Re: 10-ssl ssl = no but dovecot still reads certs
On 16 Jun 2017, at 10:29, li...@lazygranch.com wrote: I'm bringing up a new email server starting without TLS initially. In 10-ssl.conf I set ssl = no, but the default ssl_cert and ssl_key lines are not commented out. I got the obvious error message: -- doveconf: Fatal: Error in configuration file /usr/local/etc/dovecot/conf.d/10-ssl.conf line 12: ssl_cert: Can't open file /etc/ssl/certs/dovecot.pem: No such file or directory /usr/local/etc/rc.d/dovecot: WARNING: failed to start dovecot -- No big deal, but I don't remember this being an issue the last time I set up a server. You would think if ssl=no, the ssl_cert and ssl_key files would not be opened. My guess is you have set ssl_cert=fails to read the file. At that stage it has no idea that ssl=no makes that file irrelevant - only much later will Dovecot ignore the value of ssl_cert because ssl=no, but it never gets there because this initial stage of reading the config has already failed. This is, as I recall it, the sensible explanation I got from one of the Dovecot developers. Kind regards, -- Peter van Dijk PowerDNS.COM BV - https://www.powerdns.com/
Re: Corrupt index files
On Fri, Jul 21, 2017 at 03:25:39PM -0600, Bruce Guenter wrote: > We had been using a loadbalancer with persistence to reduce the > problems, and today I switched to everything running on a single box to > avoid any cross-node contention. Unfortunately, the problem still > happens, even when they were all running imap on a single box. I just confirmed this. One of the mailboxes was deleted and recreated from scratch, and since recreation it has only been accessed on a single box. It *still* is having corrupt index problems. This is not just caused by accessing the mailboxes on different servers. -- Bruce Guenterhttp://untroubled.org/ signature.asc Description: Digital signature
Re: under some kind of attack
Hi Joseph, On 07/21/2017 10:17 PM, Joseph Tam wrote: As per my post: checkpassword. You can then use one password on Mondays, Wednesdays, and Fridays, alternate passwords on Tuesdays and Thursday fetched from a rot-13 database, and only from prime numbered IP addresses on weekends, if that's what you want. Having read the wiki page on checkpassword, I am unsure how this would work with an ldap backend. Could you elaborate on that? Best, MJ
Re: Corrupt index files
On Fri, Jul 21, 2017 at 08:50:16PM +0200, Robert Schetterer wrote: > you should avoid this > one solution is to use loadbalancers with persistance We had been using a loadbalancer with persistence to reduce the problems, and today I switched to everything running on a single box to avoid any cross-node contention. Unfortunately, the problem still happens, even when they were all running imap on a single box. We are moving to a director type setup instead of a persistent load balancer to eliminate the last source of cross-node access. > i think you could rare the corrupt > with optimize settings > to i.e > > mail_fsync = always > mmap_disable = yes I have those, but... > mail_nfs_storage = yes > mail_nfs_index = yes I missed seeing those. Thanks -- Bruce Guenterhttp://untroubled.org/ signature.asc Description: Digital signature
Re: Return extra fields from passwd userdb
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Michele Petrella wrote: > Hi, > > each user exists in one db. > > I changed configuration: > > # 2.2.29.1 (e0b76e3): /var/etc/dovecot/dovecot.conf # Pigeonhole > version 0.4.18 (29cc74d) # OS: Linux 3.10.55-gentoo i686 SuSE > Linux 7.1 (i386) auth_debug = yes debug_log_path = > /var/log/dovecot/dovecot_debug.log disable_plaintext_auth = no > info_log_path = /var/log/state.mail/dovecot.pipe log_path = > /var/log/dovecot/dovecot.log mail_debug = yes mail_gid = users > mail_location = maildir:~/.maildir mail_plugins = acl quota > mail_shared_explicit_inbox = yes mail_uid = vmail > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope > encoded-character vacation subaddress comparator-i;ascii-numeric > relational regex imap4flags copy include variables body enotify > environment mailbox date ihave duplicate namespace { list = yes > location = maildir:/data/home/vmail/public prefix = Public/ > separator = / subscriptions = no type = public } namespace { list = > children location = > maildir:/data/home/%%n/.maildir:INDEX=~/.maildir/shared/%%u prefix > = Shared/%%u/ separator = / subscriptions = no type = shared } > namespace inbox { inbox = yes list = yes location = mailbox > Cestino { special_use = \Trash } mailbox Drafts { special_use = > \Drafts } mailbox Junk { special_use = \Junk } mailbox "Posta > inviata" { special_use = \Sent } mailbox Sent { special_use = \Sent > } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { > special_use = \Trash } prefix = separator = / subscriptions = yes > type = private } passdb { args = /etc/dovecot/passwd.masterusers > driver = passwd-file master = yes } passdb { args = > /var/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } passdb { > driver = passwd skip = authenticated } plugin { acl = > vfile:/etc/dovecot/acl:cache_secs=300 acl_shared_dict = > file:/var/lib/dovecot-dict/shared-mailboxes quota = maildir:User > quota quota_rule = *:storage=5M quota_rule2 = Trash:storage=+100M > quota_rule3 = SPAM:ignore sieve = ~/.dovecot.sieve sieve_before = > /var/etc/dovecot/sieve/general/ sieve_dir = ~/sieve > sieve_execute_bin_dir = /usr/local/bin/dovecot/sieve-execute > sieve_filter_bin_dir = /usr/local/bin/dovecot/sieve-filter > sieve_global_dir = /var/etc/dovecot/sieve/global/ > sieve_global_extensions = +vnd.dovecot.execute +vnd.dovecot.filter > +vnd.dovecot.pipe +editheader sieve_pipe_bin_dir = > /usr/local/bin/dovecot/sieve-pipe sieve_plugins = sieve_extprograms > } protocols = imap pop3 lmtp sieve service auth { unix_listener > auth-userdb { group = users } } service imap-postlogin { executable > = script-login /usr/local/bin/imap-postlogin.sh user = > $default_internal_user } service imap { executable = imap > imap-postlogin } ssl_cert = > args = /var/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } > userdb { driver = passwd } protocol lda { info_log_path = > /var/log/dovecot/dovecot-lda.log log_path = > /var/log/dovecot/dovecot-lda.log mail_plugins = acl quota sieve } > protocol imap { mail_max_userip_connections = 20 mail_plugins = > acl quota imap_acl imap_quota } > > > File /var/etc/dovecot/dovecot-ldap.conf.ext is: > > hosts = localhost base = ou=mnusers,dc=majornet,dc=local > user_attrs = quota_rule=*:bytes=%{ldap:quotaBytes} > > > But when I run: doveadm -D quota get -u afasystems Well, first try this: doveadm user afasystems All extra fields should be displayed (quotaByte only in your example). Then verify that this user has quotaBytes at all ldapsearch -B ou=mnusers,dc=majornet,dc=local user=afasystems quotaBytes Then look here: https://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb user_attrs = \ =home=%{ldap:homeDirectory}, \ =uid=%{ldap:uidNumber}, \ =gid=%{ldap:gidNumber} all mappings using %{ldap:...} have a "=" prefixed before the settings name Then re-try doveadm user > > No extra field is returned: doveadm(root): Debug: Loading modules > from directory: /usr/lib/dovecot doveadm(root): Debug: Module > loaded: /usr/lib/dovecot/lib01_acl_plugin.so doveadm(root): Debug: > Module loaded: /usr/lib/dovecot/lib10_quota_plugin.so > doveadm(root): Debug: Loading modules from directory: > /usr/lib/dovecot/doveadm doveadm(root): Debug: Module loaded: > /usr/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so > doveadm(root): Debug: Skipping module doveadm_expire_plugin, > because dlopen() failed: > /usr/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so: undefined > symbol: expire_set_deinit (this is usually intentional, so just > ignore this message) doveadm(root): Debug: Module loaded: > /usr/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so > doveadm(root): Debug: Module loaded: > /usr/lib/dovecot/doveadm/lib10_doveadm_sieve_plugin.so > doveadm(root): Debug: Skipping module doveadm_fts_lucene_plugin, > because dlopen() failed: > /usr/lib/dovecot/doveadm/lib20_doveadm_fts_lucene_plugin.so: >
Re: under some kind of attack
mjwrote: - for external users, to ONLY be allowed to use an application specific password. (or username and password, fine as well) Step one: making ldap password authentication valid only from our internal network. I though: using allow_nets=192.168.1.0/24 for that passdb But I can't get that to work. :-( Unsure where exactly to define the allow_nets, tried many variations on the theme already. Perhaps someone can help with the step one, and also tell me if the approach outlined above is smart, valid and do-able in dovecot. As per my post: checkpassword. You can then use one password on Mondays, Wednesdays, and Fridays, alternate passwords on Tuesdays and Thursday fetched from a rot-13 database, and only from prime numbered IP addresses on weekends, if that's what you want. Gary Sellani writes: Not applicable to most installations, but I use geographical filtering on all ports other than 25. Fine if you are the only user of the email system. If you're the only user, moving the IMAP/POP service to a nonstandard port will do most of that with much less bother, and you won't lock yourself out, requiring a ssh/edit firewall/reconnect. Been there, done that. I get one hacker a week trying to guess passwords, and always from Digital Ocean VPS. ab...@digitalocean.com is fairly responsive. They usually nuke them pretty quickly. I would like to see statistics on the success of such brute force attacks. They can't be very successful these days. Even if the success rate is 0.1%, you can do the arithmetic to see that's still a huge number of accounts. But you're right, if you have anything resembling a sensible password policy, they're just a log bloating nuisance. Joseph Tam
Re: Corrupt index files
