Re: 2.3.0 upgrade from 2.2.x

2017-12-27 Thread Aki Tuomi 

> On December 28, 2017 at 4:15 AM "Fabian A. Santiago" 
>  wrote:
> 
> 
> On December 27, 2017 8:07:18 PM EST, "Fabian A. Santiago" 
>  wrote:
> >Question; So after updating to 2.3.0 and following the recommended
> >warnings / changes from running doveconf -n and then doing that same
> >command > "a new conf file", and then renaming the conf files and
> >restarting dovecot, I should be good to go with my old config updated
> >to the new config spec? Just confirming. Thanks. 
> >
> >What I mean is doing the -n to a new file hasn't changed or removed
> >anything from my old config? Unless it was a changed or obsoleted
> >option and in that case it would have warned me anyway, correct? 
> >--
> >
> >Thanks,
> >
> >Fabian S.
> >
> >OpenPGP: 3C3FA072ACCB7AC5DB0F723455502B0EEB9070FC

Yeah, it should tell you if you have deprecated options or something that needs 
looking into.

Aki

Re: Question about imap (expunge response)

2017-12-27 Thread Kamil Jońca 
Bron Gondwana  writes:

> Yeah, that smells bogus.  You can't send the EXPUNGE right away, even if
[...]

Thank for confirmation 

> Having said that, fetchmail is also wrong here:
>
> fetchmail: IMAP> A0008 STORE 1 +FLAGS.SILENT (\Seen \Deleted) fetchmail:
> IMAP< * 1 EXPUNGE fetchmail: IMAP< A0008 OK Store completed fetchmail:
> IMAP> A0009 EXPUNGE fetchmail: IMAP< A0009 OK EXPUNGE completed
> fetchmail: mail expunge mismatch (0 actual != 1 expected)

> There is no guarantee that you would get exactly 1 from the EXPUNGE

Agreed, but with fetchmail I have (theoretically at least) possiblity to
modify it's behavior.
KJ



-- 
http://wolnelektury.pl/wesprzyj/teraz/
Totally illogical, there was no chance.
-- Spock, "The Galileo Seven", stardate 2822.3

Re: 2.3.0 upgrade from 2.2.x

2017-12-27 Thread Fabian A. Santiago 
On December 27, 2017 8:07:18 PM EST, "Fabian A. Santiago" 
 wrote:
>Question; So after updating to 2.3.0 and following the recommended
>warnings / changes from running doveconf -n and then doing that same
>command > "a new conf file", and then renaming the conf files and
>restarting dovecot, I should be good to go with my old config updated
>to the new config spec? Just confirming. Thanks. 
>
>What I mean is doing the -n to a new file hasn't changed or removed
>anything from my old config? Unless it was a changed or obsoleted
>option and in that case it would have warned me anyway, correct? 
>--
>
>Thanks,
>
>Fabian S.
>
>OpenPGP: 3C3FA072ACCB7AC5DB0F723455502B0EEB9070FC


--

Thanks,

Fabian S.

OpenPGP: 3C3FA072ACCB7AC5DB0F723455502B0EEB9070FC

2.3.0 upgrade from 2.2.x

2017-12-27 Thread Fabian A. Santiago 
Question; So after updating to 2.3.0 and following the recommended warnings / 
changes from running doveconf -n and then doing that same command > "a new conf 
file", and then renaming the conf files and restarting dovecot, I should be 
good to go with my old config updated to the new config spec? Just confirming. 
Thanks. 

What I mean is doing the -n to a new file hasn't changed or removed anything 
from my old config? Unless it was a changed or obsoleted option and in that 
case it would have warned me anyway, correct? 
--

Thanks,

Fabian S.

