilla believes Web based mail is the "future."


do you have references for this somewhere ?


I rather not run
roundcube, given I got hacked via an unpatched roundcube


unpatched is allways good, problems come when non default and mostly 
custom plugins is not tested, keep plain roundcube should not be a 
problem more then a claws client that is not patched



back when I
was using a hosting company.


nothing happended since then ?


‎ Webmail just increases your attack
surface. 


so what is the solution ?, going offline ?

Re: Good email client to use with Dovecot?

[lists]

FWIW, I use claws, which is about the only one not mentioned. 

I don't like Thunderbird. For one thing, it is in caretaker status. Mozilla 
believes Web based mail is the "future." I rather not run roundcube, given I 
got hacked via an unpatched roundcube  back when I was using a hosting company. 
‎ Webmail just increases your attack surface. 

Re: Good email client to use with Dovecot?

[Steve Litt]

On Thu, 17 Nov 2016 08:52:11 +0100 (CET)
Steffen Kaiser  wrote:

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
> 
> On Thu, 17 Nov 2016, Steve Litt wrote:
> 
> > What email clients are all of you using to look at your IMAP
> > email?  
> 
> https://de.wikipedia.org/wiki/Alpine_(E-Mail-Programm)
> 
> :-)

Thanks Steffen,

I installed Alpine and got it to work as a window to my Dovecot IMAP
server, but I could only "import" one mailbox at a time, and as I
mentioned earlier:

[slitt@mydesk ~]$ find /home/slitt/mail/Maildir -type d | wc -l
1254
[slitt@mydesk ~]$

These mailboxes are several levels deep, such as: .OLDFOLDERS.in.2012.
I have a few questions:

* How does one import *all* folders from the Dovecot server at once,
  without repeatedly typing in 192.168.100.2/ssl/user=slitt and all the
  rest of the process?

* Is there a way of viewing my folder hierarchy hierarchically,
  including collapse and expand?

* How does one manually expunge an email previously marked for
  deletion? I know it's possible because one config item is "*only*
  expunge manually." Is there a way of expunging ranges of emails?

* How does one switch the sort order while in the folder list or the
  message list?

* And most important, where can I find the best, most unambiguous
  Alpine documentation, that doesn't assume I know anything about
  Alpine?

Thanks,


 SteveT

Steve Litt 
November 2016 featured book: Quit Joblessness: Start Your Own Business
http://www.troubleshooters.com/startbiz

Any way to simplify repeated use of same string-list?

[Jeff Kletsky]

I often use the same set of header names when doing an 'address' 
comparison.
I would prefer to be able to specify that once, then re-use it in 
several places.


As an example

set "address_mailman_fields" "\"To\", \"Cc\", \"From\", \"Errors-To\"";

if address :domain :matches ["${address_mailman_fields}"] 
"example.com" {

[...]
}

if address :domain :matches ["${address_mailman_fields}"] 
"dovecot.org" {

[...]
}

or the like would be quite helpful.

From what I can tell, even though the variable interpolation *looks* 
like a string-list,

it isn't parsed as such. For example, from sieve-test output:

sieve-test(jeff): Debug: Mailbox 
Opened mail UID=1 because: header "To", "Cc", "From", "Errors-To" (Cache 
file is unusable)
testing: line 27: info: DEBUG: address ["${address_mailman_fields}"] 
didn't match.


sieve-test(jeff): Debug: Mailbox 
Opened mail UID=1 because: header ["To", "Cc", "From", "Errors-To"] 
(Cache file is unusable)
testing: line 34: info: DEBUG: address "[${address_mailman_fields}]" 
didn't match.



Is there any trick available to specify a string-list once, then re-use 
it throughout the script?



Thanks,


Jeff

Re: Generalized looping possible in pigeonhole sieve?

[Larry Rosenman]

Sieve EXPLICITLY does NOT have a looping construct.


On Thu, Nov 17, 2016 at 4:42 PM, Jeff Kletsky  wrote:

> I'm struggling to achieve the kind of filtering with sieve that I was able
> to do with procmail.
>
> TL;DR
>
> I'd like a way to loop through a set of (address, destination) pairs in
> sieve so that I can maintain the (address, destination) pairs in one place
> and not have to explicitly write scores of nearly identical
>
> [...]
>
> if address :matches ["From", "Sender", "To", "Cc"] "address53" {
> fileinto "destination53"
> }
>
> if address :matches ["From", "Sender", "To", "Cc"] "address54" {
> fileinto "destination54"
> }
>
> [...]
>
>
> Longer:
>
> I've been using a table-based dispatch approach with procmail for years
> and it was working reasonably well.
>
> The approach uses list of pairs of address and destination boxes and doing
> a lookup based on the message to be delivered. With procmail, I collected
> the list of addresses and passed them to external scripts to do the lookup.
>
> If I just had a dozen boxes that I deal with, that would be
> straightforward to implement and maintain in sieve. As the list is an order
> of magnitude greater than that, maintaining the list of pairs in an
> external file and programmatically looping through it is a lot easier.
>
> I've looked at vnd.dovecot.execute and it certainly can return a
> destination box name given the input information.
>
> Unfortunately, the construct of (for example)
>
> address :matches "To" "*"'
>
> only returns the first address, not the list of addresses.
>
> I can't see a good way to get all the addressees from sieve to pass to the
> external program. If I have to pass the message (or at least the
> interesting headers) to the external program and then parse the address
> list myself, then I'm nearly all the way to just using a full-on external
> program to parse the whole message.
>
> While I'm not adverse to writing the whole thing in Python (or the like)
> and just using sieve as a thin shell, I'd like to make sure I'm not missing
> something in sieve.
>
> One way to achieve this would be to be able to loop through the pairs and
> using variable substitution for each iteration. I haven't seen anything in
> Dovecot Pigeonhole sieve that allows this.
>
> If you have any ideas on how to harness sieve for this, I'd appreciate it!
>
>
> Jeff
>



-- 
Larry Rosenman http://www.lerctr.org/~ler
Phone: +1 214-642-9640 (c) E-Mail: larry...@gmail.com
US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281

Generalized looping possible in pigeonhole sieve?