Am 21.07.2017 um 19:47 schrieb Bruce Guenter: > > I am running Dovecot IMAP on Linux, on a LizardFS storage cluster with > Maildir storage. This has worked well for most of the accounts for > several months. > > However in the last couple of weeks we are seeing increasing errors > regarding corrupted index files. you should avoid this one solution is to use loadbalancers with persistance and/or with i.e https://wiki2.dovecot.org/Director i dont know LizardFS but problems are somekind equal with all storage clusters and there are different solutions to handle this so i dont know what may the best at your place i would read and ask here for settings with storage clusters, a good start could be https://wiki2.dovecot.org/NFS https://wiki2.dovecot.org/SharedMailboxes/ClusterSetup https://wiki2.dovecot.org/MailLocation/SharedDisk Some of the accounts affected are > unable to retrieve messages due to timeouts. index settings and mailbox format has impact about this maildir mostly is self healing but that may fail sometimes on cluster > > It appeared the problems were due to the accounts being accessed from > multiple servers simultaneously, so I forced them all to access one > server, but the errors remained. It looks like it has something to do > with file locking, but LizardFS supports advisory file locking and I do > have it enabled. > > Deleting the corrupted indexes fixes the problem for a while, but it > eventually returns, particularly for some accounts. yeah that is perhaps per design > > Here are some errors I'm seeing (just a random grab). Actual home > directories are munged for confidentiality. > > imap[25157]: (clientes.standby) Error: Failed to fix view for > HOME/clientes:standby/dovecot.index: Missing middle file seq=1 (between 1..1, > we have seqs 8): File is already open > imap[5565]: (stadiumchair) Error: Transaction log file > HOME/stadiumchair/.Drafts/dovecot.index.log: marked corrupted > imap[5005]: (stadiumchair) Error: Corrupted transaction log file > HOME/stadiumchair/.Drafts/dovecot.index.log seq 2: indexid changed 1418941056 > -> 1500658549 (sync_offset=0) > imap[20243]: (martha) Error: Transaction log HOME/martha/dovecot.index.log: > duplicate transaction log sequence (539) > imap[4665]: (emsspam) Error: Index file HOME/emsspam/dovecot.index: indexid > changed: 1500658479 -> 1297175382 > imap[4665]: (emsspam) Error: Corrupted transaction log file > HOME/emsspam/dovecot.index.log seq 3: indexid changed: 1500658479 -> > 1297175382 (sync_offset=316) > imap[22985]: (emsspam) Error: Corrupted transaction log file > HOME/emsspam/dovecot.index.log seq 10742: Invalid transaction log size (9296 > vs 9296): HOME/emsspam/dovecot.index.log (sync_offset=9296) > imap[3267]: (emsspam) Error: Failed to map view for > HOME/emsspam/dovecot.index: Failed to map file seq=10742 > offset=9052..18446744073709551615 (ret=0): corrupted, indexid=0 > imap[3267]: (emsspam) Error: HOME/emsspam/dovecot.index view is inconsistent: > uid=3062271 inserted in the middle of mailbox > > The output of dovecot -n is pasted in below. Note that some of the boxes > are running 4.9, some running 4.4, all have the same problems. Also note > that I am using a custom authentication front end for our virtual > mailboxes, but it just sets up the minimal environment variables and > runs imap. > > Is there anything I can change to eliminate these problems? Are there > any other diagnostics I can provide to shed light on this? > > # 2.2.31 (65cde28): /etc/dovecot/dovecot.conf > # OS: Linux 4.4.66 x86_64 Gentoo Base System release 2.3 > log_path = /dev/stderr > mail_debug = yes > mail_fsync = always > mail_location = maildir:~/.maildir > mail_log_prefix = "%s[%p]: (%u) " > mmap_disable = yes > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = INBOX > separator = > type = private > } > passdb { > args = * > driver = pam > } > passdb { > args = /etc/dovecot/dovecot-sql.conf.ext > driver = sql > } > plugin { > mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename > } > ssl_cert = ssl_key = # hidden, use -P to show it > userdb { > driver = passwd > } > userdb { > args = /etc/dovecot/dovecot-sql.conf.ext > driver = sql > } > i think you could rare the corrupt with optimize settings to i.e mail_fsync = always mail_nfs_storage = yes mail_nfs_index = yes mmap_disable = yes etc but to fix it at all you may have to rethink your whole setup dovecot gurus may help and search the list archive about cluster setups Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Schleißheimer Straße 26/MG, 80333 München Sitz der Gesellschaft: München,
Corrupt index files
I am running Dovecot IMAP on Linux, on a LizardFS storage cluster with Maildir storage. This has worked well for most of the accounts for several months. However in the last couple of weeks we are seeing increasing errors regarding corrupted index files. Some of the accounts affected are unable to retrieve messages due to timeouts. It appeared the problems were due to the accounts being accessed from multiple servers simultaneously, so I forced them all to access one server, but the errors remained. It looks like it has something to do with file locking, but LizardFS supports advisory file locking and I do have it enabled. Deleting the corrupted indexes fixes the problem for a while, but it eventually returns, particularly for some accounts. Here are some errors I'm seeing (just a random grab). Actual home directories are munged for confidentiality. imap[25157]: (clientes.standby) Error: Failed to fix view for HOME/clientes:standby/dovecot.index: Missing middle file seq=1 (between 1..1, we have seqs 8): File is already open imap[5565]: (stadiumchair) Error: Transaction log file HOME/stadiumchair/.Drafts/dovecot.index.log: marked corrupted imap[5005]: (stadiumchair) Error: Corrupted transaction log file