Re: sievec prints an error if no dovecot running with mail_plugins = stats
Op 12/06/2018 om 19:28 schreef SATOH Fumiyasu: Dovecot 2.2.36 + Pigeonhole 0.4.24 Is this an intended behavior? ``` # service dovecot status dovecot is stopped # doveconf mail_plugins mail_plugins = stats # ls foo.* foo.sieve # sievec foo.sieve sievec(root): Error: stats: open(/var/run/dovecot/stats-mail) failed: No such device or address # echo $? 0 # ls foo.* foo.sieve foo.svbin ``` Just a small nuisance I guess. Should be OK for v2.3.x Regards, Stephan.
Re: Proxy lmtp to smtp server
Op 25/06/2018 om 21:42 schreef Stephan Bosch: Op 14/06/2018 om 22:24 schreef grupo correo: Hi, I need to use lmtp server proxy, to proxy a remote smtp server, the documentation says "It's possible to use Dovecot LMTP server as a proxy to remote LMTP or SMTP servers", but i do not find how to configure. Can anybody gel me to understand? https://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy However, the protocol field appears to be undocumented: https://github.com/dovecot/core/blob/master/src/lmtp/lmtp-proxy.c#L382 This is also important: https://wiki2.dovecot.org/LMTP#LMTP_Proxying Regards, Stephan.
Re: Proxy lmtp to smtp server
Op 14/06/2018 om 22:24 schreef grupo correo: Hi, I need to use lmtp server proxy, to proxy a remote smtp server, the documentation says "It's possible to use Dovecot LMTP server as a proxy to remote LMTP or SMTP servers", but i do not find how to configure. Can anybody gel me to understand? https://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy However, the protocol field appears to be undocumented: https://github.com/dovecot/core/blob/master/src/lmtp/lmtp-proxy.c#L382 Regards, Stephan.
Re: sieve for systemusers
Op 22/06/2018 om 01:05 schreef ratatouille: Hello! I enabled LDA for systemusers bei adding mailbox_command = /usr/lib/dovecot/dovecot-lda -f "$SENDER" -a "$RECIPIENT" to main.cf of postfix. I have done this because I want to use sieve for systemusers too, not only for virtual users. But the sievescripts do not work for those systemusers. What else needs to be done to get sieve to work for systemusers? https://wiki2.dovecot.org/Pigeonhole/Sieve/Troubleshooting has a few pointers Kind regards Andreas
Re: failed to access user's Sieve script file
What version is this? Op 22/06/2018 om 01:59 schreef ratatouille: Hello! I set sieve = file:~/sieve;active=~/Postfach/.dovecot.sieve because I got error Debug: sieve: user's script ~/.dovecot.sieve doesn't exist But with sieve = file:~/sieve;active=~/Postfach/.dovecot.sieve I get Jun 22 01:55:21 lda(a.meyer): Error: sieve: sieve file backend: invalid option `active=~/Postfach/.dovecot.sieve' Jun 22 01:55:21 lda(a.meyer): Error: sieve: failed to access user's Sieve script file:~/sieve;active=~/Postfach/.dovecot.sieve (temporary failure) What can I do so that LDA finds the sievescript of the user? Kind regards Andreas
Re: upgrade 2.2 to 2.3, diffie-hellman, ssl_min_protocol
ssl_dh=: > On Fri, 22 Jun 2018, Joseph Tam wrote: > >> However, recent advances make this condition obsolete [*] and not >> really safer, so a much faster way to generate a DH key is >> >> openssl dhparam -dsaparam -out dh.pem 4096 >> >> DH generation is a one time operation, so if you're paranoid and you've >> got time to burn, go ahead and generate the "safe" DH key. >> >> [*] https://security.stackexchange.com/questions/42415/openvpn-dhparam) > > Oh, I might have to backtrack on this claim > > https://www.openssl.org/news/secadv/20160128.txt > > although it's beyond my understanding whether it's applicable to Dovecot. > > Joseph Tam - ONLY AT VFEmail! - Use our Metadata Mitigator to keep your email out of the NSA's hands! $24.95 ONETIME Lifetime accounts with Privacy Features! 15GB disk! No bandwidth quotas! Commercial and Bulk Mail Options!