[Jeff Kletsky]

I'm struggling to achieve the kind of filtering with sieve that I was 
able to do with procmail.


TL;DR

I'd like a way to loop through a set of (address, destination) pairs in 
sieve so that I can maintain the (address, destination) pairs in one 
place and not have to explicitly write scores of nearly identical


[...]

if address :matches ["From", "Sender", "To", "Cc"] "address53" {
fileinto "destination53"
}

if address :matches ["From", "Sender", "To", "Cc"] "address54" {
fileinto "destination54"
}

[...]


Longer:

I've been using a table-based dispatch approach with procmail for years 
and it was working reasonably well.


The approach uses list of pairs of address and destination boxes and 
doing a lookup based on the message to be delivered. With procmail, I 
collected the list of addresses and passed them to external scripts to 
do the lookup.


If I just had a dozen boxes that I deal with, that would be 
straightforward to implement and maintain in sieve. As the list is an 
order of magnitude greater than that, maintaining the list of pairs in 
an external file and programmatically looping through it is a lot easier.


I've looked at vnd.dovecot.execute and it certainly can return a 
destination box name given the input information.


Unfortunately, the construct of (for example)

address :matches "To" "*"'

only returns the first address, not the list of addresses.

I can't see a good way to get all the addressees from sieve to pass to 
the external program. If I have to pass the message (or at least the 
interesting headers) to the external program and then parse the address 
list myself, then I'm nearly all the way to just using a full-on 
external program to parse the whole message.


While I'm not adverse to writing the whole thing in Python (or the like) 
and just using sieve as a thin shell, I'd like to make sure I'm not 
missing something in sieve.


One way to achieve this would be to be able to loop through the pairs 
and using variable substitution for each iteration. I haven't seen 
anything in Dovecot Pigeonhole sieve that allows this.


If you have any ideas on how to harness sieve for this, I'd appreciate it!


Jeff

Re: Exim still accepting emails to nonexistent users

[Heiko Schlittermann]

Hi,

Marti Markov  (Mi 16 Nov 2016 04:28:28 CET):
> After adding the configuration bit:
> 
> deny
> message = invalid recipient
> domains = +local_domains
> !verify = recipient/callout=no_cache
> 
> from: http://wiki2.dovecot.org/LMTP/Exim  
> running update-exim4.conf and service exim4 restart
> 
> the server is still accepting emails to recipients that do not exist in 
> dovecot.

How is the router, targeting the messages to dovecot, configured? And
how the transport, responsible for the delivery to dovecot?

Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
-- 
 SCHLITTERMANN.de  internet & unix support -
 Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
 gnupg encrypted messages are welcome --- key ID: F69376CE -
 ! key id 7CBF764A and 972EAC9F are revoked since 2015-01  -


signature.asc
Description: Digital signature

Re: Re: Good email client to use with Dovecot?

[Jochen Bern]

On 11/17/2016 04:58 PM, Steve Litt wrote:
> On Thu, 17 Nov 2016 14:11:45 +0100 Jochen Bern  wrote:
>> Plaintext or HTML mails? 
> 
> I like the ability to see some sort of representation of the links in
> incoming HTML email. I would never send HTML email.

Not quite sure what you mean with "representation" of links ... in most
cases of *human typed* HTML e-mails, there's a MIME
multipart/alternative text/plain part where links' URLs appear as part
of the text. However, generating the plaintext part is done by the
*senders'* MUAs, your own merely decides over whether the URL is
recognized as such and made *clickable*, rather than needing to be
copy-pasted into your browser.

>> I switched from tkRat (a.k.a. ratatosk) to Thunderbird when I had a
>> need to do "detached IMAP" (and tkRat repeatedly trashed my entire
>> INBOX when I tried).
> 
> Did the corruption happen when you messed with it to try to work
> offline, or do you mean that usage during failure to connect caused
> corruption? Did it corrupt the IMAP you were trying to connect to, or
> just a cache? 

It had official support for the setup (might even be where I saw the
term "detached IMAP"). Never had a problem with it and the original
(online) IMAP mode, but within ... a little less than a year IIRC after
switching, I found the server-side INBOX *completely empty* thrice.
(While being connected to the server, of course.)

> I have over 620K emails in over 1000 folders. This turns Thunderbird
> into an all day affair, just to refresh its caches.

Yeah, I can see that. I'm at about 1/6 of that, thanks to moving busy
folders' back-years *off* the IMAP server and into Thunderbird-style
"Local Folders" (which then can be copied to several places, as they
supposedly do not *change* anymore). Takes TB a couple hours to resync
when the cache has a problem - luckily, it does so in the background,
and I tend to spend entire workdays sitting in just *one* place.