HOME/stadiumchair/.Drafts/dovecot.index.log seq 2: indexid changed 1418941056 -> 1500658549 (sync_offset=0) imap[20243]: (martha) Error: Transaction log HOME/martha/dovecot.index.log: duplicate transaction log sequence (539) imap[4665]: (emsspam) Error: Index file HOME/emsspam/dovecot.index: indexid changed: 1500658479 -> 1297175382 imap[4665]: (emsspam) Error: Corrupted transaction log file HOME/emsspam/dovecot.index.log seq 3: indexid changed: 1500658479 -> 1297175382 (sync_offset=316) imap[22985]: (emsspam) Error: Corrupted transaction log file HOME/emsspam/dovecot.index.log seq 10742: Invalid transaction log size (9296 vs 9296): HOME/emsspam/dovecot.index.log (sync_offset=9296) imap[3267]: (emsspam) Error: Failed to map view for HOME/emsspam/dovecot.index: Failed to map file seq=10742 offset=9052..18446744073709551615 (ret=0): corrupted, indexid=0 imap[3267]: (emsspam) Error: HOME/emsspam/dovecot.index view is inconsistent: uid=3062271 inserted in the middle of mailbox The output of dovecot -n is pasted in below. Note that some of the boxes are running 4.9, some running 4.4, all have the same problems. Also note that I am using a custom authentication front end for our virtual mailboxes, but it just sets up the minimal environment variables and runs imap. Is there anything I can change to eliminate these problems? Are there any other diagnostics I can provide to shed light on this? # 2.2.31 (65cde28): /etc/dovecot/dovecot.conf # OS: Linux 4.4.66 x86_64 Gentoo Base System release 2.3 log_path = /dev/stderr mail_debug = yes mail_fsync = always mail_location = maildir:~/.maildir mail_log_prefix = "%s[%p]: (%u) " mmap_disable = yes namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = INBOX separator = type = private } passdb { args = * driver = pam } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename } ssl_cert = http://untroubled.org/ signature.asc Description: Digital signature
Re: Return extra fields from passwd userdb
Hi, each user exists in one db. I changed configuration: # 2.2.29.1 (e0b76e3): /var/etc/dovecot/dovecot.conf # Pigeonhole version 0.4.18 (29cc74d) # OS: Linux 3.10.55-gentoo i686 SuSE Linux 7.1 (i386) auth_debug = yes debug_log_path = /var/log/dovecot/dovecot_debug.log disable_plaintext_auth = no info_log_path = /var/log/state.mail/dovecot.pipe log_path = /var/log/dovecot/dovecot.log mail_debug = yes mail_gid = users mail_location = maildir:~/.maildir mail_plugins = acl quota mail_shared_explicit_inbox = yes mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave duplicate namespace { list = yes location = maildir:/data/home/vmail/public prefix = Public/ separator = / subscriptions = no type = public } namespace { list = children location = maildir:/data/home/%%n/.maildir:INDEX=~/.maildir/shared/%%u prefix = Shared/%%u/ separator = / subscriptions = no type = shared } namespace inbox { inbox = yes list = yes location = mailbox Cestino { special_use = \Trash } mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox "Posta inviata" { special_use = \Sent } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / subscriptions = yes type = private } passdb { args = /etc/dovecot/passwd.masterusers driver = passwd-file master = yes } passdb { args = /var/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } passdb { driver = passwd skip = authenticated } plugin { acl = vfile:/etc/dovecot/acl:cache_secs=300 acl_shared_dict = file:/var/lib/dovecot-dict/shared-mailboxes quota = maildir:User quota quota_rule = *:storage=5M quota_rule2 = Trash:storage=+100M quota_rule3 = SPAM:ignore sieve = ~/.dovecot.sieve sieve_before = /var/etc/dovecot/sieve/general/ sieve_dir = ~/sieve sieve_execute_bin_dir = /usr/local/bin/dovecot/sieve-execute sieve_filter_bin_dir = /usr/local/bin/dovecot/sieve-filter sieve_global_dir = /var/etc/dovecot/sieve/global/ sieve_global_extensions = +vnd.dovecot.execute +vnd.dovecot.filter +vnd.dovecot.pipe +editheader sieve_pipe_bin_dir = /usr/local/bin/dovecot/sieve-pipe sieve_plugins = sieve_extprograms } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { group = users } } service imap-postlogin { executable = script-login /usr/local/bin/imap-postlogin.sh user = $default_internal_user } service imap { executable = imap imap-postlogin } ssl_cert = doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/doveadm doveadm(root): Debug: Module loaded: /usr/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so doveadm(root): Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_deinit (this is usually intentional, so just ignore this message) doveadm(root): Debug: Module loaded: /usr/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so doveadm(root): Debug: Module loaded: /usr/lib/dovecot/doveadm/lib10_doveadm_sieve_plugin.so doveadm(root): Debug: Skipping module doveadm_fts_lucene_plugin, because dlopen() failed: /usr/lib/dovecot/doveadm/lib20_doveadm_fts_lucene_plugin.so: undefined symbol: lucene_index_iter_deinit (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/dovecot/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_backend_rescan (this is usually intentional, so just ignore this message) doveadm(afasystems): Debug: auth input: afasystems system_groups_user=afasystems uid=1040 gid=100 home=/data/home/afasystems