Re: upgrade 2.2 to 2.3, diffie-hellman, ssl_min_protocol
Thanks Joseph, Aki, but something missing from upgrade document, where does the dh param file go? I located ssl-parameters.dat so I will put it there. Quoting Joseph Tam : On Fri, 22 Jun 2018, Joseph Tam wrote: However, recent advances make this condition obsolete [*] and not really safer, so a much faster way to generate a DH key is openssl dhparam -dsaparam -out dh.pem 4096 DH generation is a one time operation, so if you're paranoid and you've got time to burn, go ahead and generate the "safe" DH key. [*] https://security.stackexchange.com/questions/42415/openvpn-dhparam) Oh, I might have to backtrack on this claim https://www.openssl.org/news/secadv/20160128.txt although it's beyond my understanding whether it's applicable to Dovecot. Joseph Tam - ONLY AT VFEmail! - Use our Metadata Mitigator to keep your email out of the NSA's hands! $24.95 ONETIME Lifetime accounts with Privacy Features! 15GB disk! No bandwidth quotas! Commercial and Bulk Mail Options!
Re: Pigeonhole extdata repo?
thanks you AKi for alway responding!
Pigeonhole download page has links for extdata plugin up to v0.4 but
nothing more and no link to the master repository
https://pigeonhole.dovecot.org/download.html
I want to use with dovecot 2.3.2rc1 but v0.4 won't compile with it.
Seems to need v0.5 for it. What are you using it for?
For a custom sieve script that needs database reference. No one has
updated it for 0.5? Is Stephan Bosch the only person who can help?
Looks like incompatibilities with changes in dovecot dict things:
ext-extdata-common.c: In function 'ext_extdata_interpreter_get_context':
ext-extdata-common.c:113:3: warning: passing argument 3 of 'dict_init'
from incompatible pointer type [enabled by default]
svinst->base_dir, , );
^
In file included from ext-extdata-common.c:6:0:
/usr/local/include/dovecot/dict.h:86:5: note: expected 'struct dict
**' but argument is of type 'const char *'
int dict_init(const char *uri, const struct dict_settings *set,
^
ext-extdata-common.c:113:3: warning: passing argument 4 of 'dict_init'
from incompatible pointer type [enabled by default]
svinst->base_dir, , );
^
In file included from ext-extdata-common.c:6:0:
/usr/local/include/dovecot/dict.h:86:5: note: expected 'const char **'
but argument is of type 'const char *'
int dict_init(const char *uri, const struct dict_settings *set,
^
ext-extdata-common.c:113:3: error: too many arguments to function 'dict_init'
svinst->base_dir, , );
^
In file included from ext-extdata-common.c:6:0:
/usr/local/include/dovecot/dict.h:86:5: note: declared here
int dict_init(const char *uri, const struct dict_settings *set,
^
ext-extdata-common.c: In function 'ext_extdata_get_value':
ext-extdata-common.c:162:3: error: too few arguments to function 'dict_lookup'
pool_datastack_create(), key, )) <= 0 ) {
^
In file included from ext-extdata-common.c:6:0:
/usr/local/include/dovecot/dict.h:99:5: note: declared here
int dict_lookup(struct dict *dict, pool_t pool,
^
-
ONLY AT VFEmail! - Use our Metadata Mitigator to keep your email out of the
NSA's hands!
$24.95 ONETIME Lifetime accounts with Privacy Features!
15GB disk! No bandwidth quotas!
Commercial and Bulk Mail Options!
Dovecot as transparent proxy for Exchange<->Dovecot<->Yahoo.com/Yandex.com with mail synchronization between servers !
We have Exchange as internal mail server, also we have gate where we plant to install Dovecot, also we have external mail at servers such as yahoo.com ort yandex.com. There are some mailboxes at Exchange, for example: us...@internal.ltd to use...@internal.ltd. There are some mailboxes at Ynadex.com, for example: person...@external.com to persone...@external.com. 1. For messages flow: We need that Dovecot would act as at least transparent IMAP proxy for Exchange/Yandex and vise versa. For incoming messages - some messages comes to person...@external.com located at Yandex.com, then Dovecot gets it from Yandex using IMAP IDLE, tnen stores it locally (where Dovecot is installed) to MySQL (using DBMail) or at least maildir format and after that sends it forward (using IMAP PUSH) to appropriate account us...@internal.ltd or triggers (signals) Fetchmail to sends forward it to specified Exchange acoount. And so on - for each external/interla pairs of accounts (Yandex.com/Exchange) . For outgoing messages - Exchange send out it using Exim4, Exim4 stores it locally (where Dovecot is installed) to MySQL (using DBMail) and then Exim4 sends it out to Yandex.com and in the same time Dovecot uploads this message to Yandex.com to "Sent" folder. And this messages is sent through Yandex.com. 2. For messages storage: When messages are deleted at Exchange, it are deleted from Dovecot (MySQL storage) and deleted from Yandex.com as well. Or when messages are deleted from Yandex.com, it are deleted from Dovecot (MySQL storage) and deleted from Exchange as well. Is it possible to set up Dovecot and may be some other soft (Fetchmail, imapsyncd and so on) to get point 1 working or point 1 and point 2 working ?
Re: doveadm: problem listing shared mailboxes using a wildcard
* Aki Tuomi :
> Please provide doveconf -n
[root@spike ~]# doveconf -n
# 2.2.10: /etc/dovecot/dovecot.conf
# OS: Linux 3.10.0-862.3.3.el7.x86_64 x86_64 CentOS Linux release 7.5.1804
(Core) xfs
auth_debug = yes
first_valid_uid = 1000
mail_debug = yes
mail_location = sdbox:/srv/mail/%u
mail_plugins = acl
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy
include variables body enotify environment mailbox date ihave
mbox_write_locks = fcntl
namespace {
ignore_on_failure = no
list = children
location = sdbox:%%h
prefix = shared/%%u/
separator = /
subscriptions = no
type = shared
}
namespace inbox {
ignore_on_failure = no
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
separator = /
type = private
}
passdb {
args = scheme=PLAIN username_format=%u /etc/dovecot/users
default_fields = nopassword=y
driver = passwd-file
}
plugin {
acl = vfile
acl_shared_dict = file:/var/lib/dovecot/db/shared-mailboxes.db
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
}
service auth {
unix_listener auth-userdb {
group = vmail
mode = 0777
user = vmail
}
}
service imap {
executable = imap post-login
}
service post-login {
executable = script-login /usr/local/bin/postlogin
user = vmail
}
ssl = required
ssl_cert =
>
> ---Aki TuomiDovecot oy
> Original message From: Patrick Ben Koetter
> Date: 25/06/2018 17:21 (GMT+02:00) To: dovecot@dovecot.org Cc: Thore
> Bödecker Subject: Re: doveadm: problem listing shared
> mailboxes using a wildcard
> * Thore Bödecker :
> > You might need to quote that last argument, otherwise it can get
> > interpreted by the shell as globbing, which obviously is not what you
> > want.
> >
> > I've been using wildcard arguments enclosed within '' and "" for
> > various doveadm commands without issues so far.
>
> Right. I had thought so too (and forgot to mention it in my intial post), but
> it doesn't make a difference:
>
> # /bin/doveadm mailbox list -s -u fd...@spike.test shared\*
> # /bin/doveadm mailbox list -s -u fd...@spike.test "shared*"
> # /bin/doveadm mailbox list -s -u fd...@spike.test 'shared*'
> # /bin/doveadm mailbox list -s -u fd...@spike.test "shared\*"
> # /bin/doveadm mailbox list -s -u fd...@spike.test 'shared\*'
>
> p@rick
>
>
>
> --
> [*] sys4 AG
>
> https://sys4.de, +49 (89) 30 90 46 64
> Schleißheimer Straße 26/MG,80333 München
>
> Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
> Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief
> Aufsichtsratsvorsitzender: Florian Kirstein
>
--
[*] sys4 AG
https://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG,80333 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief
Aufsichtsratsvorsitzender: Florian Kirstein
Re: doveadm: problem listing shared mailboxes using a wildcard
Please provide doveconf -n ---Aki TuomiDovecot oy Original message From: Patrick Ben Koetter Date: 25/06/2018 17:21 (GMT+02:00) To: dovecot@dovecot.org Cc: Thore Bödecker Subject: Re: doveadm: problem listing shared mailboxes using a wildcard * Thore Bödecker : > You might need to quote that last argument, otherwise it can get > interpreted by the shell as globbing, which obviously is not what you > want. > > I've been using wildcard arguments enclosed within '' and "" for > various doveadm commands without issues so far. Right. I had thought so too (and forgot to mention it in my intial post), but it doesn't make a difference: # /bin/doveadm mailbox list -s -u fd...@spike.test shared\* # /bin/doveadm mailbox list -s -u fd...@spike.test "shared*" # /bin/doveadm mailbox list -s -u fd...@spike.test 'shared*' # /bin/doveadm mailbox list -s -u fd...@spike.test "shared\*" # /bin/doveadm mailbox list -s -u fd...@spike.test 'shared\*' p@rick -- [*] sys4 AG https://sys4.de, +49 (89) 30 90 46 64 Schleißheimer Straße 26/MG,80333 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief Aufsichtsratsvorsitzender: Florian Kirstein
Re: doveadm: problem listing shared mailboxes using a wildcard
* Thore Bödecker : > You might need to quote that last argument, otherwise it can get > interpreted by the shell as globbing, which obviously is not what you > want. > > I've been using wildcard arguments enclosed within '' and "" for > various doveadm commands without issues so far. Right. I had thought so too (and forgot to mention it in my intial post), but it doesn't make a difference: # /bin/doveadm mailbox list -s -u fd...@spike.test shared\* # /bin/doveadm mailbox list -s -u fd...@spike.test "shared*" # /bin/doveadm mailbox list -s -u fd...@spike.test 'shared*' # /bin/doveadm mailbox list -s -u fd...@spike.test "shared\*" # /bin/doveadm mailbox list -s -u fd...@spike.test 'shared\*' p@rick -- [*] sys4 AG https://sys4.de, +49 (89) 30 90 46 64 Schleißheimer Straße 26/MG,80333 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief Aufsichtsratsvorsitzender: Florian Kirstein
Re: doveadm: problem listing shared mailboxes using a wildcard
You might need to quote that last argument, otherwise it can get interpreted by the shell as globbing, which obviously is not what you want. I've been using wildcard arguments enclosed within '' and "" for various doveadm commands without issues so far. On 25.06.18 - 16:03, Patrick Ben Koetter wrote: > # /bin/doveadm mailbox list -u fd...@spike.test -s shared* Cheers, Thore -- Thore Bödecker GPG ID: 0xD622431AF8DB80F3 GPG FP: 0F96 559D 3556 24FC 2226 A864 D622 431A F8DB 80F3 signature.asc Description: PGP signature
doveadm: problem listing shared mailboxes using a wildcard
I'm setting up a dovecot server with private and shared namespaces. My test setup has these mailboxes: # /bin/doveadm mailbox list -u fd...@spike.test INBOX/sub01 shared shared/samme...@spike.test shared/samme...@spike.test INBOX In order to do some post-login scripting foo I'd like to get a list of shared mailboxes the user is currently subscribed to. The doveadm-mailbox man page says "It's also possible to use wildcards in the mailbox name." I'd like to use that feature to output only mailboxes from the shared namespace. However usind the wildcard character * doesn't output anything: # /bin/doveadm mailbox list -u fd...@spike.test -s shared* # Am I doing something wrong? p@rick P.S. Running dovecot-2.2.10-8.el7.x86_64 on a centos server. -- [*] sys4 AG https://sys4.de, +49 (89) 30 90 46 64 Schleißheimer Straße 26/MG,80333 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief Aufsichtsratsvorsitzender: Florian Kirstein
Re: More and better logging
On 25.06.2018 11:28, Tom Sommer wrote: > In general I feel there is a lack of debug and "when things go > wrong"-logging in Dovecot (information that should perhaps be provided > with a verbose toggle). > > I was debugging problems with sasl user logins and a generic "SASL > CRAM-MD5 authentication failed: Connection lost to authentication > server" error in postfix, but nothing is logged in Dovecot when the > error occurs. > > After extensive debugging I finally discovered auth-penalty and > auth_penalty_to_secs after digging in the code. I suspect this to be > the cause, but truly I have no way of confirming this, since no log is > provided when this is triggered? - it would be nicer if events such as > these were simply logged for better debugging and troubleshooting. > > Two cents :) > > Thanks in v2.3.2 we introduced a framework for better debug logging, namely, you can turn on various logging aspects with log_debug = category: This involves adding also more debugging to various places in the code. I'll take note of the penalty thing. Aki
More and better logging
In general I feel there is a lack of debug and "when things go wrong"-logging in Dovecot (information that should perhaps be provided with a verbose toggle). I was debugging problems with sasl user logins and a generic "SASL CRAM-MD5 authentication failed: Connection lost to authentication server" error in postfix, but nothing is logged in Dovecot when the error occurs. After extensive debugging I finally discovered auth-penalty and auth_penalty_to_secs after digging in the code. I suspect this to be the cause, but truly I have no way of confirming this, since no log is provided when this is triggered? - it would be nicer if events such as these were simply logged for better debugging and troubleshooting. Two cents :) Thanks -- Tom