Note that TB *does* have controls to limit the local cache by age and
message size, though. And that you can disable the local cache on a
folder-by-folder basis.

Kind regards,
-- 
Jochen Bern
Systemingenieur

Fon:+49 6151 9067-231
Fax:+49 6151 9067-290
E-Mail: jochen.b...@binect.de



smime.p7s
Description: S/MIME Cryptographic Signature

Re: Good email client to use with Dovecot?

[Larry Rosenman]

Really old, but works well with Dovecot, doesn't cache a lot, and probably
would work
real well is:

mulberry
http://www.mulberrymail.com

Yes, it's dated, but still runs :)



On Thu, Nov 17, 2016 at 9:58 AM, Steve Litt 
wrote:

> On Thu, 17 Nov 2016 14:11:45 +0100
> Jochen Bern  wrote:
>
> > On 11/17/2016 08:48 AM, Steve Litt wrote:
> > > When I use an email client, its purpose is as a window into my
> > > Dovecot IMAP, and as a mechanism to reply to and send emails. I
> > > don't do filtering or calendaring on my email client (filtering via
> > > procmail direct to Dovecot).
> > >
> > > What email clients are all of you using to look at your IMAP
> > > email?
> >
> > Plaintext or HTML mails?
>
> I like the ability to see some sort of representation of the links in
> incoming HTML email. I would never send HTML email.
>
> > OpenPGP?
>
> I don't use that today, but probably will in the future.
>
>
> > S/MIME?
>
> Not necessary.
>
> > Do you like to see your
> > e-mails arranged into threads, or just sorted by some property (be
> > that sender, date, or whatever)?
>
> I could live without the ability to thread. It seems to not work right,
> probably because of various senders' misuse. When I want to look at a
> thread, I usually just sort on subject.
>
> > What's your archiving system, many
> > or few folders, flat or hierarchical?
>
> Archiving is achieved in my Dovecot Maildir tree. For fast moving
> folders like INBOX and my local LUG (GoLUG), every year I move this
> year's messages to, for instance, OLDFOLDERS->GoLUG->2015. I have
> somewhere between 75 and 200 folders, and tend to go about 4 levels deep
> in the hierarchy, although most of my most active folders are 1 level
> down from the account itself. For backup, I use rsync to a backup
> server, and back up the whole Dovecot tree.
>
> > Do you work remote,
>
> Sometimes. Through a pinhole in my firewall, via dynamic dns.
>
> > how good's
> > the connection to the IMAP server,
>
> Varies.
>
> > do you need the capability to work
> > on a local cache while the server cannot be reached ("detached IMAP",
> > I've seen it called)?
>
> No. If I can't do email at a particular time, I'll go somewhere else
> where I can.
>
> >
> > I switched from tkRat (a.k.a. ratatosk) to Thunderbird when I had a
> > need to do "detached IMAP" (and tkRat repeatedly trashed my entire
> > INBOX when I tried).
>
> Did the corruption happen when you messed with it to try to work
> offline, or do you mean that usage during failure to connect caused
> corruption? Did it corrupt the IMAP you were trying to connect to, or
> just a cache?
>
> >  tkRat had interesting features (preselected
> > primary archive folder per folder you're reading, "folders" that
> > actually are views of a local database, minimalistic enough to bridge
> > the distance with X11 instead of IMAP), but hasn't seen further
> > development in ages.
> >
> > With Thunderbird,
>
> Here's why I can't use Thunderbird:
>
> [slitt@mydesk Maildir]$ find ~/mail/Maildir | wc -l
> 625262
> [slitt@mydesk Maildir]$ find ~/mail/Maildir -type d | wc -l
> 1241
> [slitt@mydesk Maildir]$
>
> I have over 620K emails in over 1000 folders. This turns Thunderbird
> into an all day affair, just to refresh its caches.
>
> Thanks,
>
> SteveT
>
> Steve Litt
> November 2016 featured book: Quit Joblessness: Start Your Own Business
> http://www.troubleshooters.com/startbiz
>



-- 
Larry Rosenman http://www.lerctr.org/~ler
Phone: +1 214-642-9640 (c) E-Mail: larry...@gmail.com
US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281

Re: Good email client to use with Dovecot?

[Michael A. Peters]

On 11/16/2016 11:48 PM, Steve Litt wrote:

Hi all,

When I use an email client, its purpose is as a window into my Dovecot
IMAP, and as a mechanism to reply to and send emails. I don't do
filtering or calendaring on my email client (filtering via procmail
direct to Dovecot).

What email clients are all of you using to look at your IMAP email?

Thanks,

SteveT


Thunderbird on the Desktop and K9 on Android and roundcube for webmail.

Re: Good email client to use with Dovecot?

[Steve Litt]

On Thu, 17 Nov 2016 14:11:45 +0100
Jochen Bern  wrote:

> On 11/17/2016 08:48 AM, Steve Litt wrote:
> > When I use an email client, its purpose is as a window into my
> > Dovecot IMAP, and as a mechanism to reply to and send emails. I
> > don't do filtering or calendaring on my email client (filtering via
> > procmail direct to Dovecot).
> > 
> > What email clients are all of you using to look at your IMAP
> > email?  
> 
> Plaintext or HTML mails? 

I like the ability to see some sort of representation of the links in
incoming HTML email. I would never send HTML email.

> OpenPGP? 

I don't use that today, but probably will in the future.


