Re: DMARC problems with some emails from the list
El 8/3/21 a las 11:20, Benny Pedersen escribió: On 2021-03-08 07:43, Ángel L. Mateo wrote: I'm having problems with some emails from the list, been classified as SPAM in my system because of DMARC failures. I'm not sure but this may be a problem with the list configuration. what state of dkim is c= tag ?, if it contains simple, its not that simple since its more strong then relaxed if thats the case, it could be that 8bitmime is not being disabled before dkim signing :( reference from amavisd dkim howto is your dmarc test doing ARC test ? I don't know the exact details of the antispam configuration. But I have asked and the administrator told me that we are not doing ARC tests. He told me that the emails are marked as spam because of dkim failures. -- Angel L. Mateo Martínez Sección de Telemática Área de Tecnologías de la Información y las Comunicaciones Aplicadas (ATICA) http://www.um.es/atica Tfo: 868889150 Fax: 86337
Re: [ext] Re: Dovecot v2.3.14 released
> On 09/03/2021 08:20 Ralf Hildebrandt wrote: > > > * Bjoern Franke : > > Hi, > > > > > * Remove XZ/LZMA write support. Read support will be removed in future > > > release. > > > > Will XZ/ZMA Read support be removed in the next release or just in some > > future release? > > I'm a bit behind the curve: Why is it being removed at all? > > * reduce code size > * better compression algorithms available > * other > It has memory safety issues and is very slow compared to the other alternatives. Aki
Re: [ext] Re: Dovecot v2.3.14 released
* Bjoern Franke : > Hi, > > > * Remove XZ/LZMA write support. Read support will be removed in future > > release. > > Will XZ/ZMA Read support be removed in the next release or just in some > future release? I'm a bit behind the curve: Why is it being removed at all? * reduce code size * better compression algorithms available * other -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | https://www.charite.de signature.asc Description: PGP signature
Re: JMAP support?
Didn't JMAP get included with v2.3 with the HTTP API? https://www.dovecot.org/list/dovecot-news/2016-March/000313.html Or maybe that was just for admin things. Phil On 09/03/2021 11:26, @lbutlr wrote: On 08 Mar 2021, at 14:04, Leonardo Rodrigues wrote: Em 08/03/2021 16:43, @lbutlr escreveu: On 08 Mar 2021, at 02:15, Mark Constable wrote: There doesn't seem to be much interest in JMAP ou there, which means it is going to be pretty hard to get something working well unless you write it yourself. Or sponsor its development, if the OP is so interested on it! I checked and Roundcube-next appears to be a dead project, so I'd really not hold out much hope.
Re: JMAP support?
On 08 Mar 2021, at 14:04, Leonardo Rodrigues wrote: > Em 08/03/2021 16:43, @lbutlr escreveu: >> On 08 Mar 2021, at 02:15, Mark Constable wrote: >> There doesn't seem to be much interest in JMAP ou there, which means it is >> going to be pretty hard to get something working well unless you write it >> yourself. > Or sponsor its development, if the OP is so interested on it! I checked and Roundcube-next appears to be a dead project, so I'd really not hold out much hope. -- NO ONE WANTS TO HEAR ABOUT MY SCIATICA Bart chalkboard Ep. AABF09
Re: JMAP support?
Em 08/03/2021 16:43, @lbutlr escreveu: On 08 Mar 2021, at 02:15, Mark Constable wrote: There doesn't seem to be much interest in JMAP ou there, which means it is going to be pretty hard to get something working well unless you write it yourself. Or sponsor its development, if the OP is so interested on it! -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: start dovecot multiple instances
Hi Gonzalo, I had running two instances of dovecot on the same server for a long time, but with CentOS 6. I remember to have two different /etc/dovecot/ and /etc/director/ configuration, start it with: # dovecot -c /etc/dovecot/dovecot.conf # dovecot -c /etc/director/dovecot.conf and confirm that was running with # doveadm instance list Il 05/03/21 13:15, Gonzalo Palacios Goicolea ha scritto: Hi All, I'm trying to run dovecot with dovecot-director on the same server, using two different instances, but I'n not able to make the two instances start with systemctl (we are using RHEL7) May be I shueld create a /etc/systemd/system/dovecot.service.d/service.conf file and add there any command? Thanks and best regards
Re: director implementation
Il 08/03/21 17:55, Gonzalo Palacios Goicolea ha scritto: My doubt is if it's recommended to delete all dovecot.index* files before passing the traffic through de director servers or it's not required. Any information on this way will be appreciated. Is not required. Dovecot will fix previous errors itself.
