Re: VarExpandCrypt plugin usecase

[Aki Tuomi]

> On February 9, 2018 at 3:40 AM ta...@vfemail.net wrote:
> 
> 
> 
> Hai,
> I found VarExpandCrypt plugin but not sure the usecase? Somewhere is  
> more documentation for it?
> https://wiki2.dovecot.org/Plugins/VarExpandCrypt
> 

Hi!

var_expand_crypt plugin can be used for decrypting/encrypting variables.

It's most common usecase would be to decrypt user credentials encrypted using 
reversible encryption (a.k.a. obfuscation).

It can be used for other purposes too, like transmitting information from proxy 
to backend encrypted without using SSL.

Aki

Re: Best mail encryption solution for per-user

[Aki Tuomi]

> On February 9, 2018 at 8:31 AM Aki Tuomi  wrote:
> 
> 
> 
> > On February 9, 2018 at 3:20 AM ta...@vfemail.net wrote:
> > 
> > 
> > 
> > Hai,
> > 
> > Do you have advice about Dovecot plugins for mail encryption:
> > 
> > https://wiki2.dovecot.org/Plugins/MailCrypt
> > 
> > https://0xacab.org/riseuplabs/trees
> > 
> > I like NaCL based encryption but the MailCrypt plugin is better  
> > because it's maintained by Dovecot developers (is this correct?)
> > 
> > Hard to understand MailCrypt docs so may I ask, may I provide per user  
> > encryption? I don't like global because I want every user to have  
> > different encryption based on their password. But I don't see the  
> > useful of per-folder encryption. Docs for TREES are easier to  
> > understand it will work on a per-user encryption using the user  
> > password to decrypt the needed keys.
> > 
> > How about indexing? Does native fast Dovecot indexing must be turned  
> > off for one of these or both? Is this a big performance hit? And how  
> > to turn off indexing on a per-user basis?
> > 
> > Thank you so very mcuh
> > 
> > 
> 
> Hi!
> 
> Mail crypt plugin in dovecot core is indeed developed and maintained by us. 
> Turning on encryption is simple, but you'll have to consider key management 
> closely.
> 
> The simple instructions are
> 
> mail_plugins = $mail_plugins mail_crypt
> mail_attribute_dict = file:%h/Maildir/dovecot-attributes
> 
> plugin {
>   mail_crypt_curve = 
>   mail_crypt_save_version = 2
> }
> 
> This will turn on automatic key creation for folders and users.
> 
> NOTE that the keys won't be encrypted in this scenario.
> 
> To encrypt keys you have few choices. You can use a static password, static 
> ECC key, per-user password, per-user ECC key, per-user password protected ECC 
> key.
> 
> With the per-user model, the easiest, if you don't let users change password 
> could be adding into userdb or passdb, mail_crypt_private_password = 
> %{sha512:password}
> 
> If you want users to be able to change passwords, you either need to manage 
> the encryption passwords in user database, or call doveadm mailbox cryptokey 
> password during password change.
> 
> Also we do not currently support DR keys, so if the per-user key is lost, you 
> will not be able to recover the mails.
> 

Forgot to add that currently it's not possible to encrypt indexes due to how 
lib-index is designed.

> Aki

Re: Best mail encryption solution for per-user

[Aki Tuomi]

> On February 9, 2018 at 3:20 AM ta...@vfemail.net wrote:
> 
> 
> 
> Hai,
> 
> Do you have advice about Dovecot plugins for mail encryption:
> 
> https://wiki2.dovecot.org/Plugins/MailCrypt
> 
> https://0xacab.org/riseuplabs/trees
> 
> I like NaCL based encryption but the MailCrypt plugin is better  
> because it's maintained by Dovecot developers (is this correct?)
> 
> Hard to understand MailCrypt docs so may I ask, may I provide per user  
> encryption? I don't like global because I want every user to have  
> different encryption based on their password. But I don't see the  
> useful of per-folder encryption. Docs for TREES are easier to  
> understand it will work on a per-user encryption using the user  
> password to decrypt the needed keys.
> 
> How about indexing? Does native fast Dovecot indexing must be turned  
> off for one of these or both? Is this a big performance hit? And how  
> to turn off indexing on a per-user basis?
> 
> Thank you so very mcuh
> 
> 

Hi!

Mail crypt plugin in dovecot core is indeed developed and maintained by us. 
Turning on encryption is simple, but you'll have to consider key management 
closely.