> S/MIME? 

Not necessary.

> Do you like to see your
> e-mails arranged into threads, or just sorted by some property (be
> that sender, date, or whatever)? 

I could live without the ability to thread. It seems to not work right,
probably because of various senders' misuse. When I want to look at a
thread, I usually just sort on subject.

> What's your archiving system, many
> or few folders, flat or hierarchical? 

Archiving is achieved in my Dovecot Maildir tree. For fast moving
folders like INBOX and my local LUG (GoLUG), every year I move this
year's messages to, for instance, OLDFOLDERS->GoLUG->2015. I have
somewhere between 75 and 200 folders, and tend to go about 4 levels deep
in the hierarchy, although most of my most active folders are 1 level
down from the account itself. For backup, I use rsync to a backup
server, and back up the whole Dovecot tree.

> Do you work remote, 

Sometimes. Through a pinhole in my firewall, via dynamic dns.

> how good's
> the connection to the IMAP server, 

Varies.

> do you need the capability to work
> on a local cache while the server cannot be reached ("detached IMAP",
> I've seen it called)?

No. If I can't do email at a particular time, I'll go somewhere else
where I can.

> 
> I switched from tkRat (a.k.a. ratatosk) to Thunderbird when I had a
> need to do "detached IMAP" (and tkRat repeatedly trashed my entire
> INBOX when I tried).

Did the corruption happen when you messed with it to try to work
offline, or do you mean that usage during failure to connect caused
corruption? Did it corrupt the IMAP you were trying to connect to, or
just a cache? 

>  tkRat had interesting features (preselected
> primary archive folder per folder you're reading, "folders" that
> actually are views of a local database, minimalistic enough to bridge
> the distance with X11 instead of IMAP), but hasn't seen further
> development in ages.
> 
> With Thunderbird, 

Here's why I can't use Thunderbird:

[slitt@mydesk Maildir]$ find ~/mail/Maildir | wc -l
625262
[slitt@mydesk Maildir]$ find ~/mail/Maildir -type d | wc -l
1241
[slitt@mydesk Maildir]$ 

I have over 620K emails in over 1000 folders. This turns Thunderbird
into an all day affair, just to refresh its caches.

Thanks,
 
SteveT

Steve Litt 
November 2016 featured book: Quit Joblessness: Start Your Own Business
http://www.troubleshooters.com/startbiz

Re: dovecot Digest, Vol 163, Issue 34

[J. Nick Koston]

Aki,

Multiple local_names would be ideal to accommodate certificates that have 
multiple names.  The way I’m reading the code it looks like its having to pay 
for the memory for every name on the certificate because a unique CTX is being 
created for each name even if they are all on a single certificate.

This would be a big memory win for anyone using a certificate with multiple 
names on it.

Thanks
-Nick
cPanel Inc


>> 
> 
> Dear Aki et al.,
> 
>   How straightforward would it be to implement the following or similar 
> syntax:
> 
> local_name foo.tld www.foo.tld mail.foo.tld bar.tld {
>...
> }
> 
> ??
> 
>   Thank you!
> 
> -FG
> 
> --
> 
> Subject: Digest Footer
> 
> ___
> dovecot mailing list
> dovecot@dovecot.org
> http://dovecot.org/cgi-bin/mailman/listinfo/dovecot
> 
> --
> 
> End of dovecot Digest, Vol 163, Issue 34
> 



smime.p7s
Description: S/MIME cryptographic signature

Re: Good email client to use with Dovecot?

[Jochen Bern]

On 11/17/2016 08:48 AM, Steve Litt wrote:
> When I use an email client, its purpose is as a window into my Dovecot
> IMAP, and as a mechanism to reply to and send emails. I don't do
> filtering or calendaring on my email client (filtering via procmail
> direct to Dovecot).
> 
> What email clients are all of you using to look at your IMAP email?

Plaintext or HTML mails? OpenPGP? S/MIME? Do you like to see your
e-mails arranged into threads, or just sorted by some property (be that
sender, date, or whatever)? What's your archiving system, many or few
folders, flat or hierarchical? Do you work remote, how good's the
connection to the IMAP server, do you need the capability to work on a
local cache while the server cannot be reached ("detached IMAP", I've
seen it called)?

I switched from tkRat (a.k.a. ratatosk) to Thunderbird when I had a need
to do "detached IMAP" (and tkRat repeatedly trashed my entire INBOX when
I tried). tkRat had interesting features (preselected primary archive
folder per folder you're reading, "folders" that actually are views of a
local database, minimalistic enough to bridge the distance with X11
instead of IMAP), but hasn't seen further development in ages.

With Thunderbird, there's a couple plugins I wouldn't want to part with.
Lightning for the calendaring, Enigmail for OpenPGP support, Allow HTML
Temp to stay with a default everything-as-plaintext setup but still
being able to quickly grok the occasional "my answers below in red"
reply, QuickFolders to have a bar of main archive folders I can
drag read e-mails into. Address Close Button occupies the "not
*quite that* essential" rung.