Re: JMAP support?
On 08 Mar 2021, at 02:15, Mark Constable wrote: > On 8/3/21 18:08, @lbutlr wrote: >>> Two years on so what is the status of JMAP support in Dovecot now? >> I don't think anything has changed on this front. Last I saw, only Cyrus has >> partial support for JMAP mail, but not the other parts of JMAP. > > Such a pity. I just two weeks battling with Cyrus-imapd just to test > out the Cypht JMAP client and frankly Cyrus is an ill-documented PITA, > to put it bluntly. That was my experience with it many years ago. > so I guess, minus cyrus-imapd, it's down to these fledgling projects... > > https://github.com/search?q=jmap+server Not a lot there and about half of it hasn't nbeen touched in 5 years. There doesn't seem to be much interest in JMAP ou there, which means it is going to be pretty hard to get something working well unless you write it yourself. James (from apache) might be a solution? What does Roundcube recommend? As I understand it you don't need a "Mail server" for JMAP as it uses JSON over http. Also, I doubt that 12 months will bring any changes, the last post I saw from Aki (didn't look too hard) mentioned Dovecot 2.5. -- 'People need vampires,' she [Granny] said. 'They helps 'em remember what stakes and garlic are for.' --Carpe Jugulum
director implementation
Hi All, We're going to put into production dovecot-director. As I wrote in a previous message, we have a lot of errors like these: Feb 28 08:50:42 server5 dovecot: imap(user@domain): Error: Index path/Maildir/dovecot.index: Lost log for seq=5 offset=228: Missing middle file seq=5 (between 5..4294967295, we have seqs 4): Log is locked - newer log can't exist (initial_mapped=1, reason=Index mapped) Feb 28 08:50:42 server5 dovecot: imap(user@domain): Warning: fscking index file path/Maildir/dovecot.index Feb 28 08:50:42 server5 dovecot: imap(user@domain): Error: Failed to map transaction log path/Maildir/dovecot.index.log at sync_offset=10328 after locking: pread() failed: Stale file handle Feb 28 08:50:42 server5 dovecot: imap(user@domain): Error: Index path/Maildir/dovecot.index: Lost log for seq=5 offset=228: Missing middle file seq=5 (between 5..4294967295, we have seqs 4): Requested newer log than exists - still after NFS flush: Log inode is unchanged (initial_mapped=1, reason=Index mapped) Feb 28 08:50:45 server5 dovecot: imap(user@domain): Error: Failed to map transaction log path/Maildir/dovecot.index.log at sync_offset=10328 after locking: pread() failed: Stale file handle Feb 28 08:50:45 server5 dovecot: imap(user@domain): Error: Failed to map view for path/Maildir/dovecot.index: Missing middle file seq=5 (between 5..5, we have seqs 4): Requested newer log than exists - still after NFS flush: Log inode is unchanged My doubt is if it's recommended to delete all dovecot.index* files before passing the traffic through de director servers or it's not required. Any information on this way will be appreciated. We've dovecot-2.2.36-8.el7.x86_64 over RHEL7 Thanks and best regards -- *Gonzalo Palacios Goicolea* U.T de Infraestructura de Equipos Centrales /Tecnologías de la Información/ Universidad Autónoma de Madrid • Campus de Cantoblanco <3D"http://www.uam.es/;> Antes de imprimir este correo piense si es necesario.Cuidemos el medioambiente.