The simple instructions are

mail_plugins = $mail_plugins mail_crypt
mail_attribute_dict = file:%h/Maildir/dovecot-attributes

plugin {
  mail_crypt_curve = 
  mail_crypt_save_version = 2
}

This will turn on automatic key creation for folders and users.

NOTE that the keys won't be encrypted in this scenario.

To encrypt keys you have few choices. You can use a static password, static ECC 
key, per-user password, per-user ECC key, per-user password protected ECC key.

With the per-user model, the easiest, if you don't let users change password 
could be adding into userdb or passdb, mail_crypt_private_password = 
%{sha512:password}

If you want users to be able to change passwords, you either need to manage the 
encryption passwords in user database, or call doveadm mailbox cryptokey 
password during password change.

Also we do not currently support DR keys, so if the per-user key is lost, you 
will not be able to recover the mails.

Aki

Re: Bounced message after update

[Michael A. Peters]

okay weird - I read https://wiki2.dovecot.org/DomainLost

I set auth_debug=yes to get a clearer indication if that was my problem.

Tried again and it successfully went through.

On 02/08/2018 05:46 PM, Michael A. Peters wrote:

Hi -

Updated from 2.2.27 to 2.3.0

server is webmail (roundcube)

Sending worked before after update. Now it receives, but trying to send
- this is the bounce in the log

Feb  9 01:37:45 {hostname} postfix/pipe[22891]: 931FD2577:
to=<{user}@{hostname}.{tld}>, relay=dovecot, delay=0.01, delays=0/0/0/0,
dsn=5.3.0, status=bounced (command line usage error. Command output:
lda: Fatal: Invalid -f parameter: Missing domain )
Feb  9 01:37:45 deviant postfix/qmgr[16492]: 931FD2577: removed

{hostname}, {user}, {tld} are substitutions.

Here's my lda config:

protocol lda {
log_path = /home/{hostname}/dovecot-deliver.log
auth_socket_path = /var/run/dovecot/auth-master
postmaster_address = postmaster@{hostname}.{tld}
}

Any suggestions (other than reverting) ?

This worked just before the update.

If it matters, Roundcube 1.3.4

Bounced message after update

[Michael A. Peters]

Hi -

Updated from 2.2.27 to 2.3.0

server is webmail (roundcube)

Sending worked before after update. Now it receives, but trying to send 
- this is the bounce in the log


Feb  9 01:37:45 {hostname} postfix/pipe[22891]: 931FD2577: 
to=<{user}@{hostname}.{tld}>, relay=dovecot, delay=0.01, delays=0/0/0/0, 
dsn=5.3.0, status=bounced (command line usage error. Command output: 
lda: Fatal: Invalid -f parameter: Missing domain )

Feb  9 01:37:45 deviant postfix/qmgr[16492]: 931FD2577: removed

{hostname}, {user}, {tld} are substitutions.

Here's my lda config:

protocol lda {
log_path = /home/{hostname}/dovecot-deliver.log
auth_socket_path = /var/run/dovecot/auth-master
postmaster_address = postmaster@{hostname}.{tld}
}

Any suggestions (other than reverting) ?

This worked just before the update.

If it matters, Roundcube 1.3.4

VarExpandCrypt plugin usecase

[tai74]

Hai,
I found VarExpandCrypt plugin but not sure the usecase? Somewhere is  
more documentation for it?

https://wiki2.dovecot.org/Plugins/VarExpandCrypt


-

ONLY AT VFEmail! - Use our Metadata Mitigator to keep your email out of the 
NSA's hands!
$24.95 ONETIME Lifetime accounts with Privacy Features!  
15GB disk! No bandwidth quotas!
Commercial and Bulk Mail Options!  

Best mail encryption solution for per-user

[tai74]

Hai,

Do you have advice about Dovecot plugins for mail encryption:

https://wiki2.dovecot.org/Plugins/MailCrypt

https://0xacab.org/riseuplabs/trees

I like NaCL based encryption but the MailCrypt plugin is better  
because it's maintained by Dovecot developers (is this correct?)


Hard to understand MailCrypt docs so may I ask, may I provide per user  
encryption? I don't like global because I want every user to have  
different encryption based on their password. But I don't see the  
useful of per-folder encryption. Docs for TREES are easier to  
understand it will work on a per-user encryption using the user  
password to decrypt the needed keys.