Kind regards,
-- 
Jochen Bern
Systemingenieur

Fon:+49 6151 9067-231
Fax:+49 6151 9067-290
E-Mail: jochen.b...@binect.de

www.binect.de
www.facebook.de/binect

Binect GmbH

Robert-Koch-Straße 9, 64331 Weiterstadt, DE

Geschäftsführung: Christian Ladner, Dr. Frank Wermeyer, Nils Manegold
Unternehmenssitz: Weiterstadt
Register: Amtsgericht Darmstadt, HRB 94685
Umsatzsteuer-ID:  DE 221 302 264

MAX 21-Unternehmensgruppe
✁
Diese E-Mail kann vertrauliche Informationen enthalten. Wenn Sie nicht
der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben,
informieren Sie bitte sofort den Absender und vernichten Sie diese
E-Mail. Das unerlaubte Kopieren, sowie die unbefugte Weitergabe dieser
Mail oder von Teilen dieser Mail ist nicht gestattet. Jede von der
Binect GmbH versendete Mail ist sorgfältig erstellt worden, dennoch
schließen wir die rechtliche Verbindlichkeit aus; sie kann nicht zu
einer irgendwie gearteten Verpflichtung zu Lasten der Binect GmbH
ausgelegt werden. Wir haben alle verkehrsüblichen Maßnahmen unternommen,
um das Risiko der Verbreitung virenbefallener Software oder E-Mails zu
minimieren, dennoch raten wir Ihnen, Ihre eigenen Virenkontrollen auf
alle Anhänge an dieser Nachricht durchzuführen.
Wir schließen, außer für den Fall von Vorsatz oder grober
Fahrlässigkeit, die Haftung für jeglichen Verlust oder Schäden durch
virenbefallene Software oder E-Mail aus.

This e-mail may contain confidential and/or privileged information. If
you are not the intended recipient (or have received this e-mail in
error) please notify the sender immediately and destroy this e-mail. Any
unauthorized copying, disclosure or distribution of contents of this
e-mail is strictly prohibited. All Binect GmbH emails are created
thoroughly, nevertheless we do not accept any legal obligation for the
information and wording contained herein. Binect GmbH has taken
precautionary measures to reduce the risk of possible distribution of
virus infected software or emails. However, we advise you to check
attachments to this email for viruses. Except for cases of intent or
gross negligence, we cannot accept any legal obligation for loss or
damage by virus infected software.



smime.p7s
Description: S/MIME Cryptographic Signature

Re: Good email client to use with Dovecot?

[Andrew Beverley]

On Thu, 17 Nov 2016 02:48:52 Steve Litt  wrote:
> What email clients are all of you using to look at your IMAP email?

I'm currently using Sylpheed, which is lightweight and fast, but
relatively basic (e.g. no HTML support).

I keep meaning to try out Trojitá, which is apparently also very fast,
as well as being very standards compliant. It uses an IMAP server for
as much functionality as possible, so I suspect it would work well with
Dovecot.

Other than that, if you want something new and shiny, try Geary.
Personally I didn't like it much, as it implements a "conversation
mode", making traditional in-line posting and so on more difficult.

I've tried Thunderbird, but it was too sluggish for my PC.

Andy

Re: Good email client to use with Dovecot?

[Ralph Seichter]

On 17.11.2016 08:48, Steve Litt wrote:

> What email clients are all of you using to look at your IMAP email?

I prefer Mozilla Thunderbird. It runs on Linux, macOS and Windows; works
nicely with all sorts of IMAP servers; handles mailing lists well; and
the multiple-identity-support (more than one sender address per IMAP
account) is very important for me as well.

-Ralph

Re: Good email client to use with Dovecot?

[Marc Stürmer]

Am 2016-11-17 08:48, schrieb Steve Litt:


When I use an email client, its purpose is as a window into my Dovecot
IMAP, and as a mechanism to reply to and send emails. I don't do
filtering or calendaring on my email client (filtering via procmail
direct to Dovecot).

What email clients are all of you using to look at your IMAP email?


Most of the day I am using the Horde Webmailer IMP (www.horde.org), 
because I've got my web browser running the whole time anyway and I am 
too lazy to wait until Thunderbird launched.


Horde integrates IMAP very well and even has support for running and 
managing SIEVE-Scripts, PGP, S/MIME and other, fancy stuff. It is real a 
very well rounded, good for daily work mail client.


Contra is that you cannot change the theme at all, and if you wish to 
extend it, you might be off better with other stuff. But until you 
really reach this point you've got to walk some miles...


2nd preference then, as desktop client, is Thunderbird. Hard to beat 
IMAP support and if it cannot do a thing you want, there already might 
be an extension around somewhere...


What to avoid like the pest is Outlook. Microsoft crippled the IMAP 
support in it starting with version 2010 on purpose to promote their own 
server technology on many levels. Using IMAP with Outlook is no fun, so 
just don't do it and if you need Outlook, you are better off with 
Microsofts own tech stuff instead of IMAP.

Re: dovecot pre-install issue

[soumi...@iitk.ac.in]

Hi,

Thanks for the information. But still not sure about which dovecot 
version to choose. Any more help from developers/gurus can be a help. I 
am open to dovecot enterprise release, if it can satisfy my queries.


Regarding dovecot director, I am presently planning for option1, you 
have mentioned.


1) 200,000 IOPS (my next 5 years requirement) is possible with NFS, as 
claimed by EMC, Netapp; and I am planning to go for it. I am not in 
favour of NFS with dovecot, but out existing setup is based on NFS and 
migration will be easy. I am open for any improved storage solution 
instead of NFS.


2) I guess, the partitioning of users requires a careful planning due to 
different quota demand. presently I am trying to avoid this.


Any help in choosing appropriate dovecot version is appreciated.