doveadm(afasystems): Debug: Effective uid=1040, gid=100, home=/data/home/afasystems doveadm(afasystems): Debug: Quota root: name=User quota backend=maildir args= doveadm(afasystems): Debug: Quota rule: root=User quota mailbox=* bytes=5242880 messages=0 doveadm(afasystems): Debug: Quota rule: root=User quota mailbox=Trash bytes=+104857600 messages=0 doveadm(afasystems): Debug: Quota rule: root=User quota mailbox=SPAM ignored doveadm(afasystems): Debug: Quota grace: root=User quota bytes=524288 (10%) doveadm(afasystems): Debug: Namespace inbox: type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:~/.maildir doveadm(afasystems): Debug: maildir++: root=/data/home/afasystems/.maildir, index=, indexpvt=, control=, inbox=/data/home/afasystems/.maildir, alt= doveadm(afasystems): Debug: acl: initializing backend with data: vfile:/etc/dovecot/acl:cache_secs=300 doveadm(afasystems): Debug: acl: acl username =
Re: FTS error Unknown user
Citát azu...@pobox.sk: Hi, sorry for previous message, i accidentaly send it before it was complete. Recently, i was configuring a setup with one proxy, which is doing authentication and multiple backends, which doesn't have access to user database (see https://www.mail-archive.com/dovecot@dovecot.org/msg70123.html ). Now i wanted to use FTS (solr) on backends but i'm getting this error everytime a email is received (and FTS is not working, of course): dovecot: indexer-worker: Error: User [censored] lookup failed: Unknown user I don't fully understand why FTS needs to do any user lookup during indexing but, anyway, how can i workaround it? This is relevant config: passdb { driver = static args = password=[censored] allow_nets=[censored] } userdb { driver = static args = home=/var/mail/vhosts/%d/%n/home master_user=%u } plugin { fts = solr fts_solr = url=http://[censored]:8080/solr/ fts_autoindex = yes fts_autoindex_max_recent_msgs = 1000 } FTS is fully configured and working on proxy side (which is, currently, also a backend for most of the users - i will split it in stages, just wanted to say that i have FTS already working). azur Just resolved it, here is the solution (at the end of 'args' line): userdb { driver = static args = home=/var/mail/vhosts/%d/%n/home master_user=%u allow_all_users=yes } azur
FTS error Unknown user
Hi, sorry for previous message, i accidentaly send it before it was complete. Recently, i was configuring a setup with one proxy, which is doing authentication and multiple backends, which doesn't have access to user database (see https://www.mail-archive.com/dovecot@dovecot.org/msg70123.html ). Now i wanted to use FTS (solr) on backends but i'm getting this error everytime a email is received (and FTS is not working, of course): dovecot: indexer-worker: Error: User [censored] lookup failed: Unknown user I don't fully understand why FTS needs to do any user lookup during indexing but, anyway, how can i workaround it? This is relevant config: passdb { driver = static args = password=[censored] allow_nets=[censored] } userdb { driver = static args = home=/var/mail/vhosts/%d/%n/home master_user=%u } plugin { fts = solr fts_solr = url=http://[censored]:8080/solr/ fts_autoindex = yes fts_autoindex_max_recent_msgs = 1000 } FTS is fully configured and working on proxy side (which is, currently, also a backend for most of the users - i will split it in stages, just wanted to say that i have FTS already working). azur
FTS
Hi, recently, i was configuring a setup with one proxy, which is doing authentication and multiple backends, which doesn't have access to user database (see https://www.mail-archive.com/dovecot@dovecot.org/msg70123.html ). Now i wanted to use FTS (solr) on backends but i'm getting this error after every email is received:
Re: Problem compiling dovecot 2.2.31 on Solaris
On Fri, 21 Jul 2017 15:04:59 +0100 Jameswrote: > from SUNWhea on S10 and system/header on S11. Nevertheless it's missing > on Solaris 8 and 9. You can make your own, this worked for me on Solaris > 9 at least once, untested recently: Worked! Thanks! Now it is complainig about openssl, I think: ../../src/lib-ssl-iostream/iostream-openssl.h:6:25: error: openssl/ssl.h: No such file or directory In file included from test-http-client.c:12: I'll try to install a modern version, hoping it'll compile... :) Thanks again, Luciano. -- /"\ /Via A. Salaino, 7 - 20144 Milano (Italy) \ / ASCII RIBBON CAMPAIGN / PHONE : +39 2 485781 FAX: +39 2 48578250 X AGAINST HTML MAIL/ E-MAIL: posthams...@sublink.sublink.org / \ AND POSTINGS/ WWW: http://www.lesassaie.IT/
Re: Problem compiling dovecot 2.2.31 on Solaris
On 21/07/2017 13:38, Levente wrote: You are missing stdint.h. Try to locate that, and include the directory. However, this is odd, since it should be shipped with GCC itself. Headers are generally supplied by the OS not the compiler, stdint.h is $ find /usr/include -name stdint.h /usr/include/sys/stdint.h /usr/include/stdint.h from SUNWhea on S10 and system/header on S11. Nevertheless it's missing on Solaris 8 and 9. You can make your own, this worked for me on Solaris 9 at least once, untested recently: #ifndef _STDINT_H #define _STDINT_H #include #include #include #endif /* _STDINT_H */ Or just #define what you think it needs, it's not complex.