How about indexing? Does native fast Dovecot indexing must be turned  
off for one of these or both? Is this a big performance hit? And how  
to turn off indexing on a per-user basis?


Thank you so very mcuh


-

ONLY AT VFEmail! - Use our Metadata Mitigator to keep your email out of the 
NSA's hands!
$24.95 ONETIME Lifetime accounts with Privacy Features!  
15GB disk! No bandwidth quotas!
Commercial and Bulk Mail Options!  

Re: How to grant user access to his .dovecot.sieve.log?

[Sergey Ivanov]

No, it won't work.
"sieve_after" require user script to explicitly "keep" the message. If the
script fails, the default action stores the message into INBOX, thus
finishing executions of sieve scripts. So, in most wanted case the
"sieve_after" which suppose to notify user about problems with his script
will not be called. These logs contain messages about syntax errors which
depend on the exact environment (say, the list of enabled Sieve
extensions). Also they have reports about runtime problems like absent
folder referenced in the script. It is a bad situation if user can not read
these logs.

I see a couple workarounds.

First: a separate FilterSet which user can activate to get
.dovecot.sieve.log when he wants. It can be something like
===
$ cat /srv/dovecot/seriv/.dovecot.sieve
require ["vnd.dovecot.execute"];
# rule:[dovecot.sieve.log]
if header :contains "subject" "dovecot.sieve.log"
{
execute "log_content.sh";
}
===
with
===
$ cat /usr/lib64/dovecot/sieve-extprograms/log_content.sh
#!/bin/bash
if test -s $HOME/.dovecot.sieve.log; then
  /usr/bin/mailx -s "sieve.log"  $recipient < $HOME/.dovecot.sieve.log
  /usr/bin/echo -n '' > $HOME/.dovecot.sieve.log
fi


Second: a separate user, say "givemel...@imap.example.org" on my IMAP
server. When user sends to this address a request, it replies with content
of users .dovecot.sieve.log emptying it afterwards. It should have access
to the "SENDER" external variable. If needed there should be 2 step
authentication against forged "SENDER", sending cryptographically strong
token and asking user to reply with the same token to authorize request and
emptying log. But isn't it too much complexity for such thing as looking at
the log?

Even another way, with proposed httpd access, can be set up to work with
apache of the version 2.4.8+, using "LocationMatch" and environment
variable set to matched regex in "Require User" statement, like:
===
$ cat /etc/httpd/conf.d/userdir.conf

  UserDir /srv/dovecot
  Loglevel debug
  [^/]+)">
AllowOverride None
AuthType Basic
AuthName 'private logs'
AuthBasicProvider file
AuthUserFile /etc/httpd/users
Require user %{env:MATCH_WHICHUSER}
SSLRequireSSL
DirectoryIndex .dovecot.sieve.log
  

===
Sure for this to work in production I will put "AuthBasicProvider ldap" and
authenticate against the same LDAP server as dovecot uses. And I think I
should place these sieve files into separate from mail directory like
'/srv/sieve/', so that apache won't get access to mail.

-- 
  Regards,
  Sergey


On Thu, Feb 8, 2018 at 3:43 AM, LuKreme  wrote:

> On Feb 6, 2018, at 19:53, Sergey Ivanov  wrote:
> > Answering myself (not yet implemented, but I hope it will work):
> > Using sieve  extprograms extension and global "after" script, I can read
> .dovecot.sieve.log into a sieve variable 'log_content' if this log is not
> empty. I hope this log will be written before "after" script is called, but
> will check if it is true.
> > Then using sieve "notify" action with mailto:${user_mailaddress}?
> body=${log_content}"
>
> Did that work?
>
> --
> This is my signature. There are many like it, but this one is mine.
>
> >
>
>

Re: Dovecot 2.3.0 assertion failure on LMTP delivery

[Dariusz Parciak]

Hi All,

I have similar issue with Dovecot 2.3.0 on Centos 6.
Is it possible to fix it now? Or we have to wait for 2.3.1

Thanks,
Darek



W dniu 2018-01-29 05:48, J. Nick Koston napisał(a):

Hi Aki,

Please see below:

Thank you
-Nick

# gdb /usr/libexec/dovecot/lmtp ./3445
Using host libthread_db library "/lib64/libthread_db.so.1".
Core was generated by `dovecot/lmtp'.
Program terminated with signal 6, Aborted.
#0  0x7f297814d1f7 in raise () from /lib64/libc.so.6
Missing separate debuginfos, use: debuginfo-install
dovecot-2.3.0-8.cp1162.x86_64
(gdb) back
#0  0x7f297814d1f7 in raise () from /lib64/libc.so.6
#1  0x7f297814e8e8 in abort () from /lib64/libc.so.6
#2  0x7f29785a3eab in default_fatal_finish (type=,
status=status@entry=0) at failures.c:228
#3  0x7f29785a3f9e in i_internal_fatal_handler
(ctx=0x7ffe12c97a00, format=, args=) at
failures.c:718
#4  0x7f2978517190 in i_panic (format=format@entry=0x7f29785df6a8
"file %s: line %d (%s): assertion failed: (%s)") at failures.c:306
#5  0x7f29785bf6bb in event_unref
(_event=_event@entry=0x55ac2dab3ea8) at lib-event.c:148
#6  0x7f29788a1b64 in mail_storage_service_user_unref
(_user=_user@entry=0x55ac2dab35a8) at mail-storage-service.c:1649
#7  0x55ac2cbd03fa in lmtp_local_rcpt_deinit (rcpt=0x55ac2dab3570)
at lmtp-local.c:125
#8  0x55ac2cbd08dc in lmtp_local_deinit
(_local=_local@entry=0x55ac2daa00f0) at lmtp-local.c:83
#9  0x55ac2cbcfa5a in client_state_reset (client=0x55ac2daa0028)
at client.c:177
#10 0x7f297852e96c in smtp_server_connection_reset_state
(conn=0x55ac2daaee40) at smtp-server-connection.c:1249
#11 0x7f297852c31d in smtp_server_command_completed
(cmd=0x55ac2dab3998) at smtp-server-command.c:380
#12 0x7f297852f848 in smtp_server_connection_next_reply
(conn=0x55ac2daaee40) at smtp-server-connection.c:623
#13 smtp_server_connection_send_replies (conn=0x55ac2daaee40) at
smtp-server-connection.c:682
#14 smtp_server_connection_output (conn=0x55ac2daaee40) at
smtp-server-connection.c:728
#15 0x7f29785cb990 in stream_send_io (fstream=0x55ac2da75dd0) at
ostream-file.c:475
#16 0x7f29785bb4d5 in io_loop_call_io (io=0x55ac2dab75b0) at 
ioloop.c:614

#17 0x7f29785bcdaf in io_loop_handler_run_internal
(ioloop=ioloop@entry=0x55ac2da6ac50) at ioloop-epoll.c:222
#18 0x7f29785bb5d2 in io_loop_handler_run
(ioloop=ioloop@entry=0x55ac2da6ac50) at ioloop.c:666
#19 0x7f29785bb7f8 in io_loop_run (ioloop=0x55ac2da6ac50) at 
ioloop.c:639

#20 0x7f2978539bb3 in master_service_run (service=0x55ac2da6aae0,
callback=callback@entry=0x55ac2cbcf3d0 ) at
master-service.c:767
#21 0x55ac2cbcf1a6 in main (argc=1, argv=0x55ac2da6a8a0) at 
main.c:159