Soumitri Mishra
http://home.iitk.ac.in/~soumitri/



Hi,

I understand your concerns about new versions and bug fixing, but 
after running this system for more than 3 year, trying to keep up to 
date all the time… needed a rest. That why we moved to the “out of the 
box” version, and let’s see. And it works.


About the director. There is 2 ways to use it:

1. you have multiple front end for some NFS or other single storage, 
it should balance the load between them. I tried it, but EMC, NetApp 
or other wouldn’t handle the IO/s, and that’s where there must be some 
limitations in remote FS (mainly on indexing).


2. you spread your users between 2 or more storage machines (that’s 
what we do, 12 of them currently) that each run dovecot. You can 
define in you DB the IP where your user’s mail is stored, and the 
director will redirect whatever protocol (IMAP. POP3, LMPT, Sieve) to 
the machine where the user belong. When we did the move from NFS to 
that solution, the load on all the servers were reduce by at least 50 
to 60%… if not more. And it allowed us to move from 7 webmail/pop3 
front end to 2, and 5 MXs to 2,  using 2.2.10 from CentOS 7.


About the new features… well it does look good. But 2.2.10 still allow 
you to run remote doveadm commands, so not ready to move yet. Even 
though I do like it, but so much to do, and so little time to do it...


Regards,

Panic: file dsync-brain-mailbox.c: line 814 ...

[Sander Lepik]

Hi!

We have 2 servers replicating each other and after upgrade to 2.2.26.0
we are seeing this in the logs:

Primary server:

Nov 17 09:37:39 mailhost01 dovecot: dsync-server(u...@domain.ee): Panic:
file dsync-brain-mailbox.c: line 814 (dsync_brain_slave_recv_mailbox):
assertion failed: (memcmp(dsync_box->mailbox_guid,
local_dsync_box.mailbox_guid, sizeof(dsync_box->mailbox_guid)) == 0)
Nov 17 09:37:39 mailhost01 dovecot: dsync-server(u...@domain.ee): Error:
Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x9438e)
[0x7f3ccceb238e] -> /usr/lib/dovecot/libdovecot.so.0(+0x9447c)
[0x7f3ccceb247c] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0)
[0x7f3ccce4ba4e] ->
dovecot/doveadm-server(dsync_brain_slave_recv_mailbox+0x3d8)
[0x7f3ccd8f66f8] -> dovecot/doveadm-server(dsync_brain_run+0x650)
[0x7f3ccd8f4110] -> dovecot/doveadm-server(+0x4143b) [0x7f3ccd8f443b] ->
dovecot/doveadm-server(+0x5735f) [0x7f3ccd90a35f] ->
/usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x4c) [0x7f3cccec6bdc]
-> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0x10a)
[0x7f3cccec809a] ->
/usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x25)
[0x7f3cccec6c65] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x38)
[0x7f3cccec6e08] -> dovecot/doveadm-server(+0x26b99) [0x7f3ccd8d9b99] ->
dovecot/doveadm-server(+0x28efc) [0x7f3ccd8dbefc] ->
dovecot/doveadm-server(+0x3daba) [0x7f3ccd8f0aba] ->
/usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x4c) [0x7f3cccec6bdc]
-> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0x10a)
[0x7f3cccec809a] ->
/usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x25)
[0x7f3cccec6c65] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x38)
[0x7f3cccec6e08] ->
/usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13)
[0x7f3ccce51f53] -> dovecot/doveadm-server(main+0x19f) [0x7f3ccd8ccdef]
-> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5)
[0x7f3ccca94b45] -> dovecot/doveadm-server(+0x19ea6) [0x7f3ccd8ccea6]
Nov 17 09:37:39 mailhost01 dovecot: dsync-server(u...@domain.ee): Fatal:
master: service(doveadm): child 42621 killed with signal 6 (core dumps
disabled)

Secondary server:

Nov 17 09:37:40 secondarymailhost01 dovecot:
dsync-local(u...@domain.ee): Error: read(mailhost01.domeen.ee) failed:
EOF (last sent=mailbox, last recv=mailbox_state)

I'm guessing that it happens during automatic full resync, but that's
just guessing.

OS is Debian 8 (x86_64) and Dovecot is recompiled from Debian's unstable
repository.

-- 
Sander

Re: BUG: nopassword doesn't work with CRAM-MD5

[Adrian POPA]

On 17.11.2016 10:30, Arkadiusz Miśkiewicz wrote:

On Thursday 17 of November 2016, Aki Tuomi wrote:

On 17.11.2016 10:14, Arkadiusz Miśkiewicz wrote:

Hello.

dovecot 2.2.26.0

When testing nopassword extra field
(http://wiki2.dovecot.org/PasswordDatabase/ExtraFields) with CRAM-MD5
dovecot doesn't allow any password (while it should) and returns

" Authentication failed"

while in logs:

Nov 17 08:22:34 auth-worker(1551): Info:
sql(pepe,127.0.0.1,): Requested CRAM-MD5 scheme, but we
have a NULL password

NULL is there because our sql query returns empty password just like wiki
says "nopassword:  you want to allow all passwords, use an empty
password and this field. "


If password is returned in sql query then it fails, too:

Nov 17 09:00:49 auth-worker(2206): Error:
sql(pepe,127.0.0.1,): nopassword set but password is
non- empty

So looks to be a bug.