Re: Problem compiling dovecot 2.2.31 on Solaris
On Fri, 21 Jul 2017 09:27:18 -0400 Oscar del Riowrote: > solaris 8 is way too old! > I think you need Solaris 10 or newer I know. Though dovecot 2.2.5 compiles and runs: nameron# doveconf -n # 2.2.5: /etc/dovecot/dovecot.conf # OS: SunOS 5.8 sun4u ufs Luciano. -- /"\ /Via A. Salaino, 7 - 20144 Milano (Italy) \ / ASCII RIBBON CAMPAIGN / PHONE : +39 2 485781 FAX: +39 2 48578250 X AGAINST HTML MAIL/ E-MAIL: posthams...@sublink.sublink.org / \ AND POSTINGS/ WWW: http://www.lesassaie.IT/
Re: Problem compiling dovecot 2.2.31 on Solaris
On 07/21/17 08:56 AM, Luciano Mannucci wrote: Target: sparc-sun-solaris2.8 Configured with: ../sources/gcc-4.0.2/configure --prefix=/opt/csw/gcc4 --with-local-prefix=/opt/csw --without-gnu-as --with-as=/usr/ccs/bin/as --without-gnu-ld --with-ld=/usr/ccs/bin/ld --enable-threads=posix --enable-shared --enable-multilib --enable-nls --with-included-gettext --with-libiconv-prefix=/opt/csw --with-x --enable-java-awt=xlib --with-system-zlib --enable-languages=c,c++,f95,java,objc,ada Thread model: posix gcc version 4.0.2 Is it too old? solaris 8 is way too old! I think you need Solaris 10 or newer
Core dumped when authenticating to managesieve
Hey, I'm getting "Error in MANAGESIEVE command received by server." and service(managesieve-login) killed with signal 11 (core dumped) when doing two line autenticate(sogo) to managesieve(). # telnet localhost 4190 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. "IMPLEMENTATION" "Dovecot Pigeonhole" "SIEVE" "fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext editheader" "NOTIFY" "mailto" "SASL" "PLAIN" "VERSION" "1.0" OK "Dovecot ready." AUTHENTICATE "PLAIN" {52+} XX== NO "Error in MANAGESIEVE command received by server." AUTHENTICATE "PLAIN" {52+} < trying again Connection closed by foreign host. and after that in logs there is "dovecot: managesieve-login: Fatal: master: service(managesieve-login): child 38748 killed with signal 11 (core dumped)" One line autenticate works. # telnet localhost 4190 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. "IMPLEMENTATION" "Dovecot Pigeonhole" "SIEVE" "fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext editheader" "NOTIFY" "mailto" "SASL" "PLAIN" "VERSION" "1.0" OK "Dovecot ready." AUTHENTICATE "PLAIN" "XX==" OK "Logged in." OS: FreeBSD 11.1-RC3 Dovecot 2.2.31 , pigeonhole 0.4.19 Trace below GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "amd64-marcel-freebsd"...(no debugging symbols found)... warning: core file may not match specified executable file. Core was generated by `dovecot/managesieve-login'. Program terminated with signal 11, Segmentation fault. Reading symbols from /usr/local/lib/dovecot/libdovecot-login.so.0...done. Loaded symbols for /usr/local/lib/dovecot/libdovecot-login.so.0 Reading symbols from /usr/lib/libssl.so.8...done. Loaded symbols for /usr/lib/libssl.so.8 Reading symbols from /lib/libcrypto.so.8...done. Loaded symbols for /lib/libcrypto.so.8 Reading symbols from /usr/local/lib/dovecot/libdovecot.so.0...done. Loaded symbols for /usr/local/lib/dovecot/libdovecot.so.0 Reading symbols from /usr/lib/libkrb5.so.11...done. Loaded symbols for /usr/lib/libkrb5.so.11 Reading symbols from /usr/lib/libgssapi.so.10...done. Loaded symbols for /usr/lib/libgssapi.so.10 Reading symbols from /usr/lib/libgssapi_krb5.so.10...done. Loaded symbols for /usr/lib/libgssapi_krb5.so.10 Reading symbols from /lib/libc.so.7...done. Loaded symbols for /lib/libc.so.7 Reading symbols from /usr/lib/libasn1.so.11...done. Loaded symbols for /usr/lib/libasn1.so.11 Reading symbols from /usr/lib/libcom_err.so.5...done. Loaded symbols for /usr/lib/libcom_err.so.5 Reading symbols from /lib/libcrypt.so.5...done. Loaded symbols for /lib/libcrypt.so.5 Reading symbols from /usr/lib/libhx509.so.11...done. Loaded