OpenPGP: 3C3FA072ACCB7AC5DB0F723455502B0EEB9070FC

Re: Package repository now available

2017-12-27 Thread Fabian A. Santiago 
On December 27, 2017 4:38:02 PM EST, Aki Tuomi  wrote:
>
>> On December 27, 2017 at 6:11 PM Aki Tuomi 
>wrote:
>> 
>> 
>> 
>> > On December 27, 2017 at 6:05 PM "Fabian A. Santiago"
> wrote:
>> > 
>> > 
>> > December 27, 2017 10:53 AM, aki.tu...@dovecot.fi wrote:
>> > 
>> > > Small amendment...
>> > > 
>> > > if you ran
>> > > 
>> > > gpg --export > /etc/apt/trusted.gpg.d/dovecot.gpg
>> > > 
>> > > please run
>> > > 
>> > > gpg --export ED409DA1 > /etc/apt/trusted.gpg.d/dovecot.gpg
>> > > 
>> > > Aki
>> > > 
>> > >> On December 27, 2017 at 5:00 PM aki.tu...@dovecot.fi wrote:
>> > >> 
>> > >> Dovecot now has package repository for Debian, CentOS and Ubuntu
>available at
>> > >> https://repo.dovecot.org
>> > >> 
>> > >> Packages are provided for 2.3 series and forward. Please let us
>know if you run into any trouble
>> > >> with these.
>> > >> 
>> > >> ---
>> > >> Aki Tuomi
>> > >> Dovecot oy
>> > >> ___
>> > >> Dovecot-news mailing list
>> > >> dovecot-n...@dovecot.org
>> > >> https://dovecot.org/mailman/listinfo/dovecot-news
>> > 
>> > so i received this (centos 7.4):
>> > 
>> > Retrieving key from https://repo.dovecot.org/DOVECOT-REPO-GPG
>> > Importing GPG key 0xED409DA1:
>> >  Userid : "Dovecot Community Edition "
>> >  Fingerprint: 2be7 4aab 3ee7 54df b9c8 0d33 18a3 48ae ed40 9da1
>> >  From   : https://repo.dovecot.org/DOVECOT-REPO-GPG
>> > Is this ok [y/N]: y
>> > warning:
>/var/cache/yum/x86_64/7/dovecot-2.3-latest/packages/dovecot-pgsql-2.3.0-2.x86_64.rpm:
>Header V3 DSA/SHA256 Signature, key ID eed949f0: NOKEY
>> > Retrieving key from https://repo.dovecot.org/DOVECOT-REPO-GPG
>> > 
>> > 
>> > The GPG keys listed for the "RHEL 7 - x86_64" repository are
>already installed but they are not correct for this package.
>> > Check that the correct key URLs are configured for this repository.
>> > 
>> > 
>> >  Failing package is: 2:dovecot-pgsql-2.3.0-2.x86_64
>> >  GPG Keys are configured as:
>https://repo.dovecot.org/DOVECOT-REPO-GPG
>> > 
>> > 
>> > upgrading from dovecot 2.2.x. 
>> > 
>> > is this related to what you just mentioned with the gpg key? 
>> > 
>> > --
>> > 
>> > Thanks,
>> > 
>> > Fabian S.
>> > 
>> > OpenPGP: 3C3FA072ACCB7AC5DB0F723455502B0EEB9070FC
>> 
>> Nope. The amendment was only for debian & ubuntu users.
>> 
>> We'll check why it says NOKEY. It should have been signed.
>> 
>> Aki
>
>Should be fixed now.
>
>Aki

Thank you. Confirmed works ok. 
--

Thanks,

Fabian S.

OpenPGP: 3C3FA072ACCB7AC5DB0F723455502B0EEB9070FC

Re: Renewing certificates

2017-12-27 Thread Joseph Tam 

Kenneth Porter  writes:


Thanks. Some digging indicates that this is equivalent to doveadm reload.
Both paths ultimately send a SIGHUP to the server which initiates a full
reload of the configuration.

I'll be combining this with a restart of sendmail. Alas, I don't see a way
to get it to reload its configuration.


Should be the same way: send a SIGHUP signal to the parent process.


http://etutorials.org/Server+Administration/Sendmail/Part+II+Administration/Chapter+14.+Signals+Transactions+and+Syslog/SIGHUP/

I'm not sure whether this will cause the sendmail worker processes to dump
their cients, but if it did, SMTP is fault tolerant enough that delivery
should be retried later.

Joseph Tam

Re: Ubuntu Auth Issues with new repository code..

2017-12-27 Thread Michael Marley 
On 12/27/17 4:38 PM, Howard Leadmon wrote:

>    Saw the new repository notification, and figured what the heck I
> would try letting it upgrade me from the current v2.2.22 release that
> apparently is in the Ubuntu 16.04 packages, to the new repository
> release of v2.3.0.
>
>  I followed the info on repo.dovecot.org, and first it started
> bitching about lmtp (dovecot: master: Fatal: service(lmtp)
> access(/usr/lib/dovecot/lmtp) failed: No such file or directory), so I
> went back and installed the dovecot-lmtpd package and that seemed to
> fix that issue.  Just FYI, I had dovecot-core, dovecot-imapd, and
> dovecot-pop3d installed on the system.
>
>  OK, so now it started up, said it was 2.3.0 and I thought all was
> good, but now all authentication is failing.  I turned on some of the
> logging debugging, and am seeing the below:
>
> dovecot: auth-worker(19578): Debug:
> pam(toss1,127.0.0.1,): lookup service=dovecot
> dovecot: auth-worker(19578): Debug:
> pam(toss1,127.0.0.1,): #1/1 style=1 msg=Password:
> dovecot: auth-worker(19578): pam(toss1,127.0.0.1,):
> pam_authenticate() failed: System error
> dovecot: auth: Debug: client passdb out: FAIL#0111#011user=toss1
> dovecot: imap-login: Aborted login (auth failed, 1 attempts in 3
> secs): user=, method=PLAIN, rip=127.0.0.1, lip=127.0.1.1,
> session=
>
>  I took and compared my auth files like 10-auth.conf, and
> auth-system.conf.ext, and they are identical between the two versions,
> even though they were overwritten as part of the upgrade.
>
>  If I just uninstall the 2.3.0 release, and install 2.2.22 back on the
> server, it all just starts working again.    So for now I am back on
> 2.2, but was willing to give 2.3 a run if I can get it going.   Any
> ideas as to what to look at to get this working, would be great.   As
> stated above, this is Ubuntu Server 16.04.03, and I am also running
> Postfix and amavis-new, but don't think they should really impact me
> using dovecot for email over POP3 or IMAP..
>
> ---
> Howard Leadmon
> PBW Communications, LLC
> http://www.pbwcomm.com
>
Try adding "CAP_AUDIT_WRITE" to CapabilityBoundingSet in
/lib/systemd/system/dovecot.service.  I had the same problem when I
upgraded to 2.3.0.