It's not a bug. CRAM-MD5 does in fact require *some* password to work,

Provide fake/random one for nopassword internally.


you can either store it with doveadm pw -S CRAM-MD5 or as plain text
password.

Then I get


sql(pepe,127.0.0.1,): nopassword set but password is
non- empty

So that doesn't help

btw. doveadm pw -S is not documented, so no idea what it does


Aki
Sorry to bump into your conversation but Aki is defending too hard 
something that is realy a bug.

I have signaled myself this issue in the "very old" version 2.2.9(!)
nopassword means ANY password (including none). One cannot store 
something like ANY with doveadm, SQL or anything.
So with "nopassword" the query should simply ignore the password field 
(missing, NULL or set to anything else).
Why would an user login with nopassword? This is an administrator 
decision and is not subject for comments.
My problem was with LDA who refuses to store mail in INBOX if the user 
is not properly authenticated (nopassword) so you cannot receive mails 
for "hidden" users that cannot login, maybe to redirect mails later or 
do some other things with.


Adrian

Re: BUG: nopassword doesn't work with CRAM-MD5

[Arkadiusz Miśkiewicz]

On Thursday 17 of November 2016, Aki Tuomi wrote:
> On 17.11.2016 10:30, Arkadiusz Miśkiewicz wrote:
> > On Thursday 17 of November 2016, Aki Tuomi wrote:
> >> On 17.11.2016 10:14, Arkadiusz Miśkiewicz wrote:
> >>> Hello.
> >>> 
> >>> dovecot 2.2.26.0
> >>> 
> >>> When testing nopassword extra field
> >>> (http://wiki2.dovecot.org/PasswordDatabase/ExtraFields) with CRAM-MD5
> >>> dovecot doesn't allow any password (while it should) and returns
> >>> 
> >>> " Authentication failed"
> >>> 
> >>> while in logs:
> >>> 
> >>> Nov 17 08:22:34 auth-worker(1551): Info:
> >>> sql(pepe,127.0.0.1,): Requested CRAM-MD5 scheme, but
> >>> we have a NULL password
> >>> 
> >>> NULL is there because our sql query returns empty password just like
> >>> wiki says "nopassword:  you want to allow all passwords, use an empty
> >>> password and this field. "
> >>> 
> >>> 
> >>> If password is returned in sql query then it fails, too:
> >>> 
> >>> Nov 17 09:00:49 auth-worker(2206): Error:
> >>> sql(pepe,127.0.0.1,): nopassword set but password is
> >>> non- empty
> >>> 
> >>> So looks to be a bug.
> >> 
> >> It's not a bug. CRAM-MD5 does in fact require *some* password to work,
> > 
> > Provide fake/random one for nopassword internally.
> > 
> >> you can either store it with doveadm pw -S CRAM-MD5 or as plain text
> >> password.
> > 
> > Then I get
> > 
> >>> sql(pepe,127.0.0.1,): nopassword set but password is
> >>> non- empty
> > 
> > So that doesn't help
> > 
> > btw. doveadm pw -S is not documented, so no idea what it does
> > 
> >> Aki
> 
> sorry, typo.
> 
> Ment doveadm pw -s CRAM-MD5
> 
> How do you perceive user login works with CRAM-MD5 if you do not provide
> *any* password for the user? 

I can provide it and I want to do that but nopassword doesn't let me.

> Some passdb backend must provide a password
> for the user, if you want to load extra attributes from alternative
> backend, use noauthenticate instead of nopassword, but make sure the
> last passdb can authenticate the user.

Ok, I'll try noauthenticate.

> 
> Aki


-- 
Arkadiusz Miśkiewicz, arekm / ( maven.pl | pld-linux.org )

Re: BUG: nopassword doesn't work with CRAM-MD5

[Aki Tuomi]

On 17.11.2016 10:30, Arkadiusz Miśkiewicz wrote:
> On Thursday 17 of November 2016, Aki Tuomi wrote:
>> On 17.11.2016 10:14, Arkadiusz Miśkiewicz wrote:
>>> Hello.
>>>
>>> dovecot 2.2.26.0
>>>
>>> When testing nopassword extra field
>>> (http://wiki2.dovecot.org/PasswordDatabase/ExtraFields) with CRAM-MD5
>>> dovecot doesn't allow any password (while it should) and returns
>>>
>>> " Authentication failed"
>>>
>>> while in logs:
>>>
>>> Nov 17 08:22:34 auth-worker(1551): Info:
>>> sql(pepe,127.0.0.1,): Requested CRAM-MD5 scheme, but we
>>> have a NULL password
>>>
>>> NULL is there because our sql query returns empty password just like wiki
>>> says "nopassword:  you want to allow all passwords, use an empty
>>> password and this field. "
>>>
>>>
>>> If password is returned in sql query then it fails, too:
>>>
>>> Nov 17 09:00:49 auth-worker(2206): Error:
>>> sql(pepe,127.0.0.1,): nopassword set but password is
>>> non- empty
>>>
>>> So looks to be a bug.
>> It's not a bug. CRAM-MD5 does in fact require *some* password to work,
> Provide fake/random one for nopassword internally.
>
>> you can either store it with doveadm pw -S CRAM-MD5 or as plain text
>> password.
> Then I get
>
>>> sql(pepe,127.0.0.1,): nopassword set but password is
>>> non- empty
> So that doesn't help
>
> btw. doveadm pw -S is not documented, so no idea what it does
>
>> Aki
sorry, typo.