symbols for /usr/lib/libhx509.so.11 Reading symbols from /usr/lib/libroken.so.11...done. Loaded symbols for /usr/lib/libroken.so.11 Reading symbols from /usr/lib/libwind.so.11...done. Loaded symbols for /usr/lib/libwind.so.11 Reading symbols from /usr/lib/libheimbase.so.11...done. Loaded symbols for /usr/lib/libheimbase.so.11 Reading symbols from /usr/lib/libprivateheimipcc.so.11...done. Loaded symbols for /usr/lib/libprivateheimipcc.so.11 Reading symbols from /lib/libthr.so.3...done. Loaded symbols for /lib/libthr.so.3 Reading symbols from /libexec/ld-elf.so.1...done. Loaded symbols for /libexec/ld-elf.so.1 #0 i_stream_seek (stream=0x0, v_offset=80) at istream.c:296 296 istream.c: No such file or directory. in istream.c (gdb) bt full #0 i_stream_seek (stream=0x0, v_offset=80) at istream.c:296 _stream = (struct istream_private *) 0x5385e16 #1 0x0536937a in i_stream_limit_read (stream=0x767d540) at istream-limit.c:34 lstream = (struct limit_istream *) 0x767d540 left = 123848760 ret = 1 pos = 119265200 #2 0x0535f340 in i_stream_read (stream=0x767d5b0) at istream.c:174 _stream = (struct istream_private *) 0x767d540 old_size = 0 ret = 124244864 #3 0x053607ae in i_stream_read_data (stream=0x767d5b0, data_r=0x7fffe868, size_r=0x7fffe878, threshold=0) at istream.c:569 ret = 0 read_more = false #4 0x004038d1 in ?? () No symbol table info available. #5 0x00403c1a in ?? () No symbol table info available. #6
Re: Problem compiling dovecot 2.2.31 on Solaris
On Fri, 21 Jul 2017 14:38:57 +0200 Leventewrote: > You are missing stdint.h. Try to locate that, and include the > directory. However, this is odd, since it should be shipped with GCC > itself. You're right! It is missing. This is the output of gcc -v: Reading specs from /opt/csw/gcc4/lib/gcc/sparc-sun-solaris2.8/4.0.2/specs Target: sparc-sun-solaris2.8 Configured with: ../sources/gcc-4.0.2/configure --prefix=/opt/csw/gcc4 --with-local-prefix=/opt/csw --without-gnu-as --with-as=/usr/ccs/bin/as --without-gnu-ld --with-ld=/usr/ccs/bin/ld --enable-threads=posix --enable-shared --enable-multilib --enable-nls --with-included-gettext --with-libiconv-prefix=/opt/csw --with-x --enable-java-awt=xlib --with-system-zlib --enable-languages=c,c++,f95,java,objc,ada Thread model: posix gcc version 4.0.2 Is it too old? Thanks again, Luciano. -- /"\ /Via A. Salaino, 7 - 20144 Milano (Italy) \ / ASCII RIBBON CAMPAIGN / PHONE : +39 2 485781 FAX: +39 2 48578250 X AGAINST HTML MAIL/ E-MAIL: posthams...@sublink.sublink.org / \ AND POSTINGS/ WWW: http://www.lesassaie.IT/
Re: Problem compiling dovecot 2.2.31 on Solaris
You are missing stdint.h. Try to locate that, and include the directory. However, this is odd, since it should be shipped with GCC itself. Lev On Fri, Jul 21, 2017 at 2:15 PM, Luciano Mannucciwrote: > > I'm trying to compile under SunOS 5.8 Generic_117350-28 sun4u sparc > SUNW,Ultra-5_10 > (I know it's a bit oldish :-) and I get this error: > > /bin/bash ../../libtool --tag=CC --mode=compile gcc > -DHAVE_CONFIG_H -I. -I../.. -std=gnu99 -g -O2 -Wall -W > -Wmissing-prototypes > -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 > -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -MT pkcs5.lo > -MD > -MP -MF .deps/pkcs5.Tpo -c -o pkcs5.lo pkcs5.c libtool: compile: gcc > -DHAVE_CONFIG_H -I. -I../.. -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes > -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 > -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -MT pkcs5.lo -MD > -MP -MF .deps/pkcs5.Tpo -c pkcs5.c -fPIC -DPIC -o .libs/pkcs5.o pkcs5.c:9:20: > error: stdint.h: No such file or directory make[4]: *** [pkcs5.lo] Error 1 > > What have I missed? > > I did: > > ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var\ > --mandir=/usr/share/man --docdir=/usr/share/doc/packages/dovecot\ > --disable-ipv6 --enable-header-install\ > > make > > Is it reasonable? > > Thanks in advance, > > Luciano. > -- > /"\ /Via A. Salaino, 7 - 20144 Milano (Italy) > \ / ASCII RIBBON CAMPAIGN / PHONE : +39 2 485781 FAX: +39 2 48578250 > X AGAINST HTML MAIL/ E-MAIL: posthams...@sublink.sublink.org > / \ AND POSTINGS/ WWW: http://www.lesassaie.IT/