not getting internal errors logged
Hello. dovecot 2.3.13, 2.3.14 web imap client when doing search is getting error induced by me by deleting lucene-indexes folder: UID SEARCH: Internal error occurred. Refer to server log for more information. [2021-03-08 15:08:01] (0.002 + 0.000 + 0.001 secs). but I'm not getting that internal error logged in syslog. Other information like from lmtp, imap logging in, out etc is logged just fine. In my configs log_path info_log_path debug_log_path are not set, so dovecot default syslog is used. Tested log_path = /tmp/file.txt, too but the effect was the same (regular logs logged there, internal errors not logged) stracing dovecot process I see error message only write()n once (to client) but nowhere else (in a strace visible way). Is anything else controlling internal errors logging? Can't find anything in docs. -- Arkadiusz Miśkiewicz, arekm / ( maven.pl | pld-linux.org )
Re: DMARC problems with some emails from the list
On 08.03.21 11:38, Benny Pedersen wrote: > On 2021-03-08 10:34, Juri Haberland wrote: > checked your dkim signing, it have signed 2 Date headers, 2 From, 2 > Subject, solve this :=) Benny, it's not about *my* DKIM signature. And it is perfectly legal and has a special purpose to double sign some headers, called oversigning. > and you have simple in C= tag, please check double signed headers > > it does not dkim pass in perl Mail::DKIM test in spamassassin If my signature didn't verify at your end, then it might be a problem at your end as my DKIM signature verified at the mailing list host (as you can see from from the ARC-Authentication-Results header and it still verified at my host when it came back from the list (both Spamassassin and OpenDKIM). OTOH if more people have problems with my DKIM signature then I'd like to hear that. >> The problem of these specific mails is the fact, that they sign one or >> more >> of the following headers: >> - Reply-To >> - Sender >> - List-Id, List-Help, List-Unsubscribe, List-Subscribe, List-Post, >> List-Owner, List-Archive > > this comes from dkim signing ALL mails not just ORIGINATED emails, > maillist should really stop sign emails, and only do the ARC sealing and > ARC sign it This has nothing to do with it! The problem arises at the OP's end... > if maillist send ORIGINNATING emails it should be signed as dkim and not > ARC sealed > > its common sense imho > > too many headers signed makes dkim break Yes, that is the problem here, but that cannot be fixed by the people running the ML, only be the original authors, as it concerns the DKIM signatures of the original authors. >> Of course these headers *will* be altered by most list software out >> there, >> so the senders have to change the way they sign their mails. > > altering will happend hopefully AFTER ARC sealing, so it still can be > verify from ARC that the originated email did pass or fail in someway, > in that case it works as designed IMHO altering/adding those headers will happen *before* ARC signing or else the ARC signature will break immediately and will be useless... >> Your only option is to either trust the ARC-headers or to whitelist all >> amil from this mailing list. > > tell dmarc to not test maillists, but it should pass so no need ??? Regards, Juri
Re: Dovecot v2.3.14 released
> On 08/03/2021 12:20 Bjoern Franke wrote: > > > Hi, > > > * Remove XZ/LZMA write support. Read support will be removed in future > > release. > > Will XZ/ZMA Read support be removed in the next release or just in some > future release? > > Kind Regards > Bjoern It will be removed in some future release. Not next release. Aki
Re: DMARC problems with some emails from the list
On 2021-03-08 10:34, Juri Haberland wrote: I have looked at some of the mails that you flagged as problematic and yes, those mails failed the DKIM check, even though this list seams to work without invalidating DKIM signatures. checked your dkim signing, it have signed 2 Date headers, 2 From, 2 Subject, solve this :=) and you have simple in C= tag, please check double signed headers it does not dkim pass in perl Mail::DKIM test in spamassassin The problem of these specific mails is the fact, that they sign one or more of the following headers: - Reply-To - Sender - List-Id, List-Help, List-Unsubscribe, List-Subscribe, List-Post, List-Owner, List-Archive this comes from dkim signing ALL mails not just ORIGINATED emails, maillist should really stop sign emails, and only do the ARC sealing and ARC sign it if maillist send ORIGINNATING emails it should be signed as dkim and not ARC sealed its common sense imho too many headers signed makes dkim break Of course these headers *will* be altered by most list software out there, so the senders have to change the way they sign their mails. altering will happend hopefully AFTER ARC sealing, so it still can be verify from ARC that the originated email did pass or fail in someway, in that case it works as designed Your only option is to either trust the ARC-headers or to whitelist all amil from this mailing list. tell dmarc to not test maillists, but it should pass so no need
Re: DMARC problems with some emails from the list
On 2021-03-08 07:43, Ángel L. Mateo wrote: I'm having problems with some emails from the list, been classified as SPAM in my system because of DMARC failures. I'm not sure but this may be a problem with the list configuration. what state of dkim is c= tag ?, if it contains simple, its not that simple since its more strong then relaxed if thats the case, it could be that 8bitmime is not being disabled before dkim signing :( reference from amavisd dkim howto is your dmarc test doing ARC test ? I attach the log for the failures in the last week. does not help me helping you
Re: Dovecot v2.3.14 released
Hi, > * Remove XZ/LZMA write support. Read support will be removed in future > release. Will XZ/ZMA Read support be removed in the next release or just in some future release? Kind Regards Bjoern
Re: Dovecot v2.3.14 released
* Aki Tuomi, 04.03.21 11:21 > Hi! > > We are pleased to release v2.3.14 of Dovecot. > [...] Hi, Just a minor thing I noticed by chance: the Wiki documentation that is included in the source tarball is rather outdated. The timestamp of the files in dovecot-2.3.14/doc/wiki is 2019-06-19, which would be somewhere between 2.3.6 (2019-04-30) and 2.3.7 (2019-07-12), according to dovecot-2.3.14/NEWS. I suggest either refreshing it with the current content, or simply replacing it with a small textfile pointing to wiki.dovecot.org and/or doc.dovecot.org. While 90% of it is probably still valid, there has been quite a bunch of tweaks, fixes and feature additions and drops that might lead to WTF moments and a bit of head-scratching, if one follows these offline docs rather than their corresponding online version. Bye, Thomas
Re: DMARC problems with some emails from the list
On 08.03.21 07:43, Ángel L. Mateo wrote: > Hello, > > I'm having problems with some emails from the list, been classified as > SPAM in my system because of DMARC failures. I'm not sure but this may > be a problem with the list configuration. > > > I attach the log for the failures in the last week. I have looked at some of the mails that you flagged as problematic and yes, those mails failed the DKIM check, even though this list seams to work without invalidating DKIM signatures. The problem of these specific mails is the fact, that they sign one or more of the following headers: - Reply-To - Sender - List-Id, List-Help, List-Unsubscribe, List-Subscribe, List-Post, List-Owner, List-Archive Of course these headers *will* be altered by most list software out there, so the senders have to change the way they sign their mails. Your only option is to either trust the ARC-headers or to whitelist all amil from this mailing list. Cheers, Juri
Re: JMAP support?
On 8/3/21 18:08, @lbutlr wrote: Two years on so what is the status of JMAP support in Dovecot now? I don't think anything has changed on this front. Last I saw, only Cyrus has partial support for JMAP mail, but not the other parts of JMAP. Such a pity. I just two weeks battling with Cyrus-imapd just to test out the Cypht JMAP client and frankly Cyrus is an ill-documented PITA, to put it bluntly. From charter-ietf-jmap-03 "Now that draft-ietf-jmap-mail is completed, the working group will produce specifications for related data types, beginning with calendars and contacts." So "JSON Mail Access Protocol" is done and jmap + websockets is on the way... https://www.rfc-editor.org/rfc/rfc8887.html so I guess, minus cyrus-imapd, it's down to these fledgling projects... https://github.com/search?q=jmap+server No doubt I will ask about Dovecots JMAP status in another 12 months.
Re: JMAP support?
On 08 Mar 2021, at 00:11, Mark Constable wrote: > On Fri Jan 25 2019 Aki wrote: > > There is no JMAP support in any dovecot version yet. > > Two years on so what is the status of JMAP support in Dovecot now? I don't think anything has changed on this front. Last I saw, only Cyrus has partial support for JMAP mail, but not the other parts of JMAP. -- The fact is that camels are far more intelligent than dolphins. Footnote: Never trust a species that grins all the time. It's up to something. --Pyramids