Ment doveadm pw -s CRAM-MD5

How do you perceive user login works with CRAM-MD5 if you do not provide
*any* password for the user? Some passdb backend must provide a password
for the user, if you want to load extra attributes from alternative
backend, use noauthenticate instead of nopassword, but make sure the
last passdb can authenticate the user.

Aki

Re: BUG: nopassword doesn't work with CRAM-MD5

[Arkadiusz Miśkiewicz]

On Thursday 17 of November 2016, Aki Tuomi wrote:
> On 17.11.2016 10:14, Arkadiusz Miśkiewicz wrote:
> > Hello.
> > 
> > dovecot 2.2.26.0
> > 
> > When testing nopassword extra field
> > (http://wiki2.dovecot.org/PasswordDatabase/ExtraFields) with CRAM-MD5
> > dovecot doesn't allow any password (while it should) and returns
> > 
> > " Authentication failed"
> > 
> > while in logs:
> > 
> > Nov 17 08:22:34 auth-worker(1551): Info:
> > sql(pepe,127.0.0.1,): Requested CRAM-MD5 scheme, but we
> > have a NULL password
> > 
> > NULL is there because our sql query returns empty password just like wiki
> > says "nopassword:  you want to allow all passwords, use an empty
> > password and this field. "
> > 
> > 
> > If password is returned in sql query then it fails, too:
> > 
> > Nov 17 09:00:49 auth-worker(2206): Error:
> > sql(pepe,127.0.0.1,): nopassword set but password is
> > non- empty
> > 
> > So looks to be a bug.
> 
> It's not a bug. CRAM-MD5 does in fact require *some* password to work,

Provide fake/random one for nopassword internally.

> you can either store it with doveadm pw -S CRAM-MD5 or as plain text
> password.

Then I get

> > sql(pepe,127.0.0.1,): nopassword set but password is
> > non- empty

So that doesn't help

btw. doveadm pw -S is not documented, so no idea what it does

> Aki

-- 
Arkadiusz Miśkiewicz, arekm / ( maven.pl | pld-linux.org )

Re: BUG: nopassword doesn't work with CRAM-MD5

[Aki Tuomi]

On 17.11.2016 10:14, Arkadiusz Miśkiewicz wrote:
> Hello.
>
> dovecot 2.2.26.0
>
> When testing nopassword extra field 
> (http://wiki2.dovecot.org/PasswordDatabase/ExtraFields) with CRAM-MD5 dovecot 
> doesn't allow any password (while it should) and returns
>
> " Authentication failed"
>
> while in logs:
>
> Nov 17 08:22:34 auth-worker(1551): Info: 
> sql(pepe,127.0.0.1,): Requested CRAM-MD5 scheme, but we 
> have 
> a NULL password 
>
> NULL is there because our sql query returns empty password just like wiki 
> says 
> "nopassword:  you want to allow all passwords, use an empty password and this 
> field. "
>
>
> If password is returned in sql query then it fails, too:
>
> Nov 17 09:00:49 auth-worker(2206): Error: 
> sql(pepe,127.0.0.1,): nopassword set but password is non-
> empty
>
> So looks to be a bug.

It's not a bug. CRAM-MD5 does in fact require *some* password to work,
you can either store it with doveadm pw -S CRAM-MD5 or as plain text
password.

Aki

BUG: nopassword doesn't work with CRAM-MD5

[Arkadiusz Miśkiewicz]

Hello.

dovecot 2.2.26.0

When testing nopassword extra field 
(http://wiki2.dovecot.org/PasswordDatabase/ExtraFields) with CRAM-MD5 dovecot 
doesn't allow any password (while it should) and returns

" Authentication failed"

while in logs:

Nov 17 08:22:34 auth-worker(1551): Info: 
sql(pepe,127.0.0.1,): Requested CRAM-MD5 scheme, but we have 
a NULL password 

NULL is there because our sql query returns empty password just like wiki says 
"nopassword:  you want to allow all passwords, use an empty password and this 
field. "


If password is returned in sql query then it fails, too:

Nov 17 09:00:49 auth-worker(2206): Error: 
sql(pepe,127.0.0.1,): nopassword set but password is non-
empty

So looks to be a bug.
-- 
Arkadiusz Miśkiewicz, arekm / ( maven.pl | pld-linux.org )

Dovecot proxy

[Gandalf Corvotempesta]

Hi to all
I have some *production* pop3/inappropriate server that i would like to
move under a proxy

Some questions:
1. Keeping the same original hostname on the proxy (in example
mail.mydomain.tld)
and changing the hostname on the imap server, makes some troubles like MUA
redownloading all the messages?
Is dovecot (running on the imap server) happy seeing the hostname change?
What about maildirs, where the hostname is wrote on the mail file?

2. Dovecot proxy will proxy the whole pop3/imap traffic or only the login
auth?
I don't want to expose the mailservers to internet, all imap session must
be proxied through the proxy.
this because I'll use local IPs on each mail server.

3. Performance for the proxy server?
The same as the mailserver or higher due to the missing email computation?
In example,  the proxy doesn't have to access disks or emails data but has
only
to transmit what the mailserver osd saying

4. Like question 3, any real users for the proxy?
I would like to know some info about hardware and userbase (in example:
dual quad xeon 5600, 32Gb ram, 10.000 concurrent sessions)
In my case I'm planning for about 100 active sessions. Can i use a small
EC2 instance?