(gdb) bt full
#0  0x7f297814d1f7 in raise () from /lib64/libc.so.6
No symbol table info available.
#1  0x7f297814e8e8 in abort () from /lib64/libc.so.6
No symbol table info available.
#2  0x7f29785a3eab in default_fatal_finish (type=,
status=status@entry=0) at failures.c:228
backtrace = 0x55ac2da62088
"/usr/lib64/dovecot/libdovecot.so.0(+0xc8ee4) [0x7f29785a3ee4] ->
/usr/lib64/dovecot/libdovecot.so.0(+0xc8f9e) [0x7f29785a3f9e] ->
/usr/lib64/dovecot/libdovecot.so.0(i_fatal+0) [0x7f2978517190] ->
/usr"...
recursed = 0
#3  0x7f29785a3f9e in i_internal_fatal_handler
(ctx=0x7ffe12c97a00, format=, args=) at
failures.c:718
status = 0
#4  0x7f2978517190 in i_panic (format=format@entry=0x7f29785df6a8
"file %s: line %d (%s): assertion failed: (%s)") at failures.c:306
ctx = {type = LOG_TYPE_PANIC, exit_status = 0, timestamp =
0x0, timestamp_usecs = 0, log_prefix = 0x0}
args = {{gp_offset = 40, fp_offset = 48, overflow_arg_area =
0x7ffe12c97af0, reg_save_area = 0x7ffe12c97a30}}
#5  0x7f29785bf6bb in event_unref
(_event=_event@entry=0x55ac2dab3ea8) at lib-event.c:148
event = 0x55ac2dab8180
__func__ = "event_unref"
#6  0x7f29788a1b64 in mail_storage_service_user_unref
(_user=_user@entry=0x55ac2dab35a8) at mail-storage-service.c:1649
user = 0x55ac2dab3e08
__func__ = "mail_storage_service_user_unref"
#7  0x55ac2cbd03fa in lmtp_local_rcpt_deinit (rcpt=0x55ac2dab3570)
at lmtp-local.c:125
No locals.
#8  0x55ac2cbd08dc in lmtp_local_deinit
(_local=_local@entry=0x55ac2daa00f0) at lmtp-local.c:83
rcptp_end = 0x55ac2da9fbb8
local = 0x55ac2dab8000
rcptp = 0x55ac2da9fbb0
#9  0x55ac2cbcfa5a in client_state_reset (client=0x55ac2daa0028)
at client.c:177
No locals.
#10 0x7f297852e96c in smtp_server_connection_reset_state
(conn=0x55ac2daaee40) at smtp-server-connection.c:1249
No locals.
#11 0x7f297852c31d in smtp_server_command_completed
(cmd=0x55ac2dab3998) at smtp-server-command.c:380
hook_completed = 
#12 0x7f297852f848 in smtp_server_connection_next_reply
(conn=0x55ac2daaee40) at smtp-server-connection.c:623
cmd = 0x55ac2dab3998
error = 0x0
i = 
#13 smtp_server_connection_send_replies 

Re: How to grant user access to his .dovecot.sieve.log?

[LuKreme]

On Feb 6, 2018, at 19:53, Sergey Ivanov  wrote:
> Answering myself (not yet implemented, but I hope it will work):
> Using sieve  extprograms extension and global "after" script, I can read 
> .dovecot.sieve.log into a sieve variable 'log_content' if this log is not 
> empty. I hope this log will be written before "after" script is called, but 
> will check if it is true.
> Then using sieve "notify" action with 
> mailto:${user_mailaddress}?body=${log_content};

Did that work?

-- 
This is my signature. There are many like it, but this one is mine.

> 

Re: stats-writer failed: Permission denied

[Steffen Kaiser]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Wed, 7 Feb 2018, Jakobus Schürz wrote:

Since i compile my own dovecot (not using dovecot from debian), i get this 
error on each startup dovecot with systemd


Feb 07 11:16:35 aldebaran dovecot[7455]: imap: Error: 
net_connect_unix(/usr/local/var/run/dovecot/stats-writer) failed: Permission 
denied
Feb 07 11:16:35 aldebaran dovecot[7455]: imap: Error: 
net_connect_unix(/usr/local/var/run/dovecot/stats-writer) failed: Permission 
denied



I can change the owner and/or permissions of the file, than it works till the 
next reboot.


How can i set this correctly in my configs?


check out something like:

service stats {
  fifo_listener stats-mail {
user = vmail
mode = 0600
  }
}

https://wiki2.dovecot.org/Services#unix_listeners_and_fifo_listeners

- -- 
Steffen Kaiser

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQEVAwUBWnwNqcQnQQNheMxiAQLyVwf8DBEV27Nz5VXG3ENcjkkTblDS1/7dkTHc
ZWbBY9VfRMp8VzjCCFHRNcHiPB26Y9qeXlVjOnDkBJXtl+XvmH+2Stg+LALp5Elh
mS4GZNbu2ydYz4w35DbDY1+3Yg29LTp6kzLbn6s9wWLci0CiJCxbHuHvXKhBPMNE
VGTBoGRhh+VOLJmN5lduVPHz0BDMUzeB74I3vWLNrYgIlXG7+vezEMPG4SgiX0b7
pggzrUEcQPPGnFDGDzuGtK7XWVJUoYEnJ81BYBplf/p6dB9ExqlOLl9c8jmeglwb
JsBI2UNp2BSANggKG0oCRfbkAUgeCPpIIejGnhNFGKujBNdz1lYDNA==
=49Ge
-END PGP SIGNATURE-