Problem compiling dovecot 2.2.31 on Solaris
I'm trying to compile under SunOS 5.8 Generic_117350-28 sun4u sparc SUNW,Ultra-5_10 (I know it's a bit oldish :-) and I get this error: /bin/bash ../../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -I../.. -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -MT pkcs5.lo -MD -MP -MF .deps/pkcs5.Tpo -c -o pkcs5.lo pkcs5.c libtool: compile: gcc -DHAVE_CONFIG_H -I. -I../.. -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -MT pkcs5.lo -MD -MP -MF .deps/pkcs5.Tpo -c pkcs5.c -fPIC -DPIC -o .libs/pkcs5.o pkcs5.c:9:20: error: stdint.h: No such file or directory make[4]: *** [pkcs5.lo] Error 1 What have I missed? I did: ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var\ --mandir=/usr/share/man --docdir=/usr/share/doc/packages/dovecot\ --disable-ipv6 --enable-header-install\ make Is it reasonable? Thanks in advance, Luciano. -- /"\ /Via A. Salaino, 7 - 20144 Milano (Italy) \ / ASCII RIBBON CAMPAIGN / PHONE : +39 2 485781 FAX: +39 2 48578250 X AGAINST HTML MAIL/ E-MAIL: posthams...@sublink.sublink.org / \ AND POSTINGS/ WWW: http://www.lesassaie.IT/
Re: Latest Virtual Plugin changes seem to have broken flag changes: 2.2.devel (bf2fa36)
On 21.07.2017 14:43, Thomas Leuxner wrote: > * Aki Tuomi2017.07.21 12:53: > >> I cannot repeat this. > Hi Aki, > > a bit hard for me to debug speaking protocol, but I can definitely reproduce > it with multiple MUAs. > > Regards > Thomas You can just turn on rawlogs protocol imap { rawlog_dir = /tmp/rawlogs/%Lu } and mkdir /tmp/rawlogs/your-username-in-lowercase chmod 0777 /tmp/rawlogs/your-username-in-lowercase Aki
Re: Latest Virtual Plugin changes seem to have broken flag changes: 2.2.devel (bf2fa36)
* Aki Tuomi2017.07.21 12:53: > I cannot repeat this. Hi Aki, a bit hard for me to debug speaking protocol, but I can definitely reproduce it with multiple MUAs. Regards Thomas signature.asc Description: PGP signature
Re: Latest Virtual Plugin changes seem to have broken flag changes: 2.2.devel (bf2fa36)
On 21.07.2017 13:39, Thomas Leuxner wrote: > Hi, > > I’m using several views like this: > > # cat Dovecot/dovecot-virtual > :public/Archive/Mailing-Lists/Dovecot/* > :public/Mailing-Lists/Dovecot > all > > Before the recent changes read mail stayed in sync with the virtual folder. > Now regardless whether mail is read in the original Folder or the virtual > Folder, the flags are not synchronized anymore. Read mail is flagged unread > in the corresponding folder. > > Regards > Thomas > I cannot repeat this. a SELECT INBOX * 1 EXISTS * 1 RECENT * OK [UNSEEN 1] First unseen. a SELECT Virtual/all * 1 EXISTS * 0 RECENT * OK [UNSEEN 1] First unseen. a SELECT INBOX * 1 EXISTS * 0 RECENT * OK [UNSEEN 1] First unseen. a STORE 1:1 +FLAGS (\Seen) * 1 FETCH (FLAGS (\Seen)) a OK Store completed (0.001 + 0.000 secs). a SELECT Virtual/all * 1 EXISTS * 0 RECENT a FETCH 1:* (FLAGS) * 1 FETCH (FLAGS (\Seen)) Aki
Latest Virtual Plugin changes seem to have broken flag changes: 2.2.devel (bf2fa36)
Hi, I’m using several views like this: # cat Dovecot/dovecot-virtual :public/Archive/Mailing-Lists/Dovecot/* :public/Mailing-Lists/Dovecot all Before the recent changes read mail stayed in sync with the virtual folder. Now regardless whether mail is read in the original Folder or the virtual Folder, the flags are not synchronized anymore. Read mail is flagged unread in the corresponding folder. Regards Thomas signature.asc Description: Message signed with OpenPGP