Michael

Re: Ubuntu Auth Issues with new repository code..

2017-12-27 Thread Kenneth Porter 
Another thing to check is the RPM scripts that run during an upgrade. 
Compare the output of "rpm -q --scripts dovecot" for the old and new 
package. See if the new package is doing all the necessary things 
expected by Ubuntu. Scripts are the most platform-specific part of the 
package and the hardest to make portable.

Re: Ubuntu Auth Issues with new repository code..

2017-12-27 Thread Aki Tuomi 
The problem would appear that pam is reporting a system error, which fails your 
authentication. Are you supposed to be using pam?

Aki

> On December 28, 2017 at 12:50 AM Howard Leadmon  wrote:
> 
> 
>    I hear what your saying, but if you read and follow the repo page, it 
> says run update, and then upgrade.   Also as a test, I did remove the 
> old 2.2 code, and installed the new 2.3 code, and again authentication 
> fails.
> 
>   I am sure I may be missing something stupid, but the bottom line is, 
> how can I track down why it will not auth using PAM under the newer 
> code, when even looking at the auth modules, the configs appear to be 
> the same on 2.2 and 2.3, so I didn't see any adjustments I could 
> actually make..
> 
> 
> ---
> Howard Leadmon
> PBW Communications, LLC
> http://www.pbwcomm.com
> 
> On 12/27/2017 5:39 PM, Noel Butler wrote:
> > Why on earth you think you could upgrade versions by using two unrelated
> > and different repo's is beyond me.
> >
> > This has always been a problem, even back in the 90's with the RPMs, RH
> > v say for example Fresh, because package maintainers will package
> > differently.
> >
> > Its like trying to stick a cisco 1800 image on an ASR9K and expecting it
> > to work perfectly.
> >
> > Though we don't use deb or rpm based systems and haven't for about 15
> > years, if I was to, I think I'd be using the creators version, and not a
> > distro's version.
> >
>

Re: Ubuntu Auth Issues with new repository code..

2017-12-27 Thread Howard Leadmon 
  I hear what your saying, but if you read and follow the repo page, it 
says run update, and then upgrade.   Also as a test, I did remove the 
old 2.2 code, and installed the new 2.3 code, and again authentication 
fails.


 I am sure I may be missing something stupid, but the bottom line is, 
how can I track down why it will not auth using PAM under the newer 
code, when even looking at the auth modules, the configs appear to be 
the same on 2.2 and 2.3, so I didn't see any adjustments I could 
actually make..



---
Howard Leadmon
PBW Communications, LLC
http://www.pbwcomm.com

On 12/27/2017 5:39 PM, Noel Butler wrote:

Why on earth you think you could upgrade versions by using two unrelated
and different repo's is beyond me.

This has always been a problem, even back in the 90's with the RPMs, RH
v say for example Fresh, because package maintainers will package
differently.

Its like trying to stick a cisco 1800 image on an ASR9K and expecting it
to work perfectly.

Though we don't use deb or rpm based systems and haven't for about 15
years, if I was to, I think I'd be using the creators version, and not a
distro's version.

Re: Ubuntu Auth Issues with new repository code..

2017-12-27 Thread Noel Butler 
On 28/12/2017 07:38, Howard Leadmon wrote:

> Saw the new repository notification, and figured what the heck I would try 
> letting it upgrade me from the current v2.2.22 release that apparently is in 
> the Ubuntu 16.04 packages, to the new repository release of v2.3.0.
> 
> I followed the info on repo.dovecot.org, and first it started bitching about 
> lmtp (dovecot: master: Fatal: service(lmtp) access(/usr/lib/dovecot/lmtp) 
> failed: No such file or directory), so I went back and installed the 
> dovecot-lmtpd package and that seemed to fix that issue.  Just FYI, I had 
> dovecot-core, dovecot-imapd, and dovecot-pop3d installed on the system.
> 
> OK, so now it started up, said it was 2.3.0 and I thought all was good, but 
> now all authentication is failing.  I turned on some of the logging 
> debugging, and am seeing the below:
> 
> dovecot: auth-worker(19578): Debug: pam(toss1,127.0.0.1,): 
> lookup service=dovecot
> dovecot: auth-worker(19578): Debug: pam(toss1,127.0.0.1,): 
> #1/1 style=1 msg=Password:
> dovecot: auth-worker(19578): pam(toss1,127.0.0.1,): 
> pam_authenticate() failed: System error
> dovecot: auth: Debug: client passdb out: FAIL#0111#011user=toss1
> dovecot: imap-login: Aborted login (auth failed, 1 attempts in 3 secs): 
> user=, method=PLAIN, rip=127.0.0.1, lip=127.0.1.1, 
> session=
> 
> I took and compared my auth files like 10-auth.conf, and 
> auth-system.conf.ext, and they are identical between the two versions, even 
> though they were overwritten as part of the upgrade.
> 
> If I just uninstall the 2.3.0 release, and install 2.2.22 back on the server, 
> it all just starts working again.So for now I am back on 2.2, but was 
> willing to give 2.3 a run if I can get it going.   Any ideas as to what to 
> look at to get this working, would be great.   As stated above, this is 
> Ubuntu Server 16.04.03, and I am also running Postfix and amavis-new, but 
> don't think they should really impact me using dovecot for email over POP3 or 
> IMAP..
> 
> ---
> Howard Leadmon
> PBW Communications, LLC
> http://www.pbwcomm.com

Why on earth you think you could upgrade versions by using two unrelated
and different repo's is beyond me. 

This has always been a problem, even back in the 90's with the RPMs, RH
v say for example Fresh, because package maintainers will package
differently. 

Its like trying to stick a cisco 1800 image on an ASR9K and expecting it
to work perfectly. 

Though we don't use deb or rpm based systems and haven't for about 15
years, if I was to, I think I'd be using the creators version, and not a
distro's version.

-- 
Kind Regards, 

Noel Butler 

This Email, including any attachments, may contain legally 
privileged
information, therefore remains confidential and subject to copyright
protected under international law. You may not disseminate, discuss, or
reveal, any part, to anyone, without the authors express written
authority to do so. If you are not the intended recipient, please notify
the sender then delete all copies of this message including attachments,
immediately. Confidentiality, copyright, and legal privilege are not
waived or lost by reason of the mistaken delivery of this message. Only
PDF [1] and ODF [2] documents accepted, please do not send proprietary
formatted documents 

 

Links:
--
[1] http://www.adobe.com/
[2] http://en.wikipedia.org/wiki/OpenDocument

Re: Package repository now available

2017-12-27 Thread Aki Tuomi 

> On December 27, 2017 at 6:11 PM Aki Tuomi  wrote:
> 
> 
> 
> > On December 27, 2017 at 6:05 PM "Fabian A. Santiago" 
> >  wrote:
> > 
> > 
> > December 27, 2017 10:53 AM, aki.tu...@dovecot.fi wrote:
> > 
> > > Small amendment...
> > > 
> > > if you ran
> > > 
> > > gpg --export > /etc/apt/trusted.gpg.d/dovecot.gpg
> > > 
> > > please run
> > > 
> > > gpg --export ED409DA1 > /etc/apt/trusted.gpg.d/dovecot.gpg
> > > 
> > > Aki
> > > 
> > >> On December 27, 2017 at 5:00 PM aki.tu...@dovecot.fi wrote:
> > >> 
> > >> Dovecot now has package repository for Debian, CentOS and Ubuntu 
> > >> available at
> > >> https://repo.dovecot.org
> > >> 
> > >> Packages are provided for 2.3 series and forward. Please let us know if 
> > >> you run into any trouble
> > >> with these.
> > >> 
> > >> ---
> > >> Aki Tuomi
> > >> Dovecot oy
> > >> ___
> > >> Dovecot-news mailing list
> > >> dovecot-n...@dovecot.org
> > >> https://dovecot.org/mailman/listinfo/dovecot-news
> > 
> > so i received this (centos 7.4):
> > 
> > Retrieving key from https://repo.dovecot.org/DOVECOT-REPO-GPG
> > Importing GPG key 0xED409DA1:
> >  Userid : "Dovecot Community Edition "
> >  Fingerprint: 2be7 4aab 3ee7 54df b9c8 0d33 18a3 48ae ed40 9da1
> >  From   : https://repo.dovecot.org/DOVECOT-REPO-GPG
> > Is this ok [y/N]: y
> > warning: 
> > /var/cache/yum/x86_64/7/dovecot-2.3-latest/packages/dovecot-pgsql-2.3.0-2.x86_64.rpm:
> >  Header V3 DSA/SHA256 Signature, key ID eed949f0: NOKEY
> > Retrieving key from https://repo.dovecot.org/DOVECOT-REPO-GPG
> > 
> > 
> > The GPG keys listed for the "RHEL 7 - x86_64" repository are already 
> > installed but they are not correct for this package.
> > Check that the correct key URLs are configured for this repository.
> > 
> > 
> >  Failing package is: 2:dovecot-pgsql-2.3.0-2.x86_64
> >  GPG Keys are configured as: https://repo.dovecot.org/DOVECOT-REPO-GPG
> > 
> > 
> > upgrading from dovecot 2.2.x. 
> > 
> > is this related to what you just mentioned with the gpg key? 
> > 
> > --
> > 
> > Thanks,
> > 
> > Fabian S.
> > 
> > OpenPGP: 3C3FA072ACCB7AC5DB0F723455502B0EEB9070FC
> 
> Nope. The amendment was only for debian & ubuntu users.
> 
> We'll check why it says NOKEY. It should have been signed.
> 
> Aki

Should be fixed now.

Aki

Ubuntu Auth Issues with new repository code..

2017-12-27 Thread Howard Leadmon 
   Saw the new repository notification, and figured what the heck I 
would try letting it upgrade me from the current v2.2.22 release that 
apparently is in the Ubuntu 16.04 packages, to the new repository 
release of v2.3.0.


 I followed the info on repo.dovecot.org, and first it started bitching 
about lmtp (dovecot: master: Fatal: service(lmtp) 
access(/usr/lib/dovecot/lmtp) failed: No such file or directory), so I 
went back and installed the dovecot-lmtpd package and that seemed to fix 
that issue.  Just FYI, I had dovecot-core, dovecot-imapd, and 
dovecot-pop3d installed on the system.


 OK, so now it started up, said it was 2.3.0 and I thought all was 
good, but now all authentication is failing.  I turned on some of the 
logging debugging, and am seeing the below:


dovecot: auth-worker(19578): Debug: 
pam(toss1,127.0.0.1,): lookup service=dovecot
dovecot: auth-worker(19578): Debug: 
pam(toss1,127.0.0.1,): #1/1 style=1 msg=Password:
dovecot: auth-worker(19578): pam(toss1,127.0.0.1,): 
pam_authenticate() failed: System error

dovecot: auth: Debug: client passdb out: FAIL#0111#011user=toss1
dovecot: imap-login: Aborted login (auth failed, 1 attempts in 3 secs): 
user=, method=PLAIN, rip=127.0.0.1, lip=127.0.1.1, 
session=


 I took and compared my auth files like 10-auth.conf, and 
auth-system.conf.ext, and they are identical between the two versions, 
even though they were overwritten as part of the upgrade.


 If I just uninstall the 2.3.0 release, and install 2.2.22 back on the 
server, it all just starts working again.    So for now I am back on 
2.2, but was willing to give 2.3 a run if I can get it going.   Any 
ideas as to what to look at to get this working, would be great.   As 
stated above, this is Ubuntu Server 16.04.03, and I am also running 
Postfix and amavis-new, but don't think they should really impact me 
using dovecot for email over POP3 or IMAP..


---
Howard Leadmon
PBW Communications, LLC
http://www.pbwcomm.com

Re: Package repository now available

2017-12-27 Thread Aki Tuomi 
Should be fixed now.

Aki

> On December 27, 2017 at 8:32 PM Aki Tuomi  wrote:
> 
> 
> Thank you for your report, we'll look into it!
> 
> Aki
> 
> > On December 27, 2017 at 8:16 PM Florent B  wrote:
> > 
> > 
> > Hi,
> > 
> > This repository does not work with Aptly.
> > It seems "architecture" line is wrong in InRelease file (needs to be
> > "Architectures:" instead of "Architecture:").
> > And "Components" instead of "Component".
> > 
> > On 27/12/2017 16:00, aki.tu...@dovecot.fi wrote:
> > > Dovecot now has package repository for Debian, CentOS and Ubuntu 
> > > available at https://repo.dovecot.org/
> > >
> > > Packages are provided for 2.3 series and forward. Please let us know if 
> > > you run into any trouble with these.
> > >
> > > ---
> > > Aki Tuomi
> > > Dovecot oy
> > 
> >

Re: Renewing certificates

2017-12-27 Thread Kenneth Porter 
--On Wednesday, December 27, 2017 9:24 AM -0500 Bill Shirley 
 wrote:



 --reloadcmd "systemctl reload dovecot.service"
Notice the --reloadcmd.


Thanks. Some digging indicates that this is equivalent to doveadm reload. 
Both paths ultimately send a SIGHUP to the server which initiates a full 
reload of the configuration.


I'll be combining this with a restart of sendmail. Alas, I don't see a way 
to get it to reload its configuration.

Re: Package repository now available

2017-12-27 Thread Aki Tuomi 
Thank you for your report, we'll look into it!

Aki

> On December 27, 2017 at 8:16 PM Florent B  wrote:
> 
> 
> Hi,
> 
> This repository does not work with Aptly.
> It seems "architecture" line is wrong in InRelease file (needs to be
> "Architectures:" instead of "Architecture:").
> And "Components" instead of "Component".
> 
> On 27/12/2017 16:00, aki.tu...@dovecot.fi wrote:
> > Dovecot now has package repository for Debian, CentOS and Ubuntu available 
> > at https://repo.dovecot.org/
> >
> > Packages are provided for 2.3 series and forward. Please let us know if you 
> > run into any trouble with these.
> >
> > ---
> > Aki Tuomi
> > Dovecot oy
> 
>

Re: Package repository now available

2017-12-27 Thread Aki Tuomi 

> On December 27, 2017 at 6:05 PM "Fabian A. Santiago" 
>  wrote:
> 
> 
> December 27, 2017 10:53 AM, aki.tu...@dovecot.fi wrote:
> 
> > Small amendment...
> > 
> > if you ran
> > 
> > gpg --export > /etc/apt/trusted.gpg.d/dovecot.gpg
> > 
> > please run
> > 
> > gpg --export ED409DA1 > /etc/apt/trusted.gpg.d/dovecot.gpg
> > 
> > Aki
> > 
> >> On December 27, 2017 at 5:00 PM aki.tu...@dovecot.fi wrote:
> >> 
> >> Dovecot now has package repository for Debian, CentOS and Ubuntu available 
> >> at
> >> https://repo.dovecot.org
> >> 
> >> Packages are provided for 2.3 series and forward. Please let us know if 
> >> you run into any trouble
> >> with these.
> >> 
> >> ---
> >> Aki Tuomi
> >> Dovecot oy
> >> ___
> >> Dovecot-news mailing list
> >> dovecot-n...@dovecot.org
> >> https://dovecot.org/mailman/listinfo/dovecot-news
> 
> so i received this (centos 7.4):
> 
> Retrieving key from https://repo.dovecot.org/DOVECOT-REPO-GPG
> Importing GPG key 0xED409DA1:
>  Userid : "Dovecot Community Edition "
>  Fingerprint: 2be7 4aab 3ee7 54df b9c8 0d33 18a3 48ae ed40 9da1
>  From   : https://repo.dovecot.org/DOVECOT-REPO-GPG
> Is this ok [y/N]: y
> warning: 
> /var/cache/yum/x86_64/7/dovecot-2.3-latest/packages/dovecot-pgsql-2.3.0-2.x86_64.rpm:
>  Header V3 DSA/SHA256 Signature, key ID eed949f0: NOKEY
> Retrieving key from https://repo.dovecot.org/DOVECOT-REPO-GPG
> 
> 
> The GPG keys listed for the "RHEL 7 - x86_64" repository are already 
> installed but they are not correct for this package.
> Check that the correct key URLs are configured for this repository.
> 
> 
>  Failing package is: 2:dovecot-pgsql-2.3.0-2.x86_64
>  GPG Keys are configured as: https://repo.dovecot.org/DOVECOT-REPO-GPG
> 
> 
> upgrading from dovecot 2.2.x. 
> 
> is this related to what you just mentioned with the gpg key? 
> 
> --
> 
> Thanks,
> 
> Fabian S.
> 
> OpenPGP: 3C3FA072ACCB7AC5DB0F723455502B0EEB9070FC

Nope. The amendment was only for debian & ubuntu users.

We'll check why it says NOKEY. It should have been signed.

Aki

Re: Package repository now available

2017-12-27 Thread Fabian A. Santiago 
December 27, 2017 11:06 AM, "Fabian A. Santiago"  
wrote:

> December 27, 2017 10:53 AM, aki.tu...@dovecot.fi wrote:
> 
>> Small amendment...
>> 
>> if you ran
>> 
>> gpg --export > /etc/apt/trusted.gpg.d/dovecot.gpg
>> 
>> please run
>> 
>> gpg --export ED409DA1 > /etc/apt/trusted.gpg.d/dovecot.gpg
>> 
>> Aki
>> 
>>> On December 27, 2017 at 5:00 PM aki.tu...@dovecot.fi wrote:
>>> 
>>> Dovecot now has package repository for Debian, CentOS and Ubuntu available 
>>> at
>>> https://repo.dovecot.org
>>> 
>>> Packages are provided for 2.3 series and forward. Please let us know if you 
>>> run into any trouble
>>> with these.
>>> 
>>> ---
>>> Aki Tuomi
>>> Dovecot oy
>>> ___
>>> Dovecot-news mailing list
>>> dovecot-n...@dovecot.org
>>> https://dovecot.org/mailman/listinfo/dovecot-news
> 
> so i received this (centos 7.4):
> 
> Retrieving key from https://repo.dovecot.org/DOVECOT-REPO-GPG
> Importing GPG key 0xED409DA1:
> Userid : "Dovecot Community Edition "
> Fingerprint: 2be7 4aab 3ee7 54df b9c8 0d33 18a3 48ae ed40 9da1
> From : https://repo.dovecot.org/DOVECOT-REPO-GPG
> Is this ok [y/N]: y
> warning: 
> /var/cache/yum/x86_64/7/dovecot-2.3-latest/packages/dovecot-pgsql-2.3.0-2.x86_64.rpm:
> Header V3 DSA/SHA256 Signature, key ID eed949f0: NOKEY
> Retrieving key from https://repo.dovecot.org/DOVECOT-REPO-GPG
> 
> The GPG keys listed for the "RHEL 7 - x86_64" repository are already 
> installed but they are not
> correct for this package.
> Check that the correct key URLs are configured for this repository.
> 
> Failing package is: 2:dovecot-pgsql-2.3.0-2.x86_64
> GPG Keys are configured as: https://repo.dovecot.org/DOVECOT-REPO-GPG
> 
> upgrading from dovecot 2.2.x.
> 
> is this related to what you just mentioned with the gpg key?
> 
> --
> 
> Thanks,
> 
> Fabian S.
> 
> OpenPGP: 3C3FA072ACCB7AC5DB0F723455502B0EEB9070FC

probably not; i did a manual rpm --import of the key and still received same 
error. is there an issue with the package signatures and the available key not 
matching? 

--

Thanks,

Fabian S.

OpenPGP: 3C3FA072ACCB7AC5DB0F723455502B0EEB9070FC

Re: Package repository now available

2017-12-27 Thread Fabian A. Santiago 
December 27, 2017 10:53 AM, aki.tu...@dovecot.fi wrote:

> Small amendment...
> 
> if you ran
> 
> gpg --export > /etc/apt/trusted.gpg.d/dovecot.gpg
> 
> please run
> 
> gpg --export ED409DA1 > /etc/apt/trusted.gpg.d/dovecot.gpg
> 
> Aki
> 
>> On December 27, 2017 at 5:00 PM aki.tu...@dovecot.fi wrote:
>> 
>> Dovecot now has package repository for Debian, CentOS and Ubuntu available at
>> https://repo.dovecot.org
>> 
>> Packages are provided for 2.3 series and forward. Please let us know if you 
>> run into any trouble
>> with these.
>> 
>> ---
>> Aki Tuomi
>> Dovecot oy
>> ___
>> Dovecot-news mailing list
>> dovecot-n...@dovecot.org
>> https://dovecot.org/mailman/listinfo/dovecot-news

so i received this (centos 7.4):

Retrieving key from https://repo.dovecot.org/DOVECOT-REPO-GPG
Importing GPG key 0xED409DA1:
 Userid : "Dovecot Community Edition "
 Fingerprint: 2be7 4aab 3ee7 54df b9c8 0d33 18a3 48ae ed40 9da1
 From   : https://repo.dovecot.org/DOVECOT-REPO-GPG
Is this ok [y/N]: y
warning: 
/var/cache/yum/x86_64/7/dovecot-2.3-latest/packages/dovecot-pgsql-2.3.0-2.x86_64.rpm:
 Header V3 DSA/SHA256 Signature, key ID eed949f0: NOKEY
Retrieving key from https://repo.dovecot.org/DOVECOT-REPO-GPG


The GPG keys listed for the "RHEL 7 - x86_64" repository are already installed 
but they are not correct for this package.
Check that the correct key URLs are configured for this repository.


 Failing package is: 2:dovecot-pgsql-2.3.0-2.x86_64
 GPG Keys are configured as: https://repo.dovecot.org/DOVECOT-REPO-GPG


upgrading from dovecot 2.2.x. 

is this related to what you just mentioned with the gpg key? 

--

Thanks,

Fabian S.

OpenPGP: 3C3FA072ACCB7AC5DB0F723455502B0EEB9070FC

Re: Package repository now available

2017-12-27 Thread aki . tuomi 
Small amendment...

if you ran

gpg --export > /etc/apt/trusted.gpg.d/dovecot.gpg

please run

gpg --export ED409DA1 > /etc/apt/trusted.gpg.d/dovecot.gpg

Aki

> On December 27, 2017 at 5:00 PM aki.tu...@dovecot.fi wrote:
> 
> 
> Dovecot now has package repository for Debian, CentOS and Ubuntu available at 
> https://repo.dovecot.org/
> 
> Packages are provided for 2.3 series and forward. Please let us know if you 
> run into any trouble with these.
> 
> ---
> Aki Tuomi
> Dovecot oy
> ___
> Dovecot-news mailing list
> dovecot-n...@dovecot.org
> https://dovecot.org/mailman/listinfo/dovecot-news

Re: Package repository now available

2017-12-27 Thread Aki Tuomi 
Yes.

Aki

> On December 27, 2017 at 5:05 PM azu...@pobox.sk wrote:
> 
> 
> Are provided packages suitable for production usage?
> 
> 
> 
> 
> 
> Citát aki.tu...@dovecot.fi:
> 
> > Dovecot now has package repository for Debian, CentOS and Ubuntu  
> > available at https://repo.dovecot.org/
> >
> > Packages are provided for 2.3 series and forward. Please let us know  
> > if you run into any trouble with these.
> >
> > ---
> > Aki Tuomi
> > Dovecot oy
> 
> 
>

Re: Package repository now available

2017-12-27 Thread azurit 

Are provided packages suitable for production usage?





Citát aki.tu...@dovecot.fi:

Dovecot now has package repository for Debian, CentOS and Ubuntu  
available at https://repo.dovecot.org/


Packages are provided for 2.3 series and forward. Please let us know  
if you run into any trouble with these.


---
Aki Tuomi
Dovecot oy

[Dovecot-news] Package repository now available

2017-12-27 Thread aki . tuomi 
Dovecot now has package repository for Debian, CentOS and Ubuntu available at 
https://repo.dovecot.org/

Packages are provided for 2.3 series and forward. Please let us know if you run 
into any trouble with these.

---
Aki Tuomi
Dovecot oy
___
Dovecot-news mailing list
Dovecot-news@dovecot.org
https://dovecot.org/mailman/listinfo/dovecot-news

Package repository now available

2017-12-27 Thread aki . tuomi 
Dovecot now has package repository for Debian, CentOS and Ubuntu available at 
https://repo.dovecot.org/

Packages are provided for 2.3 series and forward. Please let us know if you run 
into any trouble with these.

---
Aki Tuomi
Dovecot oy

Re: dovecot-submission SMTP send error with Thunderbird (BODY=8BITMIME)

2017-12-27 Thread Stephan Bosch 
Op 12/24/2017 om 7:54 AM schreef Reuben Farrelly:
> Hi again,
>
> On 24/12/2017 7:11 am, Stephan Bosch wrote:
>> Op 12/23/2017 om 7:18 AM schreef Reuben Farrelly:
>>> Hi,
>>>
>>> With latest 2.3 -git (and 2.3.0 release), I'm running into this error
>>> with Thunderbird:
>>>
>>> "An error occurred while sending mail. The mail server responded:
>>> 5.5.4 Unsupported mail BODY type. Please verify that your email
>>> address is correct in your account settings and try again."
>>>
>>> This is fatal and means Thunderbird cannot use the submission service
>>> - fortunately I can revert back to a native Postfix service which
>>> works.
>>>
>>> Here's a tcpdump of the conversation:
>>>
>>> thunderstorm /etc/dovecot/conf.d # tcpdump -A port 587
>>>
>>> dropped privs to tcpdump
>>> tcpdump: verbose output suppressed, use -v or -vv for full protocol
>>> decode
>>> listening on eth0, link-type EN10MB (Ethernet), capture size 262144
>>> bytes
>>
>> I cannot reproduce this behavior so far.
>
>> I will continue experimenting a bit. I still have to actually try this
>> with Thunderbird. Any other configuration I should know about (`dovecot
>> -n`)?

Fix pending:

https://github.com/stephanbosch/dovecot-core/commits/fix-submission-thunderbird

Regards,

Stephan.

Re: Renewing certificates

2017-12-27 Thread Bill Shirley 

I'm using acme.sh to get my Let's Encrypt certificates.  The install command is:
acme.sh --installcert -d imap.example.com \
    --keypath /etc/pki/dovecot/private/imap.example.com.pem \
    --certpath /etc/pki/dovecot/certs/imap.example.com.crt \
    --fullchainpath /etc/pki/dovecot/certs/imap.example.com.full.chain.crt \
    --reloadcmd "systemctl reload dovecot.service"
Notice the --reloadcmd.

Bill

On 12/26/2017 6:16 PM, Aki Tuomi wrote:

On December 26, 2017 at 11:42 PM Kenneth Porter  wrote:


I'm setting up certbot/letsencrypt to provide a certificate for dovecot and
sendmail. Is it necessary to restart dovecot to load the new certificate,
as shown in most examples I find in blogs? That seems rude to established
connections. When does dovecot read the cert and key files? Once at startup
or each time a connection requests SSL? Is there a preferred locking
protocol when changing the two files to keep dovecot from reading one while
the other is being replaced and getting a mismatched pair?

doveadm reload should be enough